Gateway Notebook Model: ML6732
Windows Vista Home Premium 32-Bit
Intel Pentium Dual CPU 1.73 GHz; 3.00 GB RAM; 300 GB HDD (partitioned)

Purchased one month ago. Immediately after unpacking and setting it up and before adding my software, I tried out the preinstalled stuff and thought it was running slow. Ran the Norton's Internet Security trial that was installed and it found a trojan - which I had it delete. I thought that was strange, since the only time I had been online was to setup and update. Thought maybe the Norton's was slowing the system down, so I took it off and put my Zone Alarm on. That didn't speed it up, either.

Turned off the UAC and tried setting the visual display to "Best Performance" - neither of which helped. Installed Ad-aware Pro, Spybot, and Spywareblaster as well and they're not finding anything much - Ad-aware finds a few tracking cookies. Used CCleaner to clean the Internet cache, deleted temp files, etc. all to no avail. Also ran Panda's online scanner and TrendMicro's online scanner. TrendMicro found 1 low priority infection and deleted it. Ran CheckDisk and it said the disk was clean.

Ran PC Pitstop's Overdrive test and it said there were several things wrong, including some outdated drivers; however, when attempting to update them, the system says it has the proper drivers. All Windows updates are current - - can't find the other drivers PCPitstop recommended, but a few days ago, there was an optional update for the Eternet driver - - which I downloaded and installed. Pitstop also showed the CPU usage at 97 percent.

Checked the startup list and reset a few things, but otherwise there doesn't seem to be anything suspicious that I can tell. Have disabled needless processes and set all others to manual except the necessary ones that have to stay at Automatic - - that didn't help things, either. There's something on the computer called "Bigfix" that Gateway installed - - not familar with it and don't know if it's worth keeping. I wonder about it, though. It doesn't seem to be doing anything except using a little resource, but it's always on the taskbar. Thought seriously about uninstalling it - - do you know if it's necessary to keep it?

Also, the computer is very fragmented for some reason, and none of the defrag software I've tried will defrag it (the one with Vista; Defraggler; Disk MD). It leaves massive amounts of fragmentation when it says it's done - - almost 30 GB. A warning popped up on the Desktop a while ago saying CPU usage was 100%. Also, for some reason, the computer tried to delete the Desktop - - I told it to cancel that action and the Recycler was stuck for about half an hour before I turned the machine off with the power button. Programs keep locking up and I have to shut down with the power button - - very discouraging with a new computer. AND the icons on the desktop won't stay where I put them - - about once a day, they are all suddenly in different places.

This is my first experience with Vista and though it's quite beautiful, will it always be this much of a headache? Sometimes it takes up to 15-20 seconds for programs to open???? Before the first attempt to defrag, it was taking 40 seconds or more.

Anyway, when I installed my software on this machine, there was some that Vista didn't take to - - some it wouldn't install at all. Since Print Shop was installed, the CD/DVD player will no longer work unless the computer boots up with a CD in the drive.

I uninstalled all the trial software shortly after I set up the computer. There are still some things I may not need, but since I'm new to Vista, I'm not sure: Windows Contacts; Windows Meeting Space; Acceller (which seems to be a Gateway connection service to help find DSL providers); Google Desktop; Bonjour; Microsoft Silverlight (don't know what that is!). Other than those, there's AOL on the Start Menu - but no option to unistall it and it doesn't show up in the Uninstall function of Control Panel, so I don't know how to get rid of it and it's got gazillions of files all over the place - - also there's that BigFix thing that (I think) is monitoring the computer for problems and updates - - but I'm not really sure - - so far, it hasn't done anything. Any advice on the above will be appreciated. PC PitStop says there are 5 "Crapware" installed, but I don't know what they are. Don't need Windows mail because it's just another thing that wouldn't work on this machine either, so I installed Windows Live Mail; however, can't find a way to uninstall Mail, either.

A couple of nights ago, the computer wouldn't get online. Checking it out - - the computer had turned off the wireless service. I didn't tell it to do this. Now, it does this every time I try to get online - - I have to go through the connection - - then, diagnose connection problem process - - a window comes up saying the system isn't connected and do I want to connect it - - but it also says there's a problem with the EtherNet Driver installed the other day, tNow, there's New Weirdness: The system has only one restore point, created at 1:30 a couple days ago, whilst the max storage space the system says it has is over 43 GB. What's up with that? Tried to reset the maxsize of the shadowcopy allocation space to 10 GB and it says that's an invalid option. Why, then, is 43 GB only enough for ONE restore point.

Should have returned it to the store within the two weeks I had to do so, but I was so busy with a granddaughter's surgery that I didn't have time to check it out thoroughly before the time had expired. Really thought that I could speed it up and work the kinks out, but alas, I have failed. If I can't work all this out, it'll have to go back to Gateway for repair. Aargh! Have tried everything I know or could fine online.

Someone in the Software forum advised me to post this here to see if anyone here thought they could help. I can't afford a Vista CD and the computer didn't come with one. During setup, it had me make recovery CD's and there's a recovery drive - - Drive D. Any suggestions will be appreciated. I wasn't sure whether to download HiJackThis and run a scan until I get directions from someone.

Thanks for the . . . HELP!
Sharon

Hello Sharon,

Welcome to the Whatthetech Malware Removal Forum,

It seems to me no matter where you bought it it should still be under warranty for at least a year from Gateway. What we can do here is have you run a scan or two and if no malware or viruses are detected than I can link you to some windows forums for software issues.



Download Trendmicros Hijackthis to your desktop.

• Double click it to install
• Follow the prompts and by default it will install in C:\Program Files\Trendmicro\Hijackthis\Highjackthis.exe
• Open HJT Scan and Save a Log File, it will open in Notepad
• Go to Format and make sure Wordwrap is Unchecked
• Go to Edit> Select All.....Edit > Copy and Paste the new log into this thread by using the Post Reply and not start a New Thread.

DO NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required.

Ken;

Thanks so much for your help. Yes, I can send the computer back to Gateway, but Walmart won't take it back after 15 days. I was desperately hoping not to have to ship it to Gateway. Someone on the other forum thought it might have something called a 'rootkit' - - I just don't know how because it just wasn't online except during setup before it was having all these problems. Anyway, here's the HiJackThis log, just in case there is something creepy on the drive. Again, thank you immensely for your help.

Sharon

P.S. "Seagate" is my external harddrive I was using to back up my personal files.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:09:53 PM, on 9/1/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\BigFix\bigfix.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\Sharon\AppData\Local\Temp\AutoDetect.exe
F:\ceedo\Ceedo\Ceedo.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TB&M=ML6732
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TB&M=ML6732
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TB&M=ML6732
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch...TB&M=ML6732
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Ceedo Repair] C:\Users\Sharon\AppData\Local\Temp\AutoDetect.exe /repair /drive=F /name=Ceedo
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jd...ows-i586-jc.cab
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gateway.com/support/serialharvest/gwCID.CAB
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (file missing)
O23 - Service: Seagate Sync Service - Seagate Technology LLC - C:\Program Files\Seagate\Sync\SeaSyncServices.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 7546 bytes

Morning Sharon,

This can be removed, its just more clutter than anything.

Open HijackThis > Do a System Scan Only, close your browser and all open windows including this one, the only program or window you should have open is HijackThis, check the following entries and click on Fix Checked.

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =



The rest of your log looks fine, no malware or viruses I can see. I don't see how this could have gotten infected during the setup process. Why don't you run this scan to make sure, if it comes up clean than I would send it back to Gateway.


Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.<-- Don't forget this
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and Paste the entire report in your next reply along with a New Hijackthis log.

Hi, thanks for your help, I really appreciate it. I've tried unsuccessfully to get help from Gateway - - since I missed the return date, they're done with it unless I pay more money. Here's the MalwareBytes Log, followed by the new HiJackThis Log:

Malwarebytes' Anti-Malware 1.26
Database version: 1104
Windows 6.0.6001 Service Pack 1

9/2/2008 4:04:06 PM
mbam-log-2008-09-02 (16-04-06).txt

Scan type: Quick Scan
Objects scanned: 40551
Time elapsed: 1 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Public\Desktop\AntiSpyware.lnk (Rogue.Antispyware) -> Quarantined and deleted successfully.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:07:02 PM, on 9/2/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\BigFix\bigfix.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Sharon\AppData\Local\Temp\AutoDetect.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TB&M=ML6732
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...TB&M=ML6732
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...TB&M=ML6732
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch...TB&M=ML6732
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Ceedo Repair] C:\Users\Sharon\AppData\Local\Temp\AutoDetect.exe /repair /drive=F /name=Ceedo
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jd...ows-i586-jc.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (file missing)
O23 - Service: Seagate Sync Service - Seagate Technology LLC - C:\Program Files\Seagate\Sync\SeaSyncServices.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 6701 bytes

Hi Sharon,

Nothing bad on your logs I can see. If this was my computer I think I would send it back to Gateway and have them reinstall the Operating System or for that matter replace the Hard drive. I have read over some of the issues you posted and they sure look like some sort of a software or hardware issue.

Sorry we can't do more for you.

Ken

Thanks for checking things out for me. Unfortunately, Gateway has been completely unhelpful. They wanted me to pay $20.00 for a restore disc and wait three weeks to get it and then reformat the drive and use the disc. Wouldn't even try to fix the problems and it was too late to send it back. They did say I could send it in and they'd check it out, which would cost me shipping and take at least a couple of weeks.

Attempted to see if I could make things better, so I Googled each problem, then:
1. Deleted all instances of AOL which was on the computer from Gateway
2. Deleted all instances of A-squared (couldn't get rid of this program I'd installed and had uninstalled but it left files all over the place, so finally deleted all files pertaining to it)
3. Deleted all instances of Symantec (couldn't get rid of this program that came pre-installed and had been uninstalled but left files all over the place, so finally deleted all files pertaining to it)
4. Installed SuperAntiSpyware and ran it in safe mode; it found several things it called 'tracking cookies' - - and took quite a while to delete them
5. Found that WLAN AutoConfig was set to Manual - reset it to Automatic and the wireless service is now working
6. Disabled System Restore
7. Rebooted and ran Defraggler in safe mode - - it completely defragged this time
8. Rebooted in normal mode andI re-enabled System Restore (just by shutting it down and then restarting it cleared 12 GB of space on the hard drive)
9. Rebooted again

Not sure yet of course, but the problems may finally be all worked out. Programs are opening within 1-8 seconds, depending on the program. Haven't had to shut down with the power button all day. The wireless is working, the system is defragged - - and by tomorrow I should know if system restore is working - - when I Googled it and found that it's SUPPOSED to set a restore point everyday and that it's preset to use 15% of the hard drive until you disable and re-enable it, causing it to then use 15% of the free space. Maybe it wasn't setting restore spaces because it was taking up as much space as it was allowed to. Will soon find out. The CD drive is even working. Almost feel as if I've fallen into cybertwilight zone, but in a good kinda way. I don't know what worked, but something did.

Thanks for your time in checking the logs for me. I appreciate your help.

Blessings,
Sharon

Sharon,

Shutting down your system using the power button can sometimes bork the boot up files so I would not do that to often.

Re enable System Restore before you do any of this, you need something to fall back on in a pinch.







Norton has a tool that will remove all of its products from failed uninstalls or installs
http://service1.symantec.com/SUPPORT/tsgen...005033108162039


Here is a nice little free system cleaner
Download and Install CCleaner
If you don't want the Yahoo Toolbar, be sure to uncheck it during installation

• Click on Run Cleaner

Tutorial for CCleaner




PcPitStop <-- You can take your system in for a checkup here.
This is free and it will give you a link to the report, link me to it so I can read it



Your running without any Anti virus Lets see what the above does and I can link you to free ones that won't take up as many resources as Norton


Let me know how your doing, I will keep this thread open for you.

Hi, Ken;

Sorry to be so long getting back to you - - I have been tied up with work for two days - - then, this afternoon, I took the computer back to Walmart, after a very nice manager decided to help me out. I got a Dell Inspiron and am setting it up.

But thank you so much for your help. I really, really appreciate it!

You folks are great!

Blessings, Sharon

Hello Sharon

Thanks for letting me know. Back in 1997 or so, Gateway was like the Cadillac of the computer set, you could buy no better , but the company had gone through so many changes that I tend to stay away from them. This is just my opinion , there may be people have them and love them. You will be happy with the Dell, its exactly what I have.

Post back after the set up and I will link you to some free programs to install that will help keep you more secure.

Ken

Thanks, Ken, I will do that after I ever get through the setup process.

I tried to install Zone Alarm and it wouldn't install due to SP1 not being on the computer and there was a conflict so I couldn't get SP1 - - the Dell tech said to get Microsoft SP1 help - - after hours of time with a Microsoft Agent it finally downloaded and installed; however, during his time helping me by Easy Assist, he shut down a lot of things. I'm trying to get them running and I did a diagnostic a few minutes ago and got the message that "The average disk queue length is 2. The disk may be at its maximum transfer capacity due to throughput and disk seeks." Also the Isatap Adaptor won't load drivers, even though Device Manager says it has the best driver installed. Do you know anything about that type of stuff?

Also, he uninstalled AVG which I had put on until I could get Zone Alarm to install - - so that left the system without AV protection all the time we were online - - at least a couple of hours. Now, Zone Alarm is scanning and has found a virus already - - it isn't done scanning yet. I'll remove whatever it finds. I warned the fellow that uninstalling the AV wasn't a good idea. Our DSL connection here is not very secure or stable even though AT&T says everything's fine. Oh, well.

Also, when SP1 installed, the pretty aero thing went away. Do you know how I can get it back?

Hey, thanks so much for your help and advice. I got the Dell Inspiron 1721 yesterday and so far things haven't been going well - - but I do love it - - it's quite beautiful and sturdy, while the Gateway was really flimsy. This one even has a number keypad! Wow! It's the first laptop I've ever had with one! I know I'm really going to enjoy it after all the bugs are worked out and everything is all set up.

Blessings,
Sharon

Sharon,

Is this computer new?? Is it Vista Home Basic or Home Premium ? I really don't understand why your having so many issues with a new system right out of the box.

Isatap Adaptor <-- If this shows normally in Device Manager with no issues than just leave it be.

Sharon, why don't you post here for windows issues, they are better equipped to help you with the setup as we just do malware removal on this forum.

Windows Support <-- Our own forum


Good Luck
Ken

OK, Ken, will do. Yes, it's new - - just purchased yesterday with Vista Home Premium. The adaptor has the yellow exclamation point beside it. When I try to update the driver, it says it has the best driver. Anyway, I'll post over there and see if they can help. However, if you want to send me those links you mentioned, that's great. I've already downloaded MalwareBytes because you recommended it for the other computer last week. Getting ready to install it now.

Thanks again for all your help! Have a great evening.
Sharon

This post has been edited by LostInCyberSpace: Sep 5 2008, 08:53 PM

Sharon,

Isatap Adaptor <--- I have read that the yellow exclamation point on this adapter is a bug in windows and not to worry about it. I would just set up your system and not worry about updating any drivers. Install the wrong ones and they can cause you more issues. You will notice that when you do a Windows Update, sometimes it list other drivers, DO NOT INSTALL THEM just download and install Critical Updates. Any drivers you ever need in the future for your video card or whatever should be downloaded from the manufacturer of your system, in this case Dell will have any drivers that you need, no need to go elsewhere looking for them.

How did I get infected in the first place ? Read these links and find out how to prevent getting infected again.
• Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
• WhattheTech
• TonyKlein CastleCops
• Grinler BleepingComputer
• GeeksTo Go
• Dslreports