We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Problems after re-install of XP
Comments
-
Just done the reboot and got an error saying that vakzakt87.dll could not be found. Anyone know what that file is?:wall: Flagellation, necrophilia and bestiality - Am I flogging a dead horse? :wall:
Any posts are my opinion and only that. Please read at your own risk.0 -
Log from HijackThis if it helps:-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:58:10, on 13/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
--
End of file - 4161 bytes:wall: Flagellation, necrophilia and bestiality - Am I flogging a dead horse? :wall:
Any posts are my opinion and only that. Please read at your own risk.0 -
Just done the reboot and got an error saying that vakzakt87.dll could not be found. Anyone know what that file is?
It's caused by Malware / Worm that looks as if it's been removed by Avira. It's also what stopped you editing your registry
I'd be tempted to take it back to the muppets at the shop and tell them to fix it properly, but by the sounds of it they're stupid as hell and would probably mess it up more.
Do you have access to another computer, can you download Spybot S&D and Malware Bytes
You're ideally going to need to clean the PC properly which is best done by a format, but you may be able to get away with it if cleaned properly.Owner of andrewhope.co.uk, hate cars and love them
Working towards DFD
HSBC Credit Card - £2700 / £7500
AA Loans - (cleared £9700)0 -
Hi all
I've just got my machine back after having it "mended" by the shop.
Basically, they've formatted the HDD and reinstalled XP Home.
Now I can't access regedit to re-enable Task Manager.
Any ideas on how to get round this one?
I've checked some for the options via Google but they don't seem to work after a reboot.
Anyone have any permanent solutions?
I've solved the "My Documents" and "My Computer" icons missing from the desktop but I'm also missing "My Network Places" as well.
Any suggestions gratefully received.
::edit::
I'm set up as an admin on here if it helps.
- Task Manager, My Computer, My Network Places, disabled after you paid a shop to do a re-install ?
- Either it was compromised [ by the shop or yourself ] after a legal copy was used, or the illegal copy [ more probable ] was compromised before the shop installed it.
- We recently had a long conversation lasting about a week, I assume you have now had no puter for three weeks. I wish you lived near me, I'd break my golden rule and do it for you, properly and for free.
- I would however make two backups, give you one of them, and give you the confidence to self re-install in DOS because [ no insult intended ] I suspect you yourself are a very large part of your own problemDisclaimer : Everything I write on this forum is my opinion. I try to be an even-handed poster and accept that you at times may not agree with these opinions or how I choose to express them, this is not my problem. The Disabled : If years cannot be added to their lives, at least life can be added to their years - Alf Morris - ℜ0 -
Uhh, why didn't you just take it back to shop explaining the problems?0
-
Because they were shut by the time I'd realised (yesterday) and, considering the mess they've left in in, I'm not taking it anywhere near them again.
Lil306: I've got Malwarebyes on here and posted a log (post 11) and a HijackThis log (post 13).
Richie: Why would you think I am part of my own problems?:wall: Flagellation, necrophilia and bestiality - Am I flogging a dead horse? :wall:
Any posts are my opinion and only that. Please read at your own risk.0 -
you need alienrik for the hijack log he knows better on this than anyone as he reads them more than anyone
0 -
Good plan, they're morons.Because they were shut by the time I'd realised (yesterday) and, considering the mess they've left in in, I'm not taking it anywhere near them again.
I'm not particularly fond of HijackThis, it does list a lot of running processes, but providing you have decent AV monitoring and malware removal programs you shouldn't really need it and it just clutters up posts. It's more to see what's still there AFTER you run the relevant removal programs.Lil306: I've got Malwarebyes on here and posted a log (post 11) and a HijackThis log (post 13).
Your HijackThis log looks OK, and so does the MalwareBytes, that's why I was interested to see what they look like after a secondary scan.
Whenever you clean off files and think it's working it's best to run a second scan to see if anything else picked up.
BTW, the file was infecting your system restore service, so ideally you need to do this in safe mode.....Owner of andrewhope.co.uk, hate cars and love them
Working towards DFD
HSBC Credit Card - £2700 / £7500
AA Loans - (cleared £9700)0 -
Please run COMBOFIX
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Shut down your anti virus
Follow the simple instructions it gives
Post the COMPLETE log it creates here (Split into sections if need be)
If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download:idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.3K Banking & Borrowing
- 253.7K Reduce Debt & Boost Income
- 454.4K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601.1K Mortgages, Homes & Bills
- 177.6K Life & Family
- 259.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards