[RKinner]

It's normal for windows to install drivers for something you plug in but to do a screen shot:

 

 

Press the Alt +  Print Screen key on your keyboard. It may be labeled [PrtScn].

 

Open Microsoft Paint (All Programs, Accessories,Paint).

 

Go to the Edit menu and choose Paste (or just do Ctrl + v) and the image should appear.

 

 

Go to the File Menu and choose Save As.

 

Navigate to the folder where you want to save the image.  (Desktop)

 

Type a file name for the image: Angel

 

Select a file type. jpeg 

 

Click the Save button.

 

Attach Angel.jpg to your Reply.

 

(Start a Reply.  Click on the Browse button, point it at your desktop and click on Angel.jpg then Open.  Now click on Attach this File)

 

To remove the drivers you go into Device Manager (Right click on Computer and select Manage then Device Manager, View Show Hidden Devices)  and right click on them and Uninstall or Delete.

[Advertisements]

Yeah I know it installs drivers but it has also installed imaginary things into an f drive I dont have yesterday I had unknown devices and when I try to remove them I cant ...I plugged the ipod in this morning and it uploaded another 6 drivers and I cant see them untill I plug the ipod in but if I do its going to install even more imaginary devices I don't have an F drive as far as I know and also my browser settings keep changeing ..after the drivers to day my screen keeps blacking out every time I try to do something..I just have to wait for it to settle again ..I only just installed a new hard drive and I am starting to freak out.. I really appreciate your help I want you to know that I am soo tnankful I feel like crying at the moment who ever this [bleep] is he has fooled the system into thinking everything is fine when I KNOW it isnt!!Some of these drivers I can't delete as I don't have permission I have tried everything to change that but cant!!!

[angel959]

Yeah I know it installs drivers but it has also installed imaginary things into an f drive I dont have yesterday I had unknown devices and when I try to remove them I cant ...I plugged the ipod in this morning and it uploaded another 6 drivers and I cant see them untill I plug the ipod in but if I do its going to install even more imaginary devices I don't have an F drive as far as I know and also my browser settings keep changeing ..after the drivers to day my screen keeps blacking out every time I try to do something..I just have to wait for it to settle again ..I only just installed a new hard drive and I am starting to freak out.. I really appreciate your help I want you to know that I am soo tnankful I feel like crying at the moment who ever this [bleep] is he has fooled the system into thinking everything is fine when I KNOW it isnt!!Some of these drivers I can't delete as I don't have permission I have tried everything to change that but cant!!!

[angel959]

Yeah I know it installs drivers but it has also installed imaginary things into an f drive I dont have yesterday I had unknown devices and when I try to remove them I cant ...I plugged the ipod in this morning and it uploaded another 6 drivers and I cant see them untill I plug the ipod in but if I do its going to install even more imaginary devices I don't have an F drive as far as I know and also my browser settings keep changeing ..after the drivers to day my screen keeps blacking out every time I try to do something..I just have to wait for it to settle again ..I only just installed a new hard drive and I am starting to freak out.. I really appreciate your help I want you to know that I am soo tnankful I feel like crying at the moment who ever this [bleep] is he has fooled the system into thinking everything is fine when I KNOW it isnt!!Some of these drivers I can't delete as I don't have permission I have tried everything to change that but cant!!!

Captureddd.JPGnhnnn.JPG

sorry I didnt realise there was extra options to post I thought it would be at the top sorry I also have these WOW files I dont play WOW and I certainlt never put those files on my computer anything athat has been added from about the end of nov to the 4 dec bis probably suspect I know what I installed!!!I din't install these and they are nearly impossible to delete as they put themselves in a drive I dont have

Edited by angel959, 04 December 2014 - 08:16 PM.

[angel959]

these are new too I didnt put these in the comp either there was only one yesterday now there is 2

 

Edited by angel959, 04 December 2014 - 08:18 PM.

[angel959]

Vino's Event Viewer v01c run on Windows 2008 in English

Report run at 05/12/2014 3:26:23 p.m.

 

Note: All dates below are in the format dd/mm/yyyy

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 05/12/2014 1:42:36 a.m.

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped. 

 

Log: 'System' Date/Time: 04/12/2014 1:09:33 p.m.

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.

 

Log: 'System' Date/Time: 04/12/2014 10:51:24 a.m.

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name direktads.com timed out after none of the configured DNS servers responded.

 

Log: 'System' Date/Time: 04/12/2014 10:31:15 a.m.

Type: Warning Category: 0

Event: 1014 Source: Microsoft-Windows-DNS-Client

Name resolution for the name isatap.home timed out after none of the configured DNS servers responded.

 

 

Report run at 05/12/2014 3:29:11 p.m.

 

Note: All dates below are in the format dd/mm/yyyy

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 05/12/2014 1:45:04 a.m.

Type: Error Category: 0

Event: 10 Source: Microsoft-Windows-WMI

Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

 

Log: 'Application' Date/Time: 04/12/2014 8:20:52 p.m.

Type: Error Category: 101

Event: 1002 Source: Application Hang

The program dragon.exe version 36.1.1.21 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.  Process ID: c8  Start Time: 01d00fad8140aca2  Termination Time: 160  Application Path: C:\Program Files (x86)\Comodo\Dragon\dragon.exe  Report Id: e78285ef-7bf2-11e4-b0cf-60eb69718db7 

 

Log: 'Application' Date/Time: 04/12/2014 1:02:00 p.m.

Type: Error Category: 0

Event: 100 Source: Bonjour Service

Task Scheduling Error: m->NextScheduledSPRetry 1077

 

Log: 'Application' Date/Time: 04/12/2014 1:02:00 p.m.

Type: Error Category: 0

Event: 100 Source: Bonjour Service

Task Scheduling Error: m->NextScheduledEvent 1077

 

Log: 'Application' Date/Time: 04/12/2014 1:02:00 p.m.

Type: Error Category: 0

Event: 100 Source: Bonjour Service

Task Scheduling Error: Continuously busy for more than a second

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[RKinner]

As far as windows is concerned your IPOD is a USB drive so  I'm not surprised to see a drive letter associated with it.

 

Are you talking about SysWOW64?  That's just where windows keeps the files which are only 32 bit.  If that's not what you mean how about a screen shot?

 

If you have unknown drivers you may need the chipset utility or there may be a missing driver file.  These are normally not malware.

 

I need some context for the AdvancedInstallers and Users stuff.  Where did you find them?

[angel959]

ok I know you know what you are doing ..so are you saying I am worrying over nothing !the shots I have put here for you are of unknown devices I don't think I have...I have no Idea what that toshiba thing is with the music thing attached as of this morning there is zero in the usb ports the toshibeI/N and the csb 2.0 are in some drive I cant find are they meant to be there ....sorry I don't want to frustrate you I am not the most computer savvy but I know all weekend (last weekend) I was hacked I had to get my provider to change my ip and I have 3 or driver store packs am I meant to have that many? I know 1 has thousands and thousands of drivers in it and if I touch it drivers will install maybe i am panicking over nothing but I just dont know how to tell?!Maybe i have blocked something I shouldnt?!!

 

IHow do I tell??! What is the F drive? what is an svc host file? all this stuff I ran would have shown Hijack software etc?! I may just be [anicking and need to reset my comodo becaquse I did block EVERYTHING I didnt know what to block and what NOT TO!! So WOW files are meant to be there yes?!

 

Should I just let these drivers install or should I reset comodo and see if I have blocked something? 

 

And again Thankyou for your time and PATIENCE I can frustrate the best of people =)

Edited by angel959, 05 December 2014 - 02:40 AM.

[angel959]

Something has changed after the disc check etc I can't see those files anymore?? the driver store ones??! My screen isn't blacking out anymore I have set everything to ask me first before it installs anything and now when I look at the toshibai i/n thing it shows me it is VLC audio and wants to apply icons that are missing ...Did that help it sort it self out???!! I s it worth running disc checks regularly ?? In your opnion is everything cool and I am just panicking because of what happened on the weekend and interpreting everything as an attack?? My comodo was showing red on the svc host l that has calmed down too!!!!! It has dropped to half WOW   Also you know that stuff I uploaded I didn't run any of the cleanup stuff because you didn't tell me too..trying to follow instructions to the letter =) do I need to ? I am guessing no

Edited by angel959, 05 December 2014 - 02:57 AM.

[RKinner]

You might want to uninstall  Bonjour Service.  It's not happy. Perhaps your firewall is blocking it.  You will get a new one next time you install an Apple product.

 

Sounds like the disk check was needed.  Let's run Speccy and see if the drive is getting sick:

 

Get the free version of Speccy:

 

http://www.filehippo...download_speccy  (Look in the upper right for the Download

Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post.

Uninstall Speccy as we won't need it any more.

 

I'm going to Orlando on a shopping trip in a few minutes.  Probably won't be back on line until late this evening.

[angel959]

well i have been searching around and i have found out my cd rom driver is missing and it cant load a new one it also says pnp missing and my registry editor flashes up and shuts again instantly even running as admin??!! Hey THANKS FOR ALL THIS!!!!! I spotted security warnings in that mix of stuff from speccy!!!here are a couple of screen shots to show you what I found I don't know how to put it into a file so just broke it down into  a few shots

 

 

 TOSHIBA2.txt   165.07KB   217 downloads

 

Edited by angel959, 05 December 2014 - 11:27 AM.

[RKinner]

Speccy doesn't really have any security warnings.  You are probably seeing the Windows update descriptions which explain why you got an update.  Your temps are OK for a notebook and your hard drive is not showing any errors.

 

Let's run the builtin memory test to make sure the memory is good:

 

http://www.sevenforu...stics-tool.html

 

 

For your CD problem:

 

Start, right click on Computer and select Manage (Yes) then click on Device Manager.  You should see an entry for DVD/CD ROM drives.  Click on the arrow in front of it and it should show your CD.  Right click on it and Uninstall.  Then reboot.  Windows should install it from scratch.  Does it work now?

[angel959]

Hi hope your trip went well So the memory check came up fine but the system tries to re install driver but says it fails!!! Also I can open the command prompt but the reg ed is still flashing up and dropping straight away and this happens with all the other windows of the same type!! Am I missing reg keys I read online that it could be a possibility? Also the page you sent me to is still there but when you hi the link to the memory diagnostic help it throws up a 404 screen...just thought you might like to know is all...luckily I know how to run the memory check  I did that with the portable device driver and it worked that was yesterday sometime because I was having trouble with that too ...so that works but the windows 32 driver for the cd rom can't do what it needs to do!!!

Edited by angel959, 06 December 2014 - 06:41 AM.

[RKinner]

Start, All Programs, Accessories then right click on Command Prompt and select Run As Administrator.  Wait for the popup and answer Yes.  Command Windows should open.

cd  \windows

dir regedit.*

It should say something like:

 

C:\Windows>dir regedit.*

 Volume in drive C has no label.

 Volume Serial Number is 2352-6AF2

 

 Directory of C:\Windows

 

07/13/2009  08:39 PM           427,008 regedit.exe

               1 File(s)        427,008 bytes

               0 Dir(s)  925,413,531,648 bytes free

 

 

 

Does it show more than one file?  What is the number before regedit.exe? 427,008?

sfc  /scanfile=\windows\regedit.exe

This should take a few seconds and come back with:

 

 

 

Windows Resource Protection did not find any integrity violations.

 

 

 

 

Does it?  If it does then try:

 

regedit.exe

Do you get any error messages?  If it still doesn't work then

copy  regedit.exe  george.exe

george.exe

If that doesn't work then try:

copy  regedit.exe  george.com

george.com

IF the SFC command did not work or it said it could not fix the file then let OTL look for another one:

 

Copy the text in the code box by highlighting and Ctrl + c 

 

 
/md5start
regedit.exe
/md5stop
 

then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text.  Verify that you got it all and Then click the Run SCAN button at the top

Let the program run unhindered, OTL will not reboot the PC when it is done.  Save the log and copy and paste it to a reply.

 

[angel959]

While you were gone I ran a sfc scan and it said I had corrupted files when I went to look for the log it also said it was corrupted

 

So I ran the first 2 things they show exactly what you have written 

 

Sorry can you explain a bit more I did the regedit.exe and it open a little file window which says reg editor and some of them say value not set...can you explain a wee bit more how to get the otl to fix please I have a screen shot and the last four things say not set the first one doesnt though ....well I cant seem to post a screen shot I don't know if thats me or you guys!!!

[angel959]

Microsoft Windows [Version 6.1.7601]

Copyright © 2009 Microsoft Corporation.  All rights reserved.

 

C:\Windows\system32> regedit.exe

 

C:\Windows\system32>copy  regedit.exe  george.exe

The system cannot find the file specified.

 

C:\Windows\system32>

C:\Windows\system32>george.exe

'george.exe' is not recognized as an internal or external command,

operable program or batch file.

 

C:\Windows\system32>copy  regedit.exe  george.com

The system cannot find the file specified.

 

C:\Windows\system32>

C:\Windows\system32>george.com

'george.com' is not recognized as an internal or external command,

operable program or batch file.

 

C:\Windows\system32>/md5start

'/md5start' is not recognized as an internal or external command,

operable program or batch file.

 

C:\Windows\system32>regedit.exe

 

C:\Windows\system32>/md5stop