In the "Vista Cleaning" section ... ?

??????????????????????????????????????????

After spending literally the entire day chasing my PC in circles seemingly as a dog and its own tail, and after FINALLY getting Vista Service Pack 1 to “take”, here is where I'm at ...

This garbage (??) is showing-up in my AVG Free AV scan:

File - Result/Infection - Path
------------------------------------------------------------------------------------------------------------------------
kernel32.dll - Change - C:\Windows\System32\kernel32.dll
wsock32.dll - Change - C:\Windows\System32\wsock32.dll
user32.dll - Change - C:\Windows\System32\user32.dll
shell.dll - Change - C:\Windows\System32\shell32.dll
ntoskrnl.dll - Change - C:\Windows\System32\ntoskrnl.exe
hosts - Change - C:\Windows\System32\drivers\etc\hosts

“Stuff” is changing. Every time I attempt to correct one thing, something else happens, then I end-up spending gobs of time trying to "figure" the new change/problem out. Recently, (more so than USUAL!) things have been freezing/hanging (BADLY!). Ad-Aware quit working ("aawservice.exe" -“Stopped Working”, 3-14-2008, per my Vista “Performance & Reliability Monitor” - as did “ISUpdatemanager.exe", on 3-19-2008). I had to un-install Ad-Aware. My AVG updates are screwy now (sometimes it seems to update automatically, other times it won't, and sometimes it will let me manually update – and other times not!).

Troubles “seemed” to start around the time I downloaded some crap from NVIDIA (“nTune”), attempting to update drivers – but there has GOT to be something more than just that that is now wrong with this Dell that's not even three months old. It seems like the more I hang-around this (MG) website, and the more secure I ATTEMPT to make my new PC – the more problems I have. My "Vista Security Center" STILL tells me that “COMODO Firewall” (installed on the advice of someone here that shall remain un-named) is STILL reporting that it is ON – even though it was UN-installed a month ago (though I believe this is a "False Positive" [??] as a Belarc analysis does NOT show it).

I tried working through the Malware forum, and got stuck in the “Vista Cleaning” part – and had to give-up ... too many other problems presenting themselves.

Anybody willing to touch this one??? I am NO geek ... I just come here for help ...........

PS - I would "advise" that no one to go anywhere near the Dell "Support"(driver/updates) pages nor the NVIDIA driver/update pages - they allow you to download crap that may very well already be on your system. They (apparently) have no way to analyze your system for what is ON it - only what is SUPPOSED to (MAYBE!!!) be on it - and then allows you to download just about anything - whether it's compatible with your system - or NOT!!!

Oh, also, I went in and selected to "Show Hidden Files", and de-select a couple of boxes under that - I HAVE NO CLUE IF I SHOULD GO BACK AND CHANGE THAT OR NOT??? I HAVE "SUPERANTISPY" LIKE HALF-INSTALLED ON MY PC NOW ... I AM SO SICK AND TIRED OF NURSING MY PC ... I'D JUST LIKE TO USE IT SOMETIME YA KNOW, I MEAN, THAT'S WHY I BOUGHT THE DAMNED THING!!!!!!!!!!!!

 

What if I ALREADY have Spybot S&D installed WITH the Tea Timer? Do I have to uninstall, and reinstall, WITHOUT the Tea Timer??

Thanks

* Also, does all of this need to be done through the Admin account? I soooo don't get all this switching back and forth, uhhh, "stuff" - "permissions" and all that ...

PS - Ok, now it's telling me (IN MY ADMIN ACCOUNT!!!), that I don't have permission to save it in C:\ProgramFiles... - WTF?

 

???

Ok, now it's telling me (IN MY ADMIN ACCOUNT!!!), that I don't have permission to save it in C:\ProgramFiles ....

~*UPDATE*~ Ok, I think my "Hosts File" (whatever the hell that is???), is "Locked"???

 

Re: ??????????????????????????????????????????

To whoever may be looking at this; http://forums.majorgeeks.com/showthread.php?t=155206 and http://forums.majorgeeks.com/showthread.php?t=155128

 

Ok, I suppose the AVG question(s) has been answered. I don't "know" that I have a "Host problem" (though on second thought, if I can't find it after following the directions to do so - then apparently it IS a problem).

Besides wondering where my host file (or local host) is, I'm stuck with why Ad-Aware will no longer work/start - whatever.

I suppose I'm down to one-and-a-half problems??

 

Thank you, and I'll do my best, but some things ("technical"), I simply just don't "get" (understand) very well from just reading - alone. My learning style is more of needing to ask questions as I go, so this may take me (us?) days, or even weeks, to fully accomplish, due to me, and the fact that we are separated by time and space. Sorry.

Thanks again

 

To Disable Spybot's TeaTimer

* Run Spybot and click Mode
* Select Advanced Mode.
* Then click Tools and select Resident.
* Now in the right window pane, uncheck TeaTimer.
* Also while this is open, in the left column now select IE Tweaks
* and then in the right pane make sure all the Miscellaneous locks are unchecked.
* Now quit Spybot!

Can anyone explain to me please what/where these "Miscellaneous locks" are?

Thanks

 

In these instructions given to me here last night, can anyone please tell me what/where these "Miscellaneous locks" are? Or am I to understand to UNcheck everything in Spybot "Advanced Mode/Tools" section?? Something seems to be slowly but surely taking over my PC, and I need to act swiftly ...

To Disable Spybot's TeaTimer

* Run Spybot and click Mode
* Select Advanced Mode.
* Then click Tools and select Resident.
* Now in the right window pane, uncheck TeaTimer.
* Also while this is open, in the left column now select IE Tweaks
* and then in the right pane make sure all the Miscellaneous locks are unchecked.
* Now quit Spybot!

Can anyone explain to me please what/where these "Miscellaneous locks" are, so I may proceed?

Thanks

 

When I "click IE Tweaks", the only thing that happens is that it highlights that line ("IE Tweaks --- Modify some hidden Internet Explorer settings"). I have no choice but to go back and read it a third time now, but that is what happens when I click IE Tweaks here on my PC ... it simply highlights the line.

 

That is not what mine looks like. Even when I double-click on that line - it's a different window (layout). It has "IE Custom Title",
"Current User" & "All Users", but no boxes to check or uncheck. There is one box, but it is 'shaded', preventing me from doing anything with it, and it's labeled: "Lock Hosts file read-only as protection against hijackers" ... that's what shows when I double-click that line (if I figure-out how to capture a screenshot - I'll send it. It won't allow me to copy/paste).

 

There is one box, with a check inside of it, but it is 'shaded', preventing me from doing anything with it, and it's labeled: "Lock Hosts file read-only as protection against hijackers"

 

Ok, I did the downloads (the first two to my desktop, and the third - MGTools, to C:\...), then I disabled the UAC>rebooted>, but the desktop icon for SAS will not let me install, and yes, I've right-clicked, and tried to install as the administrator - to no avail. I keep getting the message: 'Error 1303: Insufficient Privileges ... log on as an admin'. I tried four times.

I sure hope you are not going to tell me that I have to "unzip" this thing, because that is right about where my problems really seemed to start the other night, when I attempted to sign-up for the 45 day TRIAL of WinZip. I could not get WinZip to work, because as soon as I downloaded, and then tried to install it, it told me that my 45 day trial was over (it actually counted up to 48 days!!!). I sent WinZip an email, which I'll try to copy/paste here:


>Hi, I am writing in response to your message:

> Hello.
>
> I did download your evaluation, or 45-day trial, program, but it
> immediately informed me that my 45 days was up (in fact, the counter
> actually went up to 48 days I think it was).
>
> I find the whole "zip" and compressed file thing confusing enough as it
> is. I do know there are some other free programs such as this - to
> perform this function for me, but I would like to try WinZip as it seems
> much hearalded.
>
> Can you advise please?
>
> G. C.
> Locust Grove, VA
> g...@yahoo.com
> g...@hotmail.com



I'm sorry to hear of the difficulties. You -may- be able to reset the
evaluation version by uninstalling and then reinstalling the software.
The best way to remove WinZip from your system is as follows:

1. Open the "Control Panel"

2. Double click "Add or Remove Programs"

3. Click the "WinZip" entry in the list of programs, then click "Remove"

If you are running Vista remove WinZip as follows:

1. Open the "Control Panel"

2. Click the "Uninstall a program" link below "Programs"

3. Click the "WinZip" entry in the list of programs, then click
"Uninstall"

You may download the evaluation version of WinZip from our web site at:

http://download.winzip.com/winzip111.exe

Although there is no charge to download the evaluation version of
WinZip, WinZip is not free software. The evaluation version gives you
the opportunity to try WinZip before you buy it.

If this doesn't reset the evaluation, you can install and evaluate the
WinZip 10 release.

WinZip 10.0 is available for download from


http://download.winzip.com/ngs/winzip100.exe


Once the download completes, just double click on the downloaded
file to start the WinZip install process.

If you have trouble obtaining a copy or have other questions, please let
us know.

-- Chuck Campbell, WinZip Technical Support


____________________________________________________________
Introducing WinZip E-Mail Companion 2.0
Zip & encrypt outgoing e-mail attachments in one simple step
And now works with Microsoft(R) Outlook Express!

http://www.winzip.com/downec.htm

 

I'm left hanging here with my PC WIDE OPEN???

Uh, hello (?) ... somebody?? Am I leaving my PC vulnerable here please??? With the UAC turned OFF????

~*UPDATE*~ I went into admin and turned it back on ... I don't know enough about this stuff to know whether or not I was open to an attack?????

 

Re: I'm left hanging here with my PC WIDE OPEN???

I did realize after my last post or two that they might come-off as "bumping" (and I have read the stickies, and am well aware of the order of procession) - however, they weren't intended as bumps, per se - not in the classic sense. It really was not so much a "help me/look at me/help me" 'thing', as it was simply searching for a quick answer to some rather negative (from my perspective) results had, from following the instructions - following them to the best of my knowledge and ability. I thought it was common practice that someone else could jump in with some quick advice/suggestion or reassurance ... an additional instruction to alleviate the uncertainty. Admittedly, and granted, I panicked in that I was continually not seeing the projected or predicted results from the instructions. I can only relate what is seen here on my screen (I couldn't exactly do otherwise - could I?), and that seems to have upset you ... I apologize for coming-off as pushy. I don't think I can apologize though for the results had from following the instructions ... they are what they are - I'm just the messenger - I've done what was instructed, and I reported what occurred or that which was resultant. I also don't understand whether you're implying that I am the "problem" or that Vista is the problem(?). In any event ....

I'll move to the other forum on your insistence, but I'm left with one final question: if my registry is possibly "corrupt" as you have suggested (and please again forgive me for asking - but that is why I come to this site), would not that be the result of some form or type of malware - or could I have done that?

Thanks.

PS - Please disregard the question - I just got a quick answer from the MS site.

 

Thanks. I've just been having some personal issues that really have me distracted.

Thanks again for all of your help.

g ...