Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

trojan win32genericBT,downloader3.10443,startpage.1505,winlock3251


  • Please log in to reply

#46
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,796 posts
  • MVP
Copy the next line:

reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /s > \junk.txt

Start, All Programs, Command Prompt
then right click and select Paste or Edit then Paste. The copied line should appear. Hit Enter.

notepad \junk.txt

Copy and Paste the text into a reply.

Ron
  • 0

Advertisements


#47
luminix

luminix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
Ron,
Thanks for trying to tackle these couple of problems simultaneously. Here's my update.

1) Shut down - I unchecked the box you mentioned under System Failure, but I highly doubt this is the problem nor do I believe it is crashing on shut down as MS suggests. The reason is that when I click shut down, a small pop up with 3 options opens as you know with XP - Stand by yellow, Turn off red, and Restart green. The Stand by option is now no longer yellow, instead it has turned into the same color as the background which means it is no longer an option. So, if the computer cannot go into standby (hibernate), then for some reason it also cannot properly shut down. This "deactivation" of stand by has never happened before. So, I doubt there is any crash during shut down, I think something has fundamentally changed with the shut down procedure.

Anyhow, I have attached the junk log you asked for. I hope this shows something.

2) Speed Fan - Seems to have been successful. After dl, I saw that fan 1&2 were running at only about 40%, so I increased them both to 90%. The temp dropped to around 53 in 1min as you said, and is holding steady. THANKS! That helps with a big -pain-in-butt problem. Btw, I saw the config box you mentioned but never figured out what I was supposed to do in there. I never saw something that would permanently increase the fan speed.

3) Realplayer - I did exactly as you recommended with Microsoft Visual C++ 2008, but still the install was unsuccessful as I got the same error message. Fyi, during the first part of install, I had browser windows open, but then before the final install stage, RP tells you to close all browser windows, which I did. Not sure if this would affect anything, kind of doubt it, but this constant error mesg is awfully weird.

Attached Files

  • Attached File  junk.txt   11.43KB   150 downloads

  • 0

#48
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,796 posts
  • MVP
I'm at a disadvantage with XP. Only have Vista and 7 right now. Wife is on a trip and took my XP netbook with her.

There is an option in the registry that you can try and change. Perhaps it will help.

Start, Run, regedit, OK then navigate to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

find the entry in the right pane that says:

PowerdownAfterShutdown

and double click it. a little window should open. Change the 0 to 1 and OK. See if that makes a difference.

The SP3 install may have eaten up your hard disk space so that there is not enough left for Hibernation. Open My Computer and right click on the C:\ drive and select Properties. How much space does it have? You need a block of contiguous hard drive space equal to your RAM. Click on Tools, Defragment. See if it will let you defrag the drive. You need 11% free space for defrag to work so you may need to offload some files to one of your other partitions.

Ron
  • 0

#49
luminix

luminix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
Tried to regedit and so far nothing happened to change the stand by option. I havent tried to shut the computer down yet as I want to go ahead and defrag right now.

I have 5.8Gb left on a 67gb hard drive. I'll see what happens after defrag.

Should I try to compress Cdrive?
  • 0

#50
luminix

luminix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
Also, upon start up, I still get that black screen that asks me if I want to boot into windows normal or 2 other options. remember? You had me start that when we were fixing the other problems. I gives me 10secs to select or it boots into windows normal. Can I go back to the normal windows boot? Can you tell me how? Thanks.
  • 0

#51
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,796 posts
  • MVP
The regedit was just to see if we could make it shutdown instead of restart.

To remove the two other options you can edit boot.ini
to remove these two lines:

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug

http://support.microsoft.com/kb/289022

Better would be to change the time period to the minimum so you still have a Recovery Console.

Start, Settings, Control Panel, System, Advanced, Startup and Recovery -Settings, and change the Time to Display the List of Operating Systems from 10 seconds back to 2 or 1 if it will take it. OK

Ron
  • 0

#52
luminix

luminix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
Hey Ron,
Thanks for the reply. Sorry for the delay.

1) Shut down is still not working. "Stand by" is still not highlighted.
2) I read the MS page about the boot.ini edit, but you lost me a bit on this one. What will editing this file do?
3) I changed the time for the recovery console. That was easy.
4) Successfully defrag'd the C:, which had 15% free space, but that did not affect the shut down issue.

So, I still have the 3 main problems: no Shut Down, MS Office doesn't work, RealPlayer doesn't work. I hope you have some ideas on these.

New development. Before my last shut down, you had me change a value from 0-1. Nothing seemed to be affected, however when I shut the compu down, it installed 6 updates and then I got this blue screen (which I have never seen before): "A problem has been detected and windows shut down to prevent damage. Tech info: Stop:0xC000005, 0x0000007E, 0xF77F79AC, kbdclassys - Address F77F79ACb at F77F7000, Datestamp 48025372, 0xF78c29BC, 0xF78c26B8" Do you have any idea what this is from?
  • 0

#53
luminix

luminix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
I went back into the regedit that you had me change 0-1 and changed it back to 0, but that didnt fix the error that I wrote about in my last post that I keep getting at shut down. I'm afraid that if I keep shutting down the machine it could do permanent damage or I will not be able to start it again. Do you have any info on this?
  • 0

#54
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,796 posts
  • MVP
It would seem your keyboard driver is causing problems.

Does this apply?

http://support.microsoft.com/kb/313050
  • 0

#55
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,796 posts
  • MVP
go into Control Panel > Power Options and on the last tab, disable hibernation temporarily. If the old C:\hiberfil.sys is still there, you can delete it). Make sure you have as much free disk space as you can find. Then run another defrag. Then back in power options turn on hibernation again

From:

http://fivepercent.u...finally-i-hope/
  • 0

Advertisements


#56
luminix

luminix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
What does this mean: " If the old C:\hiberfil.sys is still there, you can delete it)."

Also, I didn't understand this: "To remove the two other options you can edit boot.ini to remove these two lines:

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug"
  • 0

#57
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,796 posts
  • MVP
Hibernation creates a file on your C:\ drive called hiberfil.sys. This is a hidden system file so you have to tell Windows to let you see it:

If using Windows XP:

Close all programs so that you are at your desktop.
Double-click on the My Computer icon.
Select the Tools menu and click Folder Options.
After the new window appears select the View tab.
Put a checkmark in the checkbox labeled Display the contents of system folders.
Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
Remove the checkmark from the checkbox labeled Hide protected operating system files.
Press the Apply button and then the OK button and exit My Computer.
Now your computer is configured to show all hidden files.



Now open (My) Computer and double click on C:\ drive. If it shows you a bunch of icons, click on Views and select Details. You should be able to find hiberfil.sys if it still exists (but you can't delete it unless you have turned off Hibernation.

***************************

If you want to remove the option to run the Recovery Console at boot then you edit boot.ini to remove the two lines:

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug"

If you can stand the 2 second delay at boot then you don't need to do anything and it would be better to keep the Recovery Console as an option in case you run into trouble later.
  • 0

#58
luminix

luminix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
As for the keyboard, I kind of doubt that's the culprit. I installed the software again from the original disk several 1-2 months ago and the keyboard is not only working perfect, but the message started only recently. So, I should have the right drivers.

I did search for a "new" driver on the logitech site, but they don't offer that keyboard driver anymore. So, I searched on google and finally found http://www.downloadp...-1-0-0-0-0.html, but their drivers are not highly rated and when getting a driver from a site other than the original site, I've heard you can easily get virus. Soooo, I hesitate to dl a driver from a strange site, when I'm not very sure there's any problem with my current driver.
  • 0

#59
luminix

luminix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
Under "power settings", I don't have anything that resembles what you wrote in your last post nor what is on the "5% windows page". All I have is something about turn off the monitor/turn off hard disks. It was an interesting page, but I don't think any of that applies to my problem. So, I haven't tried to find the hibernation file on C: because I can't "turn off/on" hibernation.
  • 0

#60
luminix

luminix

    Member

  • Topic Starter
  • Member
  • PipPip
  • 84 posts
I was wondering something. My original question/post back in August was about a possible virus problem and not being able to update my computer, etc, etc. Well, those problems have been fixed and now I'm still dealing with not having MS office, and not being able to shut down my computer, plus the real player problem. These have been my problems either for 2 months (MS Office, Real Player), or about 2 weeks (shut down). These problems seem to be hanging around unusually long. So, I'm just wondering if perhaps this isn't exactly your area of expertise, maybe you know another person who deals more with these problems. If not, and if you know a lot about these issues as well as viruses but just haven't found the solution yet, no problem. Just let me know your thoughts about this. As always, I appreciate all the time you've taken with these problems.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP