Computer Support Forum

PROBLEMS HJT log file inside

Question: PROBLEMS HJT log file inside

Major things happening the last few days. 1) insufferable amount of pop-ups (IE powered by Comcast) 2)over 100 shortcut messages (EXAMPLE: MORZE5.lnk refers to a location that is unavailable) at boot-up that have to be clicked through. I do see these on the HJT log and know you will know how to help. 3) Computer crashes, blue screen, white screen, you name it, several times a day.
What I did BEFORE I ran this log. I updated Adavare 6 and ran then deleted all it said, then ran spybot and that was all clear.
Here is the HJT log:Logfile of HijackThis v1.97.7
Scan saved at 10:49:36 AM, on 4/1/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\TREND PC-CILLIN 2000\PCCIOMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\TREND PC-CILLIN 2000\POP3TRAP.EXE
C:\WINDOWS\SYSTEM\HPZTSB01.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\TYPE32.EXE
C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSOEMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE
C:\WINDOWS\WBLCG0L5.EXE
C:\PROGRAM FILES\KODAK\KODAK EASYSHARE SOFTWARE\BIN\EASYSHARE.EXE
C:\PROGRAM FILES\PALM\HOTSYNC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MEMTURBO\MEMTURBO.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\PROGRAM FILES\SPYWAREGUARD\DLPROTECT.DLL
O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: PowerSearch - {4E7BD74F-2B8D-469E-A0E4-EA6FA787AD2D} - C:\PROGRA~1\POWERS~1\TOOLBAR\PWRSCUZ2.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [PCCIOMON.EXE] "C:\Program Files\Trend PC-cillin 2000\PCCIOMON.EXE"
O4 - HKLM\..\Run: [pop3trap.exe] "C:\Program Files\Trend PC-cillin 2000\pop3trap.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb01.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\BAR\1.BIN\MWSOEMON.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [ctst] C:\WINDOWS\ctst.exe
O4 - HKLM\..\Run: [WBLCG0L5.EXE] C:\WINDOWS\WBLCG0L5.EXE /dk
O4 - HKLM\..\RunServices: [PCCIOMON.EXE] "C:\Program Files\Trend PC-cillin 2000\PCCIOMON.EXE"
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE"
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [WBLCG0L5.EXE] C:\WINDOWS\WBLCG0L5.EXE /dk
O4 - Startup: MORZE5.lnk = C:\WINDOWS\morze5.exe
O4 - Startup: YTEJ0D4O.lnk = C:\WINDOWS\ytej0d4o.exe
O4 - Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\hotsync.exe
O4 - Startup: A56LPGI0.lnk = C:\WINDOWS\a56lpgi0.exe
O4 - Startup: 89KZ6A6H.lnk = C:\WINDOWS\89kz6a6h.exe
O4 - Startup: RX22PUNR.lnk = C:\WINDOWS\rx22punr.exe
O4 - Startup: OKIW1Q96.lnk = C:\WINDOWS\okiw1q96.exe
O4 - Startup: 69EDPU44.lnk = C:\WINDOWS\69edpu44.exe
O4 - Startup: NQ94817E.lnk = C:\WINDOWS\nq94817e.exe
O4 - Startup: U8BVU0ZI.lnk = C:\WINDOWS\u8bvu0zi.exe
O4 - Startup: 50R350W2.lnk = C:\WINDOWS\50r350w2.exe
O4 - Startup: O6L6A5KK.lnk = C:\WINDOWS\o6l6a5kk.exe
O4 - Startup: ZM40H23N.lnk = C:\WINDOWS\zm40h23n.exe
O4 - Startup: UV1WQL95.lnk = C:\WINDOWS\uv1wql95.exe
O4 - Startup: ZDWZBB0P.lnk = C:\WINDOWS\zdwzbb0p.exe
O4 - Startup: VU5F2DG8.lnk = C:\WINDOWS\vu5f2dg8.exe
O4 - Startup: KJ053GFM.lnk = C:\WINDOWS\kj053gfm.exe
O4 - Startup: M7R61LDR.lnk = C:\WINDOWS\m7r61ldr.exe
O4 - Startup: 00FWKFRZ.lnk = C:\WINDOWS\00fwkfrz.exe
O4 - Startup: O66BP1WP.lnk = C:\WINDOWS\o66bp1wp.exe
O4 - Startup: 67TJEBUM.lnk = C:\WINDOWS\67tjebum.exe
O4 - Startup: MXFV6LF1.lnk = C:\WINDOWS\mxfv6lf1.exe
O4 - Startup: NXI65K20.lnk = C:\WINDOWS\nxi65k20.exe
O4 - Startup: L07881TL.lnk = C:\WINDOWS\l07881tl.exe
O4 - Startup: 00UD5LUN.lnk = C:\WINDOWS\00ud5lun.exe
O4 - Startup: EPBFN492.lnk = C:\WINDOWS\epbfn492.exe
O4 - Startup: 24811TTQ.lnk = C:\WINDOWS\24811ttq.exe
O4 - Startup: VONB17ZH.lnk = C:\WINDOWS\vonb17zh.exe
O4 - Startup: BHYQC0QJ.lnk = C:\WINDOWS\bhyqc0qj.exe
O4 - Startup: L5WU0HDQ.lnk = C:\WINDOWS\l5wu0hdq.exe
O4 - Startup: CL59OOWD.lnk = C:\WINDOWS\cl59oowd.exe
O4 - Startup: YYE44QWZ.lnk = C:\WINDOWS\yye44qwz.exe
O4 - Startup: 4L3T26H7.lnk = C:\WINDOWS\4l3t26h7.exe
O4 - Startup: MemTurbo.lnk = C:\Program Files\MemTurbo\MemTurbo.exe
O4 - Startup: ON2YB1AJ.lnk = C:\WINDOWS\on2yb1aj.exe
O4 - Startup: DHOBPG09.lnk = C:\WINDOWS\dhobpg09.exe
O4 - Startup: MWIWCGTQ.lnk = C:\WINDOWS\mwiwcgtq.exe
O4 - Startup: POZCOHE0.lnk = C:\WINDOWS\pozcohe0.exe
O4 - Startup: 8EP74B0A.lnk = C:\WINDOWS\8ep74b0a.exe
O4 - Startup: GDZLOVIJ.lnk = C:\WINDOWS\gdzlovij.exe
O4 - Startup: EO5NN8YO.lnk = C:\WINDOWS\eo5nn8yo.exe
O4 - Startup: 8E1V0ERW.lnk = C:\WINDOWS\8e1v0erw.exe
O4 - Startup: B0Z3JNCY.lnk = C:\WINDOWS\b0z3jncy.exe
O4 - Startup: B773K0CX.lnk = C:\WINDOWS\b773k0cx.exe
O4 - Startup: 0X37CUXI.lnk = C:\WINDOWS\0x37cuxi.exe
O4 - Startup: W2U3DKP6.lnk = C:\WINDOWS\w2u3dkp6.exe
O4 - Startup: TF0T7Q8R.lnk = C:\WINDOWS\tf0t7q8r.exe
O4 - Startup: 2AM2UER1.lnk = C:\WINDOWS\2am2uer1.exe
O4 - Startup: 4Z4ULQLY.lnk = C:\WINDOWS\4z4ulqly.exe
O4 - Startup: VFQH1P96.lnk = C:\WINDOWS\vfqh1p96.exe
O4 - Startup: 0QKT2D8R.lnk = C:\WINDOWS\0qkt2d8r.exe
O4 - Startup: 932E0HMU.lnk = C:\WINDOWS\932e0hmu.exe
O4 - Startup: Q5R3H8WA.lnk = C:\WINDOWS\q5r3h8wa.exe
O4 - Startup: 006CMV5B.lnk = C:\WINDOWS\006cmv5b.exe
O4 - Startup: CQ40J681.lnk = C:\WINDOWS\cq40j681.exe
O4 - Startup: ODAN0Z6P.lnk = C:\WINDOWS\odan0z6p.exe
O4 - Startup: VRYHE9O4.lnk = C:\WINDOWS\vryhe9o4.exe
O4 - Startup: Z55FQNM0.lnk = C:\WINDOWS\z55fqnm0.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: 1YTEONDA.lnk = C:\WINDOWS\1yteonda.exe
O4 - Startup: LHHVJ9ZQ.lnk = C:\WINDOWS\lhhvj9zq.exe
O4 - Startup: 4WERVRG9.lnk = C:\WINDOWS\4wervrg9.exe
O4 - Startup: 952CWW1T.lnk = C:\WINDOWS\952cww1t.exe
O4 - Startup: CTEGR1K3.lnk = C:\WINDOWS\ctegr1k3.exe
O4 - Startup: UTL36T0R.lnk = C:\WINDOWS\utl36t0r.exe
O4 - Startup: CLRO9KQ1.lnk = C:\WINDOWS\clro9kq1.exe
O4 - Startup: X9RQI8PZ.lnk = C:\WINDOWS\x9rqi8pz.exe
O4 - Startup: WBLCG0L5.lnk = C:\WINDOWS\wblcg0l5.exe
O4 - Global Startup: MORZE5.lnk = C:\WINDOWS\morze5.exe
O4 - Global Startup: YTEJ0D4O.lnk = C:\WINDOWS\ytej0d4o.exe
O4 - Global Startup: A56LPGI0.lnk = C:\WINDOWS\a56lpgi0.exe
O4 - Global Startup: 89KZ6A6H.lnk = C:\WINDOWS\89kz6a6h.exe
O4 - Global Startup: RX22PUNR.lnk = C:\WINDOWS\rx22punr.exe
O4 - Global Startup: OKIW1Q96.lnk = C:\WINDOWS\okiw1q96.exe
O4 - Global Startup: 69EDPU44.lnk = C:\WINDOWS\69edpu44.exe
O4 - Global Startup: NQ94817E.lnk = C:\WINDOWS\nq94817e.exe
O4 - Global Startup: U8BVU0ZI.lnk = C:\WINDOWS\u8bvu0zi.exe
O4 - Global Startup: 50R350W2.lnk = C:\WINDOWS\50r350w2.exe
O4 - Global Startup: O6L6A5KK.lnk = C:\WINDOWS\o6l6a5kk.exe
O4 - Global Startup: ZM40H23N.lnk = C:\WINDOWS\zm40h23n.exe
O4 - Global Startup: UV1WQL95.lnk = C:\WINDOWS\uv1wql95.exe
O4 - Global Startup: ZDWZBB0P.lnk = C:\WINDOWS\zdwzbb0p.exe
O4 - Global Startup: VU5F2DG8.lnk = C:\WINDOWS\vu5f2dg8.exe
O4 - Global Startup: KJ053GFM.lnk = C:\WINDOWS\kj053gfm.exe
O4 - Global Startup: M7R61LDR.lnk = C:\WINDOWS\m7r61ldr.exe
O4 - Global Startup: 00FWKFRZ.lnk = C:\WINDOWS\00fwkfrz.exe
O4 - Global Startup: O66BP1WP.lnk = C:\WINDOWS\o66bp1wp.exe
O4 - Global Startup: 67TJEBUM.lnk = C:\WINDOWS\67tjebum.exe
O4 - Global Startup: MXFV6LF1.lnk = C:\WINDOWS\mxfv6lf1.exe
O4 - Global Startup: NXI65K20.lnk = C:\WINDOWS\nxi65k20.exe
O4 - Global Startup: L07881TL.lnk = C:\WINDOWS\l07881tl.exe
O4 - Global Startup: 00UD5LUN.lnk = C:\WINDOWS\00ud5lun.exe
O4 - Global Startup: EPBFN492.lnk = C:\WINDOWS\epbfn492.exe
O4 - Global Startup: 24811TTQ.lnk = C:\WINDOWS\24811ttq.exe
O4 - Global Startup: VONB17ZH.lnk = C:\WINDOWS\vonb17zh.exe
O4 - Global Startup: BHYQC0QJ.lnk = C:\WINDOWS\bhyqc0qj.exe
O4 - Global Startup: L5WU0HDQ.lnk = C:\WINDOWS\l5wu0hdq.exe
O4 - Global Startup: CL59OOWD.lnk = C:\WINDOWS\cl59oowd.exe
O4 - Global Startup: YYE44QWZ.lnk = C:\WINDOWS\yye44qwz.exe
O4 - Global Startup: 4L3T26H7.lnk = C:\WINDOWS\4l3t26h7.exe
O4 - Global Startup: ON2YB1AJ.lnk = C:\WINDOWS\on2yb1aj.exe
O4 - Global Startup: DHOBPG09.lnk = C:\WINDOWS\dhobpg09.exe
O4 - Global Startup: MWIWCGTQ.lnk = C:\WINDOWS\mwiwcgtq.exe
O4 - Global Startup: POZCOHE0.lnk = C:\WINDOWS\pozcohe0.exe
O4 - Global Startup: 8EP74B0A.lnk = C:\WINDOWS\8ep74b0a.exe
O4 - Global Startup: EO5NN8YO.lnk = C:\WINDOWS\eo5nn8yo.exe
O4 - Global Startup: GDZLOVIJ.lnk = C:\WINDOWS\gdzlovij.exe
O4 - Global Startup: 8E1V0ERW.lnk = C:\WINDOWS\8e1v0erw.exe
O4 - Global Startup: B0Z3JNCY.lnk = C:\WINDOWS\b0z3jncy.exe
O4 - Global Startup: B773K0CX.lnk = C:\WINDOWS\b773k0cx.exe
O4 - Global Startup: 0X37CUXI.lnk = C:\WINDOWS\0x37cuxi.exe
O4 - Global Startup: W2U3DKP6.lnk = C:\WINDOWS\w2u3dkp6.exe
O4 - Global Startup: TF0T7Q8R.lnk = C:\WINDOWS\tf0t7q8r.exe
O4 - Global Startup: 2AM2UER1.lnk = C:\WINDOWS\2am2uer1.exe
O4 - Global Startup: 4Z4ULQLY.lnk = C:\WINDOWS\4z4ulqly.exe
O4 - Global Startup: VFQH1P96.lnk = C:\WINDOWS\vfqh1p96.exe
O4 - Global Startup: 0QKT2D8R.lnk = C:\WINDOWS\0qkt2d8r.exe
O4 - Global Startup: 932E0HMU.lnk = C:\WINDOWS\932e0hmu.exe
O4 - Global Startup: Q5R3H8WA.lnk = C:\WINDOWS\q5r3h8wa.exe
O4 - Global Startup: 006CMV5B.lnk = C:\WINDOWS\006cmv5b.exe
O4 - Global Startup: CQ40J681.lnk = C:\WINDOWS\cq40j681.exe
O4 - Global Startup: ODAN0Z6P.lnk = C:\WINDOWS\odan0z6p.exe
O4 - Global Startup: VRYHE9O4.lnk = C:\WINDOWS\vryhe9o4.exe
O4 - Global Startup: Z55FQNM0.lnk = C:\WINDOWS\z55fqnm0.exe
O4 - Global Startup: 1YTEONDA.lnk = C:\WINDOWS\1yteonda.exe
O4 - Global Startup: LHHVJ9ZQ.lnk = C:\WINDOWS\lhhvj9zq.exe
O4 - Global Startup: 4WERVRG9.lnk = C:\WINDOWS\4wervrg9.exe
O4 - Global Startup: 952CWW1T.lnk = C:\WINDOWS\952cww1t.exe
O4 - Global Startup: CTEGR1K3.lnk = C:\WINDOWS\ctegr1k3.exe
O4 - Global Startup: UTL36T0R.lnk = C:\WINDOWS\utl36t0r.exe
O4 - Global Startup: CLRO9KQ1.lnk = C:\WINDOWS\clro9kq1.exe
O4 - Global Startup: X9RQI8PZ.lnk = C:\WINDOWS\x9rqi8pz.exe
O4 - Global Startup: WBLCG0L5.lnk = C:\WINDOWS\wblcg0l5.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Fill Forms &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Save Forms &[ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Customize Menu &4 - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: RoboForm (HKLM)
O9 - Extra 'Tools' menuitem: RF Toolbar &2 (HKLM)
O9 - Extra button: Fill Forms (HKLM)
O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM)
O9 - Extra button: Save (HKLM)
O9 - Extra 'Tools' menuitem: Save Forms &[ (HKLM)
O12 - Plugin for .mts: C:\Program Files\MetaCreations\MetaStream\npmetastream.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37981.6512152778
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://66.48.68.135/save/makeover.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.6.cab
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.joycevedral.com/CFIDE/classes/CFJava.cab
O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} (WMService Class) - http://download.overpro.com/WildApp.cab
O16 - DPF: {E04EAE82-14AD-41CB-BF5A-45556ABB8347} (WebCoachDownload Class) - http://esupport.aol.com/help/engine/aolcinst.cab

Relevance 100%
Preferred Solution: PROBLEMS HJT log file inside

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: PROBLEMS HJT log file inside

16 more replies
Relevance 56.99%

Hello, We have gone to the website
http://www.salonrenovationmaisonneuve.com/en/exposants
and download the file to open Inside of IE. Once the file is open, none of the links either e-mail or web site works. However, if we open the same file Inside of Google Chrome, the links work. So, we want to know if we are missing something in IE or a plugin.
The PDF file opens with no problem but the links are not enabled. The file works in an Apple Machine and Google Chrome. However, if we download the file physically inside of the computer and then open the file with Adobe Reader, the links all work! Any ideas
how to solve this issue? Thanks Miguel Moreno

Miguel A. Moreno Alfa Logos inc. Tel. 514-253-2548

Answer:UNABLE TO OPEN AN HYPERLINK INSIDE OF A WEB PDF FILE OPENED INSIDE OF IE 11

Internet Options>Security tab, click "Reset all zones to default" (there's a setting for scripting of ActiveX controls)
Start>Adobe Reader>Edit Preferences>there are setting for how embedded links are handled.
Chromium uses its own pdf reader plugin.Rob^_^

3 more replies
Relevance 46.33%

I have a jar file that contains a Java class and a txt file. My program can read from the txt file (using URL) but does anyone know how I can write to the txt file? I need it to overwrite what is already in there each time. Thanks
 

More replies
Relevance 46.33%

My question is a security question.
If someone has a file on his/her computer that contains personal/secure information, for example a text file that contains passwords and account numbers, or an audio recording of a conversation where account numbers and passwords were spoken out loud...  Is it possible for fragments of the secure file to end up getting stuck inside of another file or group of files on the same pc...making it possible for someone to reconstruct the secure file from the fragmented pieces and/or view its original contents?  Or could it be possible even for the entire secure file to somehow end up inside of another larger file on the same computer...making it easy for someone to view the secure information....(by the way I only used a text file or an audio file as an example...it could be any file containing secure data)...My simplified concern is this...If you have a file that contains information that you want to keep secure...is there anyway that pieces of this file, if not the whole file it self, could end up inside of another file or a group of files on the same computer that the file containing the secure information was created on?...thus making it a security risk to even share mp3s on a computer that ever had any secure information on it...since maybe there'd be a change ur credit card numbers and passwords might somehow end up in one of those mp3s that ur sharing in a peer to peer file sharing program online.....or do things not work like tha... Read more

Answer:Can a File somehow end up inside of another file/files

It all depends on the program you are using to access the files. For example, Windows (starting from XP) creates a hidden file thumbs.db that contains thumbnails of all the images inside a folder. If you delete the original pictures through some other program or command line, and do not open the folder in Windows Explorer, this file still stays there. If you share the folder, this file gets shared too. Your information gets leaked.
 
If you use a computer for banking online or shopping online (any kind of financial transaction), then do not ever use that computer for P2P file sharing.

1 more replies
Relevance 45.92%

i dont know if anything is wrong with my PC but some weird stuff is happening like cable modem starting to run very slow when watching video. also, could someone tell me if i have 2 antivirus programs running at the same time. thanks all

Logfile of HijackThis v1.99.1
Scan saved at 5:35:16 PM, on 4/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\PROGRA~1\AMERIC~1.0A\waol.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\AMERIC~1.0A\shellmon.exe
C:\Program Files\Viewpoi... Read more

More replies
Relevance 45.92%

I have received an mail that has a RAR attachment. The contents of the email are such that it can only have been written by someone who knows me, i.e. its not been generated automatically and the suggested contents could be useful to me. Unfortunately my reply to him bounced as his email company saw me as spam. Is there any way I can view the contents of a RAR file without actually opening it and possibly exposing my PC to some sort of nasty surprise?

Answer:Looking inside a RAR file

I wouldn't risk it.
"Unfortunately my reply to him bounced as his email company saw me as spam"
So is this someone you normally have no problem emailing? Seems funny if suddenly your emails are seen as spam. Have you tried sending a plain text email with no attachements to him?
This info might be help you decide about opening it click here

6 more replies
Relevance 45.92%

Just a quick question, is there an application to sort through the contents of an .exe file? And will it just display coded gibberish? What sort of language are .exe files written in? Is is possible to edit .exe files? Sorry, questions, questions....Thanks ;)

Answer:How can I look 'inside' an .exe file??

I would think open with notepad or editor.

5 more replies
Relevance 45.51%

I was referred to start posting on this forum with my logs. I'm not quite sure what's wrong, but I'll assume one of you wonderful people will.if you need any background information it's all included here: http://www.bleepingcomputer.com/forums/t/263302/not-able-to-run-hjt-or-any-anti-virus/and I'm not able to get DDS or HiJackThis to run at the moment, I can't download from this computer (it disappears.) and my fiance' isn't here to download from his.here are the logs from the other forum.From a comand prompt:Volume in drive C is COMPAQVolume Serial Number is 70BB-FF3BDirectory of C:\Windows\ERDNT\cache04/11/2009 02:28 AM 177,152 scecli.dllDirectory of C:\Windows\ERDNT\cache04/11/2009 02:28 AM 592,896 netlogon.dll2 File(s) 770,048 bytesDirectory of C:\Windows\System3204/11/2009 02:28 AM 177,152 scecli.dllDirectory of C:\Windows\System3204/11/2009 02:28 AM 592,896 netlogon.dll2 File(s) 770,048 bytesDirectory of C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e11/02/2006 05:46 AM 176,640 scecli.dll1 File(s) 176,640 bytesDirectory of C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f1201/19/2008 03:36 AM 177,152 scecli.dll1 File(s) 177,152 bytesDirectory of C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e04/11/2009 02:28 AM 177,152 scecli.dll1 File(s) 177,152 bytesDirectory of C:\Win... Read more

Answer:Peek.bat file inside

Hi My name is Extremeboy (or EB for short), and I will be helping you with your log.We apologize for the delay of response. If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a RootRepeal log and a description of any remaining problems or symptoms you may still have please.If for any reason you did not post a DDS log or RootRepeal log please refer to this page and in step #6 and Step #7 for further instructions on downloading and running DDS & RootRepeal. If you have any problems just let me know in your next reply or simply post a Hijackthis log.For your next reply I would like to see:-The DDS logs---DDS.txt and Attach logs-RootRepeal logs-Description of any remaining problems you may still have.Thanks again and we apologize for the delay.With Regards,Extremeboy

3 more replies
Relevance 45.51%

Hi i am using windows vista ultimate 32 bit and yesterday my computer went incredibly slow for seemingly no reason so i opened task manager and saw that my CPU usage was at 100%,after looking through the list of processes to see what was being such a resource wh0re, i couldn't see any processes that were using alot of cpu power so i downloaded "Process Explorer" and found that my problem was something called "Hardware Interrupts" which was (and still is) using 88-100% of my cpu how can i fix this problem? PLEASE help as i am completely stumped by this one.oh,and by the way,the 100% cpu usage is constant from the minute my PC is turned on,even with no apps running it stays at a constant 100%.

Thanks,
Tom

Here is my log file:
Deckard's System Scanner v20070328.36
Run by Tom on 2007-04-07 at 21:57:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
12: 2007-04-06 20:49:00 UTC - RP59 - Installed DriverMagic
11: 2007-04-06 14:00:46 UTC - RP58 - Installed Driver Detective
10: 2007-04-06 10:00:24 UTC - RP56 - Restore Operation
9: 2007-04-06 08:51:57 UTC - RP55 - Windows Update
8: 2007-04-05 23:19:12 UTC - RP54 - Restore Operation


-- First Restore Point --
1: 2007-04-04 09:51:03 UTC - RP47 - Removed Autodesk DWF Viewer 7


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Tom.exe) ------------------------------------... Read more

More replies
Relevance 45.51%

Hi,

I am setting up a backup system for my pc, backsup to a remote machine via ftp. The files to backup will be compressed into a zip file and then backed up to the remote machine. My question is, if my pc gets infected with a virus and those files backed up to the remote machine, will the virus infect the remote machine as well ? (if the files are not unzipped on the remote machine & both machines running on windows Xp pro). Appreciate any help or suggestions in this.

Regards
Sudhi

Answer:Virus inside a rar or zip file

No, malware inside a ZIP or RAR file can't infect a machine, unless you extract the malware (and execute it).

So in your case, the simple fact of storing a ZIP backup on a remote machine will not infect that remote machine.

That's why malware researchers share malware samples in password-protected ZIP files.

2 more replies
Relevance 45.51%

We are supporting business offices systems running Windows 7 SP1 in 64 bit. System RAM is 16GB and HD is 200GB.
In one of the partition (Drive F), a folder appeared (Aug 19, 2015), the folder name is 973d3e99d0b18144c2ffb4c55570d78a (we can change it to junk or some such). Inside it has a cabinet file called SFX.CAB created same date and file size is 0.
Can you please tell me what this is? and should we remove it?
Thank you

More replies
Relevance 45.51%

Logfile of HijackThis v1.99.1
Scan saved at 12:01:59 PM, on 5/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer.exe
C:\WINDOWS\CDProxyServ.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\ItBill\itbill.exe
F:\New Programs\ITunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
F:\New Programs\iPod\bin\iPodService.exe
F:\New Programs\ITunes\iTunes.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\owner\Desktop\Misc\Hi Jack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://awesomestart.com/killola/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.r4.attbi.com:8000
R1 - HKCU\Softwa... Read more

Answer:MOVIELAND!!! Please help... log file inside

8 more replies
Relevance 45.1%

Guys im in serious need of help no idea whats wrong with my computer any help would be helpful can anyone check my htj file? tell me what they think i got a 3meg connection and it takes me 10 minutes to open up a site i used showtraffic program and its sending loads of spam mail out i cant stop it.

Logfile of HijackThis v1.99.1
Scan saved at 10:39:00 PM, on 7/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\home\LOCALS~1\Temp\Rar$EX00.360\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&... Read more

Answer:computer using all my bandwidth htj file inside

will someone please help?
 

1 more replies
Relevance 45.1%

I got caught this morning. Hungover, tired, and just plain dumb.

"A friend" sent me a file. Supposedly some great an amazing pics of her new baby. On offer was a .zip file which I downloaded. Within there was a "picture" only it was xxx.jpg.xxx.com, so in fact it was really a .com file.

I ran this file (yes, I am dumb), and now my MSN sends out endless requests to other people to download these files from me which will infect them.

Perhaps my saving grace is that I use WinPatrol. When I ran this it detected changes to my registry startup areas which I told it to remove. Once I had rebooted I am no longer sending out nasty messages (so far, its hard to say exactly how often the messages are sent). However, the virus files are still on my machine in an unknown location.

I do still have the original infected file that I was sent which can be made available for analysis.

I am running XP Pro SP2, and use Eset NOD32 V3 with most recent updates. The bug went straight through this like a knife through butter. I have updated and recanned my machine both locally, and with Eset's online scanner. Nothing found. Eset misses the install files for the virus, and also the running virus (my friend's machine is still actively spamming the virus files out).

Hijack log as follows:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:02:39, on 08/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode:... Read more

Answer:MSN Hijacked by .com file wrapped up inside .zip

8 more replies
Relevance 45.1%

https://drive.google.com/open?id=1BJhjrNSaa6rIpQW1d4R_7aFvTuC0Czqx

google file of the .dmp, just started happening 2 days ago after an update so i'm assuming it's software related, doesn't happen constantly, sometimes i can go hours without blue screening, get a DPC watchdog violation when i let it error report

The bugcheck was: 0x00000133 (0x0000000000000001, 0x0000000000001e00, 0x0000000000000000, 0x0000000000000000). 

More replies
Relevance 45.1%

Hello .
I cant access my system volume information file on my hard drive. Spyware doctor has located a trojan there and blocked it on several occasions but I cant access the file to delete it. It says that access is denied. What do I do.
thanks

Answer:Help, cant access file with trojan inside

If you can boot into Safe Mode try deleting the file there. Safe Mode has a limited amount of applications running which makes it ideal for purposes like this.

I've asked that a Moderator move this topic to the Am I Infected forum where there are those that are more knowledgeable about these problems.

5 more replies
Relevance 45.1%

are keyloggers part of a program or can they be tiny like viruses. also can i keylogger or a threat be in a .dll file

Answer:Can a keylogger be inside of a file smaller then 3mb?

Well - designed keylogger can fit in few hundreds of bytes. And of course dll can host it.

2 more replies
Relevance 45.1%

I have a fairly large Fortran 77/90 & C program, compiled using Compaq Visual Fortran 6 & Microsoft Visual C++ 6 under Win XP.  On a particular test case it generally executes ok when invoked outside a batch file, but always fails when invoked from a particular batch file.  It stops on a Fortran 90 Allocate statement, but does not return the STAT result coded into that statement.  Seems to relate more to how much storage has been allocated rather than to the particular array being allocated, because I can reorder the allocation of different arrays and the stop does not occur on the same array.Although this is a large body of code, the test case is small and should not be requiring a large amount of allocated storage.I have tryed cutting the batch file down to just the statements that occur before invoking the EXE file (which are SET /P, ECHO, COPY, DEL, IF EXIST), then running the truncated batch file, then executing the EXE outside the batch file.  The EXE also fails in that usage.Any ideas on what I should be looking for to fix this?

More replies
Relevance 45.1%

i dont know y but from last few days i m getting this thing whenever i open my MY COMPUTER icon ..........even on some other folders i do get the same thing but after custominzing the folder it works fine below is the screen capture



can any one tell me how to remove this thing

Answer:How do i remove this (Hijack This Log file inside)

We'll require a HijackThis log from you.

But before you post your log at the HijackThis Log Help forum, please read through the sticky first.

16 more replies
Relevance 45.1%

Without using any Nero or file burning software, can Windows XP itself supports simple file copying to disc. Not that I know of, but i have a user who can do these.

1. select a file, right click and press SEND TO the burner
2. simply copy and paste the file to the burner
3. reopen a file on a disc, edit it, and then can save it back onto the disc.

Strange, anyone welcome to comment. Thanks.
 

Answer:File burning inside Windows XP only

10 more replies
Relevance 45.1%

So I downloaded some program off of Limewire and now everything is messed up. When you try to open internet explorer its very slow. It goes to the homepage and then a bunch of pop ups come. I also get error messages such as microsoft C++ buffer underrun error. The popups are like this...http://www.interracialsingles.net/in...D1909&opt=6943 or CID Popups and others. also my desktop background is just the white error that says restore to active desktop I click it and get another error message. How do i fix all this. Am i gonna use Hijackthis and Combofix?Logfile of Trend Micro HijackThis v2.0.2Scan saved at 08:52, on 2008-02-04Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16574)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService... Read more

Answer:Bunch Of Different Virus's Hjt File Inside

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download ComboFix and save it to your desktop.Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.Double click combofix.exe and follow the prompts.When it's done running it will produce a log for you. Please post that log in your next reply.Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

19 more replies
Relevance 45.1%

I picked up some spyware. The communicator toolbar and also I have a lot of text double underlined and hyperlinked while browsing the internet.

Thanks,
TimS

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 8/4/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
c:\Program Files\Norton AntiVirus\SAVScan.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\RunOnce: [AAW] "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" "+b1"
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symante... Read more

Answer:Communicator Toolbar and More - hjt log file inside

Hi TimS -

If you had followed through on your last thread here we may have avoided another round of cleaning. Please see this through to the end, where you will be given valuable protection information once your system is clean.

I'm going to have you run some scanning tools first, then we'll go after whatever is left.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Click Yes to confirm and then click OK.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Before attacking an adware/spyware problem with hijackthis make sure you have already run the following tools. Download and update the databases on each program before running. Ad-Aware? SE Personal Edition
*Note* For Ad-AwareSE also install the VX2 Addon Cleaner To run this tool ... Read more

1 more replies
Relevance 45.1%

Large downloaded file often come in parts I understand the method ..extracting these parts are where I get confused I often see many parts or one zip file..or so..its the different ways of extraction where I get confused..when I select say a large compressed one it extracts to show a rar or series of rar file which then have to be extracted to show the compressed data..it seems a simple task and hard to explain. I am sure I am not re-inventing the wheel here..but I need help..anyone..

Answer:How to extract rar file that have zip files inside

You will see the files named R00, R02, R03 etc.. all you need to do is start the extraction of R00 and the rest should be extracted automatically...

4 more replies
Relevance 45.1%

Hi. I'm posting this in regards to a friend who has a trojan on his computer. He ran Webroot system analyzer and it detected a trojan, but no other software is picking it up. Here is his log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:42:45 PM, on 7/13/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Digsby\Digsby.exe
C:\Users\Pete\Desktop\SystemAnalyzer\SystemAnalyzer.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com... Read more

More replies
Relevance 45.1%

hello everyone im having numerous pop ups and its slowing down my machine big time for virus scanners and random pop ads. Here is the Hijackthis log file. What do you think?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:34:21 PM, on 1/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\... Read more

More replies
Relevance 45.1%

ok i have windows vista home premium. i am having link redirect problems. not just from google. basically any link i click redirects me. i ran gooredfix.exe deleted what came up still have problems. ran malwarebytes and still having trouble. so i am posting a log file from hijackthis. i would love it for someone to please check it out and give me some advice thanks.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:18:28 PM, on 7/15/2009Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:Windowssystem32sdra64.exeC:Windowssystem32Dwm.exeC:WindowsExplorer.EXEC:Windowssystem32taskeng.exeC:Windowstemp1154251.tmpC:Windowssystem32taskeng.exeC:WindowsSystem32igfxtray.exeC:WindowsSystem32hkcmd.exeC:WindowsSystem32igfxpers.exeC:WindowsRtHDVCpl.exeC:Program FilesSynapticsSynTPSynTPEnh.exeC:WindowsSystem32rundll32.exeC:Program FilesDropboxDropbox.exeC:Windowssystem32igfxsrvc.exeC:Program FilesSynapticsSynTPSynTPHelper.exeC:Program FilesMozilla Firefoxfirefox.exeC:Program FilesTrend MicroHijackThisHijackThis.exeR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.comcast.net/R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.toshibadirect.com/dpdstartR1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=5... Read more

Answer:HiJackThis Log file please help info inside

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 45.1%

Everytime I start my computer my background is changed and it says I have spayware and that I need to remove it. Also my screen saver is roaches eating the screen and I can never change it. Please help
 

Answer:Idk what the virus is but my hijack file is inside.

Hi tony82x,
Welcome to Major Geeks!

I'm making a bug collection, so if you'd like to contribute, please attach a screen shot of the bugs with your next post. Then please continue as follows:

Go to the READ & RUN ME FIRST and work through all the instructions. If there is something you can't do, just make a note of what happens to tell us later and then continue on. When you're finished, use the Manage Attachments button down below the reply window to attach your logs. If you get all four logs, you'll need to post twice, because you can only attach three logs with each post.

Thanks.
abri
 

26 more replies
Relevance 45.1%

Logfile of HijackThis v1.98.2
Scan saved at 6:29:52 AM, on 9/6/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cisvc.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\pctspk.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0EIC1.EXE
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\nacqzagb.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\... Read more

Answer:Serious help needed!! (log file inside-very long)

bump

thanks

2 more replies
Relevance 44.28%

I'm having problems with my iframe when viewing in IE (version 6)

The problem has to do with the URL/src of the iframe:
http://www.resonline.com.au/affredir/v2/affredir.asp?CommodityTypeID=1&StateID=401&DestinationID=454&AffiliateTheme ID=203&r=5&view=3&AffiliateID=203&refcode=OZACCOMM
(the page contains jscript)

I can view this URL in IE with no probs but when I try to view it within an iframe it won't stop reloading.. about every 2 seconds. It works fine in Firefox.

To see the problem in action you can check this link:
http://members.optusnet.com.au/~reen...comm/test.html

------------
Is there some jscript or something that I can use to force it to stop reloading.

Please HELP!
 

More replies
Relevance 44.28%

I'm recently noticed that some zip files that I store images on contain some empty image files "0 KB".
I'm just wondering if anybody knows of a quick way to scan a bunch of folders each with several zip each and then show which zip files contain empty files.

Thank you.

Answer:Check inside zip files for empty file

Use wither 7-zip or Winzip. Basic computing 101.

6 more replies
Relevance 44.28%

I am getting into batch file programming and wanted to know if I can get help with with extracting files with command prompt.
I can mostly navigate and manage my pc through cmd with out the gui so this would be awesome if I could extract files as well. I wanted to know this just so I can incorporate extracting files into a batch file if needed. I'm on xp. I have winrar, universal extractor, and extract now. I'm unsure if they have a command line feature or not or how to use it. maybe some basic examples would help if no one minds.
 

Answer:Solved: extraction inside batch file help

Maybe this will help you.

[WINRAR] First link
https://www.google.com/search?q=winrar+commandline

[UNI. EXTRACTOR] Didn't find a cmdline
https://www.google.com/search?q=universal+extractor+commandline

[EXTRACT NOW] First link > Documentation
https://www.google.com/search?q=EXTRACT+NOW+commandline

[7ZIP] This is my fav cmdline extractor; First link
https://www.google.com/search?q=7zip+commandline
 

1 more replies
Relevance 44.28%

I recently downloaded starry night which is a program that you can use to look at space features and stuff, but I had to uninstall it becuase it was taking up to much space on my computer, well now I can't delete the sucker and I'm constantly barraged by "this program is being used by another person or program", so I unistalled those programs and yet it still wants to stay, what do I do?
 

Answer:Certain file inside a program can't be deleted.. no matter what I do..

Before you delete anything else that you might actually want, try a system restore to before you had starry night installed.

If this does not help then post details of your system, the files you want to eliminate and the exact error messages.
 

4 more replies
Relevance 44.28%

PING 192.168.0.3 (192.168.0.3): 56 data bytes
64 bytes from 192.168.0.3: icmp_seq=1 ttl=128 time=0.5 ms
64 bytes from 192.168.0.3: icmp_seq=3 ttl=128 time=0.2 ms
64 bytes from 192.168.0.3: icmp_seq=4 ttl=128 time=0.3 ms
64 bytes from 192.168.0.3: icmp_seq=7 ttl=128 time=0.3 ms
64 bytes from 192.168.0.3: icmp_seq=13 ttl=128 time=0.5 ms
64 bytes from 192.168.0.3: icmp_seq=14 ttl=128 time=0.5 ms
64 bytes from 192.168.0.3: icmp_seq=15 ttl=128 time=0.2 ms
64 bytes from 192.168.0.3: icmp_seq=17 ttl=128 time=0.4 ms
64 bytes from 192.168.0.3: icmp_seq=18 ttl=128 time=0.5 ms
64 bytes from 192.168.0.3: icmp_seq=19 ttl=128 time=0.2 ms
64 bytes from 192.168.0.3: icmp_seq=20 ttl=128 time=0.2 ms
64 bytes from 192.168.0.3: icmp_seq=25 ttl=128 time=0.5 ms
64 bytes from 192.168.0.3: icmp_seq=27 ttl=128 time=0.2 ms
64 bytes from 192.168.0.3: icmp_seq=28 ttl=128 time=0.3 ms
64 bytes from 192.168.0.3: icmp_seq=29 ttl=128 time=0.4 ms
64 bytes from 192.168.0.3: icmp_seq=30 ttl=128 time=0.1 ms
64 bytes from 192.168.0.3: icmp_seq=46 ttl=128 time=0.4 ms
64 bytes from 192.168.0.3: icmp_seq=49 ttl=128 time=0.5 ms

--- 192.168.0.3 ping statistics ---
50 packets transmitted, 18 packets received, 64% packet loss
round-trip min/avg/max = 0.1/0.3/0.5 ms

I am getting this after doing a fresh install of Debian 3.0r2 on a computer with the following hardware:

Pentium 3 500MHz
2x 256MB PC133 RAM
Asus P2B
ATI RADEON 6500 VIVO
Creative SoundBlaster Live!
3Com 3C905-TX

I've never had problems like this bef... Read more

Answer:Getting 64% Packet Loss - What's causing this? (log file inside)

Seems reltek more reliable in this case, but I bet this is some driver problem...
 

8 more replies
Relevance 44.28%

hey guys, i got attacked by some virus or trojan or whatever it was, got some services removed and i need some reg keys to restore them....

If you are on Windows 7 x64 sp1, just go here in regedit;

HKEY_LOCAL_MACHINE\SYSTEM\CurrenControlSet\

and export the services subfolder and paste it up in a reply!

All the headache from trying to fix this with solutions now, i think im missing some vital part and only the right registry files can fix.

make sure you are on 7 x64 sp1...

thanks.

Answer:Got a virus, need a reg file, Windows 7 x64 sp1, directions inside.

Hello dek

Here you go hope it helps
Services.zip

Danny

3 more replies
Relevance 44.28%

currently, I'm using CA Security suite, I'm wondering if I can use the anti-virus to scan the inside of a RAR file, which composed of dozens of files, and confirm if there is a virus inside the packed rar file or not
 

Answer:Can anti-virus scan the inside of a RAR or zip file?

NOD32 does... perhaps the CA cra--- uhmmm... product has an option to scan inside archives that needs to be enabled (seems like it should be on by default; it is with NOD32).
 

6 more replies
Relevance 44.28%

How do I encrypt a .txt file inside an Image so that when I change the extension of the Image into .rar and I open the rar file, there's a .txt file in it? This does work, you can try it yourself.
http://www.icon-hack.cc.cc/img/product/2009/200905/20090502/188360_1_Fsdfdf.jpg
Change the file extension to .rar and open it.
 

Answer:Solved: Encrypting a .txt file inside an Image

6 more replies
Relevance 44.28%

Hi guys,

i come to you after formating my computer and without success to solve my blue screens problem.

when i watch a movie and specially while playing i get a blue screen
i attached the dump file.

thanks a lot!

Answer:Windows crashed + dump file inside

  
Quote: Originally Posted by shiker


Hi guys,

i come to you after formating my computer and without success to solve my blue screens problem.

when i watch a movie and specially while playing i get a blue screen
i attached the dump file.

thanks a lot!


SPDT.SYS used by daemon tools/alcohol and KeyMagic. Both.

Your computer was up for 2 plus days so it isnt happening frequently, and removing those two items may fix it.
Ken J

Please remove any CD virtualization programs such as Daemon Tools and Alcohol 120%. They use a driver, found in your dmp, sptd.sys, that is notorious for causing BSODs. Use this SPTD uninstaller when you're done: DuplexSecure - Downloads
[/quote]
You can use MagicDisc as an alternative.

Freeware MagicISO Virtual CD/DVD-ROM(MagicDisc) Overview


Code:

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\K\Desktop\dump_110310-26083-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols;srv*e:\symbols
*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0x82a19000 PsLoadedModuleList = 0x82b61810
De... Read more

3 more replies
Relevance 44.28%

Hi I am trying to remove MWMBs and even after using the MWMBs Removal Tool and rebooting twice" its still in "Program Files" It keeps saying: "Error Deleting File or Folder: Cannot Delete the Directory is Not Empty" When I open the MWMBs folder it has one little file with no description in it if I try and drag it to the Recycle Bin it says: "cannot read from the source file or disk" anyone have any ideas please Dazza

Answer:Cannot uninstall MWMByts Folder and 1 File inside

Hello Dazza -2 ideas. First, run chkdsk /r as the problem may be your system -Next, If the problem persists, please contact Malwarebytes Support desk << with this form for personal help -They have just told me that they will look after you as soon as a helper is available -Thank You -

4 more replies
Relevance 44.28%

the folders when you right click and click properties it is 0 size, or the folder is empty but the file is inside. but i can not open the files, when i right click it just has open with, folder synchronization, send to no other features as usual.And it spread to other files and folders. and when i burn it with Nero, it failed it said the file is too

PLEASE HELP, HOW TO REMOVE THE VIRUS!

Thx.

Answer:New Virus: The Folder is Empty but the file is inside

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 44.28%

Is it possible to request elevation inside a CMD/batch file? I have a Command Script( .cmd) and one of the command require admin right to run. I am NOT looking for right-click "Run as administrator", I would like the script itself to call the UAC prompt.Thank you,

Ray

Answer:Request Elevation inside CMD/batch file

Hi,To elevate the permission, please refer to the following article:Windows7 elevated command prompt priviledges throug a scriptThanks,Novak

11 more replies
Relevance 44.28%

Hello folks. I'm trying to fix my mother's computer and needless to say it's in bad shape. The memory is being hogged like crazy and the only form of virus scanner i have at my disposal atm is housecall. What's weird is the terms don't load for me to continue, but hijack this works. Here's the log from safe mode. I'm going to restart and run it normally and see if there are differences. ty in advance.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:01:23 PM, on 8/2/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Users\Mahnaz\Downloads\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,... Read more

Answer:Mess of a system (Hijackthis file inside)

not on safe mode:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:33:28 PM, on 8/2/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mahnaz\Downloads\HijackThis(2).exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http:... Read more

2 more replies
Relevance 44.28%

For those of you who have been complaining about the perceived slowness of Vista file copy operations (And <insert deity name here> knows ther have been many), I now present to you a copy of Mark Russinovich's blog dated 4 February 2008.

In his blog, he provides in-depth details of how the copy engine works, and what improvments have been made to this engine in Vista SP1.

Happy reading!

----------------------
The original text for this post can be read in Mark Russinovich's blog at http://blogs.technet.com/markrussinovich/
----------------------

Windows Vista SP1 includes a number of enhancements over the original Vista release in the areas of application compatibility, device support, power management, security and reliability. You can see a detailed list of the changes in the Notable Changes in Windows Vista Service Pack 1 whitepaper that you can download here. One of the improvements highlighted in the document is the increased performance of file copying for multiple scenarios, including local copies on the same disk, copying files from remote non-Windows Vista systems, and copying files between SP1 systems. How were these gains achieved? The answer is a complex one and lies in the changes to the file copy engine between Windows XP and Vista and further changes in SP1. Everyone copies files, so I thought it would be worth taking a break from the ?Case of?? posts and dive deep into the evolution of the copy engine to show how SP1 improves its performance.

... Read more

Answer:Inside Vista SP1 File Copy Improvements

I downloaded the article by microsoft about all the inprovements. Too many Kxxx articles to go into. Needless to say there is alot. Waiting for the final release before upgrading.

2 more replies
Relevance 44.28%

Recently got the poka poka virus...i ran several scans, and bleieve i got it and several other spyware thingys out of my registry...i still see some possible files that arent good, plz lend me some ideas since my PC seems to run a bit glitchy espeically with games/programs that prior ran better. I'm not sure if it matters but this file was not taken while in safe mode...rather in normal windows mode....

Logfile of HijackThis v1.99.1
Scan saved at 9:50:00 PM, on 10/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WLService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WMP55AGV2.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\XoftSpy\XoftSpy.exe
C:\DOCUME~1\RAPHAE~1\LOCALS~1\Temp\Rar$EX00.906\HijackThis.exe
C:\Documents and Settings\Raphael Kosmicki\Desktop\HijackThis.exe
C:\Documents and Settings\Raphael Kosmicki\Desktop\h\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = ... Read more

Answer:Computer Possibly Infected (Log File inside)

Welcome to TSG

Please download LQfix.exe and save it to your desktop.

Double-Click LQfix.exe and click Next > Next > Install.
Leave the default settings, if you change them, the fix will Fail!
Now make sure the "Launch LQfix" box is checked.
Click the Finish button, after clicking the Finish button the fix will start.
Follow the on-screen prompts.
Your system will now reboot afterwards.
Please be patient after the reboot, there is a script running in the background that needs to complete.

Post a new Hijack This log.
 

1 more replies
Relevance 44.28%

Hello,
I have a couple of computers set up in the network. They're all inside the same workgroup.
Every folder I share is visible by everyone.
Now I want to define permissions on only one folder which containes files only to be editable (modified) by, let say, one computer.
So I need to define special peermissions for this particular folder.
However I came accros to a problem. In network neighbourhood I can see all computers and their share folder and they see my shared files. But when I want to define special permissions on only one folder (one user can write and read, the rest is read only access), I cannot see other computers in the "Select user or groups" window just as shown in the attached picture.

One friend of mine told me that this is only possible when computers are on domain. It is really hard for me to understand that permissions cannot be defined for each folder and for each network user separately.

Can you give me any advice?

Thanks
 

Answer:File and folder permissions inside workgroup

Permissions are configured for local users on the machine, not network users or machines.
 

1 more replies
Relevance 43.87%

Here is the dumpfiles

http://sdrv.ms/17NJyVN

Basically ive been having the problem for a few months now, it wasnt as frequent BSOD to start but now the last 2 weeks its been every 2-3 hours, ive tried removing programs from the last few months and downloading driver after driver but i cant seem to find the source of the problem, if you need anymore info feel free to ask.

Answer:BSOD from Ndis.sys,ntoskrnl.exe & ataport.sys. DMP FILE INSIDE!

Are you using a USB PC Port adapter from 2Wire?

The driver, 2WirePCP.sys seems to have caused the Blue screen that generated the dump file.

I would get an updated driver.

5 more replies
Relevance 43.87%

I have try all the ideas everyone has had about drivers, deleting the file that causes the problem and nothing is working.. not sure if one of the video cards is going bad, but here is the dump file if anyone can help greatly appreciated.. win 7 ultimate 64
I7 2600

Answer:BSOD Bccode 116 atikmpag.sys dump file inside

STOP 0x116: VIDEO_TDR_ERROR troubleshooting

Either your RAM or one of the video is defective, try using one card at a time.
RAM - Test with Memtest86+

2 more replies
Relevance 43.87%

Just upgraded to Windows 8 and I'm having an issue I never had in Windows 7. Whenever somebody sends me an archive (.zip, .rar, etc.) that contains file names that are in Japanese, they always appear garbled (文字化け).

1. I am using Outlook 2010
2. This happens through both WinRAR and Windows' native unarchiving program.
3. The file name of the archive itself (also in Japanese) is not garbled, just the file names inside.
4. I have the Japanese language pack (Windows IME) installed on top of this U.S. version of Windows 8, but setting Japanese language priority higher than English (through Control Panel/language) does not fix the problem.

Does anyone have any ideas how I might fix this issue, as right now I have to boot back into Windows 7 to unzip any Japanese archive.

Answer:Japanese file names inside archives getting garbled

Anyone have any ideas?

1 more replies
Relevance 43.87%

How do I make Windows 7 search inside of file contents on a removable device?

I have a flash drive with a few hundred spreadsheets on it, in .xls format. I need to search for words that are located inside of the spreadsheets. How do I do that?

Note: I have set my indexing options to search the contents of .xls files - this flash drive is probably not indexed, as it is only occasionally plugged into this machine. I am looking for a way to make Win7 search inside of files without having to index the thing.

Answer:How to search inside file contents on removable device?

Hello Dizzious, and welcome to Seven Forums.

Sorry, but you will not be able to add removable locations to be included in the index anyway.

An alternative, is to select the flash drive in Computer or Windows Explorer, and search it from there instead.

Hope this helps,
Shawn

3 more replies
Relevance 43.87%

I got a powerpoint in an email attachment, virustotal reports a zip file inside...
 
1.) Is there always a .zip file inside powerpoints?
2.) What malicious benefit could a zip file provide?
3.) How can I alalize the ZIP compressed archive (2.5%)
 
ssdeep
1536:d98NvL6Ra3cQewv87TClJ2HsrwRKbbEBbfnCY9Gbt09bfmh4jVuJTVxZbbFH5T14:dfJR4EBfnCK+JTVxZbb59q5/nfcQtb
 
TrID
PowerPoint Microsoft Office Open XML Format document (97.4%)ZIP compressed archive (2.5%)
 
F-Prot packer identifier
appended
 
ExifTool
SharedDoc................: No
Title....................: MEMORY
HyperlinksChanged........: No
TitlesOfParts............: Office Theme, MEMORY, What is Memory, Memory involved three fundamental processes, The stage model of Memory, Sensory Memory, Sensory Memory, Sensory Memory, Short-Term Memory, Short-Term Memory, Short-Term Memory, Short-Term Memory Working Memory, Long-term Memory, Long-Term Memory, Long-Term Memory Transforming or encoding memory, Long-Term Memory Types of Information, Long-Term Memory Subsystems, Maintenance Rehearsal , Elaborate Rehearsal , Retrieval , PowerPoint Presentation, PowerPoint Presentation, Encoding Specificity Principle , Forgetting , Forgetting
LinksUpToDate............: No
LastModifiedBy...........: RLLocal
Application..............: Microsoft Office PowerPointZipFileName..............: [Content_Types].xml
CreateDate...............: 2013:03:19 17:24:18ZZipRequiredVersion.......: 20
PresentationFormat.......: On-screen Show ... Read more

More replies
Relevance 43.87%

Hi everyone,Here's something I was wondering. I have a VB application how's calling another application. This second application is a commandline software that use a password as parameter.my code looks like that:Public const MYPASSWORD ="ThisIsMyPassword12345"

dim result as integer

result =  Shell("C:\Application2.exe " & MYPASSWORD , vbHide)I was asking myself if it was secure to store a password as a constant inside an application.Once the code is compile and transform to binary format, is it possible that a hacker retreive this password with some kind of password recovery tool.Thanks. Fred

Answer:Is it safe to store passwords inside binary file?

Yes if you have the password stored in a file, then it would be possible to reverse engineer that file and gain the password.

6 more replies
Relevance 43.46%

By the way i have most of the spyware removers...... well all the good ones and this problem can only be saved using HJT.

Logfile of HijackThis v1.99.1
Scan saved at 5:38:08 PM, on 4/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\svcnet.exe
C:\WINDOWS\system32\inrlln.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://216.130.185.122/sidesearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSea... Read more

Answer:Spyware Problems HJT Log inside!!!

I can see you have antivirus on there, but it's not shown as running,
you appear to have the Tibick worm......
(C:\WINDOWS\system32\svcnet.exe)

Try running an online scan or two..........
http://housecall.trendmicro.com/
http://www.bitdefender.com/scan/licence.php

Disable System restore before you begin.
 

1 more replies
Relevance 43.46%

Last night I opened up Firefox to do a google search and I got the blue screen of death and had to restart. This is normal enough; my computer had been on for a while and had several programs running at once so I figured it had just gotten overwhelmed. But then when I logged back in and opened up Firefox again, it went to the blue screen of death again and I had to restart. I was getting a little worried, so the next time it started up I let it fully load first, but without even doing anything, it went automatically to the blue screen once more, and when I pressed a key, it just went to another blue screen and another and another, until I had to manually shut off the computer because control alt delete wasn't working. Then when I turned it back on it went through its scan disk routine that it does when the computer wasn't shut off properly, which takes forever, so I hit enter and skipped it. When I did that, it took me to an all black screen with white text at the top saying that there had been an error and I needed to restart. I'd never seen that before, so I restarted and let it go through the whole system scan without interruption. When it was done, it took me into Safe Mode for some reason. In Safe Mode I'm unable to use my mouse, I'm not sure why, so I just hit control alt delete and restarted once more. This time it took me back to my regular desktop, but again, after a few seconds of loading the blue screen came up, and hitting keys and trying control alt dele... Read more

Answer:Serious Computer Problems; Hjt Log Inside

Hello Lanimilbus and welcome to BleepingComputer!Apollogies for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:Preparation Guide For Use Before Posting A Hijackthis Log.Thanks,Johannes

1 more replies
Relevance 43.46%

Hello,

Something is seriously wrong with my computer. Every time I restart, I get blue screens.. sometimes to the point where I can't get windows to load at all. It takes around 30 minutes to get windows loaded every day. The computer/internet is also extremely slow and I have a cable connection, it feels like dial-up. I've run trendmicro with no results and McAfee with 1 result that couldn't be cleaned or removed (generic PUP.a). Every time I run adaware I get results with one being Malware.. So I'm guessing this is probably the problem? Here's my HiJackthis log, could you please help me out? I've tried another forum but It's been a few days now w/ no answers and I'm not sure how long this computer will last. Thanks.



Logfile of HijackThis v1.97.7
Scan saved at 1:27:29 PM, on 5/8/2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\TOPSPEED\2.0\AOLTSMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\AOL\TOPSPEED\2.0\AOLTPSPD.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\WINDOWS\SYSTEM\... Read more

Answer:Having serious problems HJlog inside

Hello RedXrain and welcome to TSF,

I'm sorry, but your version of HijackThis is terribly outdated and not refelecting what we need to see to assist you.

Please delete your current version and download HijackThis 1.99.1 - this program will help us determine the extent of any spyware/malware on your computer. Double-click on the file you just downloaded.
Click on the "Unzip" button to install. It will by default install to the directory - C:\PROGRAM FILES\HIJACKTHIS\

Double click on HijackThis.exe to run the program.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Post the hijackthis.log file in this thread.

1 more replies
Relevance 43.46%

I'm not sure what may have caused this, but things on my computer are running oddly. Here's the stuff I've noticed so far that doesn't work right:

Windows defragmenter - will analyze fine, but won't fix any fragmented files
All Norton tools - don't work
Spybot - doesn't work
AdAware - doesn't work

When I say "doesn't work," I mean that I can click on the icon, or the .exe, and nothing happens.

Also, the sound on DivX, WMP, iTunes, and WinAmp won't work.

Here's the analyzed log:

Log was analyzed using HijackThis Analyzer - Updated on 12/1/04
Get updates at http://www.greyknight17.com/download.htm#programs

Logfile of HijackThis v1.99.1
Scan saved at 6:40:23 PM, on 5/4/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Tweak-XP\blads.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://wolverine.network.ncf.edu/exchange/
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKCU\..\Run: [BlockAds] C:\Program Files\Tweak-XP\blads.exe
O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton Utilities\SYSDOC32.EX... Read more

Answer:having odd problems... analyzed HJT log inside

Hello lotuz,

Please print out or copy this page to Notepad since you will not have any of browsers open while you are fixing this.. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. Again, you should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. If you have Windows XP, the search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that 'Search system folders', 'Search hidden files and folders', and 'Search subfolders' are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Download Spybot 1.3 from this site Spybot 1.3. Install the program, update the definitions file and run a scan. Fix all the entries, which are indicated in RED.

Please download Adaware SE and install it if you don't have it already. Make sure it's the newest vers... Read more

12 more replies
Relevance 43.46%

ok this is a new thread im starting because my ohter thread has 6 replies,,, all by me and noone else......if any mods see this all you have to do is read my other post to know whats going on, its titled "Major problems with winxp PLEASE help!" and its been here for like 3 days now and no reply yet.... but anyways read that and youll know whats going on and if you need to know about my computer my profile has my PC specs and here is my HJT log:

Again, thanks in advance, and help is MUCH appreciated!

EDIT: heres the 3 files KAV said were infected....im removing the mIRC ones right now but i dont know about the other one....i really need help here guys
Code:
C:\Program Files\Internet Explorer\msimg32.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Program Files\mIRC\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.617 skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped
Another edit:: just to make it a little easier, ill put my new log in because its a bit different then before....heres the new one:
Code:
Logfile of HijackThis v1.99.1
Scan saved at 11:14:18 AM, on 1/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\W... Read more

Answer:Problems with my computer, HJT log inside.

Hi, I'm sorry, but TSG forum rules allow you one thread per problem, and you have another with one reply from me, here:

http://forums.techguy.org/security/536994-major-problems-winxp-please-help.html

Please continue over there, I will try and help. Just post a brand new Hijackthis log in your other thread.

By the way, the use of code boxes makes your post so wide it is unbearable to read it, I advise you to just copy and paste into the reply space and skip code boxes.

It's easier to work with HJT logs and such without the movement, as well. Hope you understand.

I am closing this thread.
 

1 more replies
Relevance 43.46%

Here are my problems:
1. even though i take AIM (aol instant messenger) out of my start-up...it will not start-up for like 2 start-ups...then its back to automatically starting up again.

2.My computer just automatically freezes from time to time which is VERY unusual...my comp never freezes...it just start doing this. I think its because of this vmedia.exe file my brother installed...i want it off but it wont let me delete the .exe file.

3.Even when all my internet explorer windows are closed, my registry still shows that an internet explorer app is running and everytime i try to end it, it pops right back up.

Logfile of HijackThis v1.99.1
Scan saved at 12:44:59 PM, on 9/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\System32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Sh... Read more

Answer:A few annoying problems....need help...HJT inside

12 more replies
Relevance 43.46%

Hi all
I know you'll probably want system info and everything but can we go into that after :).
I'll explain my problem and then you tell me what I need to do.

Ok it would appear that when I have MSN (I assume it's latest version...humour me for now) or Winamp my CPU useage frequently bombards upto 100% causing great lag on my XP home PC.

Ive run scans, mallware scans adware scans and turned up 0.

Any thoughts on this situation.

:)

Ta

Answer:Problems inside Xp regarding msn and winamp

its now also causing the cpu to go into 100% when I watch movies/have yahoo messenger open/aol instant messenger and even when I surf on flash based sights it causes lag and makes the sound stick and come out of my speakers all crappy like a broken record.

1 more replies
Relevance 43.46%

Hi, I have been trying to network my computers together since October. I've got my laptop hooked up (just barely) with a microsoft notebook wireless adaptor. However, the one I have not been able to get networked correctly is my desktop with Win98. After the DLINK USB adaptor failed to help, my dad purchased a microsoft PCI Adaptor. He installed it a few days ago. We had some problems with the software, but after an uninstall/reinstall I got it working. But that was just the software. I finally got the computer hooked up with a workgroup, so I could transfer a file that was "missing" from my win98 desktop from the XP desktop that I downloaded it on to. Its connected to the workgroup, but that's all. I have not been able to get it to be able to use the net access. I have a cable modem - that's what I am trying to share. The hub thing is DLINK and the other devices are microsoft. Anyway, I tried messing with the settings in the networking and nothing seemed to work. I ended up having to use "systemfilecheck(extractor)" to replace a file that could not start.
Does anyone have a solution for helping me get my other desktop to use my internet? I'd like to be able to use the net on that computer once in awhile. I mostly use it on my XP computer, but the other computer needs to get updates for the spyware removal software and without the net access, that's impossible.
Okay, I hope that explains the problem. IF Anyone has a suggestio... Read more

Answer:I'm Still having problems with networking......can you help me (more inside)

15 more replies
Relevance 43.46%

I recently rebooted the computer to clean up it and just start "fresh"..

I haven't done much in it and then all of a sudden, the problems started to happen!

1.I cannot open MY COMPUTER Icon. It keeps loading and loading and it never opens it up.

2.I cannot Use the Search Function.It won't let me Search..

3.Is also getting very slow and the INTERNET EXPLORER is pretty much broken.

I notice the computer is fine when I run it in SAFE MODE but it breaks down in NORMAL MODE..

This is my HiJACK log

Logfile of HijackThis v1.99.1
Scan saved at 3:50:10 PM, on 10/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LogMeIn\RaMaint.exe
C:\Program Files\LogMeIn\LogMeIn.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet E... Read more

Answer:I have several odd problems. My HIJACK LOG is inside.. Someone Help Me Please!

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem a.s.a.p

In the meantime, make sure you subscribe to this thread so that you will receive an instant email when I have replied with a fix to your problem. You may do this by clicking the Thread Tools option at the top of your post and then clicking Subscribe to this thread. Then, make sure Instant Notification by email is selected and click Add Subscription

Please be patient with me during this time.

7 more replies
Relevance 43.46%

Logfile of HijackThis v1.97.7
Scan saved at 1:40:15 PM, on 4/8/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\ENCOMPASS\ENCMONTR.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\WEBSCANX.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\SYSTEM\MSGLOOP.EXE
C:\WINDOWS\SYSTEM\MSG32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSSTAT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\WINDOWS\SYSTEM\USBMMKBD.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\PROGRAM FILES\DIRECTCD\DIRECTCD.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\PROGRA~1\NETROPA\ONSCRE~1\OSD.EXE
C:\PROGRAM FILES\IOMEGA\DRIVEICONS\IMGICON.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\REMINDER.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MSWORKS\CALENDAR\WKCALREM.EXE
C:\HP\REGISTER\REMIND32.EX... Read more

Answer:Friend having problems, HT log inside

7 more replies
Relevance 43.46%

Had soem fake AV programs and the google search redirect. Ran the read me run me. Logs attached
 

Answer:Had some problems. Did I get it all? Logs inside.

mglog
 

18 more replies
Relevance 43.46%

I'm using avira and I just backed-up my system. I plan to format my hard drive and before restoring it, I'd like to scan the backup file (.bkf) just to make sure that my pc's really really clean. Will it be able to detect if the backup file has viruses?

In the same sense, how about spyware, will antispyware tools detect spyware inside a backup file?

thanks
 

Answer:will antivirus programs be able to detect viruses inside a backup file?

I'm not sure if this will work but you would have the scanner scan the .bkf file and maybe it could. Even If It could detect I'm not sure if it would remove it because It would be already a compressed version. I would have tried to remove malware before you backed up your system.
 

1 more replies
Relevance 43.46%

I'd like to transfer some video files (some as large as 16gb) from my desktop PC to a laptop. Desktop is running Vista Ultimate x64... laptop is running Vista home x32. AFAIK, home doesn't support file sharing so how would I go about doing this? My external drive is currently in storage and I don't want to waste DVD's

Is there 3rd party software that will do this over wifi? What about over USB?
 

Answer:large file transfer solution? (inside home network)

dr.stevil said:


AFAIK, home doesn't support file sharing so how would I go about doing this?Click to expand...

You should be able to setup a workgroup and enable simple file sharing to transfer files over your network (wired or wireless), but if you want, you could use this: http://www.tirminal.com/
 

5 more replies
Relevance 43.46%

I've got two Win10-64 boxes running 'Feature update to Windows 10, version 1709 and the latest KB4056892 2018-01 cumulative update for windows 10 version 1709 x64-based systems.

With one box, I can right click on the latest firefox 64 bit exe installer and can 'scan with windows defender' and it will scan 598 files. On the other, the scan of the same file shows '1 files scanned'?

I just can't figure this out? How can I resolve this? It makes me question whether Windows defender is working at all?

More replies
Relevance 43.46%

Please let me know what i can do, its soo annoying and i can only get online from task manager!

Logfile of HijackThis v1.99.1
Scan saved at 1:37:37 PM, on 8/6/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\svchoct.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\DllHost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\m?iexec.exe
c:\program files\dboo\shot.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\hu\My Documents\nwlondonthug\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.zpecialoffer.com/indexie.html
R1... Read more

Answer:NO Icons, NO Startup Menu, just my desktop picture! HELP! Log file inside

16 more replies
Relevance 43.46%

If I encrypt the folder of a software accounting program on my hard drive using windows 7 pro 64 bit, can I backup only my data file to an external flash drive? If so, what steps would be necessary to restore that file in the accounting program?

Answer:can I backup a single data file inside an encrypted folder

http://support.microsoft.com/kb/309340A flash drive is a pretty poor choice. I'd be more inclined to have a usb hard drive and store the file without encryption but store the usb drive in a secure location. Google is evil

5 more replies
Relevance 43.46%

Hey i'm hoping someone can translate these dump files for me and tell me what the problem is. I'm assuming it's the cpu but not sure why, my temps are fine and I opened up my case to allow more air flow and cleaned out the dust. Basically after playing for about 30min I get a BSOD.

**Had to change the file extension to .txt to upload, change it back to .dmp

If any more info is required let me know and i'll provide it, thanks!
 

Answer:BSOD's while playing Battlefield Bad Company 2(dump file inside)

Anyone able to help?
 

11 more replies
Relevance 43.46%

I have links in a web page to swf files for my accounting course.  Some students have problems viewing these files in firefox and IE at home.How can I get the link to activate the swiff player and play the .swf file in the player instesd of the browser.http://eugenehowell.com/coursematerial/fa12-2/acc11ch4/partb-thedebitsandcredits.swfHelp.Gene

Answer:Opening a link to a .swf file in the swiff player instead of inside browser.

The link you posted can be used to download the .swf file directly.Just Right Click it and go to Save As.This program can be used to play the file on the computer:http://www.irfanview.com/

8 more replies
Relevance 43.46%

Hey guys!

If anyone could take a look at the .dmp file, it would be much appreciated.

I get a random BSOD at any random time.

Thanks!

