• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos0

GHOST 14 System Tray Icon says "At Risk"

I've been running GHOST 14 for over a year.  Some problems, but generally OK.

Recently (in the last week, or so), when I start-up my computer (Toshiba laptop, Win XP SP3), the GHOST icon in the System Tray/Status Notification Area shows a "red-x" over GHOST -- with the "mouse-over" message saying: "Norton GHOST Status: At Risk."

However, if I execute/bring-up GHOST, it shows to be fine -- status is "Protected."

I've done several "Repair," Uninstall/Reinstall, etc, attempts from the GHOST CD.  Nothing works.  Same problem comes back.

I'm concerned about the recoverability of my HDD -- and GHOST, in general.

Appreciate any ideas.

Kind Regards,

Robby

RobbyGHOST15,Win 8.1,quad-core 2.8GHz Toshiba 17" laptop, 750GB HDD

Replies

Kudos0

Re: GHOST 14 System Tray Icon says "At Risk"

Robby -

I read your "banned" thread in the Forum Feedback board and your system problems caught my eyes.  Can you run a malware scan for me and post / attach the log file here, please.  Your symptoms sound similar to some we have seen with some recent RootKit activity.  Thanks.


Please download SysProt from here http://homepages.slingshot.co.nz/~crutches/SysProt  and run it.

Choose the Log tab and select all the items in the Write to log box. Then select Create Log to start scanning. When it is done, a message window will appear with the location of the log file.

Please attach the log file to a post here; the Add Attachments links is below the orange Post button. Thanks
Win10 x64; Proud graduate of GeeksToGo
Kudos0

Re: GHOST 14 System Tray Icon says "At Risk"

db,

I followed your instructions on the SysProt program and Rootkit thing.  Downloaded/saved the file; executed, then selected the log tab, checked all the boxes and clicked on create log.

Immediately.... got a "Blue Screen of Death" (with a bunch of text, but closed before I could read any), and my System shut down -- then restarted.

MS error message came up: "The system has recovered from a serious error."  Asks to send report to MS, which I  did.

I made "Screen Shots" of all this, and saved to Word. But, the Forum here won't accept anything but .txt or .log.  So, can't Attach the Screen Shot images.

But, here's some text from my saved Screen Shots:

_____________

"Error Signature":

BCCode :1000008e   BCP1 : C0000005   BCP2 : 804E13C0  BCP3 : B3003544

BCP4 : 00000000  OSVer : 5_1_2600 SP : 3_0  Product : 768_1

____________

"Error Report Contents":

C:\DOCUME~1\Toshiba\LOCALS~1\Temp\WER0fa4.dir00\Mini073009-01.dmp

C:\DOCUME~1\Toshiba\LOCALS~1\Temp\WER0fa4.dir00\sysdata.xml

[These folders/files do not appear in my Documents and Settings Folder, now.]

____________

"Windows Error Reporting"(Firefox tab, after computer restarted):

Blue screen error caused by device or driver

You received this message because a hardware device, its driver, or related software has caused a blue screen error.  This type of error means the computer has shut down abruptly to protect itself from potential data corruption or loss.  In this case, we were unable to detect the specific dievice or driver that caused the problem.

Troubleshooting:

[It then goes on to suggest that I:]

1. d/l and install latest updates and device drivers

2. remove any new h/w or s/w to isolate the cause of the blue screen

3. scan your computer for viruses

4. check your HD for errors

5. restore your computer to an earlier state

_____________

Sorta reluctant to try this SysProt program, again, until I hear further word from you, etc.

Kind Regards,

Robby

RobbyGHOST15,Win 8.1,quad-core 2.8GHz Toshiba 17" laptop, 750GB HDD
Kudos0

Re: GHOST 14 System Tray Icon says "At Risk"

Most people do not have a problem with SysProt.  But I had my system do the same thing on a previous build.  Delete the file and try a GMER scan.  This is a more stable program but is also more widely known; problem is that malware is starting to include this in the no run lists.


Please download GMER from http://www.gmer.net and run the program. Select "Scan" and then "Save" the log. Do nothing else with the GMER program as it can harm your system if used incorrectly. Then attach the log file as a text file to a post here. The Add Attachments link is below the orange Post button. It will be reviewed for possible malware and we will get back to you. Again, thanks for your help in this.
Win10 x64; Proud graduate of GeeksToGo
Kudos0

Re: GHOST 14 System Tray Icon says "At Risk"

pd,

I ran a scan with GMER, like you said.  But, something isn't "right."

Started the scan at ~4pm my time.  At 7pm I had to leave for an event.  Left GMER running -- still doing a scan!?  Home at 9:30 pm -- it was *still* running!  That's over 5 1/2 hours.

Shouldn't take that long.  Only an 80 GB HDD.  With only about 22 GB used. And a pretty fast machine -- dual-core 3.3 GHz (though, admittedly, I'm a little memory constrained at 1.5 GB).

What do you think?

Anyway, after 5 1/2 hours I stopped it, and saved the log file.  Pretty small, 14 KB.  Here it is Attached.

Kind Regards,

Robby

RobbyGHOST15,Win 8.1,quad-core 2.8GHz Toshiba 17" laptop, 750GB HDD

This thread is closed from further comment. Please visit the forum to start a new thread.