Tech Problem Aggregator

I completed all the 5 steps and my laptop is still screwed up

Q: I completed all the 5 steps and my laptop is still screwed up

And by completed the steps i mean i wasnt able to partially do any of the five steps

Step 1: I cant access the add/remove programs option on the control panel, it comes up with this message.

This file does not have a program associated with it for performing this action. Create an association in the folder options control panel.

Step 2: I cant use email on the computer, keeps saying cookies are disabled even though i put it to allow all.

Step 3: Well i never cleaned the system so why bother trying to install these programs? I probably wouldnt be able to install them anyway.

Step 4: When i go to the update site, it says it cant continue because one of the following programs isnt working
Automatic Updates
BITS
event log
i follow there directions, my computer refuses to allow me to enable automatic updates

Step 5: im not downloading that program because the way it looks im gonna have restore my system

so is my system completly messed up or can you guys help me out?

More replies
Answer Match 83.16%

Please help my laptop keep telling me i have worm.win32.netsky all 5 steps completed. Main.txt below and extra attached. Thanks for all the advice - newbie with no clue





Deckard's System Scanner v20071014.68
Run by Davinia on 2007-11-23 17:25:41
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
64: 2007-11-23 17:26:44 UTC - RP170 - Deckard's System Scanner Restore Point
63: 2007-11-22 21:44:56 UTC - RP169 - System Checkpoint
62: 2007-11-18 19:34:31 UTC - RP168 - Removed LiveUpdate Notice (Symantec Corporation)
61: 2007-11-15 13:27:46 UTC - RP167 - Software Distribution Service 3.0
60: 2007-11-13 16:15:21 UTC - RP166 - System Checkpoint


-- First Restore Point --
1: 2007-08-25 10:58:20 UTC - RP107 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 503 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-11-23 17:29:31
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32... Read more

A:laptop popup says it has worm.win32.netsky all 5 steps completed.

Apologies for the delay in responding.

The workload on this forum is intense, and sometimes it is not possible to respond to every
inquiry.


Please download SmitfraudFix
Extract the files to the Desktop

~~~~
Start the computer in Safe Mode:When the machine reboots, tap the F8 key before Windows starts
You are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Press Enter to boot into Safe Mode.

~~~~
Open SmitfraudFix Double-click smitfraudfix.cmd
Select Option 2 - Clean by typing 2 and press Enter (Deletes infected files)
You are prompted: Do you want to clean the registry? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
The tool also checks if a relevant file, wininet.dll, is infected.
You may be prompted to replace the infected file (if found).
Replace infected file? Answer Y (yes) and hit Enter to restore a clean file.

When it is done, a log named rapport.txt is created, listing infected files (if present).

~~~~
Restart the computer to complete the removal process.

~~~~
Next, download ComboFix
Save it to the Desktop

Double-click combofix.exe to run the program
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to stall.)

When finished, a log, ComboFix.txt, is produced.

~~~~
Run HijackThis once again to obtain a new log.

~~~~
Please post... Read more

4 more replies
Answer Match 72.24%

Deckard's System Scanner v20070804.61
Run by HP_Owner on 2007-08-05 at 16:46:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 504 MiB (512 MiB recommended).


-- HijackThis (run as HP_Owner.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:37:16 PM, on 8/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Common Files\AOL\1128887343\ee\AOLSoftware.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Softw... Read more

A:Completed the 5 Steps

Please stay with this thread, and only post here for this problem. Do not start a new thread, otherwise it is too confusing...

Use Post Reply - left bottom corner. Thanks!!


Next, download ComboFix.exe

Save it to the Desktop

Double-click combofix.exe to run the program
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to stall.)

When finished, a log, ComboFix.txt, is produced.

~~~~
Please post the ComboFix.txt, and a new HijackThis log in your reply.[/QUOTE]

19 more replies
Answer Match 72.24%

Here is my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:05:14 PM, on 1/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F3 - REG:win.ini: load=C:\WINDOWS\system32\vtutq.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run... Read more

A:Completed 2/5 steps - please look over this and tell me what to do

Hello

I needed you to go all the way through the steps. We prefer a more comprehensive set of logs to assist in detecting any malware that may be present. As noted in the final step (Step 5) of our sticky topic (Updated!) IMPORTANT - Read This Before Posting A Log, download Deckard's System Scanner (DSS) to your Desktop.

What DSS will do:create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review.
DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.


Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt in your next reply.
Please attach extra.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer"... Read more

19 more replies
Answer Match 72.24%

I accidentally infected my computer with security toolbar 7.1. I have done the 5 steps and i did not get a log from that first scan but here is the log it gave me on the last one.

Deckard's System Scanner v20071014.68
Run by Alan Hickman on 2007-10-21 13:33:39
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
98: 2007-10-21 18:33:54 UTC - RP572 - Deckard's System Scanner Restore Point
97: 2007-10-21 10:02:26 UTC - RP571 - Software Distribution Service 3.0
96: 2007-10-21 09:56:58 UTC - RP570 - Installed Windows Defender
95: 2007-10-21 09:24:44 UTC - RP569 - Restore Operation
94: 2007-10-20 09:03:00 UTC - RP568 - System Checkpoint


-- First Restore Point --
1: 2007-08-01 05:41:11 UTC - RP475 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 504 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-10-21 13:35:50
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.ex... Read more

A:Completed five steps...here is the log.

Bump!

3 more replies
Answer Match 72.24%

Avast seems to find a new malware every 20 min. I could not complete a panda activescan because the update would stall and hang at 19 %

Deckard's System Scanner v20071014.68
Run by Owner on 2008-05-30 21:04:04
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
102: 2008-05-31 01:04:12 UTC - RP583 - Deckard's System Scanner Restore Point
101: 2008-05-30 21:19:31 UTC - RP582 - Restore Operation
100: 2008-05-30 21:12:31 UTC - RP581 - Restore Operation
99: 2008-05-30 21:09:59 UTC - RP580 - Restore Operation
98: 2008-05-30 21:07:03 UTC - RP579 - Restore Operation


-- First Restore Point --
1: 2008-03-02 21:51:33 UTC - RP482 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-30 2111
Platform: Windows XP Service Pack 3 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Awar... Read more

A:I have completed the 5 steps!

Hi and welcome to TSF.

My name is Iain and I will be helping you clean your system.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.
Download SDFix and save it to your desktop.
Do not do anything with this yet!


Reboot
Reboot your system in Safe Mode.Restart the computer. The computer begins processing a set of instructions known as BIOS.
After hearing your computer beep once during startup, but before the Windows icon appears, press F8 (dependent on your system this may be F5 or another key)
Instead of Windows loading as normal, a menu should appear
Use the arrow key to highlight Safe Mode and press Enter.


SDBot FixRight click the SDFix.zip folder and choose Extract All,
Open the extracted folder and double click RunThis.bat to start the ... Read more

7 more replies
Answer Match 71.4%

ok, i know i have malware on my computer. i read the 5 steps to do first....

step one-
i ran ad-aware (i have pro edition), no problems found,
aswell as spy bot s& d and cwschredder, all fine

syep two-i have norton and avg, no problems

step 3-none from that list

step 4-none from that list

step 5-can't update from windows, just get errors

here is my hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 9:57:51 AM, on 5/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator.JBOOGY\Local Settings\Temporary Internet Files\Content.IE5\ZQQBBUH0\stng260[1].exe
C:\Program Files\a-squared\a2guard.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Documents and Settings\Administrator.JBOOGY\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Inte... Read more

A:ok, difinitely need help. i have completed the five steps

Hi,

Quote:




If you are seeking help for spyware/antivirus issues, or wish to have your Hijack This log checked, please do not post here!




Post it at the HijackThis Log Help section. I think I mod will move this post.

5 more replies
Answer Match 71.4%

log listed below : DO YOU WANT THE PANDA SCAN SCAN ALSO?

had constant pop ups- they have stopped- system very slow..avast found virus in operating system-win32:agent-PSG [drp] and vtutr.dll -
trojans




I just know how to computer surf- my son goes to online school- so we really need this computer
log listed below

Deckard's System Scanner v20071014.68
Run by wpccs on 2008-02-03 18:09:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-02-03 23:09:39 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 248 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-02-03 18:13:54
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WI... Read more

A:hijackthis log- completed 5 steps

Hi dorimom, and welcome to TSF.

Sorry for the delay in looking into your log, as we are extremely busy as you may have noticed. If you still require assistance and are not seeking help elsewhere, then please carry out my instructions.

Please subscribe to this thread so that you are notified when you receive a reply. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Add Subscription.

--------------------------------------------------------------


Please download HijackThis. This program will help us determine if there are any spyware/malware on your computer. Double-click on the file you just downloaded. Click on the "Install" button. It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis

Close HiJackThis

--------------------------------------------------------------


Since it has been awhile... Please run Deckard's System Scanner (dss.exe) again, and post the resulting log.

--------------------------------------------------------------

Please include the following in your next reply:

C:\Deckard\System Scanner\main.txt

5 more replies
Answer Match 71.4%

Hello and thank you for any help you may be able to give. I've gone through the five required steps before posting my logs for help.

I've run Spybot, Adaware and SuperAntiSpyware and can't seem to clear up whatever the issue is.

Following are the required log files (as well as the "extra" text file attached):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:06:02 PM, on 1/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\vtsphlxp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program File... Read more

A:HijackThis Log - completed 5 steps

bump

anyone?

19 more replies
Answer Match 71.4%

Computer has a very slow startup. I cannot get rid of this Kodak Easyshare. Internet response time a bit faster, page to page.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 05:44, on 2008-03-19Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exeC:\Program Files\Common Files\AOL\1101823440\ee\services\safetyCore\ver210_5_2_1\aolavupd.exeC:\WINDOWS\system32\cisvc.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\WINDOWS\system32\lxczcoms.exeC:\WINDOWS\Explorer.EXEC:\Program Files\mcafee.com\personal firewall\MPFService.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\wanmpsvc.exeC:\WINDOWS\system32\fxssvc.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\MUSICMATCH\... Read more

A:All Steps Completed Up To Hijack

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:Preparation Guide For Use Before Posting A Hijackthis LogPlease also post the problems you are having.

1 more replies
Answer Match 71.4%

I recently had a virus and used HP recovery and now I don't have any sound. I originally posted this in the sound card forum and was instructed by deejay100six to go through the five steps of identifying a virus. I completed those steps and below is my Panda Scan results. I have the hijackthis results when ever you need them. I originally went through all of the basic steps to fixing the sound problem but nothing worked. Thanks again in advance.

ANALYSIS: 2008-08-16 02:24:44
PROTECTIONS: 1
MALWARE: 19
SUSPECTS: 2
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
avast! antivirus 4.8.1229 [VPS 080815-0] 4.8.1229 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;==============================================================================================... Read more

A:No Sound/5 steps completed

I need some help here guys. Below is my hijackthis results.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:50 AM, on 8/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\... Read more

4 more replies
Answer Match 71.4%

Deckard's System Scanner v20070905.67
Run by Tom Roach on 2007-10-01 10:32:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
104: 2007-10-01 14:32:38 UTC - RP355 - Deckard's System Scanner Restore Point
103: 2007-10-01 14:17:25 UTC - RP354 - Installed WinZip 11.1
102: 2007-09-30 07:00:16 UTC - RP353 - Software Distribution Service 3.0
101: 2007-09-29 17:11:48 UTC - RP352 - Removed Adobe? Photoshop? Album Starter Edition 3.2
100: 2007-09-29 16:55:46 UTC - RP351 - Installed Windows Internet Explorer 7.


-- First Restore Point --
1: 2007-09-24 19:33:06 UTC - RP252 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Tom Roach.exe) -------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-10-01 10:39:35
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16512)

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\syst... Read more

A:WinAntiVirusPro - 5 steps completed

1. Download & Save this file to Desktop -> http://download.bleepingcomputer.com...a/ComboFix.exe

2. Double click on combofix.exe & follow the prompts.

3. When finished, it shall produce a log for you. Post that & a fresh Hijackthis log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

13 more replies
Answer Match 70.56%

I'm using Windows XP, I installed, Spybot Search and Destroy and Spyware Blaster (basically completed all 5 steps).
The problem that I'm having is that my computer takes forever to turn on. Then there are alot of error messages (windows has encountered a problem in " " program and has to close), there are about 20 of these messages, all referring to windows/system32/XXXX.exe where xxxx are all different program files. Most of this started when my kids were playing an online game called Maple story (from Nexon) and a game called Banned story. I've also deleted a program called Absolute start up (that still seems to be lingering, as well as AOL instant messaging (aol always gives me problems). Also hard to get rid of is Spyware bot (as opposed to Spybot search and destroy). Previous to this mess that you see in my log, I ran my Mcafee virus scan and detected (& removed) several viruses (trojans, worms). I hope you can help me clean my mess! Please let me know if you need more info! I've attached the extra.txt. thank you!!!


Deckard's System Scanner v20070905.67
Run by Sandra on 2007-09-13 15:20:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
44: 2007-09-13 19:20:39 UTC - RP44 - Deckard's System Scann... Read more

A:Computer bogged down, I've completed the 5 steps

Hi.
Quite a bit to tidy up....



Go to Start > Run and type

cmd

and OK. Type the below commands and hit "Enter" after each line

sc stop g6euuloz4omli7
sc delete g6euuloz4omli7


Type Exit to close.


=================================

Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It's IMPORTANT to carry out the instructions in the sequence listed below.


1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.


Open *notepad* and copy/paste the text in the quotebox below into it:



Quote:





File::

C:\WINDOWS\system32\bi.exe
C:\WINDOWS\system32\i.exe
C:\WINDOWS\system32\zpoaktwskm.exe
C:\WINDOWS\system32\hklsyrutqdfb.exe
C:\WINDOWS\system32\zkxl.exe
C:\WINDOWS\system32\bxhrwlxbmfmk.exe
C:\WINDOWS\system32\snu.exe
C:\WINDOWS\system32\mzzen.exe
C:\WINDOWS\system32\uxlahgmomyk.exe
O C:\WINDOWS\system32\eni.exe
C:\WINDOWS\system32\aoebviepf.exe
C:\WINDOWS\system32\saqxdpoh.exe
C:\WINDOWS\system32\vlxriufvzco.exe
C:\WINDOWS\system32\szwdlrxb.exe
C:\WINDOWS\system32\xijw.exe
C:\WINDOWS\system32\ftmvqslxii.exe
C:\WINDOWS\system32\rlpawdwuggsf.exe
C:\WINDOWS\system32\mih.exe
C:\WINDOWS\system32\kdepcd.exe
C:\WINDOWS\system32\dqwdsti.exe
C:\WINDOWS\system32\dvbeqh.exe
C:... Read more

15 more replies
Answer Match 70.56%

I am experiencing Browser hijacking and pop ups in new tabs.
nothing else yet, that I know of, except a ding (like the one we hear when we click on something that won't work) that just sounds for no reason.
Attached is the requested logs. Thank you so much, in advance.
**All scans were done in safe-mode**

DDS (Ver_10-03-17.01) - NTFSx86 NETWORK
Run by Owner at 13:01:21.76 on Mon 07/12/2010
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.363 [GMT -4:00]

AV: Norton AntiVirus *On-access scanning disabled* (Updated) {B5510F6F-87E1-47F7-A411-360BC453007C}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
mDefault_Page_URL = hxxp://www... Read more

A:First Steps completed, ready for analysis

Hi,

Please do the following:

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.
When finished, it sh... Read more

12 more replies
Answer Match 70.56%

Hi

Just the other night while reading a forum I regularly visit, popups started to happen, a TAG (SearchUs) icon appeared on the desktop, Outerinfo appeared in the task bar, MS Office install window pops up, and a few others.

I have AVG, SpywareBlaster, Spybot, and a few other on my PC. After running them Spybot was able to remove a few but the Smitfraud-C.CoreService remained. All of the above symptoms are still happening about every 15 minutes or so.

I completed the first 5 basic steps from this forum you are supposed to do before posting a log. AdAware detected nothing. Panda detected 1 Virus, 37 Spyware, and 6 Hacking Tools/Rootkits. Hopefully somebody can help me. Here is the info...

PANDA:

Incident Status Location

Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\vturppm.dll
Spyware:Spyware/Virtumonde ... Read more

A:Smitfraud-C.CoreService, completed the 5 STEPS

PS: It took me 5 hours to do the above (yes... 5 hours) and do the 5 steps.

I took the time to follow the forum rules when posting logs and asking for help.

I hope somebody takes the time to help so the hours I invested don't go to waste.

Many thanks.

8 more replies
Answer Match 69.72%

Hi all,

this is my first post and I wish it was on better terms. I am getting pop ups telling me that I have Win32.trojan.rx My back round on my desk top turned red and I have no access to my task manager.

I have tried downloading DSS but cannot.

Things I have already tried (hopes this helps in coming to a quicker resolution)

1) Run Adaware in safe mode
2) Run Spybot in safe mode
3) Run Ez Armor virus scanner in safe mode
4) Run cc Cleaner in safe mode
5) Delete temporary internet files
6) down loaded but have not yet run AVG anti virus.
7) Looked for suppicious items in control panel (ad remove programs) found slotchbar but cannot remove it.
8) Made hidden files viewable

My biggest fear is that this trojan got a hold of my banking and credit information. Is there anyway to confirm?

Listed below is my Hijack this log. I know you are all very busy and appreciate your help.

Logfile of HijackThis v1.97.7
Scan saved at 2:34:58 PM, on 6/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDO... Read more

A:Win32.trojan.rx Need help (completed basic steps)

Update:

I also ran SmitFraudFix and had it clean files as well.

I dont know if the problem is fixed but I now have access to my back round and task manager. My computer is also NOT alerting me any more telling me I have a virus.

Im skeptical to think I am cured but I posted both the smitfraud fix log and a new Hijackthis log below. Please review and let me know. Thanks for your help.

SmitFraudFix v2.194[/B]

Scan done at 15:10:25.20, Sat 06/09/2007
Run from C:\Documents and Settings\John Pagnotta\Desktop\Antivirus\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

???????????????????????? SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

???????????????????????? Killing process


???????????????????????? hosts


127.0.0.1 localhost


???????????????????????? Generic Renos Fix

GenericRenosFix by S!Ri


???????????????????????? Deleting infected files

C:\WINDOWS\susp.exe Deleted

???????????????????????? DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{80D56E64-E792-4579-957C-DFA59D348CD8}: DhcpNameServer=167.206.245.71 167.206.245.70 167.206.245.7
HKLM\SYSTEM\CS1\Services\Tcpip\..\{80D56E64-E792-4579-957C-DFA59D348CD8}: DhcpNameServer=167.206.245.71 167.206.245.70 167.206.245.7
HKLM\SYSTEM\CS2\Services\Tcpip\..\{80D56E64-E792-4579-957C-DFA59D348CD8}: DhcpN... Read more

14 more replies
Answer Match 69.72%

Hello and this is my first post.. I'm using an account a friend let me use.

Earlier this week I was viewing a page in Internet Explorer(Mind that I don't prefer IE, I mainly use Firefox) and something attacked my system and started bringing up popups about a "free spyware remover" program, telling me my computer was infected. Knowing this was a hoax, I closed them, only to find that they'd uploaded something to my system. It seemed like adware. There was an icon in the taskbar that would not go away, saying the same thing as the popups- "Your computer is infected! Click here to download spyware remover!" On top of that, the files or whatever have disabled most administrative capabilities I once had, like the Control Panel, Add/Remove programs, and even the Desktop Properties menu.

Now I've tried at least 4 programs to rid myself of this annoying problem- Norton, SpyBot S&D, and none have fixed it.

A friend recommended me to you guys and it looks like you really know what you're doing. I've completed steps 1-5 to the best of my abilities as of now. I couldn't even do step 1 due to the fact that the malicious stuff has disabled my Control Panel. Step 2 concerning the Panda ActiveScan was unsuccessful, as the popup window doing the scan mysteriously closed part-way through the scan.

Anyway, here's the DSS and HijackThis reports. Any help is greatly appreciated. I want my computer back! And REVENGE!

Deckard's System Scanner v20070826.66
R... Read more

A:Spyware/Malware/SOMETHING Steps 1-5 completed(kind of)

Sorry for the double post, there doesn't seem to be an edit button.

Also try to keep it in layman's terms, I'm not that much of a computer wizard- just a gamer.

16 more replies
Answer Match 69.72%

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:27:43 PM, on 3/11/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exeC:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exeC:\Program Files\Common Files\AOL\1133363615\ee\AOLSoftware.exeC:\Program Files\Yahoo!\Antivirus\CAVTray.exeC:\Program Files\Yahoo!\Antivirus\CAVRID.exeC:\PROGRA~1\Yahoo!\YOP\yop.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Yahoo!\Search Protection\SearchProtection.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\PROGRA~1\Yahoo!\browser\ycommon.exeC:\Program Files\CreataCard\Gold\FMRemind.exeC:\Prog... Read more

A:Hijack This Report-prior Steps Completed

Hello bigdaddy43 and welcome to the BleepingComputer Forums. Since it has been a few days, please post a new HijackThis log.Please tell me what is wrong with this computer. Thank you for your patience.

6 more replies
Answer Match 69.3%

Hi,

I have picked up a virus that has deleted my anti-virus programs and prevents me from installing any new ones. I can install them, but the "exe" file is immediately deleted. I am also prevented from booting into safe mode-I get a message that states there have been hardware or software changes that prevent this. I am also unable to activate my firewall protection. I would certainly appreciate any assistance!!!

Deckard's System Scanner v20070809.63
Run by rickir on 2007-08-15 at 07:28:42
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
97: 2007-08-15 12:28:55 UTC - RP796 - Deckard's System Scanner Restore Point
96: 2007-08-14 19:18:09 UTC - RP795 - Installed AVG 7.5
95: 2007-08-14 19:05:17 UTC - RP794 - Installed AVG 7.5
94: 2007-08-14 18:48:19 UTC - RP793 - Installed AVG 7.5
93: 2007-08-14 18:43:12 UTC - RP792 - Installed AVG 7.5


-- First Restore Point --
1: 2007-05-17 22:53:35 UTC - RP700 - Installed WordPerfect Lightning.


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as rickir.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:56:39 PM, on 8/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE:... Read more

A:Virus deletes antivius progs-steps 1-5 completed

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

I'd advise you to first back up any valued data now. If you really have a file infector, your OS may be in serious jeopardy. That said, you were able to run DSS, so it may just be that the infection is disabling the AV, not deleting it. I still see services from Avast in your logs.

---------------------------------------------------------------------------------------------

Please disable Winpatrol, as it may hinder the removal of some entries. You can re-enable it after you're clean.
Right click the running icon of winpatrol, and choose exit.

---------------------------------------------------------------------------------------------

Open HijackThis and click o... Read more

15 more replies
Answer Match 69.3%

--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
69: 2008-01-31 01:28:43 UTC - RP952 - Deckard's System Scanner Restore Point
68: 2008-01-30 17:13:30 UTC - RP951 - Software Distribution Service 3.0
67: 2008-01-29 04:16:44 UTC - RP950 - System Checkpoint
66: 2008-01-28 02:45:48 UTC - RP949 - Installed Ad-Aware 2007
65: 2008-01-27 08:45:23 UTC - RP948 - System Checkpoint


-- First Restore Point --
1: 2008-01-23 03:35:38 UTC - RP884 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 80% (more than 75%).
Total Physical Memory: 127 MiB (512 MiB recommended).
System Drive C: has 2.41 GiB (less than 15%) free.


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-30 19:33:34
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDO... Read more

A:Spyware and viruses slowing computer (completed all five steps)

BUMP

Did I do something wrong? This is my third post and nobody has answered, I really need help.

2 more replies
Answer Match 69.3%

Deckard's System Scanner v20071014.68
Run by David Anderson on 2008-01-27 11:16:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
16: 2008-01-27 18:13:39 UTC - RP1115 - Software Distribution Service 3.0
15: 2008-01-27 17:26:16 UTC - RP1114 - Software Distribution Service 3.0
14: 2008-01-26 23:57:46 UTC - RP1113 - Software Distribution Service 3.0
13: 2008-01-26 23:04:19 UTC - RP1112 - Software Distribution Service 3.0
12: 2008-01-26 22:56:02 UTC - RP1111 - Software Distribution Service 3.0


-- First Restore Point --
1: 2008-01-11 13:37:32 UTC - RP1100 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-01-27 11:39:58
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\SYSTEM32\services.exe
C:\WINDOWS\SYSTEM32\lsass.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\svchost.exe
C:\WINDOWS\SYSTEM32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\Ap... Read more

A:spyguard pro infection (steps completed and logs are included)

Bump!

2 more replies
Answer Match 68.46%

Hello
I have been having an issue with Winantivirus pop-ups which have led to various spyware and adware infections. I have seen many variations to the pop-up including winantivius, winantiviruspro, errorprotection, winantispyware, as well as many pop-up and new browser window ads. I have also noticed minor degradation in system performance.

I have completed the 5 steps and have all logs from scans available.
Below is the main text file and attached is the extra text file from the Deckard scan.

I am not sure what additional information would be helpful to the analyst. One concern i have is that SP2 has already been installed. If anyone could assist I would greatly appreciate it.

Thanks
Matt

Deckard's System Scanner v20070905.67
Run by Matthew on 2007-09-07 18:52:45
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 4 Restore Point(s) --
4: 2007-09-07 22:52:52 UTC - RP217 - Deckard's System Scanner Restore Point
3: 2007-09-07 22:30:56 UTC - RP216 - Software Distribution Service 3.0
2: 2007-09-07 18:22:20 UTC - RP215 - Removed Get High Speed Internet!
1: 2007-09-07 16:32:35 UTC - RP214 - Installed Windows Internet Explorer 7.


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Matthew.exe) ------... Read more

A:Winantivirus and related PUP adware spyware issues. 5 steps completed

Please download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it.
Put a check next to Run VundoFix as a task.
You will receive a message saying vundofix will close and re-open in a minute or less. Click OK
When VundoFix re-opens, click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.
Please post the contents of C:\vundofix.txt and a new HiJackThis log.

==============================

Please download Combofix from HERE

Save ComboFix to the desktop.

1. Double click on combo.exe & follow the prompts.
2. When finished, it will produce a logfile located at C:\ComboFix.txt.
3. Post the contents of that log in your next reply with a new hijackthis log.
Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.

9 more replies
Answer Match 68.46%

I haven't really scanned this computer ever, but the school I went to offered free antivirus software called Counterspy which I've used to scan recently. It detected a whole lot (with updated definitions) such as various pieces of spyware, and some trojans in my Outlook email, which I just ended up deleting as a whole, but I had a feeling there is much more going on.

I followed the steps and the only thing notable to point out about step 1 is that I had the viewpoint media player, which I uninstalled. I have no clue how that even got installed.

Here are the logs:

dss main.txt:
Deckard's System Scanner v20070826.66
Run by Admin on 2007-09-05 13:42:47
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 255 MiB (512 MiB recommended).
System Drive C: has 1.71 GiB (less than 15%) free.


-- HijackThis (run as Admin.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:34:00 AM, on 9/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Mi... Read more

A:Slow Computer..Kaspersky reveals 15 viruses.. HELP! 5 steps completed.

Please download Combofix from HERE

Save ComboFix to the desktop.

1. Double click on combo.exe & follow the prompts.
2. When finished, it will produce a logfile located at C:\ComboFix.txt.
3. Post the contents of that log in your next reply with a new hijackthis log.
Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.

================================

Download Superantispyware (SAS) free home version from HERE


Install it and double-click the icon on your desktop to run it.
? It will ask if you want to update the program definitions, click Yes.
? Under Configuration and Preferences, click the Preferences button.
? Click the Scanning Control tab.
? Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others as they were.
o Click the Close button to leave the control center screen.
? On the main screen, under Scan for Harmful Software click Scan your computer.
? On the left check C:\Fixed Drive.
? On the right, under Complete Scan, choose Perform Complete Scan.
? Click Next to start the scan. Please be patient while it scans your computer.
? After the scan is complete a summary box will appear. Click OK.
? Make sure everything in the white box has a check next to it, then click Next.
? It will quarantine what it found and if it asks if ... Read more

5 more replies
Answer Match 68.46%

Hi all,

Both firefox and ie are not working for many websites. Google search being diverted to ad sites. I have followed the 5 steps process and attached panda results and extra.txt files are attached. Main.txt contents is pasted below. Thanks a lot in advance for helping me.

Deckard's System Scanner v20071014.68
Run by KAravind on 2008-06-22 18:01:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 2 Restore Point(s) --
2: 2008-06-22 22:01:17 UTC - RP44 - Deckard's System Scanner Restore Point
1: 2008-06-22 07:24:21 UTC - RP43 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as KAravind.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:02:51 PM, on 6/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\WLTRYSVC.EXE
C:\WINNT\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\... Read more

A:IE popups + Google search not working in firefox - 5 steps completed

Hi, welcome to tsf!

sorry for the delay.

if you still need assistance, please post a fresh main.txt log.

1 more replies
Answer Match 68.46%

Hello,Great forum by the way! I have found tons of useful information here but unfortunately I am still experiencing some issues. A few days ago the computer was infected with Antispyware Soft. I received all of the typical infection signs and went through the manual self-removal steps. This stopped the issue of the false warnings but shortly after I noticed that I was experiencing the same redirect issue that others have experienced with this infection. I went through the manual steps including removing the Doc&Settings folders it created as well as the registry values. In the registry, there were some values listed as Antispyware Suite in addition to the 'Soft'. I also went through the steps on another forum's post before finding this one. None of the removers can locate anything now and I even ran a rootkit download tool that was recommended. It found one item, removed it and everything worked normally for a few minutes then more of the same redirect issue. Nothing so far has found anything else. Yet every time I try to perform a search, I get redirected. Sometimes without even running a search: just scrolling on a page will cause a redirect to one of several different sites but all seem to pertain to shopping, advertising or search sites.I have run so many things that I cannot remember them all now but I do know there is something definitely still on the computer but nothing is finding it. This is even causing the internet connection to go undetected a... Read more

A:Antispyware Soft Infection: Removal steps completed but still having issues....

Hello, KarenReyWelcome to the Bleeping Computer Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.If you do not make a reply in 4-5 days, we will have to close your topic.You may want to keep the link to this topic in your favourites. Alternatively, you can click the button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.Please take note of some guidelines for this fix:Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.Please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if th... Read more

13 more replies
Answer Match 67.62%

Thanks for your help. Chrome stalls and when closed it takes 5 or 6 tries to re-open. Start-up is also VERY slow? I completed the logs you need, I don't have a Windows Install disc or a Boot CD, but I have made a backup. thanks, - Jason



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2
Run by Jason at 14:00:44 on 2013-02-09
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3957.1656 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:... Read more

A:Completed initial scans/steps -- browser stalls and slow start-up

bump, please :)

3 more replies
Answer Match 62.16%

My computer began directing my searches to non-google sites and bringing up popups. I was running windows defender and AVG. I use firefox for browsing. All are up to date. Running Windows Vista Home in a newer HP desktop, wired connection. I was not able to update any programs (ad aware, spybot, AVG, windows defender, etc). Also, when I run hijack this I get an error message indicating that hijack this was "denied write access to the hosts file". Hijackthis automatic analyzers do note some problems files but when I check them and click fix, they are still there after I scan again (including after a reboot). That line is:"O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe"I (ignorantly) ran combofix already as directed by a related forum post. It indicated that there was a trojan infection, restarted the computer and instructed me to re-run. I did and it created a log, though I understand I'm not to post that unless directed. It helped, now I can update my programs and I have not been redirected when searching, but I'm sure I have not completely addressed the problem(s) yet, thus, the request for your help (thanks in advance).Below is the DDS log and attached is the, er, attach.txt file per these instructions:DDS (Ver_09-03-16.01) - NTFSx86 Run by Bedroom at 16:53:36.05 on Sat 03/21/2009Internet Explorer: 7.0.6001.18000Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3582.2192 [GMT -7:00]AV: AVG Anti-Virus Free *On-access scanning enable... Read more

A:Unknown malware or trojan - initial steps completed per initial posting instruction

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructio... Read more

2 more replies
Answer Match 50.82%

I just tried to load a program from the CD/DVD drive and it is not working. I cannot find a driver for it. How can I find out what make and model # the drive is and then I can get a driver. IDE\CdRomHL-DT-ST_RW/DVD_GCC-4247N_______________1.02____ That's what I got from device manager, properties, details, hardware Ids. If I should post this in another forum let me know.
 

A:CD/DVD drive problem. Just completed cleaning laptop from virus with TechSpot help

Optical drives don't need any extra drivers.

One of these may help:
1. Uninstall the drive through Device Manager.
Restart computer. The drive will be automatically reinstalled.
or...
2. http://support.microsoft.com/kb/314060
Restart computer.
or...
3. Download, and run Restore Missing CD Drive patch
Double click on cdgone.zip to unzip it.
Right click on cdgone.reg, click Merge.
Accept registry merge.
Restart computer.
or...
4. Go to Device Manager, click a "+" sign next to IDE ATA/ATAPI Controllers.
You'll see two items:
- ATA Channel0 (or Primary Channel)
- ATA Channel1 (or Secondary Channel)
Right click on each of them, and click Uninstall. Confirm.
Restart Windows. They'll be automatically reinstalled.
 

1 more replies
Answer Match 49.98%

Hi all! So, assuming I just got my brand-new laptop or PC (or even if it is a warranty-replacement),  what are the first things I should do to it, and in what order? I think I may have an Idea as to some of the steps, but I have some questions about the steps involved the order to do them in.  My ideas and questions are listed below. (The OS would be Windows 7 Professional, downgraded from Windows 10 Professional, or, for the purposes of this thread, it could even be Windows 10/10Professional.  But in general, I am thinking Windows 7 Professional.) 1) use imaging software to create a clone of the drive(s)...Acronis or Macrium Reflect?  Is the produced backup one file (ie like an .iso) or is it the entire drive?  If I have two drives installed, do I need to clone the HDD as well, or just the SSD? 2) When referring to a machine with a warranty-replaced part, practical wrote,"If it were me, I'd first verify that the new machine boots properly with the configuration supplied from Lenovo -- no smoke, drama, etc.  Perhaps even run the full diagnostics as well.  Maybe "burn it in" overnight. When you are satisfied that all is well, then...make the changes appropriately.  You would not want to risk loosing your data, installed software, etc. in the event your replacement is a lemon."2a) Does this also apply to new machines? 2b) What exactly is meant by the phrase "burn it in overnight"? How long is recomm... Read more

More replies
Answer Match 48.72%

my laptop starts too many background processes and takes up 100 percent of cpu usage and memory usage. so when i try to run the scans in pre cleaning steps it gives me bsod about memory dump. i think there might be some script or something that starts too many explorers with specific websites, the process explorer.exe takes up too much memory and cpu usage and does not leave space for anything else. your help is appreciated thanks

A:my laptop wont allow pre cleaning steps

my laptop is vista. i tried restoring host files but still the process explorer.exe takes up too much memory and too much processor power. please help.

2 more replies
Answer Match 48.72%

Hello All,

So I promised my gf I'd attempt to clean up her laptop. I haven't seen it yet but from what I'm hearing it's an absolute mess with a plethora of viuses, spyware, malaware (oh my!), slow boot up and processing, etc. Anyhow I thought Id ask if you guys have any suggestions for what to do first and how to go about ti in general. Here's what I was planning on:

Run Avaste anti-virus scan.
Run multiple spy/adware programs (Adaware, SpywareBlaster, Spyware S&D)
Back up Registry
Run CCleaner
Run EasyCleaner

I figured this would be a good start and afterwards maybe post a Hijack log and see where to go from there. Any suggestions?

I do not know the make or model of the laptop, but if I had to guess Id say it's a Dell. Also not sure of the OS, either Windows 2000 or XP....probably 2000.

Thanks!
 

A:Solved: Laptop Cleaning: Steps To Take?

15 more replies
Answer Match 48.3%

Long story short I have a laptop (toshiba satelite) that has been running without protection for 5 months. It had a slew of malware and the occasional virus, but after two days I beleive i have cleaned most of it up. unfortunatly my knowledge is limited and I dare not mess with hijackthis and so I have come here. Everything is upto date and cleaned but im pretty sure there are some loose ends still to tie up. Anyways here is the log, please check it out and give suggestions on how to clean completely. Thank youO4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exeO4 - HKLM\..\Run: [TFNF5] TFNF5.exeO4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.ExeO4 - HKLM\..\Run: [TFncKy] C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe /Type 20O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXEO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exeO4 - HKLM\..\Run: [HP Software Update] "C:&#... Read more

A:Infection / Final Steps To Rid Laptop Of This Menace

You have posted an incomplete log. We need to see the entire log, including the heading with version details. To copy the entire log, click on Edit, then Select All, then Edit again and Copy. Then paste that into your next reply to this post.

1 more replies
Answer Match 48.3%

There are awesome tools here (thank you) but I'm hoping to get a bit of advance on best way to proceed in this instance. Some time ago I bought an open box Samsung laptop from BB that was 'geek certified'. It had Win 8 (not 8.1) and from the getgo it was clear it was not properly configured. Because it was a gift, I had to clean it before presenting it, and due to BB handling, I just purchased another one at my destination (from a different source) and left this one back home. Periodically I try to work on it but have not made success. NOTE: Jump to end for question but I'm putting the other info in case it is relevant to next steps.
 
Out of the box I found personal files and IMHO a mishmash of several different OEM Windows files. I got past the looping "auto repair" issue, and the "IE connects but no other browsers connect to Internet" issue, but repeatedly got a variety of BSOD. There was also an issue with MS resetting the wireless driver with updates, so worked around that. My theory was that the mixed Windows files were problematic; however, some of the errors sounded like hardware (although I did not get any hw errors located).
 
In April I spoke with Samsung who told me to update bios and download their sw update program. They also ordered a win8 recovery disk so I could have clean Windows files. The disk recently arrived, and I tried all the different recovery options (files & apps, files only, reset everything, etc.) Option 1 and 2 failed at 30 and 37%... Read more

A:Help pls with steps on BSOD on Win8 'open box' laptop

Hi -
 
The very first thing that should be done when buying a system previously owned by another is to reinstall Windows.  As you found out, you never know what the prior owner left behind. 
 
As I was reading your post, my thoughts immediately went to wiping (low-level format) the hard drive  & reinstalling Windows.
 
IMO, there is no better way to help figure out if your system is suffering from software issues (drivers) or hardware failure.  Assuming the Samsung media (recovery discs)  are good and that your DVD drive is good, Windows should install onto a blank hard drive without any problems if the rest of the hardware is good.
 
Waiting for Windows 10 RTM and then installing it onto a hardware-failure plagued system obviously will never work and is a waste of time.
 
I suggest you get Windows 8.1.1 up and running smoothly before even thinking about upgrading to Windows 10.
 
- Wipe HDD using KillDisk - http://www.sysnative.com/forums/hardware-tutorials/449-format-hdd-low-level-format-killdisk.html
- Install Windows 8 using the Samsung Recovery disc(s) -- I assume they are W8 discs - or is it W8.1?
- upgrade to Windows 8.1 (free!) - http://windows.microsoft.com/en-us/windows-8/upgrade-to-windows-8
- allow ALL Windows Updates to install (~150-175+), including Windows 8.1 Update 1   
- check Action Center (click on Flag - lower-right screen) and install missing 3rd party (Samsung) driv... Read more

5 more replies
Answer Match 48.3%

Hi all,
recently i bought new laptop(lenovo g580), it is having DOS operating system. now i want to install windows 7 can i know details what i have to do for that? what drivers i had to install? please mention step by step.


Thanks
srinivas

A:Can i know steps to install windows 7 for new lenovo laptop(having DOS

Hi,

Simply insert your Windows 7 installation DVD into the DVD player of the laptop, and then boot from it. Follow the steps presented to you to install Windows 7. It will automatically take care of 99.9% of the drivers, so you don't need to worry about that.

Regards,
Golden

2 more replies
Answer Match 47.88%

Ok, i have a Presario F504ea Laptop, on Vista home premium. It works fine for me, that is until i installed IE8 from microsoft.com. There wasn't a problem at all with it before, however now, i cant use tabs [ or the right click menu ] and my msn doesn't work, and now, my network seems to be slower.
I am not blaming it all on IE8, afterall, i did download a few updates [not sp1... yet] but surely, IE8 has made something go wrong on my laptop, and i cant uninstall it, and if i wanted to download IE7 for vista, i cant as it says that it is supplies with it!

Any suggestions of how i could correct this problem would be appreciated, and if the thread is iin the wrong subject, apologies for that aswell.

Tatz93

A:IE8 Screwed my laptop

Originally Posted by tatz93


Ok, i have a Presario F504ea Laptop, on Vista home premium. It works fine for me, that is until i installed IE8 from microsoft.com. There wasn't a problem at all with it before, however now, i cant use tabs [ or the right click menu ] and my msn doesn't work, and now, my network seems to be slower.
I am not blaming it all on IE8, afterall, i did download a few updates [not sp1... yet] but surely, IE8 has made something go wrong on my laptop, and i cant uninstall it, and if i wanted to download IE7 for vista, i cant as it says that it is supplies with it!

Any suggestions of how i could correct this problem would be appreciated, and if the thread is iin the wrong subject, apologies for that aswell.

Tatz93



Tatz93,

Sorry to hear about your experience with IE8. A friend of mine had almost exactly the same problem when IE7 was in beta. Installed it and then had serious system trouble. We couldn't uninstall IE7, and couldn't roll back to IE6. The fix at that time was to reinstall the operating system (at that time, I believe it was XP). I'll look to see if there is something that can extract IE8 out. If I find something I'll post the link for it here.

Found something for you. Here's a link to a site that has instructions on getting IE8 out of your system: How to Uninstall Windows Internet Explorer 8 (IE8) in Vista ? My Digital Life

2 more replies
Answer Match 47.88%

Ok, let me start to describe allll the things wrong with this laptop:

Adware: Popups constantly... will have to x out of probably 10 before im done writing this.

Homepage: locked to C:\secure32.html Which resembeles a BSOD and says i dont have adequate spyware protection... tried to delete file... It pops back up moments after deletion...

Add/Remove Programs: Disabled... when you try to run it it crashes with the error messages: Run an ___ as a DLL has encountered an error and needs to close AND Dr. Watsons Post-Mortem Debugger has encountered an error and needs to close

Ulead Photostudio: Crashes on startup... not sure if this is part of the spyware problem but i cant uninstall it cause ADDREMOVE PROGRAMS IS BUSTED!

Safehouse: I think i may know where the spyware is coming from... SOMETHING has taken refuge in the Limewire program files.... The program wont run... and anytime i even scroll over the folder to see the Contents: section... Windows Explorer has encountered a problem and needs to close. I tried deleting it with Killbox but even it locks up during an attempt to delete it.

Ive been ignoring it for a few weeks, but i finally have some time on my hands and thought id ask for help.


ANY HELP AND/OR HALF-BAKED IDEAS APPRECIATED

A:One seriously screwed laptop...

Quote:





Originally Posted by aub676


Ok, let me start to describe allll the things wrong with this laptop:

Adware: Popups constantly... will have to x out of probably 10 before im done writing this.

Homepage: locked to C:\secure32.html Which resembeles a BSOD and says i dont have adequate spyware protection... tried to delete file... It pops back up moments after deletion...

Add/Remove Programs: Disabled... when you try to run it it crashes with the error messages: Run an ___ as a DLL has encountered an error and needs to close AND Dr. Watsons Post-Mortem Debugger has encountered an error and needs to close

Ulead Photostudio: Crashes on startup... not sure if this is part of the spyware problem but i cant uninstall it cause ADDREMOVE PROGRAMS IS BUSTED!

Safehouse: I think i may know where the spyware is coming from... SOMETHING has taken refuge in the Limewire program files.... The program wont run... and anytime i even scroll over the folder to see the Contents: section... Windows Explorer has encountered a problem and needs to close. I tried deleting it with Killbox but even it locks up during an attempt to delete it.

Ive been ignoring it for a few weeks, but i finally have some time on my hands and thought id ask for help.


ANY HELP AND/OR HALF-BAKED IDEAS APPRECIATED




get a copy of HijackThis and run it in safe mode

3 more replies
Answer Match 47.88%

its a dell studio 1537, windows vista
few days ago my laptop overheated it turned off few hours later i turned the laptop on, and the laptop screen became kinda fuzzy like the video card seem liek it wass acting up i turned on a low profile game liek starcraft the color became all greeny the display was still normal. then i turned it off and when i turned it back on the laptop screen didnt show anything like the boot setup didnt appear but i could tell the screen was on i heard the windows loading sound on my laptop so i plug it to the hdmi cable to the tv then i could see it was working fine, but now im stuck with a laptop with a screen that seems liek its toast?
 

A:Laptop is Screwed!

15 more replies
Answer Match 47.88%

Ok, let me start to describe allll the things wrong with this laptop:

Adware: Popups constantly... will have to x out of probably 10 before im done writing this.

Homepage: locked to C:\secure32.html Which resembeles a BSOD and says i dont have adequate spyware protection... tried to delete file... It pops back up moments after deletion...

Add/Remove Programs: Disabled... when you try to run it it crashes with the error messages: Run an ___ as a DLL has encountered an error and needs to close AND Dr. Watsons Post-Mortem Debugger has encountered an error and needs to close

Ulead Photostudio: Crashes on startup... not sure if this is part of the spyware problem but i cant uninstall it cause ADDREMOVE PROGRAMS IS BUSTED!

Safehouse: I think i may know where the spyware is coming from... SOMETHING has taken refuge in the Limewire program files.... The program wont run... and anytime i even scroll over the folder to see the Contents: section... Windows Explorer has encountered a problem and needs to close. I tried deleting it with Killbox but even it locks up during an attempt to delete it.

Ive been ignoring it for a few weeks, but i finally have some time on my hands and thought id ask for help.


ANY HELP AND/OR HALF-BAKED IDEAS APPRECIATED

Logfile of HijackThis v1.99.1
Scan saved at 4:43:49 PM, on 2/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\Sy... Read more

A:One Seriously Screwed Laptop

I also wanted to mention that there is also a highjacker that directs anything i clock on in google to somewere else.

4 more replies
Answer Match 47.88%

hi, i've been having problems with blue screen shut downs but today it's taken a turn for the worse.

Windows will not run as file Hal.dll is missing, i tried to use my start-up disk, it gets so far and then a blue screen appears saying 'the bios in this system is not fully ACPI compliant.'

Does anyone know what i can do?
i have never had any trouble with my bios before, i have reset the bios to deault with no change.
my Laptop maker no longer offers support so there isn't even an updated bios (despite only being 2 years old)

any help would be appreciated.
 

A:Help!! Laptop Is Screwed!!

11 more replies
Answer Match 47.88%

Blue screen from windows say something about drivers and then shuts off. It only is on for a few seconds, not enough time to read it. When I try to start up my computer, sometimes I'm able to get to start menu page, other times when I start up computer just get a black screen. Know I could just reinstall vista, but don't want to loose all the music I have on my computer. Another thing, when I do get to the start menu, the computer works normally for a minute or so before screen freezes and the screen becomes wierd. There is rectangular pieces of the screen in different spots, if that makes any sense, I don't know how to discribe it. My message is way too long, sorry!

A:screwed up laptop

Can you get into Safe Mode by rapidly tapping the F8 key just before the Windows Splash Screen shows up?

If so, please do this:





Upload Dump Files:
Please go to C:\Windows\Minidump and zip up the contents of the folder. Then upload/attach the .zip file with your next post.
Left click on the first minidump file.
Hold down the "Shift" key and left click on the last minidump file.
Right click on the blue highlighted area and select "Send to"
Select "Compressed (zipped) folder" and note where the folder is saved.
Upload that .zip file with your next post.

If you have issues with "Access Denied" errors, try copying the files to your desktop and zipping them up from there. If it still won't let you zip them up, post back for further advice.

If you don't have anything in that folder, please check in C:\Windows for a file named MEMORY.DMP. If you find it, zip it up and upload it to a free file hosting service (not RapidShare as the analysts usually can't download from it) - then post the link to it.
Then, follow the directions here to set your system for Minidumps (much smaller than the MEMORY.DMP file): Set MiniDump

10 more replies
Answer Match 47.88%

Just yesterday i bought a gateway solo 2150 notebook(second hand), After the guy gave me a demonstration of how the media player works I bought it off him. After he left it wwould restart and say sytrem 32 file is corrupt or mising. Also even though he showed me music playing, I canot get the speakers on on it.Its says that I have no playback devices turned on or that they are not working properly when ever I try to play a song! Plz help me as I saved up for along time for this and now it has been wasted.

A:Help my laptop is screwed!

are you able to contact the guy who sold it to you?....can you connect to the internet and do you have the original operating system cd's with it?.....you may need to reintall windows then install the device drivers for the sound card and all other devices.....(modems, graphics, multimedia and sound, etc.)

Darren

8 more replies
Answer Match 47.88%

As I was unable to find any solution to my laptop sound problems (here)I'm going to try reset it. I don't know if that'll make a difference but willing to try. I've never had to do that before so I'm a little apprehensive.

I know I have to hit F9 when it's starting up then it opens "Asus Preload wizard" but I don't know what option to select...it gave me the following:
1.Recover Windows to first partition only
2.Recover Windows to entire HD
3.Recover Windows to entire HD with two partitions

Which one?
Also, I do not have any recovery CDs, do I need them to do this reset?
How long will it take to complete?
Thanks.
 

A:Solved: Steps to factory restore ASUS laptop?

11 more replies
Answer Match 47.88%

I am looking at getting a laptop and the ones I am looking for have Windows 8.1 installed. I have read that I can wipe the drive clean and reinstall. I would want to do this to remove all the extra software and partitions. But looking at the option on one laptop from HP they charge extra for a system recovery disc. Is this normal? If I have a Windows 8.1 Pro disc would I need that? And when Windows 10 comes out would I be able to upgrade? The last 3 versions I have had a desktop and just bought the upgrade discs. My thought was I would wipe the drive clean and install my disc and register it. Then when its done create a system repair disc. Are these the correct steps?

A:Removing preinstalled Windows on laptop and upgrade steps

You do not need to buy HP Factory Recovery Disc - You can create the HP Factory Recovery Media once you get into windows..

Create the factory recovery media - save it as a fall back recovery method - wipe the drive and install windows x

Once you wipe the drive any hopes of recovery other then re-installation are gone.. Unless you make system images..

Do not rely on windows system backups, 99% of the time they fail..

6 more replies
Answer Match 47.88%

Recently I observed that my laptop was running a bit slow. On observing the temperature using SpeedFan I found the following readings
1) CPU core temp 59 degrees centigrade  at 100% CPU Load.
2) GPU temp 57 degrees centigrade at 50% CPU load.
3) HDD temp 47 degrees centigrade
Now from what I know the average temperature should remain in the range of 40-50 degrees centigrade. While the temperatures that I am seeing are all in excess of that. So here are my questions
1) My laptop is in excess of 7 years old. Is it time to change the thermal paste? Will I get some improvements and decrease in the temperature readings?
2) The Fan speed being reported in Speed Fan is a steady constant 922 RPM? Should I look at getting a new heat sink for the CPU and a new fan for the laptop?
3) Does it make sense to get a liquid cooler for a laptop? Basically I want to extend the life as much as possible of this laptop.
    Any comments guys?
-------------------------------------
Have a nice day

A:Steps to control the temperature of a dell Inspiron laptop

I suggest running Dell diagnostics; they often include a thermal test that may help let you know if the system is getting too warm.  
If you haven’t already done so, try a can of compressed air and fully clean the fan ports out. If you have already opened the chassis, check and make sure that there isn’t any dust or debris caked on the heat sink / processor.  Once cleaned out verify if any cooling fans are functional.
Try these basic steps first before considering replacing any parts, it can save you time and money.
 
TB

1 more replies
Answer Match 47.88%

I need basic step by step instructions. My desktop (os XP) is hooked up with cable internet. I have a Belkin wireless router (lost manual) I want to have internet on my laptop (os Vista). Can someone give me some simple instructions?
Thank you
Renee'
 

A:Solved: Simple steps- router for desktop to laptop?

9 more replies
Answer Match 47.46%

Hey guys,

Im fixing my mates old..dodgy toshiba laptop.
Basically he dropped it and gave it to me to see what i can do..
the board has a big crack thru the corner..so OBVIOUSLY it wont work.

I have the hard drive :) and it shows in the BIOS of the other laptop i have here..
It wont boot from it, im guessing as one is a toshiba and on is hp/compaq.

what im thinking is if i install XP to a different folder.. on the broken laptops hard drive while its in my machine..
so like c:\windowsnew rather than C:\windows...would i be able to access his old invoicing template + previous emails/payroll as he is a tree surgeon and have like a quoting system for previous customers n such :(

any help would be good.. :)

i think i remember having to take ownership? so if anyone can shed light, i will reinstall straight away :)

god bless my mum for finding my old laptop with a pata drive :D

A:[SOLVED] Laptop screwed over

Are you trying to fix his laptop or just retrieve the files on the hard drive?

5 more replies
Answer Match 47.46%

Good Morning all,

I am hoping some of you might have some suggestions for my problem. I have a COMPANY ISSUED, IBM X41 tablet with XP Pro installed for work.

After visiting some inapprorpriate sites, I got a message saying no OS found!!! I tried rebooting, but computer freezes before loading any settings. I do not have ADMIN settings, so I took matters into my own (very incapable) hands to try and fix it with out losing my job. I screwed it up even worse.

I had a friend with some recovery discks, so I loaded, and it worked to get me logged in. I tried to copy an entire hard drive from a coworkers laptop, then install it on my damaged laptop. It looked like it was working, but the stupid fingerprint software is saying no fingerprint found, and it doesn't recognize any passwords.

My question, Is there a way to properly DUPLICATE the hard drive off the computer that my company sent as a replacement (I had to report mine lost/stolen), and install it in the old laptop? If so, any instructions are appreciated.

Once I get it working, I can tell the company that the computer turned up, and send it back after cleaning all bad files off.

Thanks for your help!

A:I Screwed Up My Laptop--any Ideas?

No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user.The above quote taken from the forum rules here.Since you do not own this computer. What you are asking for is Bleeping Computer and it's members to be an accomplice to your admitted misdeeds. With that in mind, this thread is closed.

1 more replies
Answer Match 47.46%

So here's the deal.... I have a gateway laptop with windows XP home on it. I needed XP Pro to run a program at work on so I got a disk from a friend that was supposed to have it on it. I started up my computer, put the disk in, I think I answered UPGRADE to a question (then thought I probably shouldn't have put that because I'm not upgrading my current installation) and then it started installing. I thought all was well.... then it came up with an error that said it couldn't locate a version of windows to upgrade or something to that effect. I shut it down and restarted, then I have the option of booting into Pro or Home..... hmmm... never had this before..... I tried to boot into home and it says my hal.dll file is missing or corrupted, please reinstall. So I go get my recovery disk for my gateway and try to boot up with it and it just keeps giving me the hal.dll bologna. If I boot into Pro it is only halfway through the install and gives me a message that says it can't locate the windows that I'm trying to upgrade. Either way I can't boot into windows and now I'm stuck. I've tried safe mode and I've pressed F8 and F10 and I can't find this recovery center I've read about. I can't get to a command prompt. All I really want to do is wipe the hard drive and install the XP pro but now i've got it stuck halfway between the two!!! SO FRUSTRATING!!!!!!!!!! Please help mr. retardo.... Please.... for pennies a day... Read more

A:HEEEELLLP!! I screwed up my laptop!!

16 more replies
Answer Match 47.46%

Ok so here's the deal: Norton System Works Basic gave me a message saying there are 6 potential problem files. So I did some kind of scan and went bazerk deleting a bunch of stuff and likely important. Here's why - All my .exe files are now .ink. I cannot access My Computer, Control Panel or ANYTHING! I've tried downloading software to fix the .exe file but when I try to run the software it goes to Launch Application and choose program. What is goin on and how can this be fixed? I am totally screwed?
 

A:Laptop is screwed. Need an answer

>> just what make/model is your laptop? and details of your windows version?
>> Do you have the installation CDs for your operating system?
>> At just what point do things go south? Can you boot normally? Get through windows startup? And then what? when does first problem occur (as makes a difference to know just what is possible as to approaches)

Sounds like
issue 1) is fixing your HD so your windows works again and boots/starts
issue 2) is getting access to your files for recovery/backup so if you do need to reinstall Windows to your HD you first get your personal stuff

Or do you have backups of anything?
 

8 more replies
Answer Match 47.46%

fter having issues with my windows update for a few weeks i have began to investigate as ive dbaned the harddrive and also freshly installed windows 7 home premium. im after help ive had all sorts of codes recently and it appears every time i fix one another pops up. currently its 80070246. minitoolbox added.
 
Exerpt from MTB:
Ran by laptop (administrator) on 18-08-2015 at 21:50:28
Running from "C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NX3AEC7M"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Aspire 5741 Manufacturer: Acer
Boot Mode: Normal
***************************************************************************
Application errors:
==================
Error: (08/18/2015 09:23:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/18/2015 09:16:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/18/2015 08:57:14 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (840) SUS20ClientDataStore: The database page read from the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 59801600 (0x0000000003908000) (database page wuaueng.dll0) for 32768 ... Read more

A:help me please im screwed (laptop newbe)

after a malware scan i believe it to be the software i used to activate windows code with as i have only got a factory written code which wouldnt be accepted and didnt know any other way to do it.

2 more replies
Answer Match 47.46%

I downloaded and executed a file from "http://www.thekeys.ws/?look=ares+activation+code+3.1.5.3033&type=serials"

This gave me a blue screen of death immediately with the message IRQL_NOT_LESS_OR_EQUAL and 0x0000000A. I removed all my drivers already but still have this problem.

I have attached a copy of my DxDiag...please help! I need to use my laptop in its normal status. Its crucial that I do.

A:Help me!!! Exe file screwed my laptop!

I can only use Safe mode btw...

1 more replies
Answer Match 47.46%

Hello I recently got my laptop back after being fixed. I turn it on and noticed the following errors.
The Visual Styles was Windows Vista Basic, even though the settings were that of Windows Aero.
The laptop did not recognize my secondary monitor upon insertion, it has monitor listed as [Default Monitor Enabled] in the past it worked but now it just does not connect.
The laptop will not connect to the internet even though all bars are green and everything is set up.

 

A:GeekSquad screwed up my laptop

have you tried to re-setup the internet settings?
try re-installing your secondary monitor driver software, see if it helps

maybe geek squad guys just cleans everything up. they won't make a list of what's installed and what's in your computer when you turn it in, everything is your responsibility. so if you're blaming them, that means they don't even tell you that they're not responsible for your data loss and stuff, or you are not made to read the small stuff when you sign the computer over.
 

2 more replies
Answer Match 47.46%

I have a company laptop running Windows 2000. Normally it's on a company domain - sys admins take care of all the networking and such. We change the password monthly.

I brought it home for Thanksgiving, wanted to show some pictures on it to the family, so I wanted to get file sharing to work (it didn't, no logon server or something). I found some info in some online forums that the domain was the problem. SO, I had the absolutely wonderful idea of changing the domain from the company one, to our home network's workgroup. I thought, no prob, I'll just change it back later, no harm done - i don't need the company network right now anyways.

It told me to restart, and I did, and now my logon username/password doesn't work anymore! (stuck at the Ctrl-alt-del logon screen)

Is there ANYTHING I can do to change it back to the way it was? Change domain back to the one it was, or logon just once to do so... I would really really really appreciate it.

Thank you very much, and happy Thanksgiving.
Dan
 

A:HELP!!! I screwed up my company laptop!!!

6 more replies
Answer Match 47.04%

I have a sony vaio notebook pcg-705c. When i start it, it often doesn't detect a mouse. I then have to shut it down and start it again, restart it, or pull the plug entirely. It often takes me 10+ times to get the mouse to work. Please help!! Thank you!
 

A:[Solved] laptop mouse is screwed up

7 more replies
Answer Match 47.04%

While configuring my wife's new laptop I entered an incorrect email and password for her Microsoft account. How do I change, delete or otherwise install the correct email address for her Microsoft account. I suppose I can just reformat the laptop HD to pre configure state since the laptop is a day old with not much on it yet. Is there a way do do this before I resort to a re-install? Thanks for the help.

A:Microsoft account on new laptop.....I screwed up

No, just create a brand new account and sign in with it. Does not cost anything

User Account - Add a New User in Windows 8

10 more replies
Answer Match 47.04%

Okay so this morning i turn my laptop and i get to the log in screen and i couldnt enter my password because my laptop keyboard didnt seem to be working. Then i decided to plug in a usb keyboard and for some reason it wasnt working. Next I tried to clock on the ease of access thing on the right corner but nothing popped up so then i did the old fashion unplug and tried using the keyboards but none of them worked. Next I tried to boot up to windows 7 and the i got the same issues listed above. Next I try to boot ip into ubuntu and the keyboard on my laptop and the usb keyboard magicly start to work. So then I open firefox and i go on firefox and try to look for a possible antivirus for linux when all the sudden my screen turns black and a whole ton of text pops up. Next I restart my computer and i get to the windows loading screen and it gets stuck on the loading screen. I have tried restarting but no sucess.
btw i have a 2 year old toshiba satalite L745D

A:Laptop Keyboard Screwed + other issues

First off, you do not need a Anti-Virus for Linux.  As for the keyboard not working in Windows, but it does in Linux, that leads to a driver issue on your unit.
 
If you are going to stick with Linux, try out Xubuntu 12.04 LTS.  If sticking with Windows, and that install has been on there for 2 years, I would do a complete wipe and reinstall of windows.  Personally jump to the darkside and start using Linux.  You will find it easier and better to use in the long run.

3 more replies
Answer Match 47.04%

i have a Compaq F700 laptop which is about 2 years old. recently i played on it (a lot) so much so that the processor completely burned out. since my model is not supported in India and no private engineer seemed to know what to do, i had the processor changed for a pretty hefty sum. two months down the line and my computer is acting all funny again.
1. it shuts down and restarts at odd hours .. sometimes after 2 min. sometimes after 2 hours.
2. sometimes the screen kinda distorts... like that "thread" slide transition in MS PowerPoint.
3. it hangs at odd hours.. sometimes before sometimes after it shuts down.
4. and when it shuts down it restarts continuously till it gets it right.

do you think its because of the processor ?
 

A:Changed laptop processor screwed again?

Well it certainly needs work... a good cleaning out of all the debris, dust, firch, mogus, and grunge... first..
Then make sure all memory banks are filled with good quality memory.
The processor should not need replacement, but the CPU fan might need it, if you use it a great deal.
But I would start by a clean reformat and reinstall of the hard drive... and then work up from there.
 

1 more replies
Answer Match 47.04%

I bought a second hand HP nx9040 laptop which worked perfectly. The previous owner hadn't done any windows updates so I did - about 100 in total! after I rebooted the modem, sound and CD player weren't recognised anymore. I got the CD going but when I try to dial up I get an error message saying the com port is is use by another program. Also there is no sound at all and device manager says that is not working.
I have done a full up to date virus scan and Ad Aware etc.
The modem was working prefect before the updates.
Any ideas? Thanks
 

A:Winodws update screwed my laptop :(

Welcome to TSG....

You did 100 updates, amazing.

Does this computer have Service Pack 2 installed?

We are going to have to have some system specs for this computer in order to adequately work on it. Also I would like a HijackThis run as per the following:

To download HJTsetup.exe To Download HijackThis go to the following: http://www.thespykiller.co.uk/forum/index.php?action=tpmod;dl=item5
Filename = 1137518044HJTsetup.exe
Save the file to your desktop.
Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\HijackThis.
Continue to click Next in the setup dialog boxes until you get to the Select Additional Tasks dialog.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialog box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
At the top of the Notepad HJT log screen, hit Edit then Select All then click Edit and then click Copy doing that copies the text to the clipboard, you won't see it yet....
Come back here to this thread and Paste the log in your next reply. DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

A security expert should take a look at your log - please be patient.
 

2 more replies
Answer Match 46.62%

When I try and boot up my laptop i get the following message:
Problem Event Name: StartupRepairV2
Problem Signature 01: ExternalMedia
Problem Signature 02: 6.0.6001.18000.0.0.0.0
Problem Signature 03: 0
Problem Signature 04: 65537
Problem Signature 05: unknown
Problem Signature 06: BadDisk
Problem Signature 07: 0
Problem Signature 08: 0
Problem Signature 09: unknown
Problem Signature 10: 1168
OS Version: 6.0.6001.2.1.0.256.1
Locale ID: 1033
Please Help Me

A:Help Windows Error message, is my laptop screwed!!!?????

Either one of two things:
1, Your MBR/partition tables are messy or screwed, or
2, checkdisk OR S.M.A.R.T. as checked and verified that your hard drive is failing after running certain tests on startup.

You may, MAY, be able to obtain your files by having someone pull your hard drive from your laptop, and use a SATA/IDE->USB converter to retrieve your raw data manually, but if your hard drive has already been thoroughly toasted to "dark" (hah), then you won't get very far...

2 more replies
Answer Match 46.62%

Hello
 
Please help me!
After window defender ran, My laptop doesn't boot up. It just blinks in dos mode. (Even I can't boot in safe window mode)
 
OS is window vista busineess 32bit. I used your tool "(Farbar Recoverty tool)FRST.exe"
I got following report.
 
Could you please tell me how I can recover my boot sector so that I can use my laptop continuously without installing OS newly?   Any comment and Fix I will appreciate.
 
So far, things I tried:
 
1) window repair mode -> didn't work. they just say they can't solve it.
2) bootrec /fixmr........et all -> It seems to do something...Still can't boot up in window mode.
3) I ran Kav_rescue to eliminate left bugs. It claim it eliminate all but still doesn't make sucessful window boot
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2013 (ATTENTION: FRST version is 26 days old)
Ran by SYSTEM at 08-04-2013 13:47:07
Running from F:\
Windows Vista ™ Business   (X86) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [200704 2008-10-28] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2008-12-03] (Intel Corporation)
HKLM\...\Run: [CLIVFR] "C:\Program Files\Dell\Latitude ON Reader Data\CLIVFR.exe" [233472 2008-08-29] (CyberLink)
HKLM\..... Read more

A:My laptop is really screwed up after running window defender.

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/491108 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

2 more replies
Answer Match 45.78%

Hey folks!

Recently purchased a new laptop - http://www.samsung.com/hk_en/consumer/computer-peripherals/notebook/series-3/NP300E5C-S02HK (However I'm on Windows 7)

I went about trying to plug it into my television (Toshiba 40BV701B) via an HDMI cable and had the notorious problem of not being able to find the right screen resolution. I went into display settings and started mucking around to find the right one. However, I must've selected a resolution setting that was too bizarre or something (think I went really high) because the image didn't show up on the TV (nor on the laptop as I had set the laptop screen to switch off when plugged into the TV) and after a few seconds of nothing my laptop made its 'something has been removed/unplugged' sound and the screen flicked back on. A few seconds more and it would make the sound of 'something has been plugged in' before switching its screen off and seemingly trying to connect to the TV again. This would repeat for as long as the HDMI cable was connected.

I get the feeling that I could sort the problem by changing the res for when the laptop is plugged into the TV, but the only way I know how to do that is when the laptop is plugged into my TV and there is no longer any screen working when this happens! I probably should have done a system restart at the time, but think I have left it far too long now.

Any help would be much appreciated,
Cheers!
 

A:Changed screen res for HDMI connection. Screwed up my laptop!

When you change resolution Windows gives a few seconds of the new resolution and a dialog box comes up asking if you are happy with the new settings. This could account for the sounds you heard a few seconds after plugging into the TV.

Have you tried changing the settings for extended display and leaving the laptop screen on. This will make it much easier to change around the resolution settings.
 

1 more replies
Answer Match 45.36%

I have two front USB ports in my case. For some stupid reason, only one of them works even though they're both connected to USB connectors in the mother board, but that's not the problem (for now).

The problem is, I've changed the location of the USB connectors randomly to finally get the faulty one to work (the other one stopped working though). So I turned on the computer, connected my external HDD, and got a message "USB Device Not Recognized" from windows.

Now every single PC I plug in my HDD to still says the same thing!! I can't see the HDD in windows so I can't format it or do anything! there are tons of important data in there.

Is there anyway to fix my HDD through software? also, do you have any idea what the problem with my front USB port could be?
your help is much appreciated
 

A:My screwed front USB port screwed my external HDD

6 more replies
Answer Match 45.36%

I inadvertently installed malware and somehow got it cleaned up (I hope) but here is a lagging problem.  malware trovi.com was cleaned up with Adwarecleaner, malwarebytes and hitmanpro.  I was getting the Unable to connect to Proxy Server for all my browsers (IE, FireFox, and Chrome).  I managed to reset IE11 and get connected just last night.  I uninstalled Firefox and tried to reinstall but when I ran the Setup and it tried to download via IE and it would fail to download.  I went to Mozilla ftp site and downloaded manually and got it installed.  Now here is my final problem (I hope). 
 
Chrome will not accept the default latop of Automatically Detect Settings.  I forgot that firefox gave me same error but I fixed it via it's settings.  I've rescanned with AdWarecleaner, malwarebytes and hitmanpro with no major detections outside of HitMan saying there is a "Proxy Server on this computer (All Uses) 127.0.0.1:8800. 
 
I'd like to know how I can get CHROME to accept my default laptop LAN settings.  Is there a registry or other item I can tweak/change?  My reinstalled Chrome  made itself default browser and I can't change it (odd).   I'm manage with IE right now but it worries me that Chrome is acting this way.  So summary my IE/Firefox have AutoDetect option for LAN setting and Chrome still indicates Proxy Server: Use a proxy server for your LAN (these settings will not apply to dial-up ... Read more

A:newbie who damange laptop...Chrome Proxy Settings screwed up

Please run the ESET OnlineScan
Click on this link to open ESET OnlineScan in a new window.
The ESET Online Scanner page will open, click on Yes, I agree to the trems of use, then click on Start, the scan will now begine.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.

Check "YES, I accept the Terms of Use."
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.

4 more replies
Answer Match 40.74%

Problem started with OE emails disappearing. I could read them first time then when I checked again...they were gone.Next it was absolutely impossible to delete Acrobat/Adobe crap. Used Control/Panel/Delete 4 times and some Adobe crap would no go away.Used Malwarebytes...no help..used Windows Security..no help...deleted both Mal & Win and used Combofix..no help..I'm about to format the the computer(Gateway T4697) but I'd like to think there is one or more geniuses out there who could help me solve the problem....."Uh...thankya vera much."Mod Edit: Removed poll format ~ Hamluis.

A:OE screwed up, Combofix screwed up

A clear definition/statement...of the problems experienced...onscreen error messages...and such...would go a long way toward providing some idea of what might be going on, IMO.

Louis

4 more replies
Answer Match 40.74%

Hey all! This is my first post to this forum.

I am building my first computer for myself in the upcoming month. I have built other brand new computers for the company I work for, so I have a general idea of how to go about doing this. My issue is this:

I bought a case about 2 years ago, a Nikao Kitty case (I'm a girl, it's a cute case) and have been dying to build the thing since I got the case. Problem is, I moved and in the move, I lost the screws and standoffs that came with the case. Normally, I wouldn't think this a problem as I have literally boxes of screws and standoffs from other computers because you always get too many. The thing is, this case has bizarre (I haven't seen them before) openings instead of standard tiny holes. They have squares. They are about .35 inches square.

I found in my shop some metal things that are the right size for these holes. They have screw holes on the top. They do not have anything on the bottom to hold them in.

Basically, I'm asking if anyone knows what I need to attach a motherboard to this case. If anyone could point me in the direction of a link with directions, or a place to buy a screw set containing what I need... that would be useful, too. I am almost ready to buy another case as I know they redesigned it (and subsequently discontinued it) but it would come with new screws, probably the nicer ones with the screw in standoffs.

Any help would be appreciated. I want to play Temple of Element... Read more

A:Too Screwed or Not Too Screwed (that is the question)

If the "metal things that are the right size for these holes" are what i think they are then you just have to push them through the square holes from the outside. After you hear a snap they will hold themselvs still perfectly and you can use normal screws to attach the motherboard.

Since the tops of the metal standoffs are quite big, make sure they align perfectly with the motherboard's mount holes so you won't short out any wires.

There are also plastic standoffs for those square holes. that you have to push in from the inside.
 

5 more replies
Answer Match 38.22%

Logfile of HijackThis v1.99.0
Scan saved at 16:26:28, on 08/01/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\David.DAVID-91YJAB3H3\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.co.uk/
R1 - HKCU\Software\Micros... Read more

More replies
Answer Match 38.22%

Finally got my gaming rig built and in perfect working order. Took me a while figure out how to put my two HDD into raid 0. One of the tech support guys at EVGA helped me out and said that HDDs have a hard time going into raid array if they have never been used, which was the case. I just installed some stuff on my two HDDs and reformatted the partition and BOOM it stopped giving me errors, LOL. Anywho here is the finished build:


Cooler Master Cosmos 1000 Silent Gaming Tower
EVGA 750i FTW Motherboard
Intel E8400 Wolfdale Processor
Xigmatek HDT-D1284 120mm Rifle CPU Cooler
MX-2 Thermal Compound
2x2GB OCZ DDR2 1066 5-5-5 18
2xEVGA 8800GTS in SLI
3xSeagate 7200.11 (2 in Raid 0, 1 backup)
Corsair 750TX Power Supply
Samsung DVD-RW w/ Lightscribe SATA
Liteon DVD-RW IDE
4 Scythe KAZE 120mm case fans (1 intake, 3 exhaust)
1 Stock Exaust Fan on HDDs


When I looked at the Case for the first time I couldn't believe how big it was, plenty of room to work in. The Scythe fans sound like a tornado when I first turn on the computer but it gets quite once the bios and PSU start regulating them and you can't notice it when playing games or listening to music. I bought a generic filter for the intake fan and realized that it wasn't needed because the case already comes with filters that you just slide off and wash.

This was my first build ever and I must say I'm quite pleased with the results. The bios defaulted the memory at 800mhz 1.9v so I bump... Read more

A:First Gaming Rig Completed

Cool. Looks like a good build.
 

7 more replies
Answer Match 38.22%

I have a couple of Word 7 files which can't be moved, deleted or renamed. Any attempt results in a message: This action cannot be completed as it is in use by another program. It is not in use by any program I am aware of. When I open the file, it says (Read Only) in the title bar but the properties dialogue boxes are not checked as read only. Of course, I can't save any changes to the file unless I go to 'save as' but that still leaves me with an undeletable/uneditable file. I am using Vista Ultimate. Any help would be greatly appreciated.
Joan

A:This action cannot be completed...

Unless you're particularly interested in the mechanics of why this might be happening, I'd suggest booting to safe mode (press the F8 key early during Windows startup) and moving or deleting the files from there. You probably won't have trouble deleting the files that way.

37 more replies
Answer Match 38.22%

Good evening..i have just completed the combofix scan on my Openlabs Neko TSE. Which is my music workstation with a built in computer. Please can you review my log for further advice.? I really appreciate you for this. This workstation is the key to all my productions. I have been freaking out all night. Aloha!

A:completed combofix run

Hello,That request about NOT posting CF logs is primarily to keep people from running the program unsupervised.Please read this topic: http://www.bleepingcomputer.com/forums/t/273628/combofix-usage-questions-help-look-here/ which explains that reasoning further.Please follow the instructions in ==>This Guide<== starting at step 6.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Since you have run ComboFix, please include the ComboFix log in the new topic.If you cannot produce any of the other logs, then please create the new topic anyway, include the information that you were unable to produce the other logs and why and include the ComboFix log along with a description of your computer issues.Orange Blossom

1 more replies
Answer Match 38.22%

Keep getting the same error over and over, tried many things (inclduing scf /scannow) but to no avail.

Here is the bit from the log:


Code:
1348769 (3424) - winsat\logging.cpp:0815: --- START 2011\10\30 17:15:04 ---
1348769 (3424) - winsat\main.cpp:4301: Command Line = "C:\Windows\system32\winsat.exe" formal -restart clean -cancelevent 8e00fb41-d1d6-4e88-8347-83b99be94b73
1348769 (3424) - winsat\processwinsaterror.cpp:0095: ERROR: tried to read resource strings, unknown exception occured
1348784 (3424) - winsat\main.cpp:4474: > IsFormal=TRUE IsMoobe=FALSE.
1348815 (3424) - winsat\main.cpp:4585: Watch dog system enabled
1348815 (3424) - winsat\main.cpp:4600: Main watch dog timer set to 600.0 seconds
1348878 (3424) - winsat\main.cpp:2505: > DWM not running.
1348878 (3424) - winsat\main.cpp:2470: > EMD service will be restored on exit.
1348893 (3424) - winsat\syspowertools.cpp:0983: > Read the active power scheme as '8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c'
1348893 (3424) - winsat\main.cpp:2793: > power policy saved.
1348909 (3424) - winsat\syspowertools.cpp:1015: > Set the active power scheme to 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c'
1348909 (3424) - winsat\main.cpp:2814: > power policy set to maximum.
1349736 (3424) - winsat\logging.cpp:1763: ERROR: pahse enter/leave imballance
1349736 (3424) - winsat\main.cpp:0948: > IsOfficial=TRUE IsFormal=TRUE IsMoobe=FALSE RanOverTs=FALSE RanOnbatteries=FALSE
1349736 (3424) - winsat\main.cpp:1775: ... Read more

A:WEI test cannot be completed

What language is your OS currently using, and what was originally installed on it? Is one of the two English?

4 more replies
Answer Match 38.22%

Hi,

Having successfully performed a 3 hour chkdsk by means of a downloaded microsoft program which did this automatically, the screen is left hanging and there is no option available to exit from it. I tried switching off and then on again but this just puts me back to the start of the chdsk routine which then completes again. So I'm stuck in a loop from which I can't escape !! What do you recommend ?

A:After chkdsk has completed

Hello ,

here is a shot in the dark

turn your system on & then back off

then un plug your system

them push your power button as if you wanted to start it and hold it for a count of 10

this will clear the compleat system of power and maybe reset way your system starts / you may want to reset the bios also by crossing the bios jumpers or just pulling the litheum battery from your mother board for at least 3 minutes

then try your system

you may be looking at wipeing the driver & reinstalling

have you tried to get into the recovery console useing the Windows XP cd ?

3 more replies
Answer Match 38.22%

Model HP 15 notebook PCProduct no. J8B82PA#ACJRam 4gbHard disk 1tb HDDProcessor Intel core i3 1.70 GHzWin does 8.1 64 bit

More replies
Answer Match 38.22%

hey im having problems with installing windows xp SP3 i boot to cd do the whole installation thing for step 1 and then it restarts and then im waiting for the continuation of the installation but it doesnt happen it boots to cd again without me pushing anything

please help!!!!!!!!!!!!!
 

A:Installation not completed

6 more replies
Answer Match 38.22%

I did not get any replies so will try this again with updated info. Downloaded Microsoft Pocket PC 2002 October 2002 Update(EUU3) to computer but when tried to sync it to handheld got message: "Synchronization Cannot be Completed Successfully" and have not been able to sync since then. Same message and then disconnects. Have reinstalled Activesync twice..even going to older version. Have done disc cleanup and defrag. Have deleted recent programs including the EUU3. Also soft resert on handheld although problem developed in computer before could sync to there. There is no problem in connection of handheld with computer..just will not sync. Any help much appreciated as cannot download or sync any material to handheld(iPAQ3835) at all.
Thanks!!! John
 

A:Synchronization Cannot be Completed..

6 more replies
Answer Match 38.22%

Hi everyone!

Ive just completed my upgrade from an MSI 745 Ulta mobo and ATI Radeon 7000 series 64meg AGP x4 graphics card to an Abit NF7-S mobo and ATI Radeon 9550 AGP x8 256meg graphics card and I gotta say, boy what a difference.

Now I have to save up my pennies to get myself a better processor, I have an AMD Athlon XP Pro 2000 and was wondering what i should replace it with?

There's a fair ammount of choice out there so i was wondering if anyone has any recomendations?
 

A:Just completed an upgrade

Nice speed jump!
Upgrading always starts with budjet. If you are going to keep your Mb , then simply buy the best (fastest) CPU you can afford at the time.If you are saving pennies you will probably be able to get the quickest cpu your mb can handle.
 

5 more replies
Answer Match 38.22%

Desktop machine.
Windows Vista Home Prem. 32b.

The computer shut itself down a few days ago while it was copying for files.
Then, it behaved abnormally after restart.
A back to the factory status recovery was performed, but it did not complete the task.
The last part of the recovery did not run.
The recovery disks, burned right after the purchase of the machine and used before, were used and they ended the same way.
The last part of the recovery did not run.

There are 3 partitions on the HDD.
Partition 0, 20GB. hidden, keeping the recovery OS.
Partition 1. 223GB. partition C.
Partition 2. 220GB. partition D.

Question:
If partition C is formatted, can recovery OS be installed on partition C ?

Thanks.
 

A:Recovery can not be completed.

What's the brand name and model name and model number of that desktop?

What's the part/product number and/or service tag number and/or serial number on it?

Which country do you live in?

--------------------------------------------------------
 

3 more replies
Answer Match 37.8%

I've ran Combofix, but need someone to look at my log file. I'm still having boxes pop up like my symantic anti-virus can't work because it is on a network resource that is unavailable. The log file is below. I would really appreciate any help I could get.Thanks,DonComboFix 10-12-09.04 - Todd 12/10/2010 16:39:31.1.1 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.70 [GMT -6:00]Running from: c:\documents and settings\Todd.PHILCON\Desktop\ComboFix.exeAV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\documents and settings\All Users\Application Data\FuhYQAtN.exec:\documents and settings\Don\Local Settings\Application Data\{127EBD9A-1C22-44C3-8173-3067BB23059B}c:\documents and settings\Don\Local Settings\Application Data\{127EBD9A-1C22-44C3-8173-3067BB23059B}\chrome.manifestc:\documents and settings\Don\Local Settings\Application Data\{127EBD9A-1C22-44C3-8173-3067BB23059B}\chrome\content\_cfg.jsc:\documents and settings\Don\Local Settings\Application Data\{127EBD9A-1C22-44C3-8173-3067BB23059B}\chrome\content\overlay.xulc:\documents and settings\Don\Local Settings\Applicat... Read more

A:Combofix completed - need help with log file

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting... Read more

2 more replies
Answer Match 37.8%

Hi, I just built a new computer, and it's running XP Pro 64-bit. It ran fine for the first week, but now I'm getting a problem everytime I open "My Computer". Instead of showing my drives, it does the search animation. After a minute or two, it will either find all the drives, or it will say something like "This operation could not be completed because (something) is being used by another program." and gives me two options: "Retry", or "Switch To". When I click "Switch To" it opens my "Start" menu.

A (possibly) related problem is when I open IE, I get shown a set-up menu, but when I click "Save Changes" the webpage hangs. I can bypass this and use the internet fine though. Also, my computer randomly hangs sometimes when playing games.

I'm pretty disappointed with all these errors on what was supposed to be my fresh computer... Any help is appreciated.
 

More replies
Answer Match 37.8%

Trying to restart will not allow me to login, keeps telling me wrong pass word, (didn't think i had setone yet)think its microsoft thats causing the problem, it says i need a removeable media, what the hell is one ofthem. i'm already on line at home.     Can anyone help me please 

A:New netbook setup not completed,

Hello, Thank you for posting in the HP Support forum. Is this re. Windows login ? You can't login to Windows? If yes, I have encounter such a problem once only but was with Win 8. Anyway - if this is a new computer you can revert the software back to factory default settings. Eventually you should create a local account (not login with Microsoft account). At the end, you can always migrate the local account to Microsoft account. If this is not re. Windows login, please provide back details.

1 more replies
Answer Match 37.8%

Dear Broni and All,

I have completed all steps, and ran the security programmes recommended in this thread:

http://www.techspot.com/community/topics/keep-getting-stupid-shopping-malware-installed.208648/

However, I am still getting pop-ups and adware related problems, which means that the underlying problem has not been resolved.
These are the programmes that I have run (today, 18/05/2015):
-RogueKiller
-Mbar
-AdwCleaner (it removed NickelBlock, AllCheeiaPPPriCe, DowwnSaave, SaVieNeewaApupoz)
-Junkware Remover
-Farbar Recovery Tool
-Farbar Security Scanner
-Security Check
-Tempfile Cleaner

I am currently running Sophos.
My laptop runs Windows 8.1, and Combofix does not support it.
The antivirus that I have is Kaspersky (I previously had Microsoft Security Essential), and Windows Defender. The malware was not detected by a Kaspersky and Spybot full scan a few days ago. However, on the 26th of April, I manually uninstalled some adware, and then ran full scans, which showed nothing.

As you can imagine, I don't think I have many options left, and formatting my laptop is a dreadful prospect. I was wondering if you could give me some advice.
I have kept all logs of the security programmes that I've run.

Thank you in advance, and looking forward to hearing from you.
 

A:Completed all instructions, but still getting adware pop-ups

Welcome aboard

Never follow steps from other topics. Every computer is unique.

Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

57 more replies
Answer Match 37.8%

Hi, I have already run Ad-aware using the required settings multiple times and removed everything I can on my own. Ad-aware could not remove iboboi.dll and I believe that is the root of my problem. But on startup that file is gone.

Here is my hijack this log, with the analyzer. Thank you in advance for the help!

===========================================================================================================================
Log was analyzed using HijackThis Analyzer - Updated on 1/7/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVir... Read more

A:Urllogic Pop-ups, completed all prereqs

Let's see if these logs will show us anything:

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there. Download CleanUp! (Alternate Link if main link don't work) and install it. Do not run it yet.

Before doing anything, MAKE SURE that you can keep your computer on (at least until we get it fixed). This infection requires us to detect and remove it without rebooting or restarting your computer (unless the instructions say so). If you can't keep your computer on today, then I suggest that you don't get the logs yet until you are ready. With that said (when ready):

Open up HijackThis and go to Config->Misc Tools and check the first two boxes there. Now click on the Generate StartupList log button. Post that log in your next post.

Right click on this link and choose Save As...Save it to your Desktop. Make sure you have disabled any programs that may block/disable scripts (ex: Ad-Watch, TeaTimer, Norton, etc.). Double click on Silent Runners to run it. This will take a few minutes. It will create a file called Startup Programs followed by your computer name and current date. Open up that file and post all the contents here in your next post.

Download Find-qoologic. Unzip the files to your Desktop. Open the qoologic folder and run the qoologic.bat file. Wait a few minutes for it to finish. When the dos window disappears, go to your C: drive and open up the log.txt file. Copy and p... Read more

7 more replies
Answer Match 37.8%

Hi
 
Looking for some help resolving this issue. Computer was acting strange. Scanned with Norton 360 and Malwarebytes and found nothing. Ran TDSSkiller, found and removed a rootkit. Now, when I try to  run Combofix, it stops at Stage 48. The hard drive light is solid, so I figured it would eventually complete, but it does not.
 
Can you help?
 
thanks
 
drobtoy

A:stuck on 'Completed Stage_48'

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

19 more replies
Answer Match 37.8%

I've run CHKDSK on a couple of laptops today, and in each case, after hanging for ages around 10-11%, the laptop rebooted while my back was turned. (The process was run at boot and the internet was not connected at the time.)

Is there a way to check if the process completed and what it did?

There is a CBS log with today's date, with entries that correspond time-wise to the CHKDSK activity, but I don't understand them. At the end there are several entries like this:

Can anyone explain what this means please, and if I have a problem?

Coincidentally (or not) There are similar 'Failed to internally open....' entries in the CBS log from when I turned the laptop back on later in the morning.

A:How do I know if CHKDSK completed successfully?

Hi, check this tutorials CHKDSK - Check a Drive for Errors in Windows 8 and Check Disk (chkdsk) - Read Event Viewer Log - Windows 7 Help Forums to see if they will help you.

Good luck, werty

3 more replies
Answer Match 37.8%

Recently installed kaspersky pure 2. 0 .Getting error message that backup task has not been completed. I have read that this is a known issue. Is there a solution to correct this problem? Thanks.

A:backup task has not been completed

Welcome to Seven Forumsnancy159. As you say, this is a known issue






Quote:
5. Main known issues

The maximum size limit for Quarantine and Backup and Restore does not work.
Some application windows do not correspond to Microsoft computer management from keyboard standards.
Groups of windows cannot be closed through Windows 7 taskbar.
Application window cannot be closed through Windows 7 taskbar preview.
"A backup task has not been completed" status is displayed in the general protection status and in the Backup and Restore section when backup tasks are performed.
Protection parameters cannot be reverted to default values.
AVZ reports cannot be created under 64-bit operating systems.
In some cases, characters cannot be entered using the Virtual Keyboard in entry fields of web browsers or applications.
When in Safe Run mode, Microsoft Outlook Express (Windows Mail) email client may fail to display some email messages received from the standard Microsoft Windows environment.


Kaspersky PURE 2.0: commercial release (build 12.0.1.288)

Have you tried creating a backup task?

How to create a backup task in Kaspersky PURE 2.0?

A Guy

1 more replies
Answer Match 37.8%

I just started using Microsoft 2010 and in the Outlook tasks I have created recurring tasks. In the old XP version when I completed a recurring task, the completed task would move to the top of the list. Now, it just puts it below the original task. Is there a way to automatically move completed tasks to the top of the page?
 

More replies
Answer Match 37.8%

Hello,

This is a follow-up to my original thread here -

http://www.sevenforums.com/crashes-d...ease-help.html

I completed 1 RMA with HP and the teleplan service center guys sent me the machine back with the note - no issues found, reloaded OS. This time they loaded the OS with SATA controller as IDE as opposed to the default RAID setting that had come when I had purchased the system.

I let it run overnight hoping for the best but see the BSOD error in morning - I would really appreciate if somebody can pin point the issue so in the next RMA I can advise HP Teleplan guys about it - they seem to not spend great deal of time researching the issue but try to do a quick fix that obviously didn't work.

Appreciate all your help !

PS - my System specs -

System Manufacturer/Model Number HP Pavilion Elite HPE-210F
OS Windows 7 Home Premium 64 Bit
CPU AMD Phenom(tm) II X4 945 Processor, 3000 Mhz, 4 Core
Motherboard H-RS880-uATX (Aloe)
Memory 8 GB PC3-10600 MB/sec (message as PC3-8500)
Graphics Card ATI Radeon HD 5450
Sound Card Integrated Realtec ALC888S Audio
Monitor(s) Displays Acer? H243H
Screen Resolution 1920 x 1080
Keyboard HP USB
Mouse Microsoft Compact Optical Mouse Model: 1016
PSU Bestec 300W
Case Mid-size ATX
Hard Drives Western Digital Caviar Green WD10EADS-65M28X
Internet Speed ATT DSL 6 MBPS

A:1st RMA completed - still random BSOD

Your dumps indicate conflicts and memory corruption. Uninstall Symantec using this removal tool: Tool. Many third party security programs create conflicts with Win 7 and Norton is no exception. Norton was involved in one of the crashes. Download and install Microsoft Security Essentials. It will not cause conflicts. Make sure Windows firewall is turned on.

Uninstall or upgrade CyberLink. Its driver, 000.fcl, Fri Sep 26 09:11:22 2008, is out of date. Outdated drivers can and do cause conflicts and BSOD's.

I find another slightly out of date driver loaded on your system. Update this driver from the link provided.





Quote:
usbfilter.sys Fri Apr 03 07:39:51 2009 - AMD USB Filter Driver (likely part of the chipset drivers). http://support.amd.com/us/Pages/AMDSupportHub.aspx. Update this driver.


Follow these suggestion, reboot and let's see if your system is more stable. Post back and let us know. If you get anohter BSOD, upload it and we will go from there.

Code:
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`02804000 PsLoadedModuleList = 0xfffff800`02a41e50
Debug session time: Thu Dec 16 09:41:31.624 2010 (GMT-5)
System Uptime: 0 days 8:53:11.013
Loading Kernel Symbols
...............................................................
................................................................. Read more

8 more replies
Answer Match 37.8%

hi guys,

every single time I try to rename a folder the boring message "The action can't be completed because the folder or the file is in use" appears even if apparently neither the folder or a file in it is in use.

What I have to do is: Task Manager > Explorer.exe > End Process > File > New Task > Explorer.exe and I am able to rename the folder.

It is a really boring process and I find this process really stupid. The folders I am trying to rename are full of pictures, I think it is something related to the Thumbs files.

Anybody of you have the same issue? Any possible solution?

Thanks

A:PLEASE HELP - The action can't be completed because the folder....

OpenedFilesView - View opened/locked files in your system (sharing violation issues)
Download somewhere at bottom of page.
What file is opened by explorer.exe in that folder?

9 more replies
Answer Match 37.8%

I got my P50 a few weeks ago and yesterday its LCD went half black. OK, this happens.I turned it into authorized premium repair center and they got LCD replaced (as my P50 is under warranty). No big deal.However, they could not re-calibrate the new LCD screen because I do not run Windows on my P50 (running Kubuntu).It would not be a big deal either (the Panel Replacement Utility they have does not run on Linux, but I can live without that), however there is one worrying thing: by my request, they printed Lenove repair instructions for me where it is stated, that "Failing to run the Panel Replacement Utility program will require another LCD panel replacement". Please note "will require". My interpretation of this statement is that LCD will fail again unless I run this Panel Replacement Utility which requires Windows (not Linux version exists). Repair guys could not comment on that in either direction.REALLY????So, despite the fact that nor P50 user guide nor warranty description limit me from using non-Windows OS, the P50 cannot be repaired to be used in full capacity unless I use Windows.Do I miss anything? Is this an official position of Lenovo on non-Windows OS use on ThinkPad P50?

More replies
Answer Match 37.8%

A neighbor brought over his computer since he knows I help folks with infections.  It appears he already ran and removed infections found with SAS Portable and MBAM.  I can include those logs if you like so let me know.
 
DDS Log
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.25.2
Run by HP_Administrator at 12:32:46 on 2013-08-16
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.958.456 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalS... Read more

A:Infected PC with some Removal Completed

Attached file ...

3 more replies
Answer Match 37.8%

Hello,

Had the "Security Center" come up on this computer...got rid of it using the tutorials on this site, along with trying all the other suggestions for removing rootkits that may be causing the redirects. Some solutions seem to run their course, others don't. Still having issues: browser redirects, browsers stop working, MBAM errors, Start menu blank, "waiting for background programs to end" on shutdown.

So, not sure where to go from here. Help please.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by Chance at 6:41:48 on 2012-01-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3895.2379 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\wind... Read more

A:Completed all self-help tutorials, still have rootkit

Hello and Welcome to the forums!My name is Gringo and I'll be glad to help you with your computer problems.Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links.Link 1Link 2Link 31. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the runn... Read more

22 more replies
Answer Match 37.8%

hi there,
plese consider that who's writing (me) is a sw/hw total illiterate..
 
months ago i downloaded a .exe (then uninstalled) to upload videos on youtube and from that time:
 
- at every web connection (firefox), the start page is http://istart.webssearches.com + the last web page visited at previous connection (two windows). i set up new homepage but nothing changes.
- pop ups frequently open (then disabled via settings).
- mouse stops/blocks for a second while using it.
 
i downloaded combofix and let it run. everything seems worked correctly, but now i don't know how to proceed.
here below the log i got - integral copy&paste - now saved on desktop.
if i understood well, malware etc will be removed once combofix is uninstalled and i still have to uninstall it..
 
i hope you can help me about how to proceed.
 
thanks++
iggy
 
 
 
ComboFix 14-05-19.01 - user 19/05/2014  19.13.03.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.39.1040.18.1919.1432 [GMT 2:00]
Eseguito da: c:\documents and settings\user\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dati applicazioni\kp_0loor.pad
c:\documents and settings\user\Dati applicazioni\cacaoweb
c:\documents and settings\user\Dati applicazion... Read more

A:ComboFix ran&completed - don't know how to proceed

..if i understood well, malware etc will be removed once combofix is uninstalled and i still have to uninstall it.. ...that is not true...  Hello iggy1427,my name is Jo and I will help you with your computer problems.Please follow these guidelines:Logs can take a while to research, so please be patient.Read and follow the instructions in the sequence they are posted.print or copy & save instructions.back up all your private data / important files on another (external) drive before using our tools.Do not install / uninstall any applications, unless otherwise instructed.Use only that tools you have been instructed to use.Copy and Paste the log files inside your post, unless otherwise instructed.Ask for clarification, if you have any questions. Stay with this topic til you get the all clean post.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.***1. Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.Vista / Windows 7/8 users right-click and select Run As Administrator.A Notepad document should open automatically called checkup.txt; please post the contents of that document.***2. Download OTL to your desktop.Double click on the icon to run it.Vista / Windows 7/8 users right-click and select Run As Administrator.Make sure all other windows are closed and to let it ... Read more

3 more replies