| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 109888 | 2010-05-26 19:19:00 | Windows update : Error code 80072EFE | Question (15792) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 888433 | 2010-05-29 05:55:00 | While it it possible the Documents and settings has mirrored, it also may not have. You have to be careful with disk examining software, sometimes they will show up items you are not meant to see normally. Is the size of the D &S folder the same as the one on the C drive ? As I mentioned earlier on "Sometimes if a system gets damaged its easier and better in the long run to start again. " Since then I have done 2 other Vista re-installs along with all data as the systems were to badly damaged and all sorts of strange things happening, to return to the owners as fixed. |
wainuitech (129) | ||
| 888434 | 2010-05-29 07:36:00 | If it did have alureon it may have infected atapi.sys. It may also infect raid drivers | Speedy Gonzales (78) | ||
| 888435 | 2010-05-29 17:30:00 | The size of the D&S folder is the same, yes. Its about 30 gigs or so, my E drive is 37 gigs in total size, but if i select all the folders on E and right click->properties, the total file size is already 30 gigs or so, so there cant be room for a mirroed D&S folder, its just weird that kaspersky is scanning E:\D&S as well. I noticed these in event viewer : The Desktop Window Manager has exited with code (0xc00002fe), The Desktop Window Manager was unable to start because the desktop composition setting is disabled. The problem is its set to "let windows choose whats best for your computer" and even if i switch to custom mode with everything ticked, it doesnt work. Desktop window manager is set to "started/automatic" though. I dont want to restart because i have to backup god knows how many files and restoring everything is going to be a major pain... |
Question (15792) | ||
| 888436 | 2010-05-29 18:12:00 | I dont see the edit button anymore. Thats odd. If i uninstall SP2 and do a uprade installation will it only reinstall windows files but keep everything else? E.G. My D&S folder, settings, etc. |
Question (15792) | ||
| 888437 | 2010-05-29 21:27:00 | Boot into safe mode / networking. Post a hijackthis log | Speedy Gonzales (78) | ||
| 888438 | 2010-05-29 23:37:00 | If i uninstall SP2 and do a uprade installation will it only reinstall windows files but keep everything else? Wouldn't bet on it -- Meaning while its "meant to" doesn't mean it will. Sometimes it wipes out everything -- really ruins the day if all the data is lost. Best to be safe than sorry and backup everything you cant afford to lose. |
wainuitech (129) | ||
| 888439 | 2010-05-30 05:45:00 | Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:37:39 PM, on 30/5/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Program Files\Free Download Manager\fdm.exe C:\Downloads\Software\HijackThis.exe R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll O2 - BHO: (no name) - {B70A1A54-6DFB-4AD8-9A62-2C00A3CC5BB4} - C:\PROGRA~1\FreeVPN\fads.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Auzentech\Auzen X-Fi Prelude 7.1\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [uTorrent] "C:\Downloads\uTorrent.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O15 - ESC Trusted Zone: http://*.update.microsoft.com O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - oas.support.microsoft.com O16 - DPF: {7CF3E7C4-6112-4D72-A0CD-D0AD7EEB5467} (VpnWebControl Class) - www.packetix.net O17 - HKLM\System\CCS\Services\Tcpip\..\{790105CD-7AF1-4024-ACCF-A6993D79DC42}: NameServer = ?????sU????×??????????????N?sT????????????”¨?ad??? ??sa?eaO)??uk?U?ar????D?o?????se?????eaa??’×????Ee ?????si?a??Uuk???“”????????????so????”t?E??uu‘??e? ad???“O?s????‘?e?????E????w??????s?????eaa‰f?????“ ”????????uo?“e???duI????System.StructuredQuery.Vir tual.Bcc,202.65.245.19 O18 - Filter: video/x-flv - {08C72DD4-19AD-49f1-83DA-8542B4D302C5} - (no file) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\PerfectDisk\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\PerfectDisk\PD91Engine.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SMServer - SMServer - C:\Windows\system32\snmvtsvc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 7588 bytes Is there an easy way to backup all the critical stuff on my C drive so that i can restore it easily without copying/pasting over and over? |
Question (15792) | ||
| 888440 | 2010-05-30 06:22:00 | Dont put it in a window its harder to read You can tick these then tick fix checked. Close browsers Is this still installed? if it isnt tick this O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [uTorrent] "C:\Downloads\uTorrent.exe" O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart Have no idea why this is there or what it is. But it looks suss to me O17 - HKLM\System\CCS\Services\Tcpip\..\{790105CD-7AF1-4024-ACCF-A6993D79DC42}: NameServer = ?????sU????×??????????????N?sT????????????”¨?ad??? ??sa?eaO)??uk?U?ar????D?o?????se?????eaa??’×????Ee ?????si?a??Uuk???“”????????????so????”t?E??uu‘??e? ad???“O?s????‘?e?????E????w??????s?????eaa‰f?????“ ”????????uo?“e???duI????System.StructuredQuery.Vir tual.Bcc,202.65.245.19 O18 - Filter: video/x-flv - {08C72DD4-19AD-49f1-83DA-8542B4D302C5} - (no file) Then reboot, then get trojan remover below. If this is Vista 32 bit. Update it then scan. Then select all options under the utils menu |
Speedy Gonzales (78) | ||
| 888441 | 2010-05-30 11:32:00 | I fixed 017 and 018, as well as 02. Rest are still installed. I scanned with trojan remover but didnt find anything except a couple of "file not found" entries. |
Question (15792) | ||
| 888442 | 2010-05-30 11:40:00 | They'll still be installed if you remove them from startup, they just wont run on startup. Did you select all options under utils as well? | Speedy Gonzales (78) | ||
| 1 2 3 | |||||