I Need Help!!!!!

My Comp. is doing very weird things and I dont know why. Alot of my programs will not run, instead a windows comes up that says windows installer, and it does nothing. I dont know what the prob. is. I have run all the pro. listed in the spyware thread, and it seems not to help. I have hijack this and if someone need a log i will post it. PLEASE HELP!!!!!

 

First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

After doing ALL of the above if you still have a problem:

Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis as a .txt file attachment to your message. All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

 

ok..i have don all the items in the stickey post...let me get a log...

 

Here is my log.

Edit by chaslang: Inline log change to attachment

 

All logs including HJT logs should always be attached to your post as a .txt file, This will be edited by a mod and converted to a attached .txt file.

First, Disable "System Restore" temporarily.

Run HJT and remove the following entries, before removing anything with HJT close all browsers including this one.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file)

Other than this your log looks fairly clean. You may want to run SpySweeper to make sure your clean.

Download SpySweeper here!

After you complete these steps, post new HJT log as well as SpySweeper log. Be sure to attach them to your post instead of posting the log like you did in the previous post. We will troubleshoot your IE problem after we get the system clean from spyware.

 

here are the new logs, and system restore still off.

 

Remove the following from HJT, before removing anything with HJT be sure to close all browsers.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm


DO NOT REMOVE THIS ENTRY
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C3700A2-E602-4419-9893-40FDF888D86D}: NameServer = 166.102.165.11 166.102.165.13

Is this part of your ISP?

 

Ok. i have done that stuff...as far as the one you said not to remove, I did not see it. Do i need to post another log. Also when I run CCleaner on the registry side, it finde alot of things...Do i need to delete them all?

 

Yes, clean everything using CCleaner and post newHJT log just to confirm your clean.

Are you still having problems?

What exactly came up, trying to install?

 

Here is my new log. on the installer issue, im not sure what it is trying to install. it only says windows installer. it used to do it on startup and i got it to stop when i deleted a couple of item off the startup menu. But now when i try to start Word it does it again. I dont understand....thanks for the help

 

Log looks ok as of now, As far as the Word bringing up "Windows Installer" just simply let it run and insert the Microsoft Office disk so that it can copy whatever file its looking for. Ive had that happen a few times on my machine. Just insert the Office disk and it should take care of that.


You might want to check Windows Update for the latest patches and security fixes.

Also please check out this thread. How to protect yourself from malware.

 

Try the Windows Installer CleanUp Utility 1.0 . I think that will solve your installer problem. Download it here:

http://www.majorgeeks.com/download4459.html

If you want to read about it: http://support.microsoft.com/default.aspx?scid=kb;en-us;290301

Let us know.

Steve

 

The clean-up utility did not work. Also every time i start the puter up it says that windows has revovered from a registry error and fixed it from a copy. Why is it doing this every time and how can i fix it? thanks for all the help so far!!

 

What did you get done with the clean-up utility, exactly? Also, what is the registry error?

Steve

 

The clean up utility gave me an error so i tried and reloading it but that still didnt work. The registry error says that something was corrupt and it was recovered from a backup...but it does it every time i startup. I have tried alot of registry cleaners too.

 

Can you provide me with the "exact" error your getting please so that I can better assist you into resolving it. Thanks!

 

OK...here is the exact error...."One of the files containing the system registry data had to be recovered by use of a log or alternate copy. The recovery was successful."

 

bjgarrick,

One thing I found, among many, some having this problem had just updated video drivers or had to go back to an older version. Just some info if it helps.

Steve

 

I checked all drivers..updated a few and even tried to go back on some...still didnt work...what else?

 

Still checking, found one other possible solution but you have sp2 installed and I'm not sure, going to check.

bjgarrick will be back and there might be some other suggestions from the other geeks.

Steve

 

Ok, Ive asked a few of my technicians here at Microsoft and this error can be caused by a certain update from Microsoft. Now let me ask you this when did this start? What did you do before it started coming up?

 

Not exactly sure how long ago it started and I wasnt doing anything out of the ordinary. I also recieve all the updates from windows automatically. maybe that will help you...but I doubt it...its been approximately 6 months. Thanks again for all the help!

 

Try this, Go into Control Panel, Add/Remove Programs and click "show updates" look for this update "KB840987"

If this update is install, uninstall it and reboot. Let me know how this worked.

 

I dont have that update installed....

 

The Microsoft guy's and bjgarrick sort of shot my last resort solution, but I am glad we were able to try it with some expert advice.

Your malware problems seem to be resolved (so far). I would post my problem and error message in the Software Forum alot of geeks there might be able to help with your issue and might get more attention of those that don't visit this forum more often Spyware (guilty of that). Lot of people here with alot of information and solutions, that is where I would go.

Just a thought... might resolve a difficult issue and common problem.

Steve

 

Ok, Since this error can be caused by so many things, what we will do is start with cleaning up any temp files, cookies, etc; and then go onto registry cleaners.

1) Download the following programs:

Microsoft RegClean

CCleaner

Registry Mechanic

2) First run CCleaner, run all 3 scans

3) Now run "Microsoft RegClean" reboot and see if problem remains. If so please move on to next step. If problems is resolved do not continue.

4) Install and run "Registry Mechanic" do scan checking as many boxes and possible (restricted due to trial)

5) Reboot, if problem remains let me know so I can give you further instructions. Thanks!

 

Problem still there. Also, when I try to run registry mechanic, the windows installer comes up again, but i let it go and mechanic eventually came up.

 

now what?

 

jamesandmelody,

I lost track of your thread, sorry. I am checking on some things and hopefully will have some helpful advice this evening.

In the meantime, do a scan for critical updates and see if KB887811 is reccomended or on the list, I don't think it will be since you have sp2 but check anyway so we can rule this update thing out.

Steve

 

Do you guy's have any of these installed:

• Microsoft Excel 2000 Standard Edition
• Microsoft Access 2000 Standard Edition
• Microsoft FrontPage 2000 Standard Edition
• Microsoft Office 2000 Standard Edition
• Microsoft Outlook 2000 Standard Edition
• Microsoft PowerPoint 2000 Standard Edition
• Microsoft Publisher 2000 Standard Edition
• Microsoft Word 2000 Standard Edition

Steve

 

No. Just jamesandmelody. Sorry about that.

Steve

 

No i dont have 2000 or that update Steve, I installed Office XP pro. And to chaslang, the registry prob was there before i even did any registy cleaners.

 

ok...sorry for the mix up...i have had the prob since the start.