Virus hampering boot on Windows Vista
Solved/Closed
ErieE
Posts
37
Registration date
Thursday March 27, 2014
Status
Member
Last seen
April 15, 2014
-
Mar 29, 2014 at 07:07 PM
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 - May 14, 2014 at 03:13 AM
2011N2 Posts 13352 Registration date Saturday January 29, 2011 Status Security contributor Last seen December 24, 2016 - May 14, 2014 at 03:13 AM
Related:
- Virus hampering boot on Windows Vista
- Kmspico windows 10 - Download - Other
- Hiren boot cd 17.2 iso download - Download - Backup and recovery
- Goose virus - Download - Other
- Gta 5 download apk pc windows 10 - Download - Action and adventure
- Windows 10 iso download 64-bit - Download - Windows
103 responses
2011N2
Posts
13352
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Apr 14, 2014 at 05:10 AM
Apr 14, 2014 at 05:10 AM
Hello,
Please disable Avast during this manipulation.
1- Download OTM on your desktop.
2- Run it.
3- In the left part, paste the lines which are in this link.
4- Click on MoveIt!
5- Post the log saved at C:\_OTM\MovedFiles\[MMJJAAAA_***].txt
Gabriel.
Please disable Avast during this manipulation.
1- Download OTM on your desktop.
2- Run it.
3- In the left part, paste the lines which are in this link.
4- Click on MoveIt!
5- Post the log saved at C:\_OTM\MovedFiles\[MMJJAAAA_***].txt
Gabriel.
ErieE
Posts
37
Registration date
Thursday March 27, 2014
Status
Member
Last seen
April 15, 2014
Apr 14, 2014 at 09:56 AM
Apr 14, 2014 at 09:56 AM
OK. This is a new application so I have questions. I assume from what you said it won't just go in automatically like with ZHP fix. I actually have to copy and paste -- right?
I apologize for not knowing all this. I was the school computer tech for several years but they only let us set up machines, run virus and other programs they trained us on, train teachers in the basics and bail teachers and students out of certain problems. I didn't have to train the students. They knew more than the teachers.
I apologize for not knowing all this. I was the school computer tech for several years but they only let us set up machines, run virus and other programs they trained us on, train teachers in the basics and bail teachers and students out of certain problems. I didn't have to train the students. They knew more than the teachers.
2011N2
Posts
13352
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Apr 14, 2014 at 10:21 AM
Apr 14, 2014 at 10:21 AM
Hi,
Yes, you have to copy and paste the lines in the left part of OTM. And then click on MoveIt!
It is normal, it is a thing to ask questions if you are not sure.
Gabriel.
Yes, you have to copy and paste the lines in the left part of OTM. And then click on MoveIt!
It is normal, it is a thing to ask questions if you are not sure.
Gabriel.
ErieE
Posts
37
Registration date
Thursday March 27, 2014
Status
Member
Last seen
April 15, 2014
Apr 14, 2014 at 11:26 AM
Apr 14, 2014 at 11:26 AM
Thanks. Sometimes I feel I should know things that I don't. Anyway, I did everything you said. I disabled Avast until the next restart and that may have been an error. When I ran OTM and pasted the lines, everything on my desktop disappeared (which I realized later was supposed to happen.) Then I got a box saying I had to restart to finish "removing objects". So, when I restarted, Avast came back on. Maybe the whole operation was not done with Avast disabled. Here is what I got. Should I run it again and disable Avast for an hour?
http://speedy.sh/rpKHz/04142014-095239.log
http://speedy.sh/3ZVUu/04142014-095239.res
As you see, it was not C:\_\movedfiles\[MM]]AAAA_***].txt
Should I keep looking or run it again? I included the one with the res extension because I was not familiar with it and I did not know whether you would need it or not.
http://speedy.sh/rpKHz/04142014-095239.log
http://speedy.sh/3ZVUu/04142014-095239.res
As you see, it was not C:\_\movedfiles\[MM]]AAAA_***].txt
Should I keep looking or run it again? I included the one with the res extension because I was not familiar with it and I did not know whether you would need it or not.
ErieE
Posts
37
Registration date
Thursday March 27, 2014
Status
Member
Last seen
April 15, 2014
Apr 14, 2014 at 12:39 PM
Apr 14, 2014 at 12:39 PM
I noticed on the log that the registry link for speed cleaner was supposedly removed yet I still cannot remove the desktop shortcut.
