Overclock.net › Forums › Intel › Intel - General › Something bad has happened.
New Posts  All Forums:Forum Nav:

Something bad has happened. - Page 2

post #11 of 25
Start in Safe Mode and delete everything in the following folders (assuming you have Windows XP because you haven't filled in your profile):

C:\\Temp
C:\\Windows\\Temp
C:\\Windows\\Prefetch
C:\\Documents and Settings\\"user name"\\Local Settings\\Temporary Internet Files
C:\\Documents and Settings\\"user name"\\Local Settings\\Temp
C:\\Documents and Settings\\"user name"\\Local Settings\\History

Then run a viruscan & spyware scan.

After that run msconfig, uncheck everything that's not suppose to be checked and you should be cool.
    
CPUMotherboardGraphicsRAM
Q6600 G0 @ 3.42GHz Asus P5K Deluxe XFX 8800 ULTRA 710/2340 2x1Gb Crucial Ballistix Tracers PC2 8500 
Hard DriveOSMonitorKeyboard
74Gb Raptor + 750Gb Seagate eSata XP Pro Samsung 226BW 22" LCD Logitech 
PowerCaseMouseMouse Pad
Silverstone Zeus 650w N/A Logitech MX-518 Ulti Mat 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Q6600 G0 @ 3.42GHz Asus P5K Deluxe XFX 8800 ULTRA 710/2340 2x1Gb Crucial Ballistix Tracers PC2 8500 
Hard DriveOSMonitorKeyboard
74Gb Raptor + 750Gb Seagate eSata XP Pro Samsung 226BW 22" LCD Logitech 
PowerCaseMouseMouse Pad
Silverstone Zeus 650w N/A Logitech MX-518 Ulti Mat 
  hide details  
Reply
post #12 of 25
Yes Do what is said above. Also while in safe mode run this utility called Hi-jack this :http://www.majorgeeks.com/download3155.html
post #13 of 25
1. Disable "System Restore" in XP
2. Reboot into Safe Mode then do your scans.
If that cleares up the problem and it returns later, the problem may be resident in the BU files, RAM, who knows. I've seen things... viri./trojans write to a BIOS that wasn't "Write Protected" in the BIOS.
In rare case a reformant won't help if the virus/trojan, etc... is BIOS or RAM resident. A BIOS full clearing with the power off, battery removed, cable removed, RAM removed, PS toggled to discharge electricity and in one case left that way over night befor everything was purged. Why, the virus/trojan created a hidden folder that even a full reformat didnt cure due to the trigger being in the BIOS and the payload being in a hidden segment of the HD!
Sometimes with those there is a large varation in the HDDs known volume space and what it being reported by the OS.
    
CPUMotherboardGraphicsRAM
X4 965 ASUS M4A79 Deluxe 9800GTx2 2x2G OCZ Reapers 
Hard DriveOptical DriveOSMonitor
500G WD Black LiteOn CD/DVD R/W Win7 64 22'' ws Acer AL2223W 
KeyboardPowerMouse
MS KU462 Natural SS DA750 MS 5 button 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
X4 965 ASUS M4A79 Deluxe 9800GTx2 2x2G OCZ Reapers 
Hard DriveOptical DriveOSMonitor
500G WD Black LiteOn CD/DVD R/W Win7 64 22'' ws Acer AL2223W 
KeyboardPowerMouse
MS KU462 Natural SS DA750 MS 5 button 
  hide details  
Reply
post #14 of 25
Thread Starter 
Thanks for the replies

I'm going to try do what all of you said.

I hope this works

Thanks for the help. I'll report back with what happened soon, hopefully
Yeaaahhh!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel P4 3.0ghz MS-7060 ATI 9600 Series DDR400 768MB 
Hard DriveOSMonitorKeyboard
80gb, can't get secondary working :( XP Professional Flatscreen Tedelex Normal Microsoft. Original ftw 
PowerCaseMouseMouse Pad
500W. Has a blue light :) Some old grey thing. Normal Microsoft Green. 
  hide details  
Reply
Yeaaahhh!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel P4 3.0ghz MS-7060 ATI 9600 Series DDR400 768MB 
Hard DriveOSMonitorKeyboard
80gb, can't get secondary working :( XP Professional Flatscreen Tedelex Normal Microsoft. Original ftw 
PowerCaseMouseMouse Pad
500W. Has a blue light :) Some old grey thing. Normal Microsoft Green. 
  hide details  
Reply
post #15 of 25
Thread Starter 
Ok i've booted in Safe Mode with System Restore turned off..

I did Hijack this, and this is the log

Logfile of HijackThis v1.99.1
Scan saved at 6:28:33 PM, on 12/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\Explorer.EXE
C:\\Documents and Settings\\Nicholas\\Desktop\\HijackThis.exe

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Local Page =
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\\Program Files\\Spybot - Search & Destroy\\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.5.0_09\\bin\\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\\..\\Run: [nod32kui] "C:\\Program Files\\Eset\
od32kui.exe" /WAITSERVICE
O4 - HKLM\\..\\Run: [BigPond Toolbar] "C:\\Program Files\\Telstra\\Toolbar\\bpumTray.exe"
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] "C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe"
O4 - HKLM\\..\\Run: [Smapp] C:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe
O4 - HKLM\\..\\Run: [MSConfig] C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig .exe /auto
O4 - HKCU\\..\\RunOnce: [NeroHomeFirstStart] "C:\\Program Files\\Common Files\\Ahead\\Lib\\NMFirstStart.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.5.0_09\\bin\
pjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.5.0_09\\bin\
pjpi150_09.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O16 - DPF: {29710C4C-4F0F-4A36-8312-CB5614829804} (DriverDetectiveNonMembers.nonmembers) - http://www.drivershq.com/files/cab/n...tective-nm.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\MSNMES~1\\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\MSNMES~1\\MSGRAP~1.DLL
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\\PROGRA~1\\McAfee\\VIRUSS~1\\mcshield.exe (file missing)
O23 - Service: NBService - Nero AG - C:\\Program Files\\Nero\\Nero 7\\Nero BackItUp\\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\\Program Files\\Eset\
od32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\
vsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\\Program Files\\Analog Devices\\SoundMAX\\SMAgent.exe


It says stuff about McAfee, but i don't even have it installed. I think that's the one that stuffed up my computer in the first place, because i tried to install an illigal version. Stupid, i know..

I then did Spybot scan, and these are the viruses that came up

Statcounter

VX2.Favouriteman


It says they are firefox tracking cookies..

I got rid of them.. hmm

Edit - I also deleated them files you told me to deleat
Yeaaahhh!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel P4 3.0ghz MS-7060 ATI 9600 Series DDR400 768MB 
Hard DriveOSMonitorKeyboard
80gb, can't get secondary working :( XP Professional Flatscreen Tedelex Normal Microsoft. Original ftw 
PowerCaseMouseMouse Pad
500W. Has a blue light :) Some old grey thing. Normal Microsoft Green. 
  hide details  
Reply
Yeaaahhh!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel P4 3.0ghz MS-7060 ATI 9600 Series DDR400 768MB 
Hard DriveOSMonitorKeyboard
80gb, can't get secondary working :( XP Professional Flatscreen Tedelex Normal Microsoft. Original ftw 
PowerCaseMouseMouse Pad
500W. Has a blue light :) Some old grey thing. Normal Microsoft Green. 
  hide details  
Reply
post #16 of 25
YOu should just wipe the HD and start with a fresh install of XP. You can spend days on this and not be sure you have taken care of the problem, or you can spend a few hours and be done with it and know 100% for sure its good to go.


What's your time worth is what it boils down to.
My System
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6600 Asus P5B Deluxe XFX GeForce 7950 GX2 OCZ 2x1024MB PC6400 
Hard DriveOSMonitorPower
2x180gb SATA Raid 0 Windows XP Pro 18" Plat panel Ultra 600w ATX 
  hide details  
Reply
My System
(13 items)
 
  
CPUMotherboardGraphicsRAM
E6600 Asus P5B Deluxe XFX GeForce 7950 GX2 OCZ 2x1024MB PC6400 
Hard DriveOSMonitorPower
2x180gb SATA Raid 0 Windows XP Pro 18" Plat panel Ultra 600w ATX 
  hide details  
Reply
post #17 of 25
Thread Starter 
Hmm.. But i hate finding all audio drivers etc.

