please HELP fix my comp. im new

Joined
Feb 17, 2007
Messages
42
Reaction score
0
i set my computer to modified and show in groups - so it shows the newest modified items at the top - and ive been noticing many files ; setupapi, wmsetup, ntblog, KB928090 - and many KB similars, winsys, and folders with $ in thier name, along with the TEMP and Prefetch folders.

i dont know whats wrong with my comp. - and i have trouble understanding hijackthis - i am technologically challenged when it comes to viruses - Please help!
 
From your post I don't know whats wrong with your computer either! - all those files your talking about are ones that are normally found on a PC.


Can you explain what your PC is, the operating system, what exactly is wrong with it and why you think you have a virus?
 
heeelp_meee said:
i set my computer to modified and show in groups - so it shows the newest modified items at the top - and ive been noticing many files ; setupapi, wmsetup, ntblog, KB928090 - and many KB similars, winsys, and folders with $ in thier name, along with the TEMP and Prefetch folders.
No idea what your saying is wrong, but all the above files/folders are in the Windows folder IIRC, Go back into the windows folder, and just right click on an empty part of the window, and untick the 'show in groups' option if thats what you want to do.... :)

Off the top of my head the files/folders that you mention above are standard windows stuff, nothing to worry about.

The folders with the $ symbol are probably the uninstall folders for the Windows updates that you get every month.

As Ady says, more info about your system is needed if you want us to help anymore. :thumb:

Why do you think you have a virus?
 
a lot of questions - hope it makes sense

well i have it set on modified - so a bunch of programs pop up on top so it gets modified out of no where? - the kb files all were "modified" and popped up on top - so i thought it were files that someone put there. ... is that normal?
and in a wmsetup i read it ;Setup commandlines are "C:\Program Files\Windows Media Player\setup_wm.exe" /SysTrayAndQuit.
Checking for new UDB. We 'will' force a connection.
*Downloading new UDB file.
GetUpdatedUDB: We 'will' force a connection.
DownloadFileFromURL: We 'will' force a connection.
Creating instance of CWMXDownload. We 'will' force a connection.

or replace files or delete files. also many KB- files popped up at some point. i dont know if this is vague but it seems like something is wrong.
on the windows updates they read - update not required and "Update is not allowed to download due to regulation."
setupapi has "C:\WINDOWS\SoftwareDistribution\Download\e7683b17d4278f291be6f6084d0416e7\update\update.exe"
i have a spupdsvc

on a setuplog-
12/14/2001 12:30:55,d:\xpclient\base\ntsetup\syssetup\cmdline.c,228,,SETUP: SpSetupLoadParameter was unable to find runoobe.
12/14/2001 12:30:55,d:\xpclient\base\ntsetup\syssetup\cmdline.c,228,,SETUP: SpSetupLoadParameter was unable to find uniqueness.

uniqueness? runoobe?

also what does this mean; 12/14/2001 13:51:38,d:\xpclient\base\ntsetup\oobe\msobmain\msobmain.cpp,2527,,DISPID_EXTERNAL_USERINFO
12/14/2001 13:51:38,d:\xpclient\base\ntsetup\oobe\msobmain\userinfo.cpp,267,,C:\WINDOWS\System32\oobe\OOBEINFO.INI/UserInfo/Identity000=
12/14/2001 13:51:38,d:\xpclient\base\ntsetup\oobe\msobmain\userinfo.cpp,267,,C:\WINDOWS\System32\oobe\OOBEINFO.INI/UserInfo/Identity001=

is it taking user info?

also TEMP and Prefeth folders pop up - now only TEMP pops up - and when i delete TEMP it says index.dat is being used by someone, is this normal? how is it in use?

oh and is there a sure way to tell if ive been hacked - if my files were messed around with, trojan or virus? these things are too blurry and esoteric for me to understand.
 
Last edited:
Back
Top