Computer Support Forum

Latest Storm Variant Dude!

Question: Latest Storm Variant Dude!

Posted on Sunday, December 23rd, 2007by Jose Nazario The Storm Worm is back, this time it?s got a Christmas theme. Who knew that it would take them so long to do this? Here?s a sample mail: Date: Sun, 23 Dec 2007 21:19:19 -0500From: geneoldham[at]usmint.treas.govTo: ---Subject: Find Some Christmas Tailgot a sec?Winter can be cold. I bet you could use a little something to warm youup. Take 2 min out of your day. You wont regret it. ;-)hxxp://merrychristmasdude.com/That domain, merrychristmasdude.com, has a bunch of nameservers and a lot of IPs associated with it - Fast Flux! An infected host will drop the file:C:\WINDOWS\disnisa.exeAnd store the peerlist in:C:\WINDOWS\disnisa.configA pair of randomly chosen ports - one TCP and one UDP - will be opened.It will lower the firewall and add a registry entry to make sure that firewall permission is permanent.After that, the usual Storm worm mayhem begins.AV detection for this sample is pretty modest at this pointMore Detailed Analysis @ ARBOR NetworksAdditional analysis over @ Digital Intelligence and Strategic Operations Group

More replies
Relevance 100%
Preferred Solution: Latest Storm Variant Dude!

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Relevance 69.29%

US-CERT has received reports of new Storm Worm related activity. The latest activity is centered around messages related to the recent earthquake in China and the upcoming Olympic Games. This Trojan is spread via an unsolicited email message that contains a link to a malicious website. This website contains a video that when opened may run the executable file "beijing.exe" to infect the user's system with malicious code...us-cert.gov

More replies
Relevance 67.65%

This new variant has been spammed extensively, but it should be easy to avoidNew Storm Worm Variant - Avoid FunGame.ZIP Attachmenthttp://www.f-secure.com/weblog/archives/ar...7.html#00001238We're seeing a substantional seeding of a new Storm Worm variant. Inside fungame.zip is fungame.exe

More replies
Relevance 67.65%

A new Storm (aka Nuwar, Tibs) email variant has started circulating. This virus family can generate significant volumes of SPAM with URLs that can automatically download and install malware. Most likely, some of the hostile links will be shutdown as discovered.ISC: Riding out yet Another Storm Wave http://isc.sans.org/diary.html?storyid=3063Sadly you won't need a surf board for this one. Just to give you a heads up, there is a new round of emails with malicious links that is making its way to the inbox of many folks. If you haven't gotten one yet, just give it time. VERY LIMITED PROTECTION: AV vendors are adding this new variant========================
SAMPLE OF EMAIL MESSAGE
========================

Subject: You've received a postcard from a family member!

Message: May have following text with hostile URLs

--------
OPTION 1
--------

Click on the following Internet address or copy & paste it into your browser's address box. <URL removed>

--------
OPTION 2
--------
Copy & paste the ecard number in the "View Your Card" box at <URL removed>

Answer:New Storm Variant - Greeting E-cards With Hostile Links

Example of the new Storm Worm variant from my in-box ... Please do not click on the numerical IP addresses found in Option 1 or 2 URLs. If you select these, you will get a malware infection that is very difficult to clean.From: "americangreetings.com" [REMOVED]

To: [email protected]

Subject: You've received a postcard from a family member!

Date: Thu, 28 Jun 2007 20:40:01 -0700
Good day.

Your family member has sent you an ecard from americangreetings.com.

Send free ecards from americangreetings.com with your choice of colors, words and music.

Your ecard will be available with us for the next 30 days. If you wish to keep the ecard longer, you may save it on your computer or take a print.

To view your ecard, choose from any of the following options:

--------
OPTION 1
--------

Click on the following Internet address or copy & paste it into your browser's address box.

http://[REMOVED]/?ee7c634591933434671c16a2e59b1

--------
OPTION 2
--------

Copy & paste the ecard number in the "View Your Card" box at http://[REMOVED]/

Your ecard number is ee7c634591933434671c16a2e59b1

Best wishes,
Postmaster,
americangreetings.com

1 more replies
Relevance 67.65%

April 12, 2007 (Computerworld) -- A massive spam outbreak that tries to trick recipients into opening a file attachment that can hijack their computers has already broken records, security companies said today.According to researchers at Postini Inc., the spam run is the largest in the last 12 months, and more than three times the volume of the two biggest in recent memory: a pair of blasts in December and January. "We're seeing 50 to 60 times the normal volume of spam," said Adam Swidler, senior manager of solutions marketing at Postini.Arriving with subject headings touting Worm Alert!, Worm Detected, Spyware Detected!, Virus Activity Detected!, the spam carries a ZIP file attachment posing as a patch necessary to ward off the bogus attack. The ZIP file, which is password protected -- the password is included in the message to further dupe recipients -- actually contains a variant of the "Storm Trojan" worm, which installs a rootkit to cloak itself, disables security software, steals confidential information from the PC and adds it to a bot army of compromised computers.This new version of the Storm worm is out there, as I'm seeing copies as well. Trend has declared MEDIUM RISK and as the Computer World article shares this multi-threaded spam engine is massively emailing copies out there. Nuwar.AOP - MEDIUM RISK for new Storm Worm variant http://www.trendmicro.com/vinfo/virusencyc...M%5FNUWAR%2EAOPMassive spam shot of 'Storm Tro... Read more

More replies
Relevance 62.73%

Latest Storm Worm - uses fake You-Tube linksThis new version of the Storm worm is designed to appear as legitimate video links to You Tube's site. Please be careful with all email links as the storm worm attacks continue. Storm of the Day, Now with YouTube http://isc.sans.org/diary.html?storyid=3321 The latest variation of the Storm worm claims to be a you tube video. The link looks like a link to you tube, but actually points to a "numeric" URL like old storm variants. The downloaded binary is called "video.exe" SAMPLE COPY - (with malicious content removed)To: Harry
Subject: how did you get that on film, man?
From: (REMOVED)
Date: Sat, 25 Aug 2007 18:18:16 +0530

You can see your face right in the video. its all over the web dude. see for yourself ...

(URL REMOVED) ... The link appears to be a valid U-Tube address but is spoofed to direct users to a malicious web site

More replies
Relevance 62.73%

The ever-changing Storm Worm is now circulating new variants. I've personally started receiving copies captured in my spam filters. The new version uses inappropriate subject lines as noted by the ISC below. Based on samples received, these messages contain only a URL (with only a numeric IP address) in the body of the email text. URLs in spam email are usually always dangerous sources of malware (esp. numeric IP addresses). Users should avoid these new attacks as this virus is very difficult to clean and can affect both the privacy and performance of the PC itself.Storm Worm - Inappropriate themes in latest variantshttp://isc.sans.org/diary.html?storyid=3286

More replies
Relevance 62.73%

YouTube Duped in Latest Storm Worm Attack

I am constantly amazed at how many people actually fall for this stuff. I know you guys are all smart enough to avoid e-mail tricks like this so it really makes me wonder who is stupid enough to keep clicking on attachments and following strange links.

Headlines like "OMG, what are you thinking," offer storylines that read "this i [sic] not good. If this video gets to her husband your both dead. see for yourself." Alternative subject lines read, "LMAO, your crazy man" and open up to text

More replies
Relevance 62.73%

The Storm worm (aka Nuwar) is one of the worst threats out there as it contains some of the latest advancements in malware techniques (including very realistic social engineering on it's latest e-card versions). While most users don't run Virtual Machine environments, one variant seems to be searching for it to possibly hide better or even damage other logical partitions Latest Storm Worm - Is it a VMware or Virtual PC hopper? http://isc.sans.org/diary.html?storyid=3190 While the Storm worm hasn?t brought anything really new, the authors definitely went a step further ? the Storm worm?s code looks much better than a lot of malware we?ve seen. And besides that, you have a custom packer that makes analysis and detection more difficult, rootkit capabilities so it?s completely hidden, P2P botnet control and so on. While analyzing one sample I noticed that the Storm worm tries to detect if it?s running in a virtual environment. This became pretty popular with malware writers lately. The main reason their doing this is (presumably) to make analysis more difficult. The first step in malware analysis today is typically to run it in an isolated environment and to monitor its behavior.

More replies
Relevance 62.32%

Latest Storm Worm - eCards now uses HTML and fake URLs The ever-changing Storm Worm (a.k.a., Nuwar, Zheltain) has been revamped from plain text to HTML. This conversion process allowed the malicious authors to hide the dangerous numeric IP addresses and make it appear as a legitimate e-card site. The latest versions of most browsers (e.g., IE 7, Firefox 2, Opera 9, etc) allow users to "hover over" a URL and see the true address found in links (just be never to click without verfication). The best practice is to avoid these messages completely, as hostile scripts could be embedded in future iterations of these massively spammed attacks. Clicking on the URL could automatically download and install some of the worst malware circulating in-the-wild. It is very difficult to detect and clean. Folks can save hours of aggrevation and possible damage to their systems by being careful and thinking before they click. Finally, all users should keep their Anti-virus protection as up-to-date as possible to avoid these daily changing attacks. ?Fun World?? Not Really?Part 2 http://www.avertlabs.com/research/blog/ind...-really-part-2/ Today Nuwar/Zhelatin spammed out several thousand mails, which are very similar to those we saw yesterday. Although the spam template did not change at all, the format of the mail changed. It changed to HTML instead of plain text, but it does not contain any active content such as JavaScript or ActiveX. Compared with the last spam wave, the IP addres... Read more

More replies
Relevance 62.32%

Latest Storm Worm - Fake downloads for privacy softwareThe latest variant has been massively spammed and I'm personally received copies. It is designed to trick folks into thinking they are downloading TOR or other free privacy software (i.e., packages designed to communicate anonymously over the Internet). However, clicking on the malicious website link will have the opposite effect as infected PCs will give up privacy and start participating in a huge 1.7M botnet. F-Secure: sTORm Wormhttp://www.f-secure.com/weblog/archives/ar...7.html#00001272A new round of storm worm attacks are playing on people's paranoia against being watched online. This time the lure leads users to a "TOR download" page, which is? surprise, surprise? fake.Trend - Nuwar poses as TOR Proxyhttp://blog.trendmicro.com/nuwar-poses-as-tor-proxy/Trend: Nuwar.AQL Informationhttp://www.trendmicro.com/vinfo/virusencyc...AQL&VSect=PEMAIL EXAMPLE:From: (REMOVED)
To: Harry
Subject: Your Privacy is being violated
Date: Thu, 6 Sep 2007 16:31:45 +0200

Whenever you are downloading things, they are watching you. RIAA is going after everyone they can. They can't trace you if you use our new software. This software is made available free, so we can keep the internet free and private: (MALICIOUS URL REMOVED)

Answer:Latest Storm Worm - Fake Downloads For Privacy Software

Today we started seeing new Storm mails and the web pages changed layouts completely. Now the theme is National Football League (NFL)...f-secure.com/weblog

4 more replies
Relevance 62.32%

The new attacks feature free music video links. The URL in these spammed emails leads to a dangerous website that automatically downloads & installs one of viruses on the infected PC. Nuwar/Zhelatin/Storm took a naphttp://www.avertlabs.com/research/blog/ind...orm-took-a-nap/Watch out for mails offering videos from: Snoop Dog, Beyonce, Hurricane Chris, Emenem, Lil Mama, Heuy, Chris Brown, Eagles, T-Pain, Fergie, R. Kelly, Sean Kingston, Kelly Clarkson, Velvet Revolver, Fat Boy, Akon, Rihanna, Foo Fighters.Trend Micro: WORM_ZHELATI.MAB informationhttp://www.trendmicro.com/vinfo/virusencyc...5FZHELATI%2EMABBehavior Diagram - complex malware attackhttp://www.trendmicro.com/vinfo/images/WOR...ATI_MAB_BD2.gifEMAIL EXAMPLE TO AVOID (you tube variant)Subject: are you kidding me? lol
Message body: Dude I know thats you, someone emailed me has link to the video. see for yourself? http://www.youtube.com/watch?v=xxxxxxxxxxx
<<< Fake malicious URL that automatically downloads virus from site

Answer:Latest Storm Worm - Features Music Video Offers

hahah, looks like they're embedding it into the flash video. oh boy...

1 more replies
Relevance 62.32%

Latest Storm Worm - Join the Beta Testing programNo personal copies yet, but I'm sure the 1.7M Botnet will be sending us some soon http://www.avertlabs.com/research/blog/ind...ore-nuwar-woes/QUOTE: The Nuwar gang are up to no good again. So far we?ve seen a dizzying flurry of malicious ecards, sexy emails, membership themes and YouTube bait over the last couple of weeks from the authors of the Storm worm. The latest spam run calls for beta testers to try out a product in exchange for life time free updates. A sample mail is as follows

Answer:Latest Storm Worm - Join The Beta Testing Program

Got one yesterday. Looked at it and deleted it. It just looked fishy to me and I didn't recognize the sender. I didn't know what program they were talking about and I don't download things blindly. Good to see my instincts were correct. One question. I have a Blogger blog and I'm just wondering how these viruses wound up on the blogs and what I might be able to do to prevent it. Your hard work is greatly appreciated.

1 more replies
Relevance 60.68%

The problem is like this, few days ago i feel lagness, my harddisk took a huge amount of time for just loading simple things, so i think theres loads of infection, i scanned and delete some of it but it is still the same, and my windows firewall cannot be switched on also, everytime i click [on][recommended] inside my windows firewall settings, and press [ok], i reopen the windows firewall settings, it is reseted back to [off]. Anyone can take a look at my log.I post my log before at other forum and they told me i got the latest variant of Delf and ask me over to here for help.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:35:28 PM, on 9/29/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:�... Read more

Answer:Latest Variant Of Delf?

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:Preparation Guide For Use Before Posting A Hijackthis LogPlease also post the problems you are having.

1 more replies
Relevance 59.86%

Webroot reported finding a Zeus Trojan infection today.  At the same time the Windows desktop crashed (BSOD) from the process F35.tmp (infected file, removed by Webroot).  The user was in Internet Explorer at the time so I'm guessing it was an exploit.  Now I can see all kinds of bogus domains in the DNS cache but I can't find the infection.  I also cannot run MBAM, TDSSKILLER, or EmsisoftEmergencyKit. They just open then close immediately.  Webroot no longer finds anything. 
 
FRST runs..
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by me (administrator) on badpc on 25-06-2015 16:27:39
Running from C:\LLC\Tools
Loaded Profiles: me (Available Profiles: other1 & other2 & me & pcadmin)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(Invincea, Inc.) C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program File... Read more

Answer:Infected with latest Zeus variant

A little more into this with Process Explorer.. I see one svchost process making a periodic TCP call to localhost on port 9050 (possible Tor).  It will also make a separate call to 217.150.201.9 on port 80, but nothing is listening there (yet).  How can I see what is controlling this process?  I have no permissions to it.
 
Okay, I was able to suspend it.  That stopped the funny DNS queries.  I still can't get mbam or the others to run.
 
I could run GMER
 
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2015-06-25 19:56:24
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKX-75U6AA0 rev.19.01H19 465.76GB
Running: gmer_rookitfinder.exe; Driver: C:\Users\me.SITE\AppData\Local\Temp\kxldapod.sys

---- Threads - GMER 2.1 ----
Thread    [6664:6740]                                                                                                         ... Read more

9 more replies
Relevance 59.86%

I have been approached by a number of coworkers who have fallen victim to the latest koobface variant circulating on facebook.
those who have made attempts to remove it have failed, this includes several who have PAID "techs" to attempt the removal.
Is there anything known to stop and remove this latest variant that i can pass along to the unfortunate?

more information as i can get it.
Thanks

Answer:Latest facebook Koobface variant...

several of my friends have also been 'infected' with this worm. more info:

subject gets an email from within a social network site (facebook...hence koobface, myspace, or any of the others), from a friend they know, inviting them to watch a video.... either on youtube or facebook video are the ones i've been invited to, however the link obviously doesn't take them to youtube, it takes them to something like www.34232432ueriwo.youtube.342432.com so to some people it looks legit...when subject gets there, it asks you to download a 'flash update' or a 'video codec'. kazaaaaam! subject is now infected. people with norton have told me that norton pops up and stops them downloading it.... people with mcafee haven't had the same luck... and have been infected.

the person i know with mcafee said she updated mcafee, removed the virus, and is 'all=set' but, today i'm getting more video invite emails from her...

anyone know a surefire method of getting rid of this sucker yet?

1 more replies
Relevance 57.81%

On 05 Apr 2015 I attempted three separate downloads of Handbrake 0.10.1 from specific link http://www.majorgeeks.com/mg/getmirror/handbrake,2.html and BitDefender blocked all three attempts, detecting Gen.Variant.Kazy.573282 in all three downloads.

From handbrake.fr (source site), handbrake successfully downloaded with no Bitdefender interference.

Might be false positive, but wanted to warn you.

Note that I tried again today when sending this, and BitDefender again responded with a block and Gen.Variant.Kazy.573282 detection.
 

Answer:Gen.Variant.Kazy.573282 detected in latest Handbrake download

JoeRay12 said:





Welcome to Majorgeeks

This is the wrong forum for that type of thread - it's a Software issue and you will see that forum below.

As far as BitDefender is concerned, all AV programs report False Positives now and again.
If you want to confirm that then simply run the downloaded set up file to the online scanner Virus Total here:
https://www.virustotal.com/uk/

You can go to BitDefender and report a false positive to them via their support/contact and there must be an option in BitDefender for you to add an exception/don't scan or report.Click to expand...

Moved to Software and as JoeRay12 stated as far as the scan...the download comes out clean on every one, including bitdefender, so I'm not sure what your machine is pulling up. Here's a copy of the analysis:

https://www.virustotal.com/uk/file/...e397fc610f3c5274d4970dbf09ec10e8cd4/analysis/
 

3 more replies
Relevance 54.12%

Usually, the first of every month you can anticipate new variants of: Sober, Bagle, MyDoom, and Mytob to all emerge. The ISC sees 3 potential factors to be EXTRA watchful this week for new threats to emerge:Internet Storm Center -- Possibility for disaster?http://isc.sans.org/diary.php?date=2005-07-03At the Internet Storm Center, we sometimes see dark clouds gathering on the horizon. Sometimes it doesn't come to a real storm, sometimes it does. Unlike the real storm centers we don't have mathematical models to help in our predictions just yet. Main problem is that it would mean we'd have to predict human nature.1. As a first ingredient we have the probing and even at least one worm/botnet on the loose attacking unpatched phpBB installations.2. As a second ingredient we see the 0-day exploits and the lack of a real patch from Microsoft for the javaprxy.dll . This makes the most popular browser potentially seriously vulnerable as this exploit matures. 3. The final ingredient is timing: in the US it's Independence Day tomorrow, which most probably only leaves a skeleton staff at key places.

Answer:Internet Storm Center - Storm clouds on the horizon?

The point about a SKELETON staff seems a GRAVE situation.
Regards,
John

1 more replies
Relevance 51.25%

American and Russian law enforcement agencies have finally identified the criminals behind the Storm worm, one of the nastiest pieces of malware to ever hit the Internet...The exact number of people involved as well as their identities aren't being released while Russian authorities wind their way through multiple diplomatic, law enforcement and government channels. Things will get even more complicated if U.S. law enforcement agencies demand extradition...internetnews.com

Answer:Storm's Creators Face A Storm Of Their Own

Wow... It's about time. I can't wait to see these guys brought to justice. Thanks for the news. It brightened my day.

1 more replies
Relevance 47.56%

This all started this afternoon with what I believe was a compromised site that I got redirected too installed Spyware Guard 2008, which unloaded a -large- amount of spyware and malware on my computer. A combination of Avast, Adware 2008, and SuperAntiSpyware managed to find and destroy SG2008 and most of what it brought with it, although it forced a reinstall of Firefox. However, Smitfraud and Vundo both reappear when I run SuperAntiSpyware no matter how many times. Avast hasn't detected anything, though it occasionally tells me that the computer is trying to take me to a infected site and stops that. I've noticed some intermittent popups, nothing like SpywareGuard's however. Any help to rid myself of this is -greatly- appreciated.

DDS (Version 1.1.0) - NTFSx86
Run by Kyle at 4:09:58.75 on Wed 12/24/2008
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1477 [GMT -6:00]

AV: avast! antivirus 4.8.1296 [VPS 081223-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32&... Read more

Answer:Vundo Variant/Rel & Smitfraud Variant-Gen/Bensorty Infection

Hi Fastburn,

Sorry for the long delay, this forum is always a busy place and we do our best to
keep up. Give me some time to look over your log and i will get back to you as
soon as possible, if you no longer require my help please let me no.

Thanks

Syler

4 more replies
Relevance 47.15%

Hi my pc has become infected, keep on getting annoying pop ups. Superantispyware finds the following but does not remove them.1 - adware vundo variant; 2 - adware vundo variant/HAL; 3 - rootkit Haxdoor Variant;any help would be much appreciated.log of hijackthis as follows:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 17:29, on 2009-01-20Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\VTTimer.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\WINDOWS\system32\S3trayp.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\PeerGuardian2\pg2.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\wscntfy.exeC:\Program Files\Belkin\F5D9050&... Read more

Answer:help pc infected; adware vundo variant; adware vundo variant/HAL; rootkit Haxdoor Variant;

hi, We will get a download to use. Its called combofix. There is a guide you can read first before using it. It will explain what you need to know. Read through the guide, download combofix and follow the prompts. Dont forget to disable any of your Antivirus and antimalware applicatons so they dont interfere. Also your firewall so the recovery console can be downloaded and installed and combofix updated if needed. Post the combofix log in your replythe guide:http://www.bleepingcomputer.com/combofix/how-to-use-combofix

3 more replies
Relevance 46.74%

Referred from here: http://www.bleepingcomputer.com/forums/t/272591/i-am-infected-antivirus-plus-vundo;-i-need-help-please/ ~ OBGreetings!One of the moderators "Boopme" has adviced me to m ove into this step. Here are the main issues:* A Vundo Variant will keep reapearing* Google and Ask.com searches re-directed to other links, * None of these products, McAFee, Stopzilla, SuperAntiSpyware have successfully removed infected dll called c:\windows\system32\zowiyari.dll * I have also been unsucessful dowloading Malawarebytes Anti-Malware due to some code errors that state the following: "Unable to execute file c:\programfiles\malwarebytes' anti-malware 2\mbam.exe Create process failed: Code 2 The system cannot find the file specified" Also: error code: 707 (3,0)* I am currently not been bombarded with the annoying advertising pop-ups* My wallpaper would change from my selected background to a plain black background* Computer is still running a bit slow* and Finally at the end of running the RootReal Log I received an error message that stated: "Could not read system registry, Please contact the author" - Device Io Control Error ! Error Code 0xc0000001Here are my log reports:UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH ITDDS (Ver_09-10-26.01)Microsoft Windows XP ProfessionalBoot Device: \Device\Harddisk... Read more

Answer:Infected: Vundo Variant, Antivirus Pro Variant

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until ... Read more

36 more replies
Relevance 46.74%

Out of the blue my computer started playing some head-banger hip-hop. I knew this was a Very bad sign so I ran
ATF Cleaner, Registry Mechanic and Super-antispyware (all updated today supposedly)

I have a SONY VAIO with
Windows XP-home, use
Internet Exporer 6.0.299
Medium computer skills.

SuperAntiSpyware keeps identifying the following every time I reboot & run it

Vundo/Variant-2009
Vundo/Variant-UX
Trojan.Agent.FakeALert
Rootkit.Agent/Trace
Rootkit/Gen-FraudLoad
Please help me with this persistent mess. HJT log below.
Thank you, Susan
Logfile of HijackThis v1.99.1
Scan saved at 4:47:29 PM, on 2/25/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platf... Read more

Answer:Please Help Persistent Vundo Variant 2009 /Variant UX

16 more replies
Relevance 44.69%
Question: dude

Hello fairly simple question i think? I like to display pictures from a folder on my desktop. all the photos from my cheap cell phone from which i emailed to my computer are clear and crisp. the ones friend send from their iphone and proper digital cameras display blurry and distorted? I have tried to change pixel size in iphoto but can not find a way?

thanks
 

Answer:dude

8 more replies
Relevance 44.69%
Question: What next dude?

Hey chaps,
So, I?ve ran through all your Read & run First steps, and ran CCleaner... as far as I can tell 2 problems remain.
The first is on starting up IE: on start up of my pc the following virus warning appears (see 1st screen shot). AVG detects it and asks if I want to heal or quarantine, I have done both.
Second, is the most frustrating, certain web sites that I visit, (non-porn) do this really annoying thing, I get automatically re-directed to a dell search page, I run a dell PC and at the top of the page it says: Sorry, we couldn't find http://ad.uk.doubleclick.net/adi/N3784.AND/B2258036;sz. Here are some related websites: (2nd screen shot was too big to post, should i e-mail?)
I also run a registered copy of Spyware Detector, this obviously hasn't detected it.
Plus, when I opened up majorgeeks.com the following message appeared. (See 3rd screen shot)
Can you help, please?
 

Answer:What next dude?

Hi

you'll need to attach the logs requested from the Read Me guide.




When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
CounterSpy
AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
Bitdefender - from step 6
Panda Scan - from step 6
runkeys.txt - the log from GetRunKey.bat
newfiles.txt - the log from ShowNew.bat
HijackThis

NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
 

4 more replies
Relevance 44.69%

Hi everyone, am new to this forum.Having a hard time removing some horrible malware. am attaching log files please help....
 

Answer:New Dude About To Cry!!!

Also..
 

12 more replies
Relevance 44.69%
Question: Dude

Ok so this happened on my old XP machine, and just recently on this Vista one.

As far as i can tell, it is harmless, and i have barely noticed it, but it is a little frustrating.
All it is, is some virus or something. All that happens is some guys voice (maybe about 20 year) comes on the speakers saying "dude" in a weird sort of way. It happened quite a bit on my XP machine, but only once on this one. I looked on the internet and found nothing, and I am confused as to what it is.

Its not a huge issue, I can survive with it for now (until i reinstall) but i wanna know wtf is with it.

~Lordbob

Answer:Dude

LMAO, are you serious? Never heard of that one. Have you ran full scans with an AV and antispyware apps?

19 more replies
Relevance 44.28%

day one of my problems the computer froze up would do nothing so I attempted to reboot and it would not allow me to shut down so I powered off with the power button, it worked for most of that day
then later either that day or the next it froze up again and I was able to reboot, then just yesterday I set the laptop down softly and it shut off this happened twice.
The second time it would not boot, the power led would come on for about 4 seconds, and the battery light would flash about every 3 seconds. I tried taking the battery out and just leaving the power cord plugged in and it worked so I left it that way for some time, later in the day I put the battery back in just because I did not like leaving the battery out and having an opening for dust etc. to get in.
I set it down awhile later and again it shut and hasn't come back on. I still get the power light for 4 secs, and and then battery light flash every 3 or 4 secs. I am a little knowledgeable about computers so I took it apart and I don't see anything wrong inside.
I reset the CMOS just for fun and did a little cursing, then tried to pray, and here I am begging for help from you kind folks....
I haven't tried the hammer yet, thought I would check here first... Thanks in advance for your help...
Ron
 

Answer:Dude I got a Dell, HELP.....

6 more replies
Relevance 44.28%

Greeting to Dude's here,

I am using window 7 on my computer. From few days a problem is arising in my computer. While running any video suddenly the computer hangs and after leaving it idle for few time it start responding. I have done virus scan not found any solution. What should I do to fix this issue?


Thanks
Jason

Answer:Please Fix My Computer Dude

Fill out your system specs. Click the link in my signature to do it.

4 more replies
Relevance 44.28%

hey how can i disable my onboard video card 8290g/GV/190GL Express Chipset Family chipset using the BIOS in order to install a new driver for my nVidia GeForce FX 5200?? Just wondering if u knew
 

More replies
Relevance 44.28%
Question: Cowabanga Dude(do)

First of all I want to say that I appreciate all the help I have received from MajorGeeks in the past. Thank you.


Now, down to business. First of all the problem is not on this computer it is on my other house computer. Through a recent download we ended up picking up some malware called Cowabanga, Deluxe Communication .


Here is what I have done to get rid of this. Each folder came with an uninstall so I tried that. I also tried to manually delete all folders but it seems that it only morphs itself in other folders.

It has disabled my internet which forces me to use this other computer.


I ran HJT and have attached it


What can I do to get rid of this? Please help.:crybaby
 

Answer:Cowabanga Dude(do)

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
Make sure you check version numbers and get all updates.
Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
Downloading, Installing, and Running HijackThis​Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.​
When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
CounterSpy
AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
Bitdefender - from step 6
Panda Scan - from step 6
runkeys.txt - the log from GetRunKey.bat
newfiles.txt - the log from ShowNew.bat
HijackThis

NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
&... Read more

1 more replies
Relevance 44.28%

I'm running vista (32bit) on an Acer 5310 service pack 2 laptop. I did a safe boot two days ago because of a glitch with IE (a warning saying this script can no longer be run on this page or something such) I've since rebooted in normal mode(I've gone though F8 to do this three times now) to find that the Vista orb has been replaced by the old rectagle style. I'm pretty sure that other design type features have remained in the old style (ie 'safe mode' style) as well.Can any one help please?

Answer:Dude, where's my vista orb?

Right click on your desktop and select Personalize, Theme, and select Windows Vista in the drop down.

6 more replies
Relevance 44.28%

OK i have this problem where my computer keeps restarting. it restarted on me the other day and now i cant get it to start back up in normal mode. i can only get it to start up in safe mode. i have no idea wtf happened please can someone help
-Frank C
 

Answer:Solved: Dude Help Me!

16 more replies
Relevance 44.28%

Some more problems with the comp from hell from dell. My A drive will sometimes just mysteriously vanish from my computer, and I will not be able to save anything to through any other programs. It will sometimes be there when I reboot, but other times it will not.

Any help appreciated.

PS - I love the dell run around. They keep me on hold for 1.5 hrs, and then they just tell me to run a diagnostic check, virus scan, etc and tell me to get back to them. They aren't the most help ever!
 

Answer:Dude, where's my A drive?

6 more replies
Relevance 44.28%

HI,

I just got set up with comcast internet yesterday, I have 2 Desktops, one running XP home, and another running Redhat 9.0, along with 2 laptops running XP Pro.

Befor I was running Quest DSL and everything was working fine,

I am using Netgear wireless router, with a Linksys 5 port hub.

I can only have internet connection to my desktop running XP home, it is hardwired. I have to take incomming internet from modem into one of the ports on the Netgear because the incomming port on Netgear does not work. Then I have internet to the Netgear and my laptop will see that there is wireless but it will not see other computers or the internet. I have tried putting the incomming internet into the incomming port on the Netgear and still nothing. I am not sure what is going on but this is not working and I tried all day yesterday to fix this but nothing worked.

Does anyone have any ideas to try????

~LuMa
 

Answer:Dude where is my Wireless.

Yo,

My wireless router is MR814.

~LuMa
 

4 more replies
Relevance 44.28%

Logfile of HijackThis v1.99.1Scan saved at 5:34:11 PM, on 4/1/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\winyi32.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton AntiVirus\IWP\NPFMntor.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Common Files\Symantec Shared\ccAp... Read more

Answer:like...dude...this is my hijackthis log or something...

Thats alot of stuff lol, my comp has like 10 things.

2 more replies
Relevance 44.28%

click hereOn my second free guestbook.First one no admin access to remove bad post.This one listed above loads ok 1 out off ten times if host is lucky.Anyone know of a reliable guestbook with admin capabilty and loads good?thanks?and possibly password protected currently using a java script with a comment on top of page for view source.(not the greatest).

Answer:Another Guestbook dude

WOW drop the E on DUDE LOL = DUD

9 more replies
Relevance 44.28%

I live in Ireland!

I have tried to purchase a MS Surface RT. I have tried every possibility!

The only possible way that I can buy one legally, is to buy it in the UK & have to shipped to someone in Northern Ireland (Part of the UK. A real Irishman would NEVER do this. I would have to cross the border into NI).

I talked to my Electronics retailer here that has been in business for over 50 years! I buy all my electronics there.

He told me that the only way he cold get them is to buy a skid load. He says he could not invest that kind of money at the expense of his general inventory!

I have contacted the Irish office of Microsoft. All they do is transfer the call to the UK MS Website. I can fill in the order for the Surface, but at the check out, it tells me they CAN NOT ship to the IRSH REPUBLIC!!

Why in HELL was I transferred to THE UK??

I have contacted all the Electronic retailers in Ireland & no one has them!

PC World told me I had to order them online! But they didn't have any idea where!!

WHAT KIND OF SO-CALLED "WORLD WIDE COMPANY" would deliberately boycott A WORLD LEADING COUNTRY!!

MAD AS HELL!!

The "Old Fart"

TULLY!!

Answer:Hey Dude, Where is my Surface RT?

Now you see what us Americans often go through when foreign companies make products, such as Nintendo, Samsung, etc, and we have to wait behind for availability.

I'm quote certain Microsoft wouldn't boycott a "world leading country". They haven't been on the market very long, so my suggestion would be to go to the largest electronics retailer, either in person or online and find one there. If the one who went to isn't a nationwide chain, then they may not be able to purchase them as easily as the major retailers.

12 more replies
Relevance 44.28%

Here is the log: Internet Security keeps getting a Subseven Backdoor Trojan warning.:

Logfile of HijackThis v1.97.7
Scan saved at 11:40:41 AM, on 1/14/2004
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\Explorer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\Fonts\explorer.exe
C:\Program Files\ComSoft\Dialers\xxxCam\xxxCam.exe
C:\Program Files\SCom\Dialers\XXXmpegs\XXXmpegs.exe
C:\winnt\system32\sncntr.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\MSWorks\Calendar\WKCALREM.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Peachw\peachw.exe
C:\Peachw\W32MKDE.EXE
C:\Program Files\RBEnhance\rbenh.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://jump.alta... Read more

Answer:Hijack This log dude!

first you ahev a rapid blaster infection, plus countless adult diallers and a few trojans thrown in for good measure

FIRST
As RapidBlaster tends to mutate if the process isn't terminated first, do download and run RapidBlaster killer by Javacool: http://www.wilderssecurity.net/specialinfo/rapidblaster.html#removal
Launch the program and hit the Scan button.
RBKiller will find any RapidBlaster variants on your system, will kill the process, and delete the Registry Run entry and find the pertaining folder in Program Files, and simply delete it!

then REBOOT then

Download & Run CWshredder from http://www.merijn.org/cwschronicles.html
Close all browser windows,UnZip the file, click on the cwshredder.exe then click "FIX" (Not "Scan only") and let it do it's thing.
and make sure you follow the advice about the security updates listed at the bottom of the page, in order to prevent re-infection, otherwise you will be continually reinfected
the patches are :
http://support.microsoft.com/default.aspx?kbid=828026
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-011.asp
then reboot &
Download Spybot - Search & Destroy from http://security.kolla.de

After installing, first press Online, press search for updates, then tick the updates it finds, then press download updates. Beside the download button is a little down pointed arrow, select one of the servers listed. If it doesn't work or you get a... Read more

3 more replies
Relevance 44.28%

I have a netgear dual band router (WNDR3300). My Ubuntu laptop can see both the G and N networks. However my XP Desktop can only see the G and NOT the N. My desktop has a D-Link Rangebooster N (DWA-142).

Any help?
 

Answer:Dude Where's my wireless n?

12 more replies
Relevance 44.28%

So I've got this Gateway GT4009. That's a good PC, right? I got it for free out of a school that closed.

I'm a little stressed out because the problems I'm having are not consistent. When I first started the computer, it went past the XP spash screen and then it said to press ctrl+alt+delete. BUT before I could do anything it restarted and it did it again then restarted and so on.

So I decided to reinstall XP. It made it halfway through the NTFS format and then it restarted and loaded to the infamous "blue screen of death" and it had a stop code of 0x0000004e, which according to this article is bad ram, so i replaced the ram stick. Then it went to setup. Then it restarted. Then I said screw it, I'm going to ask for help.

Now I've read that this restarting happens for 3 different reasons: 1) OS problems. (which we know it can't be since I'm booting from CD) 2) a hot CPU or 3) a bad power supply. I don't have a replacement power supply handy, so I want to test the CPU heat. How do I know how hot my CPU is and what exactly IS too hot?

Answer:Help a Mac dude understand PC.

Next time before you reinstall, try safe mode (press F8 at startup).

Dunno about what constitutes too hot, but when you boot, you can get into the BIOS (there's a key you have to press right after you power on your PC - maybe Del, maybe F10, don't know what it is for Gateway PC's). Then just navigate around the menu and you're likely to find your CPU temperature.

1 more replies
Relevance 44.28%

I got a client where we gave him a fresh install of Windows Xp Pro Sp2 (Legit Copy + Updates)

This guy installs a chase game, however when it comes to trying to play it, he gets an error message saying that he needs OpenGL1.1 or greater to play it.

I found an OpenGL1.1 on the microsoft website. However think this is mainly for Windows 95 / NT Platforms as it did not do any thing.

I have re-installed the video card drivers (onboard NVIDIA GeForce 6100 GPU on a Gigabyte GA-K8N51GMF-9 SKT 939 Motherboard). Please note that these are the video card drivers from Gigabyte's Website. I have fround that the nVidia Drivers from the nVidia's website does not what to have any thing do with it.

It's currently using Direct X 9.0c (however I have not re-installed that yet)

I have tried looking at the OpenGL.org site. However the only download I can seem to find points back to the same one from Microsoft that I mensioned earlier.
However the website is talking about OpenGL 2.0. There is a lot of blurb on what it does, but no downloads for it.

Any other suggestions on where I can download Open GL 1.1 or greater?

Thank you.

Answer:DUDE! Where's My OpenGL?!?!

Im possibly downloading them from limewire right now, 2 files. I will install them on my pc and test it just to make sure there not junk, but not sure what version they are yet, they say for 2000, XP, so we'll see....

9 more replies
Relevance 44.28%

my brother in law used the computer while house sitting and bam! viruses galore. My wallpaper is hijacked, I get all kinds of security threat alerts saying i'm infected with spyware which lead to spyware removal advertisements, and IE quit working. I have xp professional and an out dated symantec. receive alerts indicating C:/tempar.bat is in quarantine. spy sweeper also says i have coolwebsearch, zenosearchassistant, and a few others. i also get messages about rundll32.exe, mssys.exe, trojanddownloader.xs. I removed something called mIRC, and some other files after reading some posts, but still having problems. Here is my hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:11:30 PM, on 7/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe
C:\Prog... Read more

Answer:one frustrated dude!

6 more replies
Relevance 43.87%

Logfile

< S N I P >

End of file - 13460 bytes

Answer:Some WoW dude said i should post it on a forum, its HJT

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

------------------------------------------------------

1 more replies
Relevance 43.87%

Okay, this is kinda wierd. I havn't used floppies in a long time, since before some changes were done to my comp. Anyway, I need to use one now.... the only problem is my computer doesnt seem to recognize an A: drive! It's just not there. I can't open from it, save to it, view its contents, or even see the freakin logo in My Computer.... it's like it doesn't exist. And yes, the physical drive is there, and I am pretty sure no one has opened my computer and disconnected it or something.

Dude, where's my drive?
 

Answer:Dude, where's my Floppy Drive?

11 more replies
Relevance 43.87%

Told ya them Dell's we're Junk..lol
AN INQUIRER READER attending a conference in Japan was sat just feet away from a laptop computer that suddenly exploded into flames, in what could have been a deadly accident.
Guilhem, our astonished reader reports: "The damn thing was on fire and produced several explosions for more than five minutes".
(Wouln't it be fun to be stuck against a window seat with a 270 fat guy next to you when one of these blows up at 30,000 ft..)
http://www.pixpond.com/1/3kyvx7.jpg
http://cache.gizmodo.com/gadgets/images/delldude.jpg
http://www.pixpond.com/1/3kyvx779.jpg
 

Answer:Dude, Your getting a Melted DELL

16 more replies
Relevance 43.87%

I'm really hoping someone can help me with this because it's driving me nuts.

I have 2 computers hooked up to a router, to share the internet connection.

Recently one of the computers got a really bad virus, so I formatted the hard drive. I decided to format the other computer's hard drive as well, as long as I was at it. After the formats, both computers has intermittent problems connecting to the web. They'd connect, then lose the connection for a while, then connect, etc. I figured the router was shot, since I was already on my second one and I know those things don't last forever. I went out and got a new router and that one seemed to do the trick- for a while anyhow. Now I'm back to the same problem of both computers occasionally losing their connectivity. If I wait a while it comes back, but 5 minutes can be an eternity where you're trying to do stuff online.

Now that I have a new router and I'm still having problems- I figure it must have something to do with my settings. I've turned OFF windows firewall and the firewall in PC-Cillin, but the problem still persists. Beyond turning off the firewall however, I'm afraid I don't know much about what might be causing my computers to have connectivity problems.

Can anyone out there shed some light on which settings I might change in order to maintain my connection? Possibly something in Windows security center, but there's so much stuff in there that I'm af... Read more

More replies
Relevance 43.87%

I need some help folks... I ran the first 5 steps of the malware READ THIS RUN FIRSt. THING. I am seriously freaked out with this computer. Everytime I open IE it is fine...then I go to another web page and the popups start. I dunno what to do. Help. :confused

Im not sure what info you need just tell me I will do my best to provide it.
Just remember...Im not computer lingo saavy
 

Answer:Im a noob computer dude! HELP!

Welcome to MajorGeeks.com, please follow our standard cleaning procedures:

Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support


Make sure you check version numbers and get all updates.
Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

Downloading, Installing, and Running HijackThis

Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around..
When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
CounterSpy Log - only for Windows XP, 2K, & NT users
AVG Antispyware Log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
Bitdefender Log - from step 6
Panda Scan Log - from step 6
runkeys.txt - the log from GetRunKey.bat
newfiles.txt - the log from ShowNew.bat
HijackThis Log
NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
 

14 more replies
Relevance 43.87%

My goal is to mod my Dell until it's no longer recognizable as such.

Here's a summary of my question:
Which should I buy first: a CPU fan, or a mobo/PSU combination? In other words, which is more important: keeping my CPU below 55&deg; C or being able to plug the mobo into the front panel USB, power switch?

Here are the details:
I am tweaking the heck out of my Dell Dimension 2350 Intel P4 1.8 GHz 845GL system. My father got it for me two years ago because it was really cheap, and he thought it would be a good place to start and I could upgrade later. The thought was, at least it's an ATX with a P4, and my old Wintel system wasn't upgradeable to a P4 at all. Unfortunately, when I got it and opened it up, I found I couldn't add another HDD because there's no place for it! I was not aware of Dell's lockbox/proprietary policies before I got it. Needless to say, this is really annoying!

So, I've been putting a lot of effort lately into upgrading, modding, and doing all I can to negate the warranty! But I have a predicament right now, and that is, I've put myself in a place where I cannot just stop where I am. But I'm overbudget on my upgrades for this month, but I've ended up with a PC in a sort of a "transitional phase" and I need to know: what's the most important step to take next, if I can only do one thing?

My first step was to replace the graphics card and disable onboard graphics (and I... Read more

Answer:Dude, you're killing your Dell!

Update: This, and other pages led me to think the PSU is proprietary. But my mobo doesn't have that other 6-pin dealio that the older Dells had. It looks like a standard ATX PSU. And if you look at the specs for these knockoffs, you'll see it's 20-pin ATX. Does anyone know for sure? A new PSU would almost cost more than a mobo!
 

7 more replies
Relevance 43.87%

Hi, I have the same/similar problem as dude 1234. Firefox using 100% CPUI didnt want to steal his post so I made my own.I have doing a bit of research on different things for browsers, this amongst them. (Well I dont know that its the browser actually).Every now and then my computer seems to just grind away, fans rev to their limit, windows wont open and the whole system drags for ages then to a total stop.It seems as though it is a memory problem, but having read that post, I wondered if it was my browser? I have a Pentium 4 CPU 3.00 Ghz 1.5GB of RAM. My computer doesnt always play up like that but it has its moments.The easiest way to get past it is to close everything and then restart F/F, this does cure it but is really inconvenient if I have lots of windows open.Can I do anything to cure this phenomenon please?

Answer:Same as dude 1234 CPU Grinding away at 100%?

Well your computer is better than mine and, anyway, I have investigated and determined its not a processor or memory problem. Try using Opera browser and see if you think that eliminated the problem. I'd be interested to know."Browser" is the name of the software you use to download and display web material. Examples of browsers are:- Firefox, Internet Explorer, Opera, Chrome.In case you are not familiar with the term "software", it means a computer program. Computers have hardware (all the electronic bits), and software (all the instructions that are given to the hardware to make it do something useful). My apologies if I have over-simplified this, but it sounded like you needed to know.

2 more replies
Relevance 43.87%

http://graphics.tomshardware.com/gra...l#3d_mark_2005

man, the 6800Ultra lost against the X800XT??
seems the only way nvidia is keeping up is with SLI, which is not worth the cost...

scroll down to the second chart, ...ridiculous... the 6800GT killed the 6800Ultra, and all the x800's (except the Pro) beat the 6800Ultra.. man, ultra seems bad at high res and AA/AF

u sure these are correct??

Answer:WOW, dude, check out this benchmark!!

Doesn't look right to me. What till all the nvidia fans get in here.

9 more replies
Relevance 43.87%

http://video.yahoo.com/video/play?vid=dfc50c324a0695cfe48d7050a1dd9ccb.657909&fr=yvmtf&cache=1

he's back in video. oooooooooooohhhhhhhhhhhhhhh
 

Answer:remember the peter pan dude?

this is relevant how?
 

4 more replies
Relevance 43.87%

I'm new to using forums. Running Windows XP SP2Working on a friends Dell Dimension 5150. First it would not turn on, did some poking around and looked like the computer had been dropped. The ram had disconnected, fixed that Starting cleaning up the thing (history, viruses, malware all that fun stuff) When I went to reboot it, it seems XP was corrupted. The taskbar had reverted to what windows 2000 task bars looked like. Yet it was below the viewing space. No start button at all up able to drag the task bar to make it larger. Can't open IE. The only I can make the computer function is through Task Manager. Some areas of Concern I have is...When I boot the computer it informs me that the Floppy Drive is not found F1 to continue F2 to try again. After I get past the Floppy seek bios pops up with 3 options...1) Windows NT 6.X2) Windows NT 5.x3)GRUB4DOS (it defaults to this option, when I select 1 or 3 it tries to boot but doesn't.)Also at one point in the booting process I'm prompted with the text {{{{ " Urr! wee..."}}}} <<<<< Just like that. I've never heard of that.Thanks for taking the time to read this post. Any help is greatly appreciated, Brad

Answer:Dude I got a Dell Problem

Do you really need to multi boot on this system (Grub4dos) ?

2 more replies
Relevance 43.87%

Hello,

Here is my log....What should I delete? Thank you for your time!!!!!!!!
Logfile of HijackThis v1.97.7
Scan saved at 4:41:12 PM, on 9/2/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\WINDOWS\SM1BG.EXE
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\srjhtm.exe
C:\Program Files\Microsoft SQL Server\... Read more

Answer:Another Dude Needs HiJack Log Analyzed

15 more replies
Relevance 43.87%

hi other day used pc and the IE browser got infected, now it doesnt work, there are adverts all the time and cant search for anything without being redirected to other websites. Ive tried using superantispyware but wont scan completely as it restarts the pc, tried avg , norton an a few others and nothing. Here are the logs as follows.Deckard's System Scanner v20071014.68Run by steve on 2008-07-17 19:05:07Computer is in Normal Mode.---------------------------------------------------------------------------------- HijackThis (run as steve.exe) -----------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 19:05: VIRUS ALERT!, on 17/07/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0013)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABSVC.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:&#... Read more

Answer:Adware.vundo Variant/resident And Trojan.vundo-variant/small-gen

Hmm wondering if i posted this in the correct forum section

also if wondering why it say steve i am posting here on my clean comp, the dell is the infected one and belonged to my m8 called steve lol

11 more replies
Relevance 43.46%

Hey,

I have just downloaded a Guitar Pro 5 program using a torrent and I don't understand the install instructions supplied. There was a read me inside that said:

Install Notes:

1. Burn or Mount with PowerISO

2. Install it.

3. Use key below to register .

User ID: TEAMZWT

Serial: AEAAK-ANR60-AAAAZ

Now I know how to run an install and put in a serial cause that is simple but step one is like foreign language to me. Please help and I will forever be indebted to you.

Answer:Please help a dude out who is kinda computer illiterate

Also I should mention that the file that was downloaded has a odd extention, it is .daa

2 more replies
Relevance 43.46%

Hello,anyone out there can help me to configure my own LAN at my home.Let's me describe.I have a pc connected to Streamyx(my ISP) broadband.Basic 512K,static IP.
I'm using Windows XP.
I'm just bought a notebook and I wanna it connect to the Internet too while I'm online using my PC.Sound crazy,right..
Can you show me step by step as I'm tried there were error 619(invalid username/password).Forget about this error.Now,can you show me how to do with this?
---------------------------------------------------------------------------------------------------
NOTEBOOK(XP)
PC(XP also)
SWITCH(DLINK)
ADSL ROUTER(Billion supplied by TMnet)
STREAMYX account(BASIC 512k unlimited)
----------------------------------------------------------------------------------------------------
Please show me step by step..I'm glad if u can solved this problem..
 

More replies
Relevance 43.46%

Not sure about the name but from time time when i surf to a web page instead i see popup windows one of them is dude calc pro or something then he ask me if i want to keep showing the site or not with a checkbox i think.

And all i can do is to shut down the chrome from Task Manager and re open chrome.

Any ideas how to fix that ?

Answer:Anyone else have this dude calc pro virus in chrome ?

Chocolade,

Please see if you can find dude.exe and run it through VirusTotal:
VirusTotal - Free Online Virus, Malware and URL Scanner


Once at the website, press: Choose File

Navigate to dude.exe, and double click on it so the file name is populated, then click: Scan it!


IMPORTANT! If the file is listed as already analyzed, click on: Reanalyze file now


Once completed, highlight the information in the address bar and provide the link in your reply.

Note: If dude.exe is not a found, and it is dudexxx, or whatever file you think is associated with the issue, then, scan it instead.

2 more replies
Relevance 43.46%

Dude and or others, thanks in advance for your help with this. I've updated my configuration on this site.

I attached an image with most of the errors on the updates.

I'm also getting a flashing dark (not black, just darker than normal) screen on my machine. I can't find anything that may be causing this.

Ok, uploading the image didn't work.

Here's the first update that failed:

Update for Windows 7 for x64-based Systems (KB2661254)

Installation date: ‎2/‎11/‎2013 2:02 PM

Installation status: Failed

Error details: Code 80071A90

Update type: Important

Install this update to keep your system up to date by increasing the minimum level of encryption on Windows systems. After you install this item, you may have to restart your system.

Here's the most recent:

Update for Windows 7 for x64-based Systems (KB2739159)

Installation date: ‎2/‎14/‎2013 3:07 PM

Installation status: Failed

Error details: Code 80071A90

Update type: Recommended

Answer:Win Update Errors (attn Dude)

Could you please present the full version of your problem as it reads like a post in the middle of a thread rather than describing a problem from the top.

Also, who is Dude?

8 more replies
Relevance 43.46%

Hello there,

I am a new member in Tech Support Guy forum. I am looking forward for the solution regarding the problem occurred in my computer. Last day as soon as I turn on my computer it shown the DLL missing error. I tried to start in safe mode but it is working.Is this is because of virus? Can it be recovered? If is the way to recover from this?

Thanks
Martin
 

Answer:Solved: Any Suggestions To Fix My Computer Dude ?

9 more replies
Relevance 43.46%

I was trying to remote from my desktop at home to my work laptop. I changed the workgroup on my laptop to match my workgroup at home. But being that the laptop is a secured login its not accepting my password now, and just tells me "The system could not log you on. Make sure you User name and domain are correct, then type your password again." Ummm so that's special. I don't know any of the other admin account user names or passwords but I am able to see it on my network. I don't know if there's any way for me to fix the problem myself without having to confess my stupidity to the powers that be. If anyone has any helpful advice it would be much appreciated.

Answer:Dude I think I just bricked my work laptop

At the login screen press ctrl+alt+del (you may have to press it twice) and it should present you with the old style login. From there you should be able to choose the domain you are logging into.

If that does not work, you should probably contact your IT dept. and let them fix it.

1 more replies
Relevance 43.46%

Hello, im new in the forum, sorry for my english, im argentinian.. I would change my hdd stock Toshiba MK3261GSY SIZE: Width 69.85 mm (2.75 inch) - Depth 100 mm (3.94 inch) - Height  9.5 mm (0.37 inch) And this is instales with this (Or similarity the pic is a google example)  ------ I should buy something to install my SSD or nothing more? the ssd is smaller, no space left over?For example this: Dimensions: 69.8mm x 100.1mm x 7mm iM FOLLOW THIS TOPICTHANK YOU FOR YOUR ANSWERS





__________________________________________________Laptop: Lenovo Thinkpad T420 - Mod. 4236-GL3 || I5, 6gb, 320gb.









Solved!

Go to Solution.

Answer:[DUDE] Change my HDD stock for SSD T420

Welcome to the forum.
 
Yes you can replace the 9.5mm thick HDD with a 7mm thick SSD. The thinner SSD will fit OK inside the metal cage that now holds the HDD and the rubber rails will hold everything in place inside the ThinkPad. I have done this before without any problems.

2 more replies
Relevance 43.46%

hey im a new guy round here names hayan

if anyone can help me asahp ill be grateful

i got a new system with a intel dg33bu motherboard and an intel core 2 quad processor and 2 seagate sata 500 gb hard disks.

when i try to install xp 64 bit it says no hard disk drives detected on your... does anyone know how i can fix this

More replies
Relevance 43.46%

I had wrote a thread amonth ago under the title "Where is my disc space???". The suggestions were all helpful, but they were only about retrieving lost files and such. I've finally settled into the mind set that my treasures are gone, (photos, videos, music, ect ) but I thought that when you do a full system restore that it not only wipes out all the old stuff but also clears up or clears out space. I'm down to about a 150 to 175mb of space which leaves 0% of memory. I don't know where my space went or how to get it back. I have the minimum programs and such. I have nothing to throw out. Do I have to get back all of the old files to go through those and delete what I can? HELP! S.O.S. May day. May Day. Man Down.

Peace, Love and Anime
M.I.B.
 

Answer:Dude Where's My Disk Space part 2

"Memory" is built into the machine and stays the same. It has nothing to do with disk space.

If you are low on disk space, you need to find out what is using it and remove anything unneeded, or get a larger drive.

You can explore the space usage with:
Space Sniffer (Win 7/8 compatible)
TreeSize
Disk Space Fan
 

1 more replies
Relevance 43.46%

i have recently installed I.E.7 even upgraded it to I.E.7 optimised for yahoo but i dont know whr did my yahoo toolbar went...if that was not enough i reinstalled yahoo toolbar but again i aint spotting it...

my 3rd party browser extention is already check..even then i am unable to use anti-spy n all button of yahoo toolbar..infact the entire toolbar is missing....

does i.e 7 support yahoo toolbar at all?
 

Answer:whrs my yahoo toolbar dude!!

on the same line as where it says file,edit etc, you should be able to right click and see the toolbar you want and activate it
 

4 more replies
Relevance 43.46%

Hi. i am running windows xp pro sp2. my windows task manager has suddnely gone bonkers. all the tabs+drop down menus are gone. when i press clt+alt+delete all i get is the view which shows the proformence graph. this is how it appears now http://pg.photos.yahoo.com/ph/mahmadazfar/album?.dir=7b32
it has happened to me once before too. dont know wht caused it. any ideas how i could get ma whole task manager back !! ?
 

Answer:Dude.. wheres my Task Manager !

8 more replies
Relevance 43.05%

Hello There,

Greeting to all experts and senior member in this forum.I need any help to solve my issue.Is there any dude who can help me to fix my computer problem? While working the window suddenly restart. Is this is a virus attack? Should I format my computer or there is any other alternative for this?

Thanks In Advance

Answer:Fix My Computer Dude, Window Restart Without Warning

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/461036 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

2 more replies
Relevance 43.05%

We have a PC which we use for our SBS 2003 R2 Server. It's an entry level server with 3 PC connected to it.
Specs are Intel Core2Duo E8400, 4Gb DDR II Ram, 2x SATA 160Gb Hard Drive (Software Raid for OS), 2x 1Tb Hard Drive (Raid via Adaptec Adaptec 1220SA), 1x 1TB Hard Drive for nightly back up.

This PC is left on 24/7. However every 6-8 weeks, the data from the 2x 1TB Hard Drives disappears. We will go into MY COMPUTER, we can still see the RAIDed Volume. However when we open up the volume, there is no data on the volume. We have found that if we restart the server, the data is back. During the restart, i notice that the RAID controller card is reporting to me that the volume is OPTIMAL.

This morning, we had this happen for the 3rd time, and it's getting a little annoying with the little mirror heart attack that you get finding that your data has gone walkies.

We are using your Adaptec Utility to monintor the RAID. The RAID is set up as a RAID1 (or Drive Mirror).

Any advice on what could be going wrong and what steps me can take to resolve the issue.

Answer:DUDE! Where's My RAID Data? Adaptec AAR-1220SA

Have you checked device manager when the data on the volume isn't found? It could possibly be the RAID controller itself adn Windows would report that the device is failing when you can't find the files. Also does the card report that the volume is optimal everytime or only when it fails the previous time?

I would say start with a driver reinstall/update first and go from there. I'm assuming your software RAID running 2003 is 100&#37;?

1 more replies
Relevance 43.05%

Just last night I received a message from a friend with the caption 'WTF DUDE?' and a link. Dumbly I opened it and chrome auto downloaded 'Image.scr'. I don't remember exactly whether or not I executed it but shortly after I found that my steam account had messaged everyone in my friends list the same message. I quickly located the file and deleted it, and emptied my bin, cleared all my cookies and history on my browser, etc. I then boot up my PC in safe mode, look for any of the listed .scr infections posted of the steam forums but found none. I can't completely recall anything strange going on either after that. I then restarted and scanned my computer with Malwarebytes, Superantispyware, and Avast. Only Supersantispyware found three threats which were cookies. It took action and still I can't completely seem to know whether or not i'm infected with the virus. Now I am here on this forum without experience in anything related to viruses, so I have no clue what i'm searching for. I'm dying to know, again, whether or not i'm infected. 
 
- Edit -
 
Any help would be much appreciated. Thank you. 
 
Windows 8.1 
 
Toshiba Satellite P755D

Answer:Steam 'WTF DUDE?' .scr link - Have I been infected? Symptoms?

G'day Yamatsukami, and Welcome to BC
 
Read HERE...in Full
 
 
How to Watch Your Back so You Can Help Others Watch Theirs
Enable Steam Guard. Never disable it no matter what others say.
Use strong passwords with your Steam account. Never share it with anyone. Change it on a regular basis.
Make sure that the email tied to your Steam account has the two-factor authentication (2FA) feature enabled. Never share your password for it as well.
Familiarize yourself with terms related to Steam, such as SSFN, Steam Guard, and Steam Wallet, so that you know what they are, their purpose, and how they’re used.
Avoid clicking links sent over your way via Steam chat. If you can, take the time to verify them using free online tools at your disposal. Is the link shortened? Do what Joe did and use a site that reveals the true destination of the URL. Not familiar with the domain of the URL you received? Do a bit of research on it, or have a website scanner visit it first. VirusTotal and Sucuri Site Check are just some of the tools you can use for this.
In line with the point above, make sure to read correctly the Steam URL sent to you. The only acceptable ones should be store.steampowered.com and steamcommunity.com. This is very important, especially when you’re expected to log in to your account to do something with the page.
Resist the urge to add and accept every friend or group invite you receive. Having more Steam friends may be merrier, but being picky... Read more

8 more replies
Relevance 43.05%

Windows 7
x64 bit
Retail version
Hardware is all new except for the video card, which was functioning fine last week (never had a BSOD error before this new setup)
I have reinstalled the OS as off 11/1/2011 (after getting tons of blue screens, i installed a 2nd time)
CPU: AMD Phenom (tm) II X6 1035T Processor 2.60 GHz
Video Card: Radeon HD 5750
Motherboard: ASUS M5A97
PSU: Corsair GS600 (600w)

Homebuilt system.

I haven't updated the BIOS or any drivers past what I received on the motherboard install disk. The motherboard is new out of the box as is the RAM, CPU (and heat sync), and PSU.

I installed win 7 initially and after installing MB driver updates, etc..started to go through programs (flash, java, etc...) and began getting a lot of blue screens of various kinds. I narrowed it down I thought to a driver issue with my video card. Apparently the atikmdag.sys file that comes with catalyst screws up win 7 computers? I was careful not to install the video care drivers the 2nd install of 7 and I got no BSOD errors till I did. Having said that, all my errors seem to be unrelated to my video card, examples: "bad_pool_header" and "system_service_exception".. I'm a bit stuck. Also my desktop window manager has crashed a couple times.

Thanks for any help..

Answer:[SOLVED] BSOD - (out of date) tech. dude needs help

Hi -

There were 8 BSOD dump files, 1 was -0- bytes (indicates catastrophic, sudden hardware failure). The remaining 7 don't offer us much as they seem to point everywhere, but nowhere. ATI video, Networking (tcpip.sys), memory, security descriptors, etc...

I did find entries like this in Event Viewer -

Code:
{Registry Hive Recovered} Registry hive (file): '\??\Volume{625b9dda-049f-11e
1-8f9f-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd
42efe1-f6f1-427c-b004-033192c625a4}{D4EDFD4C-4000-48C8-82AD-52130B576BF0}'
was corrupted and it has been recovered. Some data might have been lost.
Registry hive corruption may be HDD failure.

Run HDD diags - start w/ 2nd link - SeaTools for DOS -
- http://www.carrona.org/hddiag.html
- http://www.techsupportforum.com/2828431-post7.html
- http://www.techspot.com/vb/topic7602.html

I also found 100s++ entries relating to "bad blocks" + CDROM. Any chance the DVD used to install Windows 7 is bad?

I saw -0- Windows Updates in the systeminfo file, yet the Event Logs show both success and failure for Windows Updates. WERCON shows 100s of Windows Updates failures. Please check Control Panel - are there any Windows Updates installed? I do know that Windows 7 SP1 is not installed.

I know you have 4x4 GB RAM; some bugchecks were memory related.

Run memtest86+ - http://www.techsupportforum.com/2863029-post5.html

Do you have 2 ATI Radeon HD 5700 Series video cards installed ... Read more

3 more replies
Relevance 43.05%

Last week I did a format and re-install of my main computer. I am currently using Outlook 2007 Beta.

I did the normal export to a PST file. However when I restored, the only thing that i can see it my Message Headers. I open up an email or reply to an email, the message body is no longer there.

I have also noticed that new email are being downloaded, but again, only the header is being visable. No message body.

Any one else have this problem?
Any way that I can get my old message bodies back?
More importantly, is there any way that i can get my new message bodies to show?

Answer:OUTLOOK 2007 BETA - DUDE! Where's My Emails!

have you tried your pst's on a different pc just to make sure they are no corrupted? You will need to use the original since they arent backwards compatiable...atleast they arent in the older versions

5 more replies
Relevance 43.05%

hi . i recently bought this new mother board by Asus, P5RD1-V. the problem is that when i try to install windows xp on my SATA HD, after the initial stage during which the setup copies all the drivers and then gives that option " to install windows XP press enter" plus one or two other options, when i press enter i get this massage that says " setup didnt find any hard drives installed on your system. check to see if any HD is installed .... " and then it goes on to say things like check your drive configuration or the drive health and things like that. all this when at the the bootup it does show the hard drive connected at SATA port 1. !! ? i run seagate diagnostic tool on it and it showes the drive as perfectly healthy. i dont know why is it doing it. the hard disk is spanking brand new. the same goes for the 120GB WD SATA. the interesting thing it has no issue with the good old IDE HD's. i connected my old maxtor IDE hard drive and the setup ran as smooth as it can get. i dont know why setup isent detecting the SATA HD. is it the board or is it somthing else. any ideas !
 

Answer:Solved: Dude wheres my Hard Drive !!

6 more replies
Relevance 42.64%

I ran an ESET scan and the scan found "a variant of Win32/AdInstaller" and "a variant of Win32/InstallIQ.A" below is what ESET said
C:\Users\Grace\Downloads\ac3filter_app_1200.exe    a variant of Win32/InstallIQ.A application
C:\Users\Grace\Downloads\CouponAlert.exe    a variant of Win32/AdInstaller application
 
From ESET, the location of these appear to be in the downloads folder, after finding them in the folder and clicking properties it appears both were created in 2011...so I do not know if they are causing problems/being malicious or what. Sometimes the computer runs slow, but I don't use it often enough to know. So I just wanted to get some feedback on what to do since I haven't been able to remove them since I started trying yesterday.
Here is the DDS log
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611  BrowserJavaVersion: 10.25.2
Run by Grace at 17:22:41 on 2013-07-09
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3838.2324 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.... Read more

Answer:A variant of win32/adinstaller and a variant of win32/installIQ.A were found

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Delete these two files in bold.C:\Users\Grace\Downloads\ac3filter_app_1200.exeC:\Users\Grace\Downloads\CouponAlert.exe===Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Delete tab follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).=== Please downloadJunkware Removal Tool to your Desktop.Please close your security software to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete, depending on your system's specifications.On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.Please post the contents of JRT.txt into your reply.===Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web ... Read more

6 more replies
Relevance 42.64%

14 pages of reading....but some may find it quite interesting
http://www.microsoft.com/downloads/...FamilyID=7a827fbd-c2a1-48bc-9e85-6b805d3e7e26
 

Answer:A good article by some Microsoft dude on Rogue malware

thanks for the post
 

2 more replies
Relevance 41.82%

Hello Gracious Folks,I have been struggling with some bad computer infections that my tools can't seem to remove. It is characterized by browser hijacks, redirects, ads for hoax anti-malware, etc. I offer my humble thanks in advance for the assistance.Here is my DDS.txt log:DDS (Ver_10-03-17.01) - NTFSx86 Run by Tony Oliva at 20:44:56.51 on Thu 04/01/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.767.515 [GMT -4:00]============== Running Processes ===============C:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost -k DcomLaunchC:\WINDOWS\system32\svchost -k rpcssC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\HPZipm12.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\svchost.exe -k imgsvcC:\WINDOWS\System32\alg.exeC:\WINDOWS\BCMSMMSG.exeC:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exeC:\Progra... Read more

Answer:Vundo/Variant-Nx and Variant-EC

Hi builderboy, and welcome to Bleeping Computer.Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Post the log from ComboFix when you've accomplished that.

19 more replies
Relevance 41.41%

Ok so I had to reinstall windows XP because my OS would not load and I got all the drivers reinstalled, diagnostic ran smooth and everything came up working ok etc but my device manager won't recognize anything! The compy says my audio mixers are not there, my USB devices are not working, hardware wizard is not responding, microsoft updates are not working, Dell's driver downloads are calling out for something that isn't there and I really really need this fixed ASAP so I can get to my external HD. So I tried putting an apple sticker on my Dell in hopes it would accept its new identity and start not sucking, but alas this did not work. If you help me fix this I'll seriously be your new best friend... I have apple stickers. ;-)
 

Answer:Solved: Dude! I don't get my Dell! No devices in device manager?! USB and sound don't work?!

14 more replies
Relevance 41%

Hi folks,
When windows 10 was first released I downloaded it and burned to DVD using the media creation tool from Microsoft.
As windows 10 has now had a major update, and I want to create a DVD with that update on it, without having to reinstall it later, as I have other partitions on my computer to update to 10 as well.
So my query is, does anyone know if I was to download windows 10 32 bit from Microsoft again (using the media creation tool from Microsoft) will it include the latest major update to 10?
Thanks for any help

Answer:Is windows 10 latest big update included in latest media creation tool

Microsoft has made available a download able iso for win 10 1511. If you don't see download link on win pc then try on some other device.. like an android phone or tablet. That's how I got it downloaded and had clean installed. Hope this helps.

EDIT link: Windows 10 ISO

31 more replies
Relevance 41%

Greetings!

I have Acer Aspire 5750G. My current BIOS version is 1.07. The latest version is 1.12.

There are a few versions in between. Should I do incremental updates and reach 1.12 or should I just go direct to 1.12?

Many Thanks!

Answer:BIOS - Incremental updates to latest vrsn or direct update to latest?

Bios updates are cumulative, so you only need the latest.

You also don't need to update the bios unless there is a fix in it/them that fixes an issue you may be having. For the most part updating the bios is as easy as updating a driver, only if a bios update goes wrong you can't roll back to the old and you basically end up with a nice paperweight.

2 more replies
Relevance 41%

Hi folks,
When windows 10 was first released I downloaded it and burned to DVD using the media creation tool from Microsoft.
As windows 10 has now had a major update, and I want to create a DVD with that update on it, without having to reinstall it later, as I have other partitions on my computer to update to 10 as well.
So my query is, does anyone know if I was to download windows 10 32 bit from Microsoft again (using the media creation tool from Microsoft) will it include the latest major update to 10?
Thanks for any help

Answer:Is windows 10 latest big update included in latest media creation tool

Microsoft has made available a download able iso for win 10 1511. If you don't see download link on win pc then try on some other device.. like an android phone or tablet. That's how I got it downloaded and had clean installed. Hope this helps.

EDIT link: Windows 10 ISO

31 more replies
Relevance 40.59%

I am trying to get this Yoga 14 up to date.  First, I was surprised that runs Windows 10 home vs. pro but that is what it is. However here is my question. The bios on the unit as shipped is 1.2 and is from the JFET43WW family. The latest bios listed is 1.3 from the R05ETxxW family (per the readme) and the filename is r05uj03ww.  Perhaps this is Lenovo's way, but all the prior bios history for that family is under JFETxxWW. Is this the right bios? The latest NIVIDA/Intel driver listed states that " *This driver can be only used on ThinkPad S3 Yoga 14 Broadwell(BIOS ID:JFETxxWW)". So.....can the latest video driver be used with the latest bios which per the readme (and filename) is NOT from the JFETxxWW family? Hopefully I am posting in the right place.  I have been underwhelmed with phone support where "hardware" support will only answer hardware questions and "software support" is "premium" and they want you to pay when this system is only a week old.  Not sure where else to go for answers.  Also have issues with expresscache as....well..they shipped it with windows 10 and with an SSD and no expresscache.  But that is another post.... Thanks, BJB  

Answer:Yoga 14 latest NVIDIA driver not compatible with latest 1.3 bios?

Exactly which ThinkPad Yoga 14 do you own please; 20DM, 20DN or 20FY? There are some different BIOS versions depending on which model you have and this may also have a bearing on other components.https://forums.lenovo.com/t5/ThinkPad-S-Series-ThinkPad-Yoga/Can-t-Update-BIOS-to-Version-1-3-Lenovo...

4 more replies
Relevance 38.13%
Question: Ice storm

No Power-help

I live in an area that just had an ice storm while we were away on vacation. My husband left the computer on while we were away. It worked fine when we left, but when we came home after the power had been turned off and then back on the computer will not do anything. I mean --no lights, no sounds, nothing. I checked the power cords, and it is plugged into a surge protector. I haven't opened it up (because I haven't had time-- triplets!) What should I do. Could the power have totally fried my computer?
 

Answer:Ice storm

Hi tripletmom, Welcome to TSG !!
Have you tried plugging the pc into another wall socket. Plug it in to another away from the one that the surge protector is plugged into. Be aware of any strange noices or smells. If you get any power down immediatly. Please be careful! The power surge when the power came back on could have fried something!! Try changing the power cord also.

I admire you and your husband , by the way! Triplets!!! Ill pray for you !! LOL

 

3 more replies
Relevance 38.13%
Question: IP Storm or?

I have a small forum and just this morning have a great increased user activity--up to 30 users --but when i check the stats there are no page views for those users--now my site is down and I suspect foul play.

What might have happened here

www.asia-expatsforum.com

by coincidense there is a new competitor in my space recently

any insight-- im at work now and cannot do any maintenace--site is down

More replies
Relevance 38.13%
Question: help after storm

My computer was switched on tonight during electric storm,when I went to use it i found the screen did not power up ! rebooted and power light came on PC and fan was running,cd+dvd drive lights came on when reset button pressed, but PC DEAD ! fitted old PC to monitor all ok.HELP me please

Answer:help after storm

CPU fryed

10 more replies
Relevance 37.72%

hey there !
avast keeps finding a Trojan named Win32:Agent-LTS [Trj] , and keeps saying no need to panic but I'm realy panicing lol coz it's not doing anything to prevent it . plz help me .. I read something about hijack logs or something but I need to know if i should do it or there is another way to solve this .. right now I'm doing an online scan using kaspersky maybe it will help ..
plz I realy need ur help ..

I uesd malwarebytes and now avast isn't detecting win32 agent-LTS I think .. but it's detecting something called "BV:malware-gen" ..
what I do now ?
 

Answer:how can I remove this dude "Win32:Agent-LTS [Trj]" ?? plz help :)

hey guys ..
could some one help me plz .. I've been waiting and I realy need ur help .
 

1 more replies
Relevance 37.72%

I have been having repeated/reoccurring infections of Adware. Vundo Variant, Adware.Vundo Variant / Small-A, Adware. eZula, Trojan. Downloader-NewJuan/VM, Trojan. Downloader-Gen/DDC., and Adware. Tracking Cookie. The infection originally started when trying to fix my son's computer which was infected mainly with a Trojan Vundo (can't remember exact name). I download fixes (programs) to my laptop computer and then transferred them to his computer since it was offline. I apparently downloaded/ran something that immediately infected my computer. Trojan Vundo was immediately picked up by McAfee, and supposedly removed.My laptop is protected by McAfee Security Center (always updated and running). I am using Windows XP (always updated). I use IE (always updated/latest version).I have used Ad-Aware 2007, Spybot S&D, SUPERAntiSpyware, and others I can't remember in attempts to remove. I have also used other Anti-virus programs, Advast!, etc. since I was told that different programs pick up different infections. I have also followed many links and suggestions from this and other sites to remove the problems. I have also used SmitFraudFix and RogueFix , which have picked up problems, which were then removed. I have run all the programs in both normal and safe mode.When I run the various programs, it will pick up the infections and I go through the process of removing them. The computer seems to work great w/o any problems until I get on the internet and then the popups, redire... Read more

Answer:Adware. Vundo Variant, Vundo Variant / Small-a, Ezula; Trojan. Downloader-newjuan/vm, Trojan. Downloader-gen/ddc, Adware. Track...

Hello there and welcome to BleepingComputer. My name is Charles and I will be dealing with your log today. Using My Computer, navigate to where you have HijackThis saved.Right-click on the HijackThis.exe file. Select "Rename", call it fluffybunny and press enter.Use fluffybunny.exe from now on.Please download VundoFix to your Desktop.Double-click VundoFix.exe to run it.Click the Scan for Vundo button.Once it's done scanning, click the Remove Vundo button.You will receive a prompt asking if you want to remove the files, click YESOnce you click yes, your desktop will go blank as it starts removing Vundo.When completed, it will prompt that it will reboot your computer, click OK.Please post the contents of C:\vundofix.txt in your next reply. Note: It is possible that VundoFix encountered a file it could not remove. VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.Please include VundoFix.txt and a new HijackThis log in your next reply.Thanks,Charles

10 more replies
Relevance 37.72%
Question: Storm of wars

Im playing storm of wars - sacred homeland. Hopefully this is the best strategy game of the world.
What do guys thinking about it?

More replies
Relevance 37.72%
Question: antispy storm

Oh my gosh, that is exactly what happened to me last night. I have never had problems until my step son went on my space about 2 weeks ago and I have been getting crap. Than last night I go this antispy storm and lots of trojan horses. I had Norton when I got my computer a year ago but stupidly never renewed, so I did last night and it ran a full scan and found 17 things, half og them trogans and spyware, got rid of them and said I am secure, but when I rebooted there was the claring message "unauthorized access from another computer and when I click on the little bar message the site for this ANTISPY STORM comes up. wants me to buy it. I don't understand how norton can say it is secure when this is happening. Anything you have would be appreicated. Please help.
 

More replies
Relevance 37.72%
Question: storm.worm

Been over to my mum-in-law's this weekend for my usual tweak, updating and scanning session and found 'Storm.Worm' located at pp.exe. Has anyone any knowledge of this thing as it sounds quite bad.Once I got home I received a message from her to say that while logging off she received a message to the effect 'Are you sure? there are other users logged on. I've since been reading that Storm.Worm can make your system a Zombie and I'm now rather worried.Is this a case for HJT? She's currently running AVG, Kerio and Counterspy. It was the Counterspy that picked it up on a scan. Checked AVG logs and there was an infected file noticed about mid-February but I'm not sure that she scanned it before downloaded.Any help gratefully accepted.

Answer:storm.worm

click hereI seems that this worm can carry a number of different payloads.A scan with SuperAntispyware (free version) click here would be a good idea.Posting a Hijack This log on the Malware Removal forums click here would also be a sensible step to get a more thorough analysis of what malware is actually running on the pc.

1 more replies
Relevance 37.72%
Question: antispy storm

We've been attacked by the Antispy Storm. McAfee doesn't catch/clean it, nor does Ad-aware. Please help.

hijack log follows...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:33:50 AM, on 9/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\nusrmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\1101084622\ee\AOLSoftware.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\... Read more

Answer:antispy storm

Hello rvchan and Welcome to TSF. You will be better served if you place your HJT Log in the HJT Log Help Forum. Please read this http://www.techsupportforum.com/secu...sting-log.html before going any further it will help the analyst better serve you.

1 more replies
Relevance 37.72%

A friend of mine called me last night. She is pretty behind in times, runs win98. We had a nasty storm the other night. Her system was off with a surge protector, BUT her modem quit working. Her system works fine other than now since the storm it cannot detect modem. I honestly don't think the storm did this since the system was off, unless it travelled through the line. Is that possible. she asked for any ideas on what it could be. Any suggestions?
 

Answer:How do I know if it is STORM related

AlwaysEnuff said:



A friend of mine called me last night. She is pretty behind in times, runs win98. We had a nasty storm the other night. Her system was off with a surge protector, BUT her modem quit working. Her system works fine other than now since the storm it cannot detect modem. I honestly don't think the storm did this since the system was off, unless it travelled through the line. Is that possible. she asked for any ideas on what it could be. Any suggestions?Click to expand...

While I can't say for certain what happened to your friend's modem, I can say that I have had similar problems quite a few times. After a bad electrical storm, modems seem to be inoperable... we've gone through a few modems in this way... tell me, does your friend have the phone line running through the surge protector?
 

2 more replies
Relevance 37.72%
Question: storm warning

Over north east kent at the moment. However nothing showing at click here .turning off puter now.

Answer:storm warning

ok

8 more replies