Internet and blue screen issues

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by pjyelton, Jan 28, 2008.

  1. pjyelton

    pjyelton Private E-2

    Hello everyone, over the last few weeks I've been periodically getting blue screens that reset my computer and slowly but surely by internet has become more and more unreliable with slowness, disconnects, etc. I'm quite sure I have some nasty but not sure how to find out what it is or how to get rid of it.

    I have AVG installed and it often times pops up saying new threat found called "bXXX.exe" where the XXX is some random number.

    Here is my hijackthis log, please let me know what I can do to help out. My log seems so much smaller than most that I see, I feel like I have some setting turned off...

    Thanks for any help!!

    Edit: Removed inline Hijackthis log for guide below
     
    pjyelton, Jan 28, 2008
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    DavidGP, Jan 28, 2008
    #2
  3. pjyelton

    pjyelton Private E-2

    I apologize, I was a big dummy and didn't read the stickies!

    Ok, so I ran everything I could find on the stickies include CCleaner, ComboFix, SpyBot, AVG Anti-Spy, and MGTools. I've attached my logs although it seems like the AVG one got overwritten since there is nothing in it even though several high threats were found and neutralized.
     

    Attached Files:

    pjyelton, Jan 28, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    It appears that something has broken System Restore on your PC. Try the below.
    • Click Start, Run, and enter Service.msc and click OK.
    • This will bring up the Services window.
    • Scroll down until you see the System Restore Service and double click it.
    • On the next form make sure the below boxes are set as follows. You can copy and paste in the correct info if necessary from the below purple text.
      • Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
      • Path to executable: C:\WINDOWS\System32\svchost.exe -k netsvcs
      • Startup type: Make sure it is set to Automatic
      • Service status: Make sure it is Started by clicking the Start button if necessary.
      • Then click Apply
      • Now OK your way out of all Windows.
    Now Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    O4 - HKCU\..\Policies\Explorer\Run: [{FC04543B-08A2-1033-1003-051019050001}] "C:\Program Files\Common Files\{FC04543B-08A2-1033-1003-051019050001}\Update.exe" te-110-12-0000213

    After clicking Fix, exit HJT.


    Uninstall the below old versions of software:
    J2SE Development Kit 5.0 Update 7
    J2SE Runtime Environment 5.0 Update 7
    Java(TM) 6 Update 3
    Viewpoint Media Player <-- should have been uninstalled in step 0 of the READ ME

    Make sure you reboot after uninstalling the above!

    After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment


    If you need the Sun Java Development kit you can get it here: http://java.sun.com/javase/downloads/index.jsp

    Now run Ccleaner!

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created.


    Make sure you tell me how things are working now!
     
    chaslang, Jan 30, 2008
    #4
  5. pjyelton

    pjyelton Private E-2

    I get an error when I try to run Service.msc, I assume you mean Services.msc, it won't let me start system restore, I get the error:

    "Could not start the System Restore Service service on Local Computer. Error 123: Filename, directory name, or volume label syntax is incorrect".

    Everything matches what you have except the executable shows:
    "\SystemRoot\C:\WINDOWS\system32\svchost.exe -k netsvcs"

    I unchecked the update in analyze.exe after closing all browsers. I show those Java programs you mentioned to already be uninstalled, or at least they aren't showing up under Add Remove Programs. I might have installed Update 4 after I posted the logs. I did just uninstall Viewpoint Media Player though.

    I've attached the latest zip file, thanks for any help! I think the internet is running better although I have had at least one or two blue screen since I did most of the fixes.
     

    Attached Files:

    pjyelton, Jan 31, 2008
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes and that is why my instructions gave you what it should be and it is why you received a syntax error. You need to correct it to what I gave you.
     
    chaslang, Feb 1, 2008
    #6
  7. pjyelton

    pjyelton Private E-2

    Sorry, I thought I mentioned this but apparently I didn't, it won't let me update that field, its greyed out.
     
    pjyelton, Feb 1, 2008
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Try booting in Safe Mode and logging into the Administrator account. See if you can fix it now.

    If the above does not help then run Windows Explorer and navigate to the C:\Windows\inf folder. Scroll down to locate the sr.inf file and right click on it and select Install. Then reboot.

    Any luck?
     
    chaslang, Feb 2, 2008
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds