Computer Support Forum

Winspooler Virus Or Vundo Dunno

Question: Winspooler Virus Or Vundo Dunno

I was downloading a program off of Limewire and when I opened it a box named Winspooler popped up it read "Patch applied succesfully! If your software is still trial maybe you need to install it before patch it." When you click on the ok button it closes out but then a few seconds later it pops back up again. I have downloaded the Kapersky free trial Internet Security the HijackThis log program. I have also ran AVG virus scan and a VundoFix scan and it has not fixed the problem. When I ran the AVG virus scan the only thing that it came back with was Trojan horse BackDoor.Generics9.VCV. It was located in C:\Users\Mo\AppData\Temp\temp_01.exe. Any help in cleaning my computer would really be appreciated.

More replies
Relevance 100%
Preferred Solution: Winspooler Virus Or Vundo Dunno

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Relevance 70.93%

I was downloading something off Limewire and after the download finished my McAfee popup a notice saying that a trojan has been removed and as soon as I click "OK" a winspooler message then pop ups saying "Patch applied succesfully! If your software is still trial maybe you need to install it before patch it." Thos 2 message keeps popping up after another as soon as "OK" is click. I tried using the runscanner, it work at first but when i tried restarting the computer, the winspooler popup again. Then i saw a suggestion on yahoo answer to use vundo fix but it wasn't able to detect the problem, same with VirtumundoBeGone. Also, I'm not sure if this would help, but i saw a comment in yahoo answer that having a McAfee will cause even more conflicts. I am including a HijackThis log. Any help would be greatly appreciated.Deckard's System Scanner v20071014.68Run by Nancy on 2008-04-18 16:56:22Computer is in Normal Mode.---------------------------------------------------------------------------------- Last 5 Restore Point(s) --15: 2008-04-18 06:31:19 UTC - RP419 - Installed 14: 2008-04-18 06:26:58 UTC - RP418 - Installed 13: 2008-04-18 06:05:46 UTC - RP417 - Installed 12: 2008-04-18 06:05:07 UTC - RP416 - Installed 11: 2008-04-18 06:04:04 UTC - RP415 - Installed -- First Restore Point -- 1: 2008-04-08 05:03:19 UTC - RP405 - Windows UpdateBacked up registry hives.Performed disk cleanup.Percentage of Memory in Use: 77% (more than 75%).Total Physical M... Read more

Answer:Winspooler Popup/vundo Infection

Hello homebody,

Welcome to Bleeping Computer

Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea

2 more replies
Relevance 63.14%
Question: Winspooler virus

About a week agoI was downloading something off Limewire and after the download finished I got an error message saying, "Patch applied succesfully! If your software is still trial maybe you need to install it before patch it." In addition to that I also get an Error message from Limewire saying, " Your Save folder is not valid It may have been deleted, you may not have permission to write to it, or there may be another problem. Please choose a different folder." I chose another folder but the same message came back. I am including a ComboFix log and a HijackThis log. Any help would be greatly appreciated.

ComboFix 08-03-18.1 - Kati 2008-03-20 9:42:58.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.943 [GMT -3:00]
Running from: C:\Users\Kati\Music\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Kati\AppData\Roaming\inst.exe
C:\Users\Kati\AppData\Roaming\macromedia\Flash Player\#SharedObjects\DGEJH4A5\www.broadcaster.com
C:\Users\Kati\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Users\Kati\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Windows\system32\x64

.
((((((((((((((((((((((((( Files Created from 2008-02-20 to 2008-03-20 )))))))))))))))))))))))))))))))
.

No new files crea... Read more

More replies
Relevance 63.14%

from the full HJT log this line is the only one that has the .exe file..

O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe

is the rest of the HJT log necessary?

the popup reads. [ "Patch applied successfully! If your software is still trial maybe you need to intall it before patch it."]

How do I get rid of this?

Answer:Winspooler.exe Virus

Hello and welcome to BC wtmac,

In order to assist you we need additional information.

What is your operating system: Windows XP, Vista, etc.?

What are you doing when the pop-up appears?

Please do not post an HJT log, we do not deal with them in this forum. If it is determined that you need to post an HJT log, you will be provided directions for doing so at that time.

Orange Blossom

1 more replies
Relevance 63.14%
Question: winspooler virus

I had panda active scan do a virus scan for me, and i exported the results:
here is the exported information:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-05-13 21:45:46
PROTECTIONS: 1
MALWARE: 57
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
McAfee VirusScan Enterprise 8.5.0.781 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00101555 Application/KillApp.B HackTools No ... Read more

More replies
Relevance 63.14%
Question: Winspooler Virus

I was downloading something on Limewire and after it was finished a message came up that said "Patch applied succesfully! If your is still trial maybe you need to install it before patch it." It won't go away. And along with the message I get a message from Limewire that says "Error. Your save file is not valid. It may have been deleted, or there may be another problem. Please choose a different folder." Please let me know if you can help me it's driving me crazy. Here is my ComboFix Log and HijackThis Log.ComboFix 08-03-18.1 - Kati 2008-03-20 9:42:58.1 - NTFSx86Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.943 [GMT -3:00]Running from: C:\Users\Kati\Music\Desktop\ComboFix.exe * Created a new restore point.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).C:\Users\Kati\AppData\Roaming\inst.exeC:\Users\Kati\AppData\Roaming\macromedia\Flash Player\#SharedObjects\DGEJH4A5\www.broadcaster.comC:\Users\Kati\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.comC:\Users\Kati\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.solC:\Windows\system32\x64... Read more

Answer:Winspooler Virus

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new HijackThis log, along with a description of any problems you are experiencing. If we do not hear back from you within a couple of days we will need to close your topic.When posting your logs please post them directly into the reply. Do not attach them.Thank you for your patience.

1 more replies
Relevance 63.14%

I keep getting that popup about "patch applied successfully!, if your software is still trial maybe you need to install it before patch"

Well I've looked at the threads about winspooler and I tried to follow the directions given, but of course life isn't fair and I have errors:

I used combo fix, and that worked fine, I then downloaded SDFix and followed all the directions given: turned off antivirus thing, and rebooted in safe mode, and then ran the program but it didn't work.

I later found out SDFix isn't compatible with Vista, but they had a catchme.exe substitution that came with the download for Vista users. Well I ran that but it keeps freezing at the same area, and doesn't finish. Maybe my configurations aren't correct? I don't know, please someone help me.

I will have to post all my logs in separate posts because I'm not allowed to post more than so many characters at once. I will show my HJT log, my combofix log, and my catchme logs:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:15, on 2008-04-09
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Wind... Read more

Answer:winspooler virus again

My ComboFix log:

ComboFix 08-04-08.10 - Erin 2008-04-09 11:28:03.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.918 [GMT -5:00]
Running from: C:\Users\Erin\Desktop\ComboFix.exe
* Created a new restore point
.
TimedOut: Windir.dat
TimedOut: progfile.dat

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\KBL.LOG

.
((((((((((((((((((((((((( Files Created from 2008-03-09 to 2008-04-09 )))))))))))))))))))))))))))))))
.

2008-04-09 11:28 . 2008-04-09 11:28 6,736 --a------ C:\Windows\System32\drivers\PROCEXP90.SYS
2008-04-09 11:08 . 2004-08-30 21:00 1,478,656 --a------ C:\Windows\System32\WinSpooler.exe
2008-04-09 11:08 . 2008-04-09 11:11 37,888 --a------ C:\Windows\System32\rar.exe
2008-04-09 11:07 . 2008-04-09 11:11 <DIR> d-a------ C:\Users\All Users\TEMP
2008-04-09 11:07 . 2008-04-09 11:11 <DIR> d-a------ C:\ProgramData\TEMP
2008-04-08 20:46 . 2008-04-08 20:46 <DIR> dr------- C:\Windows\System32\config\systemprofile\Music
2008-04-08 20:39 . 2008-04-09 11:04 <DIR> d-------- C:\Users\Erin\Incomplete
2008-04-08 20:37 . 2008-04-09 10:59 <DIR> d-------- C:\Users\Erin\AppData\Roaming\LimeWire
2008-04-08 20:36 . 2008-04-08 20:37 <DIR> d-------- C:\Program Files\LimeWire
2008-04-08 17:22 . 2008-04-08 17:22 944,184 --a------ C:\Windows\System32\winload.exe
2008-04-08 17:22 . 2008-04-08 17:22 620,088 --a------ C:\Windows\System32\ci.dll
2008... Read more

2 more replies
Relevance 62.32%

I have followed the steps outlined in a previous post to the best of my ability. Removed all signs of viruses and trogans. attached is the panda security virus report and the extra.txt file that was requested in the removal post.

Please find current hijackthis log below.
Any help would be greatly appreciated.

regards
Joe

Deckard's System Scanner v20071014.68
Run by Joseph on 2008-05-16 12:12:33
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Joseph.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:12:34 PM, on 16/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\mysql\bin\mysqld-nt.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PavFn... Read more

Answer:Winspooler virus removal log

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cl... Read more

7 more replies
Relevance 56.58%

Hi, starting from yesterday night I've been getting these hits from my Kerio Firewall where a bunch of nowheres try to connect to my "Task Scheduler Engine" and the application involved on my PC is c:/Programs/WINNT/system32/mstask.exe
I've scanned the file using Norton AntiVirus but it was not identified as a virus. I tried to quarantine it but even after the quarantine there's still hits from my Kerio Firewall.
Also, at the same time I've found a Download.Trojan virus in my PC and I've deleted it. I am not sure if there is any connection between the Trojan virus and mstask.exe.
As I am a total idiot in computers, can someone tell me if this is a virus and what should I do with it. I would greatly appreciate any help.
 

Answer:I dunno if this is a virus

Hi innewton, mstask is a windows scheduler, not sure why it it coming up as a virus, I included a link to info on it.

http://www.liutilities.com/products/wintaskspro/processlibrary/mstask/

Also you might try a different firewall, I use sygate it's free and very good, heres a link.

http://sygate.com/

Good luck.
 

2 more replies
Relevance 56.58%

when i start up my computer there is thing in the task bar which says "downloads" and when i double click on it it goes to the other side of the task bar. it starts off on the right.

also i there was a link to my shortcuts folder in the start menu, which wasnt there before. and in my shorcuts folder on my desktop there is a folder called gozilla downloads, which wasnt there before either.

i un-installed gozilla but the donloads thing in the task bar is still there.

the dowloads thing is NOT in the running task thing eg: ctrl/alt/del
i also had a trojen called "backdoor somthing" but my anti-viruses found and cleaned it, but wait theres more............i also got an e-mail that my isp warned me about and promptly deleted it, please help (no pun intended)
 

Answer:i dunno if its a virus or not :(

7 more replies
Relevance 56.58%

Hi there!
A couple of days ago, in trying to download a torrent I think I caught a malware. I thought BitDefender 2010, my AntiVirus, had put it in quarantine but for the past two days, everytime I boot into Windows 7, before I do anything, some crash-report window appears (today they were 3!) I ran a BitDefender "deep scan" but after some 2 hrs it came up clean. Clearly there's something wrong because as soon as I boot Win7 the windows keep popping up. See picture attached.
Can anyone suggest some solution to this problem?
Thank you for your time.
P.

Answer:Got a Virus but dunno even its name!

I'm posting the DDS.txt and attaching the Attach.zip files. I also downloaded and ran gmer.exe but for some unknown reason it stops working after sometime, maybe it's the virus' effect (I first turned off BitDefender Antivirus).
I am therefore unable to post the ark.txt file. Hope someone can help me. Thanks.


Code:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Pooja at 17:21:25 on 2011-12-09
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1033.18.2046.1257 [GMT 1:00]
.
AV: BitDefender Antivirus *Enabled/Updated* {982ADE23-275B-0766-37C5-DE01A484098E}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: BitDefender Antispyware *Enabled/Updated* {234B3FC7-0161-08E8-0D75-E573DF034333}
FW: BitDefender Firewall *Enabled* {A0115F06-6D34-063E-1C9A-77345A574EF5}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\sy... Read more

2 more replies
Relevance 56.58%

Second time this is happened so need some help fixing it.

Blue screen comes up telling me it found something wrong wish I could be more specific but yeah.

Did copy what I think was telling me the problem and it goes like...

***STOP 0x0000008E (0xC0000005, 0xF82338C6, 0xA720B870, 0x00000000)

*** Ntfs.sys - Address F82338C6 base at F8213000, Datestamp 41107eea

Did I copy the write part? Or should i get out of safety mode and try to booting normally and copy it all...

Please help!
 

Answer:Dunno if its a virus or what but I need help.

No this is more than likely not related to malware. I'm moving this to the Software Forum.
 

3 more replies
Relevance 55.76%

Hi Guys, please bear with me if I've posted this wrong I'm new to your forum. I have a Windows xp based system and using IE6 I went to shut down last night , AVG warned me It had detected a trojan. My machine is now running slow and AVG is not showing in the task bar and I can't activate it. There are all sorts of exe. files running in the task manager and some sort of programme called system security has installed itself and keeps telling me I have malware etc. and I need to buy it to remove them. Please help ?

Regards
 

More replies
Relevance 55.76%

alright, so i recently switched from symmantec antivirus and firewall to Vipre antispyware + antivirus. Soon after, when i was surfing the web using firefox, i received notification that a bunch of trojan's and malware were attacking my computer, and that "a known bad file was blocked from opening". then, my computer promptly shutdown and restarted. This happened repeatedly, so i disconnected my internet, ran a deep scan using vipre and removed the entries. I noticed that my task manager was disabled, which i renabled through regedit, and then noticed that running processes included b.exe and g.exe. I then restarted windows in safe mode and deleted from my C:\Windows folder a.exe, b.exe, c.exe, d.exe, g.exe. I restarted the computer, and ran a deep scan again. This time, Vipre picked up only one entry, an Explorer32.Hijacker. I chose to remove it from my computer. Then, I noticed in task manager that I had 8 svchost.exe running, one of whom had a username that was my name, not a local service or SYSTEM. I looked at the process using Sysinternals process explorer, and it says the associated processes or N\A, not Microsoft Corporation like the other svchost.exe. It also seemed to call up the same registry key as the Explorer32.Hijacker, HKEY_USERS\S-1-5-21-861567501-2147211963-725345543-1003.So, I am using hijack this to see if someone can determine if my computer is infected or not. I am currently also running Trend Micro's housecall, but it i... Read more

Answer:virus or spyware? dunno

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 55.76%

Ok everytime I click on a google/yahoo/other search engine link it redirects me to
a) porn
b) other search engines like "netster"
c) something totally random
Any ideas???
 

Answer:I think I have a virus, but I dunno where to post xD

Welcome to Majorgeeks!

Yes the below guide and steps will get you started on the removals process of these malwares, once completed all the steps, attach your logs and one of your malware experts will be along to assist you with some further manual instructiosn to remove the remaining pests that the initial scans dont get to.

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
Make sure you check version numbers and get all updates.
Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
Downloading, Installing, and Running HijackThis

Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.





When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
CounterSpy
AVG... Read more

1 more replies
Relevance 55.76%

got this msn virus basically it sends a message saying look at this pic of me or something similar. then when you except the .rar file i thnk it is might have been .exe. then it shuts down the window and opens windows to all other online contacts, sends them this message to then shuts down the window. no other window is then able to be opened until msn is restarted. any ideas how to fix it
 

Answer:Solved: MSN VIRUS dunno how to get rid of it

12 more replies
Relevance 55.35%

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:28:31 AM, on 8/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\regscan.exe
C:\WINDOWS\explorer.exe
C:\Program Files\BitLord\BitLord.exe
C:\WINDOWS\system32\MDM.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Mozilla Firefox\fir... Read more

Answer:Dunno... Windows anitvirus virus?

Hi...


Please download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it.
Put a check next to Run VundoFix as a task.
You will receive a message saying vundofix will close and re-open in a minute or less. Click OK
When VundoFix re-opens, click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.
Please post the contents of C:\vundofix.txt and a new HiJackThis log.
================================

Please download the OTMoveIt by OldTimer. Save it to your desktop.
Please double-click OTMoveIt.exe to run it.
Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):



C:\Program Files\Common Files\horydytal22011.exe
C:\PROGRAM FILES\WinPop
C:\Program Files\MSN\profsyvyr.html



Return to OTMoveIt, right click on the "Paste List of Files/Folders to be moved" window and choose Paste.
Click the red Moveit! button.
Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.



================================

Have "Hijack This" fi... Read more

1 more replies
Relevance 54.53%

having troubles with what seems to be a common problem w/ lots of users . please help me out and give me clear instructions in how to get rid of this beast. i'm NOT computer savvy . my JHT log:

Logfile of HijackThis v1.97.7
Scan saved at 7:03:37 PM, on 1/19/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8000
O1 - Hosts: 66.40.16.234 auto.search.msn.com
O1 - Hosts: 64.24.234.120 swirve.com # Added by Utopia Angel
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\BRIDGE.DLL
O2 - BHO: (no name) - {71ED4FBA-4024-4bbe-91DC-9704C93F453E} - c:\progra~1\iesearchbar\iesearchbar.dll
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: (no name) - {71ED4FBA-4024-4bbe-91DC-9704C93F453E} - c:\progra~1\iesearchbar\iesearchbar.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTr... Read more

Answer:troubles with virus / trojan horse? dunno, here's my HJT

7 more replies
Relevance 54.53%

Hope someone can shed some light here.
I'm running XP Pro on an HP Pavillion laptop, 3.2Ghz, 1GB, 80GB, latest SP's installed, using Zone Alarm firewall and IE6.

While I'm typing, even while filling out this thread form, every 10 to 20 keystrokes or so, my cursor will jump to some other place on the page/document, with no rhyme or reason as to where it will end up. The same happens in Office XP Word, Excel, Notepad. . anything where I use the keyboard to make a character/number entry. I ran a Trend Micro online virus scan as well as Adaware and no viruses, the usual spyware detected and removed and a reboot and still the same problem.

This is big-time annoying -- PLEASE, help!!

Thanks in advance

Answer:Annoying keyboarding problem-virus??. . . dunno

Has this system always been like this ? Was it ever good ? Did something happen (like new hardware or software or an update) just before it went bad ?

Does it jump like you suddenly pressed the "alt-tab" key ? Is your keyboard dirty, filled with cookie crumbs and coffee spills ?

Is there a trackball or mouse on the system ? If you disable all the other data input devices, does it still happen ? If you disable the keyboard, does it still happen? If you have the keyboard enabled, but don't touch the keyboard, does the cursor still jump around ?

If you press certain keys (in a controlled manner) can you make (or prevent) it from happening ? Like if you only touch the spacebar repetitively. Count the number of times you press the spacebar. Does the cursor jump after a certain number of keystrokes ? Is that number consistant ?

Does it happen more often if the laptop is in your lap, compared to when it is stationary on a table ?

Are there any loose connections with wires (like a mouse) coming from your laptop ? Check these and see if you can make the cursor jump by wiggling and twisting the connections & the wires.

In short, try to define a set of circumstances where it either happens MORE or LESS often.

Are there any programs where the cursor DOESN"T jump ? If so, are you SURE? If so, and you are not sure, try to make it happen in the program. If you can't make it happen in one program, but you can't stop it in another, that co... Read more

8 more replies
Relevance 54.12%

hi
i am facing problem with my windows which hangs at uneven intervals leaving me with no option but restart the system

i tried repairing windows installation where ihad an error " dsnpfd.sys" file missing but that i guess shouldnt be a problem

i have monitored my cpu temp - which has a working temp of 41 - 56 degrees
hdd runs at 43 degrees


problems...
1. computer hangs
2. cant defragment
3. cant update windows
4. super anti spyware and malware bytes are not working (tried installing couple of times)
5. microsoft .com doesnt open!!! rest all sites work fine

i have scanned my pc (using Mcafee) byt there doesn't seem to be any virus except some busted keygens and patchs


please help as i am not able to understand if its a software or hardware error

Answer:Windows hangs anonymously (dunno if its a virus or some other error)

additionally my GPU runs at around 61 degrees

system spec
4300 core 2 duo
2 x 1 gb 800mhz transcend ram
160gb toshiba sata hdd
samsung dvd writer
p965 neo MSI mobo
nvidia 8500gt 512mb graphic card

running chkdsk always finds somthing on c drive and fixes it but no change

2 more replies
Relevance 48.79%

Please help!!!!

I have got the vundo!generic and Vundo.YF virus detected by ETrust Antivirus software that I have on my laptop. Now even though the antivirus is deleting the files on regular basis but the virus is still not gone.

I went through other forums and I am sure that this is the right place where I can get help. Advertisement pop up keep coming every now and then. Please help me get rid of it.

I installed HijackThis and please find below the log for the same.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:19:12 PM, on 5/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\N... Read more

Answer:Solved: Please help to remove win32?vundo!generic and vundo.YF virus

11 more replies
Relevance 48.79%

Hi.. I'm having problems with multiple virus/malware infections. My computer is running very slow at times and im limited as to what I can do at times also. For example, yesterday I couldn't click on any programs on my start list until I restarted my computer. I've uploaded the attach.txt file as well as my most recent log file from Malwarebyte's antimalware and hijack this. Thank you very much for your help... please let me know if there is anymore info needed from me. Take care -ShawnDDS (Version 1.1.0) - NTFSx86 Run by Home at 19:51:21.19 on Sun 01/04/2009Internet Explorer: 7.0.5730.13============== Pseudo HJT Report ===============uStart Page = hxxp://www.aol.com/?src=aimuURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dlluURLSearchHooks: H - No FilemURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dllmWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\wmsdkns.exe,BHO: {0a935262-9b91-4352-9c18-d679a63c682b} - c:\windows\system32\yatumeva.dllBHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.5\NppBho.dllBHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_04\bin\ssv.dllBHO: Google To... Read more

Answer:Multiple virus help needed - vundo.h, vundo, trojan.agent

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..Please download ComboFix by sUBs from one of the locations below, and save it to your Desktop.Link 1Link 2Link 3Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.If ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..When finished, it shall produce a log for you. Post that log and a fresh HijackThis log in your next reply..Note: DO NOT mouseclick combofix's window while its running. That may cause it to stall

6 more replies
Relevance 48.38%
Question: Winspooler

Hi i was downloading from limewire and i get some exe file that result to be winspooler then i disconnect from the internet to try to stop the possible download of more annoying software so when i click on the message of winspooler that says the patch was succesful it appear again so mcafee detect any time i click a trojan call generic and tell me that it mas in my temp user file i go and i cant see it i delete manually all the temporary files and let the winspooler advice open with the empty temp carpet i clcik the winspooler and mcafee detects the trojan and for a few seconds i see in the temp file the tem_01.exe wich i right click and send to trash or shift spr but the windows ssystem says that the archive wanst there anymore i look for a solutio in mcafee site and found some patch to delete the winspoller but it doesnt install because my suscription was out of date so i download norton the i unistall mcafee all this from another user acount that wasnt showing the winspooler window it appears to be non infected but it wasnt the administrator so i insert my password and dont let me install norton i change the type of acount of the current user and then i finally can install norton i was disconnect while installing and when it finish i connect and run the liveupdate when it finish my computer startup and from the acount that appear to be fine i run a system scan and the nightmare starts my computer doesnt open norton i try this a lot of times then i go back to my account the... Read more

More replies
Relevance 48.38%
Question: Winspooler

I have downloaded at least 4 different things suggest to help get rid of it, at least one of which was one of those cruddy free scans that show you all the things wrong, but you have to pay to fix them. I have a HP laptop with Windows Vista and CA Security center that deletes Win32/Breaspea.C everytime I click OK on the pop up that gives that same winspooler message about the patch being applied successfully.EDIT AT BOTTEMIn following the sticky here are my logs:Logfile of random's system information tool 1.04 (written by random/random)Run by Phyllis at 2008-12-09 01:54:53Microsoft? Windows Vista? Home Premium Service Pack 1System drive C: has 104 GB (73%) free of 142 GBTotal RAM: 958 MB (25% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:55:19 AM, on 12/9/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\System32\smss.exeC:\Windows\system32\csrss.exeC:\Windows\system32\wininit.exeC:\Windows\system32\csrss.exeC:\Windows\system32\services.exeC:\Windows\system32\lsass.exeC:\Windows\system32\lsm.exeC:\Windows\system32\winlogon.exeC:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe... Read more

Answer:Winspooler

Since the forum here won't let me edit my revious post I guess it take longer for me to receive help. It wasn't a .EWI file that I change one of the winspooler files to, it was CA Security Center's .EFW file that makes things unreadab;e by the computer. BUt I still need winspooler gone.I have downloaded at least 4 different things suggest to help get rid of it, at least one of which was one of those cruddy free scans that show you all the things wrong, but you have to pay to fix them. I have a HP laptop with Windows Vista and CA Security center that deletes Win32/Breaspea.C everytime I click OK on the pop up that gives that same winspooler message about the patch being applied successfully.EDIT AT BOTTEMIn following the sticky here are my logs:Logfile of random's system information tool 1.04 (written by random/random)Run by Phyllis at 2008-12-09 01:54:53Microsoft? Windows Vista? Home Premium Service Pack 1System drive C: has 104 GB (73%) free of 142 GBTotal RAM: 958 MB (25% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:55:19 AM, on 12/9/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\System32\smss.exeC:\Windows\system32\csrss.exeC:\Windows\system32\wininit.exeC:\Windows\system32\csrss.exeC:\Windows\system32\services.exeC:\Windows\system32\lsass.exeC:\Windows\system32�... Read more

28 more replies
Relevance 48.38%
Question: Winspooler!

I was on limewire, downloading photoshop and i got this crazed thing, pop ups saying "Patch Applied Successfully! If your software is still trial maybe you need to install it before patch it. try to X out and you know by know, its gonna come back up again and again. blah im retarded, ok now i followed the whole deal thing w/ all the scanning and such, im am running WINDOWS VISTA HOME PREMIUM hijack this notepad Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:27:02 PM, on 3/12/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16386)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Java\jre1.6.0_04\bin\jusched.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\LimeWire\LimeWire.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\System32\WinSpooler.exeC:\Windows\System32\WinSpooler.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Windows\system32\SearchFilterHost.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ... Read more

Answer:Winspooler!

All the copies of photoshop available on Limewire are illegal/pirated.I highly recommend that you uninstall any such programs, and delete the the installers. Not only are such programs illegal, but a lot of them will come bundled with malwareIf you need freeware replacements, then take a look here:http://www.bleepingcomputer.com/forums/topic3616.htmlYou are running a P2P filesharing programme.Many of these programmes come with unwanted components bundled with them.If you wish to find out whether the one you're using does click here.Please note: Even if you are using a "safe" P2P programme, it is only the programme that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.My recommendation is you uninstall it.Open a new notepad window (Start>All Programs>Accessories>Notepad)Copy & paste the contents of the following codebox into the notepad window
attrib -r -h -s C:\Windows\System32\WinSpooler.exe
del /a /f C:\Windows\System32\WinSpooler.exeClick File > Save asIn the box labelled File name copy and paste cleanup.batChange Save as type to All FilesSave it to your desktopClose the notepad windowRight click on HijackThis and click Run as administratorClick on do a system scan onlyPlace a checkmark next to these lines(if still present)O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing ... Read more

1 more replies
Relevance 48.38%
Question: winspooler pop up

I have an irritating pop up I contracted when down loading from limewire.
Its a winspooler with comment "Patch applied successfully ! If your software is still trial maybe you need to install it before patch it". I click on the OK
button to close pop up but it re appears constantly . I carried out the read and run me first with vista cleaning procedure but the pop up is still active.
I have attached the logs from the procedures in read and run me first .
Can anyone please help ??
 

Answer:winspooler pop up

You didn't attach anything...please read this:

HOW TO: Attach Items To Your Post
 

1 more replies
Relevance 47.97%

pls help me.... i get infected winspooler with limewire. i have tried to remove it but the problem is still there. The winspooler will keep poping up sayin "Patch applied sucessfullly! If your software is still trial maybe you need to install it before patch it."Deckard's System Scanner v20071014.68Run by stranger8ddoor on 2008-06-22 21:30:46Computer is in Normal Mode.---------------------------------------------------------------------------------- Last 5 Restore Point(s) --10: 2008-06-21 17:22:59 UTC - RP42 - Scheduled Checkpoint9: 2008-06-21 00:55:30 UTC - RP41 - Windows Update8: 2008-06-20 13:33:52 UTC - RP40 - Installed Windows Live7: 2008-06-20 13:33:13 UTC - RP39 - Installed Windows Live installer6: 2008-06-20 03:23:20 UTC - RP38 - Installed Adobe Reader 8.1.2-- First Restore Point -- 1: 2008-06-19 14:58:04 UTC - RP33 - Device Driver Package Install: HUAWEI Incorporated ModemsBacked up registry hives.Performed disk cleanup.-- HijackThis (run as stranger8ddoor.exe) --------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:32:41 PM, on 22/6/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:c:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\DellTPad\Apoint.exeC:\Windows\OEM0... Read more

Answer:Winspooler Infected

Hello. I am PropangandaPanda (Panda or PP for short), and I will be helping you with your log.I apologize for the delay in response. We get overwhelmed with logs at times, but we are trying our best to keep up. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following so I can have a look at the current condition of your machine.You may want to keep the link to this topic in your favourites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.Please take note of the following guidelines for this fix:Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clea... Read more

2 more replies
Relevance 47.97%

hello, i need help with the winspooler and winsecure thing. i keep getting... Patch applied succesfully! If your software is still trial maybe you need to install it before patch it.. The other one says Trail software registered! Remember to install correct software version before to patch or crack will not works correctly.please help me.

Answer:Winspooler, And Winsecure

Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on Download_mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen, click on the Show Results button t... Read more

18 more replies
Relevance 47.97%

Hello, i need help, I am getting this message all the time "Patch applied succesfully! If your software is still trial maybe you need to install it before patch it."

I did this:

download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

* Make sure you are connected to the Internet.
* Double-click on Download_mbam-setup.exe to install the application.
* When the installation begins, follow the prompts and do not make any changes to default settings.
* When installation has finished, make sure you leave both of these checked:
o Update Malwarebytes' Anti-Malware
o Launch Malwarebytes' Anti-Malware
* Then click Finish.
* MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
* On the Scanner tab:
o Make sure the "Perform Quick Scan" option is selected.
o Then click on the Scan button.
* If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
* The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so pleas... Read more

Answer:Winspooler, And Winsecure

If you're using Windows 2000/XP, please print out and follow the instructions for using SDFix in BC's self-help tutorial "How to use SDFix". This program is for Windows 2000/XP ONLY.-- When using this tool, you must use the Administrator's account or an account with "Administrative rights"-- Disconnect from the Internet and temporarily disable your anti-virus and any anti-malware real time protection before performing a scan.When done, the SDFix report log will open in notepad and automatically be saved in the SDFix folder as Report.txt. Please copy and paste the contents of Report.txt in your next reply. Be sure to renable you anti-virus and and other security programs before connecting to the Internet.

1 more replies
Relevance 47.97%

Hello, I am very new to this type of thing and haven't ever had a problem like this before so I am a complete novice. I have tried to resolve this issue on my own but everything I have found and read so far says that my next step should be asking someone here if they would please be kind enough to assist. So... here I am ...graciously asking....help !
I already generated the log report via "Hijack This" and will include that below.
This started when my son downloaded Limewire and began downloading several mp3 and program files. I am running McAfee and it is and has been current however it doesn't seem to recognize and/or arrest whatever this is. I keep getting a pop-up from my McAfee:

McAfee has automatically blocked and removed a Trojan.

About this Trojan
Detected: eric
Location: C:\Users\Tina\AppData\Local\Temp\temp_01.exe

Trojans appear as legitimate programs but can damage valuable files, disrupt performance, and allow unauthorized access to your computer.

Additionally, Winspooler keeps popping up and says,

"Patch applied succesfully! If your software is still trial maybe you need to install it before patch it."

Log ---
Logfile of HijackThis v1.99.1
Scan saved at 5:48:26 AM, on 8/15/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\sttray.exe
C:\Program Files\Com... Read more

More replies
Relevance 47.97%
Question: Winspooler Popup

'ive been getting the same popup
and i've followed all your intructions for the scanning program
but it won't detect anything, i've tried both quick scanning and the full scanning, but it still won't detect the winspooler
i don't know what to do :/

i have windows vista home premium too
this popup is really getting annoying :/

could somebody please tell me what i could do?

Answer:Winspooler Popup

'ive been getting the same popupand i've followed all your intructions for the scanning programbut it won't detect anything, i've tried both quick scanning and the full scanning, but it still won't detect the winspooleri don't know what to do :/i have windows vista home premium toothis popup is really getting annoying :/could somebody please tell me what i could do?with respect you should NOT be following isntructions given to someone else;you need to start your OWN thread in this section with a suitable title http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/state your windows version ; your installed antivirus program, your other protection programs and what you have already done to try to remove the problems; then we can see how we may help YOU

2 more replies
Relevance 47.56%

Hi,

I'm running Windows XP on a netbook. As of yesterday, Symatec Endpoint Protection detected the Trojan.Vundo/Suspicious.Vundo viruses in almost all my system files. Sometimes, Symatec manages to clean one or two files, but it's detected 100+ that have been infected. I've tried System Restore but it wouldn't revert back to a previous state. I don't believe that this is the work of the virus, because I've tried using System Restore about 6-7 months ago with no luck. I've tried using VundoFixer to fix it but it did not detect anything.

The DDS, attach.txt and ark.txt are below/attached.

------------------------

DDS (Ver_09-10-26.01) - NTFSx86
Run by Cindy at 22:11:06.82 on Wed 10/28/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.217 [GMT -2.5:30]

AV: avast! antivirus 4.8.1356 [VPS 091028-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Symantec Endpoint Protection *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files&#... Read more

Answer:Trojan.Vundo/Suspicious.Vundo Virus

Hello paperstarsWelcome to BleepingComputer ==========================Download OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output.Under the Standard Registry box change it to All.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.===========Download This file. Note its name and save it to your root folder, such as C:\.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.Click on this link to see a list of programs that should be disabled.Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")Allow the driver to load if asked.You may be prompted to scan immediately if it detects rootkit activity.If you are prompted to scan your system click "Yes" to begin the scan.If not prompted, click the "Rootkit/Malware" tab.On the right-side, all items to be scanned should be checked b... Read more

11 more replies
Relevance 47.15%

Ok I have some big problems here. First I'll explain how I think it happened. I downloaded a patch for a program...a downloaded program. It was to override the free trial stage of this particular program. I am pretty sure this is what the root of the problem is.Now, the problem has been getting worse. Here are some of the symptoms:Upon startup, after windows has loaded I get these windows popping up- Error Loading C:\windows\system32\hfjcwcbm.dllC:\windows\system32\hfjcwcbm.dll is not a valid Win32 application-Winspooler: Patch applied succesfully! If your software is still trial maybe u need to install it before patch it.I can end the Winspooler process in task manager.I cannot access Computer or any other file. I was unable to download Spybot, which I originally had. Each time i try to download it IE stops working and reloads. Same goes for every other step in the post you wrote for malware and spyware. I tried doing everything that was posted but it would not perform the house call virus scan without crashing nor could I download stinger.I have performed a cleanup, an Ad-ware full system scan (in safe mode only) and a full system Norton virus scan. The ad-ware scan came up with many items (51 trojans) and the virus scan showed nothing. I will perform another ad-ware scan in safe mode after I post this.I have also been getting popups which I never had before everytime I open IEI had seen a previous post about something similar to this. I fo... Read more

Answer:Winspooler With Trojans And Possible Worm?

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:Preparation Guide For Use Before Posting A HijackThis LogThanks,Charles

2 more replies
Relevance 47.15%

Hi i have winsecure and winspooler and i cant seem to find a way to remove itWinspooler says...Patch applied succesfully! If your software is still trial maybe you need to install it before patch it.Winsecure says....Trial software registered! Remember to install correct software version before to patch or crack will not works correctly.Deckard's System Scanner v20071014.68Run by EddY El Beatmaker on 2008-06-26 20:19:48Computer is in Normal Mode.---------------------------------------------------------------------------------- Last 5 Restore Point(s) --17: 2008-06-26 23:07:31 UTC - RP82 - Windows Update16: 2008-06-26 15:55:54 UTC - RP81 - Windows Update15: 2008-06-26 15:47:32 UTC - RP80 - Windows Update14: 2008-06-26 03:01:18 UTC - RP79 - Windows Update13: 2008-06-25 23:15:19 UTC - RP78 - Windows Update-- First Restore Point -- 1: 2008-06-23 16:56:33 UTC - RP64 - Windows Vista Service Pack 1Backed up registry hives.Performed disk cleanup.-- HijackThis Clone ------------------------------------------------------------Emulating logfile of Trend Micro HijackThis v2.0.2Scan saved at 2008-06-26 20:21:51Platform: Windows Vista (6.00.6000)MSIE: Internet Explorer (7.00.6000.16386)Boot mode: NormalRunning processes:C:\Windows\System32\dwm.exeC:\Windows\explorer.exeC:\Windows\System32\taskeng.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hk... Read more

Answer:Infected With Winspooler And Winsecure

Hello EddY777, If you still need help, then please post a fresh DSS Main.txt log so I can see if anything has changed.

2 more replies
Relevance 46.74%

I seem to have picked up this unwanted Winspooler popup: Patch applied successfully! If your software is still trial maybe you need to install it before patch it.

Using Windows Vista Home Premium I am running Spybot and Avast as well as Windows Defender, but nothing tells me I have a virus. Have also loaded SuperAntiSpy as well as Combo Fix but nothing will remove the popup which returns every 2 seconds.

As I am rather computer illiterate, I really need help from anyone who might have met this before.
Thank You
True Brit

Answer:Urgent Help Needed. Winspooler Popup That Won't Go Away.

Hello True Brit,Did you run a scan with SUPERAntiSpyware?Let's try this:Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on Download_mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal ... Read more

4 more replies
Relevance 46.74%

My boy has limewire downloaded and tried to get a keygenerator for guitar pro only to pick up a virus. I want to find out more info on cleaning my Machine out here. I used this info already but wasnt able to finish the last part because I didnt have administrator rights to the site. http://www.bleepingcomputer.com/forums/top...tml#entry766123 I was wondering if anybody could direct me to a cleaning flushing site for vistas thanks jethro

Answer:Winspooler Patch Installed Problems

You or your Son, will need to reply back in that thread, letting Random/Random know what your problem is. He will help you get the machine clean.

2 more replies
Relevance 46.74%

Hi!

I hope you can help me please!

I am having trouble with a constant winspooler pop up, it reads " Patch applied succesfully! If your software is still in trial maybe you need to install it before patch it."

I have stopped the process from running using the "running processes" part of spybot, but on rebooting it enables itself again. Macafee and spybot have failed to detect this problem, I have copied and pasted the
Deckards system scanner report and attached the extra txt as reccomended by this site. I also have a Kaspersky online scan report saved, should it be useful.

Please could anyone help?

Yours Hopefully,

Mark Mitchell


Deckard's System Scanner v20071014.68
Run by Mark on 2008-04-06 23:00:00
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
21: 2008-04-06 12:49:41 UTC - RP304 - Windows Update
20: 2008-04-05 23:00:15 UTC - RP303 - Scheduled Checkpoint
19: 2008-04-05 07:32:02 UTC - RP302 - Scheduled Checkpoint
18: 2008-04-04 12:44:44 UTC - RP301 - Windows Update
17: 2008-04-03 10:37:51 UTC - RP300 - Scheduled Checkpoint


-- First Restore Point --
1: 2008-03-26 20:31:06 UTC - RP284 - restorepoint1mdfka


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 1015 MiB (1024 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating lo... Read more

Answer:Winspooler pop up and generally slow performance

Download The Avenger by Swandog46 from here.
Unzip/extract it to a folder on your desktop.
Double click on avenger.exe to run The Avenger.
Click OK.
Make sure that the box next to Scan for rootkits has a tick in it and that the box next to Automatically disable any rootkits found does not have a tick in it.
Copy all of the text in the below textbox to the clipboard by highlighting it and then pressing Ctrl+C.


Code:
Files to delete:
C:\Windows\system32\WinSpooler.exe

In the avenger window, click the Paste Script from Clipboard, button.
Click the Execute button.
You will be asked Are you sure you want to execute the current script?.
Click Yes.
You will now be asked First step completed --- The Avenger has been successfully set up to run on next boot. Reboot now?.
Click Yes.
Your PC will now be rebooted.
Note: If the above script contains Drivers to delete: or Drivers to disable:, then The Avenger will require two reboots to complete its operation.
If that is the case, it will force a BSOD on the first reboot. This is normal & expected behaviour.
After your PC has completed the necessary reboots, a log should automatically open. If it does not automatically open, then the log can be found at %systemdrive%\avenger.txt (typically C:\avenger.txt).
Please post this log, along with a new HijackThis log in your next reply.


==================================================


Copy the bold text below to notepad. Save it as fixreg.reg to your desktop.
Be sure th... Read more

8 more replies
Relevance 45.92%

I have the vondo and vondo h virus according to anti-malware bytes.

I have windows xp and have installed and run anti-malware bytes a number of times in safe mode. I still have the virus when I run a quick scan with AMBytes. I have also run boot-time scans with avast free home edition. (my AMB is also the free version).

I tried uninstalling ie 7, then downloading ie 8 and installing it, that did not help. I can't get windows update to load since I assume that resource is being blocked by the virus/worm.

I have service pack 3. I am looking for help please - what else can I provide for information?

thanks in advance, matthew

Answer:vundo and vundo h virus/worms

Scanning with Malwarebytes Anti-Malware in safe or normal mode will work but removal functions are not as powerful in safe mode. MBAM is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact, MBAM loses some effectiveness for detection & removal when used in safe mode because the program includes a special driver which does not work in safe mode. Further, scanning in safe mode prevents some types of malware from running so it may be missed during the detection process. Additionally, there are various types of malware infections which target the safeboot keyset so booting into safe mode is not always possible. For optimal removal, normal mode is recommended so it does not limit the abilities of MBAM. Doing a safe mode scan should only be done when a regular mode scan fails or you cannot boot up normally. If that is the case, after completing a safe mode scan, reboot normally and try rescanning again.Please download TFC by Old Timer and save it to your desktop.alternate download linkSave any unsaved work. TFC will close ALL open programs including your browser!Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.Click the Start button to begin the cleaning process and let it run uninterrupted to completion.Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.Please downl... Read more

19 more replies
Relevance 43.46%

Hey everyone,

I am having a problem with my computer. I am running windows xp and recently had the vundo virus. This was, I believe, successful deleted by Malware Bytes. After removal I was having problems with a missing registry file (an error message after start-up stated file hutudoki.dll was not found. And did find the registry file that was trying to start this deleted program. The only problem I am still having is my google/yahoo keeps re-directing and I believe I have some registry files that need repair and have not tried this after removal but was unable to do a system restore. And I want to make sure this virus is complete gone. If anyone could please help me I would appreciate it very much. I have done everything I can... Thank you!!! Jen

Answer:Vundo Virus Removed but browser hijacked and virus scanners not finding anything

Hello and welcome.Its not unusual to receive such an error after using specialized fix tools.A "Cannot find...", "Could not run...", "Error loading... or "specific module could not be found" message is usually related to malware that was set to run at startup but has been deleted. Windows is trying to load this file but cannot locate it since the file was mostly likely removed during an anti-virus or anti-malware scan. However, an associated orphaned registry entry remains and is telling Windows to load the file when you boot up. Since the file no longer exists, Windows will display an error message. You need to remove this registry entry so Windows stops searching for the file when it loads. To resolve this, download Autoruns, search for the related entry and then delete it.Create a new folder on your hard drive called AutoRuns (C:\AutoRuns) and extract (unzip) the file there. (click here if you're not sure how to do this.)Open the folder and double-click on autoruns.exe to launch it.Please be patient as it scans and populates the entries.When done scanning, it will say Ready at the bottom.Scroll through the list and look for a startup entry related to the file(s) in the error message.Right-click on the entry and choose delete.Reboot your computer and see if the startup error returns.Rerun MBAM (MalwareBytes) like this:Open MBAM in normal mode and click Update tab, select Check for Updates,when doneclick Scanner tab,select Quick sc... Read more

7 more replies
Relevance 41.82%
Question: i dunno

This seems pretty easy but,this is what it does during installation.Should the spaces be removed along with the semi-colon or is this a normal config.Just seems a little odd to me..
C:\Perl\bin\perl.exe;C:\WINDOWS;C:\WINDOWS\COMMAND\;C:\Python25;C:\progra~1\common~1\gtk\2.0\bin; ;C:\RUBY\BIN
 

Answer:i dunno

What you have is a Windows rendition of $PATH which delineates the various directories that are searched to find a command to be executed.

Spaces are ok for file names and directory names on Windows systems. So, I would say leave them as is.

To demonstrate, you can put an executable with a unique name, e.g. hello, in any one of the directories - i.e. separated by the ';' character in $PATH, then position your command window to your $HOME directory, and give the command:
$ hello
where hello is the executable name of the hello world program that just prints out the words: Hello, world!

I would then move the hello executable back to your home directory.

Unless your installation triggered an error message regarding $PATH - it is nothing to worry about.

-- Tom
 

2 more replies
Relevance 41.82%

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:32:53 AM, on 10/1/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\Intel\Modem Event Monitor\IntelMEM.exeC:\WINDOWS\system32\LVCOMSX.EXEC:\Program Files\ScanSoft\PaperPort\pptd40nt.exeC:\Program Files\Brother\Brmfcmon\BrMfcWnd.exeC:\Program Files\Logitech\Video\LogiTray.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\system32\... Read more

Answer:I dunno how to fix this, need help

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 41.82%

Dell Dimension C521 with XP Home loaded. Some time ago I installed a Linksys 2.4 GHz Wireless G PCI adapter with speed booster onto the motherboard, set it up properly and it worked fine.
Now I wish to connect a wired modem (Clearwire) for internet access, but XP is not recognizing the modem at all, only the wireless adapter
I have checked the ethernet connection on the computer, it's OK
No matter how many times I run the XP connection wizard, the modem is just not found
Did I somehow erase the program or driver that would recognize any modem ?
How do I get it back?
Thanks in advance !

Answer:dunno what I did, please help!

You should go to the homepage for the modem, and download the latest drivers. It sounds like you do not have the drivers installed.

4 more replies
Relevance 41.82%

anyway this is what happend i went to open a game it was called WolfTeam it loaded but did not pop up. so i restarted the pc and after that i started getting BSOD (blue screen of death). i went and disabled the auto restart after system error and got this msg after restarting with another bsod it said Win32k.sys so i googled it and from what i have read it says ram problem. so now i figured 1 more reboot wouldnt hurt it rebooted and got to the login screen but the resolution was all messed up i seen lots of diff colors and everything was BIG. so at that point i decided to take out a stick of ram i have 4 gigs of ram btw after taking out 1 stick it loaded good and let me login normal but then i got another bsod.. after that i read to take out the battery that is on the mobo to reset the memory or what have u after that when i turn on the pc the lights come on the hardrive kicks on everything works but now i cant get any video to the monitor.. i cant get into my pc to tell u all the specs but ill try to name off some.nvidea 8600 gt4 gigs of ram corshairgigabyte mobo320 gig hard drive seagate2 dual core intel processor500 wat power supplywindows xp props. and another thing i went into bios and i may have disabled the video card witch i dont know how i did.Thnx in advance any suggestion is appreciated...-Travis

Answer:Dunno what i did... =/

In fooling around in the BIOS any number of variables could have changed here.Remove all power sources.Remove the CMOS battery for 10 minutes.Turn on and off your power switch a few times with the above removed to discharge any resident charge.Replace the battery connect everything and re-boot.Did you say that you have 2 processors in that machine ? ?When posting specs it's helpful to include model #'s...

14 more replies
Relevance 41.82%

do ppl still * torrent* if so whatcha using?

2nd question.. how do i access the dark web
 

More replies
Relevance 41.82%
Question: Dunno what it is

Ok i have spyware but dont knwo what it is. My ad-aware comes up clean, nothing from trend micro or anything. It sits on my desktop on the bottom right and autohides under the taskbar, when you mouse over it it slides up and has a drop down menu wiht three options. "clear history" "Taskbar Activates""and "Hide Search" It also has a text box that you cant type into that says search the web

Any idea on what it is?
Any help is appreciated.
 

Answer:Dunno what it is

nevermind, its that wonderful desktop.exe, thanks for the help
 

1 more replies
Relevance 41.82%
Question: I dunno here...

I have been getting weird spyware from my Ad-Aware scans, like tracking cookies when I use Firefox, and it actually found a file. I just did a scan with McAfee, and after it finished it found a trojan and I deleted it. Here is the logfile, but I don't know if there is anything bad on it. I hope not. Thanks in advance.

Logfile of HijackThis v1.99.1
Scan saved at 10:25:36 PM, on 5/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\igfxtray.exe
C:\WINNT\System32\hkcmd.exe
C:\WINNT\system32\SK9910DM.EXE
C:\WINNT\GWMDMMSG.exe
C:\WINNT\system32\PROMon.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avg... Read more

Answer:I dunno here...

Hi..Not to much to clean out.

Uninstall the following programs (if they still exist) Go into HijackThis->Config->Misc.Tools->Open Uninstall manager

AWS

----------------------------------------------

Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.


O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
------------------------------------------------------------------

Open Windows Explorer and delete the following highlighted file/s (or delete the whole (Red) folder if listed).

C:\Program Files\AWS

-----------------------------------

When finished please post a new log......

1 more replies
Relevance 41.82%
Question: dunno what to do

I'm at a crossroads here. On one hand I really want to have my computer built VERY soon as I only have 2 more parts to order, and on the other han dI really want WIn Vista since it will be the next step in innovation and be 64 bit, and be required by most games coming out in Jan and after (I think)

problem is that Vista doesn't some out till end of Jan, and I want this comp done by end of Dec. I was thinking about getting Win XP media center to maybe hold me over but I don't know. In a month I would just be shelling out another $200 for Vista so I would have wasted so much money. What should I do!!

Answer:dunno what to do

just get xp and use it, and don't get vista for a couple of years. i have yet to hear of any games that say they will be vista only. the only thing vista has over xp gaming wise id dx10, and the 1st vid card t support it just came out and is over 600usd. so unless you have the nvidia 8800, you won't even be seeing dx10 in use, even if you get a game that uses it (i don't believe any are out yet). after using vista rc1 for a while, i just went back to xp. for me vista didn't give enouph tweeking power over my system to get the most speed for my gaming. the os just simply doesn't allow for 100% user control over the os like xp is. vista is just too concerned about protecting you and its self.

8 more replies
Relevance 41.82%

I keep getting annoying, sometimes pornographic popups, since I downloaded lovefreegames.com. I have since deleted lovefreegames, but I am getting popups pretty bad. I have run SpyBot S7D, Adaware, Norton, and finally HJT. Here is te log from HJT. Anyhelp would be greatly appreciated.

Logfile of HijackThis v1.99.1
Scan saved at 314 PM, on 03/08/2005
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\WILD FILE\GOBACK\GBPOLL.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\GWHOTKEY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\SYSTEM\AIBBRWB.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\CALC.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\OPSCAN.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32... Read more

Answer:Dunno what else to do...

*bumping up*

4 more replies
Relevance 41.82%
Question: wat? i dunno

Im really bad at this kind of stuff so hopefully someone can help.
All i know so far is that when i try to boot windows, it goes to the safe mode / last known good config screen. tried to load the last known good config and it didnt help. i was told that after a windows update was installed and computer was rebooted, it just wouldnt load windows. sorry for the lack of info, but i got nothin... im tempted to just reinstall windows.

anyone?
 

Answer:wat? i dunno

Hi Steve

Guessing it wont go into Safe Mode either and recycles back to same screen?

Could try a repair of windows and boot to OS CD.

Or as you say just bite bullet and go for clean install, but does the HD have data thats needed to be recovered first? if so I did a weird trick a while back, just one of those weird moments when a spark of genius jumps out and as I have Acronis True Image 2009 installed, and a rescuse CD created it booted to that and managed to be able to just Image the My Documents folders and other folders to portable HD, then formatted PC and installed Windows XP again, installed the 15day trial of Acronis 2009 (available from Majorgeeks) on that PC, plugged in the portable HD and managed to drill down into the Image and right click copy and pasted the folders to the desktop and then left the user to move them into the correct folders.
 

7 more replies
Relevance 41.82%

Well I ordered some RAM off ebay. PC3200 512 X 2. One stick is fine, but with the other one I get this. This is the second one the guy sent me and I think he sent the exact same one back thinking I wouldn't notice. I tried a different slot on the board too - same thing. I tried having only one stick in there and it was fine, but when I swapped sticks into the same slot - boom. Grrr...

Answer:Gee, I dunno... bad RAM?

Well well well.. should be easy enough to figure out where this problem started............


















Quote:




Originally posted by Snump
Well I ordered some RAM off ebay

7 more replies
Relevance 41.41%
Question: I Dunno's HJT logs

Logfile of HijackThis v1.98.2
Scan saved at 11:46:12 AM, on 11/23/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Roxio\GoBack\GBPoll.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\SVA Player\SVAPLAYER.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\QUICKENW\QAGENT.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Roxio\GoBack\GBTray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\... Read more

Answer:I Dunno's HJT logs

Hi and welcome to TSF! You are not in very bad shape there.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point... Read more

7 more replies
Relevance 41.41%
Relevance 41.41%

I recently had a malware infection.I don't know which one but Spybot was able to remove the infection.My pc sometimes starts up too slowly and some times normal.Is it some other malware or i am just to worried ?My HJT logLogfile of Trend Micro HijackThis v2.0.2Scan saved at 20:27:34, on 12-08-2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18294)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\DellTPad\Apoint.exeC:\Windows\OEM02Mon.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Dell\MediaDirect\PCMService.exeC:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exeC:\Program Files\Alwil Software\Avast4\ashDisp.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\COMODO\COMODO Internet Security\cfp.exeC:\Program Files\Unlocker\UnlockerAssistant.exeC:\Program Files\LogMeIn\x86\LogMeInSystray.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Windows\ehome\ehtray.exeC:\Program Files\PeerGuardian2\pg2.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer... Read more

Answer:Dunno why my pc is slowwww

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 41.41%

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Answer:Dunno what is wrong..

DDS (Ver_09-09-29.01) - NTFSx86 Run by Ours at 0:55:05.81 on Wed 09/30/2009Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1279.429 [GMT -5:00]AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\WINDOWS\system32\FreezeScreenSaver.exeC:\Program Files\Java\jre6\bin\jqs.exec:\Program Files\Common Files\LightScribe\LSS... Read more

7 more replies
Relevance 41.41%

My computer's been acting like bleep ever since I bought it. It's always had popups from Drivecleaner and I can't find forums on removing what I've got. Can someone please read this HijackThis log and try to help me? I'd appreciate it greatly.(Moderator edit: log post moved to HJT log Forum for team analysis and member assistance. Enthusiast) Logfile of HijackThis v1.99.1Scan saved at 2:50:17 PM, on 11/9/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\BillP Studios\WinPatrol\winpatrol.exeC:\Program Files\AIM\aim.exeC:\Program Files\Winamp\Winamp.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\explorer.exeC:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Defa... Read more

Answer:Dunno How To Describe It

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Before we can get started on fixing your problem you must change the location of Hijackthis. It should not run from a temp directory. Download and run the HijackThis autoinstall program Please choose the default location of C:\Program Files as the destination.Run the program only from that location from now on. It is essential that you follow these steps or certain important features of the program will not function correctly.Once you have Hijackthis running from this folder, please reboot and post a new hijackthis log as a reply in this thread.

4 more replies
Relevance 41.41%

Alright, so I recently bought a harddrive from TigerDirect which ended up being faulty (Went much slower than it should have) So I deleted the partition and went and exchanged it. However, in doing so, my dual boot menu (Which had xp and vista on it) STILL has the vista from the previous harddrive on it and i have now a fresh copy of vista installed on the new harddrive, so there are 3 on the boot menu.

Windows XP
Vista
Vista

In that order, the 3rd vista will not work, and I do not know how to get rid of it. I don't want it to work, as there's no files at ALL for it to run off of, but I wish to know how to get it off of the boot menu. If anyone knows, please help.

Dariush
 

Answer:Help I did something stupid and dunno what to do

You can do it easily just by editing boot.ini which is on your active partition...First you have to tell windows to show you hidden files, go to My computer, on the Tools menu click on Folder options...than on the View tab you have to select "Show hidden files an folders"...now you can see your boot.ini fail on C: drive..right click on it and open with notepad...where it says [operating systems] you should have only 2 operative systems and you can delete the third one (old vista)...if you got any questions just post...cheers
 

3 more replies
Relevance 41.41%

G'day I'm back I ahve a problem with my computer and I can't figure it out. I have ran Ad-Aware, Spybot, Panda Active scan and AVG and the computer is slower than a wet week in an African wet season...here is my HiJackThis log

Logfile of HijackThis v1.99.1
Scan saved at 1:51:43 PM, on 13/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VIA Technologies, Inc\Audio Deck\ADeck.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\NETGEAR\WG311T\wlancfg5.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Clayton\Desktop\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\... Read more

Answer:Need Help Dunno what's wrong

11 more replies
Relevance 41.41%

I dunno what is up. But whenever i am on a video chat with windows live (as of now, never before) ever now and then i here a computer like ping or a crackle. It sorta switches sounds all the time, but it isn't the person on the other side of the chat. It happens random, and when i close the webchat it stops.

I had gotten a blue screen before this started happening, something about windows had to shutdown to protect some file. However i don't remember anything else about the blue screen. My friend has no idea whats wrong, he had the same problem and dell had to come out and fix it. I don't have it under warranty anymore and we really don't have dell anywhere near us.


It would mean a lot if you were able to help me. Sorry i can't capture the ping sound, but think of pong. Sometimes it is higher pitched, others it is low. But it is really really strange.

Answer:I dunno any other way to describe..

If this helps at all, i believe i have found the error from the blue screen of death in event view. Couple minutes after this event it is a list of programs starting.

http://i213.photobucket.com/albums/c...reenevntvw.jpg

14 more replies
Relevance 41.41%

Well, my computer was infected with the PS Guard at least, and it seems that I managed to wipe out it. But ever since, my network is as slow as possible. Even if I'm not doing anything, my connection keeps working. I wonder if somebody out there is using my connection to access my PC or something like that. I welcome any king of help! Thanks in advance!Logfile of HijackThis v1.99.1Scan saved at 17:49:15, on 5/9/2005Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\logonui.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exeC:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exeC:\WINDOWS\System32\sysvcs.exeC:\WINDOWS\System32\nvsvc32.exeC:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exeC:\WINDOWS\System32\svchost.exeC:\Jogos\Steam\Steam.exeC:\Arquivos de programas\The All-Seeing Eye\eye.exeC:\Arquivos de programas\Cheating-Death\cdeath.exeC:\Arquivos de... Read more

Answer:Dunno what's wrong!

Hello macaco and welcome to the BC HijackThis forum. The first thing we need to do is update the operating system on this computer.Your operating system is extremely out of date. By not keeping the OS updated the computer is vulnerable to every infection on the net and in emails today and trying to repair an unpatched system is virtually impossible. For update purposes, Microsoft has even stopped supporting a system that is this far out of date. Go to the Windows Update site and install Service Pack 2. Once that is done, go back to the Windows Update site and install all available Critical Updates. This will patch the system with the most current security fixes and plug all the known holes which are present on this system.After all of the updates have been performed post a new HijackThis log back here using the Add Reply button and I will review it when it comes in.Cheers.OT

5 more replies
Relevance 41.41%

OK, so basically the computers running badly and its just not possible to play any full screen games (as old as BF 1942 for example) and im not sure if i get many popups coc i use firefox and its good at blocking, anyway, ive tried a few antiviruses and the problem still exists. I know this is barely any info but what do i do now?

Answer:Infected And Dunno What To Do

Also, i forgot to mention that i went into msconfig and looked under the startup tab. I found a few suspicious files and stopped them from starting. In case you want to know what they are:
utorrent.exe
funk.exe
the third is a blank name with no command, with a location of "SOFTWARE\Microsoft\Windows\Current Version\Run"

well i stopped these but no luck, still no fix.

2 more replies
Relevance 41.41%

Greetings people of the Sevenforums community.

My computer is pretty old. It's been here since like 2006(7).
The only thing that has been replaced so far is the GFX Card because it died and nothing more..

But for a very long time now, like 12-8-2013 it has been excessively BSOD'ing. With different error types and I'm really clueless about what to do..

I got a nice list of minidumps zipped into a folder.
(Note: I didn't use the sevenforums tool on the PC, because it crashes before I even get to windows)

I'll attach the .zip.. hope anyone can be of help.

With a friendly greet,
Rimikumo

Answer:PC gets different BSOD's.. Dunno how to fix

Rimikumo, upload your MSINFO32.nfo file.
Click on the start button
Type "msinfo32" (without quotes) in the search bar of the start menu, click the resulting link. It will open the System Information window.
File>Save. In the "File Name" filed, put "MSINFO32" (without Quote), give the save location to desktop, and click the "save" button.
Give the time for processing, it will save a .nfo file on your desktop.
Zip it, and upload it following the instruction.
Also, Test your RAM modules for possible errors.
How to Test and Diagnose RAM Issues with Memtest86+
Run memtest for at least 8 passes, preferably overnight.

If it start showing errors/red lines, stop testing. A single error is enough to determine that something is going bad there.

Stress test the CPU.
Hardware - Stress Test With Prime95

Let us know the results.
__________________________________________________________________________________

Code:
BugCheck 24, {70f95, 0, 0, 0}

Probably caused by : Ntfs.sys ( Ntfs!NtfsCommonCleanup+369a )

Followup: MachineOwner
-----------------------------------------------------------------
BugCheck A, {0, 2, 1, fffff800040c6a88}

Probably caused by : hardware ( nt!KiSwapContext+78 )

Followup: MachineOwner
------------------------------------------------------------------
BugCheck 3B, {c000001d, fffff80003ec1de4, fffff88003ae8140, 0}

Probably caused by : hardware ( nt!NtWaitForWorkViaWorkerFactory+283 )

Followup: MachineOwner... Read more

9 more replies
Relevance 41.41%

I have 4 USB ports. three are 1.1, and one is 2.0. I want to know which is 2.0, and which ones are 1.1 I know that one is 2.0, cause of this program i have called Karen's Computer profiler. Shows it.

Is there a program to show which one is? with tests or summt? cheers
 

Answer:USB ports I have 4, one is 2.0 dunno which is

8 more replies
Relevance 41.41%

clinteast
Hi chaps having a nightmare with pc at moment and looking for some ideas please.

To cut a long story short I was playin EQ2 and my pc went kaputt.

At first it would not boot up and kept changing the cpu size from 1500 to 2800.

Then I unplugged and replugged everything and 9/10 it would not boot up at all as in nothing would come up on monitor.

Eventually i had to call an engineer out who charged 20 quid for first hour 45 for 2nd fortunately he wasnt there for more than an hour.

He tested everything and was dumb founded. Sometimes it would boot up then freeze most of the time it would just reboot and then sometimes not even boot at all(using my pc as we speak).

He ultimately thought it was my memory so i slipped him 20 quid and went and bought some new memory. Stupidly guy behind the counter has given me pc 3200 ddr400 i swapped the memory round and it kept booting but restarting as i click on icon to log in(I meant to get pc 2700 ddr333).

My chip is amd athlon 2800
Win Xp Pro
400 W
ATI radeon 9800 xt pro
80 gb hd
On board ac97 sound cmedia

I have been reading on net that it might be my psu but i thought 400w should be enuf. I guess i could buy a larger model 550w maybe.

Or maybe its my mother board as sometimes it lets me boot up like it is now but it will probably reboot half way thru this message.

Also another note on booting up sometimes it read my memory as only having 140mb in or some other insane figure and freezes when it has a stick of 512mb in.

I... Read more

Answer:Pc Reboot/Or not at all dunno what to do plz elp:(

Check your fans. That 52 is kinda warm for the MB.(could be the sensors are crossed and the 52 is really the CPU) Make sure the fan is running in the power supply. That fan is the exhaust fan for the case. If it's not running, the power supply could be overheating and causing problems. A good cleaning with compressed air wouldn't hurt anything.
 

3 more replies
Relevance 41.41%

Im not sure wat i did to cause this, but almost everything i try to open gives an error message like this:

C:\WINDOWS\system32\rundll32.exe
Paint cannot read this file.
This is not a valid bitmap file, or its format is not currently supported.

D:\Program Files\Kazaa Lite K++\klrun.exe
Paint cannot read this file.
This is not a valid bitmap file, or its format is not currently supported.

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Paint cannot read this file.
This is not a valid bitmap file, or its format is not currently supported.

Need a solution urgently.
 

Answer:I dunno wat i did, but something's wrong.

16 more replies
Relevance 41.41%

my pc crashes when playing games. initially i thought this was a lot of problems but after resitting all of the pc and removing a faulty stick of ram i am still crashing. i cant properly install the radeon 9250 drivers from the ATI site when i download them and i have re-dloaded them several times to make sure it wasnt the download that was corrupted. for this reason i have no catalyst control cente even tho my dload included it. the pc tends to crash when loading new areas and other load intensive actions. i play no games that need a top end or even mid range pc to operate properly. my hard drive has recently been improved - it was properly cleaned before installing. it may have been in storage for upto a year before i put it in my pc but it was stored properly (in a uv bag in a box in a store room with many others).

i dont know if the problem is purely down to my graphics not installing properly tho i wonder if this is because my pc isnt saving data correctly.

games i play: Guild Wars, Anarchy Online (more crashing in GW tho i dunno if that game has installed properly either)

pc specs: 2100+ athlon processor, 512mb RAM, radeon 9250 gfx card. MOBO that supports all 3. windows xp 32x operating system (copy)

if anyone has a clue where to help me start that would be brilliant
 

Answer:i dunno where to start

So have you tested the memory? If not I'd do it, or even do it again to make sure you don't have more memory problems: http://www.memtest.org/

Also inspect the capacitors on the motherboard, see here for what they look like: http://www.pcstats.com/articleview.cfm?articleID=195

Also for the ATI drivers, you have to use version 6.5 or older, the latest no longer support the Radeon 9250 and older cards.
 

2 more replies
Relevance 41.41%

Hello there,As I've said in the topic title, I'm at my wits end with this computer and don't know what to do. I've redone it countless times, (god knows how many) even bought a new hard drive just recently... and still, it's messed up. I've never experienced anything like this though. It takes forever to start up in the first place mainly staying at the windows loading page for about 20 minutes then finally turning on. Then it takes forever again to start the programs. Most recently, when I got onto Youtube it skips every 2 seconds, and now, it's screwing up my actual music on the computer speeding it up and slowing it down (like a program is running at the same time causing it to skip like that). I've deleted all my caches (the ones that will delete anyway) all my temporary internet files. I dunno what to do, your help would be much appreciated. Also, for a while there my computer would freeze up every once in a while, programs freezing, the mouse freezing, the whole deal.EDIT: Also, I just remembered this. When I would sign on msn messenger sometimes it would close it out completely out of nowhere. I'd do the troubleshoot and then it says theres a problem with the keyports. So, then I try to disable my internet... freezes up, and when it finally disables. I go to connect it and all it says is connection failed. I have to reboot my computer just to restart msn. Hope this helps more.Here is my HiJack This Log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:26:53 PM, ... Read more

Answer:At my wits end... dunno what else to do.

Sorry for the bump, but it was 13 pages in and no reply.===========Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until ... Read more

7 more replies
Relevance 41.41%

When i log on to the actual Paypal website, it is asking me to verify my bank and credit card numbers (Looks like a phishing attempt but isn't).

I have to log on to access the 1-800- tech support number. As soon as I enter my password, it takes me directly to this page. Can anyone please post the aforementioned number?

Security Measures

Help with this page ?

We are currently performing regular maintenance of our security measures. Your account has been randomly selected for this maintenance, and you will now be taken through a series of identity verification pages.

Protecting the security of your PayPal account is our primary concern, and we apologize for any inconvenience this may cause.Click to expand...
 

Answer:Paypal...dunno where to put this

I was able to log in just fine. I looked for an 800 number for you, but all I could find was this one:

1-402-935-2050
 

4 more replies
Relevance 41.41%

hey i am new to these forums and i know a little bit about computers but im stuck

my pc has a fresh copy of xp on now and i did have a older graphics card in and i replaced it with the same version just more ram
for sum reason i dnt think it has anything to do with the graphics card but my computer randomly sumtimes after hours sumtimes minutes i can be playing world of warcraft and it will freze or i just have to be on desktop and it freezes i dunno wat to do i just want my pc to stop freezing its soo anyoing having to restart manualy every time please help thanks x

Answer:help please i dunno what is wrong

nobody?

12 more replies
Relevance 41.41%

hi girls and guys

i have a hijackthis log below which looks legit to me but i want to run it past some experts, so any comment is much appreciated.

Logfile of HijackThis v1.99.1
Scan saved at 09:54:32, on 19/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\HistorySweep\HSSvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\WINDOWS\system32\SLEE11.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\StartupMonitor.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\PROGR... Read more

Answer:hijackthis log - dunno if it's bad

7 more replies
Relevance 41.41%

I have Windows XP Pro. upgraded from Windows Home. Its Medion MD40100 Notebook, Pentium 4. I reformated the Harddisk/copied everything on external Harddrive and upgraded to Windows XP Professional. Know my USB ports don't work, or do they?

I have a mouse and seperate keyboard attached through USB (i have 4 ports on the back of the laptop) and IF AND ONLY IF..they are connected on a reboot they work. If i unplug them after the setup is complete, they will not work again unless I shut off/ plug them in/ reboot. Then poof they work again. None of these ports seem to work after the start up.

My system will not boot with the external harddrive plugged in, and so thus will certainly not work after the start up. It doesn't turn on and doesn't appear in Device Manager or anywhere on the computer system. Windows XP does not even report: new hardware attached. Nothing.

any help or suggestions would be greatly apppreciated.

xx
 

Answer:i dunno what to do anymore!

I should also note: If I need to buy something, i will, I just really need access to the external Harddrive as it has all my backup information. Thanks again.

xx
 

5 more replies
Relevance 41.41%

hello there Ive used you guys before and had great results hopefully you can help me again. attached is my hijack log and here is my problem: I keep getting message about my network settings and/or my computer will only start in safe mode, I also get this message: an internal stack overflow has caused system failure change the stacks in config.sys. I use windows 98. Is this a OS problem or something worse? Just for giggles I tried starting up my computer without being connected to the internet(several times) and it work just fine without any problems. I have run CWshredder, spybot and ad aware(all updated versions) and then hijack. Please help and suggestions would be great.
 

Answer:dunno whats going on

Hi and welcome,
Your HJT log has not attached to your thread, repost it and the experts will help you..

 

2 more replies
Relevance 41.41%

I'm not too much of a php buff (I don' know anyting) but I know it was working and for some reason now it's not. I was messing with some security settings and cleaning up my Inetpub\wwwroot folder and eventually I noticed my php page wasn't functioning anymore.

I'm running WinXP Pro, and just reinstalled IIS 5.1. I got the php binary from php.net and installed it (ver 4.3.7). I gave IUSR Read & Execute privileges to php.exe and php4ts.dll and IUSR Read privileges to sessiondata and uploadtemp directories, which is what the installer said I would probably have to do for all practical purposes.

The security settings on the wwwroot files all have IUSR access privileges.

The .php file in question uses some output generated into an .xml file by a BitTorrent client (Azureus). The first time I put all the chunks together it worked fine, the php script executed correctly, drew data from the xml file and displayed it neatly formatted the way it was supposed to. Now all I get is this...

CGI Error
The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are:

As little as I know, it seems obvious that the error is that no "HTTP headers" are being "returned".

I really don't know too much about php yet. I figure I'm not doing anything grossly complicated so the error must be pretty basic.

The php binary automatically puts in cgi.force_redirect = 0 into c:\windows\p... Read more

More replies
Relevance 41.41%

Ok i dont know very little about vid cards and am looking to upgrade my piece of crap geforce4 mx440. My comp specs are AMD XP 1700+ (buying a new processor long with vid card, probably XP 2800+), 1gb DDR, 400watt power, 8x AGP motherboard. I only want to spend 100-150 and have been told to buy the geforce4 FX5700 Ultra and that its the best card in that price range although the top end of that range. Is there any cheaper or better cards for that price?? Oh by the way i think i like the geforce over ATI been told the drivers are better so if its an ATI card it would have to be quite a bit better than the 5700 ultra.

Any input is appreciated =)

Answer:dunno what to buy ?? vid cards

hey i had the 440, well my dad did, we just upgraded to a pny geforce fx 5700 LE optima 128mb ddr agp, it hasn't failed yet and my dad got it for like 110, i think it's realy some thing like 130.

9 more replies
Relevance 41.41%
Question: Dunno. IP related?

My friend accesses his bank account from home using Firefox with no trouble. He comes to the shop and Chase makes him jump through hoops (call Chase, get security code) which takes a lot of time. We use google Chrome here. So I said I will download Firefox so you can get around that problem. My question is this: if he has Firefox at home and uses Firefox at the shop, wouldn't that change the IP, thus triggering the banks security settings? Does that mean he has to use the same computer at the same location all the time? Thanks

Answer:Dunno. IP related?

Not necessarily, some folks are assigned 'Dynamic' IP addresses by their IS Providers (A different IP address each time they connect, or reboot their router), which would mean the bank security would be on permanent alarm status.

Most banks just use login passwords - Mine has 2, an 8-digit number and a 5-digit number, entered on 2 separate pages. Also, my 'Mozilla Seamonkey' browser offers to remember any login details, I don't know whether Firefox has that facility or not.

The only thing to remember is that the shop-PC is set to NOT remember any login details (usually a tick-box on the login page) - If the home PC is accessed by your friend alone (or folks he trusts), then the 'Remember me' tick-box can be ticked (if available).

13 more replies
Relevance 41.41%

Ok I have cs retail 1.0.0.0 (I suck I know) but I have 1.3 on a cd and I dont know how to upgrade it when I try it ****kers up.

Oh and I cant join any games on cs.

www.sticksuicide.com
is kewl JOIN IT. Movies,Forum,Chat and lots of other totally random stuff,Its very kewl it is like a whole community a stickdeath community.
 

Answer:dunno how to upgrade

Well, if you have the retail version of CS, then the 1.3 mod file is not for you. You want the full CS retail file, you can get it here. Install that, and it should work better.
 

1 more replies
Relevance 41.41%

about ztorsftdgh.vbs . when i insert my USB flash disk, ztorsftdgh.vbs keeps on coming even on other flash disks, what do i do ?

Answer:please help, dunno how to fight this one

Hello! Welcome to BleepingComputer Forums!
My name is Georgi and and I will be helping you with your computer problems.
Before we begin, please note the following:
I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.
 
 
STEP 1
 
 
First make sure that you disable Autorun:
 
How to disable the Autorun functionality in Windows
 
 
 
STEP 2
 
 
Please download USBFix tool from here...make sure that your flash drive is connected to the computer.
Click on the Deletion button to scan and clean the flash drive for malware remnants (you can also open My Computer, right click on the flash drive's letter from the context menu and scan it with your installed antivirus software witho... Read more

3 more replies
Relevance 41.41%

well, first of all and before everything i'd like to sahy hi to everyone as i am new here .. and really thank you for letting me be part of your community ..

now with my problem, i am running windows XP SP3 now on my pc, normaly when i face any problem with any spyware/malware , viruses or anything .. i know my way to fix it , i just google it and usually one of the first couple of answers work and i am happy again in no time ... not this time though ... i am feeling desperate and cant do anything ..

i was just sitting normally on my pc i felt it was a little too slow, i tried to open thet task manager to see whats wrong thats when the first sign of the infection hit me ... "the task manager has been disabled by your administrator" ... WTH , i am the administrator ... anyways, i googled the problem found dozens of solutions so i thought thank god, its easy, i tried the first couple of solutions and they didnt work, one of then included registery editing .. now trying to start regedit .. the second hit ... "registry editing was disabled by your administrator"

i am (WAS) running kaspersky intrenet security fully updated and all .. so i decided to make a full system scan to catch the bugger .. so i double clicked on the mini icon of KIS and it hangs there a little then becomes not responding ... and then is closed by windows .. and never opens again ... that freaking bugger killed kaspersky !!! ... i tried everything .. every malware and sywar... Read more

Answer:i am really desperate and dunno what to do

i am really sorry about double posting .. but it seems i cant even access my own topic agaian ... i am trying to edit it to post my DDS.txt and attach the files

here's my DDS:


DDS (Ver_09-06-26.01) - NTFSx86
Run by Admin at 10:52:40.40 on Sun 07/19/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1256.20.1033.18.2046.1423 [GMT 3:00]

AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
H:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GreedyT... Read more

1 more replies
Relevance 41.41%

hey guys i got this issue but i dunno what the problem is because when i play need for speed most wnated i dont get this issue but when i play fear combat i can play maybe somtimes for hours or maybe just 15 mins and i get these red artifacts and the pc just freezes at that point.

I got an gainward 8800gt 1gb but i had the same issue with a 8600gts i had before.
my spec ares as follows:

x2 5200
hiper 880w psu
msi k9n sli mobo
4gb ocz reaper x memory
2gb kingston memory
64bit vista

let me know if u need more info but im really confused why this is happening can anyone shed light on this.
 

Answer:Red artifacts Dunno Why!

Your 64-Bit Vista is probably contributing to this problem. If you are a gamer, why a64-bit Operating System?
 

2 more replies
Relevance 41.41%
Question: I Dunno, A Problem

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:05:04 AM, on 28/08/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Launch Manager\QtZgAcer.EXEC:\Acer\Empowering Technology\eDSMSNfix.exeC:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Windows\RtHDVCpl.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Windows\faceback.exeC:\Users\Josh Stanley\svchost.exeC:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exeC:\Windows\system32\wbem\unsecapp.exeC:\Users\JOSHST~1\AppData\Local\Temp\RtkBtMnt.exeC:\Windows\system32\cmd.exeC:\Windows\explorer.exeC:\Program Files\limewire\limewire.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.... Read more

Answer:I Dunno, A Problem

Hello Josh1352 and welcome to BleepingComputer,1. * Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer Go to Control Panel > Internet Options > General tabUnder Browsing History, click Delete. Click Delete Files, Delete cookies and Delete historyClick Close below.* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu..Click the Clear now button below.. A new window will popup what to clear.Select all and click the Clear button again.Click OK to close the Options window* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.2. Please download Malwarebytes' Anti-Malware from Here or HereDoubleclick mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is complete... Read more

1 more replies
Relevance 41.41%

Logfile of HijackThis v1.98.2
Scan saved at 12:29:45 AM, on 1/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\PROGRA~1\NORTON~2\NORTON~4\GHOSTS~2.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Pro... Read more

Answer:HJT LOG...dunno what the problem is

Hi audiboy, Welcome to TSG!!

Download Spybot http://www.safer-networking.org/en/download/index.html

Click on "Search For updates" when prompted.

Scan, click on fix problems.

Reboot.

Download AdAware SE Personal: http://www.lavasoftusa.com/support/download/

Install the program and launch it.

On the bottom right-hand corner of the main window click on Check for updates now then click Connect and download the latest reference files.

In the main window: Click Start and under Select a scan Mode tick Perform full system scan.

Deselect Search for negligible risk entries.

To start the scan, click the Next button.

When the scan is finished mark everything for removal and get rid of it. (Right-click the window and choose select all from the drop down menu and then click Next)

Reboot and post another log.
 

1 more replies
Relevance 41.41%

I jus gotta trojan. here's where it is

C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\RR37Y0SY\media[1].htm

i went ta owner but i don't see local setting, how do i delete this??
 

Answer:Trojan, dunno how ta get rid of it

15 more replies
Relevance 41%

I think it may be my GPU; Asus GTX 280.

Sometimes after I login into my user the screen goes weird (2 tone red and black, looks pixelated too). I will try to take a pic of it when it next happens and upload it. when this happens i just reboot and hope it works properly, most of the time it does.
this also happens seemingly at random during games i play (mount and blade warband atm).

specs:
cpu: intel quad q6700
gpu: asus gtx 280
Hard drive: WD caviar black 750 gig
psu: corsair 750
mobo: p5nesli

is my gpu dying?

Answer:I crash, dunno what's causing it

Hello !!

Follow this article Run Selective Startup using System Configuration and reboot in Selective Startup and see if that fixes your problem.

Hope this helps,
Captain

7 more replies
Relevance 41%

Ok heres the situation im outta town from where this is but this is my step fathers pc and heres what happened.

i was down there for thanksgiving and when i left i gave him a ram stick (800 mhz i think) 1gb . of course i didnt know if it worked on his or not (his is a older pc). but he called me a week later and told me that when he put it in either it didnt turn on (dunno which either) or the tower turned on but the screen didnt come on and he took it out and even took out his video card and put back in but ever since then his tower will run but the monitor will not it just keeps saying "stand by mode in 5 secs" then just shuts off. does any1 know whats wrong?
 

Answer:Monitor or Ram Problem (Dunno Which)

7 more replies
Relevance 41%

That's my HiJackThis file, before I begin my issue.

Ok, seems my mom got on my pc a few days back and when I came back from my trip, my PC would not run World of Warcraft because some of the files were corrupt. I knew about this issue and knew it was some sort of virus, trojan, spyware, w/e. Just to play it safe I ran WOW Repair Kit to search the files to see if anything was corrupt, and it came back clean... So now for sure it's something wrong with my PC.

Other symptoms I knew it is going wrong, I wanted to dl HiJackThis and put it into the search on google.com. I clicked on majorgeeks.com link to HiJackThis and it took me to Stopzilla? or something like that. I've been running the past few days AVG antispyware and nothing, I get some trojans repeatedly showing up, I delete and when I restart and rescan it'll just come back sometimes.

HELP ME!
 

Answer:Trojan? Spyware? Dunno [HELP!]

You want to read and run these steps before posting logs, then post in the malware forum



http://forums.majorgeeks.com/showthread.php?t=35407Click to expand...


 

2 more replies
Relevance 41%

I bought an ASUS internal DVD Writer yesterday.
after installng it in my CPU and run the computer

i saw a message upon boot on the screen i can see

"Secondary IDE channel NO 80 conductor installed"

what does that means? is my DVD writer broken?

but i can enter my windows.. so im wondering what does the message means,,

PRIMARY = HARD DISK
slave = CD-ROM
Secondary = DVD Writer
slave = CD Writer...
also i have noticed that if i forgot to close the DVD Writer and turn off the computer, it does not close automatic before shutting down.- leaving the DVD writer open..
the other two drives close upon shutting down..
so is the DVD writer broken?

i want to know if its broken, so that i could return it to the shop..
but i want to make sure if its really broken.. i dont want to humilate myself on the shop..

thank you.. sorry for bad english..
 

Answer:Help me please... i dunno if my DVD Writer is broken...

13 more replies
Relevance 41%

im new to this stuff so bare with me sorry. well i formatted and upgrade my Vaio Cs 32bit VGN-CS23G from vista to windows 7. and my class mate says i need to find some drivers. i found a list on this vaio website, but i didnt know which one i needed. thanks.
 

Answer:i dunno which drivers to install

You may not need any driver. When you look in Device Manager are there any yellow exclamation marks showing? In Windows 7, go into Control Panel>System and Security>System>Device Manger.

For your Reference, here is the support page for your computer. Use the drop down box to pick your OS.

http://www.sony.com.sg/support/product/VGN-CS23G
 

3 more replies
Relevance 41%

network:

comp specs 1: 1.63 Ghz Athlon XP 1800+, 512 MB RAM DDR, 64MB Winfast Geforce 3 ti 200, Windows XP Pro Build 2600 w/ SP1
comp specs 2: 500 Mhz, 128 MB SDRAM, 16MB Integrated Motherboard Video Card, Windows XP Pro Build 2600 w/ SP1

router: Linksys BEFSR41 firmware 1.44.2z

problem:
i cant believe im having problems with this (ive taken the cisco CCNA course), but after reformatting the older comp (comp 2), i cant get the newer comp (comp 1) onto the network. ive done the normal xp network wizard, but the newer comp will error out no matter what setting i put it on. so i did everything manually, setting the ip addresses, resetting and reconfiguring the router, but all i can get is that each computer can see the other, and i can access files on the newer computer using the older computer. however, the newer computer cannot access the older computers files. thanks for any help.
 

Answer:dunno wats wrong...

I'll recommend the easy way, even though some forum members can't seem to understand why it works. Install the NETBEUI protocol on both machines, and I suspect you'll be browsing after that. It's on the XP CD in the VALUEADD directory.
 

1 more replies
Relevance 41%

I was playing Wolfenstein - Enemy Territory, whilst talking to a friend over Skype, and I suddenly get this blue screen error... It's the first thing that's gone wrong with my newly built PC, and I dunno why. My PC restarted before I could jot down the specific error, but it said something like "Driver_not_less_or_equal". It recommended I remove newly added hardware, what is up :'(
 

Answer:First BSOD... Dunno what happened

16 more replies
Relevance 41%

this was on someone else's computer and she system restored before i could take a look at it so i can't tell you what virus i think it was or what her symptoms were aside from adult theme pop-ups. but i know all viruses are not removed by system restore so i am looking to see if she is still infected. i have run mbam and it said her comp was clean. rootrepeal would not run because i says it does not support 64...(sommething or another. i should have paid more attention to that error) thank you all for your help in advance. here is her dds log:DDS (Ver_09-12-01.01) - NTFSX64 Run by Maler at 11:38:06.47 on Thu 01/28/2010Internet Explorer: 7.0.6001.18000Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.4058.2787 [GMT -5:00]AV: Norton Internet Security *On-access scanning enabled* (Updated) Copyright Information 4SP: Windows Defender *enabled* (Updated) Copyright Information 3SP: Norton Internet Security *enabled* (Updated) Copyright Information 2FW: Norton Internet Security *enabled* Copyright Information 1============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k Local... Read more

Answer:i think i'm infected. dunno what kind.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

23 more replies
Relevance 41%

hi there,i just bought warcraft iii and its expansion frozen throne. i installed the game in my computer using my friend's cd rom drive. problem is the game is looking for a cd. im sure this is already an old question since ive seen many internet cafes having the game saved in their hard drive without the cd. but would anyone please help me. ive tried installing a virtual cd but i dont know how to use it. i think its circle of one virtual cd. and right now, i have a second problem coz i have a drive z in my computer and i dont know how to remove it. so wrapping up, my two questions are1. would someone be kind enough to give me a step by step procedure on how to prevent games (warcraft iii) from looking for a cd when i want to play it2. how do i remove the drive z in my computer??? thanks in advance

Answer:game looking for a cd..an old question i dunno

use gamejackel but yu will have to play the game with the cd 1or2 times for jackel to learn it then you wont need cd anymore this worked fo me on bf2 and bfvietnam   as for drive z you should go to its properties and uninstall or delete it  good luck ...... over n out

2 more replies
Relevance 41%

I cannot use IE. It simply will not open. When I open it without add ons it will open but when I try to leave the blank page it crashes and leaves "view downloads" open. And any program that uses IE causes a massive amount of errors saying "C:\Windows\system32\mshtml.dll is either not designed to run on Windows or contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support." However I can't re-install IE because it won't let me install it while it's already installed and it won't let me uninstall because when I go to programs and features>manage updates and right click on IE11 to uninstall it comes up saying "An error has occurred. Not all of the updates were successfully uninstalled." I also tried taking mshtml.dll from my fiance's computer and pasting it over mine but it says I don't have permission (even though I am administrator). This seems like some sort of cruel joke. Catch 22 everywhere. HALP

Answer:MSHTML.DLL corrupt dunno how to fix it.

Let's start with this...

Please follow the Windows Update Posting Instructions and post the requested data
If the file is too large (8MB compressed), remove the older CBSPersist cab files until the final file is below the limit - you can always post them separately after zipping them. (the forum doesn't allow the upload of bare CAB files, for a number of reasons)

9 more replies