*If you change the file to ".dmp" instead of ".txt" it SHOULD work.*

Answer:[SOLVED] Vista 64bit BSOD (Dump file inside)

Hi -

The dump has a bugcheck = 0x124 = WHEA - unknown hardware error

The only items of interest in the loaded driver listing is that your Marvell Yukon Ethernet driver needs to be updated -

Code:

fffffa60`0256d000 fffffa60`025b4000 yk60x64.sys Mon Oct 02 03:21:56 2006 (4520BE14)
I also noticed the very recent updates of ESET NOD32 and ATI video.

This message found in the dump -

Code:
*** Memory manager detected 1 instance(s) of page corruption,
target is likely to have memory corruption.
Run memtest86+ 1 stick at a time, alternate slots - http://www.memtest.org/
Run chkdsk /r

Check the Device Manager - View tab, enable hidden devices - look for red/yellow flags
START | devmgmt.msc

Event Viewer may hold some clues
START | eventvwr.msc

Regards. . .

jcgriff2

.


Code:


Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\!!_Kernel_Dumps\barfridg555_Vista_041309__jcgriff2__\Mini041309-01.txt.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 6001.18145.amd64fre.vistasp1_gdr.080917-1612
Machine Name:
Kernel base = 0xfffff800`01a12000 PsLoadedMo... Read more

12 more replies
Relevance 43.46%

Can someone please look through this log to see what files I should check? Thanks guys.Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 15:05:54, on 18/03/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18882)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Apoint2K\Apoint.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Hp\QuickPlay\QPService.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Hp\HP Software Update\hpwuSchd2.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files\AVG\AVG8\avgtray.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Epson Software\Event Manager\EEventManager.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\System32\spool\drivers\w32x86\3\E_FATICKE.EXEC:\Windows\System32\spool\drivers\w32x86\3\E_F... Read more

Answer:Google redirecting and email not recieving - Hijack file inside

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions... Read more

3 more replies
Relevance 43.46%

Alright, here's my Hijack This log...

Logfile of HijackThis v1.99.1
Scan saved at 11:14:43 PM, on 10/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\... Read more

Answer:Solved: Trojan.Vundo Virus, File: geedc.dll, log inside.

9 more replies
Relevance 43.05%

Basically at the beginning of last month my computer started to have random BSOD issues. I have uninstalled/re-installed drivers and tried several other recommended fixes. Now I come to you for help. The requested files are attached in a compressed folder.

Running windows 7 64 bit, Radeon 5450, AMD Athlon II x 4 640 Processor (at stock speed). Age...approx 2 1/2 - 3 years old (maybe a little more). Age of OS installation - same as age of computer. System manufacturer - HP.

Model : p6754y

If additional information is needed please just ask.

Thank you for taking the time to look at this post.

Answer:BSOD Problems, reports inside, please help.

Hi,

We have various bug checks:

WHEA_UNCORRECTABLE_ERROR (124)

A fatal hardware error has occurred. This fatal error displays data from the Windows Hardware Error Architecture (WHEA).

If we run an !errrec on the 2nd parameter of the bugcheck (address of the WER structure) we get the following:


Code:

===============================================================================
Section 0 : Processor Generic
-------------------------------------------------------------------------------
Descriptor @ fffffa8006baf978
Section @ fffffa8006bafa50
Offset : 344
Length : 192
Flags : 0x00000001 Primary
Severity : Fatal

Proc. Type : x86/x64
Instr. Set : x64
Error Type : BUS error
Operation : Generic
Flags : 0x00
Level : 3
CPU Version : 0x0000000000100f53
Processor ID : 0x0000000000000000
^^ BUS error.


Code:

===============================================================================
Section 2 : x86/x64 MCA
-------------------------------------------------------------------------------
Descriptor @ fffffa8006bafa08
Section @ fffffa8006bafb90
Offset : 664
Length : 264
Flags : 0x00000000
Severity : Fatal

Error : BUSLG_GENERIC_ERR_*_TIMEOUT_ERR (Proc 0 Bank 4)
Status : 0xfa00000000070f0f
^^ Specifically, a timeout occurred somewhere along the bus (Processor 0 - Cache Bank 4 - *main CPU core*)
SYSTEM_SERVICE_EXCEPTION (3b)

This indicates... Read more

1 more replies
Relevance 43.05%

Ok, so here is the deal: About 2 weeks ago, I was at a LAN party with my clan, we went there for the tournament, and we were told that there was a high securitylevel when it came to virus spreading etc. everyone in other words, had to install anti-viruses etc before they were permitted to go online.

however this seems to not have been the case. Because within 10 minutes after logging on to the internet, I find myself with a bunch of suspecting and unfamiliar processes and programs.

The processes that I noticed were in particular the following:

spoolsv.exe
system.exe
winlogon.exe
services.exe
and the last one went something like this: "msq30". similar to that.

the last one(msq30), AVG anti-virus got a hold of and killed it seems, but the above is still here, making my every day a living ****.

I did a HijackThis scan, with a log, and I'll paste it for you(though it seems really short:

Logfile of HijackThis v1.99.1
Scan saved at 09:03:30, on 20.03.2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programfiler\Java\jre1.5.0_11\bin\jusched.exe
C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programfiler\Messenger\msmsgs... Read more

Answer:Major problems(explanation inside:P)

bump :p

12 more replies
Relevance 43.05%

Hi,

I have been experiencing problems with several popups and possibly some viruses as well. Below is my HJT log, hopefully you can help out!


--------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 7:29:19 PM, on 6/16/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\popuper.exe
C:\WINDOWS\System32\msole32.exe
C:\WINDOWS\System32\shnlog.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\System32\intmonp.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\intmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\RioMSC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Greg's Files\Virus Scans\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft... Read more

Answer:Popups/Virus Problems - HJT log inside

Please read these instructions carefully and copy them to notepad! Save the notpad file to your desktop. Be sure to follow ALL instructions!
* Go here to download and install CCleaner
Do not use it yet.
* Click Here and download Killbox and save it to your desktop.
* Click here to download smitfraudfix.zip. Download it and unzip it to your desktop and have it ready to run later.
* Click here for info on how to boot to safe mode if you don't already know how.
* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to.
* Go to Start > Control Panel > Add or Remove Programs and remove the following programs, if found:

Security IGuard
AntivirusGold
Virtual Maid
Search Maid

Exit Add/Remove Programs.
* Run Hijack This again and put a check by these. Close ALL windows except HijackThis and click "Fix checked"

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.updatesearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.updatesearches.com/bar.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.updatesearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.updatesearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Cus... Read more

3 more replies
Relevance 43.05%

hi all. i've a big problem. my internet goes slow after a few minutes i opened it.
first i updated my programs and then restarted with safe mode. made a full scan with ad-aware and delete all the files that were founded. then made a scan with AVG anti-virus.here the results of it:
http://img384.imageshack.us/img384/3...rint0513gt.jpg

then i opened ewido and scanned with it too.
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 18:25:10, 11.05.2006
+ Report-Checksum: 128418D2

+ Scan result:

[232] C:\WINDOWS\system32\ovxejfcb.dll -> Proxy.Agent.jz : Cleaned with backup
C:\Documents and Settings\ersin\Cookies\[email protected][1].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\ersin\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\ersin\Cookies\[email protected][1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\ersin\Local Settings\Temp\dmx8.tmp -> Worm.Locksky.ao : Cleaned with backup
C:\WINDOWS\system32\fdconfig.dll -> Adware.Virtumonde : Cleaned with backup
C:\WINDOWS\system32\mljgf.dll -> Adware.Virtumonde : Cleaned with backup
C:\WINDOWS\system32\ovxejfcb.dll -> Proxy.Agent.jz : Cleaned with backup
C:\WINDOWS\system32\Service.exe -> Proxy.800 : Cleaned with backup
C:\WIND... Read more

Answer:fdconfig.dll and more problems, details inside.

nobody? please i really need your help

4 more replies
Relevance 43.05%

I have an interesting problem here. When ever I burn a CD-RW disc it will complete the burn process and the disc will eject.. But when the disk is instered back into the drive it is blank! The test burn option is NOT highlighted. I have a DELL Inspiron 530 desk top the CD-ROM that is in there is a pbds dvd+rw dh-16W1S this is what comes up with the device manager. Now the computer came with Vista, I installed XP because Vista had crashed twice on me! BUT, I was able to burn CD-RW's with Vista. I have another computer with XP and the CD-RW's burn ok in that.. Now is there a driver that I can install on XP that will enable the burning of CD-RW's or should I install Vista again?

Thanks!
 

Answer:Problems With Burning CD-RW ?? (Read Inside!)

7 more replies
Relevance 43.05%

Hi there.. I am frustrated beyond belief!.. My husband and I live in a rural area, and have been waiting for DSL for years. A few months ago, we finally got access and signed up right away. We could only afford one DSL modem, and since I work outside the home, and my husband works from home, we opted to let him have the dsl connection and I'd dial up for a while longer. We connected him to the modem NO problem, worked right away.. etc..

*I* finally got a hub, and an extra IP address, and have been fighting with the internet ever since. At first.. I was able to connect to the DSL.. the only problem I really had was the random "link dead" episodes.. I'd be trucking along.. surfing or playing a MMPORG and then blam.. nothing would load, or I'd go link dead in game. I've uninstalled and reinstalled everything a million times. Finally.. I gave up.. ( was working a lot of hours, and not a lot of time to tinker with the computer) and assumed it had to be my network card had gone awry. I bought a new network card the other day.. and alas.. STILL I can not load a single freaking thing on the internet.. other than Google.. I can google and even conduct a search on google, but can not connect to any other links, etc. I am currently on a dial up account.. to post this and try to work on this..

I don't know what changed to make me go from " working sometimes" to never loading anything.. but.. <shrug> thats why I am here..

OH.. and h... Read more

Answer:Help! can't get this computer to connect via DSL.(more problems inside)

7 more replies
Relevance 43.05%

Sometimes when I do cell formatting in excel, like adding borders, or bolding the text, it will sit and think for about 3-4 full seconds, then complete the operation I want to do. Whats also wierd, is that during these 3-4 second 'thinking' periods, my network traffic will jump around from 0kb/sec to ~20-30kb/sec, then stop once the 'thinking' is done. It's not a fluke, it happens every time.

Also printing in Vista via a shared printer on the network (running xp), is extremely slow. I have the same sort of 'thinking' when I change options, click print, format the print job, etc. Every time I change something, it 'thinks' for 3-4 seconds. Printing a paper in fast-draft in black and white can take up to 30 seconds to get it all set up to send to printer because of the constant 'thinking'.

I've got 2gb ram, a fresh vista install, an overclocked athlon64, etc etc, so that should not be the problem.

Answer:Vista/Office problems... come inside.

IT isnt Vista. It is the network. It is connecting with a older network and therefor will take time to "Translate" what it wants done to a language the network can understand.

Gotta understand Vista was written with a new netowrk language which isnt recognized by XP. So those "thinking" pauses are really Vista translating and dumbing down what it wants done for XP to understand.

4 more replies
Relevance 43.05%

I had a problem copying anything(text, files, etc.) and then pasting it. It was like it would retain the info for 1 second and then lose it. So unless I was able to copy/paste within 1 second, it would do nothing.

The reason this is happening seems to be Offline Files and it constantly taking snapshots. I think SP2 enables it automatically. The resolution is to disable offline files by opening windows explorer and go to Tools->Folder Options->Offline Files, and unchecking the "Enable Offline File" box. After that go to Tools->Synchronize, and not only uncheck, but remove everything possible from that list. Once you reboot the problem should be solved. This is what did it for me anyways.
 

Answer:Copy/Paste Problems? (Fix Inside)

Where did you find this "fix"? Is their a Microsoft Knowledgebase article detailing this information?

I ask because I have a few business client who use Offline files and folders and have not had the problem you describe.
 

9 more replies
Relevance 43.05%

my pc is acting real crazy.I have micrsoft antispyware avg07 and pc-cillin 2000 with updates.I just got a trojan that avg picked up and pc-cillin didnt.
i hit the delet button when the message popups that i have a virus is says successfully deleted but i keep gettin the message every 5 minutes.I also got somthing called spysheriff that i never installed acting like software that i downloaded.Microsoft antispyware picked up the trojan when i deleted it microsoft spyware said to reboot when it rebooted it replaced my wallpaper with a bluebackground and in the middle was a black screen with red letters saying that im infected with spyware please remove.I also get alot of popups and i downloaded adware removal spybot and still pc acting pls help thank you!

Logfile of HijackThis v1.99.1
Scan saved at 11:01:11 PM, on 8/9/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\News\NewsUpd.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Creative... Read more

Answer:Major problems pls help hijackthis log inside!

Patience munchkin.....one post is enough. There are only a handfull of folks who can assist and it could be awhile, if no one has responded in a FEW HOURS, then post BACK to the same thread and that will get it back to the top again

Closing this one, reply here:

http://forums.techguy.org/showthread.php?t=389098
 

1 more replies
Relevance 43.05%

ok, 3 days ago my computer was working completely fine. that night i downloaded a zip file for a video. the next morning my comp told me that i needed to install "important updates" [which i think was just the windows sp2] and when the computer restarted i needed to install the latest version of java so i let that install and update.

then after all the updates were installed my computer started acting weird. i couldnt open pages like myspace.com, socialvibe.com, or my online school which is flvs.net, i also can't open pages where there are multiple images. i've tried to uninstall everything that updated so it was back to the way it was, but my browsers are unable to download and they're still unable to open myspace and the other sites. i use opera as my main browser, firefox when opera doesn't work, and chrome as my last resort. but i also have safari and IE installed but im unable to use them

i've tried to do a system restore to 3 days ago but it says the only restore point was 8/24/09 at 10:24 am, so that wont work.

so is there a way to make my computer work normally again? all i really want is to be able to download again and open the webpages b/c i REALLY REALLY need my school page to open any help will be much appriciated
 

Answer:i need help. theres a couple problems. [details inside]

16 more replies
Relevance 43.05%

this is a HJT log of my laptop, could someone plz look at it and let me know what i can do to fix my laptop

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:24:10, on 18/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDO... Read more

Answer:hello all, looking for some help and advice, problems listed inside

You have a number of problems - do ALL of the following
Download the HostsXpert 3.8 - Hosts File Manager.

Unzip HostsXpert - Hosts File Manager to a convenient folder such as C:\HostsXpert - Hosts File Manager
Run HostsXpert - Hosts File Manager from its new home
Click "Make Hosts Writable?" in the upper right corner (If available).
Click Restore Microsoft’s Host File and then click OK.
Click the X to exit the program.
Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

======================

Please Download NoLop to your desktop from

http://www.thespykiller.co.uk/index...be028538366e8b644d0e9fd&action=tpmod;dl=get16

First close any other programs you have running as this will require a reboot
· Double click NoLop.exe to run it
· Now click the button labelled "Search and Destroy"
<<your computer will now be scanned for infected files>>
· When scanning is finished you will be prompted to reboot only if infected, Click OK
· Now click the "REBOOT" Button.
· A Message should popup from NoLop. If not, double click the program again and it will finish Please Post the contents of C:\NoLop.log along with a fresh HijackThis log
·
--If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download http://www.boletrice.com/downloads/mscomctl.ocx to your system32 folder then rerun the program. -
==========================
... Read more

2 more replies
Relevance 43.05%

my pc is acting real crazy.I have micrsoft antispyware avg07 and pc-cillin 2000 with updates.I just got a trojan that avg picked up and pc-cillin didnt.
i hit the delet button when the message popups that i have a virus is says successfully deleted but i keep gettin the message every 5 minutes.I also got somthing called spysheriff that i never installed acting like software that i downloaded.Microsoft antispyware picked up the trojan when i deleted it microsoft spyware said to reboot when it rebooted it replaced my wallpaper with a bluebackground and in the middle was a black screen with red letters saying that im infected with spyware please remove.I also get alot of popups and i downloaded adware removal spybot and still pc acting pls help thank you!

Logfile of HijackThis v1.99.1
Scan saved at 11:01:11 PM, on 8/9/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\News\NewsUpd.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Creative... Read more

Answer:Major problems pls help hijackthis log inside!

13 more replies
Relevance 43.05%

Well I have three big problmes & I was wondering if anyone could helpI have a XP Service Pack 2I registered to this site about 2 months ago to clean my PC & it worked, it got rid of a lot of spyware & trojans. Thing is I'm still having problems with my PC even though I'm certain I am clean of those problems.Ok here goesProblem # 1) Sound issues:For some strange reason, my sound is being disabled almost every day!I'm listening to some music & come back to my a few hours later & find out that sound no longer works on my PC.This is what happens when I try to access the Sound controls for my PC:Well I had this happen to me once or twice before, but this only happend like once in a year.Now my sound is dropping off EVERY DAY (Twice some days)To fix the problem I go here:I select the drivers for that & roll back drivers & than update drivers, after that everything works perfectly fine.Until the next day where it starts all over again!What is happening?Problem #2) Connections issues:My connection is now dropping off almost every day. I have Charter Cable & I called the company to see if they were having any problems & they gave me the the B.S. everything looks to fine from their part.Here is what happens, I'm online & all of a sudden nothing connects!Clicking on the local area connection icon in the taskbar & trying the repair option just tells me this:Here is where the problem seems to be, even though I get no ... Read more

Answer:I Have A Ton Of Problems With My Pc, Everything Seems To Be Going Wrong (pics Inside)

Try uninstalling both the network card as well as the soundcard... wouldn't hurt if you did it on your VGA as well. Sounds pretty simple to be a solution but it does miracles some times. My Computer > Properties > Hardware > Device Manager.

As far as the sound is involved try to uninstall everything that has to do with sound (not everything can be uninstalled). When you are done uninstalling everything reboot your PC and reinstall everything (should be done automatically since the devices' drivers are already installed)

If the time the screen resolution changes is standard (15-20 mins) after your first boot and then after rebooting it happens more often this could mean a hardware problem (most likely the VGA is overheating). Make sure you have proper ventilation and the vga's cooler (as well as any other in your PC) is free of dust.

Hope it solves your problem

7 more replies
Relevance 43.05%

Got a problem with popups on internet explorer, every minute a popup pops up, getting kinda annoying. popup blocker is on full etc, but still it flows over with popups. Malware antibytes doesent find anythingLogfile of HijackThis v1.99.1Scan saved at 23:40:54, on 12.05.2011Platform: Unknown Windows (WinNT 6.01.3505 SP1)MSIE: Internet Explorer v8.00 (8.00.7601.17514)Running processes:C:\Program Files (x86)\AVG\AVG9\avgtray.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\OpenOffice.org 3\program\soffice.exeC:\Program Files (x86)\OpenOffice.org 3\program\soffice.binC:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exeC:\Windows\Mmokia.exeC:\Users\Preben\AppData\Local\Temp\Mlx.exeC:\Users\Preben\Downloads\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\... Read more

Answer:PopUp Problems HijackThis Log inside

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

3 more replies
Relevance 43.05%

This system has been giving me a bunch of problems to the point that I would rather reformat and start fresh if I could. But, I can't because its a company laptop and the company that it belongs to apparently doesn't believe in anti-virus or anti-mal/spyware software.

I'm trying to clean it up as a favor. I've run spybot, ad-aware, and avira anti-vir but I'm still getting problems. I'm currently running the free scanner over at F-Secure to check for possible rootkits. Hijackthis log below.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:01:40 PM, on 1/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\1872... Read more

More replies
Relevance 43.05%

hello...
well.. it looks like my uncles computer is full of everything you could think of.. He has popups, restart homepage.. everything..
I ran cws, S&D, and adaware,. and everything keeps coming back..

heres his hijack this log...
Thanks for your help!
Logfile of HijackThis v1.97.7
Scan saved at 6:58:43 PM, on 8/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\SK9910DM.EXE
C:\WINNT\GWMDMMSG.exe
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\PhoneTools\CapFax.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINNT\System32\nozepk.exe
C:\Program Files\WindUpdates\WinUpdt.exe
C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINNT\System32\runner.exe
C:\WINNT\System32\ezsn.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\loaddadv3[1].exe
C:\Program Files\WindUpdates\WinKA.exe
C:\Program F... Read more

Answer:computer having problems...Hijack Log inside...

Your HJT log shows you've no firewall installed. If you're not computing behind a firewall-embedded network router, enable ICF immediately:

To turn on the WinXP Internet Connection Firewall (ICF):

- On the taskbar at the bottom of your screen, click Start, and then click Control Panel.

- Click the Network and Internet Connections category. (If the Network and Internet Connections is not visible, click Switch to Category View under Control Panel on the left side of the Control Panel window.)

- Click Network Connections.

- Right-click the Dial-up, LAN, or High-Speed Internet connection that you use to connect to the Internet, and then click Properties from the shortcut menu.

- On the Advanced tab, under Internet Connection Firewall, select Protect my computer and network, and then click OK. The Windows XP firewall is now enabled.

***

Run HJT, click Scan, put a checkmark by the following then click Fix Checked.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINNT\secure.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINNT\secure.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINNT\secure.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINNT\secure.html
R0 - HKCU\Software\Microsoft\Intern... Read more

1 more replies
Relevance 43.05%

Hey guys, I've never posted here but I was directed here and hopefully you guys could help me out. Long story short, I got a like 300 emails pertaining to the sobig virii and a couple days later my computer couldn't start up without safe mode (I would get a the blue screen). Somehow I finally got it to start up normally and i got one of the cd drives to work, but my internet still barely works. I am unable to download anything, that means I cannot update my Norton. However, I ran the sobig worm remover from a CD but it crashes during the process. I managed to run Hijack though and here is the log:

Logfile of HijackThis v1.96.4
Scan saved at 8:58:22 PM, on 9/3/2003
Platform: Windows 2000 SP1 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\System32\PackethSvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\devldr32.exe
C:\PROGRA~1\Navnt\alertsvc.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\sobighijack\HijackThis... Read more

Answer:Computer problems, possible worm, HJT log inside.

16 more replies
Relevance 43.05%

I have a very simple network and recently upgraded to a GbE switch so my two primary machines are now connected via GbE. One machine runs Windows XP and one is Vista Premium.

I'm using ATTO to test the transfer speed between these two machines (from XP to Vista) and the speed seems incredibly slow.

Drive Z: in the picture is mapped to the Vista machine via CIFS (eg. \\HTPC\Storage).

The Vista machine has an IDE hard drive (ATA 133), but these speeds still seem rediculous.



As a comparison, here is the same test done locally on the Vista machine: (which still seems really, really bad)


 

Answer:Why is my XP to Vista network file transfer speed so incredibly bad? (picture inside)

This is a known issue with Vista. If you want speed, go with XP. If you want security, go with Vista. SP1 will dramatically increase network speed.
 

1 more replies
Relevance 43.05%

I have a problem with my laptop Satellite L505-144 is when i move or copy any file inside the computer its freezes until end of the transfer or copying .
What is the solution of this problem and thanks?

Answer:Satellite L505-144 freezes in move or copy any file inside the computer

I don't understand this. It freezes but copy or file movement will be done correctly anyway?

8 more replies
Relevance 43.05%

Logfile of HijackThis v1.99.0
Scan saved at 6:09:01 PM, on 1/2/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE
c:\Program Files\Microsoft Money\System\urlmap.exe
C:\Documents and Settings\Owner\Desktop\New Folder\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us4.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Softwar... Read more

More replies