Kerespup's problems thread
- Thread starter kerespup
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
The thing is, I`m not really sure what sed.cfexe is. However, I`m wondering if it has anything to do with Combofix.
Please delete all versions of Combofix and see if that helps.
Regards Howard
This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Please delete all versions of Combofix and see if that helps.
Regards Howard
This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.
Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
Locate and delete the following bold files and/or directories(if there).
C:\DOCUME~1\Games\LOCALS~1\Temp\WER9370.dir00<Delete the entire folder.
Reboot into normal mode and rehide your protected OS files.
See how things go.
Regards Howard
This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.
Locate and delete the following bold files and/or directories(if there).
C:\DOCUME~1\Games\LOCALS~1\Temp\WER9370.dir00<Delete the entire folder.
Reboot into normal mode and rehide your protected OS files.
See how things go.
Regards Howard
This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
This is getting us nowhere fast.
I still think this is more of a Windows/software problem than anything else.
I recommend you try a Windows repair as I suggested earlier.
If that doesn`t help, then open a new thread in the appropriate forum.
Regards Howard
This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
I still think this is more of a Windows/software problem than anything else.
I recommend you try a Windows repair as I suggested earlier.
If that doesn`t help, then open a new thread in the appropriate forum.
Regards Howard
This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
No need to shout.
I don`t think your problem is malware related.
Have you tried fixing the Winsock?
If not try this.
1.) Download WinsockFix.zip. (by: Option^Explicit)
2.) UnZip WinsockFix.zip (Pay close attention to where the file is extracted to.)
3.) Run WinsockFix.exe.
4.) Click the Fix button.
If that doesn`t help, try doing a Windows repair.
If that still doesn`t help, backup your important data and try a re-format and reinstall.
Regards Howard
This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
I don`t think your problem is malware related.
Have you tried fixing the Winsock?
If not try this.
1.) Download WinsockFix.zip. (by: Option^Explicit)
2.) UnZip WinsockFix.zip (Pay close attention to where the file is extracted to.)
3.) Run WinsockFix.exe.
4.) Click the Fix button.
If that doesn`t help, try doing a Windows repair.
If that still doesn`t help, backup your important data and try a re-format and reinstall.
Regards Howard
This thread is for the use of kerespup only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
I couldn`t remember what you`d tried.
Unfortunately, I can`t physically fix your computer. If I could, believe me I would.
Can you access websites ok from safe mode with networking?
Did you try a Windows repair?
Regards Howard
Unfortunately, I can`t physically fix your computer. If I could, believe me I would.
Can you access websites ok from safe mode with networking?
Did you try a Windows repair?
Regards Howard
Back here with a new problem on a new computer:
Ever since I put this Flash Drive into the comp, I got an Explorer.exe error.
Now... whenever Explorer.exe is running, my internet goes soooo damn slow.
But when I end the Explorer.exe process, the internet goes fine again.
I wasn't able to get a screenshot of the explorer error that appeared, but here is my HJT log.
Ever since I put this Flash Drive into the comp, I got an Explorer.exe error.
Now... whenever Explorer.exe is running, my internet goes soooo damn slow.
But when I end the Explorer.exe process, the internet goes fine again.
I wasn't able to get a screenshot of the explorer error that appeared, but here is my HJT log.
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:10 AM, on 8/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\VDOTool\TBPanel.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\JK\Desktop\analyze.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini20.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://holic.netgame.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: {d1e9a6ba-21df-64ea-e014-6358cacd9e95} - {59e9dcac-8536-410e-ae46-fd12ab6a9e1d} - C:\WINDOWS\system32\oyjolx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8C57CB69-EC1F-4FF3-916F-52151AABC187} - C:\WINDOWS\system32\rqRKecDT.dll
O2 - BHO: (no name) - {F5D922A7-7575-46C4-927A-FE468F099150} - C:\WINDOWS\system32\fccbBSkj.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Earn2Life Bar - {93344865-74BD-4873-BE65-56539D41A65C} - C:\WINDOWS\Downloaded Program Files\Earn2Life.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [TBPanel] C:\Program Files\VDOTool\TBPanel.exe /A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogonStudio] "D:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [88acd53a] rundll32.exe "C:\WINDOWS\system32\jkerxrlt.dll",b
O4 - HKLM\..\Run: [BM8b9fe6a6] Rundll32.exe "C:\WINDOWS\system32\kvecrmay.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Earn2Life Bar - {07328B93-AFD8-4c6a-99E9-D0B3B5D6DAD9} - C:\WINDOWS\Downloaded Program Files\Earn2Life.dll
O9 - Extra 'Tools' menuitem: Earn2Life Bar - {07328B93-AFD8-4c6a-99E9-D0B3B5D6DAD9} - C:\WINDOWS\Downloaded Program Files\Earn2Life.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {93344865-74BD-4873-BE65-56539D41A65C} (Earn2Life Bar) - http://www.earn2life.com/plugin/Earn2Life.cab
O20 - Winlogon Notify: rqRKecDT - C:\WINDOWS\SYSTEM32\rqRKecDT.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\WINDOWS\system32\Pen_Tablet.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
--
End of file - 7052 bytesHi kerespup, your original thread started: 02-25-2007
You are best to create a new thread (so as others do not need to read all this old unrelated part)
To access technical support you will need to go to Here into the appropriate forum for any problems you may have.
You can also access many online TechSpot guides Here
Please read Posting Guidelines Here before posting.
Guide to Making a Good Post/Thread
Also it is customary to post your system specs in your Profile
Enjoy your Stay
You are best to create a new thread (so as others do not need to read all this old unrelated part)
To access technical support you will need to go to Here into the appropriate forum for any problems you may have.
You can also access many online TechSpot guides Here
Please read Posting Guidelines Here before posting.
Guide to Making a Good Post/Thread
Also it is customary to post your system specs in your Profile
Enjoy your Stay
- Status
Similar threads
Latest posts
-
TikTok faces a potential ban in Europe, too- p51d007 replied
