Computer Support Forum

Home WinXP Box - constant popups from avast Network Shield - assistance requested

Question: Home WinXP Box - constant popups from avast Network Shield - assistance requested

I've got something screwy going on with my home WinXP box, and I'm hoping someone here can point me in the direction of a solution to the problem.
I'm running XP Home, Service Pack 2, on a machine with (according to the properties tag) 960MB RAM. I've been running Avast antivirus, and allowing it to update definitions automatically. At the time this incident happened, the most recent update it had acquired was from yesterday morning.
There was a power outage at my house yesterday morning, lasting for ~2 minutes. I powered the system back on after that, and everything appeared to be working; I mention this merely for completeness of information.
The first symptom of my problem occured yesterday afternoon. I heard the little 'ding' sound made by a download finishing, during a time where I had no downloads running, and within a few minutes of this, my system seemed to grind to a halt. Anything I already had running would continue to work, but I couldn't open anything new, including the windows task manager, nor could I get new pages to load in the copy of Firefox I was running. I was planning to visit my parents' house at that point, so I powered the system down and took it with me. I had to manually power the system down (done via the on/off switch just above the power cable socket); the attempt to shut the system down fell victim to the same halt as everything else.
For the record, I may have had Spider Solitare up when I heard the ding, and I had know that I had Firefox up with multiple tabs - one to a deep archive page (~200-250 pages deep) of the website '', a page from the Internet Archive Wayback Machine - circa May 2007 - for a site called, a Youtube page, and several pages either from the website or from Google Docs with fanfiction linked from said site. I had previously had some deviantart pages linked from said site up as well, but do not recall any of those being up at the time the problem began. Finally, I may have had a tab open to the website The notalwaysright and wayback machine pages had been up for several days at that point, and I regularly visit and have as yet had no problems I can trace back to it.
In my own home network, this machine is plugged via Cat5 ethernet cable directly into the router/modem. At my parents' house, it connects to their wireless network using a linksys wireless adaptor. I mention this because of the change in behavior evident in shifting between the two; I do not know that it is connected in any way to my problems, but wish to include it for completeness while describing the issue.
After arriving at my parents' house, I reconnected the cables and powered the machine back on. After the desktop came up, within a few minutes I received a message from Avast saying it had detected a threat. The exact message was:

avast! Network Shield has blocked a harmful site.
Object: (Personal note: The actual object extended beyond the range of the message block.)
Infection: URL:mal
Action: Blocked
Process: C:\WINDOWS\System32\svchost.exe

It should be noted that the original symptom, system slowdown, is probably also connected to this - after finally managing to get the task manager up (by restarting the system and popping it as soon as I could), I noted a copy of svchost.exe, listed as being owned by SYSTEM, that eventually hit 50% of the system's CPU usage, and ranged from thereabouts to a high of 99% CPU usage. I manually killed this copy of svchost with the task manager - the WinXP style for the taskbar and window borders briefly changed to the style I recall from Win98 before reverting to normal. It didn't seem to help; another copy of svchost ended up spawning and doing the same thing.
I ended up running a system scan after that, using Avast's quickscan option. During the scan, the Network Shield came up with that same message. That, in fact, is the problem I'm having - the scan did discover a few things, and I duly had them moved to the chest, then scheduled a boot scan and restarted the system, telling Avast to move anything suspicious into the chest. As by this point it was getting late, I went to bed. I was woken up at a few minutes after 11 by the same 'threat has been detected' message blaring over my speakers, with the same message popping up. A full system scan revealed no apparent malware (no files listed as infected), but that same message kept popping up at 3-7 minute intervals between repititions. Exact same message - I'd done a screenshot of one of the early ones, and was able to compare against each new repitition. Eventually I got tired of fighting it and powered the system back off.
Before I powered off the system, I did trigger task manager, and recorded the following list of processes running on it:
svchost.exe (multiple copies, variously owned by three things: Network Service, System, and Local Service)
System Idle Process
wuauclt.exe (owned by SYSTEM)
wuauclt.exe (owned by Owner)
I tried to track down a few of those that I didn't recognize via google search. I believe (but do not know) that my system may also have some kind of redirector on it, as the first one I tried, ViewpointService.exe, brought up a page of google links, but clicking on the link shown for ended up redirecting to another page. I did end up going to the website directly, and attempting to look over some of those, but of those I looked at, the only one I can recall that the site thought might be malware was jusched.exe, which it recommended removing from the system startup. I'm currently working on trying to figure out how to do this. I'm uncertain as to whether or not it will help - I did kill that process via the task manager, only to have the Avast message continue to pop up. I'm not sure that's the real problem here anyway; the copy I have is in the directory marked as 'Valid, but unneccessary', and there is not a copy in either the Windows directory or the System32 directory marked as target locations for the malware versions.
I'm currently sitting at work, with my home box up in place of my work devbox so I can type this on a good system (my work laptop). I've physically removed the Linksys Wireless card from the box, and ensured that there was no ethernet cable plugged into my home machine, so as to ensure that I didn't spread whatever it is that's causing the problem. I don't have speakers here, so it's possible I've missed something, but I don't recall having seen the avast message pop up while I've been here. (Going on almost two hours now.) While it's possible that my system has simply finally fought off whatever the problem was, I find it more likely that either the unknown problem process, or else Avast's attempts to block the process, require an active network connection.
Does anyone have any suggestions as to what my problem might be, or advice on where I can check to more clearly determine this? I would be very appreciative of either such.

More replies
Relevance 100%
Preferred Solution: Home WinXP Box - constant popups from avast Network Shield - assistance requested

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link (This link will automatically start a download of Reimage that you can save to your computer.)

Relevance 96.76%


I am looking for some assistance in choosing components for my home network. I would like to set up a gigabit network. I do have a few pieces already, but these do not need to be used. I have DSL from SBC with their standard modem. I do a lot of video work so the faster speeds of gigabit should be a great help.

My home was built a couple of years ago and as part of the build process I had structured wiring installed. So, I have a control panel which has ports for every internet connection. each room of my home has a wired internet port. They all are wired directly back to the control panel, home-run style. The DSL is separated from the phone line at the control panel and hooked up to the modem.

I have a D-Link DGL-4300 connected to the router and use the 4 ports from that to hook up just four rooms. I would like to hook up the rest, there are a total of 9 ports if I remember correctly. A couple of ports in different rooms have standard 5-port 10/100 Linksys switches installed. One port has the Linksys USB2.0 Network Storage Link with a couple of drives for network storage shared with my main desktop

So, I am thinking I need the router to then connect to a gigabit switch which I would then connect to all the ports so all rooms are active. I know that the Storage Link is 10/100, so to upgrade that I believe I would need to get a Gigabit Storage Link, of which I think only Buffalo makes something like that. My existing switches are 10/100. I do h... Read more

Answer:Assistance Requested in Home Network Set-up...

frankjp302 said:

1. To have gigabit speeds, does every component on the network need to support Gigabit speeds?

2. To allow for Jumbo Frames, does each component on the network need to support them?

3. Related to the above two...if one component(NAS) does not support Gigabit/Frames, would it be then that anything communicating with that component would be 10/100? But, communicating with anything other than that would be Gigabit speed?

4. Is there anything wrong with hooking up external USB drives to the desktop and using that as network storage?

I have done a lot of research, but I only know enough to know that I don't know enough to feel overly confident in setting this up.

Thanks for all the help!Click to expand...

1) No, you can mix 10bT, 100bT, and gigabit just fine.

2) You can't mix jumbo frames with non-jumbo-frame using devices.

3) gigabit devices talk to gigabit devices at gigabit speed; gigabit devices talk to 100bT devices at 100bT speed.

4) No, but USB1 is pretty slow.

2 more replies
Relevance 84.46%

Can someone please evaluate my "HijackThis" log below and tell me what has snatched my browser and started deliverying popups to my desktop.

I've already ran Ad-aware 6.0 and Spybot (both with latest reference files), plus AVG Anti-Virus and TrendMicro as well. Note also, I was running BHODemon and Google Toolbar but neither are working since infestation.

Any help would be greatly appreciated... Thanks.
Logfile of HijackThis v1.97.7
Scan saved at 4:18:29 PM, on 3/8/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe
C:\Program Files\Trend Micro\Internet Security\tmproxy.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\WMPCI54G WLAN Monitor\WLService.exe
C:\Program Files\WMPCI54G WLAN Monitor\WMP54G.exe
C:\WINNT\Syste... Read more

Answer:[Solved] Popups - Assistance Requested

7 more replies
Relevance 80.77%

Just like what is described in these two topics ( &
As in the other posts my laptop restarted itself last night and since then whenever I have been connected to the internet I keep receiving notifications from Avast saying that a threat was blocked:
The notifications are all the same and come in pairs(two at a time), I have tried following this guide with no luck (
If anyone has anytime to help out I would be really grateful.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.60.2
Run by k at 0:16:26 on 2014-06-25
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.64.1033.18.3986.1200 [GMT 10:00]
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D... Read more

Answer:"Avast! Web Shield has blocked a harmful webpage or file" constant notifications

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

12 more replies
Relevance 73.39%

Every time I click on the Account hyperlink to access my YouTube account on YouTube Avast Network Shield blocks the attempt. This is obviously a false alarm but I don't see a option to edit it's block list or to make a exception though I see it for the Web Shield. Is there anyway to fix this or do I have to pause it each time I want to access the account page on YouTube because thats the only thing that works.

Answer:Avast Network Shield Blocks YouTube/Account

Outlawstar15a2 said:

Every time I click on the Account hyperlink to access my YouTube account on YouTube Avast Network Shield blocks the attempt. This is obviously a false alarm but I don't see a option to edit it's block list or to make a exception though I see it for the Web Shield. Is there anyway to fix this or do I have to pause it each time I want to access the account page on YouTube because thats the only thing that works.Click to expand...

You're not alone, see Avast forum. Avast has acknowledged the problem and an update should be available soon.

1 more replies
Relevance 71.34%

I have looking at my network shield in Avast! Pro. I've noticed that whenever I open save file prompt I see spike.
It does not indicate infection and just goes on, is this stuff normal?

Malwarebytes doesn't see anything wrong. I generally get a spike precedes the 127... spike

Avast boot scan also finds nothing
Typing into Run gets "Bad Request - Invalid Hostname

HTTP Error 400. The request hostname is invalid."
Can anyone else on Win 7 Home Premium 64-bit try this for themselves?

Open a save file prompt and look at your network shield at the same time and see if that connection or a similar connection shows up.

I don't seem to have any weird issues otherwise.

I have attached the DDS stuff

Answer:Weird spike in Avast network shield whenever opening a save file prompt

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help


NOTE: We are aware that users sometimes seek help from several Forums at the same time. Unfortunately, this can cause confusion and actually wastes time and resources - yours, ours and other Volunteers across the community. If you have already posted at another Forum, please advise us, or them, and choose just one.

As this issue is being addressed at the Avast forums, this topic is now closed.

1 more replies
Relevance 68.88%

I have a Desktop (W7 Ult), a laptop (W7 Home Premium), an iPad 4, a Belkin 300N router, a Canon MP540 scanner / printer. At the moment my router is connected by Ethernet cable to the desktop; I use Wi Fi for the laptop and iPad. The printer is connected to the desktop by a USB interface so I print only from the desktop..
I would like to create a network such that I can transfer files between the computers, and to print from all 3 devices. I could, perhaps, connect the MP640 to the router by Ethernet cable, or use its WiFi, or leave it, but would prefer to be able to use it with the desktop off, so maybe the Ethernet cable is best. I could flog through instructions from the suppliers, but often find that someone here could offer a best solution, so I would be glad to receive suggestions. All my driver software is up to date.

Answer:Help requested to set up a home network

The best thing to do is to set up a homegroup and you will be able to share files, printers, etc. This article goes through it plainly step-by-step.
You say that you would prefer to use the printer without turning on the desktop. To do this you could either see if it is possible to connect your priner to your router by ethernet or usb - not all routers have this facility. Alternatively, as you say, you could set it up wirelessly, assuming it has a wireless function - it will then be available to all pc's on your homegroup - this article will take you through the set up.

5 more replies
Relevance 68.06%

WinXP, SP1 was fine until today when I installed 32 SP1 Windows updates. Now the hard drive shows almost constant activity, and Windows take a bit longer to start than before.

I ran a full system scan in Norton, which found adwares Crack.exe and NNEZTA388.exe, which it did not delete. I also ran AdAware and SpyBot, which turned up nothing.

What types of things can cause the hard drive activity? Where do I start to diagnose and fix the problem? I want to install SP2 and a wireless network adapter to go with my DSL.

Answer:WinXP Home--Constant Hard Drive Activity

jazzleighe said:

I ran a full system scan in Norton, which found adwares Crack.exe and NNEZTA388.exe, which it did not delete.

What types of things can cause the hard drive activity? Where do I start to diagnose and fix the problem? I want to install SP2Click to expand...

Crack.exe I think is "Reddw Worm" or variant, Look here:
Here some other related links:

The other NNEZTA388.exe Look Here:

The first thing to do is remove the Bugs/Virus/Spyware/Worms that Norton couldnt!

If your going to install SP2, the Best way is starting with fresh install of Windows XP.

If your going to run wireless, Ya might want to beef if your security knowledge.

This Thread probably should be in the Spyware Section as it's the root of your problems, Maybe the Mod's will move it there

1 more replies
Relevance 67.65%

I am having a problem in my sister's laptop. She does have antivirus installed (AVG Internet Security). However, its license expired, so I downgraded it to free version. After, downgrading it, I installed Avast! as it's antivirus and decided to uninstall AVG. Then, a few minutes ago after rebooting the laptop, a window opened saying that Trojan is infecting my computer, I heal it.. Then, another pops out. Heal and heal and heal..

After doing it, I rebooted the laptop thinking that it will refresh the system. Unfortunately, after rebooting, I cannot connect to Internet now. :cry :cry :cry Help me please? I already performed the Malware removing however, it did not help the laptop. I attached the files you asked me.. Please, help please? Thank you!

Answer:Avast error code 10050/No internet connection/Cannot start web shield in Avast

Welcome to Major Geeks!

Please attach the below log from Malwarebytes as requested:

"C:\Users\MSI\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\"
Oct 23 2012 11802 "mbam-log-2012-10-23 (21-32-26).txt"

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
R1... Read more

1 more replies
Relevance 67.65%

End webcam spying ? for good ? with Webcam Shield and Avast Premier

Essentially, with Webcam Shield you have total control over what (and who!) uses your camera. This means you can now force any app to ask your permission before it can access your webcam.

Simply put, Webcam Shield promises to:
Protect Privacy
Give you total control over your webcam
Help prevent blackmail
With webcams now embedded in so many devices, it?s never been more important to protect yourself and your family from prying eyes and those with unknown motives.

& +

Automatically fix and update over 127,000 drivers for peak PC performance
Less crashing Faster browsing Better graphics Richer audio Fewer device problems

Print, scan, import files. Play crystal clear videos and make crackle-free voice calls. Avast Driver Updater auto-scans and updates your drivers to reduce and prevent problems with:

Printers and scanners, Photo and video cameras, Headphones and speakers, Mouse and keyboards, Monitors and Wifi routers, and other external devices.

MORE : Avast Driver Updater & Scanner | For Peak PC Performance

Answer:Avast have new tools: Webcam Shield feature & Avast Driver Updater.

Windows has webcam shield built-in. It works great!

0 more replies
Relevance 64.78%

Hey guys, so I got a few questions here and want to ask the knowledgeable people for some advice. I'm trying to perfect my home network so that I can get the fastest, speeds, bandwith etc possible from what I got (or will get pending this post)

I currently have Xfinity (Comcast) package with 300mb/s download and 25mb/s upload. I am currently renting the modem from comcast : XFINITY - ARRIS Touchstone DOCSIS 3.0 Cable Modem and Wireless Router with Telephony Adapter (TG1682G)

I'm currently paying $10/month for rent on this mode.

My first question is: Is this modem decent? Or should I be looking into getting my own? I ask because I have had comcast replace my modem quite a few times over the years, and I'm not sure how dependable this or their modems are, and especially the bandwith/speeds provided, etc.. (FYI - I currently have this modem in BRIDGE mode, with wifi, etc disabled) connected to my router which I'll explain below.

I was looking at a Arris Surfboard SB6190 DOCSIS 3.0 Cable Modem.. but is it worth going that route? Or is the modem I'm renting from comcast sufficient and I should just keep it etc?

Second question: Coming from the rented cable modem (Port 1) I have it connected into a Netgear N750 Dual Band 4-Port Wifi Gigabit Router. (WNDR4300) This router has 2 wifi tables broadcasted (with the same name) at 2.5ghz/5ghz, has 1 PC connected, 1 smart TV, and then 1 Ethernet cable to my secondary router (upstairs)

The router upstairs is a... Read more

More replies
Relevance 64.37%

DanceHall (WorkGroup via wireless & wired router)
Table Dance (table top W7U PC)
Lap Dance (laptop W7HP wireless laptop)
Movie Dance (laptop Wxp wireless laptop used as DVR)

MovieDance sees nothing and no network.
TableDance sees nothing and no network.
LapDance sees Dancehall-> Self and TableDance
LapDance cannot access tabledance - unspecified error.

primary concern is getting TableDance shared so that i can share the printer on it.

Here is the current settings in TableDance (and you will find them a bit contradictory)

Any help would be appreciated.

and, if you please, don't tell me to search the forums.
because i did.
And i was unable to find anything helpful.

Answer:Seeking assistance with home network

They all need to be on the same workgroup

6 more replies
Relevance 63.55%

Hello i tried a couple of anti spyware and it says it cant remove Memory Shield and Bowser Home page Shield anyone know how to remove them, Thanks...

More replies
Relevance 63.55%

Environment: Both computes running Windows10 with Remote Assistance enabled for both.Error Message: A Remote Assistance connection could not be established.When I drive to my friend's condo and we are both connected to her Wi-Fi there are no problems viewing her desktop screen using Remote Assistance. So essentially we are on the same network.But if I try this from home or the Starbucks near where she lives, it doesn't work. (I am referring to accepting her request via email where she gives me the password to connect to her computer.)I am running Norton Security with Backup. So my first thought was FIREWALL settings. But after I went into Settings (for Norton Security) and disabled Smart Firewall, it did not help.Any ideas what other settings I could check?TIA.

Answer:Remote Assistance Only Works on Home Network

Thank goodness it doesn't work! You don't want anyone to have access using a wide open unsecured public network.

2 more replies
Relevance 63.55%

Hi all.

My dad recently got a laptop (an Acer Aspire 3634LMI with WinXP Home SP2) and a wireless router (a D-Link DI-524), so that 1) we can share an Internet connection, and 2) we can share the printer. Everything is set up, dad can access the Internet, and doesn't cause interference with my connection.

Anyway, I'm up to setting up printer sharing. The desktop (see specs above) is connected to a HP multifunction, and set to be shared. However, something strange is going on. My desktop can't see the laptop at all, and the laptop can see the desktop, but can't connect to it.

They both have the same workgroup name, so I know that's not the issue.

Can anyone provide tips to getting the setup working smoothly? Thank you in advance.

PS, this'll be a damn sight easier if it was WinXP Pro. Simple File and Printer sharing is a piece of s***, in my books.

Answer:Solved: Assistance in setting up a home network

9 more replies
Relevance 63.55%

ok so my neigbor is really crap at computers,right so im sick of driving to his house so i tried to set up "remote assistance" but i can seems its not possible for the PC's to find each other i dont know how but i start it up and bang 30s later to connection? im scratching my head cause i actually called micrisift (idiots) and the tech guy actualy said he dosnt know whats wrong (isnt that against policy to admit the dont know wtf is going on?)
help needed

XP. SP3. broadband connection.
vista SP2 broadband.


Answer:xp to vista remote assistance (not home network)

ActiveX has to be enabled, and your neighbor's computer has to be set to allow remote assistance.

4 more replies
Relevance 61.91%

The following HJT log is the result of a machine I was looking at after cleaning. I'd already removed 26 viruses and around 70 adware type things since the machine had been misbehaving quite badly.

The following log is what was left and there seem to my inexperienced eyes to be a few dodgy looking things. Any assistance would be appreciated!

Logfile of HijackThis v1.97.6
Scan saved at 19:17:32, on 01/09/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\WINDOW... Read more

Answer:HJT Assistance requested please.

11 more replies
Relevance 61.91%

Good Evening All,

I am respectfully requesting assistance with setting up a VPN in order to play Star Wars: Empire at War with a friend. I have never set up a VPN despite my experience with networking. Any suggestions and guidance on how to get this done would be much appreciated as I have no idea what I am doing.

Thank you very much!

Answer:VPN Assistance Requested

Why do you need vpn to play an online game?

3 more replies
Relevance 61.91%

I was online, I had surfing protection on and a pop up blocker, a message box opened it asked that "ctfmon.exe wants to make changes to my computer allow or cancel" I selected cancel thrice the box remained clicked the "X" in the corner
box still remained I closed my browser. The box was gone when it reopened but my performance monitor came up shortly after 100% cpu usage. I opened task manager ctfmon.exe. running all of a sudden plus notepad.exe plus 3 lines of windows installer plus Windows
Presentation Foundation Host. None of these programs have ever run on my pc before so I restart and notepad.exe won't close now it's just permanently stuck in task manager plus as soon as I connect to the internet all these processes start up bringing my comp
to 100% cpu usage. I uninstalled Microsoft Office that is where ctfmon.exe comes from but that only got rid of it I still have two notepad.exe running at about 15-21 cpu and 3 windows installers at about 35 cpu each and this Windows Presentation Foundation
Host that is using the rest of my cpu. I don't know where these items came from but disabling them in task manager doesn't work also this notepad.exe is always there now even in safe mode and my restore points were deleted and system recovery now throws an
error code 0x1000203 when I go to it. I need to disable all this stuff and don't know how?

More replies
Relevance 61.91%

Mod Edit:  Split from - Hamluis
Hello Arachibutyrophobia,


I see you are online, and hope that you can assist.  I have read your post recommending the Driver Verifier  (in connection with "thread-stuck-in-device-driver").
I have set up Driver Vwerrifier as per you instructions, and I have had the first crash (Driver Verifier Detected Violation). 
Unfortunately, in your excellent post you have not said how I can see which drive has triggered the fault. There was the  :-( Windows 10 blue screen, but this only remained visible for a few seconds. How please can I see Driver Verifier's list?
" If there is a faulty driver Verifier should list it.  Once you have identified the faulty driver"
Many thanks, 

Answer:Assistance Requested

Hi Bruce,
I will have to get back to your tomorrow.  My wife has doctor appointments.

14 more replies
Relevance 61.91%

so, I'm currently attempting to install a different type of browser, and i accomplished downloading it, even getting through the set up. but actually getting it installed is the problem. it gets to about 15% and then it seems to just disappear out of thin air. ever time. i don't know why. i know this probably isn't malware but you guys helped me with my last issue and i was hoping you could help with this one too?

More replies
Relevance 61.91%

Mod Edit:  Split from - Hamluis.
Can someone give me a video on how to do this? This is not working for me...
Mod Edit:  Moved from XP to Am I Infected - Hamluis.

Answer:Assistance Requested

Exactly what are you trying to do...and what makes you think that doing it will resolve the issues which you believe you have?
Please download MiniToolBox  , save it to your desktop and run it.
 Checkmark the following checkboxes:  List last 10 Event Viewer log  List Installed Programs  List Users, Partitions and Memory size.
 Click Go and paste the content into your next post.
 Also...please Publish a Snapshot using Speccy - , taking care to post the link of the snapshot in your next post.

4 more replies
Relevance 61.5%

Hello - I have attached the log from a scan of hijackthis. I would greatly appreciate it if someone could take a look at it and let me know what to delete. Many thanks in advance.


Answer:Hijackthis assistance requested

Hi and welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

If you're not receiving help elsewhere and still require assistance please follow the process outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

Unfortunately, a simple HijackThis Log no longer provides all the information we require to create a fix for modern malware.

After running through all the steps, you will have a proper set of logs. Please post/attach as instructed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your next reply.

2 more replies
Relevance 61.5%

I am not sure of exactly what happened, because my son was online looking for xbox game help. It was on 04/15/11 that he was using Google Images to look for a character that he likes for his background and got a page that was a trap (one of those fake virus scanner pages) and would not let him X out of it. He said that he used the task manager to end Internet Explorer. He said that he ran SUPERAntiSpyware Pro and it found some things and then it rebooted. I found out the next day when I noticed that my background image was missing and my desktop icons were all hidden along with many of my start menu items, plus all my IE settings and favorites were gone & My Adobe Gamma profile was reset. I ran the "READ & RUN ME FIRST Malware Removal Guide" and then the "Windows XP Malware Removal/Cleaning Procedure" Most things are still hidden, I can unhide some things, but I do not know why they would be hidden. Is it a sign that there is still an infection or an unintended consequence of the cleaning instructions. Thank you!

Answer:Assistance Requested-Malware

We still need to see the C:\ from running C:\MGTools.exe

5 more replies
Relevance 61.5%

Here is the HJT log:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 5:00:51 PM, on 4/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\SiteAdvisor\6066\SAService.exe
C:\Program Files\Spyware Doctor... Read more

Answer:Assistance Requested in getting Rid of Trojan/Pop-ups

14 more replies
Relevance 61.5%

Problem with Sales and Advertisement software downloading, repeatedly and pop-up Ads on husband's computer (8.1). Using Iobit Unistaller to remove the errant programs ... finally let me run some scans.

MGTools scan resulted in message "... System Denied write access to Hosts file .... Hijack this may not be able to fix this ...." Then gives instructions on how to find them and delete them.

Attached are results of the other scans:

Appreciate help in figuring out the source of this problem.


Answer:Pop-up Ads Malware assistance requested

Hi there. There should still be a Do you have that to attach, too please?

10 more replies
Relevance 60.68%

Hey guys,

This shuold be simple, but ... well it's Microsoft.... what can I do sometimes other than ask those who are wiser.

I am trying to setup a home network with a Linksys wireless router. I've got 2 desktops (hardwired into the router) and 2 laptops (on the wireless). I rna the XP network wizrd *shudder* because it had worked for me before. However, I have some unexpected results. Running the wizard the same on every computer here what came out:

1 Desktop can "see" everyone but cannot browse to any of the other computers.
1 Laptop can see and browse through desktop #1, - it also see's itself
2 Laptop can see desktop #1 but not browse it. - it also see's itself
2 Desktop cannot see anyone but himself.

I thought it might be the computer browser service, but no go even after I turned it on.

Any suggestions at all would be immensely helpful.


Answer:WINXP Home Network ... Need some Help

7 more replies
Relevance 60.68%

I'm quite sure I have a trojan that steals passwords. I did a scan with F-secure and it said it was something like, trojan.HTML.fraud.gen. I think that f-secure got rid of some of it, but my computer is still runinng slower than it was previously to getting the trojan. I have avira and now f-secure running. Avira couldn't detect anything and f-secure is now saying there's nothing with a full scan. When I open the task manager, there is a process running at the bottom of the list of processes that is called System Idle Process and is generally running 99% of my cpu. I also ran superantispyware, but have since uninstalled it. The trojan had a popup that came up telling me that I had a virus and I needed to do a scan from their website and it tried to redirect me but I closed it. I haven't seen it very frequently.

Here's my HJT log. Thanks in advance for your help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:53:49 PM, on 6/24/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\... Read more

Answer:Trojan Infection - Assistance Requested

Welcome to TSG

You have two anti-virus programs running, not a good idea. That could cause the CPU usage so high, please uninstall either AntiVir or F-Secure.
Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
Close all applications and windows.
Go to Start ---> Run ---> Type "%userprofile%\Desktop\dss.exe" /config and press Enter.
Check the following additional scans:
Process Modules

Click Ok and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
Please attach extra.txt to your post.
What DSS will do:
create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.


1 more replies
Relevance 60.68%

Hello Bleeping Computer Friends,
I have a HP Pavillion HPE 210y Desktop computer running Windows 7 Home Premium 64 Bit that is now experiencing long start-up times, freezes of programs and just plain slow performance. I have ran Malwarebytes, Super Anti Spyware and Spy Bot S&D and found lots of malware but still the performance is severely lacking. Any assistance is great appreciated. Thank You in advance to those who respond.

Answer:Windows 7 Troubleshooting Assistance Requested

Have you defragged the hard drive?

10 more replies
Relevance 60.68%

When I run catchme I get this message:
detected NTDLL code modification:
ZwEnumerateKey 0 != 47, ZwQueryKey 0 != 19, ZwOpenKey 0 != 15, ZwClose 0 != -1375723995, ZwEnumerateValueKey 0 != 16, ZwQueryValueKey 0 != 20,
ZwOpenFile 0 != -369091035, ZwQueryDirectoryFile 0 != 50, ZwQuerySystemInformation 0 != 51Initialization error
Now I read somewhere on this website that this is usually a dead giveaway that a rootkit is active.
I ran catchme because my computer is acting kinda strange lately (hard to explain, but i've been using this box for about 4 years and kept it in good shape always, so I can kinda "feel" when something is off)
Could you please help me further investigate and possibly remove this potential rootkit?

Answer:Assistance requested with possible rootkit infection

Hi there,my name is Marius and I will be assisting you with your Malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.   Download DDS and save it to your desktop from here or here orhere.Disable any script blocker, and then double click dds.scr to run the tool.When done, DDS will open two (2) logsDDS.txtAttach.txtSave both reports to your desktop.    Please download ... Read more

16 more replies
Relevance 60.68%

The initial symptoms were CPU hog and unwanted IE window redirections along with launching new windows with advertisements. I completed a scan with Malwarebytes and removed several trojans, but current scans reveal no issues. However, redirections and computer slowness is still an issue.Unable to create GMER log. The program runs for varying amounts of time and ultimately results in a fatal error and system reboot.DDS (Ver_10-03-17.01) - NTFSx86 Run by JHusemann at 14:15:58.93 on Tue 08/03/2010Internet Explorer: 7.0.5730.11Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1526.757 [GMT -5:00]AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exesvchost.exesvchost.exeC:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\ActivIdentity\ActivClient\accoca.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Cisco ... Read more

Answer:Malware Removal Assistance Requested

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

14 more replies
Relevance 60.68%

Hi everyone, I've had my HP e9280t for a couple of months now and it seems that every other day the computer is crashing on me. Just today it crashed twice and I'm unsure how to determine the cause. I am pretty sure that in every instance I have been using IE8 and merely clicked on a link. I'm attaching the minidump files below, if someone had the time to help me I would really appreciate it, and hope in the future that I can help someone else on this forum.

Answer:BSOD Issue - Assistance Requested (IE8?)

Hi, Welcome to SF,

I guess the issue is with your Wireless Network adapter. Make sure you have the latest drivers. Install the drivers from your manufactures website.

Also Run the System File Checker

Start > CMD > Right Click Run as admin > SFC/ SCANNOW

Also Run the Memory Diagnostic & HD Diagnostic to be on a safe side

Caused By: WUSB54Gv4x64.sys (Network Adapter), pacer.sys (QoS Packet Scheduler), nwifi.sys (wifi card)

Drivers to be updated

PxHlpa64.sys Thu Mar 13 07:28:17 2008 Px Engine Device Driver for 64-bit Windows
000.fcl Fri Sep 26 18:41:22 2008
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.


Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\010910-20217-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

WARNING: Whitespace at end of path element
Symbol search path is: SRV*C:\Symbols*
Executable search path is:
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`02c4d000 PsLoadedModule... Read more

2 more replies
Relevance 60.68%

I have been given the task of getting two SQL 2000 (Server 2003) boxes to talk to each other on remote locations securely. Basically there's a SQL server at location A that has to have an exclusive and secure connection to the SQL server at location B. The SQL server's have to synch data between each other. There is a dedicated fiber connection between location A and location B but the SQL server's don't currently use that connection because it's the same pipe everything else on the two networks uses (not secure). I have to use that same pipe securely for SQL A->SQL B without allowing anyone else on the pipe to see either server (they will be on a different IP range). Any suggestions on hardware or software based solutions are welcome! My current thought is VLAN or VPN but advise definately welcomed! Thanks!

Answer:Assistance Requested - Corporate LAN Design

I think you are on the right path. With a proper Vlan setup it should be secure. Also if you run a point to point VPN at the connection to the fiber connection of the two SQL servers (since you said they currently connected) should connect thm and secure them as well. So like SQL <->VPN device ====(fiber)====VPN device <-> SQL so the only connection is through the VPN all to gether which also gives you the chance to set some rules at the VPN box to make sure that only traffic through the VPN is allowed accross stopping the chance of all other access.

7 more replies
Relevance 60.68%

Hello to all,
Well have been running fairly stable for a week now. Pretty cool for me! I do have a recurring issue which I don't believe had been covered. Have been using Windows Defrag. The issue is that if I run it from a pinup on the start page/ as administrator, I get a cmd window a flash of information and it shut the window. This occurs when I access Windows Defrag from the Search window again, running as admin. So far the only way I can get it to run successfully is to go into Windows Explorer, click a drive > Properties > tools > defrag, and then it runs normally.
Any similar occurrences of ideas. Thanks in advance!

Answer:Continuing issue - Assistance Requested

Did you try making a shortcut on the start page to dfrgui.exe

That is if you wanrt to use the ghastly start page, otherwise, make a shortcut to it in the main ui ( desktop), pin it, whatever you like.

3 more replies
Relevance 60.68%

Hello All,
Below are my logs:

Thanks in advance!

Answer:Adware/Virus Assistance Requested

Disable McAfee while doing the below.

Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Uninstall the below very old versions of software:
Java 7 Update 67
Java(TM) 6 Update 24

Now install the current version of Sun Java from: Sun Java Runtime Environment Make sure that when you see the form asking about installing Ask Toolbar that you uncheck this.

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R3 - URLSearchHook: (no name) - {7aeb3efd-e564-43f1-b658-5058a7c5743b} - (no file)
O4 - HKLM\..\Run: [WinCheck] C:\Users\Jessica\AppData\Local\wincheck\wincheck.exe
O4 - HKLM\..\Run: [Extension Manager] C:\Program Files (x86)\Extension Manager\SystemBrowser.exe

After clicking Fix, exit HJT.

Please download OTM by Old Timer and save it to your Desktop.

Run OTM.exe by double clicking on it (Note: if using Vista, Win7 or Win8, don't double click, use right click and select Run As Administrator).
Copy the lines from the below codebox to the clipboard by highlighting ALL of them and pressing CTRL + C
(or, af... Read more

18 more replies
Relevance 60.68%

ComboFix 17-01-13.01 - Eag 01/14/2017 1:51.2.4 - x64 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8156.6543 [GMT -6:00]
Running from: c:\users\Eag\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
((((((((((((((((((((((((( Files Created from 2016-12-14 to 2017-01-14 )))))))))))))))))))))))))))))))
2017-01-14 07:53 . 2017-01-14 07:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-01-14 07:10 . 2017-01-14 07:21 -------- d-----w- C:\AdwCleaner
2017-01-11 19:13 . 2011-08-30 05:25 14173184 ----a-w- c:\windows\system32\shell32.dll
2017-01-11 18:55 . 2017-01-11 18:55 -------- d-----w- c:\windows\system32\SPReview
2017-01-11 18:55 . 2017-01-11 18:55 -------- d-----w- c:\windows\system32\EventProviders
2017-01-11 18:47 . 2017-01-11 18:47 -------- d-sh--w- c:\windows\system32\%APPDATA%
2017-01-11 06:13 . 2017-01-11 06:13 -------- d-----w- c:\program files (x86)\Microsoft XNA
2017-01-10 16:08 . 2017-01-10 16:08 -------- d-----w- c:\programdata\Blizzard Entertainment
2017-01-10 16:01 . 2017-01-10 16:02 -------- d-----w- c:\programdata\
2017-01-10 09:28 . 2016-12-30 22:43 12229912 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A881BDE-0B0B-4074-824F-FCAAE1B6D17B}\mpengine.dll
2017-01-09 16:50 . 2017-01-09 16:50 -------- d--h--w- c:\programdata\CanonBJ
2017-01-09 16:50 . 2014-03-18 11:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x... Read more

More replies
Relevance 60.68%

Aloha,    I am looking to do a Malware removal on my XP desktop and have begun the early process laid down by evilfantasy. I am currently stumped on Step 2. After d/l CCleaner - Slim, I open d/l and select 'Run', after a quick delay, a window pops up. The window header reads, 'NSIS Error' with the body stating...'Installer integrity check has failed. Common causes include incomplete download and damaged media. Contact the installer's author to obtain a new copy.More information at: have tried both links and both have the same return. I looked to contact Piriform's support center but they offered no link to start an account to ask the above question. I'm hoping that this issue is not unique and there is a solution to this to continue forward with the Malware removal process. Any help or guidance on this issue would be greatly appreciated. Thank you.

Answer:Malware Removal Help and Assistance Requested

Try downloading from here: still no joy, just proceed with the rest of the steps and a malware specialist will be along to help out.

14 more replies
Relevance 60.68%

A couple of days ago, while surfing the net, my browser was suddenly possessed! All by itself, with out me pushing buttons, it went to a website that offered to sell me spyware removal software. Since then, this happens repeatedly every time I'm on the internet. My amateur attempts to stop this are not working. While searching the internet for ideas, I came across this site and saw posts by other people who seemed to have a similar situation as mine which you were able to resolve.

Here is a more specific sequence of events:

1. While surfing the net, my virus software (norton internet security 2004) pops up telling me that a file "Tmpf00.exe" is awaiting a scan

2. My browser is suddenly redirected to a website called ""

3. Sometimes my browser is further redirected to a website called "" This is the website that considerately offers to sell me spyware removal software since my pc is obviously possessed by spyware and they can help exorcise it. I end up either closing my browser or hitting the back button to get back to the website I was on before being involunatirily redirected.

I have done a full system scan with Norton. My virus definitions are up to date. Adware is found by the scan, but no viruses. Norton is unable to delete the adware- when it tries it comes up in red saying "delete failed"

I have run both spybot search and destroy ... Read more

Answer:Assistance Requested with abducted computer


It sounds like you have done most of the tutorial . Klikfeed is a common problem reported on theis site. Please do all of the steps if possible.

This site has alot of good tools for cleaning up your computer. It's very important that the first thing you do is the following:

First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal.
If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.

Try this... you may find it's all you need. If not post your results and I am sure one of the PROS can help you. These guys are quite busy, as you can see by the number of posts, so hang in there. Good Luck!!

After doing ALL of the above if you still have a problem:

Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFOR... Read more

47 more replies
Relevance 60.68%

Thank you for reading my post

My computer was infected by a number of different malicious virus, trojans, etc. I began to notice something was wrong when I was prompted with ballon notification "Your computer may be infected..etc..." originating from ared X notification in my task bar. Once I recognized something was wrong I tried to open access Task Manager via ctrl+alt+del (greyed out) and the run command (disabled by administrator). System restore was never enabled on my machine so I set out to remove the malicious code with the tools provided on this website. After running the software per the instructions it seems the majority of problems have been resolved. However, .jpg files on my machine don't display when going to websites or when pulling them up locally. I also receive threat detection prompts from AVG referencing the following file:

Threat Name: Trojan horse BackDoor.Generic10.ACET

When I attempt to heal I get "Some files cannot be healed" Specified file was not found. I can however move it to the vault.

Thanks for reading.

Answer:Malware Removal - Assistance Requested

You did not allow MGTools to run to completion. You need to agree to the HJT license and wait for it to tell you it is finished.

In the mean time, you need to use windows explorer to find and delete:
c:\windows\ms --> unless you know what this is!

Open notepad and copy and paste the following text in the quote box into the window:

sc stop 5522d9fd
sc stop dff9d38c
sc stop FCF
sc delete 5522d9fd
sc delete dff9d38c
sc delete FCFClick to expand...

Save this as fix.bat
Choose to save as all files.
Doubleclick fix.bat and let the program run.
A small black dos window will flash, this is normal.

Now re-run ComboFix.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\ file that will be created by running this and also attach the log from Combo.

5 more replies
Relevance 60.68%

My windows 7 Enterprise 64 bit installation is crashing and I haven't been able to get help from our University IT tech dept. . . . they suggest offloading files and rebuilding the system in 32 bit mode. After googled the minidump error codes and came across the Windows 7 Forum web site, I have followed the instructions detailed from "Windows 7- BSOD Posting Instructions" and have attached the perfmon file and the BSOD Dump and System file collection output files.

Any help would be greatly appreciated . . . . I will forward this info to our IT dept for educational purposes.

System Info:
Windows 7 Enterprise x64
Original OS: XP Pro OEM
Age of system: ~4 y
Age of OS installation(W7): 2 months

Answer:Windows 7 x64 BSOD Assistance Requested

7 different BSOD errors (out of 12 memory dumps) and over 5 different causes blamed
This is most likely a hardware problem (although compatibility issues can play a part here also).

You can check compatibility here: Windows 7 Compatibility: Software Programs & Hardware Devices: Find Updates, Drivers, & Downloads

Please try these free hardware diagnostics:

H/W Diagnostics:
Please start by running these bootable hardware diagnostics:
Memory Diagnostics (read the details at the link)
HD Diagnostic (read the details at the link)

Also, please run one of these free, independent online malware scans to ensure that your current protection hasn't been compromised: Malware (read the details at the link)

Then, if the above tests pass, I'd try these free stress tests:

FurMark download site: FurMark: VGA Stress Test, Graphics Card and GPU Stability Test, OpenGL Benchmark and GPU Temperature | oZone3D.Net
FurMark Setup:
- If you have more than one GPU, select Multi-GPU during setup
- In the Run mode box, select "Stability Test" and "Log GPU Temperature"
Click "Go" to start the test
- Run the test until the GPU temperature maxes out - or until you start having problems (whichever comes first).
- Click "Quit" to exit

Prime95 download site: Free Software - GIMPS
Prime95 Setup:
- extract the contents of the zip file to a location of your choice
- ... Read more

1 more replies
Relevance 60.68%

I have reviewed the Read/Run Me First sticky and am attaching the files as requested. There are two malware bytes text files as I terminated the first one early as I realized that I did not have the latest version (2nd file is a result of the complete run).

I went through this exercise because as of this morning I get a fake firewall popup and when I open IE or Firefox I am immediately taken to a "Insecure Internet activity. threat of virus attack" screen.

Answer:Malware Removal Assistance Requested

Additional files.

4 more replies
Relevance 60.68%

Hello al TSFer's, I hope you are all doing well today.

Several months back my computer quit working, and being at the end of the semester, I didn't have the time to try and track down the problem with all my final tests and such. I went and got a cheap compaq w/vista on it, and so far it has served me well for the rest of the school year and over the summer.

School starts again in a couple weeks, and I want to get the old one up and running again so my girlfriend and I are not limited to just one computer.

I hooked it up, and surprisingly, it turned right on and went to the desktop as normal, and loaded as usual. It was very sluggish, so I started by running ccleaner to try and clean it up a bit.

While running ccleaner, I got a BSOD saying:

Stop: 0x0000007A(0xco3dcffc, 0xc000000E, 0xf73ffca8, 0x0fbbd860)

atapi.sys - address f73ffca8 based f73f0000, datestamp 41107b4d

Upon reboot, I got another blue screen saying:


Stop: 0x000000ed (0x842E47E8, 0xc0000006, 0x00000000, 0x00000000)

At this point I tried booting from the cd, but when I go into revocery console, it only allows me to pick from two drives, one H:\1386\ and H:\winNT\. The second one I am not sure if that is what is says or not, but it is an h: drive, and I know the hd is denoted as the c: on this computer, so I am a little confused as to that. I did run a chkdsk /r on both H: drives a couple of times.

After that I reboot and it doesn't load properly, jus... Read more

Answer:Multipe BSOD's - Assistance Requested

There are a couple of ways you can proceed from here.

1) Open your old PC and new PC, pull the hard drive from the old PC and put it in the NEW pc to copy files you want to keep.
I would recommend disconnecting your CD drive and installing the hard drive in it's place. That way you do not need to worry about jumpers or possible errors from having both drives on the same IDE channel.
After you get all the files backed up you can format and reinstall windows which would hopefully get rid of all these errors.

2). You could do a Repair Install which should leave all your old files intact but will reload all windows system files.
Unfortunately, this is not guaranteed to solve all your issues.

Of course, if it is infact hardware failure, even a full reinstall will not help

10 more replies
Relevance 60.68%


Earlier this week I noticed an issue with my parent's computer whereby the first page of links given when a topic was entered into a search engine were misdirected. The description and Page Name of the link was correct, but the website address associated with the result was not. Subsequent results pages had the correct link information. My assumption is that one of my younger brothers or sisters did something not so bright. Since then I have run a variety of virus and malware scans to see if I could fix the problem (specifically, McCafee, Microsoft Windows Defender, Malwarebytes and AdAware). The first few scans found some registrey key changes and identified some files as Trojans and aparently fixed those problems, but recent scans have not found any errors. The problem, however, persists. Any help that could be given in solving this problem would be much appreciated. Below find the DDS report as requested; please let me know if you need more information:

DDS (Ver_09-01-19.01) - NTFSx86
Run by Owner at 15:02:13.30 on Sat 01/31/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_06
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.40 [GMT -6:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WIN... Read more

Answer:Possible Key Change/Hijack This Assistance Requested

Hello, JPBT to BleepingComputer.comMy name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)Please give me some time to look over your computer's log(s).Please take note of the following:In the meantime, please refrain from making any changes to your computer.Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Finally, please reply using the button in the lower left hand corner of your screen.We need to scan for Rootkits with GMERPlease download GMER from one of the following mirrors:This is the Primary mirrorThis is a Secondary mirrorThis is a Secondary mirrorClose any and all open programs, as this process may crash your computer.Unzip the downloaded file to your desktop.Double click on your desktop.Allow the gmer.sys driver to load if asked.You may see this window. If you do, click No.
Click on and wait for the scan to finish.If you see a rootkit warning window, click OK.Push and save the logfile to your desktop.Copy and Paste the contents of that file in your next post.In your next reply, please include the followi... Read more

12 more replies
Relevance 60.68%

I am helping my Fiances cousin with her desktop. She told me she thought she had a virus (or malware) and she definitely does. It appears she's infected with the "Windows Restore" virus (or malware). I have ran DDS and attached what I could. I would run GMER on the machine both in safe mode and normal mode and neither would complete as it should. I saved the file to the desktop as the guide states. Maybe I'm doing something wrong there, but at least this is a start.

I got a feeling this thing (and possibly other viruses and/or malware) has dug itself in real deep. I first booted in safe mode and ran a virus scan. It detected 4 things and we removed the items. As soon as I booted back up the virus(es) were right back. Also apparently this thing has locked down task manager. I've tried executing from run and manually going to the Windows folder. Always comes back and says "Task Manager has been disabled by the Admin"........well I am the admin.

Also when I go to start --> Programs, it says the programs folder is "empty".


DDS (Ver_11-03-05.01) - NTFSx86 NETWORK
Run by Administrator at 22:04:49.98 on Tue 04/19/2011
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.732 [GMT -4:00]
AV: AVG Anti-Virus Free *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: AntiVir Desktop *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
============== ... Read more

Answer:Virus Removal Assistance Requested

Hello and welcome. Please follow these guidelines while we work on your PC:Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.” Absence of symptoms does not mean your machine is clean!
Please do not run any scans or install/uninstall any applications without being directed to do so.
Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.
Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please download Rootkit Unhooker and save it on your desktop.Disable your security programs
Double click RKUnhookerLE.exe to run it
Click the Report tab, then click Scan
Check Drivers, Stealth Code, Files, and Code Hooks
Uncheck the rest, then click OK
When prompted to Select Disks for Scan, make sure C:\ is checked and click OK
Wait till the scanner has finished then go File > Save Report
Save the report somewhere you can find it. Click Close
Copy the entire contents of the report and paste it in your next reply.
Note - You may get this warning it is ok, just ignore it:"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"Please include the following in your next post:Rootkit Unhooker log

13 more replies
Relevance 60.68%

Scanning the first page or two of this forum, it seems like this is really going around.  I got the computer lockup virus/trojan, my agency of choice is DHS.  I'll admit up front I occasionally watch certain movies, but I think this probably came from one of my Flash streaming sports websites, which I watch frequently and which I will admit is probably not totally legal.
Either way, I don't seem to have it as bad as some of the others.  I was able to reboot in safe mode, I did have a repair option but I wasn't sure what that did so I just went into safe mode and ran MalWarebytes.  It found 3 infections:
Trojan.0Access (In my Recycle Bin?)
Trojan.Ransom.ED (In my Users Folder)
Malware.Trace.E (In my Users Folder)
I said to remove them, and the log says, in order, Delete on Reboot, Quarantined and Deleted Sucessfully, Quarantined and Deleted Successfully.  I don't want to copy the log to a flash drive (I'm on my wife's laptop) because I want to make sure I don't infect her computer, but everything else on the log (Memory Processes, Registry Keys, etc) said 0.
The computer seems fine on a regular reboot, but I would like to make sure, if someone has the time.  The sad thing in all this is we actually have Verizon FIOS folks coming in tomorrow (actually later today, its after midnight); we're dropping our local cable company and getting, among other things, an expanded cable package which will mean I no longer need to watc... Read more

Answer:Assistance requested with virus/trojan

Just a follow up, I'm on the infected computer now, assuming there's anything lingering.  I've got Symantec running a full scan now and I'm heading to bed.  If anyone can tell me what basic programs I need to run to make sure I'm in the clear, I'd appreciate it.


33 more replies
Relevance 60.27%

Hello all,

I'm trying to set up a fairly simple home network. Here's what I've done:

-I have two PCs running WinXP Pro
-Each is configured with the same Workgroup
-Each has four local users named for each of my family members
-The PCs connect through a cable modem router, and each currently can connect to the internet with no problems
-Each PC has two hard drive partitions (C for OS/Programs, D for data)

I'd like to map the Y drive on each computer to the other computer's C drive, and map Z to D. This way, at any given time I can "see" all of the data on either computer. It also helps because I'd like to use a backup program to back up key files on each nightly, one to the other.

Here's the problem that I'm running into:

When I try to map to "PC03" from "PC02", it first tries to connect using my current local account (PC02\MyID), and then failing that, the Guest account on the other PC (PC03\Guest). MyID is an admin on both machines. I've tried connecting as an admin on the other machine, for example connecting from PC02 as PC03\MyID. This gets me a connection, but when I try to click on certain folders like Program Files or Documents and Settings for another user, I get "access denied", even though I'm connected as an admin.

On the "target" PC, I enabled sharing of the C: drive on the network, and checked "allow network users to change my files".

So, perhaps t... Read more

Answer:WinXP Pro Home Network Question

11 more replies
Relevance 60.27%


I'm trying to set up VNC so that I can control my music server remotely from a computer in my home office.

I've followed all the VNC instructions I can find with no success.

The problem I get is when starting VNC viewer "Run VNC Viewer". The "VNC Viewer: Connection" window asks me to input the "server:".

The VNC Server programme is running on the Music Server.

I am using a Belkin ADSL Modem/Router to connect the network and connect to the internet. The music server and the office computer are both connected as a LAN to the router.

The Office Computer has been given the IP address: by the router and the Music Server IP is: 192 168.2.2 The Router Internal IP is and the External IP is dynamic. Currently:

I have tried all sorts of inputs in the "Server:" window without success. I get error message: "unable to connect to host: Connection refused (1061)"

The computers are networked happily and ping eachother no problem. I have tried disabling Zone Alarm on both computers and the WinXP SP2 firewall is disabled.

Can anyone help?

Answer:VNC Home Network DSL Router WinXP SP2

6 more replies
Relevance 60.27%

OK...I had a home network set up when both my computers were running WinXP...I was able to file share, etc. Both PC's showed up on the Workgroup.

However, I have a new PC with Win7. I am having difficulty allowing my WinXP PC to access the Win7 PC...but, my Win7 PC can access my WinXP PC with no trouble.


Answer:Home Network with Win7 and WinXP

8 more replies
Relevance 60.27%

My home network consists of 3 computers and an xbox, all connected to a router
Computers 1 and 2 run windows xp pro. Computer 3 runs win xp home.

With some litte experience I have been able to setup a workgroup x including those 3 computers.All computer names appear inside the workgroup folder.

Pc 1 can see all the shared contents of the other 2 computers, including its self, no password required etc.
Computer 2, 3 and xbox can browse through each other’s files freely, no username/password is required but can not browse computer1 files. I either get a "resource unavailable" message when I click on pc1 icon or I get prompted for a username/password. Computer 1 was the only one that had password protected user account, but I removed it, through the user account utility in the control panel.

How can I give free pc1 access to all the other devices of my workgroup without having to give username/password details on each logon?

Answer:WinXP home network question

If you are not using Simple File Sharing on PC 1, the answer is simple:

In My Computer or any Windows Explorer window: Tools - Folder Options ... - View tab - at the bottom of the list put a check by 'Use simple file sharing (recommended).'

If you already have SFS, I reckon the answer will be considerably more difficult.

3 more replies
Relevance 60.27%

I've got two computers with WIndows XP Pro. They are both hooked up to my SMC router. Both have no problem with the internet connection. But I can't get them "connected" to a network. I run the network setup wizard on both and create a workgroup called "mshome". After reboot one machine (called P4) can see both itself and the other PC (called P3). But when I try to acces P3, I get the error that says P3 could not be found on the network. And on the P3 machine, it can't see any PCs at all. When I try to "view workgroup computers", after a long time it says mshome is not accessible, I might not have permission to use the network resource. The list of servers for this workgroup is not currently available.

I'm not any kind of network expert, I'm pretty lost. I just want the two PCs to be able to share files and such.

Please, any help. Thanks

Answer:winxp home network problems

Do yo have simple file sharing enabled or disabled (tools/folder options/advanced scroll to bottom)? Do you use a firewall on either machine? If you use the default firewall I would disable it, although there is a setting to allow network browsing. Once they can browse you will have to make sure the permissions on the shares are ok. I suggest disabling simple file sharing. Also make an account on each machine for the other machine. I make the account with the same password and login as i use on the other machine. You will of course have to add the user account of the other machine to the permissions on both the sharing tab and security tab of each share...
helpful link

1 more replies
Relevance 60.27%

I am trying to network my old Win95 computer with my Win XP (Home) computer. I have connected the two network cards with a crossover cable. I have run the Network Wizard on the XP machine and it recognises itself in it's workgroup. I could not use the setup disk utility in XP to transfer the settings to the 95 machine as apparently this facility was not available in win 95 so I have tried to set it up manually. I have managed to get the Win95 machine to recognise itself in the same workgroup. Neither machine can find the other machine in the workgroup. I suspect that a different protocol is being used by each machine but am unable to find the protocol being used on the XP machine. Is this the likely cause of the problem & how do I resolve it?

Answer:Cannot network Win95 with WinXP home

I am sure somebody in here will correct me if I am wrong, but I believe that Win XP uses the TCP/IP protocol whilst Win 95 uses the IPX/SPX protocol. Why not try adding the IPX/SPX protocol on your Win XP machine & see if it helps, I do not think it can hurt anything & you can always remove if it does not help. Other than that can only think to mention the obvious such as ensuring that your files are shared & that both machines are using the same networking passwords.

5 more replies
Relevance 59.86%

Good Evening,

I am assisting a neighbor with her laptop and trying to help her resolve dozens of virus infections. Her ex-boyfriend visited millions of p0rn sites and well, managed to infect her computer until it just about failed completely. I have since been able to get it to boot, at least, and have removed a few of the viruses but am now requesting help getting rid of the remnants.

Some virus names include: Trojan Horse, Packed.Generic.200, Packed.Generic.233, WindowsAntivirusPro, Antivirus2009, Tojan.Metajuan, Backdoor.Tidserv, Backdoor.Trojan, SafeStrip, Downloader, Quickwatch, Ksi32sk, Windows Police, UAC, BeepSys.Virus, MakeMySearch.C, Fips32cup, Serfiny, Tapi.nfo, Securentm, and Protection System.

As you can see, there are probably millions of remnants and some I have not even pulled yet. I could use some heavy assistance. User has a Toshiba Harman

Here is the DDS file:

DDS (Ver_09-09-29.01) - NTFSx86
Run by Administrator at 20:48:55.98 on Tue 09/29/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.407 [GMT -4:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system3... Read more

Answer:Multi-Virus Issue Assistance Requested

I started to explain the user's pc environment then kindly forgot to finish.

User has Windows XP Pro, SP3, Intel Pentium M Processor, 2.00 GHz, with 1 GB RAM.

Sorry to have to add this after the fact!



19 more replies
Relevance 59.86%


I'm trying to run a program that will allow me to view videos from my PC to my XBOX 360 (, this program would extract upon downloading, but would not run, I looked around and eventually found the solution (, I followed given instructions and typed everything out without any spacing except after "reg add", everything indicated that the process was accepted and the key was taken, however, the program did the same thing, I ran regedit to have a look. I'm not exactly the brightest and the best when it comes to computers, but I figured if all was done correctly that the upperfilter value would be in the specified directory, instead I see a whole new directory with the whole key I entered as the name. So I suppose the questions are; did I do something wrong? Is it supposed to look like that after following said instructions? If all was done correctly, why would the program still be doing that? Oh, I also tried various combinations of spacing within the key, all resulting in a command error: too many command values (I think!), well, I googled that and read that I was getting that message as a result of too many spaces in my entries. Any assistance would be much appreciated, thank you in advance.

More replies
Relevance 59.86%

I believe my PC has been infected with the Google Redirect virus.
Running Windows XP Home SP2, connected to Internet through a router and cable modem.
Major symptoms being experienced are web pages being launched that are not the intended ones and my detection that downloads of updated virus patterns for my Trend Micro Internet Security software have been failing for about 1 week.
Have Internet Explorer 6 along with an old Netscape 7.1 browsers installed in my PC.
Some Internet searching this evening suggests to me the Google Redirect virus has become a major problem.
Your assistance would be most appreciated.

Answer:Google Redirect Virus - assistance requested

Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some tim... Read more

17 more replies
Relevance 59.86%


The other day, my PC got the "Windows Diagnostic" virus, info here:

How To Remove Windows Diagnostic Virus / Malware | Fix My Computer With Expert Support Now

Basically I did a System Restore and that fixed the problem for the most part, but when I came back after the restore and all my folders and files were missing, but I later found out that they were just "hidden" - a result of the virus.

But now I can't open Dreamweaver, Paint Shop Pro, Filezilla, etc. It appears that maybe some folder permissions are messed up somewhere.

Anybody have any ideas on how to fix this? Ive run registry cleaner, CCLeaner, etc, no luck.

I need these programs for my business! Any help would be greatly appreciated,


Answer:Having a meltdown over here, assistance requested please (PC software issues)

I would have done a full format. Did you try reinstalling the programs?

4 more replies
Relevance 59.86%

Hi, I'm experiencing the dreaded Google redirect virus. When I click on links in Google (or yahoo) search results, about half the time it takes me to a different random page. My computer is also running more slowly than usual.

I'm running XP Home sp3 on a Dell Inspiron 1300. When I first discovered the problem, I ran Malware Bytes, which found 2 trojans and 9 rootkits (most of which had TDSS in the name). I quarantined & deleted those, but the problem is still happening, which brings me here.

I've attached Attach.txt and ark.txt in a zip file, and the text of DDS.txt is below. Fyi, I do not have a Windows install CD (either I never got one with the laptop, or I've lost it.)

Any help you can offer would be much appreciated!

DDS (Ver_09-09-29.01) - NTFSx86
Run by scott at 13:14:22.43 on Wed 10/07/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_02

============== Pseudo HJT Report ===============

uStart Page = hxxp://
uSearch Page = hxxp://
uDefault_Page_URL = hxxp://
uSearch Bar = hxxp://
uInternet Connection Wizard,ShellNext = hxxp://
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://
uSearchURL,(Default) = hxxp://
mSearchAssistant = hxxp://
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reade... Read more

Answer:Assistance requested with Google redirect virus

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.


One or more of the identified infections was a backdoor trojan.

This type of infection allows hackers to remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Please read this: How Do I Handle Possible Identify Theft, Internet Fraud, and CC Fraud?


Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

---... Read more

3 more replies
Relevance 59.86%

If you install Windows 7 on a computer, not using a manufacturers recovery partition, or an OEM OS install disk, you are left with a system without drivers. In my case I cannot access the internet without working network drivers. So I downloaded all the drivers on another system, but I cannot get them into the system that needs them because none of the USB drives work because there too need drivers. I've tried manually choosing built in generic drivers that came with the Windows 7 install, but I can't determine which ones to use. I've come close to getting a match, but I always end up with error messages stating I'm uising the wrong driver. I suppose the thing to do is to find out exactly what built-in ethernet drivers (Windows 7) will work with this computer. It's an ASUS Q301L.

Answer:Major chicken/egg crisis here. Assistance requested

12 more replies
Relevance 59.86%

Hi all,

Got quite a few BOOTLOG_NOT_LOADED lines appearing in my ntbtlog.txt file.

What causes these errors, are they indicative of malware? How can I repair the drivers or software that is causing them so I get a 'clean' bootlog?

If you want more specific information probably better to do it through PM.

More replies
Relevance 59.86%


Currently snagged a bit of malware trying to run its course on my workstation. However, instead of cleaning it, I have pacified it and am now attempting to gut and analyze it out of personal interest and to further knowledge of security analysis. I've already done the initial data collection and a bit of sleuthing but ran into a couple snags that I'd like assistance on if possible. If anyone here is capable and curious I'd like to proceed on this thread, otherwise if they have any other forum or resource they'd like to recommend to direct my attention too that will better suit this kind of request then I'd gladly accept that too.

I'll post details I've garnered so far under condition that I receive notice that others are interested in it. I will say that Trend Micro detected only some of its activity (attempting to access certs on illegitimate sites) but not the actual offending items (I have, however). I have not ran it through other AV software yet to determine virus definitions, so for now it is considered an unknown strain.

Thank you for your consideration in the matter. I hope this ends up becoming a worthy adventure that people may profit from.

Answer:Analysis on Unknown Malware - Assistance Requested

Upload the file to Jotti's malware scan and have it scanned and analyzed by several anti-virus companies.

9 more replies
Relevance 59.86%

Thank you in advance for anyone reading this.

I am running Windows XP

Here are the symptoms:

1) Under the start menu, most of the options have disappeared. Including ?All Programs? on the left hand side and the only things available on the right hand side are the options ?Set Program Access and Defaults?, ? Connect To?, and ?Printers and Faxes?. Everything else is gone.

2) I cannot see the C: drive. It?s just not there in windows explorer and I can?t get to the ?run? function to use a command prompt.

3) The virus put the following files on my desktop: ?Privacy Protector?, ?Spyware&Malware Protection?, ?Error Cleaner?

4) There is a message that says ?VIRUS ALERT!? next to my clock on the toolbar.
I actually know exactly what I did, and it was a really really stupid mistake that I will never make again. Feel free to berate me at your leisure, because I deserve it.

I download the following file: (Link removed as requested.)

I scanned the file itself, but the first thing the file does when run is download the virus from somewhere else, then its lights out. Now, I don?t have access to any of my programs to scan anything, remove anything, or even get to my control panel.

I feel like putting my head in a hole. This is also really bad timing, but I?m leaving on Saturday morning for a week. So, if you don?t see a reply to this thread during that time, please don?t think I?m ignoring it. If anyone can help me with this I'd greatly appreciate it.

Answer:Unidentified Virus - Very Nasty – Assistance Requested

I forgot to add. The above description happens even in safe mode.

7 more replies
Relevance 59.45%

Hi all,

To start, is there a good guide that you know of to sharing files between a windows XP machine and a vista machine?

I have a desktop PC which has all my movies and music wired to a WRT54G router. I have a Dell XPS laptop running Vista connected via wireless to the same router.

When I try to watch a movie (~1-2 GB divx or x264) on my laptop over the network, it pretty much isn't possible (tried VLC, media player). I've even tried copying the file over, then watching it, but it sits there in Vista 'calculating' the time to copy it over for what seems like forever (30+ minutes?)

I've also tried hooking up the vista laptop to the router via cat5E, and it's still slow for large files.

Is there something I can try? Sorry if this is something dumb, I've tried google, and just thought someone knew a trick or two.


More replies
Relevance 59.45%

I have two machines, a Windows ME and Windows XP, connected to a router using DSL Internet access. I can access the Internet from both machines. From the ME machine, I can access the share folders and files on XP. I can see the XP share folders in the Network Neighborhood. I can PING both hosts by IP as well as host name.

From the XP machine, I can PING the ME machine by IP address. I can NOT ping the ME machine by host name. I can see the ME machine and share files using the IP address. I do not see the ME machine advertised when I look in My Network Places. When I search for the ME machine by host name, the host name is found, however when I attempt to access the host name, I receive error message "\\home2 is not accessible. You might not have permission to use this network resource....."
When I search for the ME machine by IP, I can see the machine and access files.

Why isn't the ME machine advertising the its host name to the XP machine and can't I find the ME machine by host name from XP?

How does XP keep track of local hosts names?

Thanks in advance for any advice or direction.

Answer:Home Network WinME/WinXP Issue?

This is typically a network browse master issue. Usually, if you wait 15-20 minutes, it will resolve itself. Open an MS-DOS window on the ME machine and type: IPCONFIG /ALL and post the results.

2 more replies
Relevance 59.45%

Hi, guys. This is my problem: I login to my laptop with my Full Name "Mario Rossi" and my password.
To access my private folder (called mrossi) on Office Network I have a different username and password. On my Office Network all server works with Linux.
Is possible connect my laptop (login with "Mario Rossi") and access to my private folder on office LAN with different Login and password?

When I watch Network connection and folder I can see all folders but there is not my "mrossi" folder and there is an unexisting folder "Mario Rossi" (username on my laptop)?

I hope to be clear on my problem!


Answer:WinXP Home Edition vs. Linux Network

Welcome to Techspot
I have no experience with Linux networks, so one of the other guys will have to jump on this.
However XP home has networking limitations you can make note of ;
-Home cannot join a domain (windows server)
-Home must logon on to Shares and the logon is not automatic(a Batch file cando this)
-Home uses the 'Everyone" permission level by Default in a Workgroup.
Maybe something in there may help

5 more replies
Relevance 59.45%

We have just gotten 2 new dell computers, both running winxp home. Both dell computer can see each other on the network. However I also have a Nec Laptop runing win 2000 pro, but the dells cant see the Nec or vice versa. I got a D Link wireless router and another router. All can connect to the internet. Help apeciated.


Answer:cant see computer on network 1 win 2000 pro & 2 winxp home

6 more replies
Relevance 59.45%

I cannot network my Win7 computer and my WinXP.

Actually I can see my WINxp computer on the Win 7 computer (works fine) but I cannot get the WIN7 computer to appear on the WINXP computer.

Is there a way for WIN7 to allow the WINXP to see it and access its files? I've done all the file sharing bit and created the HOME network.

Thanks for any help,

Answer:Solved: Home network Win7 & WinXP possible?

11 more replies
Relevance 59.45%

I have WinXP Pro and WinXP Home running on a local network... When I boot them both up I cant connect to either PC... I am on the same workgroup (MSHOME), I can see both computer names but when I want to access a shared resource I get a denied message... How can I connect to each computer??

BTW, if I map a drive to the other computer shared folder it works just fine but when i want to go through this method:
My Network Places--View Workgroup computers--<computer name>, I cant get through...

Answer:WinXP Pro and Home local network problem

16 more replies
Relevance 59.45%

I just got my new notebook yesterday. I also bought a router from Dell. I thought I could simply connect the other 2 computers in the house easily as I had with my Lynksys wired router. One of the old computers is a Win 98SE. First, when I opened the router quickstart guide, it said that only Windows XP or 2000 PCs would work. Later I read in the help manual that many network configurations were possible.

So I connected the old wired router to an available LAN on the new router, and used one of its (old router) LAN ports to connect to the Win 98SE box. It didn't work at first, but after I rebooted the router and the PC, the internet connection was there.

But I can't get the 3 boxes to recognize each other in Network Places or Network Neighborhood--not consitently anyway. Obviously since they do "see" each other I can't do file and printer sharing.

Can this be done?

Answer:Home Network: wireless, WinXP, Win 98SE

First off, it's no problem to connect W98 to the network, that part of the instructions is rubbish.

You don't have to reboot all the computers to see a newly added computer on your network. Just wait twelve minutes. Honest. Could I make that up? Go have a cup of coffee, empty the dishwasher, or change all the burned out lightbulbs in the house. Then open the network folder again, or press F5 to refresh the display if you didn't close the folder. You should now see the new computer. Why does this happen? The icons in the network windows are controlled by a Windows service called the Computer Browser Service. This service browses the network, peering down the pipes (including the virtual pipes of wireless connections), checking to see who's on board. The service runs every twelve minutes.Click to expand...

1 more replies
Relevance 59.45%

Assistance requested backup BIOS Lenovo g510

More replies
Relevance 59.45%

All,I know when I am beaten -- I only hope you guys can assist where I have failed. Simple Google searches are causing massive redirects through a series of sites, most prominent being iCityfind. I know others have complained of a similar hijacker -- but I haven't seen any resolution on others. I am currently running Windows Vista.I'm enclosing the usual suspects. Let me know if you need anything else. This one's driving me mad.HJT LOG:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 5:12:46 PM, on 3/18/2011Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v8.00 (8.00.6001.19019)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\hp\support\hpsysdrv.exeC:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exeC:\Windows\RtHDVCpl.exeC:\Windows\System32\M-AudioTaskBarIcon.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Windows\System32\rundll32.exeC:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exeC:\Program Files\Nova Development\Photo Explosion\4.0\ReminderApp.exeC:\Program Files\Avira\AntiVir Desktop\avgnt.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\iTunes\iTunesHelpe... Read more

Answer:iCityfind redirect removal -- assistance humbly requested

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not d... Read more

82 more replies
Relevance 59.45%

Hello valued Tech Experts.

To begin, here are some features of my hardware:

Hardware / System Info
Computer Model: HP Pavilion g6 Notebook series laptop.
Operating System: Windows 7 Home Premium.
Processor: AMD A6-3400M APU with Radeon HD Graphics 1.40 GHz
Ram: 6 GB (5.48 GB usable)
System Type: 64-bit Operating System

Symptoms began a few weeks ago, and are listed below:
-Slowness in processing speed.
-Quickly draining battery.

Background Info / Case History:
-I had Avast installed on my computer prior to any problems arising. I assumed it was fairly reliable and caught things on occasion.
-I began to check the processes when my computer started up to see what was wrong.
-One of the first (I think) processes that started utilizing excessive memory was chrome.exe *32
-I ran Avast, but it did not detect anything.
-Over time, I think more processes started having the *32 marker beside them and using excessive memory. [A full list as of this morning is listed below.]
-I noticed that the Avast applications also have the *32 marker, which makes me think that something in the Registry (maybe?) has affected Avast's ability to detect whatever I've got.
-I started to poke around on forums and online (I will now refrain from doing that until I receive your feedback).
-I downloaded Malwarebytes and upon running it for the first time, it detected several applications that were immediately quarantined.
-Upon restarting my computer, the Malwarebyt... Read more

Answer:Malware Assistance Requested (Possibly Trojan.Poweliks?)

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.


Why Does Chrome Have So Many Open Processes?


Please download AdwCleaner from here and save it to your desktop.Do NOT click the green 'Download' button(if visible).
Click the blue 'Download now @bleepingcomputer' button.
Run AdwCleaner and select Scan
Once the Scan is done, select Clean
Once done it will ask to reboot, please allow the reboot.
On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[S#].txt
Please copy/paste the contents of the log in your next reply.

Please download Farbar Recovery Scan Tool and save it to your desktop.Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
Make sure the Addition.txt button is ticked.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). ... Read more

19 more replies
Relevance 59.45%

Hello folks thanks in advance for any help offered. My problem is this.. I built my own system and it has worked fine for the past year or so. My problem started when I installed a new graphics card. It installed fine and it all worked well. Then the next day I play a game for several hours.. leaving my system on for most of the day. It crashes out of a game of World of Warcraft I am playing giving some error about loading textures. I try to restart the game but it repeats the error when I try to login. So, I reboot my system and as it starts up the bios it hangs up on the part where it is 'Detecting IDE Drives'. I try to enter my bios and it says it's loading when I hit f8 but never does. This problem stays active unless I let the computer stay off for a while, so I assume it's a heating issue tho I hate to assume and am a bit confused about how to troubleshoot it and need some advice. I'd also like to note that the first time I start the system for the day it always boots fine, it's only after an extended time on that it does the hanging at 'Detecting IDE Drives' screen. I actually took the case off and moved my SATA cords around a bit, then restarted and it worked...a few times. But the sure fix so far is letting my system stay off for a few hours. Any ideas? If you need more info just ask.

Vista Home Premium 32-bit
Intel Core 2 Quad CPU Q6600 @ 2.4ghz
4 gigs ram
NVIDIA GeForce GTX 260
I used HWMonitor and this is t... Read more

Answer:Solved: Issue with 'Detecting IDE Drives' Assistance requested

11 more replies
Relevance 59.45%

Hi there, I have been having problems since Friday with my computer, things running slowly, the windows update disabling itself and system restore being reset. I know the cause occurred on Friday arvo as the system restore point was set then.

By scanning a number of websites, I was able to deduce that I had most likely given myself Virtumonde, so I looked for solutions, and found the online Panda Scan, Kasper Sky and Spyware Blaster.

Running these, I think I was able to get rid of the infection, but I would like an experienced operator to ensure my problem is gone.

I run xp home, and have service pack 3 installed.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:33 PM, on 10/7/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe
C:\Program File... Read more

Answer:Virtumonde/Monder infection suspected. Assistance requested.

Were these files renamed by you?


Are they still present? If so, delete them.

Open HijackThis and click on 'Do a System Scan Only'. Place a check next to the following entries if they exist (make sure you do not miss any) and click Fix Checked

O2 - BHO: (no name) - {9B28B2D3-2B65-41FC-8EC1-6AF94741C05B} - C:\WINDOWS\system32\wvUoOHYo.dll (file missing)

Close HijackThis now.

Download RSIT by random/random and save it to your desktop.
Double click RSIT.exe to start the tool and click Continue at the disclaimer.
When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of log.txt here.
Please attach info.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\rsit\info.txt

Click Upload.


9 more replies
Relevance 59.45%

Hello All,

Just discovered this forum, its already proved quite helpful to me, but I unfortunately don't seem to have isolated my problem completely yet. Whenever I log into my cpu in normal mode, before I take any actions or access any programs, I receive a couple of McAfee Error Messages, then receive the BSOD with the following Stop message and info:

PAGE_FAULT_IN_NONPAGED_AREA ***STOP: 0x00000050 (0xE2BD5000, 0x00000000, 0x804FCB3F, 0x00000001).

I visited a couple of the websites suggested at the top of this topic list, and tried to implement some of the suggested troubleshooting techniques, such as removing/retesting hardware and running chkdsk (no errors found), but still receive the same BSOD shortly after any time I try to log in normally (i.e., not in Safe Mode). Even after reinsalling my Windows XP disc, very little improvement (maybe a bit more working time before the pop-ups and the BSOD).

I tried contacting McAfee and having them troubleshoot, they insisted that my problem was a corrupted version of Windows (they couldn't access IE to remove or update their program). When I contacted Dell, they insisted that the problem likely lay with McAfee and that I needed to go through them to have their program removed or reinstalled.

I can't uninstall McAfee myself via any normal method. I can get on IE, but can't seem to download Windows Updates any longer. So I'm left with this frustrating circular logic of not knowing where... Read more

Answer:BSOD Stop Error 0x00000050 assistance requested

who's normal these days?

I can't uninstall McAfee myself via any normal methodClick to expand...

Have you seen if the program you are trying to delete is present in the Control Panel?
< left click Start
< highlight Settings and then Control Panel
< click Control Panel
< click Add or Remove Programs (in Classic view or Category view)
< click McAfee after the list loads
< click the button Change/Remove
Hope this helps oh and by the way CPU means Central Processing Unit

10 more replies
Relevance 59.45%


I'm quite familiar with installing/using XP but I have recently upgraded to Win 7 32 bit Pro. I got a deal at the end of 2009 to buy an "upgrade" CD which I downloaded from MS - you can upgrade an existing XP installation.

I installed a clean XP OS (32 bit Pro) then upgraded to Win 7 32 bit Pro. It worked fine for about a week, during which time I installed no new hardware but did install Firefox, Thunderbird, Google Sketchup and a few software utilities.

So to sum up:
X86 32 bit Pro, downloaded from MS as an upgrade (MD5 matched OK)
H/W is perhaps 4 years old
OS is a fortnight old

The attached perfmon and jcgriff files are contained in the attached file

Symptoms - a spontaneous OS crash, BSOD and immediate reboot whilst doing nothing in particular - maybe moving the mouse, maybe reading an html page, maybe send/receiving emails.

I did have SP1 installed, and now I have uninstalled it but the BSODs keep happening. Presumably the rest of the info I need to supply is in the minidumps - hope so.

If you can point me in the right direction (h/w failure, devise driver failure, corrupt DLL?) I would be very grateful. I have spent many hours sorting out my computer recently and I am not getting very far.

Thanks in advance


Answer:BSOD assistance requested please - newish install, new user

Please reinstall SP1 - it is remarkably stable and trouble-free.

MSINFO32 shows a bunch of STOP 0xB8 errors in PGPwded.sys - a component of PGP Desktop. Please uninstall it and see if that stops the BSOD's (this is also the cause cited in the memory dumps that are analyzed below).
Also, PGP Desktop seems to have a slew of vulnerabilities - so an independent virus scan is advisable ( free here: Free Online AntiMalware Scanners (read the details at the link) )

I have also seen issues with the Samsung Kies program - please uninstall it until we're finished troubleshooting.

- Please update these drivers from the device manufacturer's website - or uninstall/remove them from your system. Reference links included below.
- DO NOT use Windows Update or the Update Drivers function of Device Manager.
- Please feel free to post back about any drivers that you are having difficulty locating.
- Windows Update exceptions may be noted below for Windows drivers:



amdxata.sys Tue May 19 13:57:35 2009 (4A12F30F)
PGPfsfd.sys Thu Oct 14 18:09:50 2010 (4CB77FAE)
Pgpwdefs.sys Thu Oct 14 18:19:22 2010 (4CB781EA)
PGPwded.sys Thu Oct 14 18:17:23 2010 (4CB78173)
point32.sys Tue Dec 14 06:09:17 2010 (4D07505D)
MpFilter.sys Tue Sep 14 17:23:59 2010 (4C8FE7EF)
dc3d.sys Tue Dec 14 06:09:21 2010 (4D075061)
nvlddmkm.sys Fri Jul 09 17:15:14 2010 (4C379162)
nvBridge.kmd ... Read more

3 more replies
Relevance 59.45%

Bought a new Lenovo X200 recently and was told that Windows Server 2008 would run on it with no compatibility issues for drivers but found that I was given bad information (yes, from a Lenovo Salesman).  Anyway, here is a list of the troubles I am having with Server 2008 installed.  BTW, if you're wondering why I would want to run Server 08, it's because I need a ultra portable machine to use as a deployment server using Microsoft Systems Center Configuration Manager 07.  The X200 I bought was maxed out. The drivers I am having issues with are:Ethernet Controller (Wireless works, but LAN will not)PCI Serial PortPCI Simple Communications ControllerThinkPad Bluetooth with Enhanced Data Rate IIUnknown Device (I am guessing this is the figure print reader)I've downloaded all the latest LAN drivers and tried them all from Lenovo.  I've went to Intel and did the same.  Installation of the FigerPrint reader fails.  My main concern is the LAN driver.  I must have that in order to deploy images on LANs.  Any and all advice or recommendations are greatly appreciated.Thanks

Answer:X200 with MS Server 2008 - Driver Assistance Requested

welcome to the forum! LakeErieVike wrote: Bought a new Lenovo X200 recently and was told that Windows Server 2008 would run on it with no compatibility issues for drivers but found that I was given bad information (yes, from a Lenovo Salesman). did this information come from a lenovo phone sales rep or a dealer who resells lenovo products?   windows server OSes are not officially supported on any thinkpad and never have been.   inside sales reps should all be aware of this fact but i cannot speak for resellers.  regardless, all hope isn't lost yet.   just keep in mind that there is still a chance that you won't get everything working. with that said, have you tried vista drivers for the X200 found here? if so, have you tried to install drivers manually?   here is the process: - download the driver- run the .exe and note its installation location- open device manager and right-click the device with the yellow bang and select 'update driver software...'- select the 'browse your computer' option- click on the 'let me pick from a list' button- click the 'have disk' button- browse to where the driver package extracted and select the main directory- click 'ok'

3 more replies
Relevance 59.04%

Now I can't access this site on another computer because I get the message: Avast Web Shield has blocked access to this page because the following certificate is invalid, SS1278353 I've run the Avast software, Malwarebytes, Adwarecleaner, and 360 Total security to no avail.

What's up?

More replies
Relevance 59.04%

Hello everyone I have a problem with my Toshiba laptop. Avast! Pro Antivirus keeps popping up from down right corner of my screen saying that Avast Web shield blocked malwarius web page or file. It's popping up literally every second and i need a solution how to stop this and remove viruses if I even have them. ( I already looked on web for solutions and everyone is saying different so i don't want to mess it all up).Edit: Topic moved from Windows 7 to AII ~ Computerxpds

Answer:Avast web shield problem, need help!

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

1 more replies
Relevance 59.04%

I really like Avast AV very much. I have a question about the Web Shield part of the program. On the program itself, generally 6 of the 7 modules are running. I do not have Outlook or MS Exchange so for that area the program says, "The Program is Waiting for a Subsystem to Start." (or something like that.)

About once a month, maybe twice a month, I will notice 5 of the 7 providers running and the program will have one of the Web Shields running. However, it will say, "The Program is Waiting for a Subsystem to Start." (instead of saying, "The Provider is currently running." The funny part is that when I go to webpages and do a check, the Web Sheld is still scanning them. So on the Web Shield thing, what is Avast waiting for?

This is a common issue with the program based on Internet Searches. I don't know if this is a bug or the way that Avast 4.8 works. Can you also provide information about the two different shields that the program uses? One is the Web Shield, the other is called the P2P Shield.

The updates are working fine. Oh, it hasn't happend often enough, but so far the only way that I can get the Web Shield back to not saying, "The Program is Waiting for a Subsystem to Start." is to do a reboot.


Answer:Question About Avast 4.8 AV Web Shield?

Go to control panel and uninstall avast, when you try it it will display 4 choises choose repair.
Webshield scans scripts, cookies such stuff from yout browser.
And psp shield scans files downloaded from utorrent, limewire you can see them all if you right click avast icon choose on access protection contol psp program-customize.

2 more replies
Relevance 59.04%

i have a wireless (11b) netgear router mr814, and a laptop with both wired/wireless adpators (sony k13) running win-xp-home. i setup both router and wireless adaptor, the connection was established, with correct ip addresses etc. dhcp-ed from the router, but when i saw the wireless statistics by double click the icon in the tray, it only showed up wireless adaptor sent out several pkt but nothing received. i used a cable connected the wired port on the laptop, that wired network worked fine. but the wireless one still didn't work. it took me quite a while to figure out that if i disable the wired network adaptor, the wireless on started to work happily. whenever i re-enable the wired adatpor, even it was not connected to the router, the wireless adaptor stopped working. i have another dell old computer running xp-pro, with both wired and wireless adaptor as well, doesn't have this kind of problem. anyone has a clue?


Answer:wireless & wired network conflict in WinXP home

9 more replies
Relevance 59.04%

i have setup a small home network between two machines with winxp. both machines have sharing enabled on the c drive. it is possible to access files from one to the other but not both ways despite admin user priviledges on both. any thoughts?

Answer:winxp small home network - file sharing

It is possible. Set the PC holding the files to allow file sharing (it's in the properties of the folder you want to share), and the PC that needs to access those files but not share it's own files to not allow file sharing.

2 more replies
Relevance 59.04%

I've got a linux box running redhat 9.0 specs in sig. And am trying to run samba to get my winxp home box and redhat 9 box able to swap files. I want to dump stuff onto my linux comp so taht i don't need to have them on my winxp home box.

Has anyone found a good howto on how to do this?? i got the workground set to Mshome which is what the workgroup is on my winxp home box. and started it via /etc/rc.d/init.d/smb start but getting nothing on my network places???? wtf is going on????

Answer:Howto setup samba on network with winxp home box????

If yer just starting out on Linux and want to get it all setup fairly easily, I would recommend installing webmin. That's how I learned. I would make changes and then take a look at the config files and see what webmin wrote to the config file.

One thing you have to make sure of is to enable null passwords. If you don't then you'll always be asked for a password when browsing shares on your samba server.


8 more replies
Relevance 59.04%

Hi, all

My home network is as follows: I have a desktop running Win7 Pro 64-bit connected to my router via ethernet cable. It has two drives set to share on the home network. I have a Win7 Ultimate 64-bit laptop (connected to the network wirelessly) that can currently access the two shared drives on the desktop ("access", as in can read, write, modify and delete files on the shared drives). I have them mapped as E: and F: drives in My Computer on the Win7 laptop.

The issue: I have a WinXP laptop (also accessing the network wirelessly) that I need to have the same access as the Win7 laptop. I was able to get the WinXP laptop to "see" the shared drives (also mapped as E: and F: drives in My Computer), but when I click on either of them on the WinXP laptop I get an error pop-up that says "E:\ is not accessible. Access is denied."

I have verified that the drive contents are fully accessible via the Win7 laptop.

What could I be missing that WinXP needs to be able to access those drives?

Thanks for anyone's help!

Answer:WinXP can map but can't access Win7 drive on home network

If you need complete access to the entire drive by Everyone on your network simply go into the Security tab of the drive and use the advanced sharing settings then enter Everyone in the open box when it comes up. Use the check marks for full access as required. This link shows you how> HDD sharing

There are certain risks involved with sharing the entire drive with Everyone on your network. You should know who has access to your own network and what that means. Though it is possible to allow for access by only certain people on the network, the process required for that is much more work and I don't really feel like going into the specifics right now. From a security stand point you would be better off sharing the entire USER folder if you need that sort of access.

And before anyone tells me this isn't a very safe way to share, I'm well aware of the risks involved but keep in mind I have warned the OP and I am giving the Op EXACTLY what they are asking for.

4 more replies
Relevance 59.04%


I have 2 Windows XP computers connecting to a LinkSys DSL Router which in turn connects to a broadband internet connection. I have successfully got the internet connections to work. But I cant access either of my computers on the network.

When I go to Windows Explorer (on both computers) and go to my computer workgroup it says ...
[WORKGROUP] is not accessible ... you might not have permission to use this network resource. Lis of server is currently not available.

I am not sure how to make it accessilbe.

Any help would be appreciated.

More replies
Relevance 59.04%

If I want to share files/folders with 2 networks but the files/folders on each network is different to each other. Eg...
Network 1. Share folder 'abc' and all of its contents.
Network 2. Share folder 'xyz' and all of its contents.
To do that, I checked the share folder tab in properties of each folder to share it. Both folders are seen by both networks.

How do I show Network 1 the 'abc' folder and not 'xyz'?
And then... Network 2 the 'xyz' folder and not 'abc'?

I am using WinXP Home Ed and it is just a basic network of a PC and 2 laptops.

Answer:File Sharing Help Needed on WinXP Home Network

Enter a share name for your folder or drive and place a dollar sign ($) at the end of the name, i.e., MyPixx$ The name can be up to 12 characters long (including the dollar sign).
That's it!

That folder is now hidden and won't be visible by any other user on your network, nor will it appear in My Network Places or Network Neighborhood. Only by knowing the name of the folder can others access it, so make sure you choose a difficult name to guess if others trying to access it is an issue with you.

2 more replies
Relevance 58.63%

EDITED BY AUTHOR 2012-02-28PLEASE DISREGARD THIS POST. THANKS TO YOUR INSTRUCTIONS AT I WAS ABLE TO RESOLVE THIS ISSUE MYSELF. THANKS FOR CONTINUING TO PROVIDE CLEAR, RELIABLE INFORMATION AND SOLUTIONS ON SPECIFIC MALWARE PROBLEMS!Hello.As stated in the topic title, I am humbly requesting assistance in removing "Security Shield" malware from my Dell Latitude D610 running Win XP SP 3.I have attempted to download and run DDS and GMER. However, the malware is blocking both IE and Firefox. I have tried to download DDS and GMER on a separate computer and then copy the downloaded files, via flashdrive, to the desktop of the infected laptop, but neither DDS nor GMER will run. Consequently, I am unable to attach a dds.txt file, attach. txt file, etc.I apologize for not having the latter files available to attach. Any advice on how to create these files would also be greatly appreciated. (Would it suffice to try to create the necessary file(s) in Safe Mode?)Thank you in advance for any reply and assistance you can provide.

Answer:Request Assistance: Security Shield malware Windows XP

EDITED BY AUTHOR 2012-02-28PLEASE DISREGARD THIS TOPIC.Hello,I need to add that I now have been able to run DDS (perhaps by rebooting and then launching as soon as I have logged on -- ??before the malware can fully load??). HOWEVER, the "Security Shield" malware does not allow the text files created by the DDS utility to appear -- instead, in an initial instance it "blocked" Notepad with a warning message, and in all subsequent instances Notepad with the DDS-created .txt files will not stay on screen for longer than a split-second.More specifically, after DDS finishes checking my system (in the black-and-white command prompt window), I do get the initial DDS popup saying that the files have been created and "shall appear after you have closed this window" (i.e., after clicking OK). But, as soon I click OK, a text file blinks on my screen for only a split-second and then disappears -- faster than I can possibly save it. I have tried multiple times to run DDS and obtain the dds.txt and attach.txt files, but every attempt has failed because of the problem with the text file(s) not staying onscreen for more than a fraction of a second.I also now have been able to run GMER but am still waiting for that process to complete to determine whether it will produce a log that, unlike with DDS, I will actually be able to save. After the GMER process completes, I will post an additional message indicating whether I have been able to save the requisite ark.... Read more

2 more replies
Relevance 58.22%

the behaviour shield is yet not improved....

i still see the shield is not yet fully operational on auto decide it should be able to block atleast 50% of malware beahviour atleast...

i see the behav shield records suspicious events but doesnt block them neither no alerts are displayed....why??

I saw all this in my tests...behav shield records suspicious events but doesnt display a pop-up and neither blocks it....

when avast sees something bad is suspicious is going on it should block it....what's the deal with that??

Answer:no improvement in avast 7 for behaviour shield.

Likely Behavior Shield uses heuristics analysis so therefore a file that's known to be malicious/suspicious will popup so for Sandbox feature too.

When its set to ask a behavior popup must shown with the option.

24 more replies
Relevance 58.22%

Thanks for your time.

I just installed Antivir and felt naked without a web shield, so I reinstalled everything in Avast! except the standard shield.

In theory, this should work, however the apps froze on startup, so I set Avast! to launch after all other applications load and they seem to like each other now.

What I'm here to ask is whether this should theoretically cause any problems.

Please don't reply with, "OMG YOU ONLY NEED ONE ANTIVIRUS" because I am only running one antivirus. My reasoning for running both apps is so that the Avast! web shield will take effect during browsing, and Avira will handle everything locally. The issue I have with using Avast! for everything is that it seems to constantly scan all my files, without letting me set it to just "scan on application read/write" which causes major slowdowns.

Answer:Antivir + Avast (Web Shield Only) Compatibility

Wow no one has any experience with this pairing? That's amazing.
OK thanks anyway.

1 more replies
Relevance 58.22%

Hi everyone,

new beta version 17.5.2298 is released.

What's new:
- Tiny Firewall for blocking EternalBlue exploit - (internal) It is a part of StreamFilter, turned ON/OFF by Online Shield
- internal fixes

As many of you are aware Avast and AVG are 1 company now. Cause development of 2 different UIs takes different time, in this beta we introduce Ransomware shield in AVG beta now. You can expect Ransomware shield in Avast in next betas.

If you wanna try Ransomware protection in AVG build, check this link:
- AVG Antivirus Beta 17.5.3017

Download links:
BETA testing - Overview & Download links

Answer:Finally,the ransomware shield in avast

Good, but why they need a whole new tiny shield for stopping an exploit and this has to go through beta and be delivered after tests!? There are firewalls for blocking ports like the Windows Firewall and the Avast one in paid solutions. Maybe it is a sign that they need something like Norton's IPS?

3 more replies
Relevance 58.22%


Brand new computer (well, used, but new to me) and the same old virus problems.

The Avast Behavior Shield turns itself off every time I hit "Connect" on VZAccess manager during the last 24 hours. Avast does warn me that it's off and I click it back on manually. Says it's back on, but I have my doubts.

Particularly as when I tried to surf eBay, the website suddenly thought I lived in the Czech Republic. Yeah, I've changed my eBay password and my PayPal on a friend's clean computer already.

So here's the DDS log with the ATTACH, err, attached.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18377
Run by Lois at 19:58:07 on 2017-05-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2302.1316 [GMT -7:00]
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus *Disabled* {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\s... Read more

More replies
Relevance 58.22%

Every time I open firefox, a window or tab I get a frightfully well spoken lady telling me a threat has been detected. I've run malwarebytes (4 PUP detected and removed) and scanned with Avast (no problems detected). Only intrusion found recently is homepage hijacked by search engine which is OutBrowse sp4 but can't find it in programs (control Panel) to remove it. Any ideas pls?

Answer:Avast Web Shield threat detected

Take a read here - there is a LINK to download AdwCleaner which should be able to remove it.
outbrowse removal guide

2 more replies
Relevance 58.22%

I recently went from Avast 4.8 to Avast 5 and am pleased with the new version. I note that it has a Behavior Shield and can't recall if the earlier version also had. What I would like to know is this: does the Behavior Shield make Threatfire, which I also use, redundant?

Unfortunately, although I tried to glean an answer from Avast's Help Center, I do not know enough about computers to know what the description there of the Behavior Shield amounts to: it 'monitors all activity on your computer and detects and blocks any unusual activity that might indicate the presence of malware. It does this by continuously monitoring your computer's entry points using special sensors to identify anything suspicious.'

I have XP, SP 3.

Thanks in anticipation.

Answer:Avast 5's Behavior Shield and Threatfire

Behavior shield - monitors all activity on your computer and detects and bloxks any unusual activity that might indicate the presence of malware. It does this by continuously monitoring your computer's entry points using special sensors to identify anything suspicious.avast! 5.0 Quick User GuideThreatFire monitors your machines activity and uses an intelligent behavioral engine to alert you about malicious behavior rather than rely on signatures. - How ThreatFire WorksAs such there will be some redundancy using both but their technology is different and therefore, what is detected may vary.

2 more replies