Didn't find the answer you are looking for?
Ask a question
2011N2
Posts
13352
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Apr 14, 2014 at 12:46 PM
Apr 14, 2014 at 12:46 PM
What happens when you try to remove Speed Cleaner's shortcut on your desktop ?
Run again ZHPDiag please, to see.
Gabriel.
Run again ZHPDiag please, to see.
Gabriel.
ErieE
Posts
37
Registration date
Thursday March 27, 2014
Status
Member
Last seen
April 15, 2014
Apr 14, 2014 at 01:31 PM
Apr 14, 2014 at 01:31 PM
If I try to delete the shortcut, I get a message saying that the action has to be confirmed. My choices are continue skip cancel. If click on continue, it just repeats the message box over and over. If I click on skip, the box closes.
I ran ZHPDiag and got this
http://speedy.sh/YHB7b/ZHPDiag.txt4-14-1.txt
http://speedy.sh/aUrhG/ZHPDiag.txt4-14.txt
I ran ZHPDiag and got this
http://speedy.sh/YHB7b/ZHPDiag.txt4-14-1.txt
http://speedy.sh/aUrhG/ZHPDiag.txt4-14.txt
ErieE
Posts
37
Registration date
Thursday March 27, 2014
Status
Member
Last seen
April 15, 2014
Apr 14, 2014 at 01:36 PM
Apr 14, 2014 at 01:36 PM
I switched users to administrator and was able to delete it. Up until now that did not work. I have tried deleting it logging on as me and doing it as admin and logging on as admin and nothing worked. However, this time it did. I don't know if the application is gone, however. It starts up every time I start the computer. I will try that now.
ErieE
Posts
37
Registration date
Thursday March 27, 2014
Status
Member
Last seen
April 15, 2014
Apr 14, 2014 at 01:44 PM
Apr 14, 2014 at 01:44 PM
Just the icon is gone. Speed Cleaner began "cleaning" and appeared in my system tray
2011N2
Posts
13352
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Apr 14, 2014 at 02:09 PM
Apr 14, 2014 at 02:09 PM
Hi,
Try to uninstaller Speed Cleaner with the mode Advanced : http://ccm.net/faq/7387-uninstall-a-program-properly-with-revo-uninstaller
Disable Avast during the operation.
Gabriel.
Try to uninstaller Speed Cleaner with the mode Advanced : http://ccm.net/faq/7387-uninstall-a-program-properly-with-revo-uninstaller
Disable Avast during the operation.
Gabriel.
ErieE
Posts
37
Registration date
Thursday March 27, 2014
Status
Member
Last seen
April 15, 2014
Apr 15, 2014 at 03:24 PM
Apr 15, 2014 at 03:24 PM
I did download Revo uninstaller. It is a neat little program! However, I had to log on as adminstrator to install it. When I did that it showed up on admin screen and on my screen. It did not show up on my daughter's. It would not run if I logged on as me. Even though I right clicked and told it to run as administrator, it simply told me I was not one. I was able to run it on the admin screen. Unfortunately, Speed Cleaner did not show up as an application. I clicked on Tools and auto run management and it was there. I could uncheck it but that would only stop it from running on start. It was installed in default location
C:\program files\speed cleaner\speed cleaner.exe. Same thing happened when I clicked on the exe file. Speed Cleaner only showed up under tools and start up management.
I checked and it is in the same file path no matter which user logged in. I clicked on Task Manager and it runs constantly and is consuming quite a bit of memory as it does so.
I thought I had deleted PCtechHotline but it showed up in Revo uninstaller under Tools also. I noticed one thing -- maybe important, probably not. Under Tools it said hpgSRMon was "invalid". Again just in case it means anything, when I log on as admin I get a message box saying C:\users\Beth\AppData\local\conduit\APIS Support\APISSupport.dll could not be loaded. "The Module cannot be found". It only shows up when I log on there. I mentioned so much because I am not sure what is important or if I made an error. I did disable Avast when ran the uninstaller.
C:\program files\speed cleaner\speed cleaner.exe. Same thing happened when I clicked on the exe file. Speed Cleaner only showed up under tools and start up management.
I checked and it is in the same file path no matter which user logged in. I clicked on Task Manager and it runs constantly and is consuming quite a bit of memory as it does so.
I thought I had deleted PCtechHotline but it showed up in Revo uninstaller under Tools also. I noticed one thing -- maybe important, probably not. Under Tools it said hpgSRMon was "invalid". Again just in case it means anything, when I log on as admin I get a message box saying C:\users\Beth\AppData\local\conduit\APIS Support\APISSupport.dll could not be loaded. "The Module cannot be found". It only shows up when I log on there. I mentioned so much because I am not sure what is important or if I made an error. I did disable Avast when ran the uninstaller.
ErieE
Posts
37
Registration date
Thursday March 27, 2014
Status
Member
Last seen
April 15, 2014
Apr 15, 2014 at 03:45 PM
Apr 15, 2014 at 03:45 PM
Should I delete the Revo uninstaller and then try downloading it again?
2011N2
Posts
13352
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Apr 15, 2014 at 04:22 PM
Apr 15, 2014 at 04:22 PM
Hello,
OK so Revo Uninstaller is not necessary.
Try to run again OTM as the last time with the same lines in safe mode with networking (press F8 at the boot), with Avast disabled.
Gabriel.
OK so Revo Uninstaller is not necessary.
Try to run again OTM as the last time with the same lines in safe mode with networking (press F8 at the boot), with Avast disabled.
Gabriel.
2011N2
Posts
13352
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Apr 18, 2014 at 03:38 AM
Apr 18, 2014 at 03:38 AM
Hello,
Maybe the robot remove your message because of OTM's report.
Host the report on SpeedShare and copy / paste the link.
Gabriel.
Maybe the robot remove your message because of OTM's report.
Host the report on SpeedShare and copy / paste the link.
Gabriel.
Things are really strange. I did use SpeedShare and sent it twice. I did disable Avast and use Safe Mode with networking. I never found the a file with the path you mentioned. I did find a file under OTM. That is what I sent. Today it is gone I did read most of what appeared in OTM after cleaning. Many files including Speed Cleaner were supposed to be deleted on reboot. They were not. I saved every txt file generated by OTM and today they are gone. I did not delete them. Now other programs I have never seen before have appeared. What happened" What did I do wrong? This reply would not submit until I put in my nickname and e mail. I must have messed up somewhere.
2011N2
Posts
13352
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Apr 19, 2014 at 03:05 AM
Apr 19, 2014 at 03:05 AM
Hello,
Is Avast reactivates automatically at startup ? Because it could be what prevents deleting files.
Gabriel.
Is Avast reactivates automatically at startup ? Because it could be what prevents deleting files.
Gabriel.
The first time you had me deactivate Avast -- I don't remember which tool we were using, I did make that mistake. After that, I always set it to re-activate in one hour.
I found under Windows a few files that go back to the time the boot error first occurred. there was a PFRO file listing errors. and also a file called Ntblog. I also saw ie8_main that said "Message to User -- Your operating system is not supported by this setup program -- can't boot to this OS.) Ox00000007 was listed there. I am not sure whether that indicated an error or not. I did not change anything -- just explored. Would any of this info assist you?
2011N2
Posts
13352
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Apr 21, 2014 at 04:53 AM
Apr 21, 2014 at 04:53 AM
Hello,
And if you try to remove all this files and folders manually, it works ?
C:\Program Files\Speed Cleaner\Speed Cleaner.exe
C:\Windows\Installer\{3A196B37-3F16-40B8-B0D2-E43333ACCE8D}\guy.ico
C:\Windows\Installer\{3A196B37-3F16-40B8-B0D2-E43333ACCE8D}\guy1.ico
C:\Program Files\Speed Cleaner
C:\Users\owner\AppData\Local\SpeedCleaner
C:\Windows\Installer\12aa37.msi
C:\Program Files\sweetpacks bundle uninstaller
C:\ProgramData\SpeedyPC Software
C:\ProgramData\Updater
C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
C:\TRANSLATE
C:\Windows\Reimage.ini
C:\Windows\Installer\bc6db.msi
C:\Program Files\SearchProtect
Gabriel.
And if you try to remove all this files and folders manually, it works ?
