Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

My Screen gets into black!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: My Screen gets into black!

Unread postby x4xp » March 8th, 2010, 1:05 pm

Hi,

I formatted my laptop, then downloaded BitDefender Total Security 2010 and scanned my external hardisk which has theree partations. It founded thousands of threaded files and showed a log file at the end saying that it cleaned them. Sality was among them an the action was that it disinfected all the files infected by Sality virus. I am not sure if what the software claiming is true. but I have heard that it is the best anitivirus for 2010.

I did what you have asked me after scanning my external hardisk using Bidefender and here is the content of the log file

USBNoRisk 2.5 (26 July 2009) by bobby

Started at 3/8/2010 8:56:29 PM

Searching for connected USB Mass storage...
----------------------------------------
========================================

Searching for other storage...
----------------------------------------
C: {61850900-2a20-11df-86d2-806d6172696f}
========================================


Scanning fixed storage...
----------------------------------------

No blocked files found on C:
No Autorun.inf files found on C:
No mountpoint found for C:
No mountpoint found for 61850900-2a20-11df-86d2-806d6172696f
No Desktop.ini files found on C:
----------------------------------------

========================================
Initial scan finished!
========================================


New device connected at 3/8/2010 8:56:41 PM

Scanning for connected USB mass storage...
----------------------------------------
E: {d423d360-2a8e-11df-86da-001ee5de65d1}
Added E:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on E:
----------------------------------------
No Autorun.inf files found on E:
No mountpoint found for E:
Sanitized mountpoint for d423d360-2a8e-11df-86da-001ee5de65d1
----------------------------------------

No Desktop.ini files found on E:
----------------------------------------

No mimics found on drive E:
========================================



New device connected at 3/8/2010 8:56:57 PM

Scanning for connected USB mass storage...
----------------------------------------
F: {d423d361-2a8e-11df-86da-001ee5de65d1}
Added F:
========================================

Scanning USB mass storage for files...
----------------------------------------


New device connected at 3/8/2010 8:57:19 PM

Scanning for connected USB mass storage...
----------------------------------------
G: {d423d362-2a8e-11df-86da-001ee5de65d1}
Added G:
========================================

Scanning USB mass storage for files...
----------------------------------------
No blocked files found on G:
----------------------------------------
No Autorun.inf files found on G:
No mountpoint found for G:
Sanitized mountpoint for d423d362-2a8e-11df-86da-001ee5de65d1
----------------------------------------

No Desktop.ini files found on G:
----------------------------------------

No mimics found on drive G:
========================================

No blocked files found on F:
----------------------------------------
No Autorun.inf files found on G:
No mountpoint found for G:
No mountpoint found for d423d362-2a8e-11df-86da-001ee5de65d1
----------------------------------------

No Desktop.ini files found on G:
----------------------------------------

No mimics found on drive G:
========================================
x4xp
Regular Member
 
Posts: 34
Joined: October 21st, 2009, 3:18 pm
Advertisement
Register to Remove

Re: My Screen gets into black!

Unread postby jmw3 » March 8th, 2010, 7:26 pm

Hello x4xp

OK, the USBNoRisk log is fine. My concern here is that you say Bitdefender found Sality on your external hard drive. Personally that in itself would be good enough for me to format that as well... even with BitDefender claiming to have disinfected it. I don't know how much data you have on it, but I would strongly recommend a format of that external hard drive. I think at the very least you should be deleting all .exe & .scr files from it. As far as I know Sality only infects those types of files.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: My Screen gets into black!

Unread postby x4xp » March 9th, 2010, 11:39 am

Ok, I think I would do that later coz the hardisk size is above 300 GB. Is everything done now? I have connected my external hardisk to my laptop after formatting and BitDefender cleaned the infected files. Should I check my laptop again if everything is fine or that's it? I have not moved any file from my external hardisk to PC
x4xp
Regular Member
 
Posts: 34
Joined: October 21st, 2009, 3:18 pm

Re: My Screen gets into black!

Unread postby jmw3 » March 9th, 2010, 9:46 pm

Hello x4xp

That's about it I think. Run DDS again:
Link 1
Link 2

& post the logs so we can check all is OK. Also let me know of any problems.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: My Screen gets into black!

Unread postby x4xp » March 11th, 2010, 3:44 am

Hi,

DDS log:

DDS (Ver_09-12-01.01) - NTFSx86
Run by Job_Seaker at 11:38:59.56 on Thu 03/11/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1023.596 [GMT 4:00]

AV: BitDefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\tme3srv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe
C:\Program Files\Toshiba\Toshiba Applet\DockMsgFrom.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Linksys\WUSB100\WUSB100.exe
C:\Program Files\Propel Accelerator\PropelAC.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Job_Seaker\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.com/
uInternet Settings,ProxyServer = https=localhost:8080;ftp=localhost:8080;gopher=localhost:8080
uInternet Settings,ProxyOverride = <local>
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Accelerator Plugin: {656ec4b7-072b-4698-b504-2a414c1f0037} - c:\progra~1\propel~1\PRPL_I~1.DLL
BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - c:\program files\google\chrome frame\application\5.0.342.0\npchrome_frame.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2010\IEToolbar.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [TPSMain] TPSMain.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [TFncKy] TFncKy.exe
mRun: [TMEPROP] c:\program files\toshiba\toshiba applet\TMEPROP.exe -S
mRun: [DockMsgFrom] c:\program files\toshiba\toshiba applet\DockMsgFrom.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [SSC_UserPrompt] c:\program files\common files\symantec shared\security center\UsrPrmpt.exe
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2010\IEShow.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2010\bdagent.exe"
mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe /boot
mRun: [Propel Accelerator] "c:\program files\propel accelerator\trayctl.exe" /STARTUPLAUNCH
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\linksys\wusb100\WUSB100.exe
IE: Allow pop-ups from this site - c:\program files\propel accelerator\pac-addwl.html
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: Refresh Pa&ge with Full Quality - c:\program files\propel accelerator\pac-page.html
IE: Refresh Pi&cture with Full Quality - c:\program files\propel accelerator\pac-image.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\npjpi150.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: c:\program files\propel accelerator\prplsf.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome frame\application\5.0.342.0\npchrome_frame.dll
Notify: AtiExtEvent - Ati2evxx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\job_se~1\applic~1\mozilla\firefox\profiles\dr7oewoe.default\
FF - component: c:\documents and settings\job_seaker\application data\idm\idmmzcc3\components\idmmzcc.dll
FF - component: c:\program files\bitdefender\bitdefender 2010\bdaphffext\components\bdaphff2.dll
FF - component: c:\program files\bitdefender\bitdefender 2010\bdaphffext\components\bdaphff3.6.dll
FF - component: c:\program files\bitdefender\bitdefender 2010\bdaphffext\components\bdaphff3.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJPI150.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R2 BDVEDISK;BDVEDISK;c:\program files\bitdefender\bitdefender 2010\bdvedisk.sys [2009-9-22 83208]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2009-12-7 153448]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2009-10-19 110984]
R3 rt2870;Linksys 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2007-7-28 517632]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-8 135664]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2009-10-19 183880]

=============== Created Last 30 ================

2010-03-08 22:05:07 0 d-----w- c:\program files\VideoLAN
2010-03-08 20:59:09 0 d-----w- c:\docume~1\job_se~1\applic~1\IDM
2010-03-08 20:59:09 0 d-----w- c:\docume~1\job_se~1\applic~1\DMCache
2010-03-08 20:59:00 0 d-----w- c:\program files\Internet Download Manager
2010-03-08 20:16:17 0 d-----w- c:\windows\system32\LogFiles
2010-03-08 20:14:21 0 d-s---w- c:\documents and settings\job_seaker\UserData
2010-03-08 20:13:26 0 d-----w- c:\docume~1\job_se~1\applic~1\Propel
2010-03-08 20:13:25 0 d-----w- c:\docume~1\alluse~1\applic~1\Propel
2010-03-08 20:11:34 0 d-----w- c:\program files\Propel Accelerator
2010-03-08 19:29:33 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-03-08 19:29:33 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-03-08 19:29:32 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-03-08 19:29:32 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-03-08 19:29:32 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-03-08 19:29:28 0 d-----w- c:\program files\Trojan Remover
2010-03-08 19:29:28 0 d-----w- c:\docume~1\job_se~1\applic~1\Simply Super Software
2010-03-08 19:29:28 0 d-----w- c:\docume~1\alluse~1\applic~1\Simply Super Software
2010-03-08 16:58:00 0 d-----w- C:\USBNoRisk
2010-03-08 14:50:04 385 ----a-w- c:\windows\system32\user_gensett.xml
2010-03-08 08:44:30 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-03-08 07:44:37 850 ----a-w- c:\documents and settings\job_seaker\Application DataProductTweaks.xml
2010-03-08 07:44:37 385 ----a-w- c:\documents and settings\job_seaker\Application Datauser_gensett.xml
2010-03-07 20:34:34 4 ----a-w- c:\windows\system32\aspdict-en.dat
2010-03-07 20:34:34 16 ----a-w- c:\windows\system32\asdict.dat
2010-03-07 20:27:35 52 ----a-w- c:\windows\system32\ashttpstats.csv
2010-03-07 20:26:33 0 d-----w- c:\windows\system32\PreInstall
2010-03-07 20:26:32 22752 ----a-w- c:\windows\system32\spupdsvc.exe
2010-03-07 20:08:11 0 d-----w- c:\docume~1\job_se~1\applic~1\BitDefender
2010-03-07 20:07:42 0 d-----w- c:\program files\BitDefender
2010-03-07 20:07:42 0 d-----w- c:\docume~1\alluse~1\applic~1\BitDefender
2010-03-07 19:40:27 0 --sha-r- c:\windows\system32\drivers\TOSHIBA_TECRA A4_02649000-AR_PTA40E-0UQ01.MRK
2010-03-07 19:39:45 0 d-----w- c:\docume~1\job_se~1\applic~1\Symantec
2010-03-07 19:25:35 0 d-----w- c:\program files\common files\BitDefender
2010-03-07 15:56:09 0 d-----w- c:\windows\system32\Adobe
2010-03-07 15:47:48 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-03-07 15:44:59 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-03-07 15:44:41 0 d-----w- c:\program files\Linksys
2010-03-07 15:44:29 0 d-----w- c:\windows\{CD9B2397-1E24-44A8-A33B-519EB06C3DB8}

==================== Find3M ====================

2010-03-07 21:01:10 106464 ----a-w- c:\windows\system32\drivers\bdhv.sys
2010-03-07 21:01:08 153448 ----a-w- c:\windows\system32\drivers\bdfm.sys

============= FINISH: 11:40:41.05 ===============



Attach log:



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/7/2010 11:39:00 PM
System Uptime: 3/11/2010 11:22:53 AM (0 hours ago)

Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Pentium(R) M processor 1.86GHz | mFCPGA | 1861/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 139.826 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP6: 3/8/2010 8:09:44 PM - System Checkpoint
RP7: 3/10/2010 6:44:07 PM - System Checkpoint

==== Installed Programs ======================

Adobe Acrobat - Reader 6.0.2 Update
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 6.0.1
Adobe Shockwave Player 11.5
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
BitDefender Total Security 2010
Bluetooth Stack for Windows by Toshiba
CD/DVD Drive Acoustic Silencer
Google Chrome Frame
Google Update Helper
Internet Download Manager
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0
Linksys WUSB100 RangePlus Wireless USB Adapter
LiveUpdate 2.5 (Symantec Corporation)
Macromedia Flash Player
Microsoft .NET Framework 1.1
Microsoft Office OneNote 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6)
Norton Security Center
Propel Accelerator
SD Secure Module
SMSC IrCC V5.1.3600.5
Sonic DLA
Sonic RecordNow!
SoundMAX
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515 drivers.
TIxx21/x515
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Hotkey Utility
TOSHIBA Manuals
TOSHIBA Mobile Extension 3
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA TouchPad ON/Off Utility
TOSHIBA Utilities
TOSHIBA Zooming Utility
Touch and Launch
Trojan Remover 6.8.1
Update for Windows XP (KB898461)
VLC media player 1.0.5
WebFldrs XP
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB884018
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB889673
WinRAR archiver

==== Event Viewer Messages From Past Week ========

3/8/2010 1:08:29 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer DEASEL-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7C4F4D99-283A-4FEF. The master browser is stopping or an election is being forced.
3/10/2010 2:17:53 AM, error: PSched [14103] - QoS [Adapter {7C4F4D99-283A-4FEF-A6AC-5724506DA971}]: The netcard driver failed the query for OID_GEN_LINK_SPEED.

==== End Of File ===========================
x4xp
Regular Member
 
Posts: 34
Joined: October 21st, 2009, 3:18 pm

Re: My Screen gets into black!

Unread postby jmw3 » March 11th, 2010, 4:03 am

Hi

Ok, those logs look alright... Just a couple of things we need to sort out.

Multiple Anti-virus Programs
You are operating your computer with multiple Anti-virus programs running in memory at once:
BitDefender Total Security 2010 | Norton Security Center
Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. Please remove one of them NOW.

Update Java Runtime
You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, & also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 18.
  • Download the latest version of Java Runtime Environment (JRE) 6 Here
  • Scroll down to where it says "JDK 6 Update 18 (JDK or JRE)"
  • Click the orange Download JRE button to the right
  • Select the Windows platform from the dropdown menu
  • Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement". Click on Continue.The page will refresh
  • Click on the link to download Windows Offline Installation & save the file to your desktop
  • Close any programs you may have running - especially your web browser
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs & remove all older versions of Java
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java(TM) 6) in the name
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions
  • Reboot your computer once all Java components are removed
  • Then from your desktop double-click on jre-6u18-windows-i586.exe to install the newest version
  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
        Applications and Applets
        Trace and Log Files
    • Click OK on Delete Temporary Files Window
      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE
    • Click OK to leave the Temporary Files Window
    • Click OK to leave the Java Control Panel
Update Adobe Reader
Recently there have been vunerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version: Adobe Reader 9.3
You can download it from http://www.adobe.com/products/acrobat/readstep2.html
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed Uncheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Adobe 9 is a large program and if you prefer a smaller program you can get Foxit 3 instead from Foxit Software
Note: Do not install anything dealing with AskBar... presented as an installation option.

Other than USBNoRisk & DDS, have you kept any of the other programs we were using to clean your computer?
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: My Screen gets into black!

Unread postby x4xp » March 11th, 2010, 7:07 pm

Hi,

I have removed Norton security center. It is not the anti-virus, it is something else. I have already removed the Norton Internet Security 2005 already immediately after formatting the PC. I installed the new Java after removing the old one. But when I decided to install Foxit Reader, during installation I get the following.

Image


I did not get which one you asked my me to not tick.




and finally;Other than USBNoRisk & DDS, have you kept any of the other programs we were using to clean your computer?

I did not get your point. I have formatted the PC and did not transfer any exe file to the external Hard Disk. After formatting the PC I downloaded USBNoRisk & DDS and did what you have asked me.
x4xp
Regular Member
 
Posts: 34
Joined: October 21st, 2009, 3:18 pm

Re: My Screen gets into black!

Unread postby jmw3 » March 11th, 2010, 11:55 pm

Hi

With regard to the Foxit Reader; don't select any of those options, just click the Next button.

I did not get your point. I have formatted the PC and did not transfer any exe file to the external Hard Disk. After formatting the PC I downloaded USBNoRisk & DDS and did what you have asked me.
Good. I just wanted to make sure that you did not keep any of the programs we used as they can cause damage to your PC if used incorrectly. If you had kept any of them by saving to your external drive, I was going to ask you delete them.

All Clean
Now that your system is safe we would like you to keep it that way.
Take the time to follow these recommendations & it will greatly reduce the risk of further infections and greatly diminish the chances of you having to visit here again.

Create a Clean System Restore Point
Create a new, clean System Restore point which you can use in case of future system problems:
Press Start->All Programs->Accessories->System Tools->System Restore
Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
Now remove old, infected System Restore points:
Next click Start->Run and type cleanmgr in the box and click OK
Ensure the boxes for Temporary Files & Temporary Internet Files are checked. You can choose to check other boxes if you wish but they are not required.
Select the More Options tab, under System Restore click Clean up... and click Yes to the prompt
Click OK and Yes to confirm.

Set Correct Settings For Files That Should Be Hidden In Windows XP
  • Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab
  • Under Hidden files and folders if necessary select Do not show hidden files and folders
  • If unchecked, checkHide protected operating system files (Recommended)
  • If necessary check Display content of system folders
  • If necessary Uncheck Hide file extensions for known file types
  • Click OK

Update your Windows XP to Service Pack 3
It is CRITICAL that you keep your Windows updated. Otherwise you're open to dozens of security holes which WILL cause you to get reinfected.
Visit Windows Update NOW & download Service Pack 3 + ALL critical updates! (Click Start >> All Programs >> Windows Update to launch Windows Update)

Microsoft Windows Update
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found.
To update Windows
Go to Start > All Programs > Windows Update
To update Office
Open up any Office program.
Go to Help > Check for Updates

Malwarebytes' Anti-Malware
Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is totally free but for real-time protection you will have to pay a small one-time fee.
You can download it here & find a tutorial here. Keep it updated & run it regularly.

SpywareBlaster
Download and install Javacools SpywareBlaster from here
SpywareBlaster adds a list of ActiveX controls, tracking cookies and sites which will be blocked in either Internet Explorer or Firefox browsers. You need to manually check for updates regularly.

Download and Install a HOSTS File
A HOSTS file is a big list of bad web sites. The list has a specific format, a specific name, (name is just HOSTS with no file extension), and a specific location. Your machine always looks at that file in that location before connecting to a web site to verify the address. So the HOSTS listing can be used to "short circuit" a request to a bad website by giving it the address of your own machine.

Download BlueTack's HOSTS Manager here, using Internet Explorer (Firefox won't work):
  • A short distance down the page in the centre, click on the Download button
  • Agree to the license
  • On the next page, to the right side of where it says Download Estimates, right click on the underlined word Hosts Manager choose Save Target As and download the installer Hosts20setup.exe to your desktop
  • Double click the Installer on your desktop and let it Install the Hosts Manager
  • After the installation is complete, click on the Hosts Manager icon on your desktop. (You can delete the other Hosts Switch icon from your desktop)
  • When the Hosts Manager comes up, click the small down arrows on the right side of the bar labeled Options and Tools,
  • Click Disable DNS Service. This is important
  • In the Left Pane, click Download
  • It will load 80,000 lines or more. When it finishes, also in the left pane, click Replace, and then click Save
You can use this manager to handle your HOSTS file download, edits, and most any other HOSTS issue.
If you have a separate party firewall or Winpatrol, you may have to give permissions at various times to Unlock the present default HOSTS file and install the new one.

Web of Trust
WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
  • Green to go
  • Yellow for caution
  • Red to stop
WOT has an addon available for both Firefox and Internet Explorer.

Install WinPatrol
Download it here
You can find information about how WinPatrol works here

Read some information here on how to prevent Malware.

Hopefully these steps will help keep your computer clean.

Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!
The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

If there are any other questions then feel free to ask or in future do not hesitate to contact us here at The Malware Removal Forums
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: My Screen gets into black!

Unread postby x4xp » March 13th, 2010, 10:04 am

Hello,

Thanks jmw3 for your help throughout the whole thread and thanks for the good tips. Your help was really appreciated and solved my issue. Nice to talk to you.

Best,

x4xp
x4xp
Regular Member
 
Posts: 34
Joined: October 21st, 2009, 3:18 pm

Re: My Screen gets into black!

Unread postby jmw3 » March 13th, 2010, 12:44 pm

No problem at all x4xp... Glad I could help.

Good Luck & Surf Safe :)
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia

Re: My Screen gets into black!

Unread postby jmw3 » March 14th, 2010, 9:38 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 502 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware