Tech Problem Aggregator

go no go on DDS and boopme suggested to run this [/b

Q: go no go on DDS and boopme suggested to run this [/b

Referred from here: http://www.bleepingcomputer.com/forums/t/309799/xp-defender-trojan-hijack-browser-hijacked-help/ ~ OBHi.I was refered here and I tried to follow the Prep Guide and I was having touble so my advisor told me to only post the DDS log if that was all I could run. It took me a long time but I fnailly was able to run DDS in SAFe Mode with networking. (Hooray)Here is the DDS Log. please let me know if you need anything else:DDS (Ver_10-03-17.01) - NTFSx86 NETWORK Run by Robert Edwards at 0:29:37.04 on Thu 04/22/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_07Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.783 [GMT -4:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\ctfmon.exeE:\FIX\dds.scr============== Pseudo HJT Report ===============uStart Page = hxxp://m.www.yahoo.com/uSearch Page = hxxp://www.google.comuDefault_Search_URL = hxxp://www.google.com/ieuSearch Bar = hxxp://www.google.com/ieuInternet Settings,ProxyServer = http=127.0.0.1:5555uInternet Settings,ProxyOverride = uSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dllTB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No FileuRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"uRun: [Flashpaste] c:\program files\flashpaste\flashpaste.exeuRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exeuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exemRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exemRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exemRun: [ehTray] c:\windows\ehome\ehtray.exemRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"mRun: [Dell Wireless Manager UI] c:\windows\system32\WLTRAYmRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exemRun: [Apoint] c:\program files\apoint\Apoint.exemRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -bootmRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.inimRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUNmRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorunmRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [elvwumub] c:\documents and settings\networkservice\local settings\application data\sqasqvrwe\dpeeopftssd.exedRun: [elvwumub] c:\documents and settings\networkservice\local settings\application data\sqasqvrwe\dpeeopftssd.exeIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLLTrusted Zone: intuit.com\ttlcTrusted Zone: link.com\kaceTrusted Zone: turbotax.comDPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cabDPF: Welnia 2.0.0.906 - hxxps://hosting.bodymedia.com/welnia/files/static/install/bmwelnia_2_0_0_906.cabDPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174014400940DPF: {895D1291-D5BD-4982-BA84-AD11D29C1D6A} - hxxp://community.weightwatchers.com/Scripts/ImageUploader6.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cabNotify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dllNotify: AtiExtEvent - Ati2evxx.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL============= SERVICES / DRIVERS ===============S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-10-12 9968]S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-10-12 74480]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-3 135664]S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter;\??\c:\windows\system32\drivers\nsdriver.sys --> c:\windows\system32\drivers\NSDriver.sys [?]S3 HPJNDIS5;HPJNDIS5 NDIS Protocol Driver;\??\c:\docume~1\robert~1\locals~1\temp\hp_web~1\setup\hpjndis5.sys --> c:\docume~1\robert~1\locals~1\temp\hp_web~1\setup\HPJNDIS5.SYS [?]S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-10-12 7408]=============== Created Last 30 ================2010-04-22 03:55:56 0 d-----w- c:\docume~1\alluse~1\applic~1\avG2010-04-16 03:39:23 3248 ----a-w- c:\windows\system32\wbem\Outlook_01cadd166730c970.mof2010-04-14 23:04:48 204 ----a-w- c:\windows\system32\MRT.INI2010-04-10 05:00:35 699904 ----a-w- c:\windows\is-FDOAR.exe2010-04-10 05:00:35 357 ----a-w- c:\windows\is-FDOAR.lst2010-04-10 05:00:35 10498 ----a-w- c:\windows\is-FDOAR.msg2010-04-02 03:03:03 1469440 ------w- c:\windows\system32\inetcpl.cpl2010-03-30 04:28:19 0 d-----w- c:\windows\system32\wbem\Repository2010-03-30 03:37:12 664 ----a-w- c:\windows\system32\d3d9caps.dat2010-03-30 03:37:12 552 ----a-w- c:\windows\system32\d3d8caps.dat==================== Find3M ====================2010-04-22 03:59:25 96512 ----a-w- c:\windows\system32\drivers\atapi.sys2010-03-29 19:24:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2010-03-29 19:24:46 20824 ----a-w- c:\windows\system32\drivers\mbam.sys2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\dllcache\vbscript.dll2010-02-25 15:54:36 11070976 ------w- c:\windows\system32\dllcache\ieframe.dll2010-02-24 13:11:07 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys2010-02-24 13:11:07 455680 ------w- c:\windows\system32\dllcache\mrxsmb.sys2010-02-24 09:54:25 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe2010-02-19 23:47:50 3604480 ----a-w- c:\windows\system32\GPhotos.scr2010-02-17 13:10:28 2189952 ------w- c:\windows\system32\ntoskrnl.exe2010-02-17 13:10:28 2189952 ------w- c:\windows\system32\dllcache\ntoskrnl.exe2010-02-16 14:08:49 2146304 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe2010-02-16 13:25:04 2066816 ------w- c:\windows\system32\ntkrnlpa.exe2010-02-16 13:25:04 2066816 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe2010-02-16 13:25:04 2024448 ------w- c:\windows\system32\dllcache\ntkrpamp.exe2010-02-12 04:33:11 100864 ------w- c:\windows\system32\dllcache\6to4svc.dll2010-02-12 04:33:11 100864 ------w- c:\windows\system32\6to4svc.dll2010-02-11 12:02:15 226880 ------w- c:\windows\system32\dllcache\tcpip6.sys2008-12-20 13:59:21 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008122020081221\index.dat============= FINISH: 0:31:36.07 ===============

A: go no go on DDS and boopme suggested to run this [/b

Hi and welcome to the Virus/Trojan/Spyware/Malware Removal forum,I am thcbytes and I am here to help you!I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please perform all steps in the order received and do not proceed if you need clarification.Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if your topic is not replied I we assume it has been abandoned and I will close it.I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided!Again I would like to remind you to make no further changes to your computer unless I direct you to do so. Your computer fix will be based on the current condition of your computer! Any changes might delay my ability to help you.==========Boot into SafeMode with Networking and please do this.....Download and Run ComboFix (by sUBs)You must rename it before saving it.Please download ComboFix from one of these locations:Link 1Link 2Save thcbytes.exe to your Desktop <-- Important!!!==========Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Please refer to this link for instructions.Double click on thcbytes.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:Click on Yes, to continue scanning for malware.When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next replyA word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.This tool is not a toy and not for everyday use.ComboFix SHOULD NOT be used unless requested by a forum helper ==========With your next post please provide:* Combofix.txtKind regards,~t

13 more replies
Answer Match 44.94%

I tried twice to run DDS and it would stop. So I tried again to run Rkill and it found four processes to stop. I tried DDS again and it worked! I am posting both the Rkill log and the two DDS logs.
 
Rkill 2.6.3 by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/14/2013 10:19:07 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
 * No malware services found to stop.
Checking for processes to terminate:
 * C:\Users\Boyd\AppData\Local\Temp\nsc3554.tmp\PEV.DAT (PID: 5496) [UP-HEUR]
 * C:\Users\Boyd\AppData\Local\Temp\nsc3554.tmp\PEV.DAT (PID: 5496) [T-HEUR]
 * C:\Users\Boyd\AppData\Local\Temp\nsb4E31.tmp\PEV.DAT (PID: 9124) [UP-HEUR]
 * C:\Users\Boyd\AppData\Local\Temp\nsb4E31.tmp\PEV.DAT (PID: 9124) [T-HEUR]
4 proccesses terminated!
Checking Registry for malware related settings:
 * No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
 * Windows Defender Disabled
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 * Windows Firewall Disabled
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
&... Read more

A:DDS log, per boopme

Hello smrboyd1 I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same"... Read more

32 more replies
Answer Match 44.94%

hi, i had some malware that was removed and i'm just following up on some instructions by one of your VERY helpful pros.Topic referenced is here: http://www.bleepingcomputer.com/forums/t/190712/google-redirects-and-general-funnyness/ ~ OBi might not be infected with a virus, but i'd like somebody to take a look just to be sure. i know some processes are legitimate and others are trojans depending on where they are, but i don't know enough to determine that. any help in cleaning up my registry/infections is greatly appreciated.thank you for all you do.KurtDDS (Version 1.1.0) - NTFSx86 Run by MKG at 16:04:24.32 on Wed 12/31/2008Internet Explorer: 7.0.5730.11Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.167 [GMT -6:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exec:\program files\ge security supra\syncservice.exeC:\Program Files\Nero\Nero 7\InCD\InCDsrv.exeC:\Program Files\Kontiki\KService.exeC:\Program Files\GE Security Supra\ProxyDaemon.exeC:\SSL\stunnel-4.10.exeC:\WINDOWS\system32\PRISMSVC.EXEC:\WINDOWS\system32\Tablet.exeC:\WINDOWS\system32\WTablet\TabUserW.exeC:\WINDOWS\system32\Tablet.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\PRISMSVR.EXEC:\PROG... Read more

A:boopme said come here

Hello.Looks like most of it was taken care of. Let's see what we can find.Disable Realtime ProtectionAntimalware programs can interfere with ComboFix and other tools we need to run. Please temporarily disable all realtime protections you have enabled. Refer to this page, if you are unsure how.To disable AVG:Please navigate to the system tray on the bottom right hand corner and look for this sign.Right click it-> select Quit Control Center.A warning will pop up, click YesDownload and Run ComboFixIf you have already run ComboFix, delete your copy and download a new one. If the computer in question is unable to download ComboFix, transfer it using a removable media (CDs, flash drive).Download Combofix by sUBs from any of the links below, and save it to your desktop.Link 1, Link 2, Link 3 Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.Double click on ComboFix.exe and follow the prompts. If you are using Windows Vista, right click the icon and select "Run as Administrator". You will not recieve the prompts below if you are not using Windows XP. ComboFix will check to see if you have the Windows Recovery Console installed.If you did not have it installed, you will see the prompt below. Choose YES.
When the Recovery Console has been installed, you will see the prompt below. Choose YES.
When finished, ComboFix will produce a report for you. Please post the contents of the log... Read more

13 more replies
Answer Match 44.94%
Q: Boopme!

Extras.TxtOTL Extras logfile created on: 09/10/2010 16:45:24 - Run 1OTL by OldTimer - Version 3.2.14.1 Folder = C:UsersHollyDesktop64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstationInternet Explorer (Version = 8.0.7600.16385)Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free7.00 Gb Paging File | 6.00 Gb Available in Paging File | 82.00% Paging File freePaging file location(s): ?:pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)Drive C: | 453.94 Gb Total Space | 373.82 Gb Free Space | 82.35% Space Free | Partition Type: NTFSD: Drive not present or media not loadedE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loaded Computer Name: HOLLY-PCCurrent User Name: HollyLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userInclude 64bit ScansCompany Name Whitelist: OnSkip Microsoft Files: OnFile Age = 90 DaysOutput = StandardQuick Scan ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses<extension>] [HKEY_LOCAL_MACHINESOFTWAREClasses<extension>].cpl [@ = cplfile] -- C:WindowsSysWow64control.exe (Microsoft Corporation) [HKEY... Read more

A:Boopme!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEmsconfigsafebootminimalactivexdrivers32netsvcs%SYSTEMDRIVE%\*.exe/md5st... Read more

3 more replies
Answer Match 44.94%

hi boopme

I just want to start a new thread to tell you that I won't be able to reply to the infected and need help thread because I work the whole weekend 14 hours a day. I don't have time to run scan because that takes times and my computer is awesomely slow because of all these problems.

I don't want to reply to that thread until i run scan and post the logs there so it won't be confusing.

I won't be able to do the scan until monday. So please don't close that thread because of no reply for three days.
Thank you so much for your patience and help boopme.

A:hi boopme

hello I underestand.. Take your time . We'll keep the lights on.. there..
I am going to close this one though. Please reply in that thread so I see all your replies. I can remove them if it gets confusing... Thanks.

1 more replies
Answer Match 44.94%

Referred from here: http://www.bleepingcomputer.com/forums/topic347564.html ~ OBCouldn't run the Gmer it keep causing the blue screen of death.DDS (Ver_10-03-17.01) - NTFSx86 Run by Sam at 16:19:16.09 on 25/09/2010Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_21Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.44.1033.18.3454.1600 [GMT 1:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\Ati2evxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\Ati2evxx.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\... Read more

A:For Boopme

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

20 more replies
Answer Match 44.94%

Cheers for your helpActions taken so far can be found here http://www.bleepingcomputer.com/forums/t/234967/help-with-combofix-moved/The problems.1. Google Chome wasn't Loading and I got error message:"The application failed to intialize properly (0xc000005). Click on OK to terminate the application"I fixed that buy adding --NO-SANDBOX in the "Target" box under PropertiesAll other web browsers work.--------------------------------2. Windows and Norton will not Update, the Norton troubleshoot says something like internet explorer default connection is dial up, or something along those lines...even while though IE connect though the network.--------------------------------3. Microsoft.com wont load in any web browser. Also when "boopme" was trying to help me in the other thread a lot of the links he posted wouldn't work, and if the links worked, the links to the .exe downloads wouldn't, I don't if that was just because the links where dead or my PC was blocking them.--------------------------------4. Just about every application "boopme" got me to download in order to fix these problems would in some way or another not work, one just wouldn't install, another wouldn't download updates.--------------------------------and finally this is weird, and I'm not sure if I accidentally did it, but my Clock is now in 24hour time :SOh I just thought of what it might be, I got sick of the Microsoft genuine thing popping up, so I download a patch to remove it/stop it popping up I think I ... Read more

A:Help me please "BOOPME"

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

3 more replies
Answer Match 44.52%

I'm sorry about the time

A:boopme , I'm working on

Hello,I have merged your logs to the topic they belong in which you can find here: http://www.bleepingcomputer.com/forums/t/506389/problems-with-trojan-alureon-j/Please keep all posts regarding this issue to that topic by using the More Reply Options button which you will find near the bottom right under the topic. Once you have completed the reply, then use the Add Reply button found near the bottom center below the text area.This topic is now closed to avoid potential confusion.Orange Blossom ~ forum moderator

1 more replies
Answer Match 44.52%

HI,

Log attachged as requested (http://www.bleepingcomputer.com/forums/topic408020.html/page__gopid__2323129#entry2323129)

A:GMER log for boopme

Hi,Sorry for delayed response. Forums have been really busy. If you still need help with this do following, please.Download DDS and save it to your desktop from here or here or here.Disable any script blocker, and then double click dds file to run the tool. When done, DDS will open two (2) logs: DDS.txt Attach.txtSave both reports to your desktop. Post them back to your topic.

49 more replies
Answer Match 44.52%

hi,

well let me start with list of problem i am facing:

I AM USING WINDOWS XP PROFESSIONAL WITH SP3
1 MY TASK MANAGER IS DISABLED

2 MY SYSTEM RESTORE IS DISABLED

3 MY 'RUN" COMMAND IS NOT SHOWING IN "ALL PROGRAMS"

4 MY FOLDER OPTION IS NOT VISIBLE

5 MY DRIVES DON'T OPEN ON DOUBLE CLICK EXCEPT THE C: DRIVE, I HAVE TO EXPLORE THEM TO OPEN THEM.

6 I HAVE TRIED COMBO FIX, BUT NO HELP. AFTER AT THE SCANNING IT SAYS WINDOWS RECOVERED FROM A SERIOUS PROBLEM, BUT I DON'T THINK MY
PC HAS NOT RECOVERED FROM ANY PROBLEM. IT IS STILL IN PROBLEM.

7 I TRIED INSTALLING "KASPERSKY INTERNET SECURITY 2010" BUT AFTER INSTALLING THE ACTAVTION PAGE DOESN'T OPEN. NEITHER IT SHOWS ON THE
TASK BAR.(NEAR THE TIME).

8 I TRIED AVIRA PREMIUM BUT IT ALSO DOESN'T INSTALL, NOTHING HAPPENS AFTER THE INSATLL EXTRACTION OF THE SETUP. NO ACTIVATION WINDOWS
GETS OPEN.

9 LAST BUT NOT THE LEAST I DON'T HAVE INTERNET ACCESS ON THAT PC. AND I DON'T WANT TO FORMAT IT.
So now can anyone help me..

A:HELP ME BOOPME..MY PC IN A LIKE A ZOMBIE..

Hello and welcome... You need to do all the steps as some pertain to your issue..Please follow our Removal Guide here Remove Antispyware Soft (Uninstall Guide) You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

1 more replies
Answer Match 44.52%

Hello I wish that someone can help me solve this problem I've done numerous scans by Malware Bytes and AVG 8.5 free edition. Well I have previously asked Boopme to help and he suggested that I make a new thread so others can read it aswell. Sorry for my grammar I'm only 15 ;) and yea please make the instructions easy to follow I am only a little not nooby now in computers =D

So... my computer is like this, about like 1-2months ago i had my computer umm... well i just reinstalled windows xp I'm not sure what version though. What i find weird is that my computer has 71gigs of memory but tan when i lok at my programs it looks like i dont even have that much... well anyways my computer restarts like when i run my game GunZ (hosted by ijji) okay it lets me start game and enter the game until i have to select a server i select one as soon im about to choose character my computer restarts most of the time the second time i try (after the reboot) i can play it but im still wondering why it will do that (the reboot) well boopme please help cause even when i type my homework i get fustrated because it reboots some of the time and i didnt save my documents so please i really need to find out waht is the problem...i think it wouldnt be tempurature though.

A:Boopme help please or quietman7

..71GB memory? That's insane. Are you talking about hard drive memory or RAM memory though?Alright. Give the people more information to work with first.To check what version your Windows is,right click the My Computer icon and click Properties. Copy everything that's written under System: and Computer: and show us.If you're running Windows XP Service Pack 1, I believe there's something wrong with SP1 that makes it restart every so often.

11 more replies
Answer Match 44.52%

Referred from here: http://www.bleepingcomputer.com/forums/t/317663/pop-ups-and-pc-seems-slower/ ~ OBDDS (Ver_10-03-17.01) - NTFSx86 Run by Jeremy at 14:22:01.34 on Thu 05/20/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.516 [GMT -7:00]AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Avira\AntiVir Desktop\sched.exesvchost.exeC:\Program Files\Avira\AntiVir Desktop\avguard.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Avira\AntiVir Desktop\avshadow.exeC:\Program Files\Java\jre6\bin\jqs.exesvchost.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\ehome\ehtray.exeC:\WINDOWS\system32\WLTRAY.exeC:\WINDOWS\SOUNDMAN.EXEC:\WINDOWS\eHome\ehmsas.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Avira\AntiVir Desktop\avgnt.exeC:\Program Files\DNA\btdna.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\Belkin\F5D7001v2000\Belkinwcui.exe... Read more

A:DDS log - requested by Boopme

Hi and welcome to the Virus/Trojan/Spyware/Malware Removal forum,I am thcbytes and I am here to help you!I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please perform all steps in the order received and do not proceed if you need clarification.Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if your topic is not replied I we assume it has been abandoned and I will close it.I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided!Again I would like to remind you to make no further changes to your computer unless ... Read more

3 more replies
Answer Match 44.52%

Referred from this topic: http://www.bleepingcomputer.com/forums/topic342629.html ~ OBOk boop me I did what you said will you help me here or some one else will? DDS (Ver_10-03-17.01) - NTFSX64 Run by Mariano at 16:39:39.95 on Mon 08/30/2010Internet Explorer: 8.0.6001.18943Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.2012.631 [GMT -7:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:Windowssystem32wininit.exeC:Windowssystem32lsm.exeC:Windowssystem32svchost.exe -k DcomLaunchC:Windowssystem32svchost.exe -k rpcssC:WindowsSystem32svchost.exe -k LocalServiceNetworkRestrictedC:WindowsSystem32svchost.exe -k LocalSystemNetworkRestrictedC:Windowssystem32svchost.exe -k netsvcsC:Windowssystem32svchost.exe -k GPSvcGroupC:Windowssystem32SLsvc.exeC:Windowssystem32svchost.exe -k LocalServiceC:Program FilesDellDellDockDockLogin.exeC:Windowssystem32svchost.exe -k NetworkServiceC:Program FilesAlwil SoftwareAvast5AvastSvc.exeC:Windowssystem32Dwm.exeC:WindowsExplorer.EXEC:Program FilesRealtekAudioHDARAVCpl64.exeC:WindowsSystem32igfxpers.exeC:Program FilesWindows Sidebarsidebar.exeC:Program Files (x86)Dell Remote Accessezi_ra.exeC:Program Files (x86)Digital Line DetectDLG.exeC:Program FilesDellDellDockDellDock.exeC:Program Files (x86)Dell DataSafe OnlineDataSafeOnline.exeC:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exeC:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exeC:Program Fi... Read more

A:Requested by boopme

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

70 more replies
Answer Match 44.1%

It's runing a lot better but it still slows down while doing everyday activities like surfing the nets and checking email. Not sure if the hard drive is partisioned or two actuaul hard drives but one is 202 gb free and the other is 1 gb free
Process PID CPU Description Company Name
System Idle Process 0 21.13
Interrupts n/a 67.61 Hardware Interrupts
DPCs n/a 1.41 Deferred Procedure Calls
System 4 4.23
smss.exe 692 Windows NT Session Manager Microsoft Corporation
csrss.exe 844 Client Server Runtime Process Microsoft Corporation
winlogon.exe 940 Windows NT Logon Application Microsoft Corporation
services.exe 1004 Services and Controller app Microsoft Corporation
WRConsumerService.exe 1236 WRConsumerService Webroot Software, Inc.
ati2evxx.exe 1268 ATI External Event Utility EXE Module ATI Technologies Inc.
svchost.exe 1300 Generic Host Process for Win32 Services Microsoft Corporation
ehmsas.exe 2460 Media Center Media Status Aggregator Service Microsoft Corporation
wmiprvse.exe 1740 WMI Microsoft Corporation
svchost.exe 1352 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1448 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1580 Generic Host Process for Win32 Services Microsoft Corporation
svchost.exe 1756 Generic Host Process for Win32 Services Microsoft Corporation
spoolsv.exe 180 Spooler SubSystem App Microsoft Corporation
svc... Read more

More replies
Answer Match 44.1%

Referred from here: http://www.bleepingcomputer.com/forums/t/304475/mbam-found-new-objects/ ~ OBHere are my logs and attach zip file. Just like to say that RKill crashes in normal mode when it tries to stop some processes and Explorer crashs as well and computer is unresponsive but in safe mode Rkill finds nothing and works ok. DDS (Ver_10-03-17.01) - NTFSx86 Run by Compaq_Administrator at 16:13:53.09 on 26/03/2010Internet Explorer: 7.0.5730.13Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.958.532 [GMT 0:00]AV: avast! antivirus 4.8.1368 [VPS 100324-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\VoyagerTest\fts.exeC:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exeC:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exeC:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exesvchost.exeC:\WINDOWS\arservice.exeC:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exe... Read more

A:My DDS & GMER logs for Boopme

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

more replies
Answer Match 44.1%

This is from the laptop that won't connect to the internet at all.

A:DDS/Gmer report for boopme

ark results.

17 more replies
Answer Match 44.1%

Dear all, dear boopme,As instructed in my original thread here, I created a new thread in this forum.As I already had an account and such, I only needed to perform steps 6 and 7 in the thread I was referred to. aswMBR log from previous thread (attach.txt attached to post):aswMBR version 0.9.9.1707 Copyright© 2011 AVAST SoftwareRun date: 2013-01-20 14:07:23-----------------------------14:07:23.921 OS Version: Windows 6.0.6001 Service Pack 114:07:23.921 Number of processors: 2 586 0xF0D14:07:23.921 ComputerName: LAILA-PC UserName: Laila14:07:24.904 Initialize success14:07:42.564 AVAST engine defs: 1301200014:08:04.920 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-114:08:04.920 Disk 0 Vendor: Hitachi_HTS543216L9A300 FB2OC40C Size: 152627MB BusType: 314:08:05.122 Disk 0 MBR read successfully14:08:05.122 Disk 0 MBR scan14:08:05.138 Disk 0 Windows VISTA default MBR code14:08:05.154 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10244 MB offset 6314:08:05.200 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 142382 MB offset 2098089014:08:05.247 Disk 0 scanning sectors +31257976014:08:05.481 Disk 0 scanning C:\Windows\system32\drivers14:08:33.861 Service scanning14:09:05.126 Modules scanning14:09:17.546 Disk 0 trace - called modules:14:09:17.577 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys ... Read more

A:Possible Rootkit (detected by boopme)

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofixLink 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopIMPORTANT....1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Do not install any other programs until this if fixed.How to : Disable Anti-virus and Firewall...http://www.bleepingcomputer.com/forums/topic114351.htmlDouble click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt Note:Do not mouse click ComboFix's window while it's running. That may cause it to stallNote: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.htmlNote: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.===Third party programs if not up to date can be the ca... Read more

7 more replies
Answer Match 44.1%

Originally asked in "Am I Infected" and Boopme said it's a proxy issue and to ask here. Below is the original post although I downloaded Java 7 and Security Checks shows OK now.Thank you,I've got a Toshiba Satellite M115-S3094 that came with XP MCE 2005 although now System Properties tells me I'm running XP MCE 2002 SP3. I'm running Security Essentials and WinPatrol Pro resident and scan frequently with MBAM and SAS. Although I have a paid up subscription of Avast Internet Security's latest version, I'm not using it on the latest factory setting reinstall (reformatting of my hard drive for around the 30th time) and update because the sandbox thing had corrupted my sound drivers. I have CCleaner and Defraggler (replacing Windows Defragmenter) and I also run them regularly.I've had to reinstall factory setting enough times to know that it changes from MCE 2005 to 2002 somewhere between factory settings and fully updated SP3 (think it happens in the SP3 install). As we all know XP MCE is MS illegitimate child and they don't want to support the kid. It seems to be the baby they wish they didn't make but I'm stuck with it on this laptop.One reason I think I might be infected is because I'm getting the following two notifications from crypt in the Event Viewer:1)Event Type: InformationEvent Source: crypt32Event Category: NoneEvent ID: 7Date: 9/25/2011Time: 10:41:10 PMUser: N/AComputer: TOSHIBA-USERDescription:Successful auto up... Read more

A:Looks Like a Proxy Issue to Boopme

Hi -These may have been done by Boopme , but just checking.First basic check is, open Internet Explorer, Click on Tools at the top (if you do not see this press the ALT key) > Next >Click Internet options at the bottom of the dropdown list > Connections > LAN Settings , and make sure the only box ticked is the top one (Automatically detect settings).Click OK > OK and exit from there -Delete CCleaner and install ATF Cleaner (by Atribune), more suitable for XP, and also TFC Cleaner (Fully cleans / removes Temp files) - Just Google these 2 items.More items are available, but these are just the first few -Regards -

25 more replies
Answer Match 44.1%

Referred from here: http://www.bleepingcomputer.com/forums/topic391921.html ~ OBBoopme... I hope that Ive done this correctly. Here is what youve asked for: I am trying to get this right. Again I have to remind you that I am leaving shortly (just a little later then I had previously expected) Thank you again very very much for all of the help you've given me. Also for always responding quickly and not making it complicated for me to follow.btw i tried to post the file from rkunhooker but it would not let me...can it just be read from my earlier post?Merged posts. ~ OB

A:Kaygie's files for Boopme

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your ... Read more

8 more replies
Answer Match 43.68%

Referred from here: http://www.bleepingcomputer.com/forums/topic351569.html ~ OBI'm back. After running the DoD version of Boot and Nuke, my drivers were still in place and I had a redirect on the first attempt at viewing weather.com, a site that has never failed to redirect me since I started having problems.Here is the DDS log. I've also attached the ark.txt and gmer.txt files as instructed by the Preparation Guide. I've pulled out so much hair in the last two weeks, I need to go wig shopping. Here we go again!DDS (Ver_10-10-10.03) - NTFSx86 Run by Jim_Brown at 15:41:32.22 on Sun 10/10/2010Internet Explorer: 6.0.2900.2180Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.171 [GMT -4:00]AV: AVG Anti-Virus Free Edition 2011 *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============svchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\AVG\AVG10\avgchsvx.exeC:\Program Files\AVG\AVG10\avgrsx.exeC:\Program Files\AVG\AVG10\avgcsrvx.exeC:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exeC:\Program Files\AVG\AVG10\avgwdsvc.exeC:\Program Files\AVG\AV... Read more

A:DDS and gmer logs as instructed by boopme

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

22 more replies
Answer Match 43.68%

Hi Team,

My post history can be seen through here (http://www.bleepingcomputer.com/forums/topic265272.html) so I will not go over it all again.

In summary though, I have been referred to this section of the forum (by boopme) as i have a rootkit variant and need the specialist support of the HJT team. The key thing I would point out is that all attempts to run most/all suggested spyware/malware tools have failed and so far, only win32kdiag has proved anything. Very long log posted below FYI. Hoepfully it means something to you!

Please advise next steps. Thankyou in advance for your help!
Running from: C:\Users\Mr J Bloggs\Desktop\Win32kDiag.exe

Log file at : C:\Users\Mr J Bloggs\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\Windows'...

Found mount point : C:\Windows\AppPatch\Custom\Custom

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp\ZAP2DF2.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3550.tmp\ZAP3550.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP41B5.tmp\ZAP41B5.tmp

Mo... Read more

A:Rootkit variant confirmed by Boopme

Hi and welcome to the HijackThis Logs and Virus/Trojan/Spyware/Malware Removal forum,I am and I am here to help you!I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please perform all steps in the order received and do not proceed if you need clarification.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided!==========You have a very nasty new rootkit. Please follow my directions exactely as I have outlined!!!Step 1Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the con... Read more

28 more replies
Answer Match 43.68%

Referred from here: http://www.bleepingcomputer.com/forums/t/318626/infected-with-unknown/ ~ OBUNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH ITDDS (Ver_10-03-17.01)Microsoft Windows XP Home EditionBoot Device: \Device\HarddiskVolume1Install Date: 5/6/2010 1:23:57 AMSystem Uptime: 5/28/2010 10:37:32 PM (0 hours ago)Motherboard: PEGATRON CORPORATION | | BeniciaProcessor: Intel? Pentium? Dual CPU E2220 @ 2.40GHz | CPU 1 | 2399/800mhz==== Disk Partitions =========================C: is FIXED (NTFS) - 466 GiB total, 430.537 GiB free.D: is CDROM ()E: is RemovableF: is RemovableG: is RemovableH: is Removable==== Disabled Device Manager Items =============Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}Description: PCI Simple Communications ControllerDevice ID: PCI\VEN_14F1&DEV_2F81&SUBSYS_000014F1&REV_01\4&3735DC3F&0&00E1Manufacturer: Name: PCI Simple Communications ControllerPNP Device ID: PCI\VEN_14F1&DEV_2F81&SUBSYS_000014F1&REV_01\4&3735DC3F&0&00E1Service: Class GUID: {6BDD1FC6-810F-11D0-BEC7-08002BE2092F}Description: USB20 Camera Device ID: USB\VID_A168&PID_0611\6&192004ED&0&4Manufacturer: Name: USB20 Camera PNP Device ID: USB\VID_A168&PID_0611\6&192004ED&0&4Service: ==== System Restore Points ===================RP1: 5/6/2010 1:29:28 AM - System CheckpointRP2: 5/6/2010 10:41:37 AM - Installed Adobe Reader 9.3.RP3: 5/6/2010 10:46:16 AM - Installe... Read more

A:Boopme, here is the info you requested from Fumunda

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

5 more replies
Answer Match 43.68%

I ran SmitFraudFix in regular mode (option 1 for search) and got this:

hosts file corrupted !

127.0.0.1 legal-at-spybot.info
127.0.0.1 www.legal-at-spybot.info

You even thought a couple weeks ago, I might be infected, after some troll was on this board and I tried to analyze his file.

Any idea how to proceed?

SmitFraudFix v2.281

Scan done at 21:37:00.32, Wed 02/06/2008
Run from C:\Documents and Settings\Jeff\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

???????????????????????? Process
???????????????????????? hosts

hosts file corrupted !

127.0.0.1 legal-at-spybot.info
127.0.0.1 www.legal-at-spybot.info

???????????????????????? C:\
???????????????????????? C:\WINDOWS
???????????????????????? C:\WINDOWS\system
???????????????????????? C:\WINDOWS\Web
???????????????????????? C:\WINDOWS\system32

C:\WINDOWS\system32\systems.txt FOUND !

???????????????????????? C:\WINDOWS\system32\LogFiles
???????????????????????? C:\Documents and Settings\Jeff
???????????????????????? C:\Documents and Settings\Jeff\Application Data
???????????????????????? Start Menu
????????????????????????
???????????????????????? Desktop
???????????????????????? C:\Program Files
???????????????????????? Corrupted keys
???????????????????????? Desktop Component... Read more

More replies
Answer Match 43.68%

Referred here from: http://www.bleepingcomputer.com/forums/t/207507/redirected-searches-infection/ ~ OBWinXP SP3. Initial infection was redirecting all web searches. Mod boopme had me do several scans. He said I'm 99% clean but since I still can't update Malwarebytes. I get the following error message: "Update failed. Make sure you are connected to the internet and your firewall is set to allow Malwarebytes' Anti-malware to access the internet. DDS (Ver_09-02-01.01) - NTFSx86 Run by John at 0:34:08.81 on Wed 03/04/2009Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_12============== Pseudo HJT Report ===============uSearch Page = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.comuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.htmluDefault_Search_URL = hxxp://www.google.com/ieuInternet Settings,ProxyServer = http=localhost:7070uInternet Settings,ProxyOverride = *.local;uSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.comBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2... Read more

A:Mod boopme said 99% clean but to come here. Can't update Malwarebytes.

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. Please download Trend Micro - HijackThis. Do a new scan with Trend Micro - HijackThis and post it in your next reply.] Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until instructed to do so! Let me know if any of the links do not work or if any of the tools do not work. Tell me about problems or symptoms that occur during the fix. Do not run any other programs or open any other windows while doing a fix. Ask any questions that yo... Read more

2 more replies
Answer Match 43.68%

Wife says it's running slow too - (I don't think so....)

I will follow your steps from my previous inquiry from the downstairs computer -

A:BOOPME - Let's Check The Upstairs Computer Too....

Ok ,post those logs..

8 more replies
Answer Match 43.68%

A continuation of this thread,http://www.bleepingcomputer.com/forums/topic387398.html/page__pid__2184493#entry2184493moved here by request.Well its anadvisable to run Combofis=x on your own and your system seems un stable/ You should repost this with a DDS log.Please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.If Gmer won't run,skip it and move on.Let me know if that went well.No, it did not go well.No CD emulators are present, according to Defogger.I was unable to get DDS to complete its scan. To my knowledge, I have no active script blockers, although a number of years ago I implemented this registry script "fix":REGEDIT4[HKEY_CLASSES_ROOT\VBSFile\Shell]@="Edit"[HKEY_CLASSES_ROOT\VBSFile\Shell\Edit]@="&Edit"[HKEY_CLASSES_ROOT\VBSFile\Shell\Edit\Command]@="C:\\WINDOWS\\Notepad.exe %1"[HKEY_CLASSES_ROOT\VBEfile\Shell]@="Edit"[HKEY_CLASSES_ROOT\VBEfile\Shell\Edit]@="&Edit"[HKEY_CLASSES_ROOT\VBEfile\Shell\Edit\Command]@="C:\\WINDOWS\\Notepad.exe %1"I don't know if the above registry edit is affecting DDS or not...I shut down my security apps (I'm only running MSE and Commodo) and disabled their services bu... Read more

A:New malware help request -- Reply to boopme

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your ... Read more

17 more replies
Answer Match 43.68%

To "boopme" - I had a similar problem that "DirtDiver" posted (security warning - DLACTRLW.EXE). I followed your instructions and everything went smoothly until I got to the part where you explain how to re-enable your Emulation drivers (i.e. double click DeFogger, etc.). I tried to but I received an error message and the following was posted on the defogger_enable notepad: defogger_enable by jpshortstuff (23.02.10.1) Log created at 22:15 on 27/01/2011 (my name) Parsing file... -=E.O.F=-Can you or anyone else help me? I was also wondering if there are any concerns I should have since I did have this virus (or whatever it was). TIA!

A:Attn: "boopme" - need additional help with DLACTRLW.EXE

Sorry, I did try to run the DeFogger twice so another defogger_disable notepad was made. It states the following: defogger_disable by jpshortstuff (23.01.10.1) Log created at 19:48 on 27/01/2011 (my name) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F.=-

Also, I have Windows XP and using Mozilla.

3 more replies
Answer Match 43.68%

AII topic http://www.bleepingcomputer.com/forums/topic438108.html/page__gopid__2568763#entry2568763aswMBR version 0.9.9.1297 Copyright© 2011 AVAST SoftwareRun date: 2012-01-22 22:46:44-----------------------------22:46:44.537 OS Version: Windows x64 6.1.7601 Service Pack 122:46:44.537 Number of processors: 2 586 0x2A0722:46:44.537 ComputerName: ANITA-PC UserName: Anita22:46:47.174 Initialize success22:49:56.958 AVAST engine defs: 1201220122:50:08.517 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-122:50:08.533 Disk 0 Vendor: TOSHIBA_ GT00 Size: 610480MB BusType: 322:50:08.549 Disk 0 MBR read successfully22:50:08.549 Disk 0 MBR scan22:50:08.564 Disk 0 Windows VISTA default MBR code22:50:08.580 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 204822:50:08.595 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 594921 MB offset 307404822:50:08.627 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 14058 MB offset 122147225622:50:08.642 Service scanning22:50:11.185 Modules scanning22:50:11.185 Disk 0 trace - called modules:22:50:11.232 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 22:50:11.247 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ad6060]22:50:11.263 3 CLASSPNP.SYS[fffff8800168c43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049d6050]22:50:1... Read more

A:Moderator boopme said to start new topic

Hello and Welcome to the forums!My name is Gringo and I'll be glad to help you with your computer problems.Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.I need you to make a bootable usb and to make a screenshot for me - follow the instructions below to do thisHow to create a bootable Puppy USB DriveDownload and save a copy of the latest Puppy ISO fileDownload and save a copy of Unetbootin for Windows.Ins... Read more

18 more replies
Answer Match 43.68%

Hi Boopme, this post is to continue the conversation from the thread I hi-jacked I guess I am a novice at forum etiquette as well as spyware removal! OK Boudin Brad, yes that is the malware file renaming the file so it can prevent you from running what you want ,so you will pay for their fraud tool to fix this.Try renaming that .exe to .bat and start over. You also should start your own topic so we all don't get confused telling diiferent posters what to do. But no harm done.I actually renamed the file myself to try and avert bravia.ex. I tried removing MSAS and redownloading/saving as .bat, but still get "sys admin has set policies to prevent installation."Furthermore, I don't have the "run as" option when saved under this format. I have been unable to successfully run any AV software in safe mode, renamed or not. (combofix,mbab, HJT, rootrepeal). I did get win32kdiag.exe to create a log though.I would reformat, but my computer was a grad-school issue and the windows license has expired. So i need to get creative! Any advice is appreciated.Thank you in advance for your help.-BB

A:Attn: Boopme AVP 2010 continued

I did get win32kdiag.exe to create a log though.Now that you were able to produce a log you need to post it in our HJT forum:http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/Give a brief description and tell them that this log was all you could get to run successfully The HJT team is extremely busy, so be patient and good luck

1 more replies
Answer Match 43.68%

I ran the Defogger, I don't think I have any Emulator tools. I was running Daemon tools, but got rid of it. I still see files in my Registry. I thought CCleaner would get rid of them. Anyway, it did not ask for a reboot. Then I followed your instructions and ran DDS (log and attachment below) and GMER (log below). I am way out of my element at this point.

P.S. I zipped the attach.txt with Winrar, but I wasn't allowed to send that so I just attached as a txt. I hope that is alright.

------------------------------------------------------------------------------------------------------------------------

DDS (Ver_10-11-27.01) - NTFSx86
Run by A Smith at 22:39:44.87 on Fri 12/03/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.222 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\P... Read more

A:Depthcharge-boopme, Virus\Rootkit???

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting... Read more

58 more replies
Answer Match 43.68%

Following the instructions: http://www.bleepingcomputer.com/forums/topic34773.htmlRequested in: http://www.bleepingcomputer.com/forums/topic338848.htmlDownloaded and ran Defogger. As I know I had no CD emulation, it just finished rather than done anything else.DDS log:QUOTEDDS (Ver_10-03-17.01) - NTFSX64 Run by James Rowe at 19:57:54.75 on Fri 08/20/2010Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_21Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.4086.2141 [GMT -4:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\Dwm.exeC:\Windows\system32\taske... Read more

A:Boopme Requested I post These Logs Here

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.1.Please do not run any other tool untill instructed to do so!2.Please reply to this thread, do not start another!3.Please tell me about any problems that have occurred during the fix.4.Please tell me of any other symptoms you may be having as these can help also.5.Please try as much as possible not to run anything while executing a fix.If you follow these instructions, everything should go smoothly.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Vista and Win 7 Users please Right Click and run as Admin all programs that I ask you to run: Malwarebytes' Anti-Malware :Please download Malwarebytes' Anti-Malware to your desktop.Double-click mbam-setup.exe and follow the prompts to install the program.At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select Perform quick scan, then click Scan.When the scan is complete, click OK, then Show Results to view the results.Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.W... Read more

55 more replies
Answer Match 43.26%

Hi Boopme I have a Thinkpad X61 which now experienced the same issue with another member, you helped out on, back in 2012. I have downloaded the FRST.exe tool and have the results pasted below. Could you help? A lot of my work files are on the laptop. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2016Ran by SYSTEM on MININT-7CGQOV0 (04-10-2016 21:07:06)Running from e:\Platform: Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)Internet Explorer Version 11Boot Mode: RecoveryDefault: ControlSet001ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Registry (Whitelisted) ====================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-07-24] (Avira Operations GmbH & Co. KG)HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [831064 2016-07-18] (Avira Operations GmbH & Co. KG)BootExecute: autocheck autochk * sdnclean.exe==================== Services (Whitelisted) ====================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be mov... Read more

More replies
Answer Match 43.26%

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by hellib (administrator) on HELLIB-PC on 01-05-2015 16:46:15
Running from C:\Users\hellib\Downloads
Loaded Profiles: hellib (Available profiles: hellib)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Fil... Read more

A:Windows 7 , I was instructed to post FRST by boopme

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/574994 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

2 more replies
Answer Match 43.26%

OTL logfile created on: 7/29/2010 5:11:56 PM - Run 1OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Scott\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstationInternet Explorer (Version = 8.0.7600.16385)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 32.00% Memory free6.00 Gb Paging File | 4.00 Gb Available in Paging File | 62.00% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program FilesDrive C: | 447.21 Gb Total Space | 368.73 Gb Free Space | 82.45% Space Free | Partition Type: NTFSDrive D: | 18.55 Gb Total Space | 9.76 Gb Free Space | 52.64% Space Free | Partition Type: NTFSE: Drive not present or media not loadedF: Drive not present or media not loadedG: Drive not present or media not loadedH: Drive not present or media not loadedI: Drive not present or media not loadedDrive J: | 298.09 Gb Total Space | 54.82 Gb Free Space | 18.39% Space Free | Partition Type: NTFSDrive K: | 0.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFSDrive L: | 297.44 Gb Total Space | 164.06 Gb Free Space | 55.16% Space Free | Partition Type: NTFS Computer Name: JOHNSONFAMCOMCurrent User Name: ScottLogged in as Administrator. Current Boot Mode: NormalScan Mode: Current userCompany Name Whitelist: OnSkip Microsoft Files: ... Read more

A:results5.google redirect logs per boopme

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until ... Read more

10 more replies
Answer Match 43.26%

Referred from here: http://www.bleepingcomputer.com/forums/topic372582.html ~ OBWas not asked to restart after Defogger, but I am including the log here.Defogger defogger_disable by jpshortstuff (23.02.10.1)Log created at 21:17 on 16/01/2011 (John)Checking for autostart values...HKCU\~\Run values retrieved.HKLM\~\Run values retrieved.Checking for services/drivers...-=E.O.F=-DDS.txtDDS (Ver_10-12-12.02) - NTFSx86 Run by John at 21:18:41.56 on Sun 01/16/2011Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.1928 [GMT -5:00]AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}============== Running Processes ===============C:\PROGRA~1\AVG\AVG10\avgchsvx.exeC:\PROGRA~1\AVG\AVG10\avgrsx.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchC:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exesvchost.exeC:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exesvchost.exesvchost.exeC:\Program Files\Utils\System\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spools... Read more

A:Generic Host Error- Following instructions from boopme

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

15 more replies
Answer Match 42.84%

Per boopme's direction ( http://www.bleepingcomputer.com/forums/t/270645/antiviruspro-2010-nothing-will-launch-even-in-safe-mode/ ) here is the Win32kDiag report:Running from: C:\Documents and Settings\Administrator\Desktop\Win32kDiag.exeLog file at : C:\Documents and Settings\Administrator\Desktop\Win32kDiag.txtWARNING: Could not get backup privileges!Searching 'C:\WINDOWS'...Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213Mount point destination : \Device\__max++>\^Found mount point : C:\WINDOWS\$hf_mig$\KB922760\KB922760Mount point destination : \Device\__max++>\^Found mount point : C:\WINDOWS\$hf_mig$\KB924496\KB924496Mount point destination : \Device\__max++>\^Found mount point : C:\WINDOWS\$hf_mig$\KB932168\KB932168Mount point destination : \Device\__max++>\^Found mount point : C:\WINDOWS\$hf_mig$\KB933729\KB933729Mount point destination : \Device\__max++>\^Found mount point : C:\WINDOWS\$hf_mig$\KB943460\KB943460Mount point destination : \Device\__max++>\^Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27B.tmp\ZAP27B.tmpMount point destination : \Device\__max++>\^Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A1.tmp\ZAP2A1.tmpMount point destination : \Device\__max++>\^Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE6.tmp\ZAPE6.tmpMount point destination : \Device\__max++>\^Found mount point : C:\WINDOWS\assembly\temp\tempMount point destination : \Device\__max++>\^Found mount ... Read more

A:Rootkit issues - Win32kDiag report for review (sent by boopme)

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK. "%userprofile%\desktop\win32kdiag.exe" -f -rWhen it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.========================Now delete any copy of combofix.exe that you have if you downloaded it previously.Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.Link 1Link 2Link 3--------------------------------------------------------------------Double click on Combo-Fix.exe & follow the prompts.When finished, it will produce a report for you. Please post the C:\ComboFix.txt so we can continue cleaning the system.

91 more replies
Answer Match 42.84%

Mod edit: I'ved Merged all together ~~~boopme Edit: SORRY GUYS, didn't mean to make so many multiple posts, that was an accident. Anyways "boopme", the forums won't let me post the full content of the logs here, I'm guessing its too long, so I'll just put all the logs in the attachments.Second Edit: It won't let me upload the DDS log to attachments, so I'll just post as much of it as I can and then make a reply posting the rest of it.Hello again. I've followed step 6-9 in the instructions you (boopme) gave me and gotten my log results and created a new thread in this forum section as you requested from my previous thread here: http://www.bleepingcomputer.com/forums/t/325989/should-i-be-sceptic-about-this-block-or-unblock/. I had no problem getting the first 2 logs. The Gmer log was quiet annoying to get though. The first time I scanned, I went afk while it scanned for a while and came back to a completely black screen and nothing would happen no matter what i pressed. So i turned my computer off and back on, ran the scan again, went afk again, came back to the same thing but realized it was my screen saver that was the problem. So i set my screen saver to activate after 30 minutes of being idle rather than the measly 10 minutes it was set to. I've been meaning to change that anyways. So the third scan was successful, but the scan was so long ._. DDS Log part 1: DDS (Ver_10-03-17.01) - NTFSx86 Run by Chris at 11:31:54.28 on Sat 06/26/2010Internet Explorer: 8.0.6001.18702 Brow... Read more

A:To: boopme, Colma's log reports (rootkit problem continued)

Hi Colma,Welcome to Virus/Trojan/Spyware/Malware Removal (VTSMR) forum. Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. In case of making changes I shall assume my assistance is not needed any more.Please tell me if you have still the same issue, no need to post any logs or explain the history of the problem.

9 more replies
Answer Match 42.84%

Hey,boopme asked me to post logs here in order to get some help. Topic referenced is here: http://www.bleepingcomputer.com/forums/t/299061/search-result-redirects-under-firefox-and-ie/ ~ OBI have tried everything. Two weeks ago...I was downloading something from freakshare and a program called Security Essentials 2010 got into my computer without my knowledge. This damn program caused my desktop to go all blue and wouldn't let any programs run. I got help by finding out how to run spybot and malwarebytes on the infected machine. It took a while to be free of spyware. My problem now is that my google search results have been hijacked. I type in a query and maybe the first link works...and if I click on the second link, I get a redirect. I am also experiencing new pages opening up as well.I came upon this site amongst my searches and it seems like a very good place to have my problem fixed. Please help me! I am on Windows XP.Thanks in advance,Santos

A:boopme asked me to post here regarding browser redirects and smss32.exe

Hello.I see multiple infections here currently. Let's do the following.Download and Run CombofixPlease visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Refer to this page on instructions on doing so.Please include the C:\ComboFix.txt in your next reply for further review. Even if after running CF things may "feel" or "look" better, that doesn't necessarily mean we're done or your system is clean. Please continue working with me until I declare your computer is clean.With Regards,Extremeboy

16 more replies
Answer Match 42.84%

SAS found Trojan.Agent/Gen-FraudPack infecting the installer CNET included in my download of Zonealarm firewall with free Antivirus. I have no idea how long it was there or if it was original but I installed ZA months ago. Couple weeks ago the ZA AV failed to update repeatedly. (ZA give an "error  1603" code.) Then MBAM failed to update as well. SAS did complete an update and found the infection. (I hadn't run either AV in some time previous. ZA had seemed effective.)
 
After SAS removed the infected files both MBAM and ZA could update but ZA has not since run a scan though MBAM has. ZA has stopped updating again, this time without any error messages. Right after the error codes first came up I tried repair instructions from the zonealarm forum without success. I've removed/cleaned/reinstalled twice following their method. Also there was another 'error code' I suspect might be from ransomware as I googled this "Error Code 127" and the few results there were looked like typical ransomware sales pages..
 
Even links to clean downloads of ZA wouldn't open from their help thread. I realize some of this is just coincidence but it seems like there may be more than just Gen-FraudPack messing up my ZA AV.
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464  BrowserJavaVersion: 10.11.2
Run by ohn at 3:14:40 on 2013-02-14
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7657.5512 [GMT -5:00]
.
AV: ZoneAla... Read more

A:Boopme sent me- Trojan infecting a CNET installer, seems to be more malware als.

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===
 
Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
 
Link 1
Link 2
 
* IMPORTANT !!! Save ComboFix.exe to your Desktop
 
IMPORTANT....
 
1. Close any open browsers.
 
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
 
3. Do not install any other programs until this if fixed.
 
How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html
 
Double click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall
 
Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html
 
 
Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the c... Read more

6 more replies
Answer Match 42.42%

Thank you for offering to help me Boopme!

Here is the result of the program you asked me to run. The computer is Windows XP Pro SP2. I was running in safe mode.

Please let me know what I should do next.

Thank you!
Caroline

Running from: C:\Documents and Settings\Molly Hude.MOLLY\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Molly Hude.MOLLY\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP670.tmp\ZAP670.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP72B.tmp\ZAP72B.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP838.tmp\ZAP838.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Config\Config

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

Mount point destination : \Device... Read more

A:For boopme: Multiple infections including AVR09 and TDSSserv on Windows XP

Hello Caroline,Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) "%userprofile%\desktop\win32kdiag.exe" -f -rinto the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

10 more replies
Answer Match 39.9%

My PC has been freezing. Before you yell at me this is what I've tried.
?Checked hardware, no yellow ! marks
?Checked memory...all 6 scans 2 passes...nada.
?Checked drivers...diagnostic came up empty handed
?turned off startups...disabled windows services...nothing
?Defraged, disc cleanup, reverted to an earlier state for windows...none helped
?attempted to change Anti Virus Programs since Avira & Mcafee caught nothing...
now I can't install AVG because Mcafee is still present somehow...although
I couldn't uninstall it the traditional way...I googled and found links from threads that led
me to the uninstall tool...which I ran and rebooted...it's no longer in the uninstall options..but
AVG still says it can't Install because of McAfee.

I'm basically posting this now..because I don't see any fixes different than the ones I've already tried.
Can anyone help. I did go through some of the rules and if I broke any of them in this post...I appologize. I'm in safe mode now and my screen size sucks typing this too. Thanks. I'm glad
I was able to get this typed before my PC froze again.
Windows XP, Dell Vostro 410, had it for about 2 years. It's my shop pc...I own a sign shop...this is my
backbone for now. HELP

A:I've tried everything that's been suggested

The below is compliments of Broni:You may have some hardware problems.***** Run hard drive diagnostics: http://www.tacktech.com/display.cfm?ttid=287 (or http://www.bleepingcomputer.com/forums/topic28744.html)Make sure, you select tool, which is appropriate for the brand of your hard drive.Depending on the program, it'll create bootable floppy, or bootable CD.If downloaded file is of .iso type, use ImgBurn: http://www.imgburn.com/ to burn .iso file to a CD (select "Write image file to disc" option), and make the CD bootable.NOTE. If your hard drive is made by Toshiba, unfortunately, you're out of luck, because Toshiba doesn't provide any diagnostic tool.====================================================================================A. If you have more than one RAM module installed, try starting computer with one RAM stick at a time.NOTE Keep in mind, the manual check listed above is always superior to the software check, listed below. DO NOT proceed with memtest, if you can go with option AB. If you have only one RAM stick installed......run memtest...1. Download - Pre-Compiled Bootable ISO (.zip)2. Unzip downloaded memtest86+-....iso.zip file.3. Inside, you'll find memtest86+-....iso file.4. Download, and install ImgBurn: http://www.imgburn.com/5. Insert blank CD into your CD drive. 6. Open ImgBurn, and click on Write image file to disc7. Click on Browse for a file... icon:8. Locate memtest86+-....iso file, and click Open button.9. Click on ImgBu... Read more

1 more replies
Answer Match 39.9%

Logfile of HijackThis v1.99.1Scan saved at 3:07:54 PM, on 8/15/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exeC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exeC:\WINDOWS\system32\wscntfy.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\system32\wuauclt.exeC:\antispyware\hijackthis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/signin.jspO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\... Read more

A:Suggested Hjt Log

Hello healing41 and welcome to the BC HijackThis forum. I see no signs of viruses or malware in the log. It is clean.

Fragmentation isn't really a malware issue. It is just a natural occurance that happens over time. XP has a built-in defragmenter and there are many 3rd party disk-defragmenters. It is good to defragment a drive occasionally but unless the disk is heavily fragmented and the free disk space is less than about 10% of the drive there will probably not be a noticible performance improvement. The 2 files that will have the biggest impact from fragmentation are the swap file and the Master File Table which can only be defragmented with 3rd party defragers. NTFS file systems handle file fragmentation better than the old FAT system found on older operating systems like Win98 so an acasional defrag with the built-in XP utility should be Ok.

Cheers.

OT

1 more replies
Answer Match 39.9%

I run a Dell 550mhz with 128mb ram,
Computer runs extremely slow and hangs.
ZoneAlarm was NOT RESPONDING, so I removed it.
Internet Explorer and Mozilla errors - NOT RESPONDING

So....
I ran SPYBLASTER
I ran SPYBOT SEARCH AND DESTROY
I ran AD-AWARE
I ran REGISTER PATROL
I stopped almost all programs from beginning at startup.
I removed programs not used.
I defragmented the disk.
I removed ZoneAlarm, as it seemed to be part of the problem (NOT RESPONDING).

But now the slowness has returned so....

I ran Hijackthis, and here's the log:

Logfile of HijackThis v1.99.1
Scan saved at 6:22:48 AM, on 5/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Steve\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_UR... Read more

A:Tried everything suggested, does this log help?

Hello......
Just to clarify, you have only 128MB of memory? What operating system do you have? Also, you most definitely need an anti-virus program at all times.

Edit: Sorry I just saw you have WinXP for an OS.
 

3 more replies
Answer Match 39.48%

Hi there, just wondering if anyone has any good suggestion for a slot fan. Ive seena few i like...but buying stuff like this is sooo hard when you dont got the product in front of you.
Ill probably have to buy about 8 of em too, so thats sorta the reason im asking before buying.

here are some from newegg.com, but what i dont get it that the top rated one has the least ammount of airflow production...
http://www.newegg.com/Product/Produ...2E16835166038,N82E16835119065,N82E16835119066

Any and all suggestions are greatly appreciated.
 

A:Suggested PCI Slot Fan

16 more replies
Answer Match 39.48%

Does anyone use this feature on IE11? I quite like it but tonight it doesn't seem to be working. Not sure if that was the case pre patch tuesday today or not. Anyone else seeing same? I have another laptop running ie9 and thee aren't working on this either - very very occassionally the suggestions do come up

A:Suggested sites

Ignore me - it's fine now. Must of been a temp glitch at Microsoft!

1 more replies
Answer Match 39.48%

Could I grab some expert opinions on the best suited motherboard for my system?

Current rig:

Intel Core i5-2400 @3.10Ghz
Nvidea GTX460
ASRock H67M-GE (faulty - need new one)
2TB Seagate HDD
8GB GForce Ripjaws (2x4GB)

Cheers!

A:Suggested motherboards

Just to let you all know, I have access to these parts locally.

3 more replies
Answer Match 39.48%

As suggested i ran hijackthis and saved the info soi can post it here with hopes that someone can help me determine what it all means.

Logfile of HijackThis v1.92.0
Scan saved at 6:23:00 AM, on 3/13/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.earthlink.net/partner/more/msie/button/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.earthlink.net/partner/more/msie/button/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://start.earthlink.net/start?id=1&zzgo=1279365339
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL=http://www.earthlink.net/partner/more/msie/button/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page=http://rd.yahoo.com/customize/ymsgr/defaults/*http://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://rd.yahoo.com/customize/ymsgr/defaults/sb/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://www.earthlink.net/partner/more/msie/button/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default)=http://rd.yahoo.com/customize/ymsgr/defaults/su/*http://www.yahoo.com
O2 - BHO: (no name) - {02478D28-C3F9-4efb-9B51-7695E... Read more

A:Ran Hijackthis v1.92 as suggested can anyone help from here

Don't see anything that shouldn't be there.
 

2 more replies
Answer Match 39.48%

I am looking for a tool that will rip cd's into MP3 format, and write/rip blu ray discs easily and quickly. Whats the best software out there for this? Also, I don't think that windows media player plays Blu-Ray discs, so I was hoping someone could show me a good program for playing those.

Thanks
 

A:Suggested software...

For ripping, try WMP itself. It's pretty good at ripping music CDs and the like into MP3.
 

13 more replies
Answer Match 39.48%

Not sure if I have put this in the right place but here goes
1. Browser Choice. In Europe we get this option. But when it is taken (I stayed with IE10) the Browser Choice App remains and I cant get rid of it. There seems to be no means to uninstall it. Tried various sites on the web nothing works.
2. In the useful tutorial on backup using W7 recovery in Control Panel there is an option to backup system image to an external drive. I have one @1Tb but it starts then says cant proceed drive full - when it clearly is not. Any ideas? Is it not possible to backup the system image to SkyDrive ?
3. I do not use the Start Screen (Metro) as such but do put into it useful stuff that I need at odd times eg Administrative Tools. There seems to be no way to resize or recolour the tiles apart from "large" or "small". This is a nuisance as it gets too big to fit the screen. I found a site on the web that says it does this but my Rapport tells me it is unsafe so I have not tried it.
4. Is there a way to sort a block on the start screen(Metro) alphabetically without dragging tiles around one at a time.
5. A tutorial on each of these would be grand. I have found tutorials truly useful generally.
Thanks
Brian Winch

More replies
Answer Match 39.48%

Hey, I just bought a new Macbook Pro and currently I don't believe I have any type of security on it. Any suggestions as to what I should download?
 

A:Suggested Mac Security?

6 more replies
Answer Match 39.48%

I cannot stop suggested searchs. I have un checked "suggest search as I type" box on adjust toolbar options but they still drop down

A:suggested searches

With what program?

1 more replies
Answer Match 39.48%

No matter how often I say "No" to "Suggested sites" in IE 8 (Windows 7) it keeps coming back and hogging my taskbar. Is there a way I can shoot this thing so it stays dead?

A:Suggested Sites

  
Quote: Originally Posted by Edsaid


No matter how often I say "No" to "Suggested sites" in IE 8 (Windows 7) it keeps coming back and hogging my taskbar. Is there a way I can shoot this thing so it stays dead?



Hello !! Welcome to SF !!

I guess the IE is messed up resulting this behaviour. The best thing to do would be to reset IE to default settings then try to turn off suggested sites might fix it.

Tools | Internet Options | Advance | Reset

Hope this helps,
Captain

9 more replies
Answer Match 39.48%

Often when I log on to IE 9, suggested site icon appears on my favorites bar. I can remove the icon,but the suggested sites (3), keep coming back. How can I get rid of this icon once and for all.
Thanks
Wayne

A:IE 9 suggested sites

If you right click in the top bar you can uncheck the Favorites bar, but also via Tools - Internet options - Advanced - in the Browsing section, ensure that the box for Enable Suggested Sites is also unchecked - Apply - OK

And Welcome to the forum

3 more replies
Answer Match 39.48%

Hi friends,
I am an exclusive FF user (except for MS sites ).
I found a very good extension for FF which I would like to share with you. Its called Flashblock 1.5.1. Go to Mozilla homepage>extensions and search with above name. You will find it.
It stops all the flash materials on an webpage and gives you an option to allow it to play it or not. As most of the flash materials are AD so it also increases your security.
My yahoo pages are loading lightning fast now. Try it & LoL.

A:Suggested Extention for FF

Thanks src. Another one you might want to install for extra security is NoScript which blocks all javascript, and has an option to block flash as well. It puts an icon in the status bar which you can click to allow java/flash for a particular site if required.

9 more replies
Answer Match 39.48%

THANK YOU... I think,,, hehe, anyway check this and see what you think

Logfile of HijackThis v1.98.2
Scan saved at 5:00:09 PM, on 10/14/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINNT\system32\CTHELPER.EXE
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/?.intl=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://mail.yahoo.com/?.intl=us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Pr... Read more

A:mimo2005 I did all you suggested, new HJT log after fix

Run Hijack This again and put a check by these. Close ALL windows except HijackThis and click "Fix checked"


O4 - HKLM\..\RunOnce: [cetec] regedit.exe /s
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cetec.reg


navigate to the C:\Windows\Temp folder. Open the Temp folder and go to Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder.

Go to Start > Run and type %temp% in the Run box. The Temp folder will open. Click Edit > Select All then Edit > Delete to delete the entire contents of the Temp folder.

Finally go to Control Panel > Internet Options. On the General tab under "Temporary Internet Files" Click "Delete Files". Put a check by "Delete Offline Content" and click OK. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply then OK.


Empty the Recycle Bin


Turn off System Restore:

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
Restart your computer.

When you are sure you are clean turn it back on and create a restore point.


Go here http://www.pestscan.com/
and do an online pest scan .

if you don t have bhodemon 2.0 , get it
spybot search and destroy
adware se
all free good programs

and post a new log .

2 more replies
Answer Match 39.48%

My Altec Lansings are crapping out on me again. I need one with STRONG wiring & will last a long time to come. The quality isn't a huge issue since I'm just using the on-board audio. Nothing fancy like 5.1.

Help is much appreciated.


EDIT:

Oh and it needs a microphone D:
 

A:Suggested Headphones?

Personally, I think Bluetooth are great, because they don't have wires. I'm not sure if it has a microphone
 

1 more replies
Answer Match 39.48%

hello!

I am looking for an MOV converter that will convert MOV files to something that windows movie maker can read. (I am also looking for a better video editor but that's not too relevant right now.) I downloaded one MOV converter and since it only allowed me the trial version I could only convert stuff to audio, not what I'm looking for. Anyone have any suggestions?
 

A:suggested MOV converter?

6 more replies
Answer Match 39.48%

I've tried alot of Firewalls and can't really find one that works well with Xp. I've found that they ahve alot of problems with the different use4r accounts such as not being able to access E-mail form bot of my accounts even though I have it enabled in BOTH instances. (just a aexample) Has anyone who has multiple user accounts AND uses Outlook or something similar (not Hotmai) had anysuccess with XP and firewalls? please clue me in.
 

A:Suggested Firewall for XP?

I am using Zonealarm 3.0 (I think that is the lastest version) and also running XP with multiple (6, with 2 seperate ISP's) email accounts set up and have not had a problem with it yet. That would be my choice for a firewall. Besides... It's free. Just my 2 cents
 

1 more replies
Answer Match 39.06%

Hi All

I currently work for a mid-sized company that is at a crossroad. The company has used Linux based applications for a number of years which has worked fine for their servers, security, etc. (The desktops have Windows 7). I'm seeing more growth potential with the company and wanted to be ready when the time comes to upgrade the current infrastructure.

So, I have the opportunity to attend some sort of training to help plan for the future and wanted to see what you guys suggest. I'm looking at training for Windows Server, VMWare, or Linux training). I'm looking mainly at providing a better security environment for the company. What do you guys suggest

Thanks for any input
 

A:Suggested Training for Servers

If the company is Linux based then I would probably focus on Linux training until I knew Microsoft server skill would be needed.

I personally took the Microsoft Official Courses (MOC) in a class room setting, then went to a certification boot camp for 15 days. The boot camps are focused on getting you certified more than making sure you learn everything but you can't help but learn. Having done the courses before hand made boot camp easier but it was still the hardest 15 days I ever spent.

You need to pick one of your options to focus on and see what training is available in your local area. Also be aware the of the 'cloud', if the company goes that direction skills different from 'server' will be needed.
 

1 more replies
Answer Match 39.06%

OK....so lately i have been getting error messages as soon as i sign on XP and right after the error message comes up, my sound card gets all messed up. Here are the error messages.

after those error messages come up, my sounds gets messed up.
(see below picture)

any ideas? HiJack This log is available upon request. So is any other information needed to solve this problem.

Thanks,
TRBMan

....more pictures




help me!
 

A:Somebody suggested that this was a virus problem.

Please stop creating multiple threads for the same problem.

http://forums.techguy.org/windows-nt-2000-xp/493020-error-message-followed-sound-card.html
 

1 more replies
Answer Match 39.06%

Are there any decent video cards for around $60US that are good for gaming? I just bought this desktop off of someone, and it came with a not-so-good graphics card (nVidia 9400GT). I'm looking for cards that will support Portal 2, CoD4, CoD5, CoD6, Black Ops, Minecraft, and Crysis 2.

I have a PCI-E 2.0 x16 cardbus slot.
 

A:suggested video cards?

16 more replies
Answer Match 39.06%

Help! My search browser keeps going to about:blank and I get a "Home search" page come up. I tried the recommended method in an earlier thread to run swsserviceremove, cwshredder Hijackthis and aboutbuster. It worked the first time I rebooted and opened IE, but then soon resorted to the initial problem. Here is the Hijack log:
Logfile of HijackThis v1.97.7
Scan saved at 6:06:02 PM, on 10/24/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\WINDOWS\system32\atlik32.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\WINDOWS\Sys... Read more

A:Hijack log, tried suggested fix, still goes to about:blank

14 more replies
Answer Match 39.06%

Having had more than my fair share of experience with viruses and spyware recently, here's the 2 tips that I give all my customers:

1 - Never click on anything that pops up on your screen unexpectedly. Just right click on the application (usually it's Internet Explorer) in the Task Bar and select "Close" from there. Alternatively, press Alt and F4 simultaneously in order to close the active window. Still another alternative is to use Task Manager (Ctrl - Alt - Del) to close the offending program.

The reason for this is that the "bad guys" can make the window say anything that they want. For example, they can make the little X in the upper right corner of the window (normally used to close a window) actually install the bad stuff on your system.

2 - Don't ever, ever open any email! Yeah, that's a bit extreme - but the bad guys can fake an email from your best friend and you'd never know it until you checked with your friend.

So, always suspect emails with attachments - they're where most of the damage is done. It doesn't matter if it 's just a picture, or if it's a strange file that you have no idea about - they can all be infected with viruses. If you open one, make sure that your anti-virus and anti-spyware programs are running and scanning.

The best way is to "preview" your emails before opening them. Using web-based email, read the text before deciding if the attachment is from someone safe. For email on your computer, use a ... Read more

A:Suggested Safe Practices

good point usasma, i know as of late i have been seeing alot of the popus that have an embedded X to close the popup and once you click it will either open a new browser or send junk to your cookies from trackign to even spyware.Alt F4 is the way to go.this is a very valid point ; I recently 'worked' on a very badly infected computer ; the owner and the child felt something was wrong when strange web pages appeared on their computer ( needless to say the child had been using P2P stuff); to close the popups' windows they too clicked on the X in the corner; by so doing matters went from bad to worse and worse and worse..........their delay in seeking help and continued use OF the P2P stuff until I met it , and saw for myself what WAS happening meant that ,despite input and guidance from experts ON getting rid of this rubbish to try to clean it , eventually proved to be impossible and a complete reformat and reinstall was required so, X marks the spot where preferably NOT to go on pop-ups

22 more replies
Answer Match 39.06%

Hello,

I am running Windows XP on Pentium dual core 2.5 GHz with 3 GB of RAM. I am already running Symantec anti-virus software as my default tool. I would like to know your suggestions on which other anti-spyware/anti-malware/firewall tools I should keep running in background in combination with Symantec ? This is just on everyday basis to prevent spywares/viruses/malwares from creeping in.

While not compromising on security, I would like to mention that I don't want too many programs either to hog resources from normal computer work.
Thanks in advance.

A:Suggested softwares to keep running

Spyware blaster does some realtime blocking i believe. Also SUPERANTISPYWARE is good for finding spyware (do short scan daily/few times a week, full scan at least once a month-There are portable versions on the website if you are short on space or want it for others).Malwarebytes Good tool to remove a lot of forms of malwareWith those 3 + my comodo AV i can usually remove anything that i get.Those are all free too so its good-Scott

2 more replies
Answer Match 39.06%

I know this conflicts with advice posted here re computer slowness. I am going to follow those suggestions, but wanted to post this in case there is something glaring Thanks in advance and I'll be busy while waiting for an answer! Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:45:31 PM, on 3/30/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Yahoo!\Search Protection\SearchProtection.exeC:\PROGRA~1\Yahoo!\browser\ybrwicon.exeC:\Program Files\Registry Mechanic\RegMech.exeC:\PROGRA~1\Yahoo!\browser\ycommon.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\HP\KBD\KBD.EXEC:\Program Files\Spyware Doctor\pctsTray.exeC:\windows\system\hpsysdrv.exeC:\WINDOWS\system32\hphmon06.exeC:\WINDOWS\system32\hkcmd.exeC:\Pro... Read more

A:Updated Hijack This; they suggested this

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until ... Read more

5 more replies
Answer Match 39.06%

i was wondering what settings i should have on so that it looks great, and i dont experience any choppiness at all. this is my first time dealing with graphicly intense games and gaming rigs

specs:

amd athlon 64 3500+ venice
1 gig dual channel ram
geforce 6800gt
 

A:suggested settings for battlefield 2 on my pc

I would say 1024*768 with most of the other settings on high.

You could move the resolution higher, but if you don't want any lag, and if you plan to play online, I suggest using the above resolution.
 

1 more replies
Answer Match 39.06%

Hello, I've been lurking on these forums for a while, and decided to finally register and add a few of my thoughts on software here. There are some excellent threads on good software around this part of the forum, but as always I have some favorites of my own.

Here's my list of useful (free) things; It's not a COMPLETE list, see the stickies for that.. Some of the things I'll list here are alternatives to suggested software in other threads, I'll try to give a brief comment on why I prefer one over another.

NKProds nCleaner - While ccleaner does a good job, it has messed things up for me a number of times. nCleaner hasn't caused any problems at all for me (yet). It does a wonderful job of cleaning up (both disk and registry), and also includes some basic tweaking. The UI is a huge improvement over the really unintuitive ccleaner, and is definetely a better choice for inexperienced users (I recommend it for everyone though, regardless of level of expertise).

PeaZip - It looks better than 7-zip, unpacks TONS of formats and has a native x64 binary... Nothing else to say.

HotSwap! - Safely remove eSATA drives (and other stuff if you choose).... Yes, it needs to be done.

Serious Samurize - Widgets on steroids, there's nothing more customizable. It's not made to be simple though, so expect to fiddle about ALOT if you want something unique.

There goes... Just my few cents.

A:Some suggested software that does a great job.

FWIW, 7Zip also has native 64bit binaries as well....

But I do like Pea, almost as much as I still love me WinRAR....

4 more replies
Answer Match 39.06%

I think my computer, a Dell Dimension E520 runing Vista Home Premium, is infected. When starting Windows it gets into a loop of (1) "Windows host process (rundll32) has stopped working" then (2) "windows explorer has stopped working" ; (3) "Windows explorer is restarting" and it repeats.This seems to be the same problem as this post: http://www.bleepingcomputer.com/forums/ind...amp;hl=rundll32I can't keep any windows open long enough to load and run the various programs suggested by BC. Any suggestions??

A:maybe infected, but can't run any of the suggested fixes

Please provide a log file of ESET SysInspector:Download ESET SysInspectorhttp://www.eset.com/download/sysinspector.php- Start program through the SysInspector.exeThe program will collect information about the situation on your machine.- When "inspector" is ready and log file - generated, select File> Save Log- Confirm their wishChoose to save the file somewhere and then use the forum option to attach that file to your comments.

9 more replies
Answer Match 39.06%

I type up a lot of reports for work and save them, print them and sometimes email them. But i dont like microsoft office and i was wanting a good program that doesnt take up a lot of room, but still has features that i could use...spell check, page alignments, and maybe even a suggestion box. Any suggestions on what i should use...
Thanks...
 

A:Solved: suggested sofware..

10 more replies
Answer Match 39.06%

Everything was running fast and fine, and then "bam", things started slowing down. Going from page to page is like dialup. I have XP Home and from time to time when one user logs off, the screen goes black and we have to turn off and restart. I have run Spybot, Norton, CWShredder, etc. I also checked BlackViper, but I would rather have someone take a look a my Hijack before diving into my registry. The only thing I have installed in the last 3 weeks was the America's Army game. I uninstalled two days later.

Thanks,
Freakzilla
Logfile of HijackThis v1.97.7
Scan saved at 11:50:44 AM, on 11/25/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\program files\support.com\bin\tgcmd.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\WhiteCanyon\SecureClean 4\scregmanager4.exe
C:\Program Files\WhiteCanyon\SecureClean 4\sctray4.exe
C:\Pr... Read more

More replies
Answer Match 39.06%

i tried to run both the suggested programs for reporting but both failed to install because i am using x64. are there any other programs like this for vista x64? i would like to post my scan results from hijackthis and see what u all think. any help would be appreciated. thank you in advance!!!

i attached the log file just in case...

A:Vista x64 cant use the suggested programs

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 39.06%

my friend told me that i should turn my video card down from 8x to 4x to make battlefield work. how do i do that? i looked at my BIOS but i couldnt find it. would it work anyway? why can the PCI version of my card work with battlefield but my AGP cant.
 

A:battlefield 2 solution suggested to me

15 more replies
Answer Match 39.06%

I'm pretty stingy with my cash, but still like to play games. So, I was wondering what the best video card would be for me. I was thinking of getting an ATI Radeon 9200 128MB, but if anyone has any better suggestions I would be happy to hear them. I'm only looking to spend around $60.

My computer only has a PCI slot, just for reference.
If any links could be posted to good deals on a good video card, that would be great.
 

A:Suggested Video Cards?

What games are you interested in?
 

3 more replies
Answer Match 39.06%

I can't actually put my finger on anything more specific than "a woman's intuition" that my PC isn't performing as it should. It seems to be slow compared to what it was when new a year ago. I realize that some slow down is expected due to programs added,etc.
I just don't know where to start. It's been suggested that I do a "back to factory" but I can't do that just now. One of my big worries is that I relied on two separate people to set my PC up for me & now after all the reading I've done here at this forum, I'm not sure they know as much about computers as I thought they did.
I'm a dummy myself & don't understand a whole lot so am wondering if it would be worth running some scans like 'check disk, sfc/scannow',etc. just in the 'info mode' instead of a 'repair mode'? I guess my own dumb reasoning is that I'd like to know what, if any, the issue is before it's fixed. Or does the scan give more info than I think it might?
I'm quite sure I'm not having any problems with malware.

I have Avast & MBAM.

Thank you.

A:Which suggested scan option is best?

Well more reading. This Tutorial will give several suggestion. Some I use and some I don't.
It will be your choice.
Take a close look at #7 & 8.

Optimize Windows 7
All the suggestions are guides that can be use but might not meet your computing needs.
If you have question just ask.
A couple of clean up methods I use could also be helpful.
CCleaner and disk cleanup extended.

I would not recommend using the registry cleaner in CCleaner unless you fell completely comfortable in the registry.

CCleaner Free download and review from SoftM8

Disk Cleanup : Extended

5 more replies
Answer Match 39.06%

I am posting this as suggested.....I took my computer in to the computer shop to get new stuff put in...motherboard, graphics card etc....was suppose to be like brand new....when i got the computer back it was fine...then of course, i put back on some things i had on my old computer like stopzilla, java, norton antivirus etc...anyway, things seemed to be going ok one day and then the next day i was getting little squares on the top left of the title bar at the top of the web page when it should have said "internet explorer"...i went to a site to log in to check something like i normally do but the "button" i usually click on wouldnt work...the page that should have opened up didnt. But when i click on a normal link like when you click on a word to bring up another page, that works but not all the time...i re installed explorer 7....didnt work...i tried suggestions from members on this board to do with regedit changes and that didnt work..even though i must say that after doing the regedit stuff, and then i opened another web page, the words internet explorer did appear for about 3 seconds...i tried spybot, stopzilla, etc and nothing seems to work....my computer is up s**t creek without a paddle....maybe internet explorer 7 isnt as good as its suppose to be or just something gone wrong with my computer...let me know if you need to know anything else....thanks to those who volunteer their time to help me......

A:Posting this log as suggested..hope someone can help me.

Guess what ....you arent gonna believe this....i uninstalled stopzilla and everything back to normal...i just dont believe it could have been that simple...!!!! so sorry to have bothered everyone! By the way, can anyone suggest a pop up blocker that wont effect my computer like that again!..............many thanks...linda

2 more replies
Answer Match 39.06%

Hey everyone.

I used to have an old wifi but it's that old the software I used to use to set it up doesn't even run under 7. This isn't really my problem though since I was pretty sure I'd have to update anyway. It's unlikely it would be able to repeat a signal from an N router let alone use anything better then WEP.

Anyway. I was looking for suggestions on getting a good repeater. I saw this one: Best Wireless Repeater | Wifi Repeaters Boosters and Range Extenders which looks pretty good. I've never used anything from Amped before though so I'm kind of tempted to go for a Netgear or something instead.

I was also considering buying a router and setting DD-WRT up but I don't know how they compare?

Cheers for any advice.

A:Suggested WiFi Repeater?

I can't say I have heard of Amped before (besides the drink...), but at work we have had good success with Hawking range extenders.

2 more replies
Answer Match 39.06%

I have IE9; Suggested Sites keeps appearing on my toolbar, even though I have unchecked it in the options. Is there a way to prevent Suggested Sites from appearing?

A:Suggested sites keeps appearing

Try this

Disable and Remove Suggested Sites From Internet Explorer 8 - How-To Geek

1 more replies
Answer Match 39.06%

Hi My sons PC is crashing lots, it did not do this until he updated windows 8, however having produced a fresh w8 install it still does it, I then installed w7 as a fresh install it does the same, the diagnostic info from the crash dumps from (whocrashed) are given below, this suggests USB issues. Sometimes the computer will last an hour before it crashes others it lasts seconds. When I start it in safe mode there are no crashes.
It does this with the original MOBO chipset disks and also the latest set from gigabytes website, for both w8 and w7
Is it software or hardware processor or Mobo, any help gratefully given. Would flashing the bios help?
Thanks
--
System Information (local)
computer name: JAY-PC
windows version: Windows 7 , 6.1, build: 7600
windows dir: C:\Windows
Hardware: Gigabyte Technology Co., Ltd., H61M-S2PV
CPU: GenuineIntel Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz Intel586, level: 6
4 logical processors, active mask: 15
RAM: 8478183424 total
Crash Dump Analysis
Crash dump directory: C:\Windows\Minidump
Crash dumps are enabled on your computer.
On Sat 16/05/2015 21:18:53 GMT your computer crashed
crash dump file: C:\Windows\Minidump\051615-5928-01.dmp
This was probably caused by the following module: usbport.sys (0xFFFFF88004626068)
Bugcheck code: 0x50 (0xFFFFFA880B4E5500, 0x1, 0xFFFFF88004626068, 0x5)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\Windows\system32\drivers\usbport.sys
product: Microsoft? Windows? Operating System
company: Microsoft Corpora... Read more

A:win 7 crashes suggested USB issues

Please follow the instructions in the big note at the top of the page.

5 more replies
Answer Match 39.06%

OK so the cheap DLink DI-524 I bought gives me BSOD's.

Does anybody have any suggestions for a cheap wireless router that works with x64. It will be hardwired to the Vista x64 machine and I'll use my XP laptop and PSP for the wireless link.

Thanks...

A:Suggested wireless router for x64

linksys wrt54GL

running dd-wrt firmware and no problem so far. vista even recognizes it in the "connect to" menu

1 more replies
Answer Match 39.06%

Free Microsoft Security Essentials Holds Its Own Against Paid AV - Softpedia

A:To all that use and have suggested Security Essentials

Nice to know.
I use it exclusively, mostly because I don't see a reason to use anything else at this point. I'm not going to pay for something just for the feeling that "paid is always better".
I have it on my moms netbook(Win7), my laptop(Win7), my kids pc(XP), and my old pc(Vista) which my kid uses when he's at my place. Not once has there ever been a problem.

But always keep in mind, browsing habits are the first line of defense. Doesn't matter how much you did or didn't pay, if you're not careful in the first place, it WILL happen....protected or not. Nothing is perfect.

6 more replies
Answer Match 39.06%

Hi, so when my computer was upgraded to Windows 10 Internet Explorer was updated as well. I want to know how to delete a suggested site on the new version of Internet Explorer. I had copied and pasted a website into a new tab and now every time I start
to type a site into the search bar on a new tab that one pops up. I want to know how to remove just that site suggestion. Thank you!

More replies
Answer Match 39.06%

Hello,

LINK TO FILES
https://drive.google.com/folderview?id=0B2D4Ia2f0L5iMmllT0xybnF3VEE&usp=sharing
I started having a BSoD Loop occur this morning.
I built this computer about one month ago.
I actually was having a similar issue with my prior PC

The only hardware that is the same in the tower is the RAM and the Power Supply.
It has taken a long time to be able to compile this information between crashes.

Most Common BSoD ERRORS:
SYSTEM_SERVICE_EXCEPTION
SYSTEM_THREAD_EXCEPTION_NOT_
KMODE_EXCEPTION_NOT_HANDLED (Was the first I received)
PAGE_FAULT_IN_NONPAGE_AREA

I have several warning events for:
The driver \Driver\WudfRd failed to load for the device SWD\WPDBUSENUM\{af6ce934-2f17-

That may coincide with the crashes, i am not sure.



I ran a system restore

I ran windows update

I ran DSKCHK

I ran Driver Verifier

I have disabled fast start up

I have disabled Drivers that show up yellow in safe mode (Printer and Generic PnP Monitor)

I changed my allocated Virtual Memory/Page File size



I ran one full pass of Memtest86 with 0 errors

I then reran it with all CPUs in parallel for more passes, but it would crash in the first minute.



Prime95 instantly crashes



Thank you so much for any help you can provide,and let me know if there is anything else I can provide
Read more

More replies
Answer Match 39.06%

Hi, I had a post from another part of the forum when I thought it was just firefox I was having trouble with. Then I was getting problems elsewhere too. If it's an infection it must have happened pretty fast. I reinstalled firefox and the problem persisted there, but like I said weird behavior on other browsers too and also had computer screen freeze and make weird beeping sounds twice and I shut it down and restarted. Here was my original post:
"I don't really know if it was a hard disk or a hard drive or if it's related to the problem in any way. I've also had a cat walk across the keyboard a few dozen times. Could've been that! Anyway, I had my laptop hard disk or drive go bad and all my info get wiped after only a few months with this new Dell. No sign it was going it just went out of nowhere. First time this happened to me out of nowhere. I lost a CRAPLOAD, people! Anyway, I reinstalled firefox which is my favorite browser and now it's acting very strangely and I can't seem to figure it out.
 
*I can't log into some sites, and it tells me about updating adobe when I have it updated and the same sites work on a different browser.
 
*When I highlight text, I lift my finger up off the pad and it un-highlights.
 
*I press down and scroll along a game screen to travel within that program window and it selects wherever I stop even if I didn't click anything.
 
*The scrolling function seems like it will randomly have me clicking exit where my pointer is nowh... Read more

A:It was suggested my issue is an infection so...

Whether it is a cat-astrophe issue, malware, adware or combination of both....you can do some scans to help find out. Start with looking for malware and adware.
 
Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the
Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.
After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.
CCleaner - PC Optimization and Cleaning - Free Download
 
Download Malwarebytes' Anti-Malware from Here
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
The scan may take some time to finish,so please be patient.
If potential threats are detected, ensure that Quarantine is selected as the Action for al... Read more

3 more replies
Answer Match 39.06%

I got a pop-up window stating that I needed to install a critical update (unfortunately I didn't get a screenshot of this, just clicked okay). A subsequent window cryptically stated, "ThinkPad BIOS Flash Update Utility: Version 29.17, please choose Update ThinkPadBIOS or Update model #" without explaining why I'd need to do so, although the window looked otherwise legit. I ignored the window and it hasn't come up again. Also, I couldn't find anything on this site or elsewhere about a critical BIOS update needed for my laptop. Should I be concerned about updating my BIOS?I checked the bios version from my command prompt, and it is 1.17.

























thinkpad_bios_update_2016_11_17.jpg ?35 KB

More replies
Answer Match 39.06%

Ok, quick synopsis: I've had more frequent pop-ups, but nothing insane. However, my computer has been running extremely unstable. My desktop backround has been replaced with an "ad" informing me of spyware infection and I've been unable to change it. My audio drivers constantly and randomly go out, leaving me without audio. If I leave my computer idle for 10 minutes or so Windows crashes and I get that blue screen. Upon restart, I get the blue screen 4 out of 5 times. Overall it runs very slowly when it is operable. I'm unable to update my virus definitions in both AdAware and Ewido (or whatever it's called) and my computer can't make it through a scan.

I went through the five steps, but was unable to complete the Panda scan as my computer would crash before completion. Here's my updated log, thanks in advance for any help--it's much appreciated:

Logfile of HijackThis v1.99.1
Scan saved at 8:35:27 PM, on 8/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program F... Read more

A:HighJack this log. Please help, already went through the suggested 5 steps...

Hello and welcome to TSF.

Apologies for the long delay in response. We have a large number of HijackThis logs to handle and it?s taking us longer to catch up. If you haven?t received help elsewhere already and still require assistance please post a fresh HijackThis log. However, you are using an old version of HijackThis, please follow the instructions below do download and run the latest version.

CLICK HERE to download the HijackThis Installer:Save HJTInstall.exe to your desktop.
Double-click on HJTInstall.exe to run the program.
By default it will install to C:\Program Files\Trend Micro\HijackThis.
Accept the license agreement by clicking the "I Accept" button.
Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
Click "Save log" to save the log file and then the log will open in Notepad.
Click on "Edit -> Select All" then click on "Edit -> Copy" to copy the entire contents of the log.
Come back here to this thread and paste the log in your next reply.
Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

You may uninstall/delete the older version once you have successfully downloaded and installed the latest version of HijackThis v2.0.2.

13 more replies
Answer Match 39.06%

Another day, another pointless and waste of my life ie11 problem.
What is it today?  enterprise mode? Activex? nope, suggested sites.
Tell me why every user has 100s of suggested site links adding to their favourites bar? Also why are all of them empty. Just 100s of empty favourites called suggested sites.


How does this software get released.
This is the same in windows 10 as well, so don't come with that non sense about it being a windows 7 problem.

At least in windows 10 ie11 doesn't need 10 broken prerequsties and another 10 cumulative updates before it works correctly.

More replies
Answer Match 39.06%
Answer Match 39.06%

Had issues with screen freezing on different websites.  Ran Eset and other programs per advice from buddy215.  (See post titled "Frozen" in "Am I infected" forum.  buddy advised posting here.
 
FRST log:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Michael (administrator) on MICHAEL-HP (15-01-2016 12:24:09)
Running from C:\Users\Michael\Desktop
Loaded Profiles: Michael (Available Profiles: Michael)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) C:\Program Files (x86)\... Read more

A:Frozen - Suggested by buddy215

Hi matchead
 
My name is polskamachina and I would like to welcome you back to the Malware Removal Forum. I will be helping you with your malware issues.
What follows below are some ground rules for this forum.
I will reply as soon as possible (typically within 24-48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, please let me know. I am in California at GMT-8 hours (Pacific Standard Time). If I do not respond to you within 48 hours, feel free to send me a private message.
Some points for you to keep in mind:
Do NOT run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
Do not attach logs or use code boxes, just copy and paste the text.
I cannot see your computer. Periodically update me on the condition of your computer, and provide as much detail as you can in every post.
Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.
NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a flash drive, anywhere except on the computer.
NOTE: It is good practice... Read more

7 more replies
Answer Match 39.06%

Please I need help desperately. I think my problem started when I recieved a Windows update. Not sure but best I can remember. I run win 98/me. When it boots up it acknowledges the CD-ROM but it will not run. It always says insert cd. I have tried everything I can think of and all the suggestions you guys have had posted.This is a:
M5-SIS530A/USD44X/Built-in Solo 1
Built-in VGA/USRobotic 2975-81
Windows 98 Bundled/MS Value Pack 99
Processor:
400megahertz AMD K6-2 w/3DNow!
64 kilobyte primary memory catch
512 kilobyte secondary memory catch
Drives:
4.30 Gigabytes Usable Hard Drive Capacity
3.08 Gigabytes Hard Drive Free Space

ATAPI CDROM [CDROM DRIVE]

Generic IDE hard disk drive (4.30 GB)

CONTROLLERS:
Standard Floppy Disk Controller
Standard Floppy Disk Controller
Primary IDE Controller (dual Fifo)
Secondary IDE Controller Dual fifo)
SIS 5513 Dual PCI IDE Controller

BUS Adapters

SIS 7001 PCI to USB OPEN HOST CONTROLLER (do not use)

Communications
US Robotics Win INT [modem]

Main Circuit board
Biostar Group M5SAA 1 .x
BIOS:Award Software International, Inc. 4.51
PG 02/24/99

Memory Modules
280 megabytes insatlled memory

Local Drive Volumes
con drive 0) 4.30GB 3.08GB free

I have more info if needed but know this is alot!!
This is the readout since the mess up I know this is alot but please I would appreciate any help at all..

fibrofilly
 

A:CD-ROM will not operate have tried all the other things suggested

16 more replies
Answer Match 39.06%

Hello - I am using IE8 Windows 7, and lately whenever I google something, and find what I am looking for - when I click on the suggested site - the new screen stays blank.

In exasperation I opened up Mozilla Firefox and I had no problem opening the suggested page that I had previously googled.

Can anyone help please?

Judy

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows 7 Home Premium , 64 bit
Processor: Intel(R) Core(TM) i5 CPU 661 @ 3.33GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 3895 Mb
Graphics Card: LogMeIn Mirror Driver, 2 Mb
Hard Drives: C: Total - 476837 MB, Free - 444156 MB;
Motherboard: ECS, H55H-M, 1.0, 00000000
Antivirus: Microsoft Security Essentials, Updated and Enabled
 

A:IE8 not opening up suggested sites

I have rephrased the message to hopefully make it clearer. (as I have had no nibbles lol)
Judy
 

1 more replies
Answer Match 39.06%

I'm running a P-III/500 machine with an Abit BE6 MB using W98SE.

The MB will support up to three 256MB DIMMs for 768MB total.

I've been getting conflicting advice from salespeople as to whether it's advisable to limit W98SE to 512MB or go to 768MB.

Some say to max it out. One says W98SE has a memory leak problem above 512MB and performance will go down.

Most agreed that upgrading from my current 256MB will show a marked improvement in performance -- apps loading, resources available, less crashes due to pushing the multitasking.

Should I go to 512MB, or should I go to 768MB?

Thanks!

Joe
 

A:Maximum suggested RAM for W98SE?

16 more replies