O. T. Malwarebytes issue:

**No_Name** · February 1st 14, 07:15 PM posted to microsoft.public.windowsxp.general

Hello Paul,

I tried to install malwarebytes again on the
8200 and got this:
vbalsgrid6.ocx- is not correctly registered,
a file is missing or invalid.

I then tried to check for updates but it didn't
open.

Then I tried open Spywareblaster to check for
updates there and this is what it gave me:

Error; access violation at 0x73483F5A (tried
to read from (oxoooooo14), program terminated.
Last CP is 'RF'.

Is it possible I can purchase the Kaspersky Rescue
CD since both computers are infected?

Since my System Image is not separate files but
written over each time I'm wondering if that also
is infected and as such useless. What about doing
a System Restore?

I believe I was infected when I first tried to
download AdwCleaner and clicked the large green
arrow instead of the small blue Bleeping Computer
link.

Thoughts/suggestions?
Robert

**Paul** · February 2nd 14, 12:43 AM posted to microsoft.public.windowsxp.general

wrote:
Hello Paul,

I thought you said I was ok and wasn't infected?

In any case, I do have the same issue with both
computers so both are infected. So what am I to
do now?

Robert

OK, let's back up a bit.

What have you done since AdwCleaner was run ?

Remember that AdwCleaner, removes *adware*. Adware are
potentially unwanted programs, such as Toolbars,
browser hijacks, that sort of thing. Adware is fairly
benign - what usually happens, is they try to show
you advertisements, and in the process, the adware company
makes money from the advertisements.

Malware, on the other hand, generally is a more
serious pest. And different tools are used
to both detect and treat them. Malware can be used
to control the computer, make it part of a botnet,
use the computer to attack other computers, and so on.
AdwCleaner has nothing to do with that stuff.

MBAM free edition, is a scanner that runs while the OS
is still running. And tries to detect popular forms
of malware (the malwares that many people experience).

When you have a resident antivirus program (AV), that
attempts to prevent the problem in the first place. You
use MBAM free version, if something gets through. Even MBAM
won't remove everything. Some commercial AV programs,
where a subscription is charged per year, have a relatively
well rounded feature set, and detect a good mix. But
most of the commercial tools, do not overlap with AdwCleaner.
AdwCleaner and Hitman Pro, are examples of tools intended
for PUPS/Adware, instead of the more serious malware.

AdwCleaner, - Adware/Nuisance Toolbars/PUPS
Hitman Pro

Avast! - Used to prevent malware (while Windows is running)
MBAM free - Used to clean malware if any gets through

TDSSKiller - Example of a free rootkit removal tool
RootkitRevealer - Class of tool, used to detect rootkits,
a special kind of malware

Kaspersky Rescue CD - Scans for malware while Windows is not running.
For cases where MBAM won't run perhaps. It's not
clear to me, how good it is at removing problems.
It uses signature based detection (can't use
heuristics, as Windows is not running). BitDefender
and FSecure have made discs like that in the past
as well.

Depending on the situation, you could still make a Kaspersky Rescue CD.
Now, if your browser cannot visit the link, that would be another
hint that you have a significant problem on the machine. A malware
that blocks access to anti-malware sites. If the browser still works,
and the download still works, chances are the CD will work. You
need a CD burning program, to convert the ISO9660 file, into
a bootable CD. Imgburn can do that, but computers from Dell likely
have their own CD burner software. You don't just "drag and drop" the
375MB .iso file onto the optical drive. The burner program opens
the .iso file, and converts it into a boot CD. So don't drag and drop.

Chances are good, that your browser still works, and you can get here.

http://support.kaspersky.com/8092

And if you see any additional "weird" symptoms, please post
them, as they may hint at how serious your situation is.

*******

I can find a match for the .ocx problem here. And the links at the
end of the article, don't really shine any light on what
actually broke. The four links at the end, are relatively
generic instructions on what to do. They may not actually
match what has happened to you. The person who posted those
links, obviously didn't want to go into details, which is
unfortunate. It would be nice to know, what the real reason
for the problem is.

https://forums.malwarebytes.org/inde...showtopic=6207

In this example, it appears AVG quarantined the .ocx file in question.
A false positive. But this happened on an installation of the
commercial resident version of MBAM. Not for someone attempting
to install MBAM free one-shot scanner.

https://forums.malwarebytes.org/inde...howtopic=90976

Since both computers do it, my guess is both machines use
the same AV product, both AV products did a definitions
update, and they've done something that has created
the problem. You'd open the AV program log file, and
find out what significant things have happened in the
last few days (i.e. the time after your last successful
MBAM run), to get more hints about what happened. Maybe
it isn't the named .ocx file in particular, but some
other file that got quarantined. I can't study the MBAM
installer very well, because I don't have lots of unpacker/hacker
tools for examining it. It uses INNO setup apparently.

We live in a complex world. You can run a computer without
any protection, but then you have to be a genius, to not
click the wrong "Download" button or fall into a trap. And
even large, business-oriented web sites, have been hacked and
used to deliver malware. So being a genius isn't enough,
and eventually you'll get infected.

The alternative, is to load up on protection tools. One
resident AV program. A variety of one-shot scanners for
cleanup. That sort of thing. And then, when your tools
get into a fight, and one tool shoots the other tool
in the foot, you again have to be a "genius", look
at the logs, use your Googling skills, to narrow down
what happened. If this was a false positive, normally
one of the antimalware company forums would be
filled with ****ed-off customers. And Google would
help you find the thread discussing the details.
That's how I'd do it, "use the Google".

*******

If you want to restore from a backup, that's certainly
your choice. I can't really guess from here, how many
steps it's going to take, to fix it the regular way.
Of course, to restore from backup, you still require
some skills. Nothing you're about to do, is completely
without risk.

With backup/restore software, the weakest link, is not
having tested that restorations work. To test backup/restore,
requires one known-working backup solution (that you know works).
Plus the new and untested backup solution. You test the new
tool, and if it can't restore the computer, you then go
back to your tried-and-tested backup/restore solution. That's
about the lowest risk way to proceed.

I can give a concrete and funny example of backup/restore.
I worked in a "miniature computer company". We made all our
own utilities. One of our departments wrote the backup/restore
utility for our computer product. So the software guys have
finished the software, and they're pretty proud of themselves.
They immediately start using the software, and have maybe thirty
daily backups made (i.e. have been doing backups for a month,
without really looking at them). Then, our main server goes down.
The backup utility guys go to restore the main server from tape
and... it doesn't work :-) Just the look on their faces was
priceless. *Always* test that the restore works properly,
*before* you really need it. That is something they neglected to
do, and they taught me a valuable lesson.

If worse comes to worse, the Dell can be restored to factory
conditions. That's your final option. But that really shouldn't
be necessary for this minor problem. If the computer was
completely frozen and locked up, the screen was full of
popup windows from a malware attack, then, I might be
tempted to "restore to factory" :-)

Paul

**Hot-Text** · February 2nd 14, 12:49 AM posted to microsoft.public.windowsxp.general

"David H. Lipman" wrote in message ...
From: "Paul"
wrote:
Hello Paul,
Tried to install malwarebytes on the 8200 and got this:
CoCreateInstance failed; code 0x80040154
Class not registered. vbAccelerator SGrid II Control
Run Time Error 0
Run-time error 440
Automation error
Run time error '0'
In addition my Quick launch toolbar keeps disappearing
after each session. So is malwarebytes seriously messed up now because I received the
same messages on my 8500. Robert
What do we know:
1) You have a problem.
The problem is likely caused by malware.
No, not neccessirily.

It could just be a simple Visual Basic run-time problem.

Dave you are one if the ones
That wrote Malwarebytes Seriously F ups
In the first place
With the help Mr. D. Cook

**David H. Lipman** · February 2nd 14, 01:47 AM posted to microsoft.public.windowsxp.general

From: "Hot-Text"

Dave you are one if the ones
That wrote Malwarebytes Seriously F ups
In the first place
With the help Mr. D. Cook

Dustin and I were NOT Malwarebytes software programmers.

Dustin and I were Malware Researchers who analyzed malware and wrote
signatures for the MBAM detection database.

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp

**Paul** · February 2nd 14, 06:34 PM posted to microsoft.public.windowsxp.general

wrote:
Hello Paul,

I thought you said I was ok and wasn't infected?

In any case, I do have the same issue with both
computers so both are infected. So what am I to
do now?

Robert

Latest advice.

https://forums.malwarebytes.org/inde...howtopic=55807

To Fully Remove and Reinstall a Fresh New Copy of
Malwarebytes - Read Carefully Windows Vista and Windows 7:

* Click on the Start button and select Control Panel
* Click on Programs and Features
* Uninstall Malwarebytes' Anti-Malware
* Restart your computer very important !
* Download and run mbam-clean.exe from

http://www.malwarebytes.org/mbam-clean.exe

[ That gives you mbam-clean-1.60.2.0003.exe 80,456 bytes]

It will ask to restart your computer, please allow it
to do so, very important. After the computer restarts,
temporarily disable your Anti-Virus and install the
latest version of Malwarebytes' Anti-Malware from

http://www.malwarebytes.org/mbam-download.php

*******

As Dave hinted, the MBAM code happens to use a third-party
library to do some stuff on the screen. I cannot find
a reference to error 440 on here. Maybe running mbam-clean.exe
will be enough to make the thing install again. I expect
what happened was, the installation stage was finished,
and mbam.exe was starting to run the first time, when
the problem showed up.

http://www.vbaccelerator.com/insprob.htm

The VB Accelerator uses either VB5 or VB6, and
probably VB6 based on the name of the ocx file vbalsgrid6.ocx.

http://www.vbaccelerator.com/install.htm

I think vbalsgrid6.ocx has already loaded, and so a
VB6 dependency isn't the problem. This install file
from Microsoft, is likely already in your system folder.

http://www.vbaccelerator.com/install.htm

Now, those VB6 files they mention are *ancient*. The OS should
already have a msvbvm60.dll. When I use DependencyWalker
on vbalsgrid6.ocx, the only thing it seems to use is msvbvm60.dll.
There would likely be some other error report, if
msvbvm60.dll was missing. I don't really feel this kind
of messing around is necessary, but we'll see if the
mbam-clean does any good first.

http://support.microsoft.com/kb/235420/en-us

Paul

**Buffalo[_3_]** · February 2nd 14, 06:58 PM posted to microsoft.public.windowsxp.general

wrote in message
...

Hello Paul,

I tried to install malwarebytes again on the
8200 and got this:
vbalsgrid6.ocx- is not correctly registered,
a file is missing or invalid.

I then tried to check for updates but it didn't
open.

Then I tried open Spywareblaster to check for
updates there and this is what it gave me:

Error; access violation at 0x73483F5A (tried
to read from (oxoooooo14), program terminated.
Last CP is 'RF'.

Is it possible I can purchase the Kaspersky Rescue
CD since both computers are infected?

Since my System Image is not separate files but
written over each time I'm wondering if that also
is infected and as such useless. What about doing
a System Restore?

I believe I was infected when I first tried to
download AdwCleaner and clicked the large green
arrow instead of the small blue Bleeping Computer
link.

Thoughts/suggestions?
Robert

Somewhere it sounds like you ran AdwCleaner. It most likely messed up your
SpywareBlaster program and your toolbar, at the very minimum.
If AdwCleaner has a recover feature, I suggest you use it.
You can always try the Free version of SAS (SuperAntiBlaster).
http://www.superantispyware.com/ Red Button
You could also dl the Professional Trial version Green Button
It is an excellent program and I use the Pro version of SAS on my laptop and
the Pro version of MBAM on my Desktop.
DL, install,update and run the Quick Scan.
Let if fix what it finds and follow its directions. When it finds no more,
update and run the Complete Scan.
--
Buffalo

**Paul** · February 2nd 14, 07:16 PM posted to microsoft.public.windowsxp.general

Buffalo wrote:
wrote in message
...

Hello Paul,

I tried to install malwarebytes again on the
8200 and got this:
vbalsgrid6.ocx- is not correctly registered,
a file is missing or invalid.

I then tried to check for updates but it didn't
open.

Then I tried open Spywareblaster to check for
updates there and this is what it gave me:

Error; access violation at 0x73483F5A (tried
to read from (oxoooooo14), program terminated.
Last CP is 'RF'.

Is it possible I can purchase the Kaspersky Rescue
CD since both computers are infected?

Since my System Image is not separate files but
written over each time I'm wondering if that also
is infected and as such useless. What about doing
a System Restore?

I believe I was infected when I first tried to
download AdwCleaner and clicked the large green
arrow instead of the small blue Bleeping Computer
link.

Thoughts/suggestions?
Robert

Somewhere it sounds like you ran AdwCleaner. It most likely messed up
your SpywareBlaster program and your toolbar, at the very minimum.
If AdwCleaner has a recover feature, I suggest you use it.
You can always try the Free version of SAS (SuperAntiBlaster).
http://www.superantispyware.com/ Red Button
You could also dl the Professional Trial version Green Button
It is an excellent program and I use the Pro version of SAS on my laptop
and the Pro version of MBAM on my Desktop.
DL, install,update and run the Quick Scan.
Let if fix what it finds and follow its directions. When it finds no
more, update and run the Complete Scan.

AdwCleaner is a two stage program (like some others). You click
the Scan button, then review the things shown on the screen. That's
when you would effectively be warned you might be about to remove
something important. You only click "Clean", when you're
absolutely sure what needs cleaning.

Paul

**Buffalo[_3_]** · February 2nd 14, 08:37 PM posted to microsoft.public.windowsxp.general

"Paul" wrote in message ...

Buffalo wrote:
wrote in message
...

Hello Paul,

I tried to install malwarebytes again on the
8200 and got this:
vbalsgrid6.ocx- is not correctly registered,
a file is missing or invalid.

I then tried to check for updates but it didn't
open.

Then I tried open Spywareblaster to check for
updates there and this is what it gave me:

Error; access violation at 0x73483F5A (tried
to read from (oxoooooo14), program terminated.
Last CP is 'RF'.

Is it possible I can purchase the Kaspersky Rescue
CD since both computers are infected?

Since my System Image is not separate files but
written over each time I'm wondering if that also
is infected and as such useless. What about doing
a System Restore?

I believe I was infected when I first tried to
download AdwCleaner and clicked the large green
arrow instead of the small blue Bleeping Computer
link.

Thoughts/suggestions?
Robert

Somewhere it sounds like you ran AdwCleaner. It most likely messed up
your SpywareBlaster program and your toolbar, at the very minimum.
If AdwCleaner has a recover feature, I suggest you use it.
You can always try the Free version of SAS (SuperAntiBlaster).
http://www.superantispyware.com/ Red Button
You could also dl the Professional Trial version Green Button
It is an excellent program and I use the Pro version of SAS on my laptop
and the Pro version of MBAM on my Desktop.
DL, install,update and run the Quick Scan.
Let if fix what it finds and follow its directions. When it finds no
more, update and run the Complete Scan.

AdwCleaner is a two stage program (like some others). You click
the Scan button, then review the things shown on the screen. That's
when you would effectively be warned you might be about to remove
something important. You only click "Clean", when you're
absolutely sure what needs cleaning.

Paul

What caught my eye was when he mentioned that his SpywareBlaster program was
not working properly.
When I ran AdwCleaner on my PC, that was one of the programs that it wanted
to 'modify' along with some other 'features' of different programs that I
wanted.
I didn't let it do any cleaning.
So, just playing the odds, with absolutely no proof, I think AdwCleaner
might have caused some problems, perhaps different than the MBAM one.
Perhaps he just clicked CLEAN.

--
Buffalo

**No_Name** · February 3rd 14, 02:24 AM posted to microsoft.public.windowsxp.general

Hello Paul,

This is what I've done:

I've tried to do two system restores on the 8200
and neither worked.

I appreciate you trying to educate me and I followed
some of it but some is over my head. Also my memory
isn't what it use to be because of my medical condition.

I did download the Kaspersky ISO Image of the Kaspersky
Rescue Disk 10, I then downloaded the Utility for recording
Kaspersky Rescue Disk 10 to USB devices.

http://i58.tinypic.com/fkz1jl.png

http://i61.tinypic.com/117zfig.png

http://i62.tinypic.com/2qwewps.png

http://i62.tinypic.com/ae36g6.png

When I tried to install it to my thumb drive gave me this:

http://i60.tinypic.com/qstlya.png

Thoughts/suggestions?
Robert

**No_Name** · February 3rd 14, 02:46 AM posted to microsoft.public.windowsxp.general

I was under the impression that AdwCleaner
only went after malware. Not programs and
toolbars and perhaps thats also the cause
the dull blimp sound I hear every time I
connect to the internet?

Robert

**No_Name** · February 3rd 14, 04:13 AM posted to microsoft.public.windowsxp.general

Hello Paul,

I was able to install malwarebytes with
your instructions.

I ran a full scan afterwards which showed
(24) object detected!!! I deleted them and
this is the report:

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 515878
Time elapsed: 39 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 6
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0 (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\js (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\mam (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\mam\scripts (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\mam\scripts\contentScripts (PUP.Optional.ValueApps) - Quarantined and deleted successfully.

Files Detected: 18
C:\Users\Rpbert\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\1BYIY4T6\SpeedUpMyPC-standalone-setup[1].exe (PUP.Optional.SpeedUpMyPC) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\background.html (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\icon.png (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\icon128.png (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\icon16.png (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\icon48.png (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\manifest.json (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\options.html (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\popup.html (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\js\background.js (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\js\options.js (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\mam\background.html (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\mam\settings.json (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\mam\scripts\background.js (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\mam\scripts\iframeHost.html (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\mam\scripts\iframeHost.js (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\mam\scripts\popup.js (PUP.Optional.ValueApps) - Quarantined and deleted successfully.
C:\Users\Rpbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocj dmlaon\1.0.0_0\mam\scripts\contentScripts\contentS cript.js (PUP.Optional.ValueApps) - Quarantined and deleted successfully.

(end)

It seems that Google Chrome is the culprit
which may or may not have been downloaded
with 7-Zip which was the other culprit when
I selected the large green arrow instead of
the small blue print from bleepingcomputer
for downoading AdwCleaner. Should I just
uninstall it since I never use it?

I ran another malwarebytes scan and it came
up clean but I think I should still uninstall
Google Chrome unless it would affect other
programs.

Also when I disconnected Avast and tried to
reconnect it says its still disconnected
although the status shows everything is normal?
I think it refers to other devices but its
strange that before it showed connected.
I don't have any other devices.

Robert

**Paul** · February 3rd 14, 10:10 AM posted to microsoft.public.windowsxp.general

wrote:
Hello Paul,

This is what I've done:

I've tried to do two system restores on the 8200
and neither worked.

I appreciate you trying to educate me and I followed
some of it but some is over my head. Also my memory
isn't what it use to be because of my medical condition.

I did download the Kaspersky ISO Image of the Kaspersky
Rescue Disk 10, I then downloaded the Utility for recording
Kaspersky Rescue Disk 10 to USB devices.

http://i58.tinypic.com/fkz1jl.png

http://i61.tinypic.com/117zfig.png

http://i62.tinypic.com/2qwewps.png

http://i62.tinypic.com/ae36g6.png

When I tried to install it to my thumb drive gave me this:

http://i60.tinypic.com/qstlya.png

Thoughts/suggestions?
Robert

When I download the .iso right now, I get:

kav_rescue_10.iso
397,082,624 bytes for "Size:"

The problem is, they might update the file each
day or once a week, so it is pretty hard to compare
the file I got, to the one you got. I give the information
there, so you can see whether you got a complete download
or not. If your file has fewer bytes, maybe the
download did not finish or something. I don't think
there is any easy indicator on the file, as to what
version it is.

I can't find any source code for rescue2usb. It apparently
uses grub4dos, as part of its solution. But I would need
to see the code for the rescue2usb part, to understand
what it is stumbling on. The 378K tool you download,
it comes with a couple of files of its own, which it
uses. As well as copying some portion of the .iso to the
USB stick. I can't tell what is broken in your case.

It might be easier to just burn a CD.

*******

To get your own checksum utility, Microsoft offers one.
It does MD5 or SHA1. There are third-party graphical
ones you can get, but I don't know which one of those
to trust.

http://www.microsoft.com/en-us/downl....aspx?id=11533

This download file is a self-extracting archive. The
"fciv.exe" is inside. Just click it, to unpack the file.

Windows-KB841290-x86-ENU.exe

You have to know how to execute commands in Command Prompt
to use it. I put both my kav_rescue_10 file and the fciv
file in the same folder, and then ran the command prompt
via that folder. Some MSDOS experience would provide you
with ideas on how to run stuff.

fciv -sha1 kav_rescue_10.iso

a6dad6954bea6b55aa1ec79656855de93df1e657 kav_rescue_10.iso

Now, if you got the same value as me, that would tend to
suggest your download was not corrupted. And burning the
CD would then be OK. The file size check is a start, but
a matching SHA1 is a pretty good indication they're the same
file.

*******

Your HP computers could have come with CD/DVD burning software.
So that would be one way to do it. I've used this one
on occasion.

Imgburn.

http://en.wikipedia.org/wiki/Imgburn

"Versions 2.5.1.0 on included optional Ask.com adware in
the installer, which was replaced in version 2.5.8.0 with
OpenCandy adware."

So the best option, would be to find a copy of 2.5.0.0,
and also to know it hasn't been modified. It turns out,
by some strange coincidence, that's the version I have here :-)

Using archive.org, I can find the checksum for the file
when it was released.

https://web.archive.org/web/20090815...p?act=download

ImgBurn v2.5.0.0 (2,119 KB)
Released: Sunday 26th July 2009

CRC32: 39CD6FC6
MD5: F3791CFACDAC03B9E676E44AA2630243
SHA-1: E07BCC23B495D0A966BAE359EA9E0E3A11888454

Then I go to oldversion.com and see what versions they've got.
I scroll down to the area with the versions all listed. Notice,
while you're here, how the file size balloons for the versions
with the adware inside them (2.5.1.0 or later).

http://www.oldversion.com/windows/imgburn/

ImgBurn 2.5.0.0 Jul 26, 2009 2.07 MB

On this pages, it's the "Download Now" button, not that
green "Download" button on the left :-) And the legend
under the "Download Now", that says Free from Spyware,
Adware, and viruses, is obviously a falsehood, as you have
no problem downloading the boobytrapped 2.5.1.0 or later.

http://www.oldversion.com/windows/do...mgburn-2-5-0-0

The downloaded file is

2.5.0.0_SetupImgBurn_2.5.0.0.exe
2,169,915 bytes

When I run "fciv -sha1 2.5.0.0_SetupImgBurn_2.5.0.0.exe", I get

e07bcc23b495d0a966bae359ea9e0e3a11888454

which is the same as above (just uses lower case letters),
and proves my fresh download is the same file as left the
author's site in July 2009. I still don't know it's free
of PUPs, but at least nobody has added any additional PUPs to it.

Once installed, that tool has a screen that looks like this.

http://upload.wikimedia.org/wikipedi...screenshot.png

The "Write image file to disc" in the upper left, is the
button you want. I hope the tool will give you enough
prompting to get the job done.

Your first job after installation, is to visit Tools:Options
and click the "Sounds" tab. Turn *Off* the "Play Success Sounds"
and "Play Error Sounds". These sounds will scare you right
out of your chair, they are so loud.

In the Events tab, set "Check For Program Update" to "Never".
That's to avoid getting tricked into updating to the latest
version (with adware in it). Now, you're ready to burn your
CD. Good luck. I don't think I've ever bothered to adjust
the other settings.

So if the kav_rescue_10.iso file looks reasonable, you
could try burning a CD with it.

Paul

**Paul** · February 3rd 14, 10:26 AM posted to microsoft.public.windowsxp.general

**Buffalo[_3_]** · February 3rd 14, 05:23 PM posted to microsoft.public.windowsxp.general

"Buffalo" wrote in message ...

wrote in message
...
[snip]
Hello Paul,

I tried to install malwarebytes again on the
8200 and got this:
vbalsgrid6.ocx- is not correctly registered,
a file is missing or invalid.

I then tried to check for updates but it didn't
open.
If AdwCleaner has a recover feature, I suggest you use it.
You can always try the Free version of SAS (SuperAntiBlaster).

Should have read SuperAntiSpyware and not SuperAntiBlaster.
[snip]
--
Buffalo

**No_Name** · February 3rd 14, 05:57 PM posted to microsoft.public.windowsxp.general

Hello Paul,

I tried to install malwarebytes on the 8200
following your instructions as I did on the
8500. However it didn't work for the 8200.

It gave me a pop-up with this:

Setup:

CoCreateInstance failed; code 0x80040154
class not registered. and has an OK button.

I click OK and on the Setup/install Window
I see it changing 'creating shortcuts'.

then vbAccelerator SGrid II Control
run time error '0'

then Malwarebytes Anti-Malware
Run-time errror '440'
Automation error

Robert

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode