Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Please help - I can't use my PC


  • Please log in to reply

#16
JNC

JNC

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
The keyboard stopped working on the internet after I used either TrendMicro or Panda to perform an online scan on my machine. As for purchasing Windows XP, it's definitely still available where I live.

SUPERAntispyware popped up after the combofix scan was complete saying that some program is trying to change my homepage in IE from google.ca to msn.com?!

Combofix log:

"Mike" - Mon 02/05/2007 9:11:26 Service Pack 4
ComboFix 07-01-25 - Running from: "C:\Documents and Settings\user\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2007-01-05 to 2007-02-05 ))))))))))))))))))))))))))))))))))


2007-01-31 07:48 <DIR> d-------- C:\DOCUME~1\user\DoctorWeb
2007-01-30 12:03 75,512 --a------ C:\WINNT\zllsputility.exe
2007-01-30 12:03 11,264 --a------ C:\WINNT\system32\SpOrder.dll
2007-01-30 12:02 1,087,216 --a------ C:\WINNT\system32\zpeng24.dll
2007-01-30 12:02 <DIR> d-a------ C:\WINNT\system32\ZoneLabs
2007-01-30 11:49 <DIR> d-a------ C:\WINNT\Internet Logs
2007-01-29 09:27 19,728 --a------ C:\WINNT\system32\hidserv.exe
2007-01-29 09:27 13,744 --a------ C:\WINNT\system32\drivers\kbdhid.sys
2007-01-26 12:32 <DIR> d-------- C:\HJT
2007-01-26 11:54 <DIR> d-------- C:\bintheredunthat
2007-01-26 11:46 <DIR> d-------- C:\BTU
2007-01-26 11:16 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-01-26 11:16 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-01-26 11:16 <DIR> d-------- C:\DOCUME~1\user\Application Data\SUPERAntiSpyware.com
2007-01-26 11:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\SUPERAntiSpyware.com
2007-01-26 10:45 3,968 --a------ C:\WINNT\system32\drivers\AvgAsCln.sys
2007-01-26 10:45 <DIR> d-------- C:\Program Files\Grisoft
2007-01-18 13:39 <DIR> d-------- C:\DOCUME~1\user\Application Data\DivX
2007-01-18 13:16 973,072 --a------ C:\WINNT\system32\sfcfiles.dll
2007-01-18 13:16 938,768 --a------ C:\WINNT\system32\ntdsa.dll
2007-01-18 13:16 84,240 --a------ C:\WINNT\system32\url.dll
2007-01-18 13:16 78,096 --a------ C:\WINNT\system32\cryptsvc.dll
2007-01-18 13:16 71,440 --a------ C:\WINNT\system32\browser.dll
2007-01-18 13:16 69,392 --a------ C:\WINNT\system32\olecli32.dll
2007-01-18 13:16 68,368 --a------ C:\WINNT\system32\msoert2.dll
2007-01-18 13:16 63,760 --a------ C:\WINNT\system32\CRYPTNET.DLL
2007-01-18 13:16 63,760 --a------ C:\WINNT\system32\adsmsext.dll
2007-01-18 13:16 575,760 --a------ C:\WINNT\system32\inetcomm.dll
2007-01-18 13:16 57,104 --a------ C:\WINNT\system32\wlnotify.dll
2007-01-18 13:16 57,104 --a------ C:\WINNT\system32\w32tm.exe
2007-01-18 13:16 57,104 --a------ C:\WINNT\system32\mpr.dll
2007-01-18 13:16 563,984 --a------ C:\WINNT\system32\CRYPT32.DLL
2007-01-18 13:16 56,080 --a------ C:\WINNT\system32\cabinet.dll
2007-01-18 13:16 549,136 --a------ C:\WINNT\system32\netcfgx.dll
2007-01-18 13:16 49,424 --a------ C:\WINNT\system32\EVENTLOG.DLL
2007-01-18 13:16 48,400 --a------ C:\WINNT\system32\w32time.dll
2007-01-18 13:16 47,616 --a------ C:\WINNT\system32\inetres.dll
2007-01-18 13:16 46,352 --a------ C:\WINNT\system32\BASESRV.DLL
2007-01-18 13:16 443,664 --a------ C:\WINNT\system32\CRYPTUI.DLL
2007-01-18 13:16 419,600 --a------ C:\WINNT\system32\USER32.DLL
2007-01-18 13:16 399,120 --a------ C:\WINNT\system32\USERENV.DLL
2007-01-18 13:16 366,864 --a------ C:\WINNT\system32\NETLOGON.DLL
2007-01-18 13:16 338,704 --a------ C:\WINNT\system32\MSGINA.DLL
2007-01-18 13:16 299,792 --a------ C:\WINNT\system32\dsprop.dll
2007-01-18 13:16 29,968 --a------ C:\WINNT\system32\profmap.dll
2007-01-18 13:16 29,456 --a------ C:\WINNT\system32\VDMDBG.DLL
2007-01-18 13:16 261,904 --a------ C:\WINNT\system32\scesrv.dll
2007-01-18 13:16 239,888 --a------ C:\WINNT\system32\wow32.dll
2007-01-18 13:16 236,816 --a------ C:\WINNT\system32\CMD.EXE
2007-01-18 13:16 212,992 --a------ C:\WINNT\system32\ODBC32.DLL
2007-01-18 13:16 186,640 --a------ C:\WINNT\system32\WINLOGON.EXE
2007-01-18 13:16 17,680 --a------ C:\WINNT\system32\seclogon.dll
2007-01-18 13:16 167,184 --a------ C:\WINNT\system32\WINTRUST.DLL
2007-01-18 13:16 151,312 --a------ C:\WINNT\system32\SCHANNEL.DLL
2007-01-18 13:16 146,192 --a------ C:\WINNT\system32\WLDAP32.DLL
2007-01-18 13:16 134,928 --a------ C:\WINNT\system32\adsldpc.dll
2007-01-18 13:16 130,832 --a------ C:\WINNT\system32\adsldp.dll
2007-01-18 13:16 122,128 --a------ C:\WINNT\system32\mstask.exe
2007-01-18 13:16 117,520 --a------ C:\WINNT\system32\PSBASE.DLL
2007-01-18 13:16 114,448 --a------ C:\WINNT\system32\scecli.dll
2007-01-18 13:16 114,448 --a------ C:\WINNT\system32\newdev.dll
2007-01-18 11:33 96,528 --a------ C:\WINNT\system32\polagent.dll
2007-01-18 11:33 957,712 --a------ C:\WINNT\system32\OLE32.DLL
2007-01-18 11:33 52,496 --a------ C:\WINNT\system32\mtxclu.dll
2007-01-18 11:33 417,552 --a------ C:\WINNT\system32\oakley.dll
2007-01-18 11:33 29,456 --a------ C:\WINNT\system32\ipsecmon.exe
2007-01-18 11:33 242,448 --a------ C:\WINNT\system32\es.dll
2007-01-18 11:33 212,240 --a------ C:\WINNT\system32\rpcss.dll
2007-01-18 11:33 17,680 --a------ C:\WINNT\system32\linkinfo.dll
2007-01-18 11:33 137,488 --a------ C:\WINNT\system32\polstore.dll
2007-01-18 11:33 1,120,016 --a------ C:\WINNT\system32\webvw.dll
2007-01-18 11:32 530,192 --a------ C:\WINNT\system32\comctl32.dll
2007-01-18 11:32 175,888 --a------ C:\WINNT\system32\tapisrv.dll
2007-01-18 11:32 100,112 --a------ C:\WINNT\system32\netman.dll
2007-01-18 11:30 96,528 --a------ C:\WINNT\system32\dnsrslvr.dll
2007-01-18 11:30 37,136 --a------ C:\WINNT\system32\mf3216.dll
2007-01-18 11:30 233,744 --a------ C:\WINNT\system32\GDI32.DLL
2007-01-18 11:30 208,144 --a------ C:\WINNT\system32\kerberos.dll
2007-01-18 11:29 437,008 --a------ C:\WINNT\system32\rpcrt4.dll
2007-01-18 11:29 138,000 --a------ C:\WINNT\system32\faxui.dll
2007-01-18 09:55 94,424 --a------ C:\WINNT\system32\drivers\aswmon2.sys
2007-01-18 09:55 90,112 --a------ C:\WINNT\system32\AVASTSS.scr
2007-01-18 09:55 85,952 --a------ C:\WINNT\system32\drivers\aswmon.sys
2007-01-18 09:55 689,280 --a------ C:\WINNT\system32\aswBoot.exe
2007-01-18 09:55 43,176 --a------ C:\WINNT\system32\drivers\aswTdi.sys
2007-01-18 09:55 31,560 --a------ C:\WINNT\system32\drivers\aavmker4.sys
2007-01-18 09:55 23,352 --a------ C:\WINNT\system32\drivers\aswRdr.sys
2007-01-18 09:55 <DIR> d-------- C:\Program Files\Alwil Software
2007-01-16 16:03 <DIR> d-------- C:\WINNT\system32\ActiveScan
2007-01-10 16:29 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Adobe


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-01-31 08:20 95024 --a------ C:\WINNT\system32\sfc.dll
2007-01-25 15:11 9361 --a------ C:\DOCUME~1\user\Application Data\comma separated values (windows).eml
2007-01-25 14:52 13003 --a------ C:\DOCUME~1\user\Application Data\tab separated values (windows).cal
2007-01-25 14:50 9358 --a------ C:\DOCUME~1\user\Application Data\tab separated values (windows).eml
2007-01-25 14:46 38471 --a------ C:\DOCUME~1\user\Application Data\tab separated values (windows).adr
2007-01-18 14:56 -------- d-------- C:\Program Files\mozilla firefox
2007-01-16 17:43 -------- d-------- C:\Program Files\quicktime
2007-01-16 17:38 -------- d-------- C:\Program Files\google
2007-01-16 16:29 -------- d-------- C:\Program Files\msn messenger
2007-01-15 14:33 -------- d---s---- C:\DOCUME~1\user\Application Data\microsoft
2007-01-12 12:18 -------- d-------- C:\Program Files\hp
2007-01-10 16:27 -------- d-------- C:\DOCUME~1\user\Application Data\adobeum
2006-12-27 10:16 -------- d-------- C:\Program Files\java
2006-12-20 14:46 -------- d-------- C:\DOCUME~1\user\Application Data\macromedia
2006-12-11 13:57 -------- d-------- C:\Program Files\Common Files\adobe
2006-12-07 01:04 2071368 --a------ C:\WINNT\system32\wmvcore.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Synchronization Manager"="mobsync.exe /logon"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINNT\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"LVCOMSX"="C:\\WINNT\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"^SetupICWDesktop"="C:\\Program Files\\Internet Explorer\\Connection Wizard\\icwconn1.exe /desktop"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
rpcss REG_MULTI_SZ RpcSs\0\0
wugroup REG_MULTI_SZ wuauserv\0\0
BITSgroup REG_MULTI_SZ BITS\0\0

HKLM\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
WmdmPmSN


Completion time: Mon 2007-02-05 9:18:53
C:\ComboFix2.txt ... 07-01-26 12:08
  • 0

Advertisements


#17
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
Let's make sure all Windows files are intact.
  • System File Check
  • Please go to Start -> Run -> type cmd and press Enter.
  • At the command prompt type sfc /scannow, making sure to put a space between the "c" and the slash, and then press Enter. This will run the System File Checker.
  • Follow the prompts, and insert your Windows installation CD if requested.
  • Then please REBOOT your computer.

  • 0

#18
JNC

JNC

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Let's make sure all Windows files are intact.

  • System File Check
  • Please go to Start -> Run -> type cmd and press Enter.
  • At the command prompt type sfc /scannow, making sure to put a space between the "c" and the slash, and then press Enter. This will run the System File Checker.
  • Follow the prompts, and insert your Windows installation CD if requested.
  • Then please REBOOT your computer.


Done
  • 0

#19
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
Did it help the keyboard problem?
  • 0

#20
JNC

JNC

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Did it help the keyboard problem?


No, still the same problems.
  • 0

#21
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
Hold on, JNC. I'm gonna get a second opinion.
  • 0

#22
JNC

JNC

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Hi Tech_1,

I picked up a copy of XP Home yesterday, and I'm itching to install it to see if it corrects the problem. :whistling:

Were you able to get a second opinion?
  • 0

#23
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts
The only thing I can come up with for the keyboard issue is to try uninstalling IE6 and going back to 5 to see if that solves the problem. If it does, you can try reinstalling IE6. Not much else has come up on this one. Sorry I can't be of more assistance, but I don't think this one is Malware related at this point.

Let me know what you decide. I would like to get you some ending protection tips before you get gone and they will vary depending on if you stick with 2000 or go with XP.

:whistling:

Also, you may want to try the Software Forum. You cna provide a link back to this thread if needed, so the helper there can see what we've done so far.
  • 0

#24
JNC

JNC

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Good call on the browser thing. I just tried using Firefox and everything works fine. IE still not working, but I'll try uninstalling IE6 like you suggested.

Let me know what else I should do before upgrading my o/s to XP :whistling:
  • 0

#25
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts

Good call on the browser thing. I just tried using Firefox and everything works fine. IE still not working, but I'll try uninstalling IE6 like you suggested.

That suggestion came from Bobbi Flekman. :whistling:


Let me know what else I should do before upgrading my o/s to XP

These tips should protect you after your swap over.

Congratulations. :help: Your system is clean of Malware.

Below is my standard closing speech. You may already have some of these programs and/or performed some of these steps. Use what you can and skip the rest.
  • Please re-hide hidden files. (If applicable)
    Follow the directions you used earlier to show hidden files and undo the changes you made so that hidden files are actually hidden once again.
  • Please download ATF Cleaner by Atribune.
    This program is for XP and Windows 2000 only
    • Double-click ATF-Cleaner.exe to run the program.
      Under Main choose: Select All
      Click the Empty Selected button.
    If you use Firefox browserClick Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    If you use Opera browserClick Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
    Click Exit on the Main menu to close the program.
    For Technical Support, double-click the e-mail address located at the bottom of each menu.
  • Create New Restore Point and Delete Old Restore Points.
    Step #1 - Create a New Restore Point

    Go - Start>Programmes>Accessories>System Tools>System Restore>Create a New Restore point.

    Step #2 - Flush All Previous Points

    Go - Start>Programmes>Accessories>System Tools>Disc Cleanup>"More Options" Tab>Remove All But Most Recent Point.
  • Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
    • SpywareBlaster to help prevent spyware from installing in the first place.
    • SpywareGuard to catch and block spyware before it can execute.
    • IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email.
  • You should also have a good firewall. Here are 2 free ones available for personal use:
  • You should also have a good Anti-Virus (these are also free for personal use):It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
  • To keep your operating system up to date you should do a windows update monthly. Here's the link:
  • And to keep your system clean, run these free malware scanners weekly, and be aware of what emails you open and websites you visit.
  • To learn more about how to protect yourself while on the internet read this article by Tony Klein: So how did I get infected in the first place?
Safe Surfing!

:blink:

Edited by Technical_1, 09 February 2007 - 07:47 AM.

  • 0

Advertisements


#26
JNC

JNC

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
The copy of XP Home that I purchased doesn't allow me to upgrade from Windows 2000?! It's asking for a fresh install. Nonetheless, thank you for all your help.

Geeks to Go rocks!
  • 0

#27
Technical_1

Technical_1

    Visiting Staff

  • Member
  • PipPipPip
  • 735 posts

thank you for all your help.

Geeks to Go rocks!

You're welcome and I hope you like XP.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP