Tech Problem Aggregator

terrible, periodic computer lag. Might be malware related

Q: terrible, periodic computer lag. Might be malware related

I originally posted this in the XP forum, but was told to try this one instead. Here is a link to the original thread, where I explain what problems I am experiencing:problem explanationBelow you will find my DDS log. I have attached the other required DDS log as well.DDS (Ver_10-03-17.01) - NTFSx86 Run by Bob Vernon at 18:19:12.98 on Sun 08/08/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.255.99 [GMT -4:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\WINDOWS\System32\Ati2evxx.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINDOWS\System32\svchost.exe -k imgsvcC:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exeC:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Apoint\Apoint.exeC:\Program Files\Apoint\Apntex.exeC:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXEC:\WINDOWS\system32\ctfmon.exeC:\Documents and Settings\Bob Vernon\Local Settings\Application Data\Google\Update\GoogleUpdate.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\Bob Vernon\My Documents\Downloads\dds.scr============== Pseudo HJT Report ===============uStart Page = hxxp://wapp.verizon.net/bookmarks/bmredir.asp?region=all&bw=dsl&cd=7.0unattached&bm=ho_centralBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllEB: {32683183-48a0-441b-a342-7c2a440a9478} - No FileuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [Google Update] "c:\documents and settings\bob vernon\local settings\application data\google\update\GoogleUpdate.exe" /cmRun: [Apoint] c:\program files\apoint\Apoint.exemRun: [Camera Detector] c:\progra~1\acdsys~1\devdet~1\DEVDET~1.EXE -autorunIE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exeIE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exeIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeDPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cabDPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CABDPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cabSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll================= FIREFOX ===================FF - ProfilePath - c:\docume~1\bobver~1\applic~1\mozilla\firefox\profiles\83ronqku.default\FF - prefs.js: browser.search.selectedEngine - Ask.comFF - prefs.js: browser.startup.homepage - gmail.comFF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=FF - plugin: c:\documents and settings\bob vernon\application data\move networks\plugins\npqmp071503000010.dllFF - plugin: c:\documents and settings\bob vernon\application data\move networks\plugins\npqmp071505000011.dllFF - plugin: c:\documents and settings\bob vernon\application data\mozilla\plugins\npgoogletalk.dllFF - plugin: c:\documents and settings\bob vernon\application data\mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: c:\documents and settings\bob vernon\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dllFF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\---- FIREFOX POLICIES ----FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");============= SERVICES / DRIVERS ===============R0 va16w2;va16w2;c:\windows\system32\drivers\va16w2.sys [2002-7-25 18665]R0 va32w2;va32w2;c:\windows\system32\drivers\va32w2.sys [2002-7-25 25689]R3 ati2mpab;ati2mpab;c:\windows\system32\drivers\ati2mpab.sys [2002-7-29 313344]R3 HSFHWVIA;HSFHWVIA;c:\windows\system32\drivers\HSFHWVIA.sys [2002-7-25 155732]S3 bcm;WiMAX Network Adapter;c:\windows\system32\drivers\drxvi314.sys [2009-9-3 280576]S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\drivers\BcmBusCtr.sys [2009-9-3 51456]S3 cm_net;C-motech USB Network Adapter Drivers;c:\windows\system32\drivers\cm_net.sys [2010-4-28 112640]S3 cm_ser;C-motech USB Serial Port2 Driver;c:\windows\system32\drivers\cm_ser.sys [2010-4-28 103680]S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-7-5 30576]S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2009-12-18 20480]S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2009-12-18 174720]S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~2\vzacce~1\SMSIVZAM5.SYS [2009-5-25 32408]S3 WPC11;Instant Wireless Network PC Card V3.0 Driver;c:\windows\system32\drivers\LSWLNDS.sys [2003-1-22 54083]S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [2009-5-20 627072]S4 Cimbrpatatt;Cimbrpatatt; [x]=============== Created Last 30 ================2010-08-04 02:40:27 0 d-----w- c:\program files\WinDirStat2010-07-14 14:22:45 215920 ----a-w- c:\windows\system32\muweb.dll2010-07-14 14:22:44 16736 ----a-w- c:\windows\system32\mucltui.dll.mui2010-07-14 14:22:43 274288 ----a-w- c:\windows\system32\mucltui.dll2010-07-14 00:27:43 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe2010-07-13 16:55:04 56 ---ha-w- c:\windows\system32\ezsidmv.dat==================== Find3M ====================2010-05-20 19:27:24 677232 ----a-w- c:\windows\system32\LCCoin32.dll2010-05-20 19:27:24 39280 ----a-w- c:\windows\system32\nx6000res.dll2010-04-21 23:33:13 16384 -csha-w- c:\windows\system32\config\systemprofile\cookies\index.dat2010-04-21 23:32:22 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012010042120100422\index.dat============= FINISH: 18:20:37.01 ===============

A: terrible, periodic computer lag. Might be malware related

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREWe also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:Why we request you disable CD Emulation when receiving Malware Removal AdviceThen create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:How to create a GMER logElle

12 more replies
Answer Match 87.36%

Sony Vaio, Windows XP home addition version 2002, service pack 3
mobile amd athlon(xp),1600+, 1.40ghz, 256mb of ram.

I have an older laptop, but it has ran like a dream up until a week or so ago.

There is something wrong with it, as it is taking much longer than normal to start up. Moreover, it is experiencing intermittent spikes in very high usage while i'm surfing the internet. Sometimes the lag lasts upwards of 20 minutes, where I'm unable to do anything on my computer. This is extremely frustrating, and renders my computer useless much of the time.

I originally thought it was a memory issue, as I had added a few moderately sized programs recently, but have since removed all of them and even freed up additional space.

I prefer to play dumb, and go from the square 1 approach. Thus, I'd rather have someone guide me through steps that will solve the problem, rather than me trying things out and then having someone fix those just to get to square 1.

I have had great success with bleeping computer experts getting rid of viruses in the past, and am hopeful someone at this site can remedy this issue as well.

If this is the wrong forum, please move to the correct one if possible. Thank you.

A:Terrible, periodic computer lag

I have had great success with bleeping computer experts getting rid of viruses in the pastYour computer may be reinfected...With the information you have provided I believe you will need help from the malware removal team. I would like you to start a new thread and post a DDS log HERE and include a link to this thread. Please make sure that you read the information about getting started before you start your thread.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient. Help is on the way!

3 more replies
Answer Match 64.26%

Hello everyone, I'm having a real tough time trying tofigure out what is going wrong with my computer:

In as short as a few minutes to as long as a few hours, mycomputer will completely freeze (keyboard takes no input, mouse is stuck inlast position). The only way to resume usage is to reboot after holding downthe power button.

The only common thread through all the freezes *seems* to bethe active use of a web browser (Chrome/Firefox/Explorer). The freezes onlyseem to occur when the active window is one of the web browsers (and possiblyonly when the browser is in 'full screen mode', still testing that) what thatpoints to, I have no idea...

I did a uninstall and then re-install of all browsers withthe most current versions, but after a few hours of Chrome / Explorer, I gotanother freeze.

Any ideas as to what is going on is greatly appreciated,thank you for reading.

More replies
Answer Match 63.84%

Every so often (once or twice in a 24 hour period), my internet completely disconnects. It drops me from IRC, torrents, Steam, any browsing I'm doing, and so on. This seems to happen only on this computer (I have another computer and an Xbox 360 on the same wireless network, and neither of them drop when my computer drops.

This, alongside the consistent HDD activity light (and sound) that appears during these disconnections, leads me to believe that there is a program on my computer causing these disconnections. I'm reasonably certain that I am virus free and a "legitimate" program is causing, as I run regular scans using both Microsoft Security Essentials and Trend Micro HouseCall.

However, I'm still stumped: I have no idea what program could be causing this and I have no idea to figure out how to deduce this. Can somebody recommend me some monitoring tools that I can use to see what programs are active when these disconnections occur? I have tried going to Resource Monitor but it never ever seems to open fast enough to display what is going on during the disconnections, so I need something that provides logging functionality. Can anyone suggest free monitoring tools I can use to clear up this mystery?

A:Periodic Internet disconnections - related to program activity?

Have a look at this Microsoft article: How to troubleshoot network connectivity problems in Internet Explorer

You might also want to run a virus scan with Malwarebytes.

http://www.malwarebytes.org/products/malwarebytes_free

6 more replies
Answer Match 57.96%

To whom it may concern,

I don't exactly know how to explain my issue, only that my computer is skipping. It usually happens when I am playing a game and it affects my computer for a good length of time making the audio, video and mouse pointer skip from one point to the next. This issue only started happening yesterday and I thought nothing of it thinking a simple restart would help, but now after the third time it has happened today I am looking for a very effective permanent solution if one is available.

I did a google search on my issue and found a related thread here which was solved, I can only hope that you can help me as well.

- Xirion
 

A:Computer Skipping - Possible Malware Related.

Here is the HJT log of my computer.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:15:33 PM, on 21/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\ASUS\AI Nap\AiNap.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Google\Google Talk\googletalk.... Read more

1 more replies
Answer Match 57.54%

Hey Guys,I'm New Here, And I've Been Looking For Someone Who May Be Able To Help With Me A Few Potential Problems. First Off, I've Found That When I've Booted My Computer (I'm Running XP Professional) As Soon As The Welcome Screen Dissappears (No Password Login, Just One Account) My Screen Goes Fuzzy For A Few Moments But Then Returns Normal With The Proper Desktop Picture Up. I've Tried Reinstalling My Driver Hardware For My Monitor As I Presumed It May Be That, But To No Avail, I've Tried A Restore To A Date Before The Problem Occured, But Once Again To No Avail. Another Problem I'm Finding I'm Having Is That My Mozilla Firefox Seems To Almost Reinstall Itself After A While, As My Settings For My Addons Are Reset And It Opens As If Mozilla Has Just Been Installed Onto My System. Also I'm Finding That Sometimes When My Computer Seems To Be Affected By Too Much Usage Of Memory By Processes, Upon Trying To Bring Up The Task Manager, My Computer Sometimes Does Not Respond To The Keystroke, And I'm Left To Use "Process Explorer" To Check What Is Running Upon My System.I'm Not Sure If Any Of The Problems And Issues Are Malware/Virus Related Or Maybe Hardware Related, But I'm Hoping That I Will Be Able To Find A Possible Solution As I'm Not Welcoming To The Fact Of Having To Reformat If It Can Be Avoided, Any Help In Advance Guys Would Be Fantastic, Here Is My Log In The Following..Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:46:36 PM, on 19/09/2008Platform: ... Read more

A:Not Sure If It's Malware Related, But My Computer Is Unwell In Several Ways, Can Anyone Please Take A Look At My Log?

Hello prottura,

Welcome to Bleeping Computer

Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea

1 more replies
Answer Match 57.54%

Hello,

I've recently been having issues where my computer will stop responding at random times. I haven't yet noticed a pattern, but the most recent issue happened when I opened Facebook. If I'm playing music when the freeze happens, it starts sounding creepy and machine-like, with high-pitched noises and other strange sounds. Other windows stop responding and I can't use my computer for about 30 seconds. I'm not sure if this is Malware related or not. I haven't been to any malicious websites or downloaded anything, but I don't know what else the problem could be.

Also, I'm running Windows 7 on an HP dm4x series laptop. I believe drivers are up to date and updates are installed to Windows.

Thanks!

Below are HJT and DDS logs. I will upload a GMER log when I can, but the scan was taking a long time.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:41:58 PM, on 2/28/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\H... Read more

A:Computer freezing constantly: Malware related?

Here is the GMER log:

GMER 2.1.19115 - http://www.gmer.net
Rootkit scan 2013-03-01 11:30:31
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST975042 rev.0003 698.64GB
Running: GMER.exe; Driver: C:\Users\Kyle\AppData\Local\Temp\kwldqpow.sys
---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a71465 2 bytes [A7, 77]
.text C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a714bb 2 bytes [A7, 77]
.text ... * 2
.text C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe[3280] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a71465 2 bytes [A7, 77]
.text C:\Program Files (x86)\Cisco\Cisco NAC Agent\NACAgentUI.exe[3280] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a714bb 2 bytes [A7, 77]
.text ... * 2
.text C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a71465 2 bytes [A7, 77]
.text C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000077a714bb 2 bytes [A7, 77]
.text ... * 2
.text C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe[3732] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077a71465 2 bytes [A7, 77]... Read more

3 more replies
Answer Match 56.7%

Hi there, i?m new here, i?m from spain so maybe i cant explain very exactly in english so, i?m sorry!I?ve found this site in google and i think maybe you can help me, before posting in this forum i?ve read your: "Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help"I?m not able by the moment of making a backup of my data, i dont have now a external hd. is it sure to make this copy if my computer is probably already infected by a malware or something like this?I am using a hp pavilion dv7 lap top with 64 bits windows vista home premiumI am not very good with computers but i?ll try to explain my problemI was working with "adobe premiere" editing some videos, it began to give problem and finally this premiere archive i was working with stopped working at alleach time i try to run this archive it creates this files in the same directory i was saving it, they are:- lsprst7.dll- lsprst7.tgz- sysprs7.dll- sysprs7.tgz- tmpPrst.tgzI?ve looked in google and i think it has something to be with some kind of malware. You help some people with similar problem with "combofix" but i?m afraid it would not work with my windows.I?m not using a lot the computer now because i imagine the malware will go infecting other applications as i go using them, i?m a bit scared about it...i?ve also disabled my cd simulation softwarenext i?ve installed "dds" and this is the log:DDS (Ver_09-12-01.01) - NTFSX64 Run by Juan at 17:29:49,57... Read more

A:lsprst7.dll, some malware related to this archive and others infected my computer

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

3 more replies
Answer Match 56.7%

Hi, Sometime between June 15th and 18th, System Restore had stopped functioning properly. When perform a system restore, I receive the following message at the end of the restoration process: "X Restoration IncompleteYour computer cannot be restore to [insert any date here]" On June 18th, my computer experienced a BSOD. I created a topic in the Windows XP Home and Professional forum. A BC Advisor instructed me to perform a memory test and so I did - it passed. In his next reply, he asked me "What is new or different since the last time everything worked properly?" My reply included a list of software that had been installed and removed within three days of the BSOD. Additionally, my reply mentioned that I had help cleaning my computer from June 12th-15th at GeeksToGo. The BC Advisor recommended I check with the "malware folks" to make sure my computer is indeed clean so here I am. Mod Edit: XP Forum Topic Issues:- Faulty System Restore- Blue Screen of Death- When Windows starts, the computer will idle on the desktop background before loading the taskbar and desktop icons. When the computer starts loading the taskbar and desktop icons, the computer's performance seems normal (I'm not sure if this is related but I figured I'd mention it anyway). I'm unsure whether or not this is necessary but I figured it couldn't hurt. The following is a list of all tools used during the cleaning process of my computer: - OTL - Malwarebytes&#... Read more

A:Is my computer clean? Is the BSOD a malware-related issue?

On June 18th, my computer experienced a BSODJust once?I see, you ran BSV and it reports only one BSOD.

more replies
Answer Match 56.28%

Few days ago my computer started randomly rebooting or locking up with no prior warning. I realize this could be a hardware issue, but the symptoms started right after I ran into some malware infections. This issue and symptoms are very similar to this one here hxxp://www.techsupportforum.com/security-center/virus-trojan-spyware-help/hijackthis-log-help-inactive/132058-computer-randomly-rebooting.html. I made a new thread concerning this problem because on a reply it was stated that the fix was computer specific. I removed some of the spyware with help of ad-aware and avg antivirus, but I doubt I had them all removed.

ZoneAlarm firewall and AVG Anti-Virus are on constantly and I try to keep my Windows update up to date all the time.

Following is a list of the programs I deleted. I got suspicious when ZoneAlarm warned me that they are trying to access internet (it was the first time they asked for rights), so I googled for them and removed them:

w.exe C:\Windows\system32\w.exe

first179.exe C:\Documents and Settings\username\Local Settings\Temp\first179.exe (removed by AVG Anti-Virus after a full system scan)

frmwrk32.exe C:\Windows\system32\frmwrk32.exe

One symptom of infection was that at first my desktop icon titles lost their transparency/drop shadow and were replaced by a "blue box" behind them. Later on, my whole desktop background became blue. I managed to "fix" this, so unfortunately I don't have a screenshot of it.

Here's dds l... Read more

A:Computer randomly freezing or crashing - spyware/malware related?

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Your hard drive is almost full. Having too little free space on your hard drive can compromise system performance.


Quote:




C: is FIXED (NTFS) - 29 GiB total, 0,384 GiB free.




I suggest you move pictures, music, etc. to an external drive or USB stick if you have one and uninstall any programs that are never or hardly ever used.

------------------------------------------------------

Please visit this webpage for download links, and instructions for running ComboFix:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all antivirus and antimalware programs so they... Read more

19 more replies
Answer Match 56.28%

Few days ago my computer started randomly rebooting or locking up with no prior warning. I realize this could be a hardware issue, but the symptoms started right after I ran into some malware infections. This issue is very similar to this one here http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/hijackthis-log-help-inactive/132058-computer-randomly-rebooting.html. I made a new thread concerning this problem because on a reply it was stated that the fix was computer specific. I removed some of the spyware with help of ad-aware and avg antivirus, but I doubt i had them all removed. Any help is greatly appreciated.

Here's my HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:26:05, on 2.3.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\iTouch\iTouch.... Read more

A:Computer randomly freezing or crashing - spyware/malware related?

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

------------------------------------------------------

1 more replies
Answer Match 55.02%

I don't have any particular problems on this computer, I just thought it was about time that I got this computer checked out. I'd appreciate any help or advice on how to improve security, etc. Thanks

Logfile of HijackThis v1.99.1
Scan saved at 16:10:21, on 06/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Hummbird\inetd32.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\mysql\bin\mysqld-nt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\progra~1\mcafee.com\vso\mcvsesc... Read more

A:Solved: Periodic Malware Check. HJT log included.

Rescan with Hijack This.
Close all browser windows except Hijack This.
Put a check mark beside these entries and click "Fix Checked".

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...up1.0.0.15.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/20c5781d...p/RdxIE601.cab

Reboot.

Everything else looks okay.
 

3 more replies
Answer Match 55.02%

I just finished removing a fake antivirus program using rkill and malaware. However, I'm still having a problem with internet advertising sound appearing and disappearing randomly without having IE open. Help!

PS - getting professional help from you guys is really great. Thank you.

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 8.0.7600.17267 BrowserJavaVersion: 10.21.2
Run by Amy at 22:47:50 on 2013-05-17
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3893.1729 [GMT -5:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvsca... Read more

A:Periodic Advertising Sound Virus / Malware

I have also attached a log from tdsskiller if that is helpful.

1 more replies
Answer Match 55.02%

Hello,
I occasionally run an in depth clean-up of my computer to make sure it is free of malware, etc..., and often I scan, back-up, and clone for simple fix/replacement should I have a problem. My current clones are of a year old system, so there might be some issues. More recently, I am getting occasional redirects from webpages/searches that might be of concern.
If a Bleepingcomputer expert would please take a look at the logs for a review, I would greatly appreciate it.

I just completed a MBAM scan and reboot which removed 12 issues.

Thanks!

Walter
DDS (Ver_09-10-26.01) - NTFSx86
Run by Walter L Wilson Jr at 16:43:06.72 on Wed 11/11/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_10
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3069.1882 [GMT -5:00]

AV: BitDefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
SP: BitDefender Antispyware *enabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Common Files\BitDef... Read more

A:Periodic malware examinationb/tune-up, possible redirects

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner ... Read more

10 more replies
Answer Match 54.6%

This Malware Issue is getting on my nerves, tried alot and nothings workedEverytime i access explorer and go into two folders a pop-up error message comes up stating "Some dangerous viruses detected in your system Microsoft windows xp etc etc" with a yes or no, obviously one would select no, but i'm still brought to a website hxxp://sc.videofreeforonline.com/id/4912933/4/1/ any ideas?heres my Hijackthis LogLogfile of Trend Micro HijackThis v2.0.2Scan saved at 2:46:36 PM, on 11/5/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\WINDOWS\System32\WL... Read more

A:Malware = Terrible

Hi,I see you are running Teatimer.I suggest you to disable it because it can interfere with the changes you'll make on your system.When everything is done and your log is clean again, you can enable it again.If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.How to disable TeaTimer <== click me for instructions.After you disabled Teatimer, download ResetTeaTimer.bat to your desktop. (In case you use Firefox, rightclick the link and choose "save as").Doubleclick ResetTeaTimer.bat and let it run.This will only take a few seconds.Then, * Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:O2 - BHO: Aj.Popa - {BC354443-937D-498B-A792-B6E388CDFCE6} - C:\WINDOWS\system32\dipynxx2.dllO2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll <== not recommended* Click on Fix Checked when finished and exit HijackThis.Make sure your Internet Explorer is closed when you click Fix Checked!Reboot your computer.After reboot, navigate to and delete the following file if still present:C:\WINDOWS\system32\dipynxx2.dllDon't worry if you can't find it anymore.Then scan with HijackThis again and post the log in your next reply.

8 more replies
Answer Match 54.6%

Hello guys,

I am just wondering whether can you guys help me to get rid of this pest? I think it's called Razespyware. I am not sure but that's the one that keep popping up. Not to mention a dozen of others. I think i have more than 1 malware cause i remembered i search with spybot before and it returned with 6 identified spware. Help .. I can't seem to get rid of it and worst of all, I CAN'T boot in safe mode. I tried to go in but something like 'mlti//ard ..disk .. dunno what partition' came out instead. I can boot in normally but i can't access another program or another website other than RAZESPYWARE !!!! But luckily for me, i have downloaded HijackThis earlier on and i am posting my log here. Please teach me what to do. Million of thanks in advance :D


Logfile of HijackThis v1.99.1
Scan saved at 7:19:03 AM, on 12/1/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\... Read more

A:Terrible Malware - I think i got 15 !!?? HELP

Oh my what a mess. Since you have no way to access the net to download programs I'm going to try a manual fix on your hijackthis log and try to get internet access back. If it doesn't work...you'll need to download the tools from another PC and move them to the infected PC and run them.

Go to My Computer->Tools->Folder Options->View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing/visible.
Please make sure system restore is enabled by right clicking on My Computer and go to Properties->System Restore and check the box for Turn OFF System Restore and make sure it?s NOT checked. We want system restore ON and monitoring your current hard drive. Once your clean we will turn this off and then back on to remove the infection from the restore folder and create a clean restore point.

Open up task manager and KILL the following processes...

C:\WINDOWS\System32\kernels32.exe
C:\WINDOWS\inet20066\services.exe
C:\WINDOWS\System32\vxh8jkdq2.exe
C:\WINDOWS\System32\dllcache\IExplore.exe
C:\WINDOWS\inet20066\socks.exe
C:\WINDOWS\System32\split1.exe
C:\PROGRA~1\WHATPU~1\WHATPU~1.EXE
C:\winstall.exe
C:\WINDOWS\System32\explorer.exe
C:\DOCUME~1\Joseph\LOCALS~1\Temp\svchost2.exe
c:\windows\csrss.exe

Check and fix the following in HijackThis if they still exist (make sure you do not miss an entry)

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R0 - HKCU\So... Read more

19 more replies
Answer Match 54.6%

Hello, everyone. I haven't been able to find anything about this on Google, but you guys seemed pretty knowledgeable and helpful, so I thought I'd ask you.

I have a three week old brand new computer running XP. Every once in a while there is this small, brief shuffle sound (page turning? A scratch?) that plays in the background, often twice three or four seconds apart. It's especially noticeable if I have my headphones on, but aside from being irritating, I'm worried that this means I have some devious malware doing something.
My old computer (also XP) had this problem too, so I'm afraid it's a site I frequent that's giving it to me. Have any of you ever heard of anything like this? Thank you so much for any help you can give me.

Sara

A:Periodic light shuffle/scrape sound - is it malware?

Do you have any special themes in place? Anything customized for sound?Let's do a quick diagnostic...The process of cleaning your computer may require temporarily disabliling some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message ... Read more

1 more replies
Answer Match 52.92%

( HijackThis Log: Please help Diagnose)Hi all,I'm looking for help--I have hardly slept in order to fix my computer. I have a "Dr. Guard" application that acts as a fake antivirus that keeps opening random pop-ups and windows alerting me of viruses. I tried downloading SSDKiller.zip but I have Vista 64xBit, so this Kapersky application didn't work. I went on another forum that advised me to use the application "hijackthis". This is what lead me here: I have a log text file, but I have no idea of how to clean my computer. I would really appreciate all the help that I can help since my computer will be vital to my work as my semester is ending in about two weeks.Any help would be grandly appreciated.Here's my log:at Logfile of Trend Micro HijackThis v2.0.2Scan saved at 03:10:02, on 2010-03-13Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18385)Boot mode: NormalRunning processes:C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Users\owner\AppData\Local\Temp\ejhw4hlc.exeC:\Users\owner\AppData\Local\Temp\asr64_ldm.exeC:\Users\owner\AppData\Local\Temp\svchost.exeC:\Program Files (x86)\McAfee Security Scan\1.0.150\SSScheduler.exeC:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exeC:\Program Files (x86)\Internet Explorer\IEU... Read more

A:Dr. Guard Nightmare--I need help to remove this terrible Malware

Hi purplepaperdollWelcome to Bleeping Computer.I'm maranatha and I will be handling your log to help you get cleaned upPlease do the following in the order given.Download Malwarebytes' Anti-Malware (MBAM) from here or here and save the file to your desktop.Double click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select 'Perform Quick Scan', then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note below)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Post the entire report in your next reply. Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.Please post the MBAM log and a new Hijackthis log.Thanksmaranatha

3 more replies
Answer Match 52.5%

 
So I booted up Firefox today and there were all these weird adds by something called SalePlus. Followed the link which said I could remove it from the control panel but it isn't there. AVG and Malwarebytes can't detect it apparently. Ran AdwCleaner and that didn't fix the issue either. I can't find out where the SOB is hiding and could use some help.
 
Thanks,
kurokun
 

A:Some Terrible Malware/Adware Called SalePlus is Screwing With Me.

Hello and welcome to Bleeping Computer! My nickname is Pystryker , and I will be helping you with your issue today.Before we get started, I have a few things I need to go over with youIf you are receiving help for this issue at another forum, please let me know so I can close this thread.Please download to and run all requested tools from your Desktop.Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.Please stay with me until the end of all steps and procedures and I declare your syste... Read more

9 more replies
Answer Match 52.5%

Hello guys,I am just wondering whether can you guys help me to get rid of this pest? I think it's called Razespyware. I am not sure but that's the one that keep popping up. Not to mention a dozen of others. I think i have more than 1 malware cause i remembered i search with spybot before and it returned with 6 identified spware. Help .. I can't seem to get rid of it and worst of all, I CAN'T boot in safe mode. I tried to go in but something like 'mlti//ard ..disk .. dunno what partition' came out instead. I can boot in normally but i can't access another program or another website other than RAZESPYWARE !!!! But luckily for me, i have downloaded HijackThis earlier on and i am posting my log here. Please teach me what to do. Million of thanks in advance :DLogfile of HijackThis v1.99.1Scan saved at 7:19:03 AM, on 12/1/2005Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBB... Read more

A:Terrible Malware - Razespyware? Xp Won't Start In Safe Mode

Hello,I have bad news for you. Your system is badly compromised. Razespyware is only a small detail if I compare with the rest what is going on on your system.You don't have only several variants of stubborn spyware/adware present, You also have several trojans/viruses/worms/backdoors present as well which already damaged a lot, collected your passwords and other personal info... your system is no longer trustworthy and you infect other systems as well.I think none of your scanners are up to date.So you really need to decide what to do here. If we clean this up, I can't promise we could restore all the damage it already caused. I can't promise we'll be able to find and clean everything, because this type of malware hides deeply in your system, so I can't promise you'll be able to trust your system again afterwards.So the decision is yours, but if I were you, I would reformat my system and reinstall windows. Please update immediately to Service Pack2, because I see you're still having Service Pack1 installed, which leaves your system vulnerable.So, what do you decide?

2 more replies
Answer Match 51.24%

running windows xp, cable modem motorola, airlink 101 wireless router -- computer that is lossing connection is direct wired to router, not wireless. also have a vonage box direct to router. the wireless laptop maintains connection just fine. it's the desktop that loses connection for no apparent reason -- can't find websites and no email with eudora. rebooting restores connection. all lights are on on modem.
have checked device manager, nothing obvious. also cmd propmt ping and get 100% lost packets even when connection is there. tried to ipconfig /all but command window flashes too quick to see even trying break or escape. have shut down some services a few months back -- could a service be the culprit.
would appreciate any help.
 

A:periodic loss on one computer

11 more replies
Answer Match 50.82%

I have a default Yoog Search in my Search Engines, i try to remove it and set it as google but it would again default to Yoog. Next thing is I just cannot run 'sybot search & destroy' and doesnt let me open any anti-malware related sites. I cant download any anti malware apps. I am just stuck. I saw a post " Win 2K hijack issue - unable to run malware apps!". I have exactly the same case on my system.

 

More replies
Answer Match 50.82%

Hello, a while a back ago I had essentially frankensteined my computer from various parts I found at Fry’s Electronics on a black Friday night. Here are my specs:

AMD Athlon II x2 255 processor, 3100 Mhz, 2 core
ATI Radeon HD 5570
10 GB RAM

Regardless of my incompetence with creating a good machine, when I managed to assemble the computer it seemed to work fine. And so for a good 9 months I was completely content with my machine running all the games I wanted in low-medium settings. I played StarCraft II and Shogun 2: Total War without any problem. Then I downloaded The Witcher, for a while I was able to play it at a consistent 25 FPS on lowish settings but somewhere along the end of the second act the game just dropped into a state of constant periodic lag so I started playing Shogun 2 and StarCraft but they did the same thing. And thus we get to the present problem. Whenever I get into a 3D intensive game (Shogun 2: Total War, StarCraft II, Dead Space, Assassin’s Creed ect) and play it for more than 5 minutes I get this periodic lag every 2-3 secs where my FPS drops from 30-40 to 5-13 for about a sec then jumps back up to normal only to do it again. This really makes all new games that I buy completely unplayable.

First I thought that my computer may be a little dirty, so I opened the bad boy up and game it a good clean with compressed air. This did not work so I decided to get some help.

Initially I went to The Witcher Forums and asked for some guidance. Some people ... Read more

A:Computer Goes into Periodic Lag When Playing Games

7 more replies
Answer Match 50.82%

Hi all.
My computer has recently started freezing for no apparent reason at all. The cpu spikes to 100% and process explorer shows DPC using it up. no idea why it started. disappears just as randomly in like 1 - 5 minutes. I'm getting pretty desperate since i need to work on my computer a lot.

I scanned the system with spybot search and destroy. nothing found. I had recently had a memory upgrade but dont think that could cause this.

Any help would be appreciated greatly
 

A:periodic computer freezes (DPC takes 100% cpu)

Pardon my ignorance, what is DPC?
 

2 more replies
Answer Match 50.82%

Hello, a while a back ago I had essentially frankensteined my computer from various parts I found at Fry’s Electronics on a black Friday night. Here are my specs:

AMD Athlon II x2 255 processor, 3100 Mhz, 2 core
ATI Radeon HD 5570
10 GB RAM

Regardless of my incompetence with creating a good machine, when I managed to assemble the computer it seemed to work fine. And so for a good 9 months I was completely content with my machine running all the games I wanted in low-medium settings. I played StarCraft II and Shogun 2: Total War without any problem. Then I downloaded The Witcher, for a while I was able to play it at a consistent 25 FPS on lowish settings but somewhere along the end of the second act the game just dropped into a state of constant periodic lag so I started playing Shogun 2 and StarCraft but they did the same thing. And thus we get to the present problem. Whenever I get into a 3D intensive game (Shogun 2: Total War, StarCraft II, Dead Space, Assassin’s Creed ect) and play it for more than 5 minutes I get this periodic lag every 2-3 secs where my FPS drops from 30-40 to 5-13 for about a sec then jumps back up to normal only to do it again. This really makes all new games that I buy completely unplayable.

First I thought that my computer may be a little dirty, so I opened the bad boy up and game it a good clean with compressed air. This did not work so I decided to get some help.

Initially I went to The Witcher Forums and asked for some guidance. S... Read more

A:Computer Goes into Periodic Lag When Playing Games

Hi

I suspect that your computer is still infected. Take a look at these two forums. Only post in one. The first link will usually be sufficient for most users.

Am I infected? What do I do? No DDS, HijackThis, or ComboFix logs should be posted in this forum.
http://www.bleepingcomputer.com/forums/forum103.html

Virus, Trojan, Spyware, and Malware Removal Logs
http://www.bleepingcomputer.com/forums/forum22.html

As you may have noticed, no cleaning program gets everything.
Thus my suggestion to get an all clear from one of the two forums.

Once you have done gone to the Malware specialists here, Please only follow suggestions from there.

Roger

1 more replies
Answer Match 49.98%

I am running Windows 7 64 bit. My computer freezes after starting up this usually persists for about an hour. After it runs smoothly for a while then freezes again randomly. I have ran Malware bytes and removed some malware but that did not help. I've also ran Reg cure Pro and Cccleaner. This all happened randomly after I used windows update, I am not sure if that's what caused it or just a coincidence.

A:Computer not responding after starting periodic freezes

Some systems have had issues with some of the updates, check the following link might be of help.
 
http://www.bleepingcomputer.com/forums/t/528211/windows-update-error-800700c1/?hl=%2Bwindows+%2Bupdates#entry3322955

5 more replies
Answer Match 49.98%

The computer I just built is working fine and everything seems to be great, except for a periodic beep that I get and can't figure out it's cause. The beep is probably about every half hour or hour. I suspect it may have something to do with my Shuttle AK32 motherboard, but I don't know how to get rid of it. Has anyone had a similar problem and or may have any suggestions.
 

A:Periodic Beep, Computer works great

Try stopping background applications you have running, when the beeps stop, you have your cause.
 

1 more replies
Answer Match 49.56%

Straight Forward, my internet it terrible,
we use sky broadband and we pay for 15mbs or 25mbs, I don't know which one but the speeds I am getting is nowhere near even 15mbs
Please see attached for the internet speedtests...
My room is the furthest in the house and only has one plug in the whole room (I cannot use ethernet because it needs its own socket) which my computer is using
So I have a netgear wireless adapter, nearly all the time my internet is 1.5 ish mb but sometimes it goes basically to 0, the thing which is weird is how my phone
gets 10mbs as you will see in attached but the computer (at this moment in time) it getting nothing, is there any way to increase the speed and I will try anything anyone asks
because I cannot do anything with this internet, even when it is at its best at 1.5..
 

A:Terrible, Terrible Internet Speeds

Not my IP by the way

6 more replies
Answer Match 49.56%

Okay so yesterday I downloaded something, it turned out to be fake. But that wasn't all I logged into my runescape account and somehow they manually turned off my computer and went on my account and stole everything, but that's not the problem.

I had Microsoft Security Essentials and it didn't do anything. I got alot of help after that, people told me I had a rat and they told me to download malwarebytes and AVG. I did that, it said I removed everything but I'm not so sure. How can I be SURE that everything is gone?

A:Need help removing this terrible, terrible thing.

Hello,I think we should look at a log or two. Reboot into Safe Mode with Networking How to enter safe mode(XP/Vista)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
If nothing happens or if the tool does not run, please let me know in your next replyDo not reboot your computer after running rki... Read more

1 more replies
Answer Match 49.56%

I apologize, but you will most likely first notice how long this opening post is. I've dealt with BSOD for quite a while now and I've decided to search for help.. So, I've come to you guys. I've done a lot of research on the problem so I'll throw out some of my ideas.

The Problem:
I can't seem to play semi-graphic intensive video games for no longer than 15 minutes (games such as Counter-strike:source, BF2, Half-life 2 etc). My computer will freeze momentarily, go black, and then proceed to the Blue screen. It used to be that I would recieve an "IRQ not less than or equal" error, but now my BSOD crashes remain just blue, no error codes, 'nuttin'. Now, when I play less intensive graphic games such as regular Counter-strike 1.6, I can go for a few hours before it crashes.


Some Ideas
Heat
Because my computer seems to do a bit better on less graphic intense games, I'm wondering whether it may be a heat issue. More stress = more heat = less time till BSOD? I'm not sure, I'm not a computer guru, but I know a little.
Here are my temps: CPU 51C/123F (55-57C under stress)
MB 34C/93F


Voltage/Power
I did some research, and I learned maybe that power could play a part in problems with BSOD? My PS is one that came with my computer case and I believe it is 350w. It's not the greatest in the world. Idk if i could be gettin too little power and the games may cause it to crash.
He... Read more

A:The terrible terrible BSOD... help appreciated

Hi Ben,

Take a look on the side of your power supply and tell us the brand name, wattage, and how many amps on each rail. That should help because you have some things on your power supply that don't seem quite correct.

Also, just for kicks, download this free program and tell us the temps, the voltages, and the fan speeds. That should help:

SensorView Pro

http://www.stvsoft.com/download.php?id=122

7 more replies
Answer Match 49.14%

I am running windows xp sp2. Last night I got my latest malware and I removed it. One or two items were rootkits. I restarted my computer after entering safemode since I got a blue screen error with some sort of bios statement when entering normally. Now even safemode is dead. Safemode stops halfway at multi(0)disk(0)rdisk(0)partition(2)\windows\system32\DRIVERS\fltMgr.sys

also, debugging mode, bootlog, last known good configuration, and directory service restore mode aren't working. I have so much information on it. I have manuscripts, important favorite, all my music, and everything on it. That data is my most valuable possession. I would be eternally grateful if u help me recover it. Most of my data is located on my second user account within the douments folder and there is a folder on my other username's document folder. Most of my documents and music are irreplacae and my favorite list took ages to compile so I need that too and it's all in my documents. I am using my iPod to post this since my PC is basically dead.

A:Please help--terrible computer problem

about the data...
hooked your hardrive in another computer and make sure the installer OS and recovery software is in another hardrive...
I think there no hard to get the data back if you harddrive still running....but dont forgot what I told...hooked you harddrive in another computer...dont try to recover data from the same hardrive which OS and recovery software installler..

1 more replies
Answer Match 49.14%

I have an older computer that i bought in 2002, its a desktop presario model no. 6027 us.
it has a 2 ghz pentium 4 processor and 512 mb RAM. although these system properties aren't great they should bring me halfway decent performance. the computer is constantly crashing, lagging and even when i try to play computer games that only require half of the resources listed above they will barely play at all. I defrag the hardrives on a weekly bases. I keep it constantly clean from spyware and viruses ( most of the time) and i've even tried completely reformatting, but even after that, there is no diffrence in performance. if anybody would have any idea as to why this is please, share your ideas any help is greatly appreciated.
I also have 220 gigs of free space on two diffrent hardrives.
 

A:My computer performance is terrible

Cleanout the PC of dust
Makesure all fans are working (including the powersupply fan)
Is the memory in 2 sticks or just one...if two take one out and see how it runs then swop for the other one and test again.

are your video drivers up to date...check for updates on the manufactures site.
 

2 more replies
Answer Match 48.72%

This is a strange one. My computer worked fine beforehand. I recently decided to install some memory. I put it in and attempted to start up my computer. The power came on, the hard drive spun briefly, and that's all. The monitor remained off. No sound, no graphics, nothing. So I removed the memory and turned on the computer a second time. It came on fine. I thought it was maybe a bad slot so I put the memory in a second slot. Same problem. No response from my computer. I removed the memory and attempted to turn the computer on a fourth time. No response. I tried rebooting. Nothing. I unplugged the computer, left it for awhile, and tried turning it on again. After several attempts, I gave up, thinking I maybe fried something (maybe the motherboard) possibly from my body's static electricity. There is carpet on the floor and, because of lack of space, the computer stays on the floor.
It was about an hour later, out of sheer boredom, I tried it again. The computer came on, the hard drive spun, and the monitor actually came on. It posted, but when it attempted to actually load Windows, I got a "no system disk found. Insert system disk and reboot(or something like that)" Maybe it was heat related. I thought my HD was dead.
I then inserted a boot disk and scandisk ran for about 5 hours, it found alot of errors, fixed most of them, but couldn't fix one which kept my computer from loading. It wasn't a physical HD problem. Maybe some data was messed up.... Read more

A:Terrible Computer start-up problem. Please HELP!!

First, reset the processor back to defaults. Check the processor fan and heatsink, make sure it is tight and the fan is operational. Check and make sure there is nothing shorting the motherboard to the case like a misaligned screw, or something fell down inside. Reseat all the power connectors to motherboard, floppy, harddrive.
Second, remove everything but the processor, ram, video card and hard drive, try to boot it up with default processor settings. See if it will run normally without the other addin cards.
Could also be a power supply that is starting to go, not supplying enough power to all the components to get everything up and running at the same time.

If it runs start adding in the other cards and testing them, if it works great, if not, maybe you have an idea of what is causing the problem.

With you processor overclocked you are also overclocking your data bus, this can cause the data errors if your hard drive can't take it. Some older harddrives had a habit of doing this on a regular basis.

Anyways, that's the only way I can think of to troubleshoot the problem.

Another remote possiblity is that the motherboard cracked when you installed the memory, they have been known to do that. You have to take care that you don't push too hard yet some of those memory modules take quite a push to get them seated.
 

2 more replies
Answer Match 48.72%

I did everything that was directed in the first thread of this forum from the Moderators and what not.

I checked my computer with the Adaware and then ran a virus scan. It detected a trojan and deleted it or at least it said it did.

I then ran Hijackthis and save the log file. I ran highjackthis Analyzer then and am copying the txt file here for help.

My problem is that when I boot my computer it takes an incredibly long time for my toolbar to become active...this just started recently. I can't access anything and it takes about two minutes before my pop-up blocker software starts as well as the toolbar and object dock I have. Nothing has changed on my computer for over 6 months. Anyway, let me know if there is anything I can fix from the HJT. Here's the log. Thanks,


===========================================================================================================================
Log was analyzed using HijackThis Analyzer - Updated on 12/17/04
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.0
Scan saved at 9:43:37 AM, on 12/22/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.ex... Read more

A:Computer is booting terrible slow

Your log is clean.

Not knowing your system specs.......considering the combination of network configurations, Trend Micro apps and GAIM, I would not be surprised to hear it takes awhile to boot.

I will recommend a couple tools to try, to see if anything is hiding there. If they are unsuccessful in resolving your issue, we will have to move this thread over to the XP forum for further follow-up.

Thanks...........

==========

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there. Download CleanUp! (Alternate Link if main link don't work) and install it. Run CleanUp! and click on CleanUp! button. When it asks you if you want to logoff, click on Yes.

Download TDS-3. Learn how to use it here. Make sure to update it after you installed it. You can get the manual updates here. When you launch the program, it will scan your memory for running processes. This will take less than 30 seconds. Next go to System Testing on the menu and choose Full System Scan. After that's finished, post the log file by selecting everything on the top pane (select from bottom to top).

3 more replies
Answer Match 48.72%

Hi, I'd like to see if the computer is completely free of viruses and if it's possible it can be salvaged? It had a trojan before, and though it appears to be cleaned now, even with a Panda Software Virus Scan, AVG, etc, it's still got some issues. For example, the Search function no longer works as it comes up with a missing file, the computer goes to 100 percent usage fairly easily, and it's been fairly slow at times, especially in terms of the internet.

Here is a HJT log to start:

Logfile of HijackThis v1.99.1
Scan saved at 2:01:58 AM, on 4/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-... Read more

A:Computer in terrible condition after virus

16 more replies
Answer Match 48.72%

Hi, I recieved my new computer (http://www.bestbuy.com/site/desktop...18465504&skuId=6979823&st=ibuypower&cp=1&lp=4) yesterday. The computer runs beautifully, but I can't say the same about the internet. For some reason the internet on it is about 4x slower than on my old computer. Is this because of the WIFI integrated adapter? Specs:
Wifi Adapter: 802.11bgn 1T1Rm Wireless Adapter
Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10 GHz
Graphics Card: NVIDIA GeForce GTX 650
RAM: 8 GB 2x4GB
I really don't want to have to replace this computer because of the WIFI card. Really hope somebody out there can help me, thanks!
 

A:Solved: New computer, Terrible Connection.

12 more replies
Answer Match 48.72%

Recently my computer started having internet speeds of about 4-6 Mbps, when I should be having closer to 50. Thinking this was a problem with the ISP, I called them up and they sent out a service tech. He got here and did a speed test on his laptop, using both wired, and wireless, and he got the speeds I should be getting.

After he left I called up my brother to bring his laptop to do the same. Once again, he got the desired speed. However, my PC is still really slow. One more oddity about the thing, is that when I use a server farther away (~150miles) I get better speeds then when I use a server in the same city.

I've included a Speed test log, which shows just how quickly it changed. The problem started on April 5.

http://www.speedtest.net/results.php?sh=b696c6a628ddd1551147a1e318a37a65&ria=0

I've run multiple MalwareBytes tests, as well an MSE scan, which all came up clean. Since it started, I installed a new network adapter, thinking mine was causing the problem, but to no success. I've also done a complete format, thinking there was something MWB wasn't picking up, but the problem stands. I should also note that it's not just the speed tests that are slow, but streaming and downloads as well. Any input on this is appreciated.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, 64 bit
Processor: AMD Phenom(tm) II X4 965 Processor, AMD64 Family 16 Model 4 Stepping 3
Processor Count: 4
RAM: 1... Read more

A:Terrible internet speeds, this computer only.

9 more replies
Answer Match 48.72%

Hello. Recently my computer randomly messed up, giving me a ton of explorer.exe errors and mstrui.exe errors when systeming restoring... So I couldn't get back to my old settings whatsoever. I'm not sure how this happened as I have no malware on my system as I've always made sure of that.

Well after all that business I reinstalled windows 7. My computer does not work like it use to before I reinstalled. I can't play any games without stuttering. I.E. playable for 1 minute, freeze for 5 seconds and repeat. (I was able to play oblivion max settings) and even minecraft, MINECRAFT lags(single player). Firefox constantly gives me not responding errors. So I had to give up my favourite browser for chrome, which is a resource hog itself. Checked memory, it's fine. Checked HDD it's fine. I'm not sure what it is... I've tried everything. A lot of windows options freezes for 5-10 seconds before opening, per say opening my windows documents, or opening notepad etc. Pretty much anything freezes for 5 seconds.

Specs: AMD phenom II x4 05e
2 gigs ram
ati radeon 5770 1 gig

A:Computer has terrible performance after reinstall

and welcome to the Forum

Did you reinstall the Chipset and other drivers after the installation?

I would run diagnostics on the hard drive by downloading the diagnostic tool for the hard drive brand and making a bootable disc.

Hard Drive Diagnostics Tools and Utilities (Storage) - TACKtech Corp.

See this for how to make a bootable cd:

How to Burn a Bootable ISO File

Also, Probably worth testing your memory . . click on the link to Memtest in my signature . . let it run on one stick at a time overnite or until it starts reporting errors

3 more replies
Answer Match 48.72%

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:21:55 PM, on 10/13/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\SYSTEM32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\uesiuqcr.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\brastk.exeC:\WINDOWS\faceback.exeC:\Program Files\GetModule\GetModule23.exeC:\WINDOWS\system32\doxilglk.exeC:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\WINDOWS�... Read more

A:Daughters computer in terrible shape

Closed.. being helped below:http://www.geekstogo.com/forum/Lots-popups-t214830.html

1 more replies
Answer Match 47.88%

About three days ago, my girlfriend installed some Korean applications on my notebook. Since then, I've noticed some very strange behaviour and slowdowns. I know that Korean software is notorious for backdoor programs. Please, give this a look and see if I have any reason to worry.Logfile of HijackThis v1.99.1Scan saved at 10:58:15 PM, on 16/04/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre1.5.0_11\bin\jusched.exeC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\HPQ\Quick Launch Buttons\EabServr.exeC:\Program Files\Common Files\Logitech\QC... Read more

A:Terrible Korean Apps Are Killing My Computer

Hello Khevinet, I am SifuMike and I will be helping you. Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update. Updating Java: Download the latest version of Java Runtime Environment (JRE) 6u1. Scroll down to where it says "Java Runtime Environment (JRE) 6u1". Click the "Download" button to the right. Check the box that says: "Accept License Agreement". The page will refresh. Click on the link to download Windows Offline Installation, Multi-language jre-6-windows-i586.exe and save to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Examples of older versions in Add or Remove Programs:
Java 2 Runtime Environment, SE v1.4.2
J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 6 Check any item with Java Runtime Environment (JRE or J2SE) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6-windows-i586-p.exe to install the newest version.****************** Disable your antivirus program and go here http://www.bitdefender.com/scan8/ie.html and run an online scan with BitDefender (you will ne... Read more

2 more replies
Answer Match 47.88%

okey so recently i have been having some troubles with my computer about the internet, i get random lag spikes both while browsing and playing online, at first my internet was fast but recently is been a nightmare for me (my internet provider is called "claro", now the weirdest part starts here, the lag spikes i get, only happen on my laptop, not on my other computer, not on my cellphone or tables, just here, and when im playing online, the lag spikes seem to be random, for example im playing gmod on monday and i get the "problem with internet connection, disconnecting on 30:00" every minute, however the next day stuff seems to be completely normal, no lags or anything although this tends to happen rarely, i have already called my internet provider, they checked the connection and told me everything was normal and even reset it to make sure, i also tried using the ethernet cable but that didint worked since it didint even let em enter pages (this could have been a problem with the cable itself), also tried looking for an update to my driver on the manufacture?s page but i did not found anything there, i also downloaded a program called driver detective and said i had 40 problems with my drivers but i need to buy it so i was stuck there.

i would like to know if someone could help me out on this.

my modem model is a: thomson dcw725.

A:terrible and weird internet lag spikes on my computer

Welcome to the Seven Forums.

Please make and run the files mentioned in this post...
Computer connected to internet wirelessly but webpages won't load
...and the one below it.

And install inSSIDer mentioned in the post below those two.

When you notice a lag, look at the ping times to your router. Did they go up?

Now look at the ping times to Google. Did they go up?

9 more replies
Answer Match 47.88%

Hey guys, we have a computer at work hooked up to a fairly sensitive machine [we are a lab and use this machine to test asphalts.] Latley a few in the lab have taken to using this computer despite others being available, and now it is infected and I can't seem to get it clean. Scanned with Ad Aware & Spybot, no luck getting rid of the main problem. Included is the highjack this log as well as the Panda activescan log, respectively. Any help would be much appreciated!==============Logfile of HijackThis v1.99.1Scan saved at 10:33:19 AM, on 1/31/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exeC:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exeC:\Program Files\Sophos\AutoUpdate\ALsvc.exeC:\Program Files\Sophos\Remote Management System\RouterNT.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\Sy... Read more

A:Terrible Infection, Winxp Pro Work Computer

Hello spent, and welcome to BleepingComputer. My name is Charles and I will be dealing with your log today. You're using an outdated version of Java (latest one is Java Runtime Environment (JRE) 6). Please update and remove the older versions. Do the following:Go to Start | Control Panel | Add/Remove ProgramsSearch in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )It should have this icon next to it: Select it and click Remove.Then download and install the newest version from here:Java Runtime Environment (JRE) 6Please download NoLop to your Desktop.First close any other programs you have running; this will need you to reboot.Double click NoLop.exe to run itNow click the button labelled Search and Destroy<<Your computer will now be scanned for infected files>>When scanning is finished you will be prompted to reboot only if infected, click OK.Now click the REBOOT button.A message should popup from NoLop. If not, double click the program again and it will finish. Please post the contents of C:\NoLop.log in your next reply.Note: If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered", please download mscomctl.ocx to your System32 folder then re-run the program. Please move HijackThis to a permanent folder. Anywhere is fine, other than your Desktop or a temporary folder. If it is in one of these locations, there is a risk that you may accidentally delete the backups; which ma... Read more

6 more replies
Answer Match 47.46%

I AM HAVING MAJOR PROBLEMS WITH MY LAPTOP FROM POP UPS TO UNWANTED MESSAGES. MY COMPUTER IS EXTREMELY SLOW AND I CAN BARELY USE IT WITHOUT BEING INTERUPTED BY SOME POPS (SOME INAPPROPRIATE)...IN MY EMAIL I AM GETTING ADULT MESSAGES THAT I SHOULDNT BE GETTING....mANY TIME I HAVE TO RESTART MY COMPUTER IN ORDER FOR IT TO FUNCTION CORRECTLY AND EVEN STILL IT'S EXTREMELY SLOW....PLEASE IF YOU COULD HELP ME IN ANY WAY I WOULD GREATLY APPRECIATE IT....THANKS

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:05 AM, on 3/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\InstallShield... Read more

A:Some Thing Is Terrible Wrong With My Computer....pop Ups, Unwanted Messages!!

Hello Angel Watson and welcome to Tech Support Guy.

My name is curlylad and I will be helping you to remove any infection(s) that you may have.

I have to carefully formulate any fixes before I post them so please be patient.

I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

If for any reason you do not understand an instruction or are just unsure then please do not guess , simply post back with your query and we will go through it again.

Please do not start another thread or topic, I will assist you at this thread until we solve your problems.

Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

OK, here's what I need you to do:-

STEP 1

Download Programs

Download SmitfraudFix (by S!Ri) to your Desktop.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Double-click SmitfraudFix.exe
Select option #1 - Search by typing 1 and press Enter
This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

IMPORTANT: Do NOT run any other options until you are asked to do so!

**If the tool fails to launch fr... Read more

1 more replies
Answer Match 47.04%

A couple of months ago I came into work and was told that the computer was infected. I immediately went to a computer, not linked with inftected computer and came to bleeping computer. Did everything that was suggested and all has been well, until now. Computer is sluggish and just acting strange. Anti-spyware and virus security updated daily and scanned daily. Today I received the following from my daily scan:

7/23/2010 9:59:00 AM: Quarantining All Traces: Troj/Java-H
7/23/2010 9:58:34 AM: Quarantining All Traces: Troj/JavaDl-AA
7/23/2010 9:58:34 AM: Quarantining All Traces: Mal/JavaDeSp-A
7/23/2010 9:58:19 AM: Quarantining All Traces: Mal/JavaCL-A
7/23/2010 9:58:17 AM: Quarantining All Traces: Mal/Jafuzzo-A

Windows Vista

Checked our history in the address bar and porno.org is once again back in the computer. Please help....

A:Thought the computer was free from porno.org infection (that wounds terrible)

Hello,Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/340638/infected-with-rdapmebfcom-i-think/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.Please be patient. It may take several days to get a... Read more

1 more replies
Answer Match 47.04%

Windows XP SP1
This log is for my other computer here at home, it has been running bad and now is really bad. At first I didn't think anything was wrong cause I ran
Adware
Spybot
Ihave Spyblaster
Ran a full McAfee scan I have 9.0
So I don't no what it is but the F2 thing in the log looks suspious to me and a couple of others but I didn't want to mess it up farther so I haven't touched the log, can someone help please?
Logfile of HijackThis v1.99.0
Scan saved at 6:18:25 PM, on 2/2/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ps2.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\LTMSG.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
C:\Program Files\Presorium\Frontgate MX\frntgate.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\wuauclt.exe
C:\HJT 1.99 New\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default... Read more

A:Solved: Windows XP SP1-Has anyone got time to check out my HJT Log? Computer runs terrible

14 more replies
Answer Match 46.2%

I need help! I'm at the end of the road trying to figure my computer out. I know some about computers, but not enough to figure this thing out. I run Anti-Spyware programs fairly regularly (mostly Norton and Ad-Aware, also have Avast and Malwarebytes' Anti-Malware). Lately whenever I try to boot up in Safe Mode to run these programs, I get a blue screen and I can't get anywhere. I can boot up in normal mode just fine, it is only in Safe Mode that it won't work. I've also tried to do System Restore, and each time I do it, it doesn't work. I have XP by the way.

Norton had been finding Antivirus XP 2008 on my computer and I couldn't get it removed. I started reading up on the virus one day, and I changed some of the registry values associated with it. That worked and Norton didn't find it anymore. I also found Microsoft Security Adviser and seemed to get that taken care of as well. However, I'm still having the same problems with Safe Mode. Apparently I didn't get it fully taken care of. I also have a new problem that started after I thought I fixed those things. Any time I try to open a picture file from My Documents, nothing happens. I can't even see thumbnails. My Desktop background is also weird. When I go to the Display options and look at the different choices for backgrounds, they all look weird and some don't even show up at all (just like the picture files). I don't know what is going on and all the programs I hav... Read more

A:I need help (Malware related)

First off; Hello!

Also, you have posted this in the wrong forum; I believe The Weatherman is changing that.

Anyhow; with your problem.
I suggest you download MBAM from either Download.com or find a link within one of our guides.
After that, install it, and complete the procedures the installation requires you. Afterwards, update MBAM.

After the process is complete, do a Quick Scan. Come back to us with a report of it, and let's see what we got here.

7 more replies
Answer Match 46.2%

Been having some problems recently, files moving, to other folders, then having their contents deleted and i am unable to access them because they say my "Access is denied". I am unable to go to certain anti virus software sites to download free anti spyware to scan my system including kaspersky online scanner. And installers are instantly closing when i open them, i'm pretty sure it's due to a virus, but i just want to make sure that i can't savalge it before i start reformatting it.

I use Windows xp sp 3
Acer 5920g reformatted into Windows SP

This is my HiJack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:41:27 PM, on 5/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Fil... Read more

A:Malware related?

Anyone know anything?
 

1 more replies
Answer Match 46.2%

Hi,

I've been having problems now for just over a week. I've had a number of different symptoms and I'll try and list them as best as I can. There may be other problems that I'm unaware of.

Operating System is Windows/XP. Version 5.1.2600 Service Pack 2 Build 2600
Internet Explorer Version 8
I/E Symptoms
I/E Popup window requesting mixed http and https content.

'Rogue' iexplore.exe processes using lots of CPU and memory. Causing performance problems. A constant problem.

'Rogue' iexplore processes only start up when an IE window is open.

iexplore processes killed using Task Manager, but restart after a few minutes.

I/E Popup window "Your last browsing session closed unexpectedly. Would you like to restore your last session or go to your homepage." flashes on/off the screen. Occurs frequently. No extra browser window appears.

Closing IE windows doesn't stop all active iexplore processes. There seems to be two left. But if killed they don't restart unless IE browser is running.

Other Symptoms
Two instances of Outlook express Create new message window opening, randomly. Outgoing addresses were [email protected] and [email protected]. I have never used either of these websites.

Some instances of AVG Resident Shield blocking something, but I don't have comprehensive notes.

Exploit Blackhole Exploit Kit Detection (type 1889). Message has occurred a few times. In one instance the further deta... Read more

A:I/E related malware. Maybe more.

16 more replies
Answer Match 45.78%

Hello experts and fellow Windows 8 users,

I am running the Windows 8 OS and currently having terrible mouse lag. My mouse will run fine for about 20 seconds-ish and then stall for a good 1-2 seconds. This can be incredibly annoying, especially when I am in my gaming mode (sc2 shout out). Any idea as to how to fix this? I use duel monitors and have tried reverting back to one, didn't fix anything, all drivers are up to date, and I have also searched the internet for numerous answers. None seem to work so far.

Mouse specs:
Wireless USB mouse, Logitech LAZER. I know it is for fact not the batteries as I have replaced them 2x to see if that was the case, and also, buying a new mouse did not resolve my problem.

Any and all help is appreciated and thank you good people for helping out!

PS: How common is this problem w/ w8, im hearing other people have similar problems?

More replies
Answer Match 45.78%

I went on vacation for a week, came back and my computer is running really weird, mostly when related to mIRC or any other irc based program (such as some games that I play). Over the last three days I've run all sorts of malware removers, registry boosters, anti-virus programs, and spyware removal tools looking for the problem, but yet every time I describe the problem of extreme lag and general slowness, it points to malware. I went through your steps in the stickied topic, and the Kaspersky scan came back clean. Here are the two DSS reports, any and all help would be greatly appreciated.Deckard's System Scanner v20071014.68Run by DJ Brujah on 2008-07-06 18:25:57Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --64: 2008-07-06 23:26:14 UTC - RP625 - Deckard's System Scanner Restore Point63: 2008-07-05 21:55:53 UTC - RP624 - Uniblue RegistryBooster62: 2008-07-05 21:23:40 UTC - RP623 - Software Distribution Service 3.061: 2008-07-05 21:05:33 UTC - RP622 - Software Distribution Service 3.060: 2008-07-05 18:05:58 UTC - RP621 - Today-- First Restore Point -- 1: 2008-05-08 01:05:48 UTC - RP562 - System CheckpointBacked up registry hives.Performed disk cleanup.Total Physical Memory: 511 MiB (512 MiB recommended).-- HijackThis (run as DJ Brujah.exe) ------... Read more

A:Possible Malware, General Lag (irc Related)

Welcome to the BleepingComputer Forums. Since it has been a few days, please post a new Deckard's System Scanner which includes the HijackThis log. Please see Preparation Guide for use before posting about your potential Malware problem. Thank you for your patience.If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

5 more replies
Answer Match 45.78%

I'm playing a game and all of a sudden my computer shuts down. This is happening if I try to play any game now. I updated my drivers and it still hasn't done anything. I doubt it's my video card because my computer has run my games fine for months. Also my computer is freezing and crashing at an alarming rate. Event viewer gives me the following message

The npkcrypt service failed to start due to the following error:
The system cannot find the path specified.

Also when I go to the "hidden devices" section of device manager I see a yellow exclamation mark next to the name npkcrypt. When I click on it I get:
This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Now I've posted this in the Windows XP section of the forum and someone replied saying that it has something to do with malware and I should post it here. I've scanned my computer using norton antivirus and no viruses popped up! So what could the problem be?

A:Apparantly this is related to malware?

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Answer Match 45.78%

I cleaned up some malware on this laptop and it looked like I got it all. However, I noticed an issue when trying to install AVG that it said a program was already installing. Troubleshooting revealed between 1-3 msiexec.exe files running. They seem to be legit (located in System32). I can kill them but they re-spawn. I did manage to get them all killed but upon reboot they were back. I should mention that when it respawns it seems to create a process called ISBEW64.exe which points to Windows\Temp folder. I tried deleting everything in there but it just rewrites this exe to a new folder in Windows\temp. I have ran several scans inc. malwarebytes, combofix (sorry, read the instructions after I ran this), Kaspersky. Also some rootkit detectors but at this point nothing is finding anything.
 
Thank you
 
As requested here is DDS.txt
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.55.2
Run by Steve at 17:34:44 on 2014-05-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6092.3968 [GMT -7:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atie... Read more

A:msiexec related malware

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/535235 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

2 more replies
Answer Match 45.78%

I only notice two real problems so far, one is that google searches sometimes take me to abcjump sites instead, and the other is that the file "msxhuwohfn.dll" comes up as infected but when it is removed, every application comes up with the error "cannot find file msxhuwohfn.dll" multiple times.

Here's the DDS log. Thanks to anyone for the reply and help.

DDS (Ver_09-03-16.01) - NTFSx86
Run by Poon at 12:41:25.73 on 2009-03-26
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.188 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
AV: McAfee VirusScan *On-access scanning disabled* (Updated)
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall Plus *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
svchost.exe
C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32&#... Read more

A:Abcjump and related Malware

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_Sca... Read more

2 more replies
Answer Match 45.78%

Hello All
 
Due to various nasty behaviours, my collegue recommended that I run combofix.  Here is the log.  I hope you guys can help me.
 
***********************************************************************
 
ComboFix 14-08-31.01 - Magus38 02/09/2014   7:56.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.2.1033.18.8183.6497 [GMT -4:00]
Running from: c:\users\Magus38\Downloads\ComboFix.exe
AV: Webroot SecureAnywhere *Disabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
SP: Webroot SecureAnywhere *Disabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\25deed88028dae45c6a776c9a9c4df58_c
c:\programdata\MyNetDashboard.ico
c:\programdata\WDInternetSecurityAndParentalControl.ico
c:\users\Magus38\AppData\Local\assembly\tmp
c:\users\Magus38\AppData\Local\Coupon Server
c:\users\Magus38\AppData\Local\Coupon Server\repair_data.json
c:\users\Magus38\AppData\Roaming\.#
c:\users\Magus38\AppData\Roaming\ACD Systems\ACDSee\ImageDB.ddf
c:\users\Magus38\g2mdlhlpx.exe
c:\users\Magus38\ResourceReader.dll
c:\windows\system\ComHookMonitor.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))... Read more

A:Various Malware Related Behaviours

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Log... Read more

2 more replies
Answer Match 45.78%

I have the exe containing the trojan in my NOD32 quarantine. I think it might be useful if examined inside a sandbox. Please let me know if uploading it would help.Also, gmer didn't find anything, but I'm not sure it ran correctly either. Attached is a picture of the error it displayed before i ran it.Thank you.________DDS (Ver_10-03-17.01) - NTFSX64 Run by Will at 17:20:13.90 on Mon 06/28/2010Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4095.2936 [GMT -7:00]============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\servicing\TrustedInstaller.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\WUDFHost.exeC:\Windows\system32\WUDFHost.exeC:\Windows\system32\WUDFHost.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:&#... Read more

A:svchost related malware

Hi chalkart,Welcome to Bleeping Computer!My name is mpascal, and I will be helping you fix your problem.Before we begin, I would like to make a few things clear so that we can fix your problem as efficiently as possible:Be sure to follow all my instructions carefully! If there is anything you don't understand, don't hesitate to ask.Please do not do anything or perform other steps unless I have asked you to do so.Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.Don't attach any logs unless asked. Posting them in the forums will make them easier to analyze.If you are unsure of how to reply, or need help with anything regarding the website, please look here.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessa... Read more

2 more replies
Answer Match 45.78%

Hi.

For the last week or so now, I've been facing various problems due to Malware, alot of which I seem to have cleared up, but some of these problems still persist and my anti-virus programs are no longer picking anything up.

I'm using Windows XP Pro SP2.
Remaining problems include:
- Inability to access certain programs; Such as Spybot Search/Destroy, Sygate personal firewall. They install fine, but will not run on activation. I have tried renaming .exe applications, but to no avail.

- The active window randomly loses focus

- Audio clips and advertisments randomly appear, along with an additional "phantom" iexplore.exe process in the task manager; ending this process cuts present audio stream, but reappears randomly and has no physical window.

Previously, SuperAntiSpyware and Malwarebyte's Anti-Malware were not running, but I found a program that allowed SAS to break through was stopping it, and that in turn allowed MBAM to function. They found a large quantity of malware between them (Including the fake AntiMalware pop-ups) which I was able to remove, but the aforementioned problems still persist with no further threats detected.

I have attempted System Restore, which wouldn't create any changes from the few restore points I had, asking me to restart and try again (also didn't work).

----------------------
HiJackThis! Log:
----------------------
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 19:18:41, on 22/12/2009... Read more

A:Various problems (Malware related?)

-Bump-. Sorry.
 

2 more replies
Answer Match 44.94%

Hi!Not sure where to post this problem since identifying its cause should be a part of the solution I?m looking for. Long story short, something on my computer is keeping CPU usage at over 50% with 40+ processes going on at all times. Here?s the long story BTW:http://www.malwareremoval.com/forum/viewto...cc31d794b9bf9a3As you can see, malware is probably not to blame. Could it be related to graphics card drivers or mother board BIOS version? Or something else? Any help will be appreciated!My specs:OS: Windows XP Home SP3CPU: Athlon 64 3200+ (winchester)Motherboard: Gigabyte nForce 3 Ultra (K8NSNXP-939), BIOS version F6Graphics card: Asus AH4650 (AGP), driver version 9.6Memory: 2*1 GB of DDR400 (PC3200)Hard drive: 160 GB (105 GB free)

A:CPU usage problem, non-malware related

do you have alot of programs in your processes? get rid of some programs you dont need and it might lower the CPU usage?

Joe.

38 more replies
Answer Match 44.94%

hi, i'm on a dell running windows xp. i got a virus last night. i've fixed some things with hijackthis already and gotten rid of the fake program "internet security 2010" by running malwarebytes' anti-malware.but! there's still this zahuzewi.dll thing that shows up in my hijackthis scan. there was also something called kkalf.exe that i deleted, and now upon starting my computer it says "error loading zahuzewi.dll. the specified module could not be found." other symptoms include:- my desktop background being switched to a green color, but when i shut down my background returns briefly.- when I search google sometimes, i get this:'302 MovedThe document has moved here.'with "here" linking to this site, which i haven't clicked just to be safe though it looks normal: hxxp://www.google.de/search?q=yahoo+mail&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a&cr=countryUShere's my dds.txt log:QUOTEDDS (Ver_09-12-01.01) - NTFSx86 Run by Liat at 15:25:25.93 on Sun 02/14/2010Internet Explorer: 6.0.2900.5512Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.101 [GMT -8:00]AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exesvc... Read more

A:zahuzewi.dll malware...vundo related?

Hello,My name is Syler and I will be helping you to solve your Malware issues. If you have since resolved your issues I would appreciate if youwould let me no so I can close this topic, if you still need help please let me no what issues you are still having, in your next reply.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up.Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)Please download GMER from one of the following locations, and save it to your desktop:Main MirrorThis version will download a randomly named file (Recommended)Zip MirrorThis version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs, as this process may crash your computer.Temporarily disable any real-time active protection so your security program drivers will not conflict with gmer's driver.Double click on Gmer to run it.Allow the gmer.sys driver to load if asked.You may see a rootkit warning window, If you do, click No.Untick the following boxes on the right side of the Gmer sc... Read more

13 more replies
Answer Match 44.94%

Hello everybody, and welcome to my first post! I've been unable to figure out what's going on, so I figured I'd turn here. I've used the advice as a lurker at bleepingcomputer.com many many times, so I figured this would be a good place to turn. I'm assuming that this is spyware/virus related, since it seems to be displaying a lot of the signs (slow computer, random restarting, programs that are obvious malware, etc).

On to the story. I'm working on a friend's computer. Apparantely, for the last 6-9 months she's been having an issue with it randomly shutting down, but it doesn't bother her much and she just works around it. She wanted to install Microsoft Office 2007, but whenever we tried the installation would just hang at 0%. I tried the discs on another computer, and I know that they work, so I assumed it was something on her computer. Upon looking closely, I noticed a program called "MalwareRemovalBot", so I assumed that she has spyware.

I installed Malwarebyte's AntiMalware, and did a scan, removing some 200-odd pieces of spyware, including the MalwareRemovalBot. However, the random restart problem has persisted. If I just leave the computer alone, it will stay on without any problems. I can run programs and it may or may not restart. Sometimes I've been able to do a full virus/spyware scan, and other times it restarts while I'm opening up the programs.

The restarts are not resulting in Blue Screens, and I have turned off Window's "Automatic Restar... Read more

A:Random shutdown, probably malware related

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructio... Read more

2 more replies
Answer Match 44.94%

G'day
Running Windows Vista on Sony Viao - Graphics card NVIDIA GeForce 8400M GT,
Norton Antivirus 2010 and Webroot Spysweeper on system.

Started seeing funny things - not sure if all are related...

DISPLAY PROBLEM
2 days ago, Text / Icon sizes became big - screen resolution went down.
Device manager - Display adaptor had Yellow exclamation mark on NVIDIA display card
Since then get Blue Screen - with memory dump - says Error in Rundll32.exe in module nvapi.dll

On system restart - get various colour bands on screen and funny text blinking.. at startup

After start up - get wavy blue and yellow lines all around screen - as if display does not refresh

Since then, can't get display to work properly - occasionally - works fine after shutdown and start up but above problems return after a few minutes

NETWORK ADAPTOR
Also noticed about 15 to 20 network adaptors in Device Manager
6to4
ISATAP
WAN Miniport etc

These network adaptors were not there 2 weeks ago.

ANTIVIRUS/FIREWALL/DEFENDER
Norton AV stopped working on Administrator login - worked on one of the user account login. Since then managed to get it to work on Admin login - Full scan revealed nothing

Unable to turn on Windows Firewall or defender in SAFE mode. (Red shield warning icon displayed next to clock)
THINGS THAT I HAVE TRIED
Norton AV - scan - no issues found

Webroot Spysweeper - scan - no issues found

Checked with Hijackthis - could not recognise...
O10: Unknown file in Winsock LSP C:\windows\... Read more

More replies
Answer Match 44.94%

I'm running XP Pro Service Pack 3 on a Pentium 4 3.00 GHz with 3GB RAM. NVidia GeForce 7800 GS graphics card. ZoneAlarm Pro firewall up and running. BitDefender 2010 Antivirus installed, but conflicts with ZoneAlarm necessitate that I run it on demand, not real-time. Started getting random system hangs (requiring hard reboots) 8-9 days ago, usually with a few windows open. Happens with Firefox or IE8. Nothing suspicious in Task Manager. I thought it might be related to a recent run of the Registry cleanup tool in CrapCleaner, so I did a System Restore to a date 2-3 weeks prior (none of the intervening points worked). No help.I'd OK'd an Adobe Flash update, too, before the troubles. When it came up again, after the System Restore, I declined it.Several runs with BitDefender 2010 antivirus, Spybot Search & Destroy, and a-squared free (both before and after the System Restore) turned up nothing. A few times, I came back to check on their progress to find another system hang.Then I ran through all the suggestions in jgweed's "Slow Computer" post. A-squared free, running in Safe Mode, found backdoor Sinowal and Trojan Mebroot and cleaned them both. Multiple runs of the above security programs since then, in both Safe and normal modes, have turned up nothing. I've done an online scan or two with Trend Micro--nothing there.The PC innards are clean. Power supply was replaced in early January '10. All Windows Updates (except today&... Read more

A:Hanging XP; Unsure whether malware related

While I waited on a response to my question over on "Am I Infected..," I thought I'd run through the scans needed for this area. Everything's taking longer to do now, since the system (Pentium 4 3GHz running XP Pro SP3) hangs after being up anywhere from 5-30minutes. But Gmer's taking the cake.The first time I ran it, it took off very quickly. I left for awhile and returned to find a system crash, with a message from Microsoft and/or Iomega telling me that the crash involved memory pool corruption and that the IOMDISK.SYS device driver was loaded in memory at the time of the crash. It requested that I install the latest driver version (there was an executable in the package for this) and then to enable driver verifier on the IOMDISK.SYS driver, which I did.The next couple of tries with Gmer ended fairly quickly in system hangs, with much disk churning going on in the background, at first (of course, dead silence as the system ground to a halt).I finally got it to run reliably by disconnecting my network (cable modem) cable. Don't know if that's significant.Anyway, it ran at light speed for a couple of hours, then slowed a bit as I went to bed last night. This morning, coming up on 12 hours later, it's chugging through the \$NtServicePackUninstall$ files at a clip of about 1 per second.Is this normal behavior? Can I terminate the scan at this point and just save what it's already done, or should I wait it out? I fea... Read more

9 more replies
Answer Match 44.94%

Hi, this is actually a problem on my dad's computer. As of recently, we have not been able to get onto the internet in any way, though all connections have remained the same (I'm using my own computer right now). Instead of making the screechy noises while its connecting, it sounds like a regular phone call with the ringing tone. We took the computer in to Geek Squad and they at first told us that it was a malware problem and that someone has been trying to remotely connect to the internet by using our computer. After a while they changed their story to it being a hard drive problem and wanted to install a new one, but my dad didn't want to since with the amount of money they were charging, he could buy a new computer, so now the computer is back here with us. The anti-adware programs that we are using have not been updated since around March, and I don't think my dad used them much anyway, but he did use the norton anti-virus(that too was last updated in March). Using the Geek Squad detection software which is obviously more updated than anything else on the computer, it shows that we have:

cws_tiny0
psguard\winhound fake alert
spysheriff fake alert

The cws thing I was not able to remove with the CWShredder and the other two I wasn't able to find without the location names.

Another weird thing is that we now had an AOL Dialer which neither my mom nor my dad remembers downloading. Every time someone went on the computer, a pop-up would ask if we want to conn... Read more

A:Connection problems related to malware?

Hi kimbatheknome

Sorry for the delay in getting to you, the forum has been really busy lately and all our helpers are volunteers. If you still need help then please follow these instructions and I'll be glad to assist you. If your dad's computer is still having problems connecting then you will need to download these programs from another PC and transfer them over on CD, USB Key or other media

Download Deckard's System Scanner to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, 2 text files will open - main.txt and extra.txt
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt back in this thread (do not attach it).
Please attach extra.txt to your post.


To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box: C:\Deckard\System Scanner\extra.txt

Click Upload.

What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also ... Read more

1 more replies
Answer Match 44.94%

I keep getting a BSOD and computer will restart by itself.
I don't know if this is the cause of hardware problems or malware. 
Will post whatever logs that are needed.

A:Can't tell if Malware or hardware related issues?

Hello and welcome to Bleeping Computer.Please run the following:Please download the appropriate version of Farbar Recovery Scan Tool (FRST.exe) from here:http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ (for 32bit systems)http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ (for 64bit systems)save it to your desktop.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

12 more replies
Answer Match 44.94%

Hello. I have a Gateway M275 TabletPC running Windows XP Tablet PC Edition 2005
- Using a school computer
- Intel Pentium M processor 1.50GHz
504MB of RAM

I was on the net & I think I had a virus install when I extracted a .rar file (which I deleted).

Here ares my problems:
1. My task manager is disabled, or grayed out, and I can't access it.
2. (this part was copied from another poster, as I'm having the same issues) Every two minutes I get a security bubble alert in the taskbar that looks like a Microsoft update alert or warning (yellow triangle with an exclamation mark inside) saying I have spyware, or someone is trying to connect to me. Its has 3-4 different bubble messages. Also, every 10 minutes I get a "Windows Security Center Warning" pop-up saying I have malware and to click here to remove it. Both of the mentioned pop-ups direct me to a page trying to sell me Spy Away and Perfect Cleaner.
3. My desktop picture has been changed to one that has spyware warnings which are also linked to Spy Away and Perfect Cleaner.
4. The desktop icons flash for about a second every two minutes or so
5. New folders in my 'Program Files' folder keep reappearing: stc, seekmo,180search assistant, zango, sysmnt, 180solutions, and 180searchassistant. Within those folders are the following files:
sac.exe
saap.exe
sais.exe
Ssmgr.exe
zango.exe
180sa.exe
sau.exe
seekmohook.dll
csv5p070.exe

I try to delete them but they keep coming back.

6. Also, I have s... Read more

A:Malware problem, maybe Zango related - please help

bump

Just an update. I've downloaded SDFix and rebooted, but I cannot login in in Safe Mode.

This may have something to do with this being a school laptop, as I am not the owner yet - but will be upon graduation.
 

1 more replies
Answer Match 44.94%

The first problem I noticed with my PC is that it was all of a sudden freezing for no apparent reason and not when I was doing anything specific. Happens during games, youtube videos, or just when I am surfing the net. When it freezes like this I can sometimes CTRL-ALT-DEL and get the task manager window to pop up however the mouse then freezes, leaving me without any other option other then to hit the power button to restart. Sometimes I will hear a long beep coming from the mother board right before I hit the button to restart. This happens every few times.

Not long after the freezing issue I noticed that I started getting this weird popup as soon as I got to desktop saying "Either there is no default mail client or the current mail client cannot fullfill the messaging request. Please run Microsoft Outlook and set it as the default mail client." I have never used Outlook to send a message so have no idea where this is coming from but have since stopped it.

My windows live messenger has stopped working and I am getting an error message stating that the image icon is bad and to check it against my installation disk. Sorry didn't take note of exactly what it says but something very similar to that.

I have gotten a black screen with this error about three times in the last two days "81k/154 Hz Frequency is out of Range" This seems to go away if i restart the pc.

If I try running either Combat Arms or Rappelz, the game will run for a brief period of ... Read more

A:PC Problems; I assume malware related

you are being helped at PCpitstop so this is closed
 

1 more replies
Answer Match 44.94%

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 02
Ran by Test1 (administrator) on RENZO-PC on 12-02-2015 17:48:00
Running from C:\Users\Test1\Downloads
Loaded Profiles: Test1 (Available profiles: Test1 & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hewlett-Packard Company) C:\Progr... Read more

A:Many entries that are malware related in Autoruns log

To the helper going to clean me: i realize you will be doing this during your free time, and i'd sincerely like to thank you in advance. I am looking forward to working out the steps with you! Please take your time. I will wait patiently! =)

32 more replies
Answer Match 44.94%

hi, after corresponding for help on safer networking, i was told the problems im experiencing are deeper than malware related, so i hope this is the right catagory;

microsoft programs open, two seconds later error message appears saying that it has stopped working and then the program closes; this happens with saved files and new documents; the same also with internet explorer.
occasional freezing of whole pc; only solution is to turn off at wall. occasional blue screen appears with white text and then shuts down with no warning. white text as follows; a problem has been detected and windows has been shtu down to prevent damage. if this is the first time you have seen this error screen then restart your PC. if this screen appears again, run a system diagnostic utility run a memory check and check for faulty or mismatched memory. try changing video adapter.disable or remove any newly installed hardware or software; collecting data for crash dump, beggining dump of physical memory. contact your system administrator or technical support group for further assistance.

problems generally occur most often after shut down, not hibernate. certainly only the blue screen pops up after almost every shut down.

was advised to update current software, so have done so, have also Downloaded ATF (Atribune Temp File) Cleaner© by Atribune and run an Kaspersky Online Scanner.

uninstalled avg, as it was causing considerable problems with both programs, and deleted C:\Users\username\AppData\Lo... Read more

More replies
Answer Match 44.94%

Hello,I'm attempting to clean a system for a friend who has been infected with a virus which produces 3 system tray icons, randomly popping up alerts of infection on the machine and directing the user to a site to download Malware Crush.I've tried multiple variations of fixes, including automated and manual removal instructions to no avail.In all cases, these fixes did not seem to relate to whatever infection this machine has.wupeng.exe 'MalwareCrush' 'Malware Crush' and e404.dll are all not detected in the suggested places. I've done a system search and registry search for related entries, but nothing.Thank you for your time.-----------------------------------------------------------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:46:13 PM, on 2/27/2008Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\igfxtray.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC: ... Read more

A:Malware Crush Related Infection

Please download SDFix Save it to the DesktopRight-click SDFix.zip, and select: Extract all?Follow the promptsDouble click SDFix.exe In the prompt that appears, select: InstallThe program is normally installed in: C:\SDFix~~~~Start the computer in Safe Mode:When the machine starts, tap the F8 key before Windows appears You are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the arrow keys.Press Enter to boot into Safe Mode. ~~~~Now, go to C:\SDFix, and double click RunThis.batType Y to begin the cleanup process.The process removes any trojans or Registry Entries found, and then prompts you to press any key to Reboot. Press any key to restart the PC. When the PC restarts the SDFix will run again and complete the removal process It then displays FinishedPress any key to end the script and load the Desktop icons.Once the Desktop icons load, the SDFix report opens on screen and also saves itself in the SDFix folder as Report.txt.~~~~Next, download Malwarebytes' Anti-Malware (MBAM)Save the program to the Desktop Close all Windows, including this one. (Print the instructions first)On the Desktop, double-click mbam-setup.exe to install the program, and follow the promptsIf an update is found, MBAM will download and install the latest. Click OKAt the main program windowMake sure the following is checked: Perform Quick Scan Click: Scan When the scan completes, a message box appears as shown in the image below:
Click OKAt the m... Read more

3 more replies
Answer Match 44.94%

Turned on my computer today to find it infected with something. Would appreciate any help someone could give me.

1. Background doesn't load, it is solid white.
2. Cannot access the Task Manager, claims that it is infected and cannot launch.
3. System restore encounters the same problem.
4. Small red circle with a white X icon in the task bar. Seems to be where the random message that appear from time to time originate. Cannot access this program in any way.
5. DCOM Server Process Launcher error forced my computer to restart after a 1 minute timer.
Here is the HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:40 AM, on 1/25/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience... Read more

A:Unknown Problem - Likely Malware related HJT Log

Also, noticing that whatever has infected the computer is redirecting me from certain websites.
 

2 more replies
Answer Match 44.94%

It started with winspyware2007 popups and adware popups. Sometimes now I can't get into IE6 (endless hourglass). Installed Firefox last night and all was well for awhile, then
got IE6 popups (hadn't opened IE), then finally winspyware and other ad popups in Firefox so I know FF is fully infected. FF when I can get into it is much slower now with frequent window open delays. Have had to crash on occasion, sometimes won't open at all.
I keep running Norton AV, AVG, SpySweeper, Vundofix. Nothing seems to work for more than a few hours.
I am attaching a hijack this log. I am in safe mode with WinXP and IE6.
Anything else you can do would be much appreciated. I am a past monetary contributor.
Thank you. Frank

Logfile of HijackThis v1.99.1
Scan saved at 12:36, on 2007-08-30
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.worldnet.att.net
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD3... Read more

A:Multiple Malware Related Problems

Please be sure to note I am in Safe Mode. Normal mode is very slow/unreliable.
 

3 more replies
Answer Match 44.94%

Hi...I hope someone can resolve this one for me: My pc was infected with Conficker in late Jan/ early Feb. I system recovered, disinfected, and scanned with malwarebytes, AVG, Superantispyware, as well as Mcafee til everything came up clean. All I had connected was the router, cable modem, and Dell 720 printer or Brother MFC420CN--I'd alternate. Before the virus was discovered, both printers began printing blank pages, when they were working fine before.

The pc is a dinosaur--a Compaq Presario and it's running on Windows XP SP3. It is connected to my cable modem and router. My daughter's laptop, a Dell Inspiron 1200, also running WinXP SP3, was also infected, disinfected, and scanned til everything read ok.

Early last month, some of the same symptoms crept back--my security programs couldn't be opened/disappeared; ie was gone, etc...i was unable to start in safe mode and shortly after Windows couldn't be read/found at all. When first trying to start in safe mode, hal.dll couldn't be found...then more files...then finally nothing.

Disinfected...Ran all the malware removal tools again; applied all patches; etc...til scans came up clean.

Decided to reinstall printer...updated drivers...same problem...printer "printed" blank pages. Ink is ok; settings ok... That was 2 days ago.

Today my desktop icons are a lot larger and my system is running sooo slowly! I tried starting in Safe mode, but was unable to: hal.dll couldn't be found. I am able to s... Read more

A:Is this virus/malware related??? What's up with my system??

Hello sharoncrunch,

We need something to work with here. Please follow the instructions in our sticky topic New Instructions - Read This Before Posting for Malware Removal Help and post the requested logs in your next reply.

14 more replies
Answer Match 44.94%

Hi...I hope someone can help me with this one: My pc was infected with Conficker in late Jan/ early Feb. I system recovered, disinfected, and scanned with malwarebytes, AVG, Superantispyware, as well as Mcafee til everything came up clean. All I had connected was the router, cable modem, and Dell 720 printer or Brother MFC420CN--I'd alternate. Before the virus was discovered, both printers began printing blank pages, when they were working fine before.

The pc is a dinosaur--a Compaq Presario and it's running on Windows XP SP3. It is connected to my cable modem and router. My daughter's laptop, a Dell Inspiron 1200, also running WinXP SP3, was also infected, disinfected, and scanned til everything read ok. The pc's browser was ie; my browser of choice is now chrome or Opera. The laptop now browses with Firefox.

Early last month, some of the same symptoms crept back--my security programs couldn't be opened/disappeared; ie was gone, etc...i was unable to start in safe mode and shortly after Windows couldn't be read/found at all. When first trying to start in safe mode, hal.dll couldn't be found...then more files couldn't be found...then finally nothing.

Disinfected...Ran all the malware removal tools again; applied all patches; etc...til scans came up clean.

Decided to reinstall printer...updated drivers...same problem...printer "printed" blank pages. Ink is ok; settings ok... That was 2 days ago.

Today my desktop icons are a lot... Read more

A:WHAT IS UP WITH MY SYSTEM?? IS IT VIRUS/MALWARE RELATED???

I am sorry that your computer is bewitched !!
Do you know how to open the cover of your computer ??
I am suggesting that ;
1. You unplug the computer power from the back .
2. Open the case to expose the main board and the battery.
3.Be carefull and press the little tab on the battery and let it pop-up enough so it doesn't touch the socket .
4.Clean the battery with alcohol and a cotton cloth .
5.Put battery back in the computer BUT dont touch the battery with your fingers,our fingers always have some oil
on them.
Plug the computer back in the wall and turn on.
Press F1 or delete and boot into BIOS.
check that your hard drives are correct and your boot sequence is right and press F10 to save.

Many people get a virous in their BIOS and don'tever know it.
Good Luck

2 more replies
Answer Match 44.94%

The only obvious symptom was that the security settings in IE were modified in a way that prevented downloading most things. JRT and ADWCleaner found little. MBAM and MBAR found a few things and removed/quarantined them but it's clear by HJT & Farbar scans that remnants remain. Removing things with HJT does nothing, they're still there on subsequent scans. MSE found and removed a bunch of stuff starting 4 days ago and ending yesterday after I ran the above - Trojan:Win32/Qadars.A, Exploit:HTML/Pangimop.V, Behaviour:Win32/Crowti.A, Behaviour:Win32/Crowti.C, Behaviour:Win32/Vawtrak.A, Backdoor:Win32/Vawtrak.F, Trojan:Win32/Powessere.A, PWS:Win32/Zbot.gen!AP, Ransom:Win32/Crowti.A, Trojan:Win32/Qadars and Trojan:Win32/Ropest.G. Running MSE now reveals nothing, neither does aswmbr. Win7 Sp1 needs to be installed along with a newer version of Reader and probably a couple of other things I haven't noticed but I figure taking care of this is the first priority. I would appreciate any help. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014Ran by hesperia (administrator) on HESPERIA-PC on 10-09-2014 17:35:03Running from C:\Users\hesperia\DownloadsPlatform: Microsoft Windows 7 Home Premium  (X86) OS Language: English (United States)Internet Explorer Version 9Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/&#... Read more

A:Unknown malware related to viruses (?)

Hello  tantryl and to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.
 
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.
Before we move on, please read the following points carefully.
 
Please complete all steps in the specified order.
Even if tools don't find malware, I want you to post the logfiles anyway.
Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
Don't install or uninstall software during the cleanup unless you are told to do so.
If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
Please reply to this thread. Do not start a new topic
As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
 
Please open as administrator  the computer. How is open as administrator  the computer?
Disable your AntiVirus and AntiSpyware applications, as they will  interfere with... Read more

12 more replies
Answer Match 44.94%

The intense public interest surrounding Usama bin Laden is the perfect vehicle for Internet scams and malware, the FBI warned Tuesday, issuing an official warning to ?exercise? caution online.

One common piece of malware spreading rapidly on the Internet purports to show photos or videos of bin Laden?s killing. Clicking on these links can wreak havoc on some users? machines, the agency warned.

?This malicious software or 'malware' can embed itself in computers and spread to users? contact lists, thereby infecting the systems of associates, friends, and family members,? the FBI said in a statement. ?These viruses are often programmed to steal your personally identifiable information.?

Read more: http://www.foxnews.com/scitech/2011/05/04/beware-bin-laden-spam-malware-fbi-warns/#ixzz1LSVnb3tb
In other words watch what you click.

A:Beware of Malware Related to UBL's Death

That virus is going viral on Facebook

8 more replies
Answer Match 44.94%

I just can't figgure this one out.
Recently, svchost has been taking up 100 % of the CPU usage. It doesn't always happen, but when it does, its annoying because I my computer gets slow and hot. I don't think its a virus, because in the task manager, its listed as a system process and its in the system32 folder. I have also done online scans. I have also run sfc /scannow. It only seems to happenn when I open Internet Explorer. Any suggestions?

A:svchost 100% CPU usage, not malware related

Possible Automaitc Update problem...has it only started happening since a recent update?

Or have you installed any new software/plug ins/codecs?

5 more replies
Answer Match 44.94%

I'm using Windows Vista Home Premium - Service Pack 2So this is what happened - I turned my laptop on (Asus M51VSeries), logged in and then left it running for a couple of hours. I suspect during this time a Windows Update may have occurred which may be causing my problems. When I came back to the laptop, I noticed that the nice Vista Aero effect had disappeared and was replaced with the basic Vista theme. I restarted my computer and it was still displaying the Vista basic theme and also an error message appeared:Title: MMLoadDrv: MMLoadDrv.exe - Entry Point Not FoundContents: The procedure entry point OsThunkD3dContextDestroyAll could not be located in the dynamic library d3d8thk.dll.I then attempted to open Mozilla Firefox 3.5.3, which crashed immediately after opening. I tried this a few times which produced the same results. I was able to open up Firefox in it's safe mode though. I then decided to do a system restore as there was next to no information about my problem that I could find. The system restore was to a few minutes after I first switched my laptop on that day (15/09/2009 ) with the note 'Install - Windows Update' next to it. I completed the system restore, and found that the error message still displayed, the basic theme was still there, but I could go on Firefox without it's safe mode.I have run a full Malwarebytes' Anti-Malware scan and it found nothing.So basically I want to know how to remove the error message (which appears every time I re-boot the laptop... Read more

A:Errors occuring, none are malware related...

bump

Still having problems

17 more replies
Answer Match 44.94%

Hi, I have a seemingly nasty piece of malware on my laptop, which I got on the 26 Aug. It would be great if anyone could help guide me through removing it; I am a technical person but I am aware that tools such as RootRepeal and ComboFix are beyond my knowledge! It looks like this is similar to the issues in the post entitled http://www.bleepingcomputer.com/forums/t/248694/search-sites-hijacked-in-firefox/.Thanks for your help in advance!ChrisLaptop Configuration---------------------------------------Pentium 4 2.2 GHz 1Gb RAMWindows XP SP2 with full updatesNorton AV installed at time of infection; now have McAfee as Norton had expired at start of AugInternet Explorer 6 is my main browserThe malware was installed when I clicked on a dodgy link, which took me to a blank webpage. Thereafter the symptoms below started.Symptoms--------------Iexplore.exe starts in the background (not visible to user) when I first login and attempts to go to various sitesIf I query Google, then click on the URL of a result, I instead go through to some arbitrary sitesMcAfee failed to download its updates properly, even though it was trying, and so kept reporting that virus definitions were out of dateI was unable to start many executable, including AV programs and malware scannersOccasionally another iexplore.exe process spawns itself (not visible to user, but can see it in Task Mgr) while I am doing other thingsSteps so far-------------------Installed SysInternals Process ExplorerDisabled something... Read more

A:cannot remove malware related to uacinit.dll

Here is a subsequent MBAM log, showing that problems still remain:
Malwarebytes' Anti-Malware 1.40
Database version: 2741
Windows 5.1.2600 Service Pack 2

05/09/2009 14:30:04
malwarebytes_05092009.txt

Scan type: Full Scan (C:\|)
Objects scanned: 209595
Time elapsed: 1 hour(s), 17 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
\\?\globalroot\systemroot\system32\UACmsgpcpasga.dll (Rootkit.TDSS) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Malware.Trace) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
\\?\globalroot\systemroot\system32\UACmsgpcpasga.dll (Rootkit.TDSS) -> No action taken.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> No action taken.

3 more replies
Answer Match 44.52%

Hi. Thanks in advance for any help you can give.I have run Malwarebytes, but this finds nothing.This is a Dell Inspiron 1501, now with 1.5Gb memory, low I know but it is particularly slow to load and respond.Certain IE links sometimes do not work. Hijackthis changes don't seem to sticK and it reports it cannot write to the hosts file.I have attached a log from GMER.

A:Performance possibly related to rootkit/malware

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

3 more replies
Answer Match 44.52%

UPDATE: I just downloaded pandasoftware that you recommend and installed it, then restarted comp - now whenever I try to start my comp it auto shuts down!!! I can boot in safe mode however...5pm is last night I tried to download a game and spy sheriff (a program disguising itself as anti-virus software that keeps re-installig itself + other crap no mater how many times you remove it) was downloaded, as well as a crap load of other malware, onto my comp. I have run spybot and it says it has removed everything sometimes but then other times after restart items like ?FastClick? and ?AvenueA? keep appearing as needed to be removed! When running Ad-aware and doing a full system scan no matter how many times I run it I get this Windows vulnerability thing ?.?Name: Windows? ? ?Type: RegData? ? ?Category: Vulnerability? ? ?Object: HKEY_LOCAL_MACHINE:software\microsoft\windows nt\currentversion\winlogon?Shell? (explorer.exe, c:\windows\system32\xyqwi.exe)? I dunno if I should go to c:\windows\system32\xyqwi.exe and try to delete xyqwi.exe? Any1 know what this is? I also get ?to help protect your computer, windows has closed this program ? Name: Windows Explorer,? every once in a while.I have removed spy sheriff but my comp still has major problems and is running super slow!Have also done cleanmgr and run TrendMicro housecall scan- which failed to remove an infection it said. Housecall scan said one infection had to... Read more

A:Spy Sherif And Related Unremovable Malware/problems!

? Re-name HijackThis.exe to doggy.exe by doing the following:- Navigate to C:\Documents and Settings\Christine\Desktop\hijackthis\HijackThis.exe- Right-click onto HijackThis.exe and select "Rename"- Type doggy.exe and hit Enter.? Now, double-click onto doggy.exe (which is still hijackthis) and post back with the new HijackThis log.

28 more replies
Answer Match 44.52%

I (not an expert by any means) am helping my mother repair her computer and at the end of my knowlege, and was thus hoping to enlist the help of a kind soul from this forum before we just give up and reformat.

In general, the problems are related to unpredictable performance, such as unexpected freezes and shutdowns, occasionally getting stuck on "working" cursor after clicking on start menu or taskbar, freezing on blank screen when loggin off/shutting down, restarting after loading system files for safe mode (before Windows loads), getting stuck on a black sleep mode-like screen when opening lid of idling computer (sleep mode is supposed to be off), and others I'm sure I'm forgetting.

More specifically:
-Webroot scans in normal mode freeze the computer after a few minutes 100% of the time, often resulting in a physical memory dump
-Webroot scans in safe mode complete but show no results
-Upon attempting to uninstall a specific program (I can't remember for sure, but I think it was an iwin games program), the uninstaller started deleting random files unrelated to the program itself (causing Photoshop, webcam software, printer software, and others to not function properly), until I noticed and stopped the uninstall. Curiously the original program disappeared from the programs list at some point afterwards, but not immediately
-Several programs in the programs list get uninstall errors (possibly due to the missing files from the above). These include Trend ... Read more

A:Multiple issues, possibly malware related

Hello and welcome to Tech Support Forum.

My name is km2357 and I will be helping you to remove any infection(s) that you may have.

I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.

Please do not start another thread or topic, I will assist you at this thread until we solve your problems.

Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.

Sorry for the delay in replying, the forum is very busy. If you still need help, please do the following:


Step # 1 Download and run DDS

Download DDS and save it to your desktop from here or here or here
Disable any script blocker, and then double click dds.scr to run the tool.When done, DDS will open two (2) logs: DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.


Step # 2: Download and Run Gmer

Please download gmer.zip from Gmer and save it to your desktop.

***Please close any open programs ***

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOTKIT" entries unless advised by a trained Security Analyst

If possible rootkit activity is found... Read more

3 more replies
Answer Match 44.52%

Hi.
I've been having some problems with my internet lately. Namely it stalls out after a few minutes and says it can't find the default gateway OR that
However, I called the cable company, and it was working fine for an hour after resetting the modem, and now I'm back to problems.

So basically I'm not sure if it's actually a problem with my internet OR if I've got something on my computer that's causing this problem.

Also, I have Micro Trend supposedly installed on my computer but whenver I start my computer it says "starting protection" and then disappears and I can't really get it to open. I never even thought about it until now.

I scanned my computer with the quick scans from Malwarebytes' Anti-Malware and Lavasoft's Ad-aware. Ad-aware found 2 problems, one being the trojan.java.blacole.b and second being backdoor.win32.cycbot.cfg -- Both of these were put into quarantine by Lavasoft's Ad-aware. I don't know if I need to do something more or if these were causing the problem.

I was hoping maybe somebody could take a look at the info and make sure there's not something else out there.

Also, I run Windows 7. (and use Firefox almost exclusively as my internet browser, with a few exceptions with some websites that will ONLY work on IE).
If any other information about my system is needed, please let me know.

Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at &#50724;&a... Read more

A:Problem With Internet possibley related to Malware

13 more replies
Answer Match 44.52%

I was in another sub-forum but was told to come here so I will copy and paste my information if that's all right. Thank you so much for this forum and help!

Hey guys, I actually came across the forums doing a search a day or so ago and the thread I was looking at was out-of-date so some of the links didn't work. Thought I would write my own thread on my problem. Also, my IE is messing up.. not sure if that's connected to the Blue Screen or not (or part in part of the problem(s)).

I had a look at this thread http://www.bleepingcomputer.com/forums/topic375458.html so I think I've already done a few steps you might ask me to do. Here is the info:

==================================================
Dump File : 012411-25818-01.dmp
Crash Time : 1/24/2011 10:45:19 AM
Bug Check String : SYSTEM_SERVICE_EXCEPTION
Bug Check Code : 0x0000003b
Parameter 1 : 00000000`c0000005
Parameter 2 : fffff800`02fbac9a
Parameter 3 : fffff880`09a7dcf0
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+70740
File Description : NT Kernel & System
Product Name : Microsoft? Windows? Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : x64
Computer Name :
Full Path : C:\Windows\Minidump\012411-25818-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 7600
Dump File Size : 274,920
==================================================

==================... Read more

A:Blue Screen of Death (Malware related?)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available.If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply'... Read more

2 more replies
Answer Match 44.52%

Recently, I've been hearing little beeps out of my computer that sound like something is turned on and another beep after that sounds like it's turning something off. I check my Task Manager every time I hear those sounds and wmplayer.exe or wmpnscfg.exe are the ones taking up resources. I try to end the processes but they keep reappearing a few minutes later. I even tried blocking them from startup through msconfig but that didn't help. My fan goes crazy and I lag a bit every time this happens also. Help would be appreciated!
 

A:Windows Media Player related malware?

Erm... bump
 

2 more replies
Answer Match 44.52%

When I say "slowdown" - I mean everything: even audio and video plays back at what seems like 1/2 speed. The XP Intro music is an interesting stuttering remix.

Malware and rootkit checks are clear. HDD scan and SMART stats are fine as well. Housekeeping has been done... and upon mentioning that, I should note that I began defrag at about midnight last night... at 7AM, it was at 35%, and still churning.

Booting into safe mode takes forever and is painfully slow as well.

I thought the problem might be related to a bad printer driver (I was testing an HP 5150 and Lexmark AIO (I forgot the model now - I did this Friday in another location) So I uninstalled those - no joy. I uninstalled my own HP driver with no luck.

I was getting errors related to my wireless card (WMP54GS ver.1.1) upon shutdown, so I uninstalled it. No change running without the wireless.

I came here before giving up and starting all over - because I HAVE been lax, and my last back up was in March. (Yes, I know - I deserve my virtual smacks)

System Info:

Intel Core 2 (6420) Sitting on a Gigabyte Motherboard (I'll crawl inside the case and get that model if you *really* need it)
2 GB DDR-2
300 GB Western Digital HDD (IDE)
NVidia 7300 GT

--Edit Start--

Running Windows XP, SP 2 (Haven't gotten around to my OWN updates)
System built 3/8/08
Used for just about everything except gaming
McAfee Security 2008 - updated today (8/3/08)

Absolutely NO previous problems until this weekend.

--... Read more

A:Solved: System Slowdown - Not Malware Related

8 more replies
Answer Match 44.52%

So for a couple of months now i've been experiencing out of the norm behavioral habits on my computer. The first being a couple months back now where my computer for some reason began awaking itself from sleep mode at exactly 11:15pm each day. This was not the case before.

I ran virus scan and also malware scan and malwarebytes detected a few PUMs (attached below). I left these for a while before deciding to remove them around a couple of weeks ago now.

Since removing them i've experienced a couple more strange things. The first being when awaking from sleep mode, on occasions, the resolution is all wrong and i must put it back to sleep and awake it again to sort it out. On most occasions it awakes without a problem but still, an issue born recently.

The third thing happened yesterday when a few folders became hidden without me hiding them myself. These folders had once been hidden by me but not for a long while. There were also desktop.ini files on the desktop. I searched google and found out that i had to tick 'hide protected operating system files' to get rid/hide these.

I've done scans with Essentials, Malwarebytes and most recently F-secureonlinescanner. The latter found a java exploit that it removed and one other (sorry do not remember the name). The other two find nothing.

I've tried using Gmer but on three occasions it failed to finish (i get a 'stopped working' message).

Malwarebytes and dds logs attached. (Malwarebytes log is old but shows the PU... Read more

A:A few issues - Unsure if virus/malware related or not

Just a couple of things that are worth noting.

One is that i recently changed from a DVI cable to a VGA (possibly a reason for the resolution issues from wake?).

I've also recently disabled 'allow wake timers'. Not tested it out yet to see whether it has worked or not.

Also, just a gut feeling, the recent issues i 'm having (ignoring the waking up from sleep problem) i feel may be related to the files i quarantined in malwarebytes. Were the PUMS i quarantined really malware?

11 more replies
Answer Match 44.52%

I share a computer with the rest of my family, we all have seperate accounts but mine is the admins. On logon the other day I found a whole lot of porn screens popping up, and hogging the processes. The process was "obd.exe", so i stopped the process and ran a search with "malwares: anti-malware", which seemed to find and delete a whole lot of malicious software.

but THEN on restart when I logged in explorer.exe was not running and I couldn't access the control panel...

So yeah, the pc is pretty much useless to my whole family atm and they expect me to fix it posthaste; problem is that I'm not too technically savy so I NEED YOUR HELP!

This is the HijackThis Log;

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:06 PM, on 16/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C... Read more

A:Severe virus/malware issue (obd.exe related)

bump, my computer is now infected with a load of new viruses...
 

2 more replies
Answer Match 44.52%

Hi i was watching a tv show using megavideo last night and loads of popups came up giving the usual crap about needing to install stuff.I thought i closed them but maybe i clicked on them by accident.

Anyway all of a sudden AVG started detecting loads of random threats...mainly .exe files being found all over the place.

I tried healing them but loads more kept coming so i turned my internet off thinking they were being downloaded but they kept coming.

I went into msconfig and found two new programs trying to run on startup so i unchecked them and restarted my computer,thinking this would stop the incessant threat detection. Probably a bad move.

Anyway, now when i turn my computer on i get a big blue screen with the following errors:

0x00000024 (0x001902FE, 0xBA4F34EO, 0xBA4F31DC, 0x8A54C889)

I cannot start my computer in safe mode or restore it to a last known good configuration

How can i get back to my computer so i can at least save some files?

I need some serious help please!

Thank you,
james
 

A:Blue Screen of Death - malware related

Hi, makihara

You should always post your Operating System, and whether is a 32bit or 64bit system.

Lets give this a try. You will need a flash drive to move information from the sick computer to a working computer, so we can see the progress of our actions. Save these instructions in your flash drive as a text file (use notepad) so you can have access to these while in an external environment (PE).

Here is what you need to do.

Two programs to download

First

Download ISOBurner. Click Here for ISOBurner Instructions. Install the program, and follow the next set of steps.

Second
Download OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 276.7MB in size so it may take some time to download.
When downloaded double click and this will then open ISOBurner to burn the file to CD
Boot the Non working computer using the boot CD you just created.
In order to do so, the computer must be set to boot from the CD first
Note : For information click here

Your system should now display a REATOGO-X-PE desktop.
Double-click on the OTLPE icon.
When asked "Do you wish to load the remote registry", select Yes
When asked "Do you wish to load remote user profile(s) for scanning", select Yes
Ensure the box "Automatically Load All Remaining Users" is checked and press OK
OTL should now start. Change the following settings
Change Drivers to All
Change Standart Registry to All
Under the Custom Scan box paste this in

/md5start
eventlog.dll
scec... Read more

3 more replies
Answer Match 44.52%

Hello. I am trying to fix a friend's laptop computer that has Windows 7 installed.

When he gave it to me it was infected with some assorted malware(trojans, etc.). At first, I could not open any applications whatsoever. Every time I would try it would ask me if I wanted to use internet explorer to open it.

I created a few rescue CD's(dr web, avira, avg, etc) and ran those. They cleaned up most of the problems.

Also, I installed AVG free edition and malware bytes. I ran both of those. That removed several more pieces of malware.

At that point, things were mostly good. But I noticed that almost all of the files on the computer had been marked as hidden(the desktop images were all faint, etc). So I went through and manually removed the "hidden" setting from all the PC files.

It seems like I am 99% good. However, when I open firefox browser and enter a google search, and click on a link in the search results, it sometimes redirects me to some other unwanted site. So I guess that there is still some malware lingering in the background that could not be found by AVG and malware bytes.

Any recommendations to fix this?

Thanks!

TC

A:Help needed removing malware(browser related)

A friend of mine had an issue with his browser redirecting search results, and it took me a few days to find a fix, but I found a program called TDSSKiller and that removed the problem. You can try it out for yourself to see if it will also be a fix for you, and hopefully it will.

Anti-rootkit utility TDSSKiller

Edit: Here's a little bit more info about the trojan if you need it. Backdoor.Tidserv | Symantec

9 more replies
Answer Match 44.52%

Hi all!

I'm having some computer troubles and I need guidance from one or more of you kind people. I have a related thread going in the A/V Am I Infected? forum (http://www.bleepingcomputer.com/forums/topic228133-15.html). It gives some other background information that might be helpful to read in understanding my problem.

So, to give a quick overview - currently I'm trying to rid my desktop (and then later I'll be working on my laptop) of any malware it has - which according to MBAM is quite a few nastys and they seem difficult to remove thus far. I've had my desktop for about 8 years now; never formatted, never backed up (yes stupid, I know). Obviously I want to rescue these files in the (likely) event that I need to format my computer.

I'm not sure if I've accidently set off a payload, am botted, or a hacker is directly and actively messing with my system (I *was* "borrowing" a wireless internet connection for about a week...), but my desktop system stability has gotten substantially worse - to the point that I am now unable to boot my computer. So I need help in making it somewhat usable so that I can at least save some of my 8 years worth of files.

This problem began after I had run an MBAM quickscan in normal mode after disabling my wireless connection and clicked on ok to reboot the computer - because certain files could not be deleted until reboot. It shut down normally but then windows would not load (I couldn't even make... Read more

A:Boot problem - most likely due to malware related activity

If you have an open post in any of the malware forums....you probably should not be posting issues here until your malware situation is resolved.

And you certainly should not be anticipating or making changes to your system...based on what someone other than the malware folks suggest.

Louis

4 more replies
Answer Match 44.52%

I use ZoneAlarm's free firewall on my netbook...have for years. Last night a Zone Alarm window popped up that, if I recall correctly, mentioned something about updating to the latest version or download a free trial of the full version...something like that. After a long download of a 75MB file, it started scanning my system during set up. I suddenly noticed that it said "Your Computer is Infected" which struck me as VERY odd. 1) it's a firewall, not virus or malware removal 2) my computer hadn't been experiencing any questionable behavior to suggest any kind of infection.The whole thing made me nervous so I tried to kill the process. Suddenly I started getting all sorts of error messasges in Windows of various windows components or services not being available...I couldn't even open Task Manager! So I held down the power key and did a hard shutdown.Upon rebooting, Windows would no longer fully load. I get to the desktop screen where all my icons SHOULD start popping up and loading but it never happens...just hangs with only the wallpaper visible. I can access the task manager and Explorer is running. I've tried killing Explorer and re-booting it, but that didn't change anything. I've also completed a System Restore with no luck.If I boot the computer up in Safe Mode, it loads just fine, HOWEVER--and I found this particular unusual--if I try to boot in Safe Mode with Networking I get the same hanging upon loading the desktop.I've ... Read more

A:Windows Explorer won't boot! Malware-related?

As you have now posted in Malware Removal forum, I will ask for this thread to be closed -

2 more replies
Answer Match 44.52%

I started having problems with not being able to hibernate with the hibernate button. It was around same time I was trying to get search engines that creeped onto my system like avg search and so on. I tried registry fix apps, Microsoft Security Essentials, Malwarebytes. They didn?t help. Can somebody help me?

A:Couldn’t hibernate? Malware related? Avg search?

Hello ineedhelp2012 and welcome to Seven Forums.

It's dangerous to use registry tools. They can cause more damage than they fix. First thing I'd try is using a system restore point to return my computer to a date/time prior to when the hibernation problem first appeared.

System Restore

If that doesn't work or if you don't have any system restore points I'd run a System File Checker scan from an elevated command prompt (option two, this tutorial.) If any problems are found run the scan 3 times rebooting in between each scan.

SFC /SCANNOW Command - System File Checker

You could also try turning hibernation off, rebooting, then turning it back on. Although if you don't use hibernation you could leave it off and gain some additional hard drive space almost equal to your installed memory.

Hibernate - Enable or Disable

5 more replies