More Computer Security & Viruses Answers
Question Library
Ask a question about Computer Security & Viruses
Volunteer
Experts of the Month
Expert Login
Awards
About Us
Tell friends
Link to Us
Disclaimer
|
| |
|
|
| |
| | | |
About Brian Benosky
Expertise
I will help you in eradicating malware and all forms of virus/trojans/adware. I can answer all PC-related hardware issues. I can also troubleshoot Windows OS errors (including Vista) and other software problems. HijackThis logs are a MUST for virus related help. If you do not know how to do this, I have posted easy-to-follow instructions on the Ask a Question page. Every computer infection is different, so I will give you personal instructions on how to remove the malware, not a 'pat' answer. You can be assured of a prompt, polite, and knowledgeable response in all regards.
Experience
I have over 25 years experience in using, building, and repairing computers. I have helped over a thousand people here on AllExperts, with consistent Top Feedback Scores. Please look at my answers here:
http://en.allexperts.com/q/Computer-Security-Viruses-1737/indexExp_84308.htm
I am also a Top Contributer of General Computing answers in Yahoo! Questions.
Education/Credentials
College Educated
Self-taught Computer Skills
| | |
| |
You are here: Experts > Computing/Technology > Internet/Network Security > Computer Security & Viruses > Computer hangs when i connect to internet
Expert: Brian Benosky - 10/30/2009
Question
QUESTION: My Computer hangs 5 minutes after connecting to the internet.
A message appears showing "Generic host process for windows has closed. we are sorry for incovenience".
Here is my Hijackthis and combofix log file ;
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:16:08 PM, on 6/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxsrvc.exe
E:\Program Files\eXPert PDF 5\vspdfprsrv.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Program Files\TypingMaster\KBOOST.EXE
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - E:\Program Files\IEPro\iepro.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - F:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [Vistadrv] E:\PROGRAMS\SYSTEM UTILITY\Vista Drive Status\vsdrv.exe
O4 - HKLM\..\Run: [vspdfprsrv.exe] E:\Program Files\eXPert PDF 5\vspdfprsrv.exe --background
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TypingSatellite] "E:\Program Files\TypingMaster\KBOOST.EXE"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\iepro.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8D8972A9-FFFA-11D4-9CC7-00902761BD36} (JSControl Class) - http://mailjol.com/dev/cab/jscntrl.cab
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
--
End of file - 7291 bytes
combofix log file
ComboFix 09-06-04.09 - happy 06/06/2009 22:13.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2038.1562 [GMT 5.5:30]
Running from: e:\programs\SECURITY\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: Avira Firewall *enabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\clofghls.dll
c:\windows\system32\dbfb.dll
c:\windows\system32\mdm.exe
c:\windows\system32\netjr32.dll
c:\windows\winhelp.ini
.
((((((((((((((((((((((((( Files Created from 2009-05-06 to 2009-06-06 )))))))))))))))))))))))))))))))
.
2009-10-28 14:34 . 2009-05-08 08:43 97608 ----a-w- c:\windows\system32\drivers\avfwot.sys
2009-10-28 14:34 . 2009-03-30 05:03 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-10-28 14:34 . 2009-02-24 07:36 69632 ----a-w- c:\windows\system32\drivers\avfwim.sys
2009-10-28 14:34 . 2009-02-13 06:59 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-10-28 14:34 . 2009-02-13 06:47 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-10-28 14:34 . 2009-10-28 14:34 -------- d-----w- c:\program files\Avira
2009-10-28 14:15 . 2009-10-28 14:15 198064 ----a-w- c:\documents and settings\happy\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-10-28 14:14 . 2009-10-28 14:19 -------- d-----w- c:\documents and settings\happy\Application Data\IDM
2009-10-28 14:14 . 2009-10-28 14:14 -------- d-----w- c:\program files\Internet Download Manager
2009-10-21 12:13 . 2009-10-21 12:19 1024 ----a-w- c:\windows\system32\dwg2pdf_win.dat
2009-10-21 08:31 . 2009-10-21 08:31 0 ----a-w- c:\windows\nsreg.dat
2009-10-21 08:31 . 2009-10-21 08:31 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\Mozilla
2009-10-20 12:55 . 2009-10-23 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\eXPert PDF 5
2009-10-20 12:54 . 2009-10-23 13:55 -------- d-----w- c:\documents and settings\happy\Application Data\eXPert PDF 5
2009-10-20 12:53 . 2009-10-20 12:55 -------- d-----w- c:\documents and settings\happy\Application Data\eXPert PDF Editor
2009-10-20 12:53 . 2005-06-02 07:10 14336 ----a-w- c:\windows\system32\vsmon1.dll
2009-10-20 12:53 . 2009-10-20 12:53 -------- d-----w- c:\windows\My Documents
2009-10-20 12:53 . 2009-10-20 12:53 -------- d-----w- c:\documents and settings\All Users\Application Data\eXPert PDF Jobs
2009-10-20 12:53 . 2009-10-20 12:53 -------- d-----w- c:\documents and settings\All Users\Application Data\eXPert PDF
2009-10-19 07:48 . 2009-10-19 07:49 -------- d-----w- c:\program files\Contact DataBase
2009-10-08 06:05 . 2009-10-08 06:04 38841 ----a-w- C:\sm.dat
2009-10-08 06:03 . 2009-10-08 06:03 -------- d-----w- c:\documents and settings\happy\Application Data\GlobalSCAPE
2009-10-08 06:02 . 2009-10-08 06:02 -------- d-----w- c:\program files\AutoPlay Menu Studio 3.0
2009-10-03 05:18 . 2009-10-03 05:19 -------- d-----w- c:\documents and settings\happy\Application Data\RhinoSoft.com
2009-09-17 05:47 . 2009-09-17 05:47 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\Mindjet
2009-09-17 05:34 . 2007-12-24 04:45 585728 ------w- c:\windows\system32\AReadyLB.dll
2009-09-17 05:34 . 2007-12-24 04:45 229376 ------w- c:\windows\system32\AudDevicePlugin.dll
2009-09-17 05:22 . 2009-09-17 05:22 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\Flock
2009-09-17 05:20 . 2009-09-17 05:20 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink
2009-09-17 03:35 . 2009-09-17 03:35 -------- d--h--w- c:\windows\system32\CyberInstallerUninstallerSystem
2009-09-16 12:26 . 2009-09-09 10:43 210352 ----a-w- c:\windows\system32\idmmbc.dll
2009-09-09 04:18 . 2009-09-09 04:19 -------- d-----w- c:\windows\system32\NtmsData
2009-08-18 13:45 . 2009-10-28 11:42 25 ----a-w- c:\windows\popcinfot.dat
2009-08-18 02:23 . 2009-08-18 02:42 -------- d-----w- c:\program files\sound
2009-08-18 02:22 . 2009-08-18 02:52 -------- d-----w- c:\program files\data
2009-08-12 13:31 . 2009-08-12 13:31 8 ----a-w- c:\windows\system32\F73859.bin
2009-08-12 13:30 . 2009-08-12 13:30 8 ----a-w- c:\windows\system32\e9243f.bin
2009-08-11 04:29 . 2009-08-11 04:29 -------- d-----w- c:\documents and settings\All Users\Application Data\PopCap Games
2009-08-10 09:21 . 2009-08-10 09:21 192512 ----a-w- c:\windows\system32\srkey.exe
2009-08-04 07:25 . 2005-10-09 18:30 2169344 ----a-w- c:\windows\system32\pdfutil.dll
2009-07-30 01:14 . 2009-07-30 01:14 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\cald3
2009-07-30 01:14 . 2009-07-30 01:14 -------- d-----w- c:\documents and settings\happy\Application Data\cald3
2009-07-20 16:13 . 2009-07-20 16:13 1078 ----a-r- c:\documents and settings\happy\Application Data\Microsoft\Installer\{E1A7D87D-B193-44EC-A3C8-D080B442D4E1}\_c6a6a59.exe
2009-07-20 15:31 . 2009-07-20 15:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Deskshare
2009-07-20 15:31 . 2009-07-20 15:31 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\Xenocode
2009-07-18 09:10 . 2009-09-17 05:51 -------- d-----w- c:\windows\system32\MAGIX
2009-07-18 09:10 . 2007-07-11 06:23 697560 ----a-w- c:\windows\system32\mgxoschk.dll
2009-07-18 09:08 . 2009-07-18 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\newsreader_images
2009-07-12 14:33 . 2009-07-12 14:33 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\Electronic Arts
2009-07-12 02:21 . 2009-07-12 02:21 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-07-05 10:16 . 2009-07-05 10:16 -------- d-sh--w- c:\documents and settings\happy\IECompatCache
2009-07-03 10:35 . 2009-07-03 10:35 -------- d-sh--w- c:\documents and settings\happy\PrivacIE
2009-07-03 10:29 . 2009-07-03 10:31 -------- dc-h--w- c:\windows\ie8
2009-07-03 10:25 . 2009-07-03 10:25 -------- d-sh--w- c:\documents and settings\happy\IETldCache
2009-07-03 07:36 . 2009-07-03 07:36 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\WMTools Downloaded Files
2009-07-02 08:06 . 2009-07-02 08:06 18 ----a-w- c:\windows\system32\LRPTLRI.DAT
2009-06-29 01:59 . 1994-03-10 18:30 38400 ----a-w- c:\windows\system\DDEML.DLL
2009-06-29 01:59 . 1994-03-10 18:30 14128 ----a-w- c:\windows\system\TOOLHELP.DLL
2009-06-29 01:27 . 2009-06-29 01:27 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\Xara
2009-06-29 01:25 . 2009-06-29 01:26 -------- d-----w- c:\program files\Common Files\Xara
2009-06-29 01:25 . 2009-06-29 01:25 -------- d-----w- c:\program files\Xara
2009-06-28 16:41 . 2009-09-09 11:58 475513 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aescript.dll
2009-06-28 16:41 . 2009-09-03 10:54 237940 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aehelp.dll
2009-06-28 16:41 . 2009-09-03 10:54 127346 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aescn.dll
2009-06-28 16:41 . 2009-08-18 09:32 1921400 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeheur.dll
2009-06-28 16:41 . 2009-07-14 12:38 430452 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aerdl.dll
2009-06-28 16:41 . 2009-06-17 10:02 196987 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeoffice.dll
2009-06-28 16:41 . 2009-05-27 12:40 401783 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aepack.dll
2009-06-28 16:41 . 2009-04-30 10:03 106868 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aevdf.dll
2009-06-28 16:41 . 2009-09-09 11:58 364916 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aegen.dll
2009-06-28 16:41 . 2009-09-03 10:54 184692 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aecore.dll
2009-06-28 16:41 . 2008-10-15 06:19 393588 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeemu.dll
2009-06-28 16:41 . 2008-10-15 06:19 53618 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\FAILSAVE\aebb.dll
2009-06-22 08:23 . 2009-06-22 08:23 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\Microsoft Help
2009-06-22 08:22 . 2009-06-22 08:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-19 10:02 . 2009-06-19 10:02 -------- d-----w- c:\documents and settings\happy\Application Data\Axialis
2009-06-19 10:02 . 2009-10-28 07:30 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\Axialis
2009-06-18 09:53 . 2002-08-06 07:09 45056 ----a-w- c:\windows\JSStub.exe
2009-06-18 09:53 . 2002-08-06 07:08 24576 ----a-w- c:\windows\MJInstaller.exe
2009-06-18 09:53 . 2002-08-06 07:10 307200 ----a-w- c:\windows\JSInstaller.exe
2009-06-18 09:31 . 2009-06-18 09:31 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-18 09:31 . 2009-06-18 09:31 152576 ----a-w- c:\documents and settings\happy\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-15 03:39 . 2009-10-05 07:10 -------- d-----w- c:\documents and settings\happy\Application Data\eBookPro6
2009-06-14 10:16 . 2009-06-14 10:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2009-06-14 09:59 . 2009-06-14 09:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-06-14 09:44 . 2009-06-14 09:45 -------- d-----w- c:\documents and settings\happy\Application Data\EBookSys
2009-06-14 09:13 . 2009-10-19 12:02 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-14 07:03 . 2009-06-14 07:03 -------- d-----w- c:\documents and settings\All Users\Application Data\HipSoft
2009-06-10 10:08 . 2009-10-28 14:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-06-07 03:08 . 2009-03-24 10:38 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-05 08:28 . 2009-06-07 03:46 -------- d-----w- c:\documents and settings\happy\Application Data\FileZilla
2009-06-02 04:41 . 2009-06-02 04:41 -------- d-----w- c:\documents and settings\happy\Application Data\.purple
2009-05-31 14:38 . 2009-05-31 14:38 -------- d-----w- c:\windows\Supermarket Mania
2009-05-31 02:39 . 2009-05-31 02:39 -------- d-----w- c:\windows\Cache
2009-05-30 12:35 . 2009-05-30 12:35 356352 ----a-w- c:\windows\eSellerateEngine.dll
2009-05-30 12:35 . 2009-07-20 16:05 -------- d-----w- c:\program files\Common Files\DeskShare Shared
2009-05-30 12:33 . 2006-04-03 12:46 339968 ----a-w- c:\windows\system32\MP3Enc.dll
2009-05-30 09:34 . 2004-08-03 19:26 25600 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-05-30 09:32 . 2009-08-18 02:20 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-30 09:32 . 2009-05-30 09:32 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-05-30 09:32 . 2009-05-30 09:32 -------- d-----w- c:\windows\system32\LogFiles
2009-05-30 07:57 . 2009-05-30 07:57 -------- d-----w- c:\program files\Common Files\Oberon Media
2009-05-22 04:58 . 2009-05-22 04:58 -------- d-----w- c:\documents and settings\happy\Application Data\Gaijin Ent
2009-05-19 06:00 . 2009-07-01 01:29 -------- d-----w- c:\windows\A4W_DATA
2009-05-19 05:59 . 2009-05-19 05:59 -------- d-----w- c:\windows\APW_DATA
2009-05-19 05:45 . 1999-05-28 04:45 86016 ----a-w- c:\windows\unvise32qt.exe
2009-05-18 09:46 . 1995-08-09 00:00 536048 ----a-w- c:\windows\system32\Oc25.dll
2009-05-18 09:46 . 2009-05-18 09:46 -------- d-----w- c:\program files\Common Files\Asymetrix
2009-05-16 07:22 . 2009-05-16 07:22 169984 ----a-w- c:\windows\system32\P2D.DLL
2009-05-16 07:22 . 2009-05-16 07:22 161552 ----a-w- c:\windows\system32\ASYCPICT.DLL
2009-05-16 07:19 . 2009-10-19 12:02 249856 ------w- c:\windows\Setup1.exe
2009-05-16 06:42 . 2009-05-16 06:42 68840 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-16 06:42 . 2009-05-16 06:42 -------- d-----w- c:\documents and settings\Administrator\Application Data\HP
2009-05-13 05:35 . 1999-08-05 11:30 1802240 ----a-w- c:\windows\system32\Jetpack6.dll
2009-05-13 04:52 . 1997-01-15 18:30 71680 ----a-w- c:\windows\ST5UNST.EXE
2009-05-12 15:48 . 2009-05-22 11:29 -------- d-----w- c:\documents and settings\happy\Application Data\MiniDm
2009-05-12 15:18 . 2009-05-12 15:18 -------- d-----w- c:\documents and settings\happy\Application Data\MxBoost
2009-05-12 15:11 . 2009-06-05 01:29 -------- d-----w- c:\documents and settings\happy\Application Data\IEPro
2009-05-12 11:43 . 2009-05-12 11:43 -------- d-----w- c:\documents and settings\happy\Local Settings\Application Data\Identities
2009-05-08 02:46 . 2009-05-08 02:46 -------- d-----w- c:\windows\Sun
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-28 16:38 . 2009-04-30 09:16 -------- d-----w- c:\documents and settings\happy\Application Data\DMCache
2009-10-27 12:27 . 2009-04-24 01:50 -------- d-----w- c:\documents and settings\happy\Application Data\vlc
2009-10-20 12:51 . 2009-04-22 12:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-20 05:28 . 2009-04-23 13:02 105416 ----a-w- c:\documents and settings\happy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-19 12:02 . 2009-04-24 08:27 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-10-09 07:24 . 2009-05-03 05:56 142698 ----a-w- c:\windows\Help\hhcolreg.dat
2009-10-09 07:22 . 2009-04-23 08:36 -------- d-----w- c:\program files\Web Publish
2009-10-08 06:51 . 2009-10-08 06:51 103 ----a-w- c:\windows\~ACROBAT.TMP
2009-09-26 09:08 . 2009-04-24 01:51 -------- d-----w- c:\documents and settings\happy\Application Data\dvdcss
2009-08-11 04:51 . 2009-04-22 05:51 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-04 07:26 . 2009-08-04 07:25 1024 ----a-w- c:\documents and settings\All Users\Application Data\sowdp88.dat
2009-08-01 15:04 . 2009-08-01 15:04 5120 --sha-w- c:\program files\Thumbs.db
2009-06-24 06:24 . 2009-05-01 02:27 -------- d-----w- c:\documents and settings\happy\Application Data\Downloaded Installations
2009-06-21 07:30 . 2009-04-24 01:24 -------- d-----w- c:\documents and settings\happy\Application Data\HP
2009-06-18 09:31 . 2009-04-24 06:38 -------- d-----w- c:\program files\Java
2009-05-30 12:33 . 2009-05-30 12:26 66 ----a-w- c:\documents and settings\happy\Application Data\isfree4_1.tmp
2009-05-30 12:17 . 2009-05-30 12:15 2818 ----a-w- c:\documents and settings\happy\Application Data\isfree4_0.tmp
2009-05-05 16:17 . 2009-05-05 16:17 168168 ----a-w- c:\documents and settings\happy\Application Data\INSTALL.EXE
2009-05-05 16:17 . 2009-05-05 16:17 168168 ----a-w- c:\documents and settings\happy\Application Data\INSTALL.EXE
2009-05-05 03:28 . 2009-05-05 03:28 -------- d-----w- c:\documents and settings\happy\Application Data\Vso
2009-05-05 03:28 . 2009-05-05 03:28 81920 ----a-w- c:\documents and settings\happy\Application Data\ezpinst.exe
2009-05-05 03:28 . 2009-05-05 03:28 81920 ----a-w- c:\documents and settings\happy\Application Data\ezpinst.exe
2009-05-05 03:28 . 2009-05-05 03:28 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-05-05 03:28 . 2009-05-05 03:28 47360 ----a-w- c:\documents and settings\happy\Application Data\pcouffin.sys
2009-05-05 03:28 . 2009-05-05 03:28 47360 ----a-w- c:\documents and settings\happy\Application Data\pcouffin.sys
2009-05-03 14:31 . 2009-05-03 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\RoboForm
2009-05-03 14:29 . 2009-05-03 14:29 -------- d-----w- c:\program files\Siber Systems
2009-05-01 01:52 . 2009-05-01 01:52 -------- d-----w- c:\documents and settings\happy\Application Data\JAM Software
2009-04-30 09:34 . 2009-04-30 09:34 32 ----a-w- c:\windows\system32\ieui.dat
2009-04-30 09:33 . 2009-04-30 09:33 3638 ----a-r- c:\documents and settings\happy\Application Data\Microsoft\Installer\{6AB0F510-9D89-4CD9-8799-208EE59B38D6}\_74b71861.exe
2009-04-30 07:59 . 2009-04-30 07:59 128000 ----a-w- c:\windows\system32\Dsslji.dat
2009-04-26 04:03 . 2009-04-26 04:00 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-04-24 08:09 . 2009-04-23 07:18 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-04-24 06:38 . 2009-04-24 06:38 -------- d-----w- c:\program files\Common Files\Java
2009-04-24 01:25 . 2009-04-24 01:19 116946 ----a-w- c:\windows\HPHins10.dat
2009-04-24 01:24 . 2009-04-24 01:24 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-04-24 01:22 . 2009-04-24 01:22 -------- d-----w- c:\program files\Common Files\HP
2009-04-24 01:22 . 2009-04-24 01:15 -------- d-----w- c:\program files\HP
2009-04-24 01:16 . 2009-04-24 01:16 -------- d-----w- c:\program files\Hewlett-Packard
2009-04-23 09:06 . 2009-04-23 09:06 4096 ----a-w- c:\windows\d3dx.dat
2009-04-23 09:03 . 2009-04-23 09:03 -------- d-----w- c:\program files\Common Files\Adobe
2009-04-23 08:46 . 2009-04-23 08:46 -------- d-----w- c:\program files\NotesSQL
2009-04-23 08:31 . 2009-04-23 08:31 2678 ----a-w- c:\windows\java\Packages\Data\PZDBHVZX.DAT
2009-04-23 08:31 . 2009-04-23 08:31 2678 ----a-w- c:\windows\java\Packages\Data\JV3TZ317.DAT
2009-04-23 08:31 . 2009-04-23 08:31 2678 ----a-w- c:\windows\java\Packages\Data\GL3NJH7H.DAT
2009-04-23 08:31 . 2009-04-23 08:31 2678 ----a-w- c:\windows\java\Packages\Data\DN17LNLR.DAT
2009-04-23 08:31 . 2009-04-23 08:31 2678 ----a-w- c:\windows\java\Packages\Data\BBLV7FFF.DAT
2009-04-23 08:28 . 2009-04-22 08:12 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-23 07:57 . 2009-04-23 07:57 16 ----a-w- c:\windows\popcinfo.dat
2009-04-23 07:47 . 2009-04-23 07:47 -------- d-----w- c:\program files\ReflexiveArcade
2009-04-23 07:05 . 2009-04-23 07:05 -------- d-----w- c:\documents and settings\happy\Application Data\Nero
2009-04-22 13:16 . 2009-04-22 13:11 -------- d-----w- c:\program files\Common Files\Nero
2009-04-22 13:11 . 2009-04-22 13:11 -------- d-----w- c:\program files\Nero
2009-04-22 13:11 . 2009-04-22 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-04-22 13:06 . 2009-04-22 13:06 -------- d-----w- c:\program files\Shabdkosh 1.0
2009-04-22 13:03 . 2009-04-22 13:03 -------- d-----w- c:\program files\Common Files\L&H
2009-04-22 13:03 . 2009-04-22 13:03 -------- d-----w- c:\program files\Microsoft.NET
2009-04-22 13:02 . 2009-04-22 13:02 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-04-22 13:02 . 2009-04-22 13:02 -------- d-----w- c:\program files\Microsoft Works
2009-04-22 12:56 . 2009-04-22 12:56 -------- d-----w- c:\program files\VIA
2009-04-22 08:13 . 2009-04-22 08:13 -------- d-----w- c:\program files\microsoft frontpage
2009-04-22 08:10 . 2009-04-22 08:10 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-04-22 05:52 . 2009-04-22 05:52 -------- d-----w- c:\program files\Intel
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"TypingSatellite"="e:\program files\TypingMaster\KBOOST.EXE" [2007-08-14 1243152]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-09-16 3118512]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2009-10-28 160592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-04-17 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-04-17 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-04-17 141848]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-05-14 29831168]
"Vistadrv"="e:\programs\SYSTEM UTILITY\Vista Drive Status\vsdrv.exe" [2006-07-29 121089]
"vspdfprsrv.exe"="e:\program files\eXPert PDF 5\vspdfprsrv.exe" [2007-07-02 1179648]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^stle.exe]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\stle.exe
backup=c:\windows\pss\stle.exeCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3 (0x3)
"Nero BackItUp Scheduler 3"=2 (0x2)
"NMIndexingService"=3 (0x3)
"gusvc"=3 (0x3)
"wuauserv"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\PDF Editor\\PDFEdit.exe"=
"f:\\Program Files\\Microsoft Visual Studio\\Common\\Tools\\VS-Ent98\\Vanalyzr\\VARPC.EXE"=
"e:\\Program Files\\IEPro\\MiniDM.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3131:TCP"= 3131:TCP:qdvwoe
R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [10/28/2009 08:04 PM 97608]
R2 AntiVirFirewallService;Avira Firewall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [10/28/2009 08:04 PM 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [10/28/2009 08:04 PM 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [10/28/2009 08:04 PM 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [10/28/2009 08:04 PM 434945]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [10/28/2009 08:04 PM 69632]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [4/22/2009 06:26 PM 238080]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
svuzrcnp
wymifkw
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-10-28 c:\windows\Tasks\User_Feed_Synchronization-{51820272-0D74-4864-8780-FAEAA6A6D3C0}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 23:01]
.
