Jump to content


Photo
- - - - -

Issues


  • This topic is locked This topic is locked
92 replies to this topic

#81 Everlasting Death

Everlasting Death

    Forum Addict

  • Elite Anti-Scammers
  • PipPipPipPipPipPip
  • 1,032 posts

Posted 16 December 2008 - 01:03 PM

yes it was quicker starting up
The cake is a lie....
Bummer Dude

#82 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 16 December 2008 - 01:27 PM

Do you know the exact model of the card reader
Does it need any special drivers?

If not, we'll try another step
Even if it does

Look in Device manager
Under Universal Serial bus controllers
See anything related to your Card reader?
Also look under SCSI and Raid controllers, not sure if you'll find anything there, but take a look

Edited by guestolo, 16 December 2008 - 01:43 PM.

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#83 Everlasting Death

Everlasting Death

    Forum Addict

  • Elite Anti-Scammers
  • PipPipPipPipPipPip
  • 1,032 posts

Posted 16 December 2008 - 01:44 PM

It is an Akasa Allinone, it has a CD, but it doesn't have any special drivers

there is nothing there

Edited by Everlasting Death, 16 December 2008 - 01:45 PM.

The cake is a lie....
Bummer Dude

#84 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 16 December 2008 - 01:45 PM

Did you see my edit

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#85 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 16 December 2008 - 01:51 PM

I think you did see my edit
Try this, shut down, reconnect the Internal card reader to motherboard

Start back up
In device manager, Expand Universal Serial bus controllers

Starting at the top of the list under USB controllers
Right click and uninstall whatever you can
Don't reboot if prompted, just remove what you can from that list

Then shut down the computer
Disconnect again the Internal card reader to motherboard

Start the computer back up
XP should automatically reinstall USB controllers

Reboot a few times ensuring that the startup is ok

After that, shut down, reconnect Internal Card reader
Startup, XP should find and install the device

Restart after it has installed and see if you are back to slow startups again
Check device manager for any errors

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#86 Everlasting Death

Everlasting Death

    Forum Addict

  • Elite Anti-Scammers
  • PipPipPipPipPipPip
  • 1,032 posts

Posted 16 December 2008 - 01:51 PM

yes, and there is nothing there for the card reader, do u still want it disconnected? because it is
The cake is a lie....
Bummer Dude

#87 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 16 December 2008 - 01:52 PM

We're posting at the same time, check my last reply

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#88 Everlasting Death

Everlasting Death

    Forum Addict

  • Elite Anti-Scammers
  • PipPipPipPipPipPip
  • 1,032 posts

Posted 16 December 2008 - 02:03 PM

after reconnecting the icr it booted like normal and it actually worked :) So, it would appear there are no more issues

tysm for your help :D

Edited by Everlasting Death, 16 December 2008 - 02:03 PM.

The cake is a lie....
Bummer Dude

#89 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 16 December 2008 - 02:06 PM

Well, maybe it just needed a kick in the *ss,
Try rebooting a couple more times and check out the ICR and ensure it reads your SD's

We have some cleaning up to do on some tools we used
Don't delete anything yet, we'll do it in proper sequence

P.S. I'm off to the Gym, so I won't be back for a couple hours
Can you post one last final Hijackthis log please
Just to ensure it's clean

Edited by guestolo, 16 December 2008 - 02:22 PM.

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#90 Everlasting Death

Everlasting Death

    Forum Addict

  • Elite Anti-Scammers
  • PipPipPipPipPipPip
  • 1,032 posts

Posted 16 December 2008 - 02:27 PM

alrighty rebooted 3 times and it all appears to be good

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:26:46 PM, on 12/16/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\Ideazon\Reaper Edge\Tray.exe
C:\Program Files\Ideazon\Reaper Edge\hid.exe
C:\WINDOWS\system32\umonit.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\James\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\3M\PDNotes\PDNotes.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\James\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\James\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.jaswin.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Gaming Mouse] "C:\Program Files\Ideazon\Reaper Edge\Tray.exe"
O4 - HKLM\..\Run: [Gaming Mouse Hid] "C:\Program Files\Ideazon\Reaper Edge\hid.exe"
O4 - HKLM\..\Run: [UMonit] C:\WINDOWS\system32\umonit.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\James\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Need for Speed™ Undercover Registration.lnk = C:\Program Files\EA Games\Need for Speed Undercover\Support\EAregister.exe
O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Post-it® Digital Notes.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.1and1.com/b2home/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {37A273C2-5129-11D5-BF37-00A0CCE8754B} (TTestGenXInstallObject) - http://asp.mathxl.co...GenXInstall.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1191251896343
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.c.../acclaim_v8.cab
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.co...nstallAsst2.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://cdn1.acclaimd...lidstateion.cab
O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.co.../MathPlayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3044CC7-01E0-49D5-A32B-723DE444F25D}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MySql - Unknown owner - c:/xampp/mysql/bin/mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 11000 bytes


The cake is a lie....
Bummer Dude

#91 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 17 December 2008 - 12:53 PM

Sorry about the delay
Can you do the following

Delete RSIT.exe and it's folder C:\rsit
Delete Flash_Disinfector.exe on desktop, unless you haven't ran it on on your flash cards, thumb drives,etc...

Go to START>>RUN>>copy and paste the following to the Open field

ComboFix /u
Then hit OK, this will uninstall ComboFix and it's components

Download > OTMoveIt3 < by OldTimer.
  • Save it to your desktop.
  • Double-click OTMoveIt3.exe to run it.
  • Click the Cleanup! button
    A list will be downloaded>>Allow it Internet access if prompted by your Firewall
    Don't change anything in this list
  • Select Yes at the prompt
    Wait for the confirmation box to open to reboot the computer
    Don't mouseclick during the wait as you may cause the tool to stall
  • Select Yes to reboot Now
NOTE: This procedure will also delete OTMoveit.exe from desktop

Uninstalling ComboFix would of also reset System Restore
Can you manually create a new restore point please
Go to START>>All Programs>>Accessories>>System Tools>>System Restore
Create a Restore Point

When that's done
Close down your browser windows
Access your Add and Remove Programs and remove older updates of Java
This includes
Java™ 6 Update 4
Java™ 6 Update 7


I suggest that you add SpywareBlaster to your protection software
SpywareBlaster by JavaCool
At the link you can read more about it then continue with
Free Download on the right>>Continue Download at next page
Basically it *Will block bad ActiveX Controls
*Block Malevolent cookies in Internet Explorer and Firefox
*Restrict actions of potentially dangerous sites in Internet Explorer
Select Manual updating when installing
After installation, Check for updates
After updating, select "Protection Status" on the Left
Then select "Enable all Protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"
or again, click on Protection Startus>>enable all protection

I see you have CCleaner installed
Can you run the Cleaner
Just to be on the safe side, I would take the time and change all online passwords
Eg.. Online banking, email, gaming, etc....

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#92 Everlasting Death

Everlasting Death

    Forum Addict

  • Elite Anti-Scammers
  • PipPipPipPipPipPip
  • 1,032 posts

Posted 17 December 2008 - 01:27 PM

all done :) thank you so much for all your help :D
The cake is a lie....
Bummer Dude

#93 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 17 December 2008 - 01:29 PM

Your welcome
I'll lock this topic as your problems appear resolved
Take care, Happy holidays :)

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here