Windows XP Problems

A couple Windows problems

Page 1 of 1

8 Replies - 1199 Views - Last Post: 28 March 2009 - 07:44 PM

#1 Wovaki  Icon User is offline

  • New D.I.C Head

Reputation: 2
  • View blog
  • Posts: 40
  • Joined: 14-November 08

Windows XP Problems

Posted 19 March 2009 - 04:09 PM

Hello

I was taking a look at a friends computer, there are a few problems with it.

1. There is no CD drive.
CD's will not play when inserted into the drive, and when you go into My Computer, no CD drive is shown. Also, almost every time the computer is started up, the CD tray will open or close, depending on if it was already opened or not.

2. When the computer starts up the file explorer opens up to the WINDOWS location.
Before I took a look at it, a error would pop up about a missing DLL file, I cannot remember the name of it, and it does not pop up any more.

3. Windows thinks there is another anti virus installed when there is not.
My friend had an anti virus from their internet provider, when I tried to uninstall it I was bombarded with errors. So I took a look inside the program files and noticed there was no uninstaller. So, I made a zip file of everything, just in case, then deleted it. Now when I tried to install a new anti virus, it said there already was one, and if I go into the Windows Security Center it says that the anti virus, which I just deleted, is reporting it is up to date, etc.

Any help would greatly be appreciated!

Thanks.

Is This A Good Question/Topic? 0
  • +

Replies To: Windows XP Problems

#2 no2pencil  Icon User is offline

  • Professor Snuggly Pants
  • member icon

Reputation: 6560
  • View blog
  • Posts: 30,699
  • Joined: 10-May 07

Re: Windows XP Problems

Posted 19 March 2009 - 06:19 PM

Sounds like you have rouge software.

http://www.dreaminco...wtopic12453.htm

I would suggest Downloading Avast Home version (is free) & it's update. Copy them to a thumb drive. Take the computer off the network, boot to safe mode, install Avast & it's update, schedule a boot time scan, & then finish it off by booting to normal mode & scanning the startup with hijack this.

Best of luck, let us know how it works out.
Was This Post Helpful? 0
  • +
  • -

#3 Wovaki  Icon User is offline

  • New D.I.C Head

Reputation: 2
  • View blog
  • Posts: 40
  • Joined: 14-November 08

Re: Windows XP Problems

Posted 20 March 2009 - 07:32 AM

Thanks for the reply.

When I initially took a look at it, it had some internet provider's anti virus installed, which never seems to work very well, so I installed AVG Free, and Ad-Aware AE. Running scans with those I removed around 3 Trojan Horses, and some other spyware/malware.

I also installed CCleaner, and ran a registry scan, which cleared up over 2000 errors. That fixed a few problems, and the computer seems to run faster in my opninion.

Is this Rouge software something that AVG or Ad-Aware cannot detect?

Thanks
Was This Post Helpful? 0
  • +
  • -

#4 Wovaki  Icon User is offline

  • New D.I.C Head

Reputation: 2
  • View blog
  • Posts: 40
  • Joined: 14-November 08

Re: Windows XP Problems

Posted 21 March 2009 - 03:50 PM

I installed Avast!, although I forgot to do it in safe mode.

I ran the scan and a few things came up.
Here is what was in the Chest afterwards:

Infected Files
Name: A0118134.dll
Location: C:\System Volume Information\restore{10D4B4EE-7C0B-4339-9C74-3091462FA969}\RP564
Virus: Win32:Trojan-gen {Other}

Name: A0118135.DLL
Location: C:\System Volume Information\restore{10D4B4EE-7C0B-4339-9C74-3091462FA969}\RP564
Virus: Win32:Trojan-gen {Other}

System Files
------------
Name: Kernal32.dll
Location: C:\WINDOWS\system32
Virus:

Name: winsock.dll
Location: C:\WINDOWS\system32
Virus:

Name: wsock32.dll
Location: C:\WINDOWS\system32
Virus:

When the boot scan was running, some other things popped up as well.
But I don't remember what they were, I thought it would say in the log but it didn't.

I do remember they were Trojan's of some sort, and they were in the
System Volume Information\restore.
But it would not let me heal, move, or move to chest so I just hit ignore.

Here is the HijackThis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:52:56 PM, on 21/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\BellCanada\McciTrayApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qca9.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: (no name) - {0610C4E6-A0D0-45d8-B6CB-3CCD74296EBB} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: Yahoo! Freecell Solitaire - http://presence.games.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} - https://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) - 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup144.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/bin/msnchat45.cab
O20 - AppInit_DLLs: C:\WINDOWS\System32\rtc.dll 
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (file missing)
O23 - Service: DvpApi (dvpapi) - Unknown owner - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - Unknown owner - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: PDAgent - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (file missing)
O23 - Service: PDEngine - Unknown owner - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sympatico Security Manager Update Service (RPSUpdaterR) - Unknown owner - C:\Program Files\Bell\Security Manager\rpsupdaterR.exe (file missing)
O23 - Service: Sympatico Security Manager Firewall (RP_FWS) - Unknown owner - C:\Program Files\Bell\Security Manager\Fws.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 12560 bytes

Was This Post Helpful? 0
  • +
  • -

#5 no2pencil  Icon User is offline

  • Professor Snuggly Pants
  • member icon

Reputation: 6560
  • View blog
  • Posts: 30,699
  • Joined: 10-May 07

Re: Windows XP Problems

Posted 21 March 2009 - 08:48 PM

Wow, Kernal32.dll was infected?

So were these files cleaned or deleted?

Do the problems continue?
Was This Post Helpful? 0
  • +
  • -

#6 Wovaki  Icon User is offline

  • New D.I.C Head

Reputation: 2
  • View blog
  • Posts: 40
  • Joined: 14-November 08

Re: Windows XP Problems

Posted 24 March 2009 - 04:23 PM

Sorry it took me so long to respond.

In the Virus Chest it, under the "virus" column, it was just blank for the system files. This stuff was in the virus chest.

I uninstalled Avast!, and remembered that I didn't do anything with the files in the chest. So, do you know what happens to things in the chest if I don't do anything with them before uninstalling Avast!?

And yes, the problems are still there. When installing AVG again, it said there was already a anti virus installed, even though Avast! was already uninstalled. Not to mention that the DVD drive is still missing, which is the biggest problem.
Was This Post Helpful? 0
  • +
  • -

#7 TechWar  Icon User is offline

  • D.I.C Regular

Reputation: 7
  • View blog
  • Posts: 470
  • Joined: 17-February 09

Re: Windows XP Problems

Posted 27 March 2009 - 07:33 PM

Don't know if you've got this sorted or not, but if not, install the avast and stuff just like he told you to do, but, first turn OFF windows system restore. The OS keeps a backup copy of your virus's/ trojans for you. Ain't it sweet :P
then run your avast, etc.. again to get rid of all your problems, then run ccleaner

as far as the drive goes, try installing a new ribbon cable and see if that squares ya up

This post has been edited by TechWar: 27 March 2009 - 07:34 PM

Was This Post Helpful? 0
  • +
  • -

#8 Wovaki  Icon User is offline

  • New D.I.C Head

Reputation: 2
  • View blog
  • Posts: 40
  • Joined: 14-November 08

Re: Windows XP Problems

Posted 28 March 2009 - 06:43 PM

Thanks for the reply, and no this has not been sorted out yet.

Sorry, but I don't know what a ribbon cable is.

Thanks
Was This Post Helpful? 0
  • +
  • -

#9 TechWar  Icon User is offline

  • D.I.C Regular

Reputation: 7
  • View blog
  • Posts: 470
  • Joined: 17-February 09

Re: Windows XP Problems

Posted 28 March 2009 - 07:44 PM

the (usually) wide and flat cable that connects the drive to the motherboard
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1