- - - - ORPHANS REMOVED - - - -
BHO-{A1811817-EE5A-4D44-ADBF-B7FAD7430D78} - (no file)
SafeBoot-procexp90.Sys
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {{000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - e:\program files\IEPro\iepro.dll
LSP: c:\windows\system32\idmmbc.dll
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
DPF: {8D8972A9-FFFA-11D4-9CC7-00902761BD36} - hxxp://mailjol.com/dev/cab/jscntrl.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-06 22:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1757981266-2049760794-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):3b,49,2c,c4,3c,a0,0b,00,e6,e4,a1,e0,6d,d7,cd,f6,ea,b2,8a,e2,ef,
27,25,f5,72,ef,e3,3e,27,fc,d9,85,aa,68,a6,e5,b5,78,15,51,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):2f,52,87,b4,6f,22,77,d2,c8,ed,c3,34,8f,85,9a,ee,36,3f,f2,be,86,
7b,4d,4a,1f,12,db,39,1d,f8,ea,12,5f,3d,54,f9,f5,82,7c,50,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{93ffba41-5dda-4a64-8b60-1f79252b4ebb}]
@Denied: (Full) (Everyone)
"Model"=dword:00000094
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{ae749551-9377-4939-bf4c-cfd4c3f38bdf}]
@Denied: (Full) (Everyone)
"Model"=dword:000000da
"Therad"=dword:00000022
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d,
df,1c,2f,27,85,0d,4c,f7,1b,0f,39,db,66,fd,49,04,2f,f7,a2,5f,70,74,df,3c,0c,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(1020)
c:\windows\system32\idmmbc.dll
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Completion time: 2009-06-06 22:15
ComboFix-quarantined-files.txt 2009-06-06 16:45
Pre-Run: 8,669,278,208 bytes free
Post-Run: 8,700,903,424 bytes free
329
ANSWER: Hello Suyash
Your HJT file is clean of infections. The error you are experiencing may be caused by your HP Digital Imaging program. I suggest uninstalling it, reboot the computer, then see if the internet is working again. See Microsoft Bulletin:
http://support.microsoft.com/kb/821690
Brian
---------- FOLLOW-UP ----------
QUESTION: My Computer hangs 5 minutes after connecting to the internet.
A message appears showing "Generic host process for windows has closed. we are sorry for incovenience".
after that another message comes "svchost has encountered an error.Click ok to terminate and cancel to debug". When i click any one of the options the computer hangs and starts working slowly and the theme changes from windows xp to windows classic style.When i scanned my computer with avira antivir premium security suite, it detected "WORM/CONFICKER.IH".
If i dont click on ok or cancel then the computer works fine
How can i get rid of this problem?
Answer
Hello Suyash
Have you uninstalled the HP software? If so, run a scan with Malwarebytes' Anti-Malware to delete any viruses that may be lurking. I suggest doing the scan in safe mode. Restart the computer in Safe Mode by continuously tapping the F8 key on boot until a black screen with a menu appears. Choose to Start Windows in Safe Mode with Networking. Log on as usual.
Please download Malwarebytes' Anti-Malware to your desktop from here:
http://www.besttechie.net/tools/mbam-setup.exe
Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to
o Update Malwarebytes' Anti-Malware
* then click Finish.
* If an update is found, it will download and install the latest version.
*Run a Full Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Save that log and reboot normally.
If the computer still hangs, try running chkdsk and scannow to check your system files. To run chkdsk:
Click Start, select Run. In the box, type cmd. Click Ok. Type chkdsk c: /r at the command prompt.
To run scannow:
Click Start, select Run. In the box, type sfc /scannow and hit enter.
Brian
Add to this Answer Ask a Question
|
|
