System Restore

TakeThis

If you didn't set a password, then you don't have to enter one. If it insists, try Administrator. Hungry.

danthemoneysavingman

Hi, as no-ones suggested it yet - can you run HijackThis and post the log here? Also, how much RAM does your 'puter have?
thnx

katies_mum

Hi have run HijackThis and before it started it say - from some reason system denied write access to the host file - if any hijacked domains are in theis file hijack may not be able to fix this.

I have run it and got a big list, pressed analyze this

katies_mum

sorry didnt finish

but it doesn`t seem to have done anything and its stuck so not sure what to do now..sorry to be a pain.

TakeThis

So, where are we now?

For the Hijack This log, download both the Installer and the Executable. Install the Installer and right click on the executable and choose 'Run As Administrator'.
Use the Quick Start Guide ...to guide you. HijackThis.

katies_mum

Hi
It won`t work, I can`t open it or get it to work..got the error message the same as post 24. Maybe I should just get rid of everything and start again? then things might run properly. I can`t believe how rubbish this desktop is lately... Don`t suppose I`ve got much to loose apart from the time to get everything I need re-installed. Any suggestions to try anything else first?

Hope you had a nice meal.

TakeThis

Perhaps check for Rootkits using Avast's aswMBR and Kaspersky's Anti-rootkit utility TDSSKiller.
If nothing is found then perhaps the Factory Restore is the way forward.

katies_mum

I`m going to do that now, thank you. (sorry didn`t gt back to you yesterday). I`ll let you know.

katies_mum

Have done them both - the Anti-rootkit untility said 0 threats and 0 for the other two checks but I could work out how to save or print it.

The Rootkits before:

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-22 09:42:33

---

09:42:33.110 OS Version: Windows x64 6.1.7600
09:42:33.110 Number of processors: 4 586 0x2505
09:42:33.112 ComputerName: HELEN-HP UserName: Helen
09:42:38.236 Initialize success
09:42:38.411 AVAST engine defs: 12012101
09:42:46.471 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:42:46.473 Disk 0 Vendor: ST375052 HP35 Size: 715404MB BusType: 3
09:42:46.484 Disk 0 MBR read successfully
09:42:46.486 Disk 0 MBR scan
09:42:46.489 Disk 0 unknown MBR code
09:42:46.493 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:42:46.496 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 702339 MB offset 206848
09:42:46.519 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12963 MB offset 1438597120
09:42:46.522 Service scanning
09:42:48.111 Modules scanning
09:42:48.115 Disk 0 trace - called modules:
09:42:48.122 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
09:42:48.126 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004965060]
09:42:48.131 3 CLASSPNP.SYS[fffff88001a2a43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004637050]
09:42:49.532 AVAST engine scan C:\Windows
09:42:51.030 AVAST engine scan C:\Windows\system32
09:43:46.946 AVAST engine scan C:\Windows\system32\drivers
09:43:53.275 AVAST engine scan C:\Users\Helen
09:45:31.489 Disk 0 MBR has been saved successfully to "C:\Users\Helen\Documents\MBR.dat"
09:45:31.494 The log file has been saved successfully to "C:\Users\Helen\Documents\aswMBR.txt"

After the scan

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-22 09:51:05

---

09:51:05.574 OS Version: Windows x64 6.1.7600
09:51:05.574 Number of processors: 4 586 0x2505
09:51:05.575 ComputerName: HELEN-HP UserName: Helen
09:51:08.966 Initialize success
09:51:09.035 AVAST engine defs: 12012101
09:51:59.506 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:51:59.507 Disk 0 Vendor: ST375052 HP35 Size: 715404MB BusType: 3
09:51:59.544 Disk 0 MBR read successfully
09:51:59.547 Disk 0 MBR scan
09:51:59.549 Disk 0 Windows 7 default MBR code
09:51:59.571 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:51:59.580 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 702339 MB offset 206848
09:51:59.605 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12963 MB offset 1438597120
09:51:59.619 Service scanning
09:52:00.613 Modules scanning
09:52:00.618 Disk 0 trace - called modules:
09:52:00.640 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
09:52:00.643 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004965060]
09:52:00.647 3 CLASSPNP.SYS[fffff88001a2a43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004637050]
09:52:04.558 AVAST engine scan C:\Windows
09:52:30.285 AVAST engine scan C:\Windows\system32
09:53:29.952 AVAST engine scan C:\Windows\system32\drivers
09:53:36.704 AVAST engine scan C:\Users\Helen
10:01:57.509 AVAST engine scan C:\ProgramData
10:02:56.538 Scan finished successfully
10:05:50.028 Disk 0 MBR has been saved successfully to "C:\Users\Helen\Documents\MBR.dat"
10:05:50.032 The log file has been saved successfully to "C:\Users\Helen\Documents\aswMBR (2).txt"

Hope this makes sense. Thank you

TakeThis

Still no joy with Hijack This?

Slightly concerned that the Repair Install may affect some of HP's settings, so perhaps best to go for the full Factory Restore and the immediate download and installation of all of the Microsoft Update.

No need to install the Google software that is bundled with Avast. Which Antivirus solution is supplied with the HP?