Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

sent for help from malware forum after removal...


  • Please log in to reply

#1
karl_hungus

karl_hungus

    Member

  • Member
  • PipPip
  • 28 posts
hey, whats happenin?

after receiving some awesome help in the malware forum (you guys are great, by the way), machine seems clean of infections. however, i now have a small list of windows problems....i havent really tried too many things yet, so im not sure if this is everything that doesnt work, but this is what i know is wrong so far:

-taskbar is permanently hiding, cant get it to pop back up, cant move it at all, but i can see about two rows of pixels of it at the bottom of the desktop, and i can right click on it and get options.
-internet explorer kills immediately upon opening. the window flashes up, but then disappears
-windows picture and fax viewer doesnt open
-windows live messenger wont sign in
-windows is taking considerably longer to load when i boot up. not forever or anything, but it used to be really quick, now it takes like 2-3 min to get past the "windows is starting up" screen before the login screen.

heres the link from the malware forum, with a more detailed description of a couple of the problems, and the fixes i went through...
-ummm...and apparently it seems i cant copy and paste with ctrl+c and ctrl+v, at least in firefox. actually, i cant copy and paste at all in firefox. works in notepad at least though....

well, i cant copy a freaking link now...so rather than type it out, you can just follow my profile to my previous posts. i just joined this forum, so they are my only posts. ill post in it so its on the front page of the hijackthis logs go here forum. its titled "hijackthis log...malware, malware, and more malware"

thanks a lot for your help in advance, i appreciate your time...

Edited by karl_hungus, 16 November 2007 - 12:07 PM.

  • 0

Advertisements


#2
karl_hungus

karl_hungus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
i cant get either windows media player or quicktime to open either...
  • 0

#3
wannabe1

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Hi karl_hungus...

Here's the link to your topic in Malware: http://www.geekstogo...re-t176729.html

These are some odd problems, but let's see what we can discover about them. Click Start, then Run, type regedit and click "Ok". In Registry Editor, expand (click +) HKEY_CURRENT_USER, then Software, then Microsoft, then Windows, then CurrentVersion, and click on Explorer. In the right pane, is there a string named StuckRects?

Open Control Panel and double click on "Add or Remove Programs". Remove IE7...doing this will cause it to revert to IE6. Then go to Windows Update and do the express update. It should find that you need the IE7 update and will reinstall it. This will likely require a restart...let me know if doing this resolves the IE7 issue.

Go back to Control Panel and double click on the Folder Options icon. Under the "File Types" tab, scroll down to JPG (JPEG) and click on it. What program is associated with this file extension?

Let me know what you find with these.

wannabe1
  • 0

#4
karl_hungus

karl_hungus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
alright, theres a folder called stuckrects2, and i removed IE7, and im going to do a windows update now.

just so you know, the error code i get when i try to log in to messenger is 8009000b. messenger opens, but i cant log in.

i just remember something stupid i did before i found you guys trying to do something about all of this malware myself. i had folders and .dll files in C:\program files names dsdfkjs and things like that. i right clicked on one of the .dll flies, and i actually changed it to open with windows picture and fax viewer (i think). i didnt mean to, i clicked apply instead of cancel, but im thinking that i applied that to all .dll files, which maybe is what screwed everything up? maybe not, but worth a shot. err, how do i change that?

jpegs are set to open with windows picture and fax viewer, but the icon for windows picture and fax viewer looks like a .dll (the gears) in the "opens with" area of folder options...

Edited by karl_hungus, 17 November 2007 - 01:42 PM.

  • 0

#5
wannabe1

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Well now...that sheds a little more light on the subject...

Do you have an XP installation cd?
  • 0

#6
karl_hungus

karl_hungus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
yeah, i do, but im not sure if i have a serial number for it if i need to do some sort of actual installation. i can probably get one, but it wouldnt be until monday at least, but i do have the disk.

i also wasnt able to do a windows update, or download or install IE7. the windows update window never got past a blank browser window, and trying to manually download IE7 from microsoft.com yielded no results, either.

what do i need to do with my XP install cd?

Edited by karl_hungus, 17 November 2007 - 10:28 PM.

  • 0

#7
karl_hungus

karl_hungus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
so i downloaded IE7, ran the install, and it gave me

setup could not verify the integrity of the file Update.inf. make sure the Cryptographic service is running on this computer.



also, not to seem impatient or anything, but just curious, what time are you usually around here? seems like you are generally on here afternoons. ill check up tomorrow morning/afternoon in case theres anything we need to post back and forth about anything regarding this.

thanks again for your time and your help, i really appreciate it.

Edited by karl_hungus, 18 November 2007 - 10:00 PM.

  • 0

#8
Central-B

Central-B

    New Member

  • Member
  • Pip
  • 1 posts
Here's a solution for a problem with almost identical symptoms (after malware removal, much of the same odd XP behavior):

-Check services. Remote Procedure Call (RPC) service might not be started -- and you may not be able to start it manually.
If so, this means that cryptographic services and many other services will be unable to start.

The following solution quoted from Microsoft KB Article 314357 may work well. It involves changing the account under which RPC service runs to localsystem:


1. Click Start, and then click Run.WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

2. In the Open box, type regedt32, and then click OK.
3. Locate the following registry key, where ServiceName is the service that you want to configure:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ServiceName
4. In the right pane, double-click ObjectName.
5. In the Edit String dialog box that appears, type localsystem, and then click OK.
6. On the File menu, click Exit to quit Registry Editor.
7. Click Start, click Control Panel, click Performance and Maintenance, and then click Administrative Tools.
8. Double-click Services.
9. Right-click the service, and then click Restart.

You may need to restart the computer for some services to restart properly.



Once this is done, you can manually start many of the services that have probably failed to start (i.e. those labeled "automatic" that aren't started. For the full effect, restart.
  • 0

#9
karl_hungus

karl_hungus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
i feel a little sketchy about doing this for some reason...no offense, but part of the reason is that you have one post on your account :) i do appreciate the help though...

that and i really dont want to screw up my system more than it already is.

i also dont really know what im doing when it comes to the registry, thats kind of why im here, so i would prefer things to be spelled out a little more so i dont mess anything up.

can anyone else verify that this would be a good idea?

Edited by karl_hungus, 20 November 2007 - 01:28 PM.

  • 0

#10
karl_hungus

karl_hungus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
so i went ahead and trusted you and it worked out pretty well...thanks for the help. i can now pretty much do everything i couldnt do before....

i have a taskbar again...and i d/l IE7, worked out fine..(i use firefox anyways, but security wise, etc....)
i can move things on my desktop and in folders....i can copy and paste stuff.

its odd the things you miss when theyre gone, and take for granted when you have them.

now my only question is about OSA9.exe running, and taking up a bunch of system resources...ive read that it only really has to do with office, what can i do about that?

im really grateful for you guys....you were really very helpful....awesome, even.

is there a way i can donate other than paypal? because if there is, i will...
  • 0

#11
karl_hungus

karl_hungus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
so i still have some random windows issues here and there, i was wondering if anyone has any ideas...nothing major, but it would be cool if i could fix them.

i have a microsoft intellipoint mouse and software. the 4th and 5th (side) buttons dont do anything on startup, until i run the software, make a change, and apply it.

when i click on email notifications from live messenger, they dont open. im guessing this is an IE7 related issues after killing all of the malware...

OSA9.exe runs on startup and hogs all my system resources until i kill it...ive read up on it a bit, and it seems to have something to do with office, or possibly malware sometimes....should i post about that in the malware forum?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP