My computer has had a bunch of problems in the past day, and after over a dozen hours of trying to fix it myself, there's just too much that I don't understand.
Background: I have a Lenovo T61 Thinkpad with Windows XP Professional
I'm going to type up the written log I've created, but note that it is missing information and may have extraneous information, since I sometimes get frustrated and click before I write.
So here goes:
Earlier yesterday, I tried to open two .doc files that I got from my friend via Gmail several weeks ago. They caused MS word to freeze.
That night, Windows suddenly told me that the firewall isn't on. I know that it was on last time I checked. I never turned it off. So I turned it back on.
30 seconds later, AVG found 3 "threats" (Trojan downloaders probably, I didn't write it down) - all were files in the Windows directory. I clicked the button to fix the threats and unplugged my internet cable.
Then a system program terminated. I didn't write down which one.
Then AVG said "some files could not be healed – specified file was not found."
I rebooted. When Windows shut down, Explorer had to force quit. Now, most of the time when Windows shuts down, Explorer has to force quit.
At the restart, I got the following message: "On screen display message handler has encountered a problem and needs to close." This is the software on Lenovo systems that displays indicator bars when you change the volume, brightness, etc using the buttons on the keyboard.
Without me touching anything, a few minutes later, I get the message: "No connection to the internet is currently available…" etc etc. This is unusual. I use the computer without an internet connection all the time. Some software must have been trying to access the internet. I still don't know what it is.
When I clicked "close" on the scren display thing, a logo appeared in the system tray with a square around "Fn" – I think it's the normal "On screen display message handler" logo, but it isn't normally in my systray.
Reboot. Same display message handler error, same request to connect to the internet. These two things continued to happen every time I rebooted for any reason except where specified.
I went to Windows explorer and searched for recently edited files. The Temp folder came up, among a zillion other things. I clicked it just sort of randomly. AVT immediately detected another Trojan. I scanned the Temp folder and AVG found four more trojans. I removed all of them.
Then I tried a full system scan. It found tracking cookies for a while, then the blue screen of death appeared.
Reboot. I scanned those faulty word docs using AVG. It said they were fine. I deleted them anyway. Scanned several folders, all fine. Tried another full scan, this time watching more closely. It got stuck for a looong time on C:\found.001\dir0000.chk\js3250.dll (strangely, a copy of a Firefox file in Windows' backup folders for file fragments fixed during scandisc, I think.) I clicked "Pause" on the scan, the computer froze, and I had to force it to shut down.
Started up the machine again. Used Windows explorer to find the above file AVG got hooked on. Instant blue screen of death.
Reboot. I decided I wanted safe mode.
Reboot in safe mode. Used Windows explorer to find js3250.dll again. No instant blue screen this time. I tried to run an AVG scan of that single file. No indication of a result was ever given. I saw that a copy of Firefox.exe was in the same folder, so I tried to view the properties. Blue screen of death.
Reboot in normal mode. "One of the files containing the system's Registry data had to be recovered by use of a log or alternate copy. The recovery was successful." – in addition to the normal 2 messages.
Shut down for the day.
Next morning, I did some research on another computer and decided it was save to delete files from found.001.
I booted up this laptop in safe mode and deleted js3250.dll. It worked.
Reboot in normal mode. AVG scan yields blue screen again.
Reboot in normal mode. AVG scan of just found.000, found.001, found.002, etc. AVG got stuck on one file in found.001, just like before.
Reboot in normal mode. Used Windows explorer to try to open found.001. It said "searching for files" for several minutes before going to the blue screen.
Reboot in normal mode, accidentally missing the time for F8. "One of the files containing the system's Registry data had to be recovered by use of a log or alternate copy. The recovery was successful."
Reboot in safe mode. Deleted all of found.001\dir0000.chk.
Reboot in normal mode. First, something makes me check Spybot's user blacklist. There's a system process on there. I take it off. I probably put it on without thinking about it months ago.
AVG scan of found.000, found.001, etc. comes up OK. AVG full scan gets a blue screen again.
Reboot in normal mode. The display message handler error does NOT show up.
Full AVG scan, this time with me watching more closely (these things take over an hour).
At 55:45 minutes the computer asked me about the internet connection again.
AVG got stuck for 40 minutes or more on C:\RECYCLER\S-1-5-21-234765947-1763018415-245227182-1008\Dc38\. It didn't go to a blue screen. After 40 minutes I hit pause, it froze, and I forced it to shut down.
Reboot in normal mode. Display message handler error showed up again. I emptied the recycling bin. AVG full scan.
At 57:35 it asked about the internet again.
Blue screen of death came either during or shortly after scanning System Volume Information.
Reboot in normal mode. Again, the display message handler error did NOT show up.
AVG scan of the two folders below system volume information produced another blue screen. This time I wrote down the "technical info" because it stayed up for a while: "STOP: 0x000000F4 (0x00000003, 0x89C45480, 0x89C455F4, 0x805D297C)"
Reboot in normal mode. Connected to internet, updated AVG, scanned recently updated files. It froze on system volume information.
Reboot in normal mode. I give up on trying to fix the machine, and connect to the internet. I was typing this in the forum itself, but then AVG detected 2 trojans "on open." They were system32\yayxutsS.dll and the same thing with all capital letters. I said fix them. It said "some files could not be healed – specified file was not found."
So now I'm typing this in word, and I'm going to quickly connect to the internet, paste it into the forum, and then disconnect. I'm sorry for such a long description, and for the insane shifts in verb tense that are probably in there. My body has a real virus right now.
Thanks for any help anyone has to offer.
Sign In
Create Account
