Inactive *Infected* rootkit.0access Trogens:Win32:Kryptik-KEG/zeroaccess/.FakeMS/.Delf/enchanim.gePUM.Hijack

Next scan....

  • Please download VEW by Vino Rosso from here and save it to your desktop
  • Double click it to start it Note: If running Windows Vista or Windows 7 you will need to right click the file and select Run as administrator and click Continue or Allow at the User Account Control Prompt.
  • Click the check boxes next to Application and System located under Select log to query on the upper left
  • Under Select type to list on the right click the boxes next to Error and Warning Note: If running Windows Vista or Windows 7 also click the box next to Critical (not XP).
  • Under Number or date of events select Number of events and type 20 in the box next to 1 to 20 and click Run
  • Once it finishes it will display a log file in notepad
  • Please copy and paste its entire contents into your next reply
 
How to capture an event log and upload it to the forum:
  • First, open Event Viewer by clicking Start -> Run -> type eventvwr.msc and press ENTER.
  • In the Event Viewer please right click the requested event log (I.e. Application, system, etc...) and click Save Log File As.
  • Please save the logfile to your desktop and give it a recognizable name.
  • Do this for each log that has been requested.
  • When you are finished saving the necessary logs, close Event Viewer.
  • On your desktop find the saved log files. Hold the CTRL key and click to select each event log.
  • When all event logs are selected, right-click one of them, click Send to -> Compressed Zip Folder.
  • A new .ZIP file will have been created on your desktop. Please attach that file to this forum in your next reply.
 
Press start, then run and enter cmd - then hit OK.

In the command prompt window, press in the following code exactly:


netsh winsock reset catalog

Then, exit out.
==

Do you have Internet after performing the above process?
 
Ta Da! yes that did work, thanks :)
Sorry for the slow reply, had to go to work.
Let me know any other suggestions/instructions .... much appreciated
 
Great, let's check for remnants of infection... :D

ESET Online Scan

Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
  • Click Start or wait for the scanner to load.
  • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, there are a couple of things to keep in mind:
  • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
  • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
  • Open the logfile from wherever you saved it
  • Copy and paste the contents in your next reply.
 
Here is the ESET scan results, three infections-
Note also ...Windows Firewall is back but Windows Security Center still shows
alerts & does not recognize my PC TOOLS 2012 Security Suite or its firewall.


C:\Documents and Settings\All Users\Application Data\ctfmon.lnk Win32/Reveton.J trojan cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\7af3996f.exe Win32/Sirefef.EV trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP376\A0070952.lnk Win32/Reveton.J trojan cleaned by deleting - quarantined
 
Good...and this please:

Please run Panda ActiveScan online scan.
  • Choose Quick Scan then click the big green Scan now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • Once the scan is completed, please hit the notepad icon next to the text Export to:
  • Save it to a convenient location such as your Desktop
  • Post the contents of the ActiveScan.txt in your next reply
 
The trojens from other scan arent showing with this one jut some cookies:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2012-10-23 15:41:53
PROTECTIONS: 0
MALWARE: 3
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\documents and settings\owner\cookies\n0slzcec.txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No c:\documents and settings\owner\cookies\b0oug4lo.txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\owner\cookies\v1ka82vr.txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================
 
What other issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death
 
On computer restart, PC tools Firewall shuts itself off immediately after service start (has to be manually enabled)

Windows Security System does not recognize PC Tools antivirus or firewall ...tray icon always shows red alert shield with 'x' although both are on.

Computer running extremely slow page loading, startup, shutdown with frequent freezes.

Regularly now, a pop-up states something as ..."no internet connection, page cannot display, click to work offline or retry" but connection shows as good.

On most/all pages, System tray displays yellow alert with exclamtion mark stating "Done, but with errors on page"

Some previously disabled services have re-enabled themselves, eg- PC Tools Browser Guard, Google Update Svs, Malwarebytes scheduler etc.

These are some of what Ive encountered. Haven't tried changing service startup options or using/checking anything beyond basic use yet (no sys restore tried etc). Wanted to get the all clear for fear of spreading/enabling viruses.
Thanks for your input.
 
Cannot do anything about Windows Security Center recognizing antivirus or firewall software.

New log from ComboFix

We would like to see a ☆new log☆ from ComboFix. Please find the ComboFix icon on your Desktop and delete it. Download a new one, and run it. Once it finishes running, post the new log.
 
Hello! Are you still with us? Your topic is now marked inactive, because you have lacked to reply.

However, we'd like to still help. Please update us on the state of your PC.
 
Hi again Jay, Sorry I didnt receive the usual email notification of new response.

I mention the Security Center not recognizing antivirus/firewall because it probably needs to be
addressed for some sort of file damage due to the infection.
This is a new problem occuring only after the service reappeared following one of the fixes
(if you remember Windows Security Ctr went missing along w/ Windows firewall & Update)

Still receiving frequent connection error ...Page needs internet connection to display ...given options
Work Offline or Retry to connect (must select one)
When I check the page settings the "Work Offline" option is always selected? I must uncheck it.
........maybe related?? -
In Network Connections / TP-link Wireless Connection Properties, Advanced Options there is an error message:
Windows cannot display the properties of this connection.
The Windows Management Instrumentation (WMI) information might be corrupted.
To correct this, use System Restore to restore Windows to an earlier time ... etc
 
ANOTHER NEW DEVELOPMENT... after combofix, PC tools full scan found 52 infections.
Some had the 'catchme' phrase some not, Needed to reboot but couldnt complete t
Went to 'E' page (e-machine) with startup choices (bios, f12 etc) then froze & had to
manually unplug to shut it off. Tried several times with same result then finally went through.
Keyboard typing is delayed also

Sorry, Forgot to attach the new combofix log last post ...said rootkit activity found? rebooted & scanned
Then above probs happened. I'll run the new tool & post back
Here's the combofix log

ComboFix 12-10-31.03 - Owner 31/10/2012 11:39:55.3.1 - x86
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
.
.
((((((((((((((((((((((((( Files Created from 2012-09-28 to 2012-10-31 )))))))))))))))))))))))))))))))
.
.
2012-10-23 18:37 . 2009-06-30 14:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2012-10-23 18:37 . 2012-10-23 18:37 -------- d-----w- c:\program files\Panda Security
2012-10-22 22:11 . 2012-10-22 22:11 -------- d-----w- c:\program files\ESET
2012-10-22 14:04 . 2012-10-22 14:06 -------- d-----w- c:\windows\system32\NtmsData
2012-10-16 22:13 . 2012-10-16 22:13 -------- d-----w- C:\FRST
2012-10-16 06:59 . 2012-10-16 06:59 177496 ----a-w- c:\windows\system32\drivers\07292517.sys
2012-10-16 06:59 . 2012-10-16 06:59 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-15 08:26 . 2012-09-07 21:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-15 06:02 . 2012-10-15 06:02 -------- d-----w- c:\windows\system32\wbem\Repository
2012-10-15 00:31 . 2012-10-15 23:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-14 20:13 . 2012-10-14 20:13 -------- d-----w- c:\program files\Enigma Software Group
2012-10-14 20:09 . 2012-10-14 20:09 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-10-14 19:55 . 2012-10-14 19:55 -------- d-----w- c:\documents and settings\Owner\Application Data\DriverCure
2012-10-14 19:54 . 2012-10-14 19:54 -------- d-----w- c:\documents and settings\Owner\Application Data\SpeedyPC Software
2012-10-14 08:21 . 2012-10-14 08:21 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2012-10-14 08:20 . 2012-10-14 08:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-10-09 09:04 . 2012-10-09 09:04 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2012-10-02 05:36 . 2001-08-17 18:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2012-10-02 05:36 . 2001-08-17 18:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2012-10-02 05:36 . 2008-04-13 23:09 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2012-10-02 05:36 . 2008-04-13 23:09 6144 ----a-w- c:\windows\system32\kbd106.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-16 07:25 . 2004-08-26 16:12 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-08-28 15:14 . 2004-08-26 16:12 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14 . 2004-08-26 16:11 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14 . 2004-08-26 16:11 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-26 16:11 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2004-08-26 16:12 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:29 . 2004-08-26 16:12 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58 . 2004-08-04 05:59 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992]
"TWCU"="c:\program files\TP-LINK\TWCU\TWCU.exe" [2006-03-15 348160]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-07-12 81920]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-12 4112384]
"nwiz"="nwiz.exe" [2004-07-12 843776]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-04 131072]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-05-12 300472]
"ISTray"="c:\program files\PC Tools\PC Tools Security\pctsGui.exe" [2012-06-22 2673624]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Secunia PSI Tray.lnk.disabled]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk.disabled
backup=c:\windows\pss\Secunia PSI Tray.lnk.disabledCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnectionCenter]
2010-05-12 22:03 300472 ----a-w- c:\program files\Citrix\ICA Client\concentr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2004-07-12 04:50 4112384 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray]
2004-06-04 04:51 131072 ----a-w- c:\program files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2004-07-12 04:50 843776 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 15:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
2009-10-22 08:43 64048 ----a-w- c:\program files\VMware\VMware Player\hqtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Browser Defender Update Service"=2 (0x2)
"wuauserv"=2 (0x2)
"Secunia Update Agent"=3 (0x3)
"JavaQuickStarterService"=3 (0x3)
"iPod Service"=3 (0x3)
"Apple Mobile Device"=3 (0x3)
"AudioSrv"=2 (0x2)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
"RSVP"=3 (0x3)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunKistEM"=c:\program files\Digital Media Reader\shwiconem.exe
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"nwiz"=nwiz.exe /install
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" -osboot
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"<NO NAME>"=
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" /startup
"ControlCenter2.0"=c:\program files\Brother\ControlCenter2\brctrcen.exe /autorun
"SetDefPrt"=c:\program files\Brother\Brmfl04a\BrStDvPt.exe
"Path"="c:\program files\ZOOM\ZFX Tools\ZFX Tools startup.exe"
"SelectRebates"=c:\program files\SelectRebates\SelectRebates.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R3 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [x]
R3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD.sys [x]
R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
R3 QslFsFltr;QslFsFltr;c:\windows\system32\DRIVERS\QslFsFltr.sys [x]
R3 QuikSync;QuikSync;c:\program files\EMC Corporation\v.Clone\QuikSync\QuikSync.exe [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [x]
R3 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [x]
R3 ZMGHPAudioSrv;ZOOM G Series High Performance Audio Driver Service;c:\windows\system32\drivers\zmghpau.sys [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R4 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [x]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [x]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [x]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [x]
S1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [x]
S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD.sys [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [x]
S2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [x]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools\PC Tools Security\pctsAuxs.exe [x]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [x]
S2 vstor2-mntapi10;Vstor2 vix Disk Tools Virtual Storage Driver;c:\program files\VMware\VMware Virtual Disk Development Kit\bin\vstor2-mntapi10.sys [x]
S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [x]
S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis.sys [x]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [x]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - PCTSDInjDriver32
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2012-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-27 06:43]
.
2012-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-27 06:43]
.
.
------- Supplementary Scan -------
.
uStart Page = https://login.yahoo.com/config/login_verify2?.intl=us&.src=ym
uInternet Settings,ProxyOverride = *.local
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
Trusted Zone: pb.com\ibdswebp8-ext
Trusted Zone: usps.com\carrierpickup
Trusted Zone: usps.com\tools
TCP: DhcpNameServer = 167.206.254.1 167.206.254.2
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-31 12:03
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(1000)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
Completion time: 2012-10-31 12:12:21
ComboFix-quarantined-files.txt 2012-10-31 16:12
ComboFix2.txt 2012-10-20 05:51
ComboFix3.txt 2012-10-19 08:53
.
Pre-Run: 34,928,304,128 bytes free
Post-Run: 35,047,735,296 bytes free
.
- - End Of File - - 5525E1197204049AA569E6CF310B7143
 
Please download this tool > System Repair Engineer
  1. Extract it to it's own folder & double click SREng.exe to run it
  2. Select 'Smart Scan' & tick "Verify Digital Signatures"
  3. Click on the [Scan] button
  4. When finished, click on the [Save Reports] button & save the log to Desktop
  5. Attach the log in your next reply. Dont post it

Note: You may have to rename SREngLog.log to SREngLog.txt before attaching
 
Sorry for the wait, Im on Long Island NY & were having a very tough time with everything...
electricity, internet ...basically life as we knew it :)

I did some reasearch on WMI & wound up rebuilding the repository which seems to have
cleared up many of the issues. Security center is detecting antivirus/firewall now, connectivity
popup is gone & slow loading start/shut etc is better.

I did still run the scan ,,,but then lost power :) The log is attached
 

Attachments

  • SREngLog.txt
    61.8 KB · Views: 1
Yeah, from the looks of the log, there is nothing serious wrong with the system.

What other problems are there, if any?
 
Thats good news. Loading is still not where it was but better since the WMI fix as
well as the typing /keyboard to screen issue
...I'll type a word then have to wait quite a bit for it to show up, spacebar /backspacing /delete
/enter are all very slow to repond
I havent been able to use the cp much lately so will let you know as things are evident but
none of the major probs of previous. Let me know what you think might be the cause for
these issues? VERY annoying :)

...just a note- With the 'Complete Internet Fix tool' I didnt know which specific resets/restores
to use (not knowing where the problem) was so was wary to try most.
Did use the resets for Internet Protocol, Windows firewall.
Should have ticked all the boxes?
 
You must log in or register to reply here.

Similar threads

B
Solved Bestprosoft
Replies
23
Views
3K
Broni
Broni
W
Solved HackTool:Wind32/Mailpassview found
Replies
10
Views
5K
Broni
Broni
Andit
Solved I think my computer is infected (farbar log)
Replies
23
Views
5K
Broni
Broni

Latest posts

Back