C:\Program Files\Speed Cleaner\Speed Cleaner.exe
C:\Windows\Installer\{3A196B37-3F16-40B8-B0D2-E43333ACCE8D}\guy.ico
C:\Windows\Installer\{3A196B37-3F16-40B8-B0D2-E43333ACCE8D}\guy1.ico
C:\Program Files\Speed Cleaner
C:\Users\owner\AppData\Local\SpeedCleaner
C:\Windows\Installer\12aa37.msi
C:\Program Files\sweetpacks bundle uninstaller
C:\ProgramData\SpeedyPC Software
C:\ProgramData\Updater
C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
C:\TRANSLATE
C:\Windows\Reimage.ini
C:\Windows\Installer\bc6db.msi
C:\Program Files\SearchProtect
Gabriel.
I will try and see. I have been afraid to remove or add anything in case it interfered with what you were doing. Get back to you.
Beth
Beth
I was able to remove most of the files. Speed Cleaner appears to be gone!!!!
I could not find C:\ProgramData {B49A644A-1076-4A3D-B124-DAA7862F2318}
C:\Program Files\SearchProtect would not come off.
I did notice something usual though. C:\Users\owner\AppDATA\Local\SpeedCleaner. I found it but the path had Beth instead of owner. There are three accounts on the machine. Beth (me as standard user), my daughter Ruth(standard user) and me again as Elizabeth for Administrator. Maybe that's why it would not recognize me as admin even though I signed on under Elizabeth.
thanks
Beth
I could not find C:\ProgramData {B49A644A-1076-4A3D-B124-DAA7862F2318}
C:\Program Files\SearchProtect would not come off.
I did notice something usual though. C:\Users\owner\AppDATA\Local\SpeedCleaner. I found it but the path had Beth instead of owner. There are three accounts on the machine. Beth (me as standard user), my daughter Ruth(standard user) and me again as Elizabeth for Administrator. Maybe that's why it would not recognize me as admin even though I signed on under Elizabeth.
thanks
Beth
2011N2
Posts
13352
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Apr 22, 2014 at 02:11 AM
Apr 22, 2014 at 02:11 AM
Hello,
OK good.
And so, Speed Cleaner is still here ?
Restart your computer, run again ZHPDiag and host the report.
Gabriel.
OK good.
And so, Speed Cleaner is still here ?
Restart your computer, run again ZHPDiag and host the report.
Gabriel.
Sorry. I didn't make myself clear. Speed Cleaner is gone. It was just in a different path than you indicated. It was under C:\Users\Beth (not owner)\AppData\Local\SpeedCleaner. Once I found that one, I could get all the other paths involving Speedcleaner off. I restarted a couple of times to make sure.
All of the paths you sent are gone.
Do you still want me to run ZHPDiag?
All of the paths you sent are gone.
Do you still want me to run ZHPDiag?
2011N2
Posts
13352
Registration date
Saturday January 29, 2011
Status
Security contributor
Last seen
December 24, 2016
39
Apr 22, 2014 at 11:05 AM
Apr 22, 2014 at 11:05 AM
Hello,
OK, but run again by clicking on the button Full options please. :)
I still see Speed Cleaner on the report.
So, for you, now, there is any problem on the computer ?
Gabriel.
OK, but run again by clicking on the button Full options please. :)
I still see Speed Cleaner on the report.
So, for you, now, there is any problem on the computer ?
Gabriel.
http://speedy.sh/PrEav/ZHPDiagapril22-full-options.txt
Here is the run I just did. Speed Cleaner does not open. I did not think to check if it is running. I will do that. Yes, the original problem still remains.
The computer goes to the splash screen then does not hand control over to Windows. I'm sure the boot process even completes. I get a black and gray screen saying Microsoft windows Vista at the top and memory diagnostics at the bottom. I work around it by selecting Microsoft windows Vista and hitting enter. After about 100 beeps I get my desktop. On March 27 I used the computer at 6 AM and it was fine. At noon on the same day the problem appeared.
Here is the run I just did. Speed Cleaner does not open. I did not think to check if it is running. I will do that. Yes, the original problem still remains.
The computer goes to the splash screen then does not hand control over to Windows. I'm sure the boot process even completes. I get a black and gray screen saying Microsoft windows Vista at the top and memory diagnostics at the bottom. I work around it by selecting Microsoft windows Vista and hitting enter. After about 100 beeps I get my desktop. On March 27 I used the computer at 6 AM and it was fine. At noon on the same day the problem appeared.
