TechSpot

Kerespup's problems thread

By kerespup
Feb 24, 2007
Topic Status:
Not open for further replies.
  1. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.


    Please do a search of your system for this file and let me know exactly where it`s located.

    sed.cfexe

    Rehide your protected OS files.

    Regards Howard :)
     
  2. kerespup

    kerespup TS Rookie Topic Starter Posts: 52

    It couldn't find that file.
     
  3. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    The thing is, I`m not really sure what sed.cfexe is. However, I`m wondering if it has anything to do with Combofix.

    Please delete all versions of Combofix and see if that helps.

    Regards Howard :)

    This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  4. kerespup

    kerespup TS Rookie Topic Starter Posts: 52

    Apparently that Generic Host error appeared again.

    But when I pressed the view details stuff, it showed these two files:

     
  5. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

    Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

    Locate and delete the following bold files and/or directories(if there).

    C:\DOCUME~1\Games\LOCALS~1\Temp\WER9370.dir00<Delete the entire folder.

    Reboot into normal mode and rehide your protected OS files.

    See how things go.

    Regards Howard :)

    This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  6. kerespup

    kerespup TS Rookie Topic Starter Posts: 52

    Done, and nothing's changed.
     
  7. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    This is getting us nowhere fast.

    I still think this is more of a Windows/software problem than anything else.

    I recommend you try a Windows repair as I suggested earlier.

    If that doesn`t help, then open a new thread in the appropriate forum.

    Regards Howard :)

    This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  8. kerespup

    kerespup TS Rookie Topic Starter Posts: 52

    Okay, I"m not getting that Generic error anymore.

    BUT I'M STILL NOT ABLE TO ACCESS VARIOUS SITES BESIDES GOOGLE, THIS SITE AND SITES ON GOOGLE THAT I CACHE!

    This is seriously getting on my nerves. I've tried EVERYTHING.
     
  9. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    No need to shout.

    I don`t think your problem is malware related.

    Have you tried fixing the Winsock?

    If not try this.

    1.) Download WinsockFix.zip. (by: Option^Explicit)
    2.) UnZip WinsockFix.zip (Pay close attention to where the file is extracted to.)
    3.) Run WinsockFix.exe.
    4.) Click the Fix button.

    If that doesn`t help, try doing a Windows repair.

    If that still doesn`t help, backup your important data and try a re-format and reinstall.

    Regards Howard :)

    This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  10. kerespup

    kerespup TS Rookie Topic Starter Posts: 52

    I already tried that, remember?...

    And how can I not shout when I have a Course Work Exam due within 6 hours and I can't start on it because of this mess.
     
  11. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    I couldn`t remember what you`d tried.

    Unfortunately, I can`t physically fix your computer. If I could, believe me I would.

    Can you access websites ok from safe mode with networking?

    Did you try a Windows repair?

    Regards Howard :)
     
     
  12. kerespup

    kerespup TS Rookie Topic Starter Posts: 52

    Back here with a new problem on a new computer:

    Ever since I put this Flash Drive into the comp, I got an Explorer.exe error.

    Now... whenever Explorer.exe is running, my internet goes soooo damn slow.

    But when I end the Explorer.exe process, the internet goes fine again.

    I wasn't able to get a screenshot of the explorer error that appeared, but here is my HJT log.

    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:30:10 AM, on 8/11/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal
    
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\Program Files\VDOTool\TBPanel.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
    C:\WINDOWS\system32\Pen_Tablet.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Documents and Settings\JK\Desktop\analyze.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini20.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://holic.netgame.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: {d1e9a6ba-21df-64ea-e014-6358cacd9e95} - {59e9dcac-8536-410e-ae46-fd12ab6a9e1d} - C:\WINDOWS\system32\oyjolx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {8C57CB69-EC1F-4FF3-916F-52151AABC187} - C:\WINDOWS\system32\rqRKecDT.dll
    O2 - BHO: (no name) - {F5D922A7-7575-46C4-927A-FE468F099150} - C:\WINDOWS\system32\fccbBSkj.dll
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: Earn2Life Bar - {93344865-74BD-4873-BE65-56539D41A65C} - C:\WINDOWS\Downloaded Program Files\Earn2Life.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [TBPanel] C:\Program Files\VDOTool\TBPanel.exe /A
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [LogonStudio] "D:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [88acd53a] rundll32.exe "C:\WINDOWS\system32\jkerxrlt.dll",b
    O4 - HKLM\..\Run: [BM8b9fe6a6] Rundll32.exe "C:\WINDOWS\system32\kvecrmay.dll",s
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Earn2Life Bar - {07328B93-AFD8-4c6a-99E9-D0B3B5D6DAD9} - C:\WINDOWS\Downloaded Program Files\Earn2Life.dll
    O9 - Extra 'Tools' menuitem: Earn2Life Bar - {07328B93-AFD8-4c6a-99E9-D0B3B5D6DAD9} - C:\WINDOWS\Downloaded Program Files\Earn2Life.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {93344865-74BD-4873-BE65-56539D41A65C} (Earn2Life Bar) - http://www.earn2life.com/plugin/Earn2Life.cab
    O20 - Winlogon Notify: rqRKecDT - C:\WINDOWS\SYSTEM32\rqRKecDT.dll
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
    
    --
    End of file - 7052 bytes
    
     
  13. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Hi kerespup, your original thread started: 02-25-2007

    You are best to create a new thread (so as others do not need to read all this old unrelated part)

    To access technical support you will need to go to Here into the appropriate forum for any problems you may have.

    You can also access many online TechSpot guides Here

    Please read Posting Guidelines Here before posting.

    Guide to Making a Good Post/Thread

    Also it is customary to post your system specs in your Profile

    Enjoy your Stay :)
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.