Computer Support Forum

Local Permission Hang - Plz Assist me

Question: Local Permission Hang - Plz Assist me

Am on Win 10 (64 Bits) and whenever I am using IE it suddenly stops responding and then sometime I can close via task manager and everything works and sumtimes whole computer freezes with most icons on taskbar missing - then I have to restart the PC.

Checked out Event Viewer -> Windows Logs -> System, and here what I get:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

AND,

TCP/IP has chosen to restrict the congestion window for several connections due to a network condition. This could be related to a problem in the TCP global or supplemental configuration and will cause degraded throughput.

Please assist me.

Relevance 100%
Preferred Solution: Local Permission Hang - Plz Assist me

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Local Permission Hang - Plz Assist me

Well somebody has to have a solution here :-(

1 more replies
Relevance 84.68%

Am on Win 10 (64 Bits) and whenever I am using IE it suddenly stops responding and then sometime I can close via task manager and everything works and sumtimes whole computer freezes with most icons on taskbar missing - then I have to restart the PC.

Checked out Event Viewer -> Windows Logs -> System, and here what I get:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

AND,

TCP/IP has chosen to restrict the congestion window for several connections due to a network condition. This could be related to a problem in the TCP global or supplemental configuration and will cause degraded throughput.

Please assist me.

More replies
Relevance 64.78%

Computer is a Dell Dimension 4550 with 256MB of RAM with WinXP SP2. It will just freeze-up at times ... even when not connected to the internet. When this happens, the blue bar at the top of the screen that we are on goes pale or dimmed. As soon as we move the cursor to that bar and click ... it releases and we are good to go. There have been occasions when simply maximizing the task manager (after it had already been opened) caused the system to freeze.

We do notice that the page file is very large ... at times exceeding the size of the real memory available on the machine. But for one thing, I would expect that if this was the cause of the problem ... the freezeup would not release so fast and I would hear disk activity while I await the release (for at least a few seconds). This is not the case. Also, I turned off Symmatec completely (it uses lots of RAM) and I killed off some processes from the task manager to bring the page file usage down well below the real memory on the machine ... and this problem still occurred. It is random and sporadic. Happens in web browser as well as local programs when not connected.

Please pass on any ideas or suggestions! Thanks!

Here is the latest HiJackThis log:

Logfile of HijackThis v1.99.0
Scan saved at 8:26:45 PM, on 2/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
... Read more

More replies
Relevance 62.32%

I am receiving the following error in the Event Viewer from the source DistributedCOM (Windows 8.1 64 bit) :
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID class identitification
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID identification
{316CDED5-E4AE-4B15-9113-7055D84DCC97} 
 to the user Lenovo\Ewa with security identification SID
(S-1-5-21-1287633286-651115146-4152900111-1001) from the address LocalHost (using

LRPC) acting in the application container with identity SID
ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e
(S-1-15-2-720185855-2675332291-2976434075-758544043-626028312-300598871-2309835828.
This security permission can be modified using the Component Services administrative tool.
It regards Zinio Reader application.
Please advice how can I fix the problem.
Thanks and best regards, Ewa

Answer:The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

Hi Ewa,
It's just a example instead of your real ID.
The ID of yours {316CDED5-E4AE-4B15-9113-7055D84DCC97} must be in that list. Have you attempt to find it?
I have search it on my lab computer(Windows 8.1)as below:
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]

8 more replies
Relevance 62.32%

Hi ,How are you. I get this error over and over again in the Event Viewer:

 DCOM
1203 - Description              : The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

                                  {D63B10C5-BB46-4990-A94F-E40B9D520160}
                                   and APPID

                                  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
                                   to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19)
from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Could you tell me exactly... Read more

More replies
Relevance 56.58%

is there a way to set up local permissions for users on win2k?

what i want to do is stop one user from being able to access certain folders.

i have tried setting up permissions on a folder in both FAT32 and NTFS partitions setting only the admin account and my account to access these folders, but when i log on as another user these folders are still available.
 

Answer:WIN 2k - local permission

you have to make sure that the user is not part of the admin group, or have admin properties.. here is a step by step guide on setting up users..

http://www.lpt.com/windowsnetworking/regusers/w2kpolic.htm
 

1 more replies
Relevance 56.17%

I have the exact same error. The usual fix with runtime broker doesn't work. I can't work out what DCOMCNFG item this is either. Very frustrating.

Answer:Local Activation Permission

thecaretaker said:

I have the exact same error. The usual fix with runtime broker doesn't work. I can't work out what DCOMCNFG item this is either. Very frustrating.



It's not always RunTime Broker, but can be Immersive Shell, WSearch and others. The name most always shows up when the HKEY_LOCAL_MACHINE AppID "Default" entry is displayed in the right column - in this case {F72671A9-012C-4725-9D2F-2A4D32D65169}.

The key was right-clicked and exported for safety. Then it was deleted, and the error vanished.

Interestingly, when Dcom was opened later it prompted to update a missing entry, which was done. Thereafter the AppID reappeared in the registry and its default was listed as CDP Remote Text Handler. No further edits/additions were made to that entry in Dcom.

41 more replies
Relevance 55.35%

I have created local account named "Indranil" now I want that a service will run under this Indranil account. for that what permission should I give to Indranil?

Answer:Setting permission of a local account

Services will run on any type of user account, so it's up to you to decide what type of account it should be.

2 more replies
Relevance 54.94%

hi all !
i have big mindf*** going on here..
i have 3 computers,

A - win7 ultimate x64 (PC) (LAN connected)
B - win7 professional x64 (laptop) (WLAN connected)
C - win7 ultimate x32 (laptop) (WLAN connected)

Theyre all connected on the same HUAWEI B260a wireless gateway, and theyre all under the same workgroup and connected within a homegroup
Standard shared public libraries (music, picture..) are visible and accessible for all of them with each other.

PROBLEM is @ network location
1) when i access from computer A to comp's B hard drive partition its all ok but it cannot access shared partition on computer C (but its visible)
2) computer B cannot access either one of their partitions
3) computer C can access everything and all

All of the HDs partitions are shared

* WHEN I SHARE FILES OR FOLDERS WITHIN ANY PARTITION ON ANY COMP, THAT FILE IS VISIBLE AND ACCESSIBLE FOR EACH ONE OF THEM..


BIG QUESTION

how can i share my PARTITIONS and make them accessible for each computer without having permission troubles?

ive even assigned static ip adresses for each computer (though they comunicate with each other ok so it wasnt necessary to do that)

ofc, partitions are shared, FWs are disabled, all of the necessary services are enabled, there are no AVs blocking traffic
- but because of line under * stated above, nothing of this is actually important

Please help and ease my mind.

Ty in advance..

Answer:local homegroup failing to access - no permission

I have only used "workGroup" (Give it a name) for all pc's on the network in advance sharing set permissions for each partition. Make sure 'everyone" is in the group list, in security in the group or users that 'everyone" is in the list as well. If necessary switch off homegroup (through control panel to do this) also check that you search for the pc's through its name. check firewall setting for access for file and printer sharing also network discovery is enabled in the firewall

4 more replies
Relevance 54.12%

hello,
can any one provide me solution for my problem .
I hav created a domin by our company name. Also i hav created some users in that domain , when thses users login as domain user they ar not able to get acess to all application which ar used prevoiusly when the system was in workgroup . our users use many applications these applications ar not seen in start menu . what could be the problem or any mistake done by me.
i 'll explain u how i hav created the users
start menu , administrative tools , domin users and computers and then new user . here i hav given the required information .After this process i hav to anything more for creation of user , if any please provide me few steps not the links .
i hav to assiign local administrative permissions so that the users can acess all the applications which they were using previously . In workgroup they were able to access all the applications but when they login as domin user they ar not able to access,What could be the reason
we use server as 2000 advanced server and client machines ar 2000 professional and XP professional

ravi
 

Answer:how to assign a local administrator permission to a doamin user

Sounds like a permissions issue, do they have the correct permissions for the files and programs they are using?
 

1 more replies
Relevance 54.12%

I have just set up a computer with Windows 7, and I'm apparently missing something simple, but I just can't find it.

I installed Windows 7 on the machine and everything works great. I then joined the computer to a 2003 Server domain. Everything still appeared to work fine. However, when I log into the domain on the Windows 7 computer, I don't have the correct permissions on the local machine.

I can access the domain. The login works fine. There are no errors. However, when I try and access anything on the local drive, like explorer.exe, it tells me that I don't have the permissions to access it. I can run some programs, in some directories (like Program Files), but if I try and run anything in the Windows directory, I don't have permission. I can access things on the domain, and I can even use Firefox to view the contents of domain machines, mapped network drives, and even the local C drive. I just cannot run anything that's in the local Windows directory.

I can access the local drive using either the domain administrator account, or the local machine administrator account. However, using either of those accounts, I'm not allowed to change permissions on that folder! I can see that the folder is set as read only, but when I attempt to remove the read-only flag (using either account), it tells me that I don't have permission to do that.

I've also tried to give the domain user administrator permission on the local machine, but that has no effect either. That part really con... Read more

Answer:Windows 7, 2003 Server Domain, Local Permission

This thread at TechNet seems to relate to your problem. It mentioned something about you need to set the password the same as the Administrator's password of the Windows 2000 system. And also you need to change the NTLM authentication level in Windows 7. Even though you are on server 03 this may still apply.

Read it here> Can't connect Windows 7 Pro to Windows 2000 server Domain.

9 more replies
Relevance 54.12%

My error log is absolutely swamped with messages re "Cannot start DCOM". Several logged ever second, it seems. The error log is unreadable because of this.

--------------------------------------------------------------------------
Event 10016
The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
---------------------------------------------------------------------------

I am very IT literate but I am having no joy with this and I actually need to read the error log to troubleshoot another problem.

Please is anyone able to talk me through how to get this resolved?

Answer:Error 10016 DCOM Local Activation Permission

rediculous amount of errors

4 more replies
Relevance 52.48%

My Windows 10 computers are joined to an Azure Active Directory without my permission. I did not actively join an Azure AD on the settings/accounts/access work or school account page or on the System about page. When I go to any of these settings pages there is not option to join or leave an Azure AD. I also found a provisioning package being applied to the computer at logon. Presumably coming from the Azure AD that the computer is linked to. How do I disconnect my computers from whatever active directory they are joined to?
Details: The computers are personal home use computers that should not be joined to any organization's active directory. Every time a new computer is setup in my house it gets joined to an unknown Azure Active Directory. During setup and subsequent updates the computers are automatically joined to some active directory without input from the local user. The computers are new and have not had any additional apps added. All security settings have been changed to not allow sharing of any type. Default user accounts have been disabled. The computers have not been used for anything aside from surfing the web for a solution. They are out of the box with setup and updates completed.
Event Log viewer shows remote power shell commands being executed event #4104. Device management-enterprise-diagnostics- reports System migration tasks completed event #1700. Windows Remote Management reports Activity Transfer Event #254. These events seem to be rel... Read more

More replies
Relevance 50.43%

please assist with power on password for hp550 it requires a power on password when powered oncan you please help me get past the blue screen and log into the machine!you assistance will be highly appreciated

More replies
Relevance 44.28%

hi all

i m managing file server on windows 2003 server. in a directory i want to give all permission except file or folder delete permission to domain user.

please make reply as soon as possible.
 

More replies
Relevance 43.46%

I recently updated my system with the latest Lenovo Updates including a BIOS update. Then my computer booted but all I got was a wallpaper my Windows Vista black bar and 3-4 icons loaded on the left tray. The hard drive then stops loading and the laptop freezes. It's not a hardware issue with my laptop because when I don't do the updates and or install certain programs, my laptop does not freeze on boot-up. I recovered my computer to original the factory settings and it booted up perfectly. I installed Norton Ghost  yesterday and the same problem happened again. I think it might possibly a Lenovo software issue or a BIOS issue. Is there anyway to revert back to my old BIOS?This is what happens when I do the Lenovo updates or install programs like Norton Ghost: Computer boots up, loads wallpaper and Windows Vista Black Bar, about 3-4 icons load up on the tray on the left hand corner then the hard drive stops loading and everything freezes.The computer works perfectly fine when I don't install those updates or install Norton Ghost. It works as if it has no problems.What do you think the problem is, BIOS Update or I need a fresh install?Message Edited by BHerer on 05-29-2008 05:53 PM

Answer:Boot up Freeze/Hang (PROBLEM!): Lenovo Updates Hang T61

Bherer,
 
Thanks for posting.  Will look at this, but I want to be careful not to set a false expectation here in the forum.   This is a peer to peer support forum, with some Lenovo involvement.  Obviously, this issue is important, and is a high priority for you, as are other's issues to them.
 
I try to priortize our efforts based on severity of impact and the number of forum members involved in an issue.   Calling me, or other Lenovo staff out in the message heading creates a difficult situation, because you are requesting a priority we may not be able to provide at the moment, and I don't want people to feel ignored. 
 
I would suggest that members post, and try to allow a couple business days for a response by other members, the mod team, or Lenovo.  If you haven't gotten some help, then it's ok to send me a PM with a link to your thread in case  I missed it.
 
Mark 

9 more replies
Relevance 43.05%

Have looked at the other postings about Windows 7 and "You need permission" - this one seems new. I have a laptop and a desktop both running Windows 7, both part of HOMEGROUP.

The desktop has two hard drives (C and D), both shared with full access to EVERYONE.
I can see both but can only update the D drive on the desktop from the laptop. When I try any update (new folder, copy a new file in, etc.) to the C drive, I get the "You need permission" error.

Have tried turning off sharing then turning back on for the C drive and have compared the sharing between C and D - they appear identical. Snipit of C drive permission attached. Any thoughts or ideas on what else to try would be appreciated.

Answer:You need permission - happening on networked drive that has permission

Rather than sharing form the root of the C: drive you should be sharing from the C:>Users folder instead. This is the default setting for Windows and there are many good reasons for this.

For networked drives that were created under a different User name you would also need to allow for sharing using the "Security" tab of the C: drive. The link below shows you how.

You can also set this drive share up at the C:>Users location if desired.

HDD sharing

4 more replies
Relevance 43.05%

The action is removing meta data from an app I created using iexpress/justbasic

I am the admin on this win7 machine. I have taken ownership of the file. Security/advanced permissions/audit set.

ran Icacls from an admin cmd prompt.

nothing lets me have control of the file...
 

More replies
Relevance 43.05%

I have a G580 i5 2.40Ghz. win7. 32 bit. I just bougth my laptop 3 month ago. When lag or short hang  happens to me, the mouse cursor becomes completely uncontrolable and circulate around its self. The important part is, nothing major may be running, nor did I do anything major on the machine. It could be as simple as opening a new webpage ... or launching a normal program. that I launch every day. Nothing out of the ordinary.I formatted this machine, thinking it could something wrong with the O/S ... thinking update driver would help, I also updated Intel HD and nVidia driver.... and it did not make a difference. I have owned various Lenovo machines since and I've NEVER had this problem before with any other machine! ...................I see whole of topic that are same as my problem I do what they do but my problem doesn't solve. specialy my problem is very simillar with topic "T410: lag spikes/short hangs/unresponsive system" that solve his problem . I did same az he but it didn't make a diffrence.sorry if my English isn't good.regards,

Answer:G580 many lag and shot hang and some time continuos hang

hi asadi-siyavash,
 
Most freezing issues are commonly caused by faulty drivers or bad HDD. Since you've already reformatted the PC, try to:
 
1. Perform a clean boot - this makes sure there's no application on the background that's causing the lag spikes.
1. Scan the HDD for defects using the Lenovo HDD Diagnostics. As an alternative, you can use HD Tune to check for bad sectors on the HDD.
 
Let me know your findings.
 
Cheers.

1 more replies
Relevance 43.05%

Purchased and Lenovo G560 in July and so far this has happened 3 times:The system become unresponsive, the hdd activity light goes out or stays solid, Windows programs crash and no other programs will start. Eventually it will BSOD, the exact message I do not remember but something like a 'system process or thread failed to run'. The crash dump fails to write to disk and it reboots and hangs at POST. Hard powering down and powering back up lets it boot fine.At first I thought it was a bad intel rapid storage driver, but I am now using the latest one from the intel website and it occurred today. It also is using the latest drivers for other devices from the Lenovo website or intel website.This has happened with 2 differnt harddrives, both function perfectly fine in other machines. I've run memtest and swapped out the RAM with other sticks. I am using the latest BIOS for this machine and it is a relatively clean install of Windows.Is this likely a hardware issue? The hanging at post seems to suggest this but it happens so infrequently and I can't reproduce it at will. Should I return this ASAP?

Answer:Lenovo G560 hang, BSOD, and hang at POST

Maybe try removing the Intel driver,and let Windows install a driver.Then see if it happens again.And you should call Lenovo support I think.

1 more replies
Relevance 43.05%

verifying dmi data then boot on cd hang at time hang a pc, i cant windows xp new installation what a solution this problems

Answer:verifying dmi data then boot on cd hang at time hang a pc

examine the disk for scratches. if there are a lot maybe try a different disk to boot. like a ubuntu live cd or something.

1 more replies
Relevance 43.05%

my laptop somtime became hang plzz help mesystem descriptionToshiba satellite A200os=windows7 32bitram=1gbprocessor= intel(r) Pentium(r) Dual cpu t2370 @1.73ghz

Answer:my computer became hang plzz help som1 to prevent from hang

You need to provide more information on the specific problem (EXACTLY what happens, when does it happen, what led up to it, etc).

5 more replies
Relevance 42.23%

I'm running Win 7, 64-bit. I have two problems..
 
1st problem is that my computer hangs at bios. It'll beep and hang, beep and hang, 3 times until it eventually starts to load. This began happening after I installed my Gigabyte 760 graphics card.
 
2nd problem, and the bigger problem, is after I type in my password and hit enter, it'll stick at saying "welcome" and show the loading circle but it'll just hang. In the past, it's been always doing this. However, I could just restart my computer and repeat the process of typing in my password but it'll load to the desktop on the second attempt!
 
I'm currently running now in safe-mode with networking
 
Give me some instructions and I'll promptly get it done!
 
Thanks in advance for your time!

Answer:Bios Hang & Login Screen hang

3 beeps is normally indicative of RAM failure. In the first instance, re-seat your RAM sticks on the motherboard to see if that helps.
 
2nd problem could be caused by the first. It may be that 1 of your RAM sticks has gone bad.
 
TsVk!

9 more replies
Relevance 41.41%

A wire came loose in my laptop charger so I asked for a replacement, but the supplier was adamant that there was something wrong with the port in my laptop, not the charger (he was wrong), so they took it away to fix. Anyway, a member of their staff took my hard drive out to copy a couple of my files to a disk for me as I needed them asap and couldn't get my laptop charging. Apparently that's all they did.

Today I got my laptop back and things are not right. I am the administrator and there are no other user accounts on my computer. I am recognised as the administrator when I go on Control Panel\All Control Panel Items\User Accounts. But now all of a sudden I can't access Music, Pictures, Videos or Documents from the start menu. It just does nothing and says nothing when I click on them. I went on 'Computer' and tried to access them from the 'Libraries' menu at the left side. It didn't let me and didn't come up with any error message. It also didn't let me see the properties of them or do any of the other right-click options. It was saying at the bottom that they were completely empty, so I just deleted them and thought I'd make new ones with the 'Create Library' option. But when I go on this it says "Unable to create the file 'New Library.library-ms' Access is denied". I tried to restore the four Libraries from my recycle bin. It came up with a message saying "You'll need to provi... Read more

Answer:Windows 7 asking me for permission or saying I do not have permission to make changes

7 more replies
Relevance 41.41%

I have 2 programs on two seperate computers where UAC comes up and asks me if I wish to run the programs. These programs do not require administrator rights (Truecrypt and iSpy) and the check beside "Run program as administrator" is not checked in either the shortcut or the actual executable file. Can someone shed some light on this?

Answer:UAC requesting permission to run programs that don't need permission.

Hi -
2 quick questions -
Have the programs been updated in any way, and do you see the UAC Shield beside / on the desktop icons ??

Thanks -

3 more replies
Relevance 40.59%

The problem is most noticeable in Games and Internet Explorer 5.5.. when filling in forms my mouse & system will hang as I click or tab to each form field. Upon submit Explorer will hang a few moments then take me to the completed stage of the forms. In games my mouse will hang causing the system to hang and eventually just not respond at all. I have an optical mouse and a Microsoft Natural 101 keyboard. The mouse is on a ps2 port IRQ 12 with no sharring. However, my ASUS board does allow IRQ sharing the most notible share is my network card (DSL) and my Video Card. However, I had removed the network card from the system with no success in stopping the problem..

Please help!!! Thanks

Jvan
 

Answer:Mouse Hang / Key Board Tab Hang

jvan
Welcome to TSG!
This is a long shot but have you tried slowing your hardware acceleration down a bit. Go to start/settings/system click the performace tab then graphics
and try lowering you acceleration down to minimum click ok then ok again. If that solves your problem then go back and start increasing your acceleration a little at a time to find what is acceptable.
Dave
 

1 more replies
Relevance 40.59%

Running a AMD Athlon 800Mhz PCU, 512 Mb RAM, Nvidia Ti4200 Graphics Card on a Soltek mobo.Keep getting hang ups (again!). As I have had the machine OS - Windows 98 re-installed a number of times to "correct" the problem it still re-appears. Drivers for graphics card are up to date BUT could it be that the problem is with my mobo? It is now 4 to 5 years old and no longer manufactured. Would appreciate advice/ideas on this as the problem does not occur at any set time. Can run for 5 mins or up to an hour before I get a hang up. Then have to re-boot and start again. Tried uninstalling various programs to check for conflicts but they seem OK. Did think at one time it was my ISP (AOL) causing the problem.

Answer:Hang Ups giving me Hang Overs!

Try running with the case off and see if this improves matters (Keep little fingers out!). It may be that the Athlon is overheating. Your cure would be thermal gel, bigger better cooling, and case extraction fan if you haven't got one already.

7 more replies
Relevance 40.59%

all i want to do is creat a photo dvd with effects and music,,however using roxio media creator 8 is a,oh so slow on my pc (dont know y) and once its set to final encoding to disc it gets to 10% of overall progress then stalls and up pops error : test 1 module hps encounter a problem and shuts it down .it also came up once with not enough system resource or somet like that,,any ideas or is there a simple download i can use to create my photo dvd

Answer:hang up after hang up with roxio media 8

I have no idea what the problem is but I have never been able to get on with Media Creator either!You could try Picasa click here. I haven't use dit myself but I have seen it recommended on these pages mnay times.

2 more replies
Relevance 40.59%

hello there,

I have got a strange problem since i run seven 64 bit Rc ( didn't tried older version nor Rtm ). I think a got the same Pb with Vista 64 bits, but a it was more random.

When i start my computer from scratch, it boots and when i got the 4 colors of the windows logo that go together, it hangs.
then i reboot the comp , i got the message to run the troobleshooter or start windows manually.
I choose the second option, it boots normaly.

I dont have this problem if i put on standby , it wake up OK.
-------
If i boot With F8 , in safe mode , the computer hang on the ClassPNP.sys.
-------
So googled a bit, it seems to be a trouble caused by windows having pb with handling APIC or AHCI.

I dont know what to change .... moreover i dont use the integrated SATA. i use a 3 ware raid card ( see my profil ) . So ACHI is not pb ?


Some one has already got this bug ?

ps : sorry for grammar.

Answer:Cold Boot Hang 7 hang up

This is a problem with system drivers. Are yours up to date? how about your hard drive?

5 more replies
Relevance 40.59%

Hi all

A mate presented me with his Vista laptop, running home premium. It was stuck in the installing stage 3 of 3 loop.

Under no circumstances was I to kill vista and start again. He had lost the copies of some of the programs.

I used the recovery console to rename the pending.xml file.

The machine rebooted correctly.

I decided to run the windows update and it hung.

I forced a reboot and ran sfc, it reported that there are 3 errors that it can not resolve- this seems to be common!!!

I installed malware bytes and told it to run, after 10 mins it hung again...

I told avast to scan at start up, went to bed and woke up in the morning to find the laptop hanging on the frozen login page- I am assuming that avast found nothing as it is set to prompt for action by default.

I decided to try disk clean up and discovered that Vista falsely claims that the event logs are 99.1 gb!!!

I told it to delete virtually everything but again it hangs.

Whilst in hang mode ctrl-alt-del does nothing, otherwise it throws up an error message about "failure security option".

The only restore point is one that I created, so no help there.

Winver suggests that it is pre sp1, so i tried to install sp1 from the desktop but it hung.

Forced yet another reboot- into safe mode, gets as far as crcdisk.sys and hangs. I am guessing that safemode is unable to initiate disk check. Another forced reboot into normal mode starts the disk check (no bad sectors). I do a proper shu... Read more

Answer:Vista hang- and hang and hang

Ok so it stopped at id 7942 and the old vista now boots once more.

I guess that I should be grateful that the check disk on one o/s fixes the other o/s.

Am trying to install sp1 again (again).

10 more replies
Relevance 38.54%

How to Block Internet on local Windows XP PC but Not "Skype" and other Locally hosted WebPages { I means 192.168.0.2, 127.0.0.1 and etc } ?

Here is my Network :

Internet Lease Line---> CentOS Server(with 2 lan cards)---> Local Lan----> Windows XP ( Gateway defined as server IP)

Answer:Block Internet but Not Skype and Local WebPages Hosted on Local Lan Server

I have 2 users, admin and agent(limited access)

9 more replies
Relevance 37.72%

Hi,
im listening to a local playlist (files locally on my drive) and want to add another file to that playlist.

When i drag the file from WinExplorer to the playlist content or the playlist name or playlist header, its not allowing.

Using the + sign showing in the header of the playlist, it only shows me all the playlists i have, but not allowing for pointing to a local file on my HD.
? How do i add a local file to a local playlist in Groove Music ??

Regards,
Frank

Answer:Groove Music : How to add a local file to a local playlist ?

ok gotit,
first open the file in groove music, then add it to a playlist there

1 more replies
Relevance 37.31%

Does anyone know why local IP addresses listed in my packet log would be different than my local IP address given me by my ISP?

In my log I noticed that suddenly I have 5 different local IP addresses apart from my IP.

I am Local Address and I am Local Host but also listed are different IP's as Local Address and Local Host.

The ones showing up as local address and local host with me are

bas12-ottawa23-1177954396.dsl.bell.ca
c-24-19-73-23.hsd1.wa.comcast.net
201-68-114-89.dsl.telesp.net.br
68-184-63-6.dhcp.mtgm.al.charter.com
71-13-35-156.dhcp.dlth.mn.charter.com
CPE00146cefbe35-CM001225401f80.cpe.net.cable.rogers.com

All of these on the list sent 1 or more UDP packets to my ISP.

All of my packets under my IP address are TCP.

So how can they and I both be Local Address and Local Host and using different IP addresses?
 

More replies
Relevance 36.49%

Hello, I have recently (within the last week or so) started experiencing several problems with Windows 7 professional (64bit build 7601), (dual boot with Ubuntu) on my Dell XPS L502X (Intel i5 2430M). This post - Unprompted registry update, system restore and clock change refers to the first problems I noticed.
After that settled down, Windows worked well for all of half a day, then upon restarting got stuck at the welcome screen. I had no option but to reset with the power button. I started it in safe mode and all was fine, checked my drivers are up to date, then I ran check disk which found a few errors and fixed them. After a fresh restart, all looked promising - Windows loaded quickly etc, but when I tried to open anything (start menu, Firefox, Avast!... all tried on seperate restarts) the computer gets stuck - the little 'working' circle turns but nothing else happens. I have left it for an hour like this with no progress. Ctrl-alt-del also doesn't work.
Sometimes, instead of loading up Windows after I enter my password I just get a black screen with cursor and nothing else, which remains indefinitely. Once, I was logged in successfully any everything seemed fine, then the black screen appeared and nothing else happened.
Back in safe mode, I did scans with Avast Internet Security, MSE, Malwarebytes, all returned clean, back to normal mode, same problem. SO returned to safe mode, tried a system restore, which didn't work. Same problems. Tried another restore to... Read more

Answer:Welcome screen hang, log on hang, black screen crash, and more!

If it isnt hardware running verifier will find the mis-behaving driver.


Driver Verifer






Quote:
Using Driver Verifier is an iffy proposition.
Most times it'll crash and it'll tell you what the driver is.
But sometimes it'll crash and won't tell you the driver.
Other times it'll crash before you can log in to Windows.
If you can't get to Safe Mode, then you'll have to resort to offline editing of the registry to disable Driver Verifier.

I'd suggest that you first backup your stuff and then make sure you've got access to another computer so you can contact us if problems arise.
Then make a System Restore point (so you can restore the system using the Vista/Win7 Startup Repair feature).

In Windows 7 you can make a Startup Repair disk by going to Start....All Programs...Maintenance...Create a System Repair Disc - with Windows Vista you'll have to use your installation disk or the "Repair your computer" option at the top of the Safe Mode menu .

Then, here's the procedure:
- Go to Start and type in "verifier" (without the quotes) and press Enter
- Select "Create custom settings (for code developers)" and click "Next"
- Select "Select individual settings from a full list" and click "Next"
- Select everything EXCEPT FOR "Low Resource Simulation" and click "Next"
NOTE: You can use Low Resource Simulation if you'd like.
From my limited experimentation it makes the BSOD's c... Read more

2 more replies
Relevance 36.49%

Hi,

I have Vista home premium and HP Pavilion dv5 laptop. My system hangs frequently (21 times in last 30 days). The mouse movements respond, but the applications do NOT. Even Ctrl-Alt-Del does not respond. I force a hardware restart to recover from this situation. When I go to "Problem reports and solution", I see two problems with the time stamp same as when the system stopped responding. They are:

1.QPCapSvc service hang
2. QPSched service hang

I read on Internet and found the same problem reported by another guy on HP Pavilion laptop. If I understand correctly, services starting with QP are relate to QuickPlayer application. They are Quick Player background capture service and Quick Player scheduler. I do not do anything related to Quick Player when the system hangs. Has anyone else seen similar problems. Is there some solution/workaround to fix this, other than stopping these services on system for ever?

