Corrupt XP? Crashing Hardware? Other?
On Saturday, I replaced my wireless mouse batteries and also made an online purchase using a credit card. Innocuous. Since then, a confluence of bad things: 1) AOL spyware has popped up two dozen times to tell me that "Command Services" has been detected and blocked (I have shut off this popup); 2) my computer began randomly shutting itself down and will not restart except in "Last Known Good Configuration"; 3) the system will not let me create a restore point; 4) on restart, I get a Microsoft message that I have recovered from a serious error -- one error report indicated driver issue and a later one say the error report was corrupted; 5) today, I got an AOL spyware scan message saying that my hard disk was too full (5.6 GB free out of a total of 35.8 GB); 6) I tried to run Windows disk error checking tool but it would not work.
My computer is under extended hardware warranty (IBM). When I called IBM, they said that my Windows XP had been corrupted and to reinstall XP (and lose all installed programs and saved data). They said that none of the symtoms suggested a hardware problem since my system is "working," albeit with lots of deficiencies. Any help that you can offer would be very much appreciated. If you agree that I need to reinstall Windows, is there a preferred method (less time consuming) for saving my installed programs, photos, documents, and AOL email filing cabinet? Sorry to be such a novice. :sad2: Respun
My computer is under extended hardware warranty (IBM). When I called IBM, they said that my Windows XP had been corrupted and to reinstall XP (and lose all installed programs and saved data). They said that none of the symtoms suggested a hardware problem since my system is "working," albeit with lots of deficiencies. Any help that you can offer would be very much appreciated. If you agree that I need to reinstall Windows, is there a preferred method (less time consuming) for saving my installed programs, photos, documents, and AOL email filing cabinet? Sorry to be such a novice. :sad2: Respun
0
Comments
http://icrontic.com/articles/easy_data_recovery
If that doesn't work:
http://icrontic.com/articles/advanced_data_recovery
Wow! Fast reply. Many thanks. I will follow your instructions and try not to panic (very tempting to panic...). Respun
I would follow Mtrox's advice to hit up our SVT forum; something is amiss.
Any advice about how to reconfigure AOL or other issues would be most welcome. I don't know about BSoD. Here's my latest HijackThis file:
Logfile of HijackThis v1.99.1
Scan saved at 8:27:26 AM, on 7/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\WINDOWS\system32\PELMICED.EXE
C:\Program Files\Common Files\AOL\1109028282\ee\AOLSoftware.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\WINDOWS\system32\tbctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\WINDOWS\system32\Sktempdm.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\program files\common files\aol\1109028282\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP
Scheduler.exe
C:\WINDOWS\system32\Skdaemon.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\unzipped\hijackthis[1]\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Road Runner High Speed
Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
sas.we1.attbb.net:8000
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
*.attbb.net
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot -
Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32
\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update
Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] PELMICED.EXE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1109028282
\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0
\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare
Live\winssnotify.exe"
O4 - HKLM\..\Run: [Detect Kbd Daemon] SK2000DM.EXE
O4 - HKLM\..\Run: [RF Receiver Daemon] RAKSPOSD.EXE /ShowIcon
O4 - HKLM\..\Run: [TraySantaCruz] C:\WINDOWS\system32\tbctray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program
Files\Nikon\PictureProject\NkbMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32
\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network
Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: ComcastHSI - {0B23D603-24E2-43E5-848B-24D9372F7D2B} -
http://www.comcast.net (file missing) (HKCU)
O9 - Extra button: Help - {7AD0B041-1752-4418-9126-8981BB8673FD} -
http://www.comcast.net/memberservices/ (file missing) (HKCU)
O9 - Extra button: Support - {C201111F-63FB-4A47-A7F8-0866FEC74EE1} -
http://www.comcastsupport.com (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} -
http://www.activation.rr.com/install/downloads/tgctlcm.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) -
http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {26BFFB87-5B07-4611-82BB-AF3947013FDD} - http://www.lexis.com/dl/IEDAP.cab
O16 - DPF: {26FCCDF9-A7E1-452A-A73D-7BF7B4D0BA6C} (AOL Pictures Uploader Class) -
http://o.aolcdn.com/pictures/ap/Resources/2.0.5.78/cab/aolpPlugins.10.5.0.4.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} -
http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {54D53429-945C-4188-B460-C81356541882} (SaveImageFiles Class) -
http://photosmart.hpphoto.com/Download/HPeServicesLocalPrint.CAB
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?
1182654429828
O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - https://www-
307.ibm.com/pc/support/IbmEgath.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) -
http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} -
http://a248.e.akamai.net/f/248/5462/2h/www.symantecstore.com/v2.0-
img/operations/symbizpr/xcontrol/SymDlBrg.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-
secure.symantec.com/techsupp/activedata/SymAData.dll
O16 - DPF: {E598AC61-4C6F-4F4D-877F-FAC49CA91FA3} (acpRunner Class) - https://www-
3.ibm.com/pc/support/access/aslibmain/content/AcpControl.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} - https://www-
secure.symantec.com/techsupp/activedata/ActiveData.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common
Files\AOL\ACS\AOLacsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program
Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program
Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. -
C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Unknown owner -
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe (file missing)
BSoD is the "Blue Screen of Death"..meaning the blue screen that you get when you can't start up...you are getting that, right? And there are error messages on that screen. There are so many things that it can be, I guess..on my part, it was trial and error! As I said before, I ran a few spyware and malware removers, and also purchased a registry cleaner. I have had my HiJack log analyzed in the past but not for my most recent problem and it is helpful is getting problems fixed.
Only post your email addy if you want more SPAM. If you're like me, you don't need more v1uGra emails so send her a Private Message (PM). Just click on Trisha's name like the screen shot shows and send a PM.
P.S. I also Googled AOL "spy zapper" to learn how to turn off that added unwanted annoyance. Go to keyword "spy zapper" and uncheck everything on the menu that pops up -- in other words, choose "do not check my computer."
I can tell from Googling AOL and "command services" that many other AOL users are experiencing my same syndrome. This syndrome caused the lazy dopes at IBM to instruct me to reinstall Windows XP (and lose all my data, programs, etc.). Why doesn't AOL send its users a mass email advising when it causes systemwide problems? It is happy to send a mass email advertising the AOL Visa card. URGH!