Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Can't seem to do anything...

Started by jbcteacher , Aug 26 2012 11:09 AM

  • Please log in to reply

#16
RKinner
Posted 02 September 2012 - 01:30 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Uninstall uTorrent. It's a source of many a virus.

Your lexmark software is not happy. I would uninstall

Lexmark S300-S400 Series
Lexmark Toolbar
Lexmark Tools for Office
I assume you can download it again from Lexmark.

Also uninstall Malwarebytes Anti-Malware version 1.62.0.1300.



That your recycle bin is corrupt can mean we have hard drive problems:


1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

sigverif

Press Start in the new window. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

Advertisements

#17
jbcteacher
Posted 03 September 2012 - 06:24 AM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts
Deleted files as you requested. Check disk took forever! > 5 hours. Ran scannow and got NO INTEGRITY VIOLATIONS, ran sigverif and got SCANNED & VERIFIED AS DIG. SIGNED.

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 03/09/2012 8:19:10 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 03/09/2012 12:01:30 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Log: 'System' Date/Time: 03/09/2012 12:00:29 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: PxHlpa64

Log: 'System' Date/Time: 03/09/2012 2:33:56 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: PxHlpa64

Log: 'System' Date/Time: 02/09/2012 8:50:20 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 03/09/2012 2:33:51 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\USBSTOR failed to load for the device USB\VID_18E3&PID_9102\18E3312D81B.

Under all programs I noticed I have folders for Rival Gaming, Shop to Win17 Software995 and some others that look suspicious... Shouldn't those be gone by now? What do you think is happening, and how bad is/was it.

As always === thanks for taking your time and helping!

Joanne
  • 0

#18
RKinner
Posted 03 September 2012 - 01:15 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
You still have one driver which is not loading.

Log: 'System' Date/Time: 03/09/2012 2:33:56 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: PxHlpa64


Per OTL it belongs to Sonic Solutions
DRV - [2004/09/23 02:03:00 | 000,026,720 | ---- | M] (Sonic Solutions) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\PxHlpa64.sys -- (PxHlpa64)


We can turn it off since it is not working.

copy the next line:

sc config PxHlpa64 start= disabled


Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear. hit Enter.

If you have uninstalled the associated programs and still have entries for them in All programs you can right click on each entry you don't like and Delete. If something won't delete it is just a folder which you can search for and delete.

So far I am not seeing a lot other than some disk drive corruption. It's possible that you have a hard driving that is getting a bit weak or some RAM that is a bit flaky.

To test your RAM:
http://www.sevenforu...stics-tool.html

To test your hard drive which is a

Western Digital WDC WD15EARS-00Z5B1 ATA Device (SATA)

You can try their drive test:

http://support.wdc.c...8&sid=3&lang=en

You will need to run the EXTENDED TEST to be sure the drive is good. You have an enormous drive so it may take 24 hours to finish.
  • 0

#19
jbcteacher
Posted 03 September 2012 - 04:51 PM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts
Rival gaming has an uninstaller.... will running that be like opening a can of worms? It is in C:\Users\Justin\AppData\Local
  • 0

#20
RKinner
Posted 03 September 2012 - 07:37 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
You might do better with the free version of Revo uninstaller:

http://www.revounins...e_download.html

The download is at the bottom of the free version column.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP