Removed McAfee...Can't do anything..laptop messed up HELP!
#16
Posted 15 May 2012 - 12:45 AM
#17
Posted 15 May 2012 - 12:48 AM
#18
Posted 15 May 2012 - 12:53 AM
#19
Posted 15 May 2012 - 01:00 AM
Please let me know if there is any more steps I need to take to get my laptop back in order, I will check this thread 2morrow.
thanks again,
josh
#20
Posted 15 May 2012 - 02:02 AM
I'm just having you check if there's anything suspicious at all that could've caused this (other than the big virus called McAfee, lol). So just one more set of instructions before I declare your system clean.
***
Start -> Run (if you're using Vista/7, press and hold the Windows key on your keyboard and then press R to access Run):
type diskmgmt.msc
Click "OK"
Disk Management will open.
Click and hold the right side of the Disk Management Window and drag it to the right until you can see all the columns.
Take a screen Shot of the Disk Management Window and attach the screen shot to your reply. You can take a screenshot by pressing the PrintScreen/PrtScrn button located somewhere at the top of your keyboard and using Paste in the Paint program to paste the copied screenshot.
***
Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan
On completion of the scan click save log, save it to your desktop and post in your next reply
***
Have a good night.
#21
Posted 15 May 2012 - 07:34 PM
Here is the aswMBR scan results:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-15 21:32:02
-----------------------------
21:32:02.931 OS Version: Windows x64 6.1.7601 Service Pack 1
21:32:02.931 Number of processors: 4 586 0x2505
21:32:02.932 ComputerName: CARNEY-LAPTOP UserName: carney
21:32:04.022 Initialize success
21:32:23.450 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:32:23.456 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 476940MB BusType: 3
21:32:23.476 Disk 0 MBR read successfully
21:32:23.480 Disk 0 MBR scan
21:32:23.485 Disk 0 Windows 7 default MBR code
21:32:23.497 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
21:32:23.513 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
21:32:23.527 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461838 MB offset 30926848
21:32:23.550 Disk 0 scanning C:\Windows\system32\drivers
21:32:28.664 Service scanning
21:32:43.223 Modules scanning
21:32:43.238 Disk 0 trace - called modules:
21:32:43.264 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:32:43.272 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bef060]
21:32:43.280 3 CLASSPNP.SYS[fffff88001dc443f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004958050]
21:32:43.287 Scan finished successfully
21:33:03.602 Disk 0 MBR has been saved successfully to "C:\Users\carney\Desktop\MBR.dat"
21:33:03.670 The log file has been saved successfully to "C:\Users\carney\Desktop\aswMBR log.txt"
Edited by jacarney8657, 15 May 2012 - 07:41 PM.
#22
Posted 16 May 2012 - 04:09 PM
Subject to no further problems
The following will implement some cleanup procedures as well as reset System Restore points:
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL
O33 - MountPoints2\{c29aa73a-1419-11e0-a51b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c29aa73a-1419-11e0-a51b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\dvd-rom.exe
O33 - MountPoints2\{f035f6b9-c4e4-11e0-ac5e-eee855c50870}\Shell - "" = AutoRun
O33 - MountPoints2\{f035f6b9-c4e4-11e0-ac5e-eee855c50870}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
:Commands
[resethosts]
[emptytemp]
[Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
- Click Start.
- Open My Computer.
- Select the Tools menu and click Folder Options.
- Select the View Tab.
- Under the Hidden files and folders heading select Do not show hidden files and folders.
- Click Yes to confirm.
- Click OK.
Upgrading Java:
- Go to this site and click Do I have Java
- It will check your current version and then offer to update to the latest version
SPRING CLEAN
To manually create a new Restore Point
- Go to Control Panel and select System
- Select System
- On the left select System Protection and accept the warning if you get one
- Select System Protection Tab
- Select Create at the bottom
- Type in a name i.e. Clean
- Select Create
Now we can purge the infected ones
- GoStart > All programs > Accessories > system tools
- Right click Disc cleanup and select run as administrator
- Select Your main drive and accept the warning if you get one
- For a few moments the system will make some calculations
- Select the More Options tab
- In the System Restore and Shadow Backups select Clean up
- Select Delete on the pop up
- Select OK
- Select Delete
Now that you are clean, to help protect your computer in the future I recommend that you keep the following free programmes:
Malwarebytes. Update and run weekly to keep your system clean
Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link
It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
#23
Posted 17 May 2012 - 07:10 PM
I do have one thing I have been wondering about though. It actually is/has occured on my laptop and desktop.
I go to "start" then "my computer" then "OS(C:)"
When I get to there it shows the list of folders that are there such as: Dell,Intel,Perflogs,Program Files...etc
My issue or question is that along with those folders there are 2 folders that A) I don't know what they really are B) Why they r there? and finally C) Can I delete them or are they necessary to keep the computers running smoothly?
The folder names kind of look like registry file names(maybe not, but thats what they remind me of).
They are:
e5426582a06af5b231dbb351fafb and ec881e7e546083601f031d37ad
When I hover the pointer over the folder names it says they were both created 2/12/2011 and both are 194mb in size. Inside the folders are tons of stuff. To name a few netfx_Core_x64, Parameterinfo and then there are a bunch of just numbered folders like 1046, 1049 and inside all those are things named eula, LocalizedData and SetupResources.dll.
It looks like it had something to do with a Windows update cause a bunch of the files are listed as their "TYPE" being: Microsoft Update Standalone Package.
Anyway I probably explained this way too detailed and u prob know what I am talking about, but can I delete these folder, they are kinda annoying? Also did they get put in the OS(C:) by mistake because of something I did? Like I said it happened on both of my computers, I don't know if the ones on desktop are exactly the same cause I am not around that pc, but I know they are on that pc too.
Thanks again, sorry for adding this subject to the conversation.
JOSH
#24
Posted 17 May 2012 - 08:35 PM
Before I answer this, I'll wait for an expert to approve of my answer just in case.
#25
Posted 18 May 2012 - 04:50 PM
#26
Posted 20 May 2012 - 06:24 PM
I just want to say thanks 1 more time, u and the many other gtg "staff" are amazingly helpful.
When pc's start to go haywire it can be very stressful and I just can't afford to run and have some place fix my pc,but if it wasn't for gtg that is what I would have had to do many times.
Keep up the great work!!!
#27
Posted 20 May 2012 - 09:43 PM
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users