87 replies to this topic

[oldman960]

Hi Chelli,

Next

Please open OTL if it is not opened after the reboot.

• Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, click the None button near the top (it may looked greyed out)
  
• In the window under Custom Scans/Fixes copy and paste the following
  
  
  HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders | SecurityProviders /rs
  
  
  
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open a notepad window, OTL.Txt. Please post this log.

Next

Download and save to your desktop Malwarebytes Anti-Malware

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.


Please post back with

• OTL.txt
• MBAM log

Did you try the printer?

Thanks

[Chelli]

The adobe printer is still not working. The error box indicates:

AcroDist.exe - Application Error
The inst. at "0x00441ae2" ref memory @ "0x01e0eb6c" The memory could not be "read". Click ok to terminate the program.


Everything else seems good on the computer... and it seems to be much, much faster!!!

********************************************

OTL log:

OTL logfile created on: 05/01/11 9:08:14 AM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\mhumphrey\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yy

1,023.00 Mb Total Physical Memory | 595.00 Mb Available Physical Memory | 58.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.85 Gb Total Space | 21.89 Gb Free Space | 39.19% Space Free | Partition Type: NTFS

Computer Name: DBGJDH31 | User Name: mgillikin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========


< HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders | SecurityProviders /rs >
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\\SecurityProviders: msapsspc.dll schannel.dll digest.dll msnsspc.dll
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SaslProfiles\\GSSAPI: Kerberos [2010/12/22 08:34:28 | 000,301,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\SCHANNEL\\EventLogging: 1
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\WDigest\\Lifetime: 36000
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\WDigest\\Negotiate: 0
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\WDigest\\UTF8HTTP: 1
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders\WDigest\\UTF8SASL: 1

< >

< End of report >


**********************************************

MBAM log:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6483

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

05/01/11 9:20:16 AM
mbam-log-2011-05-01 (09-20-16).txt

Scan type: Quick scan
Objects scanned: 188055
Time elapsed: 5 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[oldman960]

Hi Chelli,

The printer problem appears to be a problem with Adobe. I haven't found a definate fix for it. I will refer you to the appropriate forum when we are finsihed.

Your java is out of date. Click your start button, open Control panel.

• Locate the Java icon (it looks like a coffee cup)
• double click it to open it
• click the Update tab
• Click update now

Next, Double click on OTL.exe

• Under the Custom Scans/Fixes box at the bottom, paste in the following
• Do Not copy the word CODE
• please note the fix starts with the :

:Services

:Reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" 

:Commands
[createrestorepoint]
[emptytemp]
[Reboot]

Then click the Run Fix button at the top

• Let the program run unhindered
• Please save the resulting log to be posted in your next reply.

Please post the OTL fix log.


One more scan to check for stragglers.

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.


Go here to run an online scannner from
ESET

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)

• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Disable your Antivirus software. You can usually do this with its Notfication Tray icon near the clock
• Click Start
• Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is Checked.
• Click Scan.
• Wait for the scan to finish.
• Re-enable your Antivirus software.
• A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. or C:\Program Files\ESET\log.txtWe will need this later.

Please post back with the ESET log.


After the ESET scan plese obtain a new OTL log.

• Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output
• UNCheck the boxes beside LOP Check and Purity Check.
• In the window under Custom Scans/Fixes copy and paste the following
  
  
  HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders | SecurityProviders /rs
  
  
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open a notepad window, OTL.Txt (no Extra.txt this time)

Please post back with

• OTL fix log
• ESET log
• OTL.txt

Thanks

[Chelli]

I updated Java and ran the OTL fix as directed. My computer rebooted but now won't connect to the internet. It is showing no wireless network... however I am on the wireless network on another PC. Any ideas?

[oldman960]

Hi Chelli,

We didn't fix anything that should have effected your wireless adaptor.

Click your start button

• right click on My Computer
• click properties
• click the Hardware tab
• click the Device Manager button.

Anything with a yellow ! or ? mark?

Click the + sign beside NetWork Adaptors. Is a wireless adaptor listed there? You may also want to check in Other devices if that heading is present.

[Chelli]

Click your start button

• right click on My Computer
• click properties
• click the Hardware tab
• click the Device Manager button.

Anything with a yellow ! or ? mark?

Click the + sign beside NetWork Adaptors. Is a wireless adaptor listed there? You may also want to check in Other devices if that heading is present.

Nothing with a yellow ! or ? mark. The wireless adaptor is listed and everything seems ok... it just doesn't see any wireless networks within range. Not sure what is happening.

[oldman960]

Hi Chelli, Thanks for the additional info. Let's try the simple first. Since this is a laptop, if you are running off the battery there may not be enough power to run the adaptor (some computers are set to power down some devices as the battery strength goes down). If you are running on the battery shut down the computer and attach the power supply. Restart the compiter. Did that resolve the problem? Also some laptops have a button that can be used to disable wireless adaptors (had another topic where a helper accidently pushed the button)

[Chelli]

My laptop is on the docking station so the battery is not the problem. The wireless adaptor is activated so I don't think I pushed a button and my actual laptop stays docked and closed. I used a separate keyboard and monitor so again I don't think I could have pushed a button. Any other ideas? Should I try to recreate the wireless connection? I just doesn't make sense as to why it all seems to work but it is just not strong enough to see the wireless network that is available an that it has seen every day for several years. Strange.

[Chelli]

I shutdown my laptop, undocked it, restarted it on a full battery and stood next to the wireless router but still it cannot locate a wireless network in range.

[Chelli]

I am also still having some desktop icons that are coming and going... or maybe I should clarify... Icon's had reappeared but since the last repair are gone again but they are the same ones that have come and gone during this repair so I figured it was just part of the process. I thought I should mention them since we are having this wireless network problem and probably should have anyway.

[oldman960]

Hi Chelli,

Which icons keep disappearing?

What is the make and model of the laptop? Some models have a "hotkey" to control some functions and features.

Let's have a look at a couple of things. Click your start button, click run. In the box that appears type cmd.

A black window will appear, please type sc query wzcsvc and hit enter. What does it say beside STATE ?

Go back into Device Manager

Click your start button

• right click on My Computer
• click properties
• click the Hardware tab
• click the Device Manager button.

What is the make of the wireless adaptor?

[Chelli]

Which icons keep disappearing?

Various program icons. The programs are still under the start button but missing from the desktop.

What is the make and model of the laptop? Some models have a "hotkey" to control some functions and features.

Dell Precision M60

What does it say beside STATE ?

:4 Running
(Stoppable, not-pausable, accepts-shutdown)

What is the make of the wireless adaptor?

Wireless-G Notebook Adapter WPC54GS V2

[Chelli]

Not good. Now this PC has the "Window Fix Disk" thing going on... all the icons are now missing and the program files show "empty" under start. Do I start another request for this one?

[oldman960]

Hi Chelli, No need to start a new topic we'll continue here. Please rerun combofix and post the log if you are then able to connect to the internet. Thanks

[Chelli]

I reran combofix but I still can't connect to the internet.