Im not a computer pro but Im pretty competent usually, however Im way out of my league
First my laptop stopped going into sleep mode and when I put my battery plan to balanced it fixed it temporarily. then the battery stopped charging. i took it out and put it again, it has fixed. then the big problems began
task manager stopped working (it would open and be running but I couldnt see it anywhere, only the green box on the lower right panel thing) - I downloaded process explorer and killed the many task managers i had running. so its not fixed but replaced
then the big problem - it can no longer shut down it says its gonna and then just stays at the logging out screen. im worried every time i hard reset im damaging it.
at some point i did a system restore (before the major probs happened because it prompted me. i thought i could perhaps do a restore from longer back but now I cant get system restore to appear though it is running. I cant get task viewer to work without crashing, I cant do windows update or windows defender scan.
I have run avg and the microsoft malicious software removal tool which are taking 7 hours to finish, early at the end and no results - so does this mean it isnt a virus? also, how is AVG different from windows defender? I have run glary, ccleaner, and advances system care..
I have just made a windows vista repair disc though im not really sure what it does, should I use it? also I dont think I can do a reset because my laptop did not come with a vista disc apparently it is maybe stored by hidden paritian? I dont really get it.
Any ideas? Its worrying me a lot, I have my laptop in my room so keeping it on is not an option, i dont think hard reset is a long-term solution either. I really need it fixed before I head back to Uni because the idea of being cut off is scary. I could get someone to fix it but apparently that could add up to 90 or something :S
also, say I back everything up and it turns out I did have a virus. might I infect my data in my backup and be infected forever?
please help if you can!
my hyjackthis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:50:05, on 13/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:Windowssystem32taskeng.exe
C:Program FilesIObitAdvanced SystemCare 3AWC.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesDiskeeper CorporationDiskeeperDkIcon.exe
C:Program FilesLenovoNPDIRECTtpfnf7sp.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesLenovoPM DriverPMHandler.exe
C:Program FilesLenovoHOTKEYTpWAudAp.exe
C:Program FilesIntelIntel Matrix Storage ManagerIAAnotif.exe
C:WindowsRtHDVCpl.exe
C:Program FilesCommon FilesLenovoSchedulerscheduler_proxy.exe
C:Program FilesLenovoLenovoCareLPMGR.EXE
C:Program FilesLenovoAwayTaskAwaySch.EXE
C:Program FilesLenovo Multimedia CenterPowerDVDPDVDServ.exe
C:Program FilesThinkVantageAMSGAmsg.exe
C:Program FilesPure NetworksNetwork Magicnmapp.exe
C:Program FilesThinkPadConnectUtilitiesACTray.exe
C:Program FilesThinkPadConnectUtilitiesACWLIcon.exe
C:Program FilesLenovoClient Security Solutioncssauth.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:WindowsSystem32igfxtray.exe
C:WindowsSystem32hkcmd.exe
C:WindowsSystem32igfxpers.exe
C:Windowssystem32igfxsrvc.exe
C:Program FilesScanSoftOmniPageSE4OpWareSE4.exe
C:Program FilesCanonMyPrinterBJMYPRT.EXE
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesJavajre6binjusched.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462G oogleToolbarNotifier.exe
C:Windowsehomeehtray.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesLenovoBluetooth SoftwareBTTray.exe
C:Program FilesWordWebwweb32.exe
C:Windowsehomeehmsas.exe
C:Program FilesLenovoBluetooth SoftwareBtStackServer.exe
C:Program FilesLenovoClient Security Solutiontvtpwm_tray.exe
C:Windowssystem32sdclt.exe
C:Program FilesMalwarebytes Anti-Malwarembam.exe
C:Windowssystem32wuauclt.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesLast.fmLastFM.exe
C:Windowssystem32SearchFilterHost.exe
C:USERSCLARADOWNLOADSPROCESSEXPLORERPROCEXP.E XE
C:Program FilesTrend MicroHijackThisHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://search.orbitdownloader.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:Program FilesOrbitdownloaderorbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:Program FilesAskBarDisbarbinaskBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:Program FilesRealRealPlayerrpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:Program FilesLenovoClient Security Solutiontvtpwm_ie_com.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:Program FilesVeoh NetworksVeohPluginsregVeohToolbar.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program FilesOrbitdownloaderGrabPro.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:Program FilesAskBarDisbarbinaskBar.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [TPFNF7] C:Program FilesLenovoNPDIRECTTPFNF7SP.exe /r
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [PMHandler] C:PROGRA~1LenovoPMDRIV~1PMHandler.exe
O4 - HKLM..Run: [TPWAUDAP] C:Program FilesLenovoHOTKEYTpWAudAp.exe
O4 - HKLM..Run: [IAAnotif] "C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe"
O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM..Run: [TVT Scheduler Proxy] C:Program FilesCommon FilesLenovoSchedulerscheduler_proxy.exe
O4 - HKLM..Run: [FingerPrintSoftware] "C:Program FilesLenovo Fingerprint Softwarefpapp.exe" s
O4 - HKLM..Run: [LPManager] C:PROGRA~1LenovoLENOVO~2LPMGR.exe
O4 - HKLM..Run: [DiskeeperSystray] "C:Program FilesDiskeeper CorporationDiskeeperDkIcon.exe"
O4 - HKLM..Run: [AwaySch] C:Program FilesLenovoAwayTaskAwaySch.EXE
O4 - HKLM..Run: [RemoteControl] "C:Program FilesLenovo Multimedia CenterPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [LanguageShortcut] "C:Program FilesLenovo Multimedia CenterPowerDVDLanguageLanguage.exe"
O4 - HKLM..Run: [AMSG] C:Program FilesThinkVantageAMSGAmsg.exe /startup
O4 - HKLM..Run: [nmapp] "C:Program FilesPure NetworksNetwork Magicnmapp.exe" -autorun -nosplash
O4 - HKLM..Run: [ACTray] C:Program FilesThinkPadConnectUtilitiesACTray.exe
O4 - HKLM..Run: [ACWLIcon] C:Program FilesThinkPadConnectUtilitiesACWLIcon.exe
O4 - HKLM..Run: [cssauth] "C:Program FilesLenovoClient Security Solutioncssauth.exe" silent
O4 - HKLM..Run: [LenovoOobeOffers] c:SWTOOLSLenovoWelcomeLenovoOobeOffers.exe /filePath="c:swsharefirstrun.txt"
O4 - HKLM..Run: [GrooveMonitor] "C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe"
O4 - HKLM..Run: [IgfxTray] C:Windowssystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:Windowssystem32hkcmd.exe
O4 - HKLM..Run: [Persistence] C:Windowssystem32igfxpers.exe
O4 - HKLM..Run: [SSBkgdUpdate] "C:Program FilesCommon FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe" -Embedding -boot
O4 - HKLM..Run: [OpwareSE4] "C:Program FilesScanSoftOmniPageSE4OpwareSE4.exe"
O4 - HKLM..Run: [CanonSolutionMenu] C:Program FilesCanonSolutionMenuCNSLMAIN.exe /logon
O4 - HKLM..Run: [CanonMyPrinter] C:Program FilesCanonMyPrinterBJMyPrt.exe /logon
O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6binjusched.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 9.0ReaderReader_sl.exe"
O4 - HKLM..RunOnce: [Malwarebytes Anti-Malware] C:Program FilesMalwarebytes Anti-Malwarembamgui.exe /install /silent
O4 - HKLM..RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:Program FilesMalwarebytes Anti-Malwarembam.exe" /runcleanupscript
O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462G oogleToolbarNotifier.exe
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User LOCAL SERVICE)
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User LOCAL SERVICE)
O4 - HKUSS-1-5-19..Run: [AVG7_Run] C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User LOCAL SERVICE)
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User NETWORK SERVICE)
O4 - HKUSS-1-5-18..Run: [AVG7_Run] C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User SYSTEM)
O4 - HKUS.DEFAULT..Run: [AVG7_Run] C:PROGRA~1GrisoftAVG7avgw.exe /RUNONCE (User Default user)
O4 - Startup: WordWeb.lnk = C:Program FilesWordWebwweb32.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Download by Orbit - res://C:Program FilesOrbitdownloaderorbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:Program FilesOrbitdownloaderorbitmxt.dll/204
O8 - Extra context menu item: &Windows Live Search - res://C:Program FilesWindows Live Toolbarmsntb.dll/search.htm
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:Program FilesOrbitdownloaderorbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:Program FilesOrbitdownloaderorbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:Program FilesLenovoBluetooth Softwarebtsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:Program FilesLenovoBluetooth Softwarebtsendto_ie.htm
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:Program FilesLenovoClient Security Solutiontvtpwm_ie_com.dll
O9 - Extra Tools menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:Program FilesLenovoClient Security Solutiontvtpwm_ie_com.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra Tools menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesLenovoBluetooth Softwarebtsendto_ie.htm
O9 - Extra Tools menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesLenovoBluetooth Softwarebtsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1239469684989
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1239469772680
O17 - HKLMSystemCCSServicesTcpip..{6919E77B-522A-4E21-A7DA-27DD00711701}: NameServer = 134.219.101.211 134.219.101.212
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - Winlogon Notify: avgwlntf - C:WindowsSYSTEM32avgwlntf.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:Program FilesThinkPadConnectUtilitiesAcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:Program FilesThinkPadConnectUtilitiesAcSvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:Windowssystem32agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgrssvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:Program FilesDiskeeper CorporationDiskeeperDkService.exe
O23 - Service: Fn+F5 Service (FNF5SVC) - Lenovo. - C:Program FilesLENOVOHOTKEYFNF5SVC.exe
O23 - Service: Google Update Service (gupdate1c8e883963eb170) (gupdate1c8e883963eb170) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:Program FilesCanonIJPLMIJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:Windowssystem32IPSSVC.EXE
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:Program FilesPure NetworksNetwork MagicWebServerbinnmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:Program FilesPure NetworksNetwork Magicnmsrvc.exe
O23 - Service: PMSveH - Lenovo - C:Program FilesLenovoPM DriverPMSveH.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:Windowssystem32PSIService.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:Program FilesMacriumReflectReflectService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:Program FilesCyberLinkShared FilesRichVideo.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:Windowssystem32rpcnet.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:Program FilesLenovoSystem UpdateSUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:Program FilesCommon FilesLenovotvt_reg_monitor_svc.exe
O23 - Service: On Screen Display (TPHKSVC) - Unknown owner - C:Program FilesLENOVOHOTKEYTPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:Program FilesLenovoClient Security Solutiontvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:Program FilesLenovoRescue and Recoveryrrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:Program FilesLenovoRescue and Recoveryrrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:Program FilesCommon FilesLenovoSchedulertvtsched.exe
--
End of file - 16345 bytes
thanks for any help - i should be revising and Ive spent the last week trying to fix this >.<
also, I was backing up my data (I hope if there is a virus it wont transfer) and I noticed that one file which wouldnt copy was C:UsersAll UsersMicrosoftRACStateData because there was a problem, it was corrupt or something.. could this mean anything? i think I may have accidentally done something to it when backing it up last time, but maybe im paranoid
i would try a system restore but it wont work.. i have advanced system care and that has rollbacks.. i dont think its the same and that might not work either >.< hyjackthis almost didnt open the first time.. i made a vista recovery CD as my laptop did not come with one but I dont really know what it does
since my date is backed up my big worry is my itunes since date added is my favourite feature and I dont know if this is transferable if I copy over from a backup theyll all be added the same day..
also a worry is to fix this soon because every time it shuts down unexpectedly or i hard reset this is bad for it?
again thanks for any help
Read More...
No comments:
Post a Comment