WinXP corruption; Photoshop and Win Explorer
cam35pilot
I have a P4 Dell, WIn XP SP3, 3 GHz, about 2.5 years old. The
other day, I notice things going slow, so I ran Norton 360 and it
removed W32.Gammima trojan and a "Suspicious.MH690 Heuristic Virus".
The PC is running better, but now Photoshop CS won't open (just
hangs), and when I go to open my "E" drive through My Computer (my
internal slave SATA drive, where PS CS is located), it opens up the
"open this program with" pop-up.
PS is legal, and I can reinstall it if need be, but I'm a bit
concerned about other programs (I have a lot on here, including
different Video editing) that may also be affected where I haven't
noticed yet.
Is there a "registry cleaner" program that is good, and do you
know why double-clicking on a folder for one of the two hard-drives
wouldn't open it, but rather bring up the "unknown program" thing?
Thanks,
Rich
Brian A.
news:9f855aa2-ecc4-479e...@17g2000vbf.googlegroups.com...
Are you using a Symantec/Norton AV app and have Heuristic Protection
enabled?
From:
http://www.symantec.com/security_response/writeup.jsp?docid=2008-121617-3748-99&tabid=2
<quote>
Symantec's antivirus products contain a highly sensitive detection
technology designed to detect entirely new malware threats without
traditional signatures. This technology is aimed at detecting malicious
software that has been intentionally mutated or morphed by attackers.
If one or more files on your computer have been classified as having a
Suspicious.MH690 threat, this indicates that the files have suspicious
characteristics and therefore might contain a new or unknown threat.
However, given the sensitive nature of this detection technology, it may
occasionally identify non-malicious, legitimate software programs that also
share these behavioral characteristics. Therefore, it is recommended that
users manually check all files detected as Suspicious.MH690 by Symantec
antivirus products for potential misidentification, and submit any suspect
files to Symantec Security Response for further analysis. For instructions
on how to do this, read Submit Virus Samples.
In rare cases where a legitimate file has been misidentified and
subsequently quarantined, your computer may behave abnormally or you may
find that one or more applications no longer function as expected. In such
rare situations, you should open the Quarantine in your Symantec antivirus
product. From here, you may review the list of all files detected as
Suspicious.MH690 and, if you identify a potential misidentification, restore
the file from quarantine and allow it to run normally.
<quote>
--
Brian A. Sesko { MS MVP_Shell/User }
Conflicts start where information lacks.
http://basconotw.mvps.org/
Suggested posting do's/don'ts: http://www.dts-l.org/goodpost.htm
How to ask a question: http://support.microsoft.com/kb/555375
Kayman
You operating system may still be infected with malware.
Steer away from any "registry cleaners" as they can cause irreparable
damages!
Do I need a Registry Cleaner?
http://www.whatthetech.com/2007/11/25/do-i-need-a-registry-cleaner/
Why I don’t use registry cleaners!
http://www.edbott.com/weblog/archives/000643.html
Try this:
1.Clear the (IE) temporary Internet files and the history cache.
Click 'Start' and then click 'Run'... then type (or copy/paste)
"inetcpl.cpl" (w/out quotation marks) into the box, then click the 'OK'
button.
In Internet Properties panel 'General' tab, under 'Browsing history', click
'Delete...'button, in 'Delete Browsing History' panel, click the 'Delete
all...' button then place a checkmark into the box beside 'Also delete
files and settings stored by add-ons', Click 'Yes' and exit the Internet
Properties panel by clicking the 'OK' button.
2.Clean HDD
Click 'Start' and then click 'Run...' then type (or copy/paste) "cleanmgr"
(w/out quotation marks into the box, then click the 'OK' button. Select
your drive
(presumably WinXP (C:) and click OK.
3.Download/execute:
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
--and--
SuperAntispyware - Free
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
4.Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
Please, do not post HJT logs to this newsgroup.
Fora where you can get expert advice for HiJack This! (HJT) logs.
http://www.thespykiller.co.uk/index.php?board=3.0
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.tomcoyote.org/index.php?showforum=27
http://www.bleepingcomputer.com/forums/forum22.html
http://www.malwarebytes.org/forums/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.theeldergeek.com/forum/index.php?s=2e9ea4e19d3289dd877ab75a8220bff6&showforum=29
NOTE:
Registration is required in any of the above mentioned fora before posting
a HJT log and read the 'stickies' (instructions/guidelines) for the
respective HJT forum.
5.Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Consider removing Norton using their propriety uninstall tool and replace
with good-quality freely available alternatives.
Additional references:
GMER - is an application that detects and removes rootkits.
http://www.gmer.net/index.php
For additional assistance in relation GMER scan results consult either
http://antirootkit.com/forums/index.php?sid=9e746bb696ac0bb38781ffe4361c3a17
--or--
http://www.thespykiller.co.uk/index.php?board=3.0
CCleaner - Free
Cleans temporary internet files, cookies, history, recent urls, application
MRUs, etc. ...(*Tune out the registry scanning/fixing option!*)
http://www.ccleaner.com/download/builds/downloading-slim
If Windows Defender is utilized go to Applications, under Utilities
uncheck "Windows Defender" (so it won't delete the history of WD).
If you wish, click 'Options' button the 'Settings' [check] 'Run CCleaner
when the computer starts'.
--or--
Setup CCleaner to Automatically Run Each Night in Vista or XP
http://www.howtogeek.com/howto/windows-vista/setup-ccleaner-to-automatically-run-each-night-in-vista-or-xp/
Good luck :)