Thanks,
Prabhat

More replies
Relevance 36.08%
Question: Please Assist

HELLO I CANNOT CONNECT TO MY WIFI ROUTER ON MY HP PAVILLION . ALL THAT I CAN SEE IN THE NETWORK AND SHARING CENTER IS A RED X. I HAVE BEEN HAVING THIS ISSUE FOR MONTHS NOW . PLEEEEAASEEE HEEELLPPPPP thanks.
 

Answer:Please Assist

12 more replies
Relevance 36.08%

im only new here, so please take it easy
and im not so familiar using the Hijackthis
can somebody please check this log file and tell me what to fix and delete?

Logfile of HijackThis v1.99.1
Scan saved at 1:27:46 PM, on 4/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\inKline Global\PC Booster\pcbooster.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
E:\Program Files\Ad-Aware SE Professional\Ad-Watch.exe
E:\Program Files\Evidence Eliminator\ee.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Windows\temp\windowsautomaticupdates.exe
C:\Windows\temp\FahCore_7a.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\windows\system32\svchost.exe
E:\Program Files\Opera\Opera.exe
C:\Program Files\Diskeeper Corporation\DkSe... Read more

Answer:please can anyone assist me

Welcome to TSF.

Please print the below instructions or copy them to Notepad.

Download CleanUp! http://cleanup.stevengould.org/ (Alternate Link if main link don't work - http://www.greyknight17.com/spy/CleanUp.exe ) and install it. Don't run it yet.

Restart your computer and boot into Safe Mode (if you don't know how, go to http://www.bleepingcomputer.com/foru...howtutorial=61 ). Make sure to close any internet browsers that may still be open.

Run a scan in HijackThis. Check each of the following if they still exist and hit 'Fix Checked' after you checked the last one:

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O20 - AppInit_DLLs: pushow36.dll
O20 - Winlogon Notify: Group Policy - C:\windows\
O23 - Service: Windows Automatic Updates - Stanford University - C:\Windows\temp\windowsautomaticupdates.exe

Locate the following Files/Folders and delete them if they exist (if no location given, just do a search for them):

c:\secure32.html
pushow36.dll

CleanUp! deletes EVERYTHING out of your temp/temporary folders. It does not make backups. If you have any documents or programs that are saved in any Temporary Folders, make a backup of these before running CleanUp!. Run CleanUp! and click on the Clean... Read more

3 more replies
Relevance 36.08%

 i accidentally unpluged my MP3 player without hitting the safely romove hardware function in the middle of logging on now my computer refuses to recognise the drive at all the light turns on on the player but it does not recognise it the message i found in my error viewer is "the service CiSvc vetoed a target device change request" RE: PlugPlay Manager. This is sending me crazy any ideas anyone???Ben

Answer:Please Assist Im Going Mad!!!!!!

ohhh and Microsoft will not help me unless i pay $80.Nice bunch huh!

3 more replies
Relevance 36.08%

Hello.
I was gone over the weekend and I left my computer un attended to my younger sibling. Now that I am back my computer is running really choppy, unwanted popups (I have popup blocker on google toolbar, and with popup stopper pro). I have ran SpyBot & Ad-Aware Pro, but they do not seem to get rid of this stuff.

I also have an unwanted toolbar and startpage for internet explorer that I cannot get rid of.

I posted my HiJackThis log file on here hoping maybe someone could be of some assistance in my situtation.

I appreciate your time, effort, and any suggestions you guys may/may not have for me.

Thank you again.

Sincerely,
Andross


Logfile of HijackThis v1.99.1
Scan saved at 1:09:34 AM, on 8/16/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\APIVL.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\APIEB32.EXE
C:\WINDOWS\SYSTEM\SYSBS.EXE
C:\WINDOWS\SYSTEM\MFCLQ32.EXE
C:\WINDOWS\SYSTEM\NTZO32.EXE
C:\WINDOWS\APPUV32.EXE
C:\WINDOWS\SYSTEM\MFCQN32.EXE
C:\WINDOWS\SYSTEM\SYSCQ.EXE
C:\WINDOWS\CRMD.EXE
C:\WINDOWS\SYSTEM\NTNF32.EXE
C:\WINDOWS\SYSTEM\ATLVR32.EXE
C:\WINDOWS\SYSTEM\APPHE.EXE
C:\WINDOWS\SYSTEM\JAVALE32.EXE
C:\WINDOWS\APIJE32.EX... Read more

Answer:Could Someone assist me?

Can anyone assist me?

5 more replies
Relevance 36.08%
Question: Please Assist

Hi,I am having problems with a popup title "Aurora". I ran Lavasoft Ad-Aware, Spybot and CWShredder but I still have the pop-ups. Here is the log from HijackThis. Please advise. Thanks!Logfile of HijackThis v1.99.1Scan saved at 8:19:54 PM, on 5/20/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\crypserv.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\wfxsnt40.exeC:\Program Files\AutoUpdate\AutoUpdate.exeC:\WINDOWS\system32\icastkit.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\MSN Messenger\MsnMsgr.ExeC:\WINDOWS\system32\qdvbkend.exec:\windows\system32\ekshuh.exeC:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exeC:\Program Files\Outlook Express\msimn.exeC:\Program... Read more

Answer:Please Assist

Hello Toonweb and welcome to the BC forums. After reviewing your log I see a few items that require our attention. Please print these directions and then proceed with the following steps in order.Step #1Download and install ewido security suite. Update the program and then close it. Do not run it yet.Step #2Download nailfix.zip and unzip it to its own folder.Step #3Start in Safe Mode Using the F8 method:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.Use the arrow keys to select the Safe Mode menu item.Press the Enter key.Step #4Navigate to the folder you unzipped nailfix.zip into and double-click on nailfix.cmd. Your desktop and icons will disappear and reappear, and a window should open and close very quickly --- this is normal.Step #5Start ewido and click on the Scanner button. On the Scanner page click on My Computer and then click the Start button to begin the scan. Let it run to completion and fix anything that it finds.Step #6Start HijackThis and click the Scan button to perform a scan. Look for the following items and click in the checkbox in front of each item to select it:R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search... Read more

3 more replies
Relevance 36.08%

Hello everyone, I'm new here and in need of the skills of a wizard, I'm trying to share my internet connection but the laptop wont recognise my device, I'm just a beginner and I'm teaching myself, I've searched the net high and low, but nothing seems to so I'm now trying to reset most of it but reckon I've messed somthing up, can any one see anything wrong so far; I Have vista home basic 32 bit, usb mobile broadband, games console via crossover ethernet.

Answer:Hi, everyone! Could you please assist me?

sorted!!!

2 more replies
Relevance 36.08%
Question: Need Assist

Child given game called "Treasure Quest" that won't run on my computer. Error message "Run-time error 53, file not found". No available updates for drivers online.
 

Answer:Need Assist

12 more replies
Relevance 36.08%

i have been having problems with my comp for a couple of months now, and have downloaded numerous spware/adware/anti-virus programs all to no effect.
So i downloaded hijackthis 2day and this is the log:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\System32\sdpasvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Ben\My Documents\hijackthis.exe

O19 - User stylesheet: C:\WINDOWS\windows.dat
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe (file missing)
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: InCD Helper (InCDsrv) - Unknown owner - C:\Program Files\Ahead\InCD\InCDsrv.exe (file missing)
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SDPAUMS server serv... Read more

Answer:can someone assist...

Please repost the log. Your missing half the entrys. No header...No Startup items...ect. This looks like an incomplete log. Also explain your issue in detail. Make sure you read the sticky about "What to do before posting your log"

9 more replies
Relevance 36.08%

Greetings, if you recall I had a previous post about my 7.1 catalyst drivers.
This is just a follow-up.
The problem, I have found, is that most new games/programs which I have set at high resolutions, and automatically adjust their refresh rate accordingly, have a black screen upon booting them up, and that continues until I forcefully go back to the desktop.
The maximum amount refresh rate I can go to is 60 Hz.
My monitor is not the problem, as this was not happening beforehand.
I do not know if it is truly a refresh rate problem, or something else in the programming, but I do need assistance.
I am very confident that the problem is software, not hardware, for I was using 6.2 drivers a while back, and they functioned perfectly at 75 Hz, and had no real problems.
Please help. I don't know what to do, other than roll back my drivers to Catalyst 6.2, but my rig seems to function faster under 7.1, and I want to see if I can keep it at that level.
My card is a X850XT 256MB AGP.
 

Answer:Can't go above 60 Hz - please assist.

hi i have a x800 pro powercolor and was thinking of flashing the bios in the graphics card to unlock 4 of my pipes and improve the preformance of my system as i get the same thing sometimes i also found that the org Catalyst is the best. I have been to powercolor and downloaded the new catalyst and found to have no problems with there catalyst but If you download a Catalyst like from ATI it is not allways the best due to the fact that many different types of manufacturers might use the ATI chip but they do not build the cards hardware the same way dew to copywrite resions and also try to get a edge over there comptition by building a little different, this is why i find the catalyst from the company that built that card has built the software and drivers for that card better then the ATI sight can give out as they are making that software for so many different companys.

If you want to look at trying to flash your cards bios read this link i found it very interesting but have to find a bios that is for x800 pro not xt http://forums.majorgeeks.com/showthread.php?t=108470

hope this helps
 

2 more replies
Relevance 36.08%
Question: Net assist

Hi, Guys,

I am a victim of Ammyy, got a call from Indian guys, and fell into their trap, dowloaded their antivirus software, but later I am found that I had scammed, they managed to control my computer and done something else on my 2 other computer on the same networking, please help how to disconnect all things they done, i checked my netstat -a on the net, it stated like: TCP 5.156.5.201:552212 OWNER-PC:netbios-ssn ESTABLISHED, TCP 5.156.5.201:522219 OWNER-PC:netbios-ssn ESTABLISHED, i don't know why every time i switched my my Pc, the OWNER-PC is on too, i found on OWNER-PC in my household, then my the other Laptop is HP-PC, and it stated like TCP 192.168.1.103:52221 tu086052:4466 ESTABLISHED, TCP 192.168.1.103:52223 HP-PC:netbios-ssn ESTABLISHED,TCP 192.168.1.103:52224 HP-PC:netbios-ssn ESTABLISHED, .....52226, 52227 TIME_WAIT, 52230 125.39.206.220:http SYN_SENT, 52231 113.142.24.35:http SYN_SENT, what is all these means, and what can i do now, please help urgently, this has been like for 2 weeks now.
 

Answer:Net assist

please have a read here
http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html
and post all the logs

do you do any banking online - i would contact your banks and also change passwords to all accounts , emails etc
 

1 more replies
Relevance 36.08%
Question: Please Assist.

Im having issues downloading an email that was sent to me. I mistakenly tried downloading it using wordpad which caused the wording to be a bunch of symbols. I'm now trying to remove it from wordpad but have been having issues for hours...pls help bc i need to have it done for a job. Thanks
 

Answer:Please Assist.

Sorry but you are not making any sense, If you received an email message, why can't you read it from the client or the online portal? Please explain what you are doing.
 

2 more replies
Relevance 36.08%

I let my room mate use my computer while i was away and he got something on my computer that messed stuff up. (yes i know bad idea letting someone else use your computer, I thought it would be ok.) Anyway i had a bunch of viruses and stuff and after running spybot, ad-aware, and avast it seemed i got it all. But something is still in the system and i can't seem to get rid of it.

Backround updaters and linking from other sites wont load, although if i go there manually they will. My computer also seems to be thinking/processing something even when nothings running. I believe it also bring more viruses because later I found more but spybot and avast took care of those. I need help finding the source though and eliminating it. Any help would be greatly appreciated.

running XP pro service pack 3


Logfile of random's system information tool 1.01 (written by random/random)
Run by kage musha at 2008-09-16 13:43:39
Microsoft Windows XP Professional Service Pack 3
System drive C: has 56 GB (12%) free of 477 GB
Total RAM: 2046 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:43:43 PM, on 9/16/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svch... Read more

Answer:something i cant get rid of please assist

Hi seta_runner

Thank you for your patience. I will be helping you deal with the issues raised in your log from this point onwards

Before we start jumping into things, here is a quick basic note which I mention to everyone. The fix which I have provided for you is for this computer only, it should not be used on any other computer. Each fix is tailor made for the specific task in hand. If for some reason you have system restore disabled, then please re-enable it before proceeding, an infected restore is better than none. Please read through the fix first and set enough time aside to complete the task in one session. If there is anything you feel needs clarification then please ask - do not guess! Thanks.

If this is a computer from a work place then please advise your IT department of the concerning issues before commencing past this point.

Please follow these directions in the order they are set out for you.

We need to disable your TeaTimer as it may interfere with the fixes that we need to make.

1) Run Spybot-S&D
2) Go to the Mode menu, and make sure "Advanced Mode" is selected
3) On the left hand side, choose Tools -> Resident
4) Uncheck "Resident TeaTimer" and OK any prompts
5) Restart your computer.

After all of the fixes are complete it is very important that you enable TeaTimer again, I will let you know when it is safe to do so.

Download ResetTeaTimer.bat by right-clicking on the link, and choosing Save As. ... Read more

6 more replies
Relevance 36.08%

My neighbor's son (8 yrs old) has click on a Freesereve Icon that starts the registration process. He is already registered. I cannot get rid of the initial welcome screen of the registration. Each time we connect up pop's this screen. Is there anyway of getting rid of or does he need to go through the process again.There is no CD in the rom spec is Win ME with IE6 SP1. There is also no problems in connecting only this damn screen.Thank you

Answer:Can Anyone Assist Please

Right click on the Freeserve icon and select Properties - you should be able to get a clue about where to find it on your system and delete it.

10 more replies
Relevance 36.08%
Question: Please assist me

Good day

I have a Intel board with a 3.40GHz CORE I7 4770 with 16GB RAM and a 1GB Nvidia GT430 Graphic card.

My Problem is that this PC is slow and lazy. Most of my games are lagging and opening my files takes for ever.
I did scan for threats and defraged it.

What should I do?
 

Answer:Please assist me

7 more replies
Relevance 36.08%

An issue has appeared on a friends PC where all the links on the task bar do not work nor do the icons. When I try to get into the registry comes up path invalid, and I know its correct. Has anyone seen this situation before?? Could it be a virus? I can't run the AV to ascertain as it won't start in any manner error msg says Path Invalid. Evin if I try to re install cd rom Path error msg says invalid.Will try a full repair of XP Pro but before doing so I was just wondering if it could be a virus but not having an AV working I cannot tell if has or which virus it could be.Any help would be appreciated..

Answer:Can Anyone Assist Please

I rose last week,went to my puter(which had been working fine for my daughter earlier)to find that clicking IE produced over 100 open pages.I tried AVG(suspecting a "nasty")to discover this also refused to load.None of my desktop/prog files shortcuts would work,so I ended up reinstalling XP too.If anyone does know what causes this I would be VERY interested.

6 more replies
Relevance 36.08%

Posted this over on Computer Cops yesterday, but it's like a 70% off sale on women's clothing over there ... Anyway, here's my cut n' pasted problem:Hello ... first time poster here. I have been solving issues on my own via the helpful utilities and posts, but it appears that I now need some additional assistance. My IE browser is basically useless (posting this via Netscape). It starts out with the about:blank homepage and then changes itself into www.searchmeup.com. Trying to then go to different websites in IE often yields "404 - Website not found" messages. Also, when attempting to use the Windows Update website, the auto scanning process returns the following. (My PC date/time is accurate)---------------------------------------------------------------------------------Windows Update has encountered an error. This may be due to a discrepancy in your computer's time setting.To check your date and time setting:On the taskbar, double-click the time.Verify that the date and time is correct.You can also get online support if you are having problems with Windows Update.Send error number to Microsoft (0x800C0008)Note This sends error information but does not create a support incident; you may or may not receive a response.-------------------------------------------------------------------------------------I also have noticed occasional popup windows with the message "Modem Not Found" ... even when my network connection has been disabled. Spybot S&D report... Read more

Answer:Please assist ... HJT log

You are infected with a variant of the CoolWebSearch.Download CWShredder from the below link and unzip it into a directory. Start CWShredder and click on the FIx button to have it remove all CWS infections it finds.Download CWShredder from:http://www.merijn.org/files/cwshredder.zipAfter you download the program, unzip it into a directory. Make sure all browser windows are closed and double click on the cwshredder.exe to start the program. When the program is loaded click on the "Check for Update" button, and if it finds an new version it will download it. You should then double click on cwshredder.exe again and click on the "FIX" button (not the "Scan only" button) and let it scan your computer.To get the best results it is recommended that you run it in safe mode. Reboot windows and press F8 at boot/windows startup, usually right after the beep. Then select safe mode.A tutorial that goes over this process step by step can be found here:How to remove CoolWebSearch with CoolWeb ShredderOnce that is completed you should follow these steps in order to clean your computer of Malware which can include Viruses, Trojans, Worms, Spyware, Hijackers and DialersStep 1:Download Spybot and Adaware from the following locations and install them. You should run both programs and clean up what it finds. This is to gaurantee that you find the most malware you can installed on your computer.Before running the scans on both programs, it is mandatory that you updat... Read more

13 more replies
Relevance 36.08%

Thanks in advance....

(edit: For a friend of mine...yes, I know...he uses AOL)

-----

Logfile of HijackThis v1.99.1
Scan saved at 11:19:28 AM, on 4/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRAM FILES\COMMON FILES\AOL\1167326659\EE\AOLSOFTWARE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Common Files\AOL\1167326659\ee\aolsoftware.exe
C:\PROGRAM FILES\COMMON FILES\AOL\1167326659\EE\AOLOPENRIDE.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PCCTLCOM.EXE
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TMPFW.EXE
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\system32\MDM.EXE... Read more

Answer:HJT Log - Please Assist

Hi

Not seeing much in the log - what sort of problems is your friend having?

Let's take a deeper look.

Download Deckard's System Scanner (DSS) to your Desktop . Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - minimised > extra.txt and maximised > main.txt.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt back in this thread (do not attach it).
Please attach extra.txt to your post.


To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.

1 more replies
Relevance 36.08%

I know absolute ZERO about fixing comps but everyday I learn a little bit more about them and since I'm always on one i should know how they work.. My father built the comp I'm on right now but it runs XP.. I used to play MMORPG's and when the newest patch came out [probably a yr ago at the time] my comp started acting funny.. I had a new laptop so i wasn't in a hurry to fix it but i need this desktop back.. I have a HiJackThis report so take a look and if you know what to do PLZ help.. Oh and dont worry about the time on the log my pc clock was waaaay off..
 

Answer:Can someone PLZ!!! assist me??

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide


and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using... Read more

1 more replies
Relevance 36.08%

After running AdAware, I generated this log from HijackThis. Any help will be appreciated. The PC is running much slower than is used to, but I can't determine the cause.

Thanks.


Logfile of HijackThis v1.99.1
Scan saved at 2:18:28 PM, on 3/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\SiteAdvisor\6028\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\winlogon.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe... Read more

Answer:Please assist with this log

Hi and welcome to TSF.

Apologies for any delay in replying, but we have been rather busy lately, and, of course, all our helpers are volunteers.

Since it has been a few days since you first posted, please follow these instructions if you still need assistance.

Download Deckard's System Scanner (DSS) to your Desktop . Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - minimised > extra.txt and maximised > main.txt.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt back in this thread (do not attach it).
Please attach extra.txt to your post.


To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.

Thank you for your patience.

1 more replies
Relevance 36.08%

Here's my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:06:16 PM, on 1/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray .exe
C:\WINDOWS\system32\ctfmon .exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\Dot1XCfg\Dot1XCfg .exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\LSUpdateManager.exe
C:\Documents and Settings\opsadmin\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://digitalops.com/updates.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Int... Read more

Answer:Did my best, please assist.

This computer had many popups, probably a result of a user downloading a worm. Ad-Aware scans reveal various worms.

Command.exe should not be there, "fixing" it in Hijack this does not correct the problem.
Also seems to be something with the Dot1xConfig, this is a desktop with no wireless capabilities.
 

1 more replies
Relevance 36.08%
Question: please assist

my laptop has slowed to a crawl with winantivirus and various other pop-ups...here's my log, any help is greatly appreciated.

Logfile of HijackThis v1.99.1
Scan saved at 6:36:10 PM, on 7/18/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\mgrs.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\atievxx.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\Program Files\Opera\Opera.exe
C:\DOCUME~1\Z\LOCALS~1\Temp\Rar$EX41.0528\HijackThis.exe
c:\program files\mcafee.com\shared\mghtml.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx
O3 - Tool... Read more

Answer:please assist

1. Download & Save this file to Desktop -> http://download.bleepingcomputer.com...a/ComboFix.exe

2. Double click on combofix.exe & follow the prompts.

3. When finished, it shall produce a log for you. Post that log & a fresh HJT log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

4 more replies
Relevance 36.08%

Here is the logfile from HijackThis, but i dunno which one to fixLogfile of Trend Micro HijackThis v2.0.2Scan saved at 3:11:13 PM, on 19/12/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16574)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\WINDOWS\system32\cusrvc.exeC:\Program Files\Juniper Networks\Common Files\dsNcService.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Novell\ZENworks\nalntsrv.exeC:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exeC:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\WolSerNT.exeC:\Program Files\Novell\ZENworks\... Read more

Answer:Can Someone Assist Me

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you.
I apologize for the delay getting to your log, the helpers here are very busy.

If you still need help, please post a fresh Hijackthis log, in this thread, so I can help you with your malware problems.
If you have resolved this issue please let us know.

2 more replies
Relevance 36.08%

I am sure I have malware, adware and viruses on my computer. Any assistance you can give me would be appreciayed.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:36:15 AM, on 5/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Dell\Media Expe... Read more

Answer:Please Assist With Hjt Log

First of all, you need to remove either Avast or AVG because there is no need to two anti-virus programs. Running two anti-virus programs will cause system slowdown and crashes.
Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2
Link 3
**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.
Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall
 

1 more replies
Relevance 36.08%

Hey - thanks in advance for taking a look.
It's been about a year since I've used this computer (been at college) but I've noticed that the machine is running significantly slower and there are a lot more anti-malware products. I'm not sure if they are legitimate products, and even so I don't know what would have prompted him to download so many.
Here's what I see just immediately:
AVG
Malwarebytes' Anti-Malware
a2HiJackFree
ZoneAlarm
Spybot-SD
Spyware Guard
Windows Security
Spyware Blaster

I don't know if any of these are being used, how frequently, what is necessary...?? Here are the logs:

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:13:42 PM, on 5/24/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:... Read more

More replies
Relevance 36.08%

gentlemen;
i had tried this forum before and received some help, most was resolved, thank you very much. but i was hoping to figure it out in time as things got busy. my computer is running slower and slower as time goes on. also, i have not been able to re-hide the "hidden files" i believe some issues still remain. could you please review my HJT log and see if you see anything unusual? thanks again

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:58:17 PM, on 3/31/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Kodak\A... Read more

Answer:need help again, could you please assist?

15 more replies
Relevance 36.08%

Hello,
I'm currently in the process of testing/deploying IE11 in our environment and I've begun testing on the IE11 Enterprise Site List manager.
I've read that there are a few different ways to configure the XML file to apply via GPO per the article below.  HTTP, Local Network, Local File. (https://technet.microsoft.com/en-us/library/Dn640699.aspx)
In my isolated testing I've chosen to use the local file method which is very easy to setup and use on a testing machine.
It looks like we have the flexibility to choose how we apply the XML file, and I was curious what the best options are and why?  Also are there examples of each setup being used and the benefits/downsides to each?
Here's the options that I can see using:
1. HTTP - setup an IIS website to host the XML file.
2. Local Network (UNC) - setup a UNC path on our DFS where we store the current XML file and users would have read only access to that location.
3. Local File - We could just deploy the XML file via SCCM package/application when updates to the list are required.
Could anyone please point me towards some articles, etc, explaining the pro's and cons of these methods and why I might want to choose one over the other?  I'm leaning towards just using a DFS share and option #2 because it doesn't require us to maintain
an IIS site for it but I am curious to hear if there might be any downsides to this method, or benefits to going with another method.
Thanks!

More replies
Relevance 35.67%

Hello,I am in the process of rejuvinating a friends PC and even though I have experience at HJT analysis and solutions, I am just too rusty to be confident on my recommendations. I would appreciate it if someone could help me out, I don't want to miss anything and return the PC with leftover malicious entries.Issues:Check Disk runs immediately on every startup, and at the welcome screen a warning appears saying that C:\$Secure is corrupt and unreadable.Runs, slow, with pop-up ads when offline, they even try while PC is not even hooked up at all to the internet.Many of the classic symptoms, redirection, ads, lots and lots of running processes, and so on.What I have done:I ran Spybot S&D, which found 180 objects, and let it remove what it found, but it couldn't remove it all so I let it run upon restart and it still didn't remove certain instances. I removed a couple of known badguys from Add/Remove, but knew this would be useless unless I removed the bad reg entries.Ran HJT and started the analysis, but some of the entries I just am not comfortable with.Also, I am aware of the lack of security protection on this PC, and will be addressing that once I can get some clean logs. The PC is not hooked up to the internet right now. I am transferring the things I need via flash disk or cd-r. Please ask if there is anything you need to know. Here is the log:Logfile of HijackThis v1.99.1Scan saved at 2:39:41 AM, on 5/3/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: I... Read more

Answer:Please Assist With Ugly Log

Hi nosnhoj#3.I?m willing to have a go at this. I think the phrase I?m looking for rhymes with ?clucking bell?!! Looks like you have everything except Vundo. Let?s try this first.Please create a uninstall list:Open HiJackThisClick on the configure button on the bottom rightClick on the tab "Misc Tools"Click on the Box that says "Open Uninstall Manager"Click on the button "Save list"Copy and past the List from the notebook onto your postPlease download Brute Force Uninstaller to your desktop. (rightclick on this link and choose save as, if using IE save target as)Right click the BFU folder on your desktop, and choose Extract AllClick "Next"In the box to choose where to extract the files to,Click "Browse"Click on the + sign next to "My Computer"Click on "Local Disk" (C:) or whatever your primary drive isClick "Make New Folder"Type in BFUClick "Next", and Uncheck the "Show Extracted Files" box and then click "Finish". Download qoofix.bat (rightclick on this link and choose save as, if using IE save target as) Place qoofix.bat in your C:\BFU - folder. (Important!) Doubleclick qooFix.bat, Close all browsers and explorer folders.Choose option 1 (Qoolfix autofix) and follow the prompts. Please be patient, it will take about five minutes. The PC will restart.Go back to the BFU folder and click on BFU.exeNow click the Web button as shown here: Use this URL... Read more

8 more replies
Relevance 35.67%

Hey there!

I am having issues with my computer. It seems to be constantly running at full speed. I also have alot of strange files being ran, of which 3 have been identified as trojans by google. I am running windows 7 32bit, I would appreciate any help you can offer.
Best wishes.

Answer:Assist Please Windows 7

Hello spencercorliss back to Bleeping Computer.Since you are Having Malware problems, take a look at these two forums. Only post in one. The first link will usually be sufficient for most users.Am I Infected What do I do? No DDS, HijackThis, or ComboFix logs should be posted in this forum.Virus, Trojan, Spyware, and Malware Removal Logs HerePreparation Guide For Use Before Using Malware Removal Tools and Requesting HelpRoger

2 more replies
Relevance 35.67%
Question: Goto assist

Can someone recommed a program that I can use to support others computers??? I know go to assist but is expensive, if anyone knows of any program please let me know.

thank you

Jaime
 

Answer:Goto assist

16 more replies
Relevance 35.67%
Question: Hijack log assist

Howdy. This is my hijack log. AKA my own personal abasement. I admit that I have viewed adult content. Please don't execrate me.
Anyway, I could use some help cleaning this up. Please tell me about any and all ambiguities.

Logfile of HijackThis v1.97.3
Scan saved at 8:14:15 PM, on 10/24/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\DELL\AccessDirect\dadapp.exe
C:\Program Files\DELL\AccessDirect\DadTray.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\Altnet\Points Manager\Points Manager.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\PROGRA~1\Altnet\DOWNLO~1\asm.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Common Files\GMT\GMT.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Intern... Read more

Answer:Hijack log assist

8 more replies
Relevance 35.67%
Question: search assist

Cannot uninstall search assist from laptop. Computer running slow and freeziing. Please can you help?

Answer:search assist

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Log... Read more

2 more replies
Relevance 35.67%

My next post will have my Hijack log, so that you can more clearly see what I am running. My problem is that every time I run something that requires above normal CPU usage, I shutdown. I would usually count this as a power problem or a temp problem, but the same scans I used in Regular start up "Spybot, Norton, and a few others" that usually shut me down... Well they worked fine in SAFE Mode...

Can someone help me problem solve my way to an answer?

Thank You
 

Answer:Shutdowns, Please Assist.

6 more replies
Relevance 35.67%
Relevance 35.67%
Question: express assist

I wonder if anyone can help me with this one. I try to make a backup with Express Assist but it stops because it wont backup my favourites folder.
It comes with this message that this file is in use, C:\documents and settings
\len\favourites\* and thats it. I have looked but there is no file called *
and as there is such a lot of files there or shortcuts I`m stuck.
Hope someone can help me please.
Thanks lenpcase
 

Answer:express assist

Are you using Express Assist 7.0.10?

If not try it: http://www.topshareware.com/Express-Assist-transfer-12523.htm
 

1 more replies
Relevance 35.67%

Hello Everyone ;-) I have just installed HiJackThis - I ran spybot and found/corrected 30 problems - ran McAffee Scan - and deleted 1 trojan - and deleted 6 potentially harmful files.

I am still getting these annoying popups from optimizer.com or whatever it is....and my computer is running slow. I can see that there are some 'bad' things in the HijackThis log..but don't want to do anything until I receive expert advice.

Thank You in Advance,

********************************

Restarted my PC and Ran HiJack this = here is my log:


Logfile of HijackThis v1.98.2
Scan saved at 1:51:29 PM, on 11/20/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Intel\Modem Event ... Read more

Answer:HiJack this log - please assist

Hi Nancy and welcome to TSF!!

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Please download Ad-aware... Read more

1 more replies
Relevance 35.67%

i am on my dell inspirion 1501 xp. my enter key totaly been broken a while but before i was messing with it and now some of my keys wont work so now i cant log in my admin account as i cant input some my password.

im in a password free user acc, using the on screen keyboard , i dont have admin rights to try system restore .

can anyone help or remote assist me please.
 

Answer:remote assist me need help

You could use a desktop type Usb keyboard with it for now.
You will probably want a new keyboard for that laptop though, Ebay would be a good place to look for one, they are quite easy to fit.

http://www.youtube.com/watch?v=itrjQzUei7w
 

1 more replies
Relevance 35.67%
Question: Password Assist

I have an Acer Aspire One netbook running Windows 7. Was my daughters up until 3 years ago, she received new laptop. This was stored until recent. Attempted to set up for work usage, but she has an admin password on it. I do not have password and she doesn't remember what it was. How do I remove the password? It is out of tech support warranty and Acer will not assist.
 

Answer:Password Assist

As per the forum rules, we do not assist with passwords, please see here: https://forums.techguy.org/help/rules/

Therefore I must close this thread.
 

1 more replies
Relevance 35.67%

I have successfully removed or quarantined lots of infections from this computer, but I think it is still infected. The latest symptom is when I delete c:\windows\drivers\ipsec.sys, it reappears. I know at one point it had Security Tool. AVG found something called AQRS. DDS below...DDS (Ver_10-03-17.01) - NTFSx86 Run by bob.ryder at 13:05:52.82 on Tue 09/21/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.403 [GMT -5:00]AV: Security Antivirus *On-access scanning enabled* (Outdated) {CE204F14-FB55-4438-BE6E-21518553358C}FW: Security Antivirus *enabled* {C5FCA60C-6F31-443F-9533-159DC5CD9A6D}============== Running Processes ===============C:\WINDOWS\system32\ibmpmsvc.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINDOWS\System32\mnmsrvc.exeC:\WINDOWS\syste... Read more

Answer:Possible Rootkit - Please assist

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEmsconfigsafebootminimalactivexdrivers32netsvcs%SYSTEMDRIVE%\*.exe/md5st... Read more

2 more replies
Relevance 35.67%

Hello, this is my first time here, I've perused a few other help threads, and hopefully I've gathered enough pertinent information for someone here to help me out.Just performing general housecleaning on my PC, seems to run alright, but want to make sure everything is where it should be, and that I don't have any uninvited guests.Up first, DDS log. Test was done with Antivirus disabled and net connection unplugged, as per directions in another thread.DDS (Ver_09-06-26.01) - NTFSx86 Run by Owner at 14:40:43.68 on Mon 07/06/2009Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.173 [GMT -7:00]AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Avira\AntiVir Desktop\sched.exesvchost.exeC:\windows\system\hpsysdrv.exeC:\WINDOWS\system32\VTTimer.exeC:\WINDOWS\LTMSG.exeC:\Program Files\Multimedia Card Reader\shwicon2k.exeC:\PROGRA~1\Sony\SONICS~1\SsAAD.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Avira\AntiVir Desktop\av... Read more

Answer:Cleaning HDD, please assist.

No worries, got someone else to take a look at my logs, thanks.

2 more replies
Relevance 35.67%

Hello,I'm new to the forum and would like to say hi and thanks in advance for all help and knowledge gained here.My computer has been gaining momentum in the "slowness" department over time. My machine take at least 4 minutes to boot, Internet Explorer takes 60 seconds to open and browses fairly slow. I have gone to the start up controls via MSCONFG and unchecked the non necessities to the best of my ability. Start up has improved by 30 seconds or so. It has been a few years since using HijackThis after my previous machines' browser was jacked. A certain forum helped me remove it successfully, thank God. I decided to run it again on this one and was wondering if someone could find any troubles and help me correct. Please lend me a hand if you will.Thanks,TimLogfile of Trend Micro HijackThis v2.0.2Scan saved at 10:56:22 PM, on 3/2/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:&#... Read more

Answer:hijack This Log: Please Assist

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

77 more replies
Relevance 35.67%

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:45:19 PM, on 9/22/08
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\MYAGTSVC.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\MYAGTTRY.EXE
C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\SWAGENT.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MCAFEE\MANAGED VIRUSSCAN\AGENT\UPDDLG.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE10\OUTLOOK.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE10\WINWORD.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
... Read more

Answer:My Hijackthis log please assist, thanks

Bump please

2 more replies
Relevance 35.67%

This is the HJT log from my Dell Inspiron 1501 - PLEASE let me know if there is anything that needs to be changed or fixed. THANK YOU IN ADVANCE FOR YOUR HELP!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:28:36 AM, on 5/15/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\sttray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\... Read more

More replies
Relevance 35.67%

Here is a log, please tell me what I need to do.

Logfile of HijackThis v1.99.1
Scan saved at 9:05:25 AM, on 11/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\CTsvcCDA.exe
c:\progra~1\mcafee\mcafee antispyware\massrv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Pete\My Documents\Hi-Jack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.google.com/mail/?auth=DQ...x=df23jrwhznqe
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\McAfee.com\Agent\McAgent.ex... Read more

Answer:HiJack This Log - Please Assist.

Download WinPFindRight Click the Zip Folder and Select "Extract All"
Extract it somewhere you will remember like the Desktop
Dont do anything with it yet!
Download Track qooSave it somewhere you will remember like the Desktop
Reboot into Safe Mode
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

Doubleclick WinPFind.exeClick "Start Scan"
It will scan the entire System, so please be patient!
Once the Scan is CompleteGo to the WinPFind folder
Locate WinPFind.txt
Place those results in the next post!

Reboot back to Normal Mode!

Double Click on "Track qoo.vbs"

Note - If you Antivirus has Script Blocking, you will get a Pop Up Windows asking you what to do. Allow this Entire Script to Run, its harmless!

Wait a few seconds and a notepad page will pop up, Copy & Paste those results and place them in the next post along with the results of WinPFind!

1 more replies
Relevance 35.67%

I have windows vista, and apparently a very stubborn virus.

This would be as simple as running an anti-virus, but every time I attempt to open Avast, Kaspersky internet security,Sbot S&D or try to do a system restore I get a "file download security warning" and Internet explorer opens instead. All of the icons for these programs have changed to the Internet Explorer shortcut sign as though they've been changed to links. There is no web address in the toolbar when IE starts. I tried downloading two other anti-virus programs and launching them but their icons were automatically IE and opened as such. This is getting frustrating.


If I do nothing, Internet explorer opens continually but doesn't go to any websites and the "File download Security Warning" continues. The security warnings say the name of a program and ask whether or not I want to run or save each time. These are some of the file names it's given, but mostly it just says avast;

rundll.exe
rthdvcpl.exe
tea timer.exe
wmpnscnfg.exe
hkcmd.exe
onenotem.exe
jushed.exe
igfxtray.exe
ashdisp.exe
ahtray.exe
reader_sl.exe

I am not normally computer illiterate or helpless.. but I am completely at a loss. I can't run any of the programs that are supposed to fix my internet explorer having a seizure if they all open as IE!It appears my computer is mistaking it's antivirus software for an internet link. My computer will not stop asking if I want to "run or save" so I'm assum... Read more

Answer:IE Seizure Please Assist?

I'm glad no one has put the effort into it yet, I figured it out. It was my fault completely and not a virus at all. I managed to confuse my computer into associating .exe files with Internet Explorer, including regedit, so I downloaded the altered registry file and merged. All better.


I need to know a good combo for firewall, anti-virus, and spyware for Windows Vista that I can come by free. There are a lot of highly regarded programs out there but I keep hearing that they don't all work well together and after reading some things about how Avast works when you're in the thick of fighting malware I decided I want to switch.

So any ideas on a good, free, thorough combo regarding malware protection programs on Vista?

1 more replies
Relevance 35.67%

hello,
i just did a kaspersky online scan and i am posting my results, as well as, a hijackthis log. my system was found to be infected with various viruses, spyware, etc. I have panda av+firewall ,avg anti-spyware, and cccleaner installed all are active and updated. i'm not sure how i still got infected..at least to this degree. i am always on this site becoming better informed by reading the forums. now, i guess its my turn to ask for assistance. any advice is greatly appreciated.

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, July 25, 2007 4:17:16 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 25/07/2007
Kaspersky Anti-Virus database records: 367497
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 39656
Number of viruses found: 9
Number of infected objects: 20
Number of suspicious objects: 0
Duration of the scan process: 00:51:36

Infected Object Name / Virus Name / Last Action
C:\5_tmp.vir/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped
C:\5_tmp.vir NSIS: infected - 1 skipped
C:\6.tmp/stream/data0003 Infected: not-a-virus:... Read more

Answer:Infected. Please Assist.

11 more replies
Relevance 35.67%

Hi Guys, how you all doing?
i have read some posts on this forum and concluded to myself that you guys know your stuff, which is great as i do not :(

Anyway a little (sorry a lot) about me and my problem, i dj and i bought a brand new piece of kit which is a Vestax VCI-300 (google it to get more of an idea) as dj'n is now goind down the digitl road, anyway i purchased a refurb laptop an Advent 5301 which was barely months old with intel dual core 1.83Ghz and 2Gb of ram, running vista HP these specs are way above the specs required to run the DJ hardware, anyway i purposely bought the laptop to run with the hardware, at first everything seemed fine and then BSOD, this has happened many times and i have since sent the hardware back to which it has been tested and returned, no faults reported at vestax. my laptop i returned to PC world where it was purchased from, tech guys there were not very helpful, they asked me to do a full reinstall which i have done many times and problem remains. i will copy below the couple of crash dumps i have, there were more but these have been deleted, i'm tearing out my hair and hope that someone can shed light upon my frustrations.
i have also subscribed to driver update site and d/l latest drivers, i dunno what else i can do, all i know is its definately not the vestax DJ unit as not only was it tested back at vestax but they also replaced the main board in it just to be sure.
PS i have tried all USB ports, the unit works for so long then... Read more

Answer:hope someone can assist??

Well, I'm no expert (or even amateur), but I have lived through computer hell before. Since you said it's a refurb, I suspect that something on the motherboard may have been shaken loose when they refurbished it (because something had to be broken before they refurbished it). I used to have a Compaq Presario Laptop that had a bad motherboard, which cause strange symptoms from video glitches to full BSODs and data corruption. I think you should use BIOS to run a HD scan (Google it, it's easy to do), and if that doesn't find anything wrong, bring it into PC World and tell them (act like you know what you're doing) to run a full system diagnostic, I can virtually guarantee something is wrong.

Regards,
Mynaras

19 more replies
Relevance 35.67%

When visiting a pogo game site and trying to play dominoes it needs a window to open and upon trying to open that window a small little box pops up and says uh oh you have a pop up blocker installed.
 
However my pop up blocker was off and still is. Therefore I'm confused. I ended up having to use firefox. to complete my mission..... therefore i'm obviously asking for help with this one lol..... thanks any and every body for helping

Answer:IE9 prob please assist me

Hi
 
Do you have any toolbars (Google, Yahoo ETC.) Installed?
Some of them have pop-up blocking capabilities. If so remove them. You don't need them.
 
The following will return the default settings to Internet Explorer.
 
Open Control Panel > Classic View > Internet Options.
 
Make a note of the home page you've chosen because it will change.
 
Click the advanced tab > Click Restore advanced settings > Click Reset > Check Delete personal settings and click Reset.
 
Click Close on the Resetting Internet Explorer Settings.
 
Open Control Panel > Classic View > Internet Options.
 
Enter your homepage address in the window > Click Apply,
 
Click the Privacy tab, Leave the checkmark next to Turn on Pop-up Blocker and click the Settings button,
 
Enter the web address (ex. www.pogo.com) in the field titled Address of websites to allow and click Add
 
Click Close on the window. Click Apply and OK to close the Internet Properties window.
 
You should now be able to use the site.

2 more replies
Relevance 35.67%

Hi Guys

I have just upgraded my PC and used the copy of Windows 7 Pro that I have ... no problems there .... the only issue I have is the shop that installed this for me put 'USER" as the user name .... so in my C:\User Folder it reads C:\User\User. Not really an issue but I'd like it to read who it belongs to ... not USER. This has probally been asked so may times before but I cant seem to find any threads on it. If you can assist to change this ... kewl ... thanks

Answer:Rename Assist Please

Open control panel and go to user accounts, you can change your user account name there. This may or may not do what you want. It won't change the name of your actual folder just your user name the is displayed in windows. Another option would be to create a new user account with the name you want. Move your documents and other stuff over to the new account, then delete the old one. Click the manage another account option to get to the screen where you can create a new account.

5 more replies
Relevance 35.67%

I cannot browsw the pages at:click hereI simply get the error:Microsoft JET Database Engine error '80004005' Could not find file 'C:\WINNT\system32\origin.mdb'. E:\DOMAINS\ORIGINSTORAGE.COM\USER\HTDOCS\../private/db.asp, line 32Can anyone please advise if it is my PC or the Website itself.Thanx

Answer:Anyone online now to assist me?

The page opened ok for me.

10 more replies
Relevance 35.67%

Copy of the log from the damn outerinfo thing...

Logfile of HijackThis v1.99.1
Scan saved at 7:54:00 PM, on 1/24/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\?ystem\n?lookup.exe
C:\DOCUME~1\MASTER~1\APPLIC~1\SCURIT~1\wowexec.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Chattage\Chattage.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Master Stan\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackT... Read more

Answer:please assist with hijackthis log

Hello kickassuperstan,

Please consider removing Viewpoint through Control Panel > Software,
because it has not a good reputation.
Through Control Panel > Software, remove :Oin
Yazzle by Oin
Purityscan by Oin
Snowballwars by Oin
Cowabanga by OIN
or anything similar with Oin in it.
If OIN is not in the list, download and run this uninstaller.

1. * Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer
Go to Control Panel > Internet Options > General tab
Under Browsing History, click Delete.
Click Delete Files, Delete cookies and Delete history
Click Close below.
* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.
Click Privacy in the menu..
Click the Clear now button below.. A new window will popup what to clear.
Select all and click the Clear button again.
Click OK to close the Options window
* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok.
Let it scan your system for files to remove.
Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
2. Download ComboFix

NOTE: If you already have ComboFix, remove the old version from your Desktop, and replace it with this new version.Save it to your Desktop.
Double-click ComboFix.exe and follow the prompts. Type 1 (continue) and click Enter.
Don't click the ComboFix window while the fix is running, because that may caus... Read more

1 more replies
Relevance 35.67%

I have been trying to rid my computer of all malware. I thought I had everything, but I cannot get on the internet. Can someone please tell me if I have something that is preventing this? Thanks in advance!!

SYSTEM - LENOVO 3000 N100 - WINXP PRO

HJT LOG**

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:29:20 AM, on 8/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lenovo\PM Driver\PMSveH.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Fi... Read more

Answer:Hjt log file = please assist

Hiya

Are you still having this problem? If so, can you do the following:

Download TFC by OldTimer to your desktop

Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
It will close all programs when run, so make sure you have saved all your work before you begin.
Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
Please download Malwarebytes' Anti-Malware from Here or

Here

Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clickin... Read more

1 more replies
Relevance 35.67%

So, strange things have been happening in my browser lately.  Just a lot of strange pop ups that appear to be advertisements on web pages, though I am seeing them on regular trustworthy websites, and they are covering over content.  I went ahead and ran a scan.  Please let me know if you see anything crazy in here.  Thanks!!
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:20:23 PM, on 4/8/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Users\John\AppData\Local\SmartWeb\SmartWebHelper.exe
C:\Program Files (x86)\gmsd_us_401\gmsd_us_401.exe
C:\Users\John\AppData\Local\gmsd_us_401\upgmsd_us_401.exe
C:\Users\John\AppData\Local\SmartWeb\SmartWebApp.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Pr... Read more

Answer:Hijack this Log - Please assist.

Thanks for the info. We have some work to do. You have infections as well as disk corruption. In this instance, many of your infections came from uTorrent.  Please do the following.
 
Step#1 - Warnings
The Dangers of P2P Programs
IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.
 
You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.
Here are some information sources about the dangers of P2P programs:
 
FBI - Peer to Peer ScamsUSA Today Artticle on P2P ProgramsFile Sharing Infects 500,000 Computers
 
I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.
It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these p... Read more

4 more replies
Relevance 35.67%
Question: Search Assist

On most web pages, some Search Assist thing turns text into a link with an advertisement when you hover over it. It is pretty annoying. How can I remove this? 

More replies
Relevance 35.67%

Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\WINDOWS\system32\HDAudPropShortcut.exeC:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exeC:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exeC:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exeC:\Program Files\Browser MOUSE\mouse32a.exeC:\Program Files\MultiMedia Keyboard\MultiMedia Keyboard\1.1\KbdAp32A.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\Real\RealPlayer\RealPlay.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\America Online 9.0a\waol.exeC:\Program Files\Common Files\AOL\1136495346\ee\AOLHostManager.exeC:\Program Files\Common Files\AOL\1136495346\ee\AOLServiceHost.exec:\program files\common files\aol\1136495346\ee\service... Read more

Answer:Highjackthis Log: Please Assist

Download the trial version of Ewido Security Suite http://www.ewido.net/en/download/ (W2K/XP Only)? Install ewido.? During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".? Launch ewido? It will prompt you to update click the OK button and it will go to the main screen? On the left side of the main screen click update? Click on Start and let it update.? DO NOT run a scan yet. You will do that later in safe mode.Restart your computer into safe mode now. Perform the following steps in safe mode:(Start tapping F8 at the first black screen after power up)Run Ewido:? Click on scanner? Click Complete System Scan and the scan will begin.? During the scan it will prompt you to clean files, click OK? When the scan is finished, look at the bottom of the screen and click the Save report button.? Save the report to your C: DriveThis will take some time to run!Boot to normal modePost that log and a new HiJack log

1 more replies
Relevance 35.67%

Hello... I am certainly PRAYING that someone can assist me with recovering my pc.
 
I am running XP... I have read through the forums and followed the instructions to create a boot disk using ARCDC. (this is the thread that I used: http://www.bleepingcomputer.com/forums/t/454775/computer-wont-boot-up-not-even-in-safe-mode/)
 
Everything was going fine with the boot disk until I got to the part where you type chkdsk :/r at the prompt - it started to run and then I received another blue screen that stated: "The procedure entry point NtSerializeBoot could not be located in the dynamic link library ntdll.dll"
 
Also, when I first turned on the PC this morning and saw the blue screen, when trying to bypass it at the screen with the safe mode prompts I received this message on a blue screen "the ntldr is compressed"
 
Can anyone assist me please? Thank you in advance!

Answer:Can Anyone Assist me with the BSOD

Read this for a possible solution to the compressed ntldr problem. Fixing that should also fix the other problem.http://www.proposedsolution.com/solutions/ntldr-is-compressed-press-ctrlaltdel-to-restart/

13 more replies
Relevance 35.67%

Thank you in advance for this forum. I cannot run malware scanners, and have activity similar to most of the rootkit posts in here. Both dds.scr and RootRepeal were killed shortly after scanning, so I followed another post to the point where you asked for specific information. Here is my Win32diag.txt and log.txt from the batch file:

Answer:Need Rootkit assist

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results.Follo... Read more

2 more replies