I've reformatted this computer ATLEAST 8 times, and when i have, i've spent a good 3 days finding the right drivers etc..
Yeaaahhh!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel P4 3.0ghz MS-7060 ATI 9600 Series DDR400 768MB 
Hard DriveOSMonitorKeyboard
80gb, can't get secondary working :( XP Professional Flatscreen Tedelex Normal Microsoft. Original ftw 
PowerCaseMouseMouse Pad
500W. Has a blue light :) Some old grey thing. Normal Microsoft Green. 
  hide details  
Reply
Yeaaahhh!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel P4 3.0ghz MS-7060 ATI 9600 Series DDR400 768MB 
Hard DriveOSMonitorKeyboard
80gb, can't get secondary working :( XP Professional Flatscreen Tedelex Normal Microsoft. Original ftw 
PowerCaseMouseMouse Pad
500W. Has a blue light :) Some old grey thing. Normal Microsoft Green. 
  hide details  
Reply
post #18 of 25
Quote:
Originally Posted by Nikv View Post
It says stuff about McAfee, but i don't even have it installed. I think that's the one that stuffed up my computer in the first place, because i tried to install an illigal version. Stupid, i know..
Why in gods name would you install an illegal version of virus protection when there are extremely competent FREE AV programs out there you can download (Avast, AVG, etc, etc). I hate to berate you, but when installing a program like that you have NO idea what else is installed during the programs installation. Anyways, about your issue. I hate to say it, but the best thing for you to do is indeed a full re-install of the OS. There is no telling what you installed on your system when you installed "McAfee", you could have rootkits, keyloggers, etc, etc. Should you need help finding the correct drivers to use you are more then welcome to post here and we will assist you as much as we can!
post #19 of 25
Quote:
Originally Posted by Nikv View Post
Ok i've booted in Safe Mode with System Restore turned off..

I did Hijack this, and this is the log

Logfile of HijackThis v1.99.1
Scan saved at 6:28:33 PM, on 12/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\Explorer.EXE
C:\\Documents and Settings\\Nicholas\\Desktop\\HijackThis.exe

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Local Page =
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\\Program Files\\Spybot - Search & Destroy\\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.5.0_09\\bin\\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\\..\\Run: [nod32kui] "C:\\Program Files\\Eset\
od32kui.exe" /WAITSERVICE
O4 - HKLM\\..\\Run: [BigPond Toolbar] "C:\\Program Files\\Telstra\\Toolbar\\bpumTray.exe"
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] "C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe"
O4 - HKLM\\..\\Run: [Smapp] C:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe
O4 - HKLM\\..\\Run: [MSConfig] C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig .exe /auto
O4 - HKCU\\..\\RunOnce: [NeroHomeFirstStart] "C:\\Program Files\\Common Files\\Ahead\\Lib\\NMFirstStart.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.5.0_09\\bin\
pjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.5.0_09\\bin\
pjpi150_09.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O16 - DPF: {29710C4C-4F0F-4A36-8312-CB5614829804} (DriverDetectiveNonMembers.nonmembers) - http://www.drivershq.com/files/cab/n...tective-nm.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\MSNMES~1\\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\\PROGRA~1\\MSNMES~1\\MSGRAP~1.DLL
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\\PROGRA~1\\McAfee\\VIRUSS~1\\mcshield.exe (file missing)
O23 - Service: NBService - Nero AG - C:\\Program Files\\Nero\\Nero 7\\Nero BackItUp\\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\\Program Files\\Eset\
od32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\
vsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\\Program Files\\Analog Devices\\SoundMAX\\SMAgent.exe


It says stuff about McAfee, but i don't even have it installed. I think that's the one that stuffed up my computer in the first place, because i tried to install an illigal version. Stupid, i know..

I then did Spybot scan, and these are the viruses that came up

Statcounter

VX2.Favouriteman


It says they are firefox tracking cookies..

I got rid of them.. hmm

Edit - I also deleated them files you told me to deleat

If most of it is embedded in firefox which is probably a nasty little browser highjacker,

Do this :
in safe mode go in remove all of your mozilla files,then clean all temp files,cache and prefetch...run something like ccleaner to remove any stragglers and then reboot...see if that helps
My System
(3 items)
 
  
CPUOS
I7 Q720 Windows 7 Ultimate 
  hide details  
Reply
My System
(3 items)
 
  
CPUOS
I7 Q720 Windows 7 Ultimate 
  hide details  
Reply
post #20 of 25
Thread Starter 
Hmm, i may just reformat
Yeaaahhh!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel P4 3.0ghz MS-7060 ATI 9600 Series DDR400 768MB 
Hard DriveOSMonitorKeyboard
80gb, can't get secondary working :( XP Professional Flatscreen Tedelex Normal Microsoft. Original ftw 
PowerCaseMouseMouse Pad
500W. Has a blue light :) Some old grey thing. Normal Microsoft Green. 
  hide details  
Reply
Yeaaahhh!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel P4 3.0ghz MS-7060 ATI 9600 Series DDR400 768MB 
Hard DriveOSMonitorKeyboard
80gb, can't get secondary working :( XP Professional Flatscreen Tedelex Normal Microsoft. Original ftw 
PowerCaseMouseMouse Pad
500W. Has a blue light :) Some old grey thing. Normal Microsoft Green. 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Intel - General
Overclock.net › Forums › Intel › Intel - General › Something bad has happened.