Computer Problems please help!!!!

I think I have so many problems with my computer, I dont know what to do. I have been forced to run in safe mode to get on the internet now,and it seems like my active X is all screwed up to. Hope someone can help me!!! Here is my Hijack Log:

 

We require our full clean procedure be run (ALL steps) in the order written before we will look at HijackThis logs. Please follow the steps below.

- Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


After doing ALL of the above you still have a problem:

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

I have run all those scanners in safe mode, but I cannot run the online virus scanners. Everytime it says their is a problem with my active x. and when i go to the web site to run the scans it says it needs active x to run. Pretty much I'm stuck. From the scans form the other programs They found many things and removed them all, so I think, as long as I'm in safe mode. I seem to have the same problems, Here is my HJL:

 

Marisa,

Please start posting your logs as attachments to your post.

Download the following two files, create a folder on your desktop, call it TSC. Save these 2 files there!

Sysclean Package

Pattern.zip

Once you have these downloaded into the folder you just created, double click the file sysclean.com

When the system cleaner loads, click SCAN to start the scanner.

Let me know the results, after you finish this scan reboot and post a fresh HJT log as an attachment to your post!

 

OK, I ran that scan sysclean.exe. It found lots of things where "a error accured while scanning", and "Could not set file for reading". I attached that log file for that and a new HJL

 

Okay! I think we need to flush the Prefetch folder.

Download Windows XP Prefetch Clean And Control 1.2.0

Run this file after download is complete, click the button "Clean Prefetch Folder Now" and this will clean out that folder.


Now scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O19 - User stylesheet: C:\WINDOWS\windows.dat

Again, make sure All Browser Windows are Closed when you Click FIX.

NEXT:
Run CCleaner


After you complete the above, Scan with HijackThis and attach the new log.

 

OK, When I delete both RO's in safe mode they are gone, along with the others, when I rebooted into regular they were back exept for "09" whickh now seems to be gone now
HJL attached:

 

Okay, before we do anything else, you need to surf in to Windows Updates and get updated. You need to download and install Service Pack 2. Without this critical update you will continue to have problems.

After you get updated, post a fresh HJT log and we will get the last few things.

 

I've installed the service pack 2 months ago from microsoft.

 

Apparently you havnt because its not showing. If you did it would look the the below. Attach a fresh HJT log so we can procede with the fix please.

Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

I just tried to install SP2, it says I have to install SP1, when I try to install SP1 it says I have a newer version of SP2 already installed, Round and round I go.Its sort of funny, I actually see a box open up before i get the error message like somehting is shutting down the install. Here is a new HJL

 

I've been trying to downloa any service pack for the past 2 hours.I've noticed that when I try to download and service pack right now that I cant, it always says I need a newer version of SP2 before I can update.But it says the same thing when I try to download SP2 too. I know I've installed this update before, its weird that its not showing up or saying it wasnt installed. Everytime also during the install or it trying to install, a box will briefly come up then dasapier then I get the error message, Like somehting is shutting it down.Aslo, I noticed that the line in the HJL line "019" Stylsheets. Its their in Normal mode but not in safe mode, either way I cant delete it, and if I do its right back their when I restart.HJL on the last post

I just looked in my add/remove programs and SP2 is their just like the SP1 files

 

If you are on Cable or DSL and can download SP2 somewhat fast then remove Service Pack 2 reboot and install it fresh.

Its possible SP2 was installed while Malware was present in which case that explains these problems.

 

ok, I'm having a problem with this. I can find hundreds of updates for the service pack 2 for xp, but i cant find the actuall service pack2. They are all updates. Can you help ,me with this? PLease

 

Download the following package, please note its 266 MB and may take about 15 minutes on Cable/DSL.

Windows XP Service Pack 2

After download is complete, double click to install.

 

SP2 installed succesfull!!!!
New HJL

 

Good Deal!

Are you familiar with this entry below?

O17 - HKLM\System\CS2\Services\VxD\MSTCP: NameServer = 69.50.176.156,195.225.176.31

 

No I'm not

 

Download Pocket KillBox
(Don't run it yet)


Please boot into Safe Mode with the Viewing of Hidden Files & Folders Enabled


Now scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

O17 - HKLM\System\CS2\Services\VxD\MSTCP: NameServer = 69.50.176.156,195.225.176.31

O19 - User stylesheet: C:\WINDOWS\windows.dat

O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)

Again, make sure All Browser Windows are Closed when you Click FIX.

NEXT:
Run CCleaner

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


Locate PocketKillbox

Now, Copy and Paste C:\WINDOWS\windows.dat into the box – If it exists, it will show up in Blue. Check the option to Delete on Reboot and Click the Red X and Yes to the confirmation message. A message will ask if you want to reboot now – Click YES.


Now Allow Killbox to reboot your system. After you have rebooted post a fresh HJT log.

 

I could delete everything in safe mode exxept for line "023" , when I restarted it was all back, I did everything to a tee, twice just to make sure. here is a new HJL:

 

Copy the contents of the Quote Box below to Notepad. Then click File and then Save As. Change the Save as Type to All Files. Name the file fix.bat and then click save. (make sure you save it somewhere you can find it. Saving it to your Desktop may make that easy.)

Double-click on the fix.bat file on your desktop (or locate it with Windows Explorer and double click on it if not saved to the Desktop).

Now scan with HijackThis and Check the Boxes for the following:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

O19 - User stylesheet: C:\WINDOWS\windows.dat

Make sure All Browser Windows are Closed when you Click FIX.


After you complete the above, reboot and post a fresh HJT log!

 

Sorry I've been gone for the weekend, I tried what your last post says and it looks like we did it!!! My home page seems to be back to normal. I posted a new HJL please tell me if everything looks OK. Your AWESOME!!!!!!

 

Crap!!!, It seems like hit or miss opening Internet Explorer, Sometime I have a connection and sometimes the no page will load.Kind of weird.This is all within trying to open it within secounds

 

Also seems like I have problems with active X still.... Any ideas?

 

OK, I've go the active X sorted out. It was just disabled in the internet options. But I cannot get on the internet in Normal windows, I have to be in safe mode to access the internet. Here is a fresh HJL just in case something changed.

 

Your HJT log is clean!

For the internet problem, download the below utility. After download is complete run it and select FIX. Afterwards it will reboot your system, let me know if problem remains.

WinSock XP Fix 1.2

 

I'm still having problems with my connection. In Safe Mode its fine and I'm able to connect anytime I would like, but in Normal Mode it seems like touch and go. What I sort of figured out is that if I go in to my internet options and reset all my security to a default, I'm able to connect fine for a while then all the sudden it will freeze up or it will not open a page, until I reset the security again. Should I post this in a new forum? Thanks for everything

M

 

Do you have Content Advisor enabled?

Reset Web Settings & Default Security Settings:


To Reset Web Settings:
Right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK


To Default Security Settings:
Right click on your desktop Internet Explorer icon and select Properties. Then click the Security Tab and click Default Level for Internet, Local Intranet, Trusted Sites, and Restricted Sites.

 

Ill give that a shot and I'll post up if I have any more problems, Thanks again

 

Okay!