We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Despeately need help - Locked out
Comments
-
none of the solutions suggested will lose all existing data!!
> . !!!! ----> .0 -
So the option suggested by HappyMJ of reinstalling the OS from scratch won't cause a loss of existing data?none of the solutions suggested will lose all existing dataUndersteer is when you hit a wall with the front of your car
Oversteer is when you hit a wall with the back of your car
Horsepower is how fast your car hits the wall
Torque is how far your car sends the wall across the field once you've hit it0 -
Well perseverence pays off.
I just kept guessing passwords for a while and gave up.
Then I hit control/delete which took me to another sign on screen which enabled me to sign in under a different name (ME) and NO password and it worked.
Funny thing then happened.
I reset the machine to NON sign in and rebooted and that was perfect. I then ran Malwarebytes which found a few infections, closed down to clean them out and when it rebooted, I had the original problem back.
Damn thing is still running like a slug. but at least it works."Unhappiness is not knowing what we want, and killing ourselves to get it."Post Count: 4,111 Thanked 3,111 Times in 1,111 Posts (Actual figures as they once were))Women and cats will do as they please, and men and dogs should relax and get used to the idea.0 -
We can see if there's any more cleaning up to do and try and get it up to speed.I then ran Malwarebytes which found a few infections...
...Damn thing is still running like a slug.
Post the contents of the mbam log and/or a DDS log - should take 2-3 minutes.
Download DDS from the link below and save it to your desktop:
Link
After you've downloaded it and saved it to your desktop:- Double click DDS to run it.
- Click Start
- When it's finished, DDS will open two logs:
- DDS.txt
- Attach.txt
Copy & paste the contents of just DDS.txt for now and post it here (you may need to split the log over separate posts)0 -
Ok. Heres the first bit.
DS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Rose at 14:49:24 on 2013-05-20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.32 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://uk-mg5.mail.yahoo.com/neo/launch
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\advanced systemcare 6\browerprotect\ASCPlugin_Protection.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1319820791468
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1319820885343
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{A9563CCF-4437-43A9-A07A-6F061FA9CD02} : DHCPNameServer = 192.168.1.254
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rose\application data\mozilla\firefox\profiles\bfe0b6fx.default-1368873333625\
FF - prefs.js: browser.startup.homepage - hxxp://uk-mg5.mail.yahoo.com/neo/launch?.rand=dhkpt7t4rlcof
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
FF - ExtSQL: 2013-05-17 21:01; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
FF - ExtSQL: 2013-05-19 11:00; ascsurfingprotection@iobit.com; c:\documents and settings\rose\application data\mozilla\firefox\profiles\bfe0b6fx.default-1368873333625\extensions\ascsurfingprotection@iobit.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-5-17 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-5-17 174664]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2013-2-3 14776]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2011-10-29 23192]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-5-17 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-5-17 368944]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-5-17 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-5-17 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-5-17 46808]
S3 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare 6\ASCService.exe [2013-2-3 574272]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\drivers\dc3d.sys [2013-2-3 45288]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-5-17 22856]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2012-3-1 13464]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S4 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-5-17 418376]
S4 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-5-17 701512]
S4 PEVSystemStart;PEVSystemStart;c:\combofix\pev.3XE [2011-6-26 256000]
S4 sprtsvc_O2DA;SupportSoft Sprocket Service (O2DA);c:\program files\o2 assistant\bin\sprtsvc.exe [2011-9-15 206120]
S4 tgsrvc_O2DA;SupportSoft Repair Service (O2DA);c:\program files\o2 assistant\bin\tgsrvc.exe [2011-9-15 185640]
."Unhappiness is not knowing what we want, and killing ourselves to get it."Post Count: 4,111 Thanked 3,111 Times in 1,111 Posts (Actual figures as they once were))Women and cats will do as they please, and men and dogs should relax and get used to the idea.0 -
And here's the rest
EDIT: Just noticed - I didn't save DDS to the desktop. Should I do that and run it again?
=============== Created Last 30 ================
.
2013-05-19 16:37:36
d
w- c:\program files\Hotspots
2013-05-19 09:00:15
d
w- c:\documents and settings\all users\application data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-05-19 08:28:46
d-sha-r- C:\cmdcons
2013-05-19 08:26:14 98816 ----a-w- c:\windows\sed.exe
2013-05-19 08:26:14 256000 ----a-w- c:\windows\PEV.exe
2013-05-19 08:26:14 208896 ----a-w- c:\windows\MBR.exe
2013-05-19 08:26:06
d-s---w- C:\ComboFix
2013-05-18 12:53:11
d
w- c:\documents and settings\rose\local settings\application data\PC_Drivers_Headquarters
2013-05-18 10:44:47 266360 ----a-w- c:\windows\system32\TweakUI.exe
2013-05-18 10:01:28
d
w- c:\documents and settings\rose\application data\GlarySoft
2013-05-17 22:24:47
d
w- c:\program files\Spybot - Search & Destroy
2013-05-17 22:24:47
d
w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2013-05-17 22:22:37
d
w- c:\program files\Moo0
2013-05-17 20:56:39
d
w- c:\documents and settings\rose\application data\Malwarebytes
2013-05-17 20:55:09
d
w- c:\documents and settings\all users\application data\Malwarebytes
2013-05-17 20:54:55 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-17 20:54:43
d
w- c:\program files\Malwarebytes' Anti-Malware
2013-05-17 20:20:31
d
w- c:\documents and settings\rose\application data\SUPERAntiSpyware.com
2013-05-17 20:18:20
d
w- c:\program files\SUPERAntiSpyware
2013-05-17 20:18:19
d
w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2013-05-17 20:02:30
d
w- c:\documents and settings\rose\local settings\application data\Google
2013-05-17 20:02:12 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-17 20:02:11 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-17 20:02:11 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-17 20:02:08 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-17 20:00:36 41664 ----a-w- c:\windows\avastSS.scr
2013-05-17 19:59:25
d
w- c:\program files\AVAST Software
2013-05-17 19:58:27
d
w- c:\documents and settings\all users\application data\AVAST Software
2013-05-17 19:53:05
d
w- c:\documents and settings\rose\application data\MSNInstaller
2013-05-17 19:43:27
d
w- c:\program files\CCleaner
2013-05-17 19:21:03 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-17 19:11:14
d
w- c:\documents and settings\rose\local settings\application data\Mozilla
2013-05-17 19:11:01
d
w- c:\program files\Mozilla Maintenance Service
2013-05-17 18:04:44
d
w- c:\program files\O2 Assistant
2013-05-17 18:04:04
d
w- c:\program files\O2
2013-05-17 18:01:13
d
w- c:\documents and settings\rose\local settings\application data\SupportSoft
2013-05-17 18:01:07
d
w- c:\program files\common files\SupportSoft
2013-05-10 13:53:02
d
w- c:\program files\Glary Utilities
2013-05-10 13:03:23
d
w- c:\documents and settings\rose\local settings\application data\WMTools Downloaded Files
2013-05-10 12:10:11 3840 ----a-w- c:\windows\system32\drivers\BANTExt.sys
2013-05-10 12:10:11
d
w- c:\program files\Belarc
2013-05-10 11:47:58 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2013-05-10 11:47:58 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2013-05-01 18:51:18 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
==================== Find3M ====================
.
2013-05-18 18:36:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-17 22:29:24 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-04-16 22:17:15 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17:14 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17:14 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28:55 385024 ----a-w- c:\windows\system32\html.iec
2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:28:24 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50:28 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll
.
============= FINISH: 14:51:19.95 ==============="Unhappiness is not knowing what we want, and killing ourselves to get it."Post Count: 4,111 Thanked 3,111 Times in 1,111 Posts (Actual figures as they once were))Women and cats will do as they please, and men and dogs should relax and get used to the idea.0 -
You'd need to upgrade the RAM to get any real improvement - 512mb isn't enough really.
To free up some resources I'd uninstall all these - they all have unnecessary services/drivers running.
Advanced SystemCare
Smart Defrag
SuperAntispyware
Spybot - Search & Destroy
You probably don't need o2 assistant
Do you need Windows Remote Management service running (I doubt it)? Stop it using services.msc if not.
Disable CTFMON as follows:- Click Start > Control Panel
- Double-click Regional and Language Options.
- Click the Lanuages tab
- Click Details...
- Click the Advanced tab
- Under System Configuration, check the Turn off advanced text services box
- Click Apply > OK
- Click Apply > OK
Uninstall mbam using mbam-clean and then reinstall but uncheck the free trial at the end.
http://helpdesk.malwarebytes.org/entries/20818461-Use-mbam-clean-exe-to-completely-remove-Malwarebytes-Anti-Malware
http://forums.malwarebytes.org/uploads/monthly_07_2012/post-17127-0-24875500-1342789951.jpg
Did combofix detect anything? the log should be at C:\combofix.txt0 -
Ok. Doing those things. I'll be back soon but I cannot find how to get rid of 'o2 assistant'
'My o2' is listed in the add/remove of cCleaner but I'm concerned that this will be my Login/Modem settings Etc Is it?
I also prefer to keep SuperAntiSpyware as it does get rid of a lot of cookies Etc that these sites like to dump on the PC, and they really slow down this system.
BUT, I have set it to manual only so hopefully it wont be in the background.
I will remove it if you feel it would make a big difference, but I have now removed all else (Bar the o2 thingy) and I am now waiting for MBAM to finish. I'll then post that log.
I am unable to locate the ComboFix.Txt file but I'm pretty sure it did remove a thing or two.
There is a ComboFix folder that when clicked on takes me to 'My Computer' - Strange."Unhappiness is not knowing what we want, and killing ourselves to get it."Post Count: 4,111 Thanked 3,111 Times in 1,111 Posts (Actual figures as they once were))Women and cats will do as they please, and men and dogs should relax and get used to the idea.0 -
cookies don't slow things down, they can be removed with ccleaner or changing browser settings without adding bloat.!!
> . !!!! ----> .0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.1K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards