Posts by PhilliePhan

I like external hard drive + DVD backup for stuff I really want to save. Both my brother and a friend have had external hard drives get dropped on the floor and stop working - in my friend's case, he had to have the data recovered by a shop that specialized in such matters. Ugh.
It is pretty darn easy to build images of large numbers of files and burn them to DVD that way.

PP :)

Just wanted to add my $.02...

My solution is to build an .ISO (image) of the files I want to transfer and then burn the ISO to DVD.
You can use the freeware ImgBurn to both build the ISO and burn it.
Works great.

PP :)

MalwareBytes Anti-Malware is NOT an anti-virus program! Rather, it is designed to be used in concert with a resident AV such as Avira or Kaspersky and the like.

I would suggest ruling the touchpad out 100% by disabling it in Windows:
http://www.pcworld.com/article/204693/Disable_Your_Laptops_Touchpad_While_You_Type_Windows_7_Edition.html

Give that a go and let us know if the trouble persists.

Cheers :)
PP

I'm not sure what you are getting at.

Locate.com searches using the 8.3 file names, but there are a ridiculous number of switches and macros you can use to weed out the stuff you don't want.

The OP could simply run Locate.com with no switches and get the output he desires. The /L switch would give the long file name. Better yet, locate /O:"&W" would provide a bare list in long name form.
I used it mainly with batch files to pinpoint files created during a certain time and then to filter that list. Great for malware hunting.

But I'm rambling. As far as wild card searches go, I've always been able to filter out the stuff I don't want either via the switches and macros or via a few extra commands.

I am not as up-to-date as I used to be, so I don't know if there is a better alternative to Locate.com floating around these days, but somehow I doubt it :) - at least not free....

Cheers :)
PP

Hey guys,

Sorry I missed this thread, but one of my favorite old freeware tools (Charles Dyes's Locate.com) ought to do the trick.
It is ridiculously useful!

Here's how to use it:
ftp://ftp.scientificlinux.org/linux/fermi/obsolete/90rolling/i386/misc/superduperrescue/fermi/FREEDOS/FDOS/DOC/LOCATE/LOCATE.TXT

Finding it for download may be a bit harder - If all else fails, I can provide a copy.

Cheers :)
PP

Hi jaydee2,

Give AVG Remover a try to see if that does the trick.

Best Luck :)
PP

As far as I know, Softpedia offers only the service pack (SP3) for download and not a free version of Windows.

PP:)

Just to add:
If you believe her machine is infected with malware, then you should not start with service pack(s) - You need to make sure the machine is free of malware before installing the service packs.

--- You could try to run some of the tools in the* Read Me* Sticky and post the scanlogs, but we really don't have a lot of qualified volunteers to read the logs any more.

Cheers :)
PP

Thanks again for all your help! :-)

Happy to try to help! :)
I definitely prefer Firefox / Opera / Chrome or any other alternative browser to IE. I like Firefox the best as far as being able to customize it with a million add-ons.

Unfortunately, switching browsers is not really a solution to the problem.
Let me know if IE keeps opening on its own or if Firefox starts exhibiting this behavior.

-- Did you get any error message when uninstalling combofix?

PP :)

Hi Claudia,

I do not see anything there that could be responsible for your IE issues.
-- Please follow the steps in the linky below to remove combofix from your machine:
Uninstall Combofix
Let me know if you have any trouble with this since you did not run combofix from the Desktop.

Have you tried any of my other suggestions? If not, give these a go:
Reset IE as per the linky and see if that helps. I suggest doing this manually as per the link rather than downloading the automated fix.

If that fails, Install Firefox and make sure it is set as your default browser and then let me know if IE still opens on its own or whether Firefox now opens on its own.

Cheers :)
PP

Semantics.

No. Not at all.
But, if that's your interpretation, so be it.

It can be used to enable/disable programs to start automatically.

Yeah. That's called diagnostic startup for a reason. :)

Meh. It's not worth arguing about.
My friend chaslang sums it up pretty well here Dealing with Startup Processes.

Cheers :)
PP

Msconfig is a diagnostic tool and not a "startup manager."

You should try something such as CodeStuff's Starter to manage your unwanted startups.

Cheers :)
PP

However while searching through my programs I discovered that I have two Internet Explorer icons on under Computer\Local Disk(C:)\Program Files and the other under Computer\Local Disk (C:)\Program Files (x86).

That is normal for your computer (64-bit Win7). No worries there.

Also recently my HP Connection Manager has been given me an error message when it tries to launch. I Not really sure what the program does but perhaps this is causing an issue or has been comprised.

I do not know - I do not think it is part of the problem. What is the error message?

when it hit up against a file during the scan that caused Iexplorer to launch it didn't complete the scan
Did you see what file that was? That would help if we could pin it down.

Let's also go ahead and run combofix and see what shakes out.
Please follow the steps in this linky very carefully and run combofix as it directs.
Please post the resulting log for me and we'll work from there. Let me know if you run into any problems along the way.

PP:)

Hi Claudia,

The log doesn't show any obvious culprit. If a separate program is launching IE, it is not showing.
I doubt it is malware, but let's try one more scan:
Please run the ESET Online Scanner and post the scanlog for me.

If that comes back completely clean, you can try a couple more things:
-- Reset IE as per the linky and see if that stops the problem. I suggest using doing this manually as per the linky rather than downloading the automated fix.
-- If that fails, please Install Firefox and be sure to set Firefox as your Default Browser.
Then, let me know if IE still opens by itself (or, if Firefox opens by itself) and we'll go from there.

Cheers :)
PP

Have i got a virus or not?

No. Not a virus.

Your keyboard "cleaning" probably resulted in a few stuck keys including the "Win" key that triggers other shortcuts or "Hotkeys."
Hotkey List

You can verify this by trying a different keyboard.

Cheers :)
PP

If that is the case, then it must be a setting or support issue with CD-Text. This means one of two culprits: Burning program or Optical drive.
If you are using all of the same programs and settings, it could very well be the drive. Perhaps the firmware needs to be updated or a setting needs to be changed. You ought to be able to ID your drive model and manufacturer and look up whether the drive supports CD-Text.

I am really not too familiar with CD-Text, but this sounds like something you might be able to pin down through trial and error.
Sorry I can't be more help :)

PP

Thank you so much in advance for helping me out and getting this resolved. I really appreciate it.

Hi Claudia,

Happy to try to help :)

Those scanlogs look clean to me.
Let's see if we can isolate what is launching Internet Explorer.

Please download Process Explorer from the linky below.
http://download.sysinternals.com/files/ProcessExplorer.zip

-- Extract the Process Explorer Folder from the ZIP and onto the Desktop.
-- Open the foder and run Procexp.exe.

Just leave PE open and running until Internet Explorer launches on its own. Once IE opens, you should be able to see it reflected in the Process Explorer window. If you were to launch IE yourself in the usual manner, it will be located in the tree under Explorer.exe (which is Windows Explorer).
If something else launches it, IE will be in that tree, under the program that launched it.

Anyhoo, once Internet Explorer launches on its own, please click the File tab in in the upper left of the Process Explorer window and select Save As and save the log to the desktop as PE Log 1 and please post that for me.

Let's see if that shows us what is launching IE.

Cheers :)
PP

Can you run the scans in the linky below and post the requested logs?

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865/read-me-before-posting-a-request-for-assistance

We no longer have any regular volunteers in this section, but I'll have a look as time permits.
Ideally, I'd just like to see an updated MBAM scanlog along with the DDS scanlog. If you can post the error messages you mentioned as well, that might help too.

-- Also, you should probably ditch ARO 2012. Registry cleaners are generally unnecessary and often do more harm than good. The other things it does can be done manually or with better, and free, tools.... Just my $.02 there.

Cheers :)
PP

Are you making "mp3" CDs? If you burn the mp3s to CD as "data," the tags should be fine.

If not, then the issue could be with CD Text not being supported somewhere along the line.....

PP:)

is there any way that I can do this?

That is not really feasible. A well-protected computer will shut that down before it has a chance to run.
Since there has been so much malware over the years that propagated via flash drive and autorun, security measures today commonly disable and actively block it.

Cheers :)
PP

I now have a usable keyboard. I used to have to hook up another keyboard to be able to type. Now I won't have to - thank you!!! ** :-) **

Thanks for the feedback, Karen.
Glad you finally got it sorted out! :)

Hi Glenn,

Welcome aboard!

PP:)

Hi Jenn,

Burning the ISO to CD is best rather than going the USB route.
Once you have the Ubuntu CD burned, pop it into the ill compy and fire it up. You ought to be able to boot the CD without having to adjust the BIOS.
Your compy should give you the choice to boot from optical drive (or it may go ahead and boot Ubuntu automatically).
Anyhoo, select the option to Try Ubuntu without any change to your computer - We do not want to install Ubuntu.

Then, click the Places tab and navigate to the files you want to copy and you should be able to Copy&Paste or Drag&Drop them to your external hard drive.

Let me know if you have any problems. Once you get your files copied, we can have a whack at cleaning the machine.

Cheers :)
PP

Hi Nanci,

What did the log say after you ran the System Readiness Tool?
-- C:\Logs\CBS

If that doesn't give you a lead on why the fix failed, I'd just go ahead with the Recovery Partition option - a repair install may not fix the issue and, since you've backed up the customer's data, you may as well save more headaches and just go with the destructive recovery.

Just my $.02

Cheers :)
PP

System Restore is not a viable option at this point given that the machine hangs on boot - That's why I wanted to use the Ubuntu boot CD to gain access.
But, you are on the right track as it is likely a corrupted registry causing the problem.

Frankly, in cases such as this, utilizing the recovery partition or OS disk to reinstall OS is fastest/easiest way to proceed. Jenn can use the Ubunto CD to transfer all the data she wants to save to her external HD before reinstalling windows.
If she comes back, I'll be happy to talk her through it :)

PP

Hi Jenn,

There's still plenty we can do - depends which way you want to go. Lately, I prefer reformat with rootkitted malware. It's faster and a complete fix.
But, that's not always feasible these days.

Let's try a few things first. At the very least, we can get all of your important data transferred to external hard drive before we try any sort of destructive recovery.

---- Do you have a Windows OS disk?

---- On a working compy, please go here and download Ubunto Desktop -->
http://www.ubuntu.com/download/desktop

Download the 32-bit .iso file and burn it to CD as per the steps here (if you don't already have a preferred method for burning .iso) -->
http://www.ubuntu.com/download/help/burn-a-cd-on-windows

We can go from there. Let me know how the above goes.

I'll be around off and on over the weekend. I am not as active these days in the forum, but I'll keep an eye on this thread.

Cheers :)
PP

Hi Jenn,

-- What is your OS? 7/XP/Vista? 64 or 32 bit?

**Give Malwarebytes another try and see if it runs. **
-- If not, we'll have to go ahead and reboot your machine and then try MBAM again.
-- If that fails, reboot to Safe Mode by tapping F8 on reboot and try to run MBAM in safe mode.

Let me know how you fare with the above. If MBAM does run, please post the scanlog for me. If no, then we'll take another tack.

Also, do you have another computer you can use to burn a CD?
Let me know.

Best Luck :)
PP

Welcome and congratulations to all! :)

Wow, THANK you. That actually worked (I followed the steps in the link you included). I just wondered, do I have to go through those same steps each time I update to a new version of FF (I assume it constitutes wiping the slate clean in order for the new FF)? And I suppose there's a way of importing those renamed profile settings (of the old FF) into the new version?
Thanks again!

You're welcome. Happy to help :)

Now that you have done a clean re-install of Firefox, you may not have the same issues when trying to update in the future.
Because Firefox is a fluid and ever-changing animal, I really don't know how dealing with and importing profiles is going to ultimately shake out.
You are probably going to have to redo all your extensions and plugins manually rather than trying to import the old ones. I'd recommend starting fresh simply because there obviously are some issues with the existing profile.....

Have a look at this page:
http://kb.mozillazine.org/Profile_manager
There are some interesting links at the bottom of that page as well.

It is possible to use multiple profiles to help diagnose problems, if you want to take the time to do that, but again, you may not have these issues again with the clean install.

If you do end up having further problems, post back here and we'll see if we can sort it out.

…

was wondering where she went ,Daniweb couldn't afford to loose her [the giant slide down].i don't know any details ,but am sure sorry to here she left

I am sorry she felt she needed to leave as well - she was a great contributor here.
She is still active at a number of other forums, though. Our loss is their gain, I suppose.

PP:)

How can one successfully get past the "Checking Your Add-ons" stage of the update process?

It sounds to me as though you need to "completely remove" Firefox before trying to reinstall it. This goes beyond simply uninstalling it - you need to remove all your profile data/settings/add ons.
-- You may be given the option to "Remove my Firefox personal data and customizations" at uninstall ( I can't remember ) and this should work. Or, you may simply be able to create a fresh user profile.

Personally, I suggest full removal procedure linked below:
http://kb.mozillazine.org/Uninstalling_firefox#Removing_user_profile_data

Then, you ought to be able to re-install with no problems.

Cheers :)
PP

Got to agree. Education is everything. I've never had a virus that wasn't down to me being foolish.

Yup - the majority of today's worst malware seems to be stuff people allow onto their computer willingly.

And by "willingly" I don't necessarily mean "knowingly." Infected and fake codecs have always been a big source. Plus those Rogue anti-malware apps that trick people into downloading them to "fix" nonexistent issues.

The biggest infector these days is likely P2P. P2P is great conduit for the spread of many of the worst offenders such as sirefef and it's ilk.

PP:)

Nothing detects everything! The best you can do is to practice safe computing and keep your AV and Anti-malware products' definitions up to date.
Don't confuse viruses with malware such as trojans. These days, you need a good AV, a good Firewall, and a good anti-malware tools such as Malwarebytes.

If Judy hadn't been chased away, I'm sure she'd be recommending Avira free anti-virus. If you look at independent studies, it ranks higher than many of those products mentioned earlier in this thread.

Cheers :)
PP

If you were able to upgrade and get the data off to a pc, then swapping may well work. Didnt know that, thanks :) (im more of an xbox guy)

That was my thinking.

Interestingly, Sony details the hard drive replacement procedure in the actual PS3 owner's manual. Nothing to it, really.
I upgraded a couple machines to 320GB drives with no issues at all....

PP:)

No you cant, not if the PS3 drives are like the Xbox ones.

Xbox ones have some sort of hardware-level encryption, and the hdd and disk drive are paired, you have to crack them to read it with a PC or upgrade them.

You may be right, James.

But, I would go ahead and try my option 2 and swap out the old drive into the working PS3. I have replaced hard drives in PS3s before (upgrade to larger drive), but I've never actually tried swapping them. I pulled the data off before upgrading and then copied it back. I know that works....

PP:)

How can i move the data from the old machine to the new machines hard drive?

Pull out the old PS3 hard drive. It's essentially a laptop drive.

Then you have a number of options for transferring data. You could put it in an enclosure and connect it to PC and transfer the data that way - use flash drive to put on working PS3.

Or, you could put the old drive in the working PS3 and use flash drives to transfer saved data to PC. You can skip the PC step if there isn't a lot of data to transfer. Then, swap out the drives again and transfer the files from PC to new hard drive.

Cheers :)
PP

Happy to hear you got it sorted out! :)

Is this possible? I really appreciate any help, suggestions, etc

You could probably put together a batch to do the job, but it seems to me that this method of using System Restore to undo unwanted installations will cause you more problems than anything else.
You'd be far better off imaging/reimaging individual drives as needed rather than continuous system restore.....

Just my $.02

Cheers :)
PP

Anyway, I guess my real question is, how legal is all of this movie torrent stuff? Maybe I shouldn't even be trying to download (upload?) movies.

It is not legal and in violation of our forum rules to discuss/aid/abet copyright infringement and piracy. Sorry :)

I would suggest staying away from torrents for the simple reason that it is one of the easiest and most effective ways to get your computer infected with malware. Think about how torrents work and to what you are exposing your computer.....

PP:)

Thank you very much, it worked! You made my day

You're welcome :)

It doesn't seem to affect anything but what should I do to get rid of this?

You could try uninstalling/reinstalling your printer and its driver/associated software.
Did you mess with your printer setup lately to cause this error?

Cheers :)
PP

However, afd.sys is still missing - you'll need to copy it in there as you did with netbt.sys. Same directory.

Likewise for ipsec.sys - it, too, is missing and I forgot to add it to the list. 'Course, you may have noticed that already :)

PP

Thanks for you help and patience on this one, i dont have the reinstall disks or i would have wiped it already i think, thanks for your help so far.

Happy to help.

Yeah - that is generally the case regarding reformat. These day I have my machine mirrored on three different hard drives - you never know when you'll need it, right?

-- Generally, clean copies of files can be found on an infected machine - most of the time.

It doesn't look to me that there is the typical registry damage on this machine.
However, afd.sys is still missing - you'll need to copy it in there as you did with netbt.sys. Same directory.

The reason I didn't include it was that combofix said it restored it. Apparently not.

Anyhoo, try that and reboot and restart DHCP if needed and see if that helps and we'll go from there.

I'll try to check back tonight EST, but it may be Tuesday.

Cheers :)
PP

Hi bpcomprp,

Sorry for the late reply.
Judy asked me to have a look at this thread a few days ago and I'm only now getting the time.

If you haven't fixed this already, please try the following:

-- Please download the attached FixNetBT.txt
Download the text file and transfer it to the desktop of the ill machine.
- RENAME the text file to FixNetBT.reg and leave it there for now.

-- Please download and run Farbar Service Scanner
- Check ALL the boxes and hit scan. It should produce a log. Rename the log to FSS ONE.txt and please post the FSS ONE.txt for me.

THEN:
Click START > CONTROL PANEL > PERFORMANCE & MAINTAINANCE > ADMINISTRATIVE TOOLS > SERVICES
- RightClick DHCP Client and select STOP
- Navigate to C:\Windows\System32\Drivers and DELETE NetBT.sys (if it remains).
- Then go to C:\Windows\servicepackfiles\i386 and locate NetBT.sys.
Copy and Paste NetBT.sys from servicepackfiles\i386 into the C:\Windows\System32\Drivers Folder.
- Then, go back to Services and RightClick DHCP Client and select START

NEXT:
On the ill machine, DoubleClick the FixNetBT.reg you placed on the desktop and allow it to merge into the registry.

REBOOT the ill compy and see if that fixes the connection.

If that fails to work, please Run Farbar Service Scanner again and post the FSS TWO.txt for me and we'll go from there.

Let me know if …

Thank you so much for replying, here are the logs...

Happy to help - sorry for the late reply.

You still have some malware showing in the logs. Probably due to P2P - gotta be careful there.

Let's do this:
Please follow the steps in the link below to run combofix. Be sure to run it exactly as the steps in the link instruct you to.
Once combofix finishes, please post the resulting log and we'll go from there:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Let me know if you have any trouble - I'll try to check back tonight, EST.

PP:)

I would greatly appreciate it if anyone could help me fix this?

Please follow the steps in the linky below and post the results so that one of our volunteers can take a look at what is going on with your machine:

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865

Cheers :)
PP

I brought an older system tower home from work so that I could wipe the drive and reinstall windows XP. I have reformatted the drive and when windows goes to log in for it's first use, it comes up with "This copy of Windows must be activated with Microsoft before you can log in". I can't get beyond that, because I need to install drivers to make the network card work, so I'm stuck in a loop. I am using a OEM copy that was origionally used and I am using the same license key as well. I've tried reformatting the drive by using debug and fdisk. I even managed to boot to safe mode and used sysprep to try and reset the activation. It won't let me do that either. I am at a loss on this one. I think that there might be some firmware on the motherboard that has a "memory".
Anyone have any ideas???
Thanks.

You could call M$ and activate by phone?
http://support.microsoft.com/kb/307890

What about downloading the necessary drivers to flash drive and transferring them to other computer and installing them?

PP:)

Frankly, you can go to a place such as Microcenter and tell them what you need as far as performance from the computer and then they'll take you part by part through the store picking out the various components. Heck, they'll even build it for you....
That is the way to get the most bang for the buck!

PP:)