Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hard drive issues and can't run OTL


  • Please log in to reply

#16
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hi Nanee5_08,

I quick question for you, is Firefox behaving normally? Is it your main browser or do you use something else?

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST.exe (Right click on it and select Run as Administrator)
If FRST detects that an update is needed, allow it to perform the update.
Next, press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Next, Malwarebytes is already downloaded, so please re-run it as you have done in the past

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Then, ESET Online Scanner:

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install.
  • Make sure that the option Remove found threats is unticked
  • If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first! located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Then paste the Logfile in the thread
  • Then click on: Finish
Download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
In your next post to me please include the following logs.
Fixlog log
MBAM log
Esett log
Security Check Log

Attached Files


  • 0

Advertisements


#17
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
To answer your question...when I first tried to do the OTL and it kept hanging in the Firefox thing, I uninstalled it (kept settings and stuff tho, in case I reinstalled) because I rarely use it. I use Chrome as my browser.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-01-2014 01
Ran by Nanee_n_Hobie at 2014-01-29 21:20:06 Run:1
Running from C:\Users\Nanee_n_Hobie\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [] - [x]
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
URLSearchHook: HKCU - (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
SearchScopes: HKCU - {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = http://searchservice...Web&orig=IMC-IE
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
FF Keyword.URL: hxxp://websearch.shopathome.com?user_id={d239f128-b3c4-4ced-a551-5d050324d244}&q=
FF SearchPlugin: C:\Users\Nanee_n_Hobie\AppData\Roaming\Mozilla\Firefox\Profiles\2yro3bmu.default\searchplugins\web-search.xml
FF Extension: ShopAtHome.com Toolbar - C:\Users\Nanee_n_Hobie\AppData\Roaming\Mozilla\Firefox\Profiles\2yro3bmu.default\Extensions\[email protected] [2012-11-10]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [x]
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
2006-11-02 04:23 - 2013-08-27 15:41 - 00451387 ____R C:\Windows\system32\Drivers\etc\hosts


*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.
HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value deleted successfully.
HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value deleted successfully.
HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\linkscanner => Key deleted successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
Firefox Keyword.URL deleted successfully.
C:\Users\Nanee_n_Hobie\AppData\Roaming\Mozilla\Firefox\Profiles\2yro3bmu.default\searchplugins\web-search.xml => Moved successfully.
C:\Users\Nanee_n_Hobie\AppData\Roaming\Mozilla\Firefox\Profiles\2yro3bmu.default\Extensions\[email protected] => Moved successfully.
blbdrive => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
SymIMMP => Service deleted successfully.
C:\ProgramData\PKP_DLes.DAT => Moved successfully.
C:\ProgramData\PKP_DLet.DAT => Moved successfully.
C:\ProgramData\PKP_DLev.DAT => Moved successfully.
C:\Windows\system32\Drivers\etc\hosts => Moved successfully.

==== End of Fixlog ====

Edited by Nanee5_08, 29 January 2014 - 09:22 PM.

  • 0

#18
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.29.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Nanee_n_Hobie :: NANEE_N_HOBI-PC [administrator]

1/29/2014 4:20:43 PM
mbam-log-2014-01-29 (16-20-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220889
Time elapsed: 12 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#19
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7a95c12394505e408b5f53127158a378
# engine=16856
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-30 01:55:53
# local_time=2014-01-29 07:55:53 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 17636699 227654481 0 0
# scanned=273752
# found=1
# cleaned=0
# scan_time=11078
sh=122C61A35E6D238A8707E4D414EA1CDCC3A88F15 ft=1 fh=f48babca103875b7 vn="Win32/Toolbar.Babylon.T application" ac=I fn="C:\Users\Nanee_n_Hobie\Downloads\ReimageRepair.exe"
  • 0

#20
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Whew! and the last one!

Results of screen317's Security Check version 0.99.79
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG AntiVirus Free Edition 2014
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
SpywareBlaster 5.0
Malwarebytes Anti-Malware version 1.75.0.1300
Panda Cloud Cleaner
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader XI
Google Chrome 32.0.1700.102
Google Chrome 32.0.1700.76
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
AVG avgwdsvc.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````
  • 0

#21
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Topic is here.

You computer is looking better, but there are still some items that need to be handled.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:

Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version
If you choose, you can disable Java from your system How to Disable Java in your Web Browser

Your Flash Player is out of date,
Please visit this site which will verify your Flash Player version, and then click on the Player Download Center link on that page to download the latest version.

Your Ad-Aware AAWTray.exe is disabled! Open Ad-Adawre and make sure the Ad-Aware Tray is enabled.

Also, Make sure that you uninstall old versions of IE, Adobe and Java from your machine.

Next - Run WinDirStat


Please download and install WinDirStat.
  • Click on the desktop icon to run the program.
  • Click on Individual Drives and then click on C: (or whichever drive is your Main Drive)
  • Click on OK
  • When the pacmen have finished there will be a graphic display of your drive.
  • Place your cursor on the divider line between the text above and the color graph below and drag downwards to expand the upper portion of the resultant image produced.
  • Please create a screen shot and attach or upload the image to your next post so I can have a look
It will look something like this

Posted Image
  • 0

#22
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Thank you! I will get right on it! Hope you are having a good weekend. :-)
  • 0

#23
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
I have a question or 2...I deleted the IE versions 8 and 9, and it rolled back to 7. I want to get rid of IE completely and do a clean install of the latest version. What is the easiest way to do that? And, what is the best antivirus (free) that you recommend? I use AVG, but I read that Bitdefender is better, and with the Ad-Aware thing...I deleted what I had (from 2008!) and downloaded the new version, but it has antivirus as well. Thanks for answering in advance. Working on that last thing now...
  • 0

#24
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

I have a question or 2...I deleted the IE versions 8 and 9, and it rolled back to 7.

One of my least favorite "features" of IE ;) Go to the link I gave you and you should be able to install the lastest IE and then you can uninstall the old ones from Control Panel. I'm doing this from memory because I'm not home, but it's part of the uninstall Operating System components (something close to that). If you can't find it, I'll give you better instructions when I get home.

And, what is the best antivirus (free) that you recommend? I use AVG, but I read that Bitdefender is better, and with the Ad-Aware thing...I deleted what I had (from 2008!) and downloaded the new version, but it has antivirus as well.
If you had Windows 8 I'd tell you Windows Defender. however, it's not the same product on Vista. I'll ping my peers and see what the current recommendation is for Vista. It changes (it seems) from year to year based on what features get added and subtracted.

Thanks for answering in advance.

You're very welcome, glad to help!
  • 0

#25
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Hope you can figure this out... :)

comp.jpg
  • 0

Advertisements


#26
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Still not abundantly clear to me. Can you press the cross next to users and that will then open up the folders to see where the space has gone .

Also, I recall you saying that there are files for which you have no access...can you tell me more and/or specify a few of the files?

Last, for AV My instructor uses Avast and and says "in the 10 years of using it I have never been infected" http://www.avast.com...e=AVKB89#idt_01
  • 0

#27
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
wontopen.jpg When I try to explore the HD, under Nanee & Hobie, files such as My Documents, cookies, recent say "Not accessible...access is denied". All the things on the left with that little arrow on it have that error message when you try to click on it.

Edited by Nanee5_08, 04 February 2014 - 11:39 AM.

  • 0

#28
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Ok.. I ran that again and expanded a few things. Hopefully it helps.

pic1.jpg
  • 0

#29
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
pic2.jpg
  • 0

#30
Nanee5_08

Nanee5_08

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
pic3.jpg
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP