[emeraldnzl]

Hello zumata,

Let's try this:

Go to Vista Automatic Repair for information on how to repair/restore your computer.

Come back after you have done that and tell me if there has been any change.

[Advertisements]

Hi emeraldnzl

Vista Automatic Repair requires installation CD. Vista came preloaded on machine so I do not have CD.

Ran Last Config to access internet, so I am functional again.

Did ComboFix log tell you anything? Any other suggestion?

Zumata

[zumata]

Hi emeraldnzl

Vista Automatic Repair requires installation CD. Vista came preloaded on machine so I do not have CD.

Ran Last Config to access internet, so I am functional again.

Did ComboFix log tell you anything? Any other suggestion?

Zumata

[zumata]

Hey

Just wanted to let you know - I appreciate all your help.

Zumata

[emeraldnzl]

Did ComboFix log tell you anything? Any other suggestion?

ComboFix looked pretty good as have the other scans. My thinking is leaning towards a non malware cause hence my suggestion to use Vista Automatic Repair.

Couple of last scans I think just to make sure we aren't missing anything.

Now

You have used Malwarebytes before. If you still have it on your machine please update and run. Post the scan report back here.

If you no-longer have Malwarebytes please download from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Next

Kaspersky on line scanner is very thorough. It can take a long time and for periods may seem not to be working. Just be patient and let it do its job.

Kaspersky works with Internet Explorer and Firefox 3.

Go to Kaspersky website and perform an online antivirus scan.

Note: you will need to turn off your security programs to allow Kaspersky to do its job.

• Read through the requirements and privacy statement and click on Accept button.
• It will start dowanloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
• When the downloads have finished, click on Settings.
• Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
  • Spyware, Adware, Dialers, and other potentially dangerous programs
    Archives
    Mail databases
• Click on My Computer under Scan.
• Once the scan is complete, it will display the results. Click on View Scan Report.
• You will see a list of infected items there. Click on Save Report As....
• Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.

Copy and paste that information in your next post.

So when you return please post

• MBAM log
• Kaspersky scan results
• and tell me how your computer is performing now

[zumata]

Hi Emeraldnzl

Malwarebytes ran fine.

Tried Kapersky twice. Ran for about 1 1/2 hours each time and computer shut down. Second time restart took me to Startup Repair which I ran. Startup Repair took me to Restore Point which I did.

Before Kapersky shutdown both times,display said no problems. Was watching second time - Seems to have frozen before shutdown.

Reminder - Have McAfee which I was unable to disable because do not have administrator access.

Zumata


Malwarebytes' Anti-Malware 1.41
Database version: 2932
Windows 6.0.6002 Service Pack 2

10/9/2009 7:07:37 PM
mbam-log-2009-10-09 (19-07-37).txt

Scan type: Quick Scan
Objects scanned: 87843
Time elapsed: 8 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[emeraldnzl]

Hello again zumata,

Okay, McAfee is likely stopping Kaspersky from completing its job.

I think your machine is clean though and we need to look for some other cause of your problems. Might be program conflict or something you have inadvertantly done or even a hardware problem. If you still have problems your next port of call should be the Vista forum here . Be sure and tell them you have been here and provide a link so the experts there can have a look at what has been done so far.

We have a couple of last steps to perform and then you're all set.

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.

• Click START then RUN
• Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  
  
  

Step 2

• Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
• Click on the CleanUp! button
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep. Erunt can also be uninstalled via the add/remove programs utility, for some though, it may be a useful backup program to hold on to.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to turn back on any anti-malware programs you may have turned off during the cleaning process.

-------------------------------------------------------------------------------------------------------------------

Now that your machine is clean here are some things that I think are worth having a look at if you don't already know a bout them:

---------------------------------------------------------------------------------------------------------------------

Be sure and give the Temp folders a cleaning out now and then. This helps with security and your computer will run more efficiently. I clean mine once a week. For ease of use, you might consider the following free program:

• ATF Cleaner

--------------------------------------------------------------------------------------------------------------------

Make Internet Explorer more secure

• Click Start > Run
• Type Inetcpl.cpl & click OK
• Click on the Security tab
• Click Reset all zones to default level
• Make sure the Internet Zone is selected & Click Custom level
• In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
• Next Click OK, then Apply button and then OK to exit the Internet Properties page.

* MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

* Consider using an alternate browser. Mozilla's Firefox browser is excellant; it is more secure than Internet Explorer. Firefox is my default browser but I retain Internet Explorer as well so that I can access the very few sites that require it.

Firefox may be downloaded from Here

NoScripts is a good Add-on for Firefox that prevents execution of malicious scripts.

-----------------------------------------------------------------------------------------------------------------------

Startuplite is a tool to help you stop some programs not needed when you start your computer from loading. They will begin automatically only when needed.

-----------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future here are some free programs you can look at:

If your Microsoft Update is not working automatically. Keep your operating system up to date by visiting

• Microsoft Windows Update

monthly.

It is recommended that you do set Windows to check, download and install your updates automatically.

• Click Start > Control Panel > Automatic Updates
  
• Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
  
• Click Apply then OK.

Go here for some good advice about how to prevent infection.

Have a safe and happy computing day!

[zumata]

Hi Emeraldnzl

Will try Vista forum. Thx for working with me.

Zumata

[emeraldnzl]

Your very welcome

I will keep this topic open a short time in case any issues develop.

[zumata]

Hi Emeraldnzl

Posted at Vista and at Hardware (system running extremely hot - thought it might be the cause of the aborts).

Did a system restore as far back as I could go. Strangely, nothing there prior to 10/5.

Still have the Windows Explorer crashes. An error message also came up that I forgot about. Said instruction at 0x026a4a3c cannot be performed at memory location 0x060e1000.

Any idea what this is?

Thx.
Zumata

[emeraldnzl]

Hello zumata,

Any idea what this is?

No I am afraid not. Hopefully the experts at the Hardware forum will have an answer. I will follow it with interest.

Don't hesitate to come back if there is any malware implication. From the scans we have run I am 99% certain that it is not malware (even though some of the symptoms would suggest so) but you can never be 100% certain.

[zumata]

Hi Emeraldnzl
Hardware forum got it right. Too much dust and fur inside laptop.
Thx for your guidance.
Zumata

[emeraldnzl]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.