Computer Support Forum

RansomOff 5.2017.116.XXXX

Question: RansomOff 5.2017.116.XXXX

RansomOff Change Log
5.2017.116.7686 (Beta) - 26 Apr 2017
General bug fixes.

5.2017.116.6374 (Beta) - 26 Apr 2017
File restore expanded to cover all processes with a variety of ways to restore modified files.
Added additional file backup and restore options for increased control.
Added ability to disable file backup.
Automatically identifies and adds anti-virus exemption.
Notifications on common Windows start-up area changes.

More replies
Relevance 100%
Preferred Solution: RansomOff 5.2017.116.XXXX

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Relevance 80.77%

5.2017.365.6848 (RC1) - 31 Dec 2017
Improved non-standard display size support.
Added wildcard support for exemptions, blocks, and backup paths.
Added ability to manually add files and directories to block.
Added UI color change settings.
Improved process loading performance for Win8.1 and greater.
Fixed password reset bug.
Other minor bug fixes and UI tweaks.

 

More replies
Relevance 80.77%

5.2017.315.6969 (RC1) - 11 Nov 2017
UI tweaks.
Fixed file backup and restore issue.
Fixed uninstaller to cleanly remove all drivers after reboot.
Fixed other minor bugs and reported issues.

 

More replies
Relevance 79.95%

5.2017.124.3598 (Beta) - 4 May 2017
Added registry artifact cleanup.
Added ability to delete recent file or registry start up changes.
Fix auto-update bug affecting Windows 8.1 systems.
Modified installer to allow for over-the-top update without uninstalling first.
Updated database update procedures to keep existing data.
Published documentation to website.

 

More replies
Relevance 79.95%

5.2017.131.8772 (Beta) - 11 May 2017
Added folder protection capabilities to deny, deceive, hide or make read only with per process exemptions.
Added additional notifications if update has occured and restart is required.
UI tweaks to include taskbar icon animation.
Updated installer to prevent certificate conflict and mis-matched architecture.
Minor bug fixes.
Updated documentation.

 

Answer:RansomOff 5.2017.131.8772(BETA)

thanks for sharing it's worth at least its free
 

1 more replies
Relevance 79.95%

5.2017.139.8295 (Beta) - 19 May 2017
Added application lockdown mode with confirmation for newly executed processes.
Added icons to indicate folder protection status.
Added per-folder toggling from folder protection window and taskbar menu with reboot persistence.
Added removable drive awareness to folder protection.
Added main protection toggling from taskbar menu.
Added taskbar icon change to indicate status.
Added ability to deny, deceive and make read-only for root folders.
Tied startup notifications in with exemption list and added easy exemption of processes that caused the notification.
Added alert message filtering and cleanup.
Expanded self-protection mechanisms.
Fixed installer issue of only showing the 'Program Files' directory.
Minor bug fixes.
Updated documentation.
Many thanks to the Wilders Security and MalwareTips communities for continued feedback and support.

 

Answer:RansomOff 5.2017.139.8295 (Beta)

Hey @Captain Awesome

Do you know what security software is marking RansomOff as a PUA/PUP?
 

2 more replies
Relevance 79.95%

5.2017.156.2734 (Beta) - 5 Jun 2017
Added process hollowing detection.
Added import/export of settings.
Fixed security exemptions list issue with installer.
Fixed some settings not staying persistent across reboots.
Added app lockdown restart options after reboot.
Added scheduled tasks and services for start up notifications.
Expanded recovery mitigations.
Enhanced full screen window detection and mitigations.
Added wizard to help decide appropriate action for non-technical users.
Fixed username lookup bug on non-English language systems.
Enhanced compatibility of UI on higher scaling systems.
Minor UI updates and bug fixes.

 

More replies
Relevance 79.95%

5.2017.105.5336 (Beta) - 14 Apr 2017
Fix numerous performance and stability issues.

 

Answer:RansomOff 5.2017.105.5336 (Beta)

Installed without a hitch, and running smoothly.
 

4 more replies
Relevance 79.95%

11 Apr 2017
Modified installer to include better error checking and more robust restore point creation.
Improved false positive detection.
Fixed startup UI hang issue.
General bug fixes.

 

Answer:RansomOff 5.2017.101.7020 (Beta)

@HeiDef I had problems with this version
1/ ransomoff blocked okayfreedom VPN from installing and uninstalling. After closing Ransomoff tray icon, okayfreedom worked normally and was able to uninstall. During the installtion of okayfreedom, ransomoff blocked the main process
2/ after closing ransomoff, I could not open it again -> tried to reinstall, not successful -> I tried to open process explorer -> the VM was completely frozen and unusable. on my main desktop, CPU usage was constantly 50% (equivalent to 100% of the VM) -> forced rebooted -> BSOD loop -> the VM was completely dead and could never turn on again -> had to restore from a snapshot

updated:
after restoring from the snapshot, I tried to run process explorer again => system froze again
fortunately, I was able to identify the problem and no more BSOD seen
Ransomoff conflicted with process explorer and caused process explorer to use 100% CPU

 

12 more replies
Relevance 79.95%

12 Apr 2017
Improved compatibility with existing programs.
Modified main UI with color coded protection status.
Added ability to disable ransomware protection.
Improved installer to prevent possible registry corruption that could lead to BSOD loop.
Changed all build times to UTC.
General bug fixes.

 

More replies
Relevance 79.95%

5.2017.99.6252 (Beta) - 9 Apr 2017
Modified installation bootstrapper to display message if minimum .NET version is not installed.
Improved heuristics to prevent false positives.
Added 'Allow' confirmation second-chance to prevent inadvertant ransomware continuation.
Expanded process propagation detection.
Added additional system processes to protect against code injection.
General bug fixes.

 

More replies
Relevance 79.95%

5.2017.214.6672 (RC1) - 1 Aug 2017
Improved boot time performance.
Improved compatibility with existing system software.
Minor bug fixes.

 

More replies
Relevance 79.95%

5.2017.142.4703 (Beta) - 22 May 2017
Fixed bug highlighted by Xdata ransomware.
Fixed issues with App Lockdown saved settings.
Enhanced App Lockdown efficiency.
Added default options for App Lockdown for error conditions.
Expanded Windows start up modification detection.
Updated Windows start up notification logic with option to prevent duplicative alerts.
Added ability to terminate process that made start up change in single workflow.
Other minor bug fixes.

 

More replies
Relevance 79.95%

RansomOff Change Log
5.2017.119.4637 (Beta) - 29 Apr 2017
Updated process interaction heuristics and rules.
Added setup step to manually add existing security software for exemption.
Added additional notification and logging messages.
Minor UI changes and fixes.

 

Answer:RansomOff 5.2017.119.4637 (Beta)

Hi @Captain Awesome

We saw that you requested a video on RansomOff's backup and restore capabilities so we put a quick one together. Not great production value like some of the other video reviewers but it should give a quick overview of how it works. We also hope to have some documentation posted within a week so some of the functionality and options are a little more clear.
 

3 more replies
Relevance 79.95%

5.2017.144.10111 (Beta) - 24 May 2017
Fix BSOD issue introduced in last release.
Made MBR protection optional during install.
Added ability to toggle MBR protection (requires reboot).
Added option to manually install updates.
Other minor bug fixes.

 

More replies
Relevance 70.52%

EDIT: Use Malware Byte, follow the instructions below, then RUN A
FULL SCAN ON YOUR COMPUTER. Doing so will take about an hour or
more, but it will REMOVE ALL MALICIOUS FILES, GETTING RID OF THE
ANNOYING BUBBLE

Hi everyone. I have found a way to get rid of the files that cause some
Trojans such as Trojan-Keylogger.win32.fung, trojan-bankfraud, and many
more. Here are instructions that I have used and that I have tested myself
1)Download, install and update MalwareByte' Anti-Malware
2)Open to the file of the location of where the malicious files are
i.e.- Trojan-Keylogger.win32.fung, ----> XXX\application data\google
3)Drag the malicious files onto your desktop
4)Run MalwareByte and go to the tab on the top with the name {More Tools}
5)Under FileAssasin, click the button there
6)Browse to your desktop and click on the malicious files.*
*Note: If a window pops up, saying that they cannot be removed until
your computer has been restarted, click OK and your computer will
reboot automatically
7)Once reboot-ed, your desktop will no longer have the malicious files there
and the original location of these files should no longer have the files
as well.

These instructions only remove the files. I have not discovered a way to remove
the fake alert bubble. If you find out the solution to the alert bubble, please post
it below. In the meantime, I will also try to find a solution myself.
Hope this helps
Jon Levine
 

Answer:Trojan-XXXX-XXXX-XXXX-XXX file solution

Hi, Welcome to TSG!!
Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

 

1 more replies
Relevance 63.96%

Hello, Vista Business on my T60 will no longer start because of a recurring error message: "Logon UI.exe Application Error - The instruction at xxxx referenced memory at xxxx.  The required data was not placed into memory because of an I/O error status of 0xc000009c.   Click OK to terminate the program." This error message also occurred whenever I double-clicked on an Excel document to open.  As a workaround, I had to drag and drop the Excel file into an existing Excel window.  This was an inconvenience but I didn't receive the same error at start-up until now.  After an abrumpt shut-down, I received a boot error that seemed to be resolved after running startup repair a few times as well as chkdsk /f command, but the error was replaced by the current one I am now receiving.   I downloaded a Vista recovery disk and tried start-up repair several times, but it detects no error. I do not have any system restore points. I  no longer have access to the "ThinkVantage" utility upon boot-up.  I do not know how to access the recovery partition.   When I try running "bootrec /scanos" in the recovery command prompt, it says there are 0 Windows installations.   I do not seem to be missing any files when browsing the drive in the recovery command prompt. Any suggestions on what might be happening or how I can access the recovery partition would be greatly appreciated. Thank you,Samir

Answer:T60 - LogonUI.exe "The instruction at xxxx referenced memory at xxxx..." start-up error

Are you using Excel 2003?

3 more replies
Relevance 63.55%

Ok when i turn my computer i get this error message saying that sireman.dll isnt a valid windows image. So i then click ok then Windows messenger pops up and says MsnMsg is have problems please try again later and it says send error dont send. Also when i try to install Windows Media Player 11 because my recent one was having problems readin my avi file. ( dont know why dont know if it has anything to do woth this.) So its extracting the files and after it says obbcbcp.dll is not a valid image. I have Norton Antivirus and a Windows XP. Olease help i would very much apreachate it. Sorry i have a little trouble spelling on the computer.
 

Answer:/c:xxxx\xxxxx\xxxxxx\xxxx.Dll is not a valid windows image

Firstly i do not recommend using Norton it is a bit or a resource hog and does not have a very good detection rate, if you wish to change i would recommend ZoneAlarm (Firewall) and AVG Free (antivirus)

ZoneAlarm free (Firewall)
http://www.zonealarm.com/store/content/catalog/products/sku_list_za.jsp?dc=56pus&ctry=GB&lang=en

AVG Free
http://free.grisoft.com/
Ok not sure if this will help will all your problems but you may need to first clear all your temp files and cookies, use ATF Cleaner

ATF Cleaner
http://www.majorgeeks.com/ATF_Cleaner_d4949.html

Select all the boxes and press clean..

restart the comp and try installing windows media player again.

Some advanced stuff now

goto START >> RUN >> Type :- Msconfig ~ press enter

under the startup tab look for anything like Sireman.exe if you find it, disable it, also disable windows messenger by removing the Tick or Check in the box, press apply/Ok and restart.

you could possibly have some registry issues, and if you want to clean the registry i would recommend using RegScrubXp (some people do not recommend the use of such software but i do, its a personal prefernce)

http://www.sofotex.com/RegScrubXP-download_L7528.html

1) press "let RegScrub find problem"
2) Select all problems
3) Fix all problems

let us know if any of the above worked otherwise myself and others will try helping.
 

2 more replies
Relevance 63.14%

I've tried everything I can think of on this one. Any one have an idea.
Logfile of HijackThis v1.97.7
Scan saved at 11:46:22 PM, on 6/16/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Promise\FastTrak\FtrakSvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Owner\My Documents\freeware apps\utilities\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\qrgbq.dll/sp.h... Read more

Answer:Hijacked. Can't shake res://xxxx.dll/index.html#xxxx

Reboot in Safe Mode to run HijackThis and delete these entries:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\qrgbq.dll/sp.html#96676
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://qrgbq.dll/index.html#96676

Then reboot and post a new scanlog and see if they return.

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406
 

3 more replies
Relevance 59.86%

Since installing window 10 Word and mailwasher programmes are not responding

Answer:Rob15 xxx xxxx xxxx xxxxxxxxx

how much space is left on your C drive?

1 more replies
Relevance 57.81%

Hi ,  I am trying to download the BIOS update for X1 carbon 4th gen 20FB and i couldnt find that in this page. Can you please difrect me where to get it ?  https://support.lenovo.com/us/en/solutions/LEN-18282 Thanks,Ramesh

Answer:LEN-18282: Reading Privileged Memory with a Side Channel CVE-2017-5753, CVE-2017-5715, CVE-2017-575

Welcome to the CommunityThe BIOS update is published on the laptop' download pagehttps://pcsupport.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-...
 
UPD
The link to the BIOS update is present on the page you've mentioned, unfortunately without laptop' MT code or x1 Carbon its generation #:
 
ThinkPad X1 Carbon, X1 Yoga - Affected - N1FET59W - https://pcsupport.lenovo.com/downloads/DS111756 - 1/7/2018
 

1 more replies
Relevance 53.71%

Hi everyone, i have quite a few questions so i'll post separate threads rather than pollute one thread. I'm wanting to get something a lot better than windows defender. Comcast is my ISP so i can get NIS for free. As most of you are aware of Norton hasn't been doing a great job these days. There has been multiple vulnerabilities in its products that actually decreases the security of windows. Still NIS still does a pretty good job of scoring pretty well in the various test in terms of protection. I was thinking on going with either bitdefender or KIS but of course i would have to pay for those. If you were me would opt for NIS because its still pretty dang good and worlds better than bit defender or would you opt for one of the better products like KIS or bitdefender?
 

Answer:Kaspersky IS 2017 vs Norton IS 2017 vs Bitdefender IS 2017

bitdefender free+ CF and SAP i think will be good
 

11 more replies
Relevance 48.38%

Good evening everyone. Thanks for your access to this thread. I hope you to read and answer for this question.

I want to ask everyone that which software should I use for keeping security of my PC.

Now I am using Bitdefender Total Security 2017 as main anti-malware soft on my main desktop PC.
And also I was using F-secure SAFE as anti-malware soft on my PC until last week.

Yesterday, I heard that new Avast Antivirus 2017 was released, and new Avast Free is including behaviour scanning system.

I am having trouble deciding which software should I use as anti-malware soft.
Please tell me about your recommend.

I think that...

?Protection features
Better : Bitdefender 2017 > F-secure SAFE > Avast Free 2017

?Performance and speed
Lighter : Avast Free 2017 > F-secure SAFE > Bitdefender 2017

?the risk of false positive trouble
Bigger risk : F-secure SAFE > Avast Free 2017 > Bitdefender 2017

?SSL (HTTPS) Scanning is enable without fake SSL certificate to browser
Unnecessary fake certificate : Avast Free, F-secure
Need fake certificate : Bitdefender Total

F-secure SAFE is the very nice solution as protection from malwares and keeping speedy PC. But it is having big risk of false positive ratings; especially the website blocking is not good with many many false positive ratings. And, sometimes slow down my PC.

Bitdefender Total Security 2017 is the best solution as protection from malwares. This software is providing users very nice anti-malware solu... Read more

Answer:Avast Free 2017 vs F-secure SAFE vs Bitdefender Total Security 2017

Quick question, why Bitdefender Total Protection? Do you need ALL those additional features, or looking for an Antivirus only, because there are Bitdefender Antivirus Plus and Free versions.

What about other protection software like Emsisoft Anti-Malware/Internet Security or ESET Nod32 Antivirus/Internet Security?
 

11 more replies
Relevance 48.38%

Hello, Guys!
I'm new on this forum but I Really Really like this good Forum
So I had Emsisoft for couple of months now
But Recently I've switched over to Avast Premier Beacuse I've never used Avast before So I wanted to try It out
But now I'm without any AV As I do not know what to Install Avast or Emsisoft!
I have licences for both So thats not the problem
Thanks In Advance And btw This forum really nice.
 

Answer:Avast Premier 2017 Vs Emsisoft Internet Security 2017

Both have excellent protection functions, but certainly they are two different security solutions.
I think the choice of one or the other one is really subjective, I've used Emsisoft for many years and it is my first choice
 

46 more replies
Relevance 48.38%

My BD sub expires soon. Trying to decide whether I should switch to Norton 2017. It's my understanding that Norton is no longer the grand POS it used to be.

What say you?
 

More replies
Relevance 48.38%

College Football Picks 2017-2018 Season Charlotte at Eastern Michigan Eagles September 01, 2017 @ 06:30pm

Charlotte at Eastern Michigan Eagles

COMPUTER PREDICTIONS STRAIGHT-UP

TEAM SCORE PERCENTAGE TO WIN GAME
Charlotte 22.903 26%
Eastern Michigan Eagles 30.181 74%

COMPUTER PREDICTIONS AGAINST THE SPREAD

TEAM SPREAD TOTAL
Charlotte +14.0 59.5 over
Eastern Michigan Eagles -14.0 59.5 under

Get full analysis, detailed write-ups, and official picks at goo.gl/Xf3NiR
 

More replies
Relevance 47.97%

A couple of years ago I moved myself and some of the fam from Apple Everything to Windows 10. Yesterday however, I bought an new 2017 iPad. I really love the Surface devices, so why?
LEAVING THE PLATFORM BECAUSE OF WINDOWS MOBILE
First, because Microsoft are no longer supporting the phones that are in our house, we are being forced from that platform. So rather than living and breathing completely and happily inside the Microsoft ecosystem, I am now forced to diversify and go elsewhere. This really is a big deal, and changes my thinking from the unthinkable (leaving the MS ecosystem) to the possible (shifting back towards Apple). That being the case, why should I then buy a Microsoft Surface tablet (I was planning to buying a new Surface Pro M3) when I an now FORCED to be open to Apple and Android?
EASE OF MOVING PLATFORMS
Second, Microsoft have made my leap back to Apple so easy, because they have done what Apple and Google have refused to do, which is to make their software available on the others' platforms. Thus the transition to iPad is easy. For example, Word and PowerPoint are effectively free (via my 365 account that I will not be renewing at full cost next time; I will use the academic version which costs me almost nothing). Outlook on iPad is a great app (better than on PC platform). Lots of other apps that Microsoft that I use are also really nice on iPad (e.g. Wunderlist) and made the transition really simple and clean.
FACEBOOK
Third, the Facebook app on iPad is ... Read more

Answer:I did the unthinkable and chose a 2017 iPad over a 2017 Surface Pro M3

Microsoft are no longer supporting the phones that are in our house, we are being forced from that platform
Can't make sense of that. Presumably you have really old windows phones that no longer get updates?
And what does that have to do with what tablet you use? Windows has timeline, cloud clipboard and a whole host of platform agnostic features coming this fall, so Windows will play nice with android or ios (better than those OSes play with any other).
You don't even need your tablet, desktop and phone to be the same platform. You just need the same services, which for MSFT, exist on every platform.

1 more replies
Relevance 47.56%

5.2018.1.6291 (RC1) - 1 Jan 2018
Fixed file name parsing bug that could cause crash.

 

More replies
Relevance 47.56%

There's still a bug with Onedrive for students. I hope I can fix it. Thanks a lot. Greetings friend.
 

More replies
Relevance 47.15%

Cleaned out the recycle bin with Eraser and in the log it says that a huge number of RansomOff files could not be deleted because of permissions. Anyone know why this happens? Are they somehow associated with system restore or something? Here is a pic of a tiny portion of the gigantic log entry:


Thx for any knowledge on this...
 

Answer:RansomOff files Can't be Erased by Eraser

RansomOff uses FltRegisterFilter, a kernel-mode callback implemented by Microsoft which has been available since Windows Vista. This allows security software to intercept file-system operations on-the-go from kernel-mode without being required to use "hacky" and undocumented/potentially extremely unstable methods such as kernel-mode patching to replicate the same functionality. All your favourite security solutions which have file-system scanning support likely use this mechanism as well, it is a really good mechanism.

IRP_MJ_CREATE will be triggered when a handle to a file is being acquired (also applicable for intercepting the creation of new directories/files).
IRP_MJ_SET_INFORMATION will be triggered when the state for the target object is set to let the system know the file is pending removal.
IRP_MJ_CLEANUP will be triggered to carry out the pending deletion operation.

You can try using a utility which operates from kernel-mode and may bypass kernel-mode callbacks, such as PC Hunter. However, the log shows the Recycling Bin and I wouldn't have imagined that to be a protected area... It may be unrelated to RansomOff. You can test this by uninstalling RansomOff, rebooting, re-trying the removal, and then re-installing it again.
 

0 more replies
Relevance 46.33%

Which of these programs offer greater security? I admit to RansomOff and what is your opinion?

Ps : i don't can find download link to latest AppCheck Free... anybody give me ?
 

Answer:[Heilig Defense] RansomOff vs AppCheck AntiRansomware (Free)

Jogos said:


Ps : i don't can find download link to latest AppCheck Free... anybody give me ?Click to expand...

https://www.checkmal.com/download/AppCheckSetup.exe
 

15 more replies
Relevance 45.1%

Hi guys
Wich do you perfer?
 

Answer:avast 2017 or F secure 2017?

Avast has nicer user interface and more features besides that everything else is pretty similar.
 

6 more replies
Relevance 45.1%

Hello,
I'm trying to push out the update for the CVE-2017-11937 and CVE-2017-11940 vulnerabilities through WSUS but I can't find the KB# for either of them. Anyone know what KB# these two have?
Thanks!

More replies
Relevance 45.1%
Answer:[Heilig Defense] RansomOff - The World's Most Advanced Anti-Ransomware Solution

"Yet Another Anti-Ransomware Protection Tool"
 

more replies
Relevance 43.87%
Question: xxxx.tmp files

my c:/windows/temp fillling with xxxx.tmp files (xxxx-different alpabets) with the intervel of 5 minutes. pl advise me what to do..?

Answer:xxxx.tmp files

See "Response Number 1" in this thread:http://www.computing.net/answers/se...Follow the instructions for downloading and using "HijackThis"(Do not download or use the "beta" version as it may crash)Post the log generated by HijackThis - do not use it to fix anything yet. Wait for a response by someone who knows how to analyse the log (it's not my area of expertise).

2 more replies
Relevance 43.87%

Hi, I subscribe to stream-link for Jim Rome show. Recently, when I try to access his radio show, I log in with my user name and password and get redirected to "xxxx:" that basically says "Page cannot be displayed.

I've tried running it on other computers and it loads up fine. I did notice one distinct difference. The computer that worked had a url address of...
https://members.premiereinteractive.....com/home.html

On my PC, the page is...
https://members.premiereinteractive....++++++++++++++

I tried just deleting the xxxx at the end of the URL and inserting the correct address, but that still does not work. I've also tried loading it up on Netscape Navigator, but there, I get an error saying "XXXX is not a registered protocol".

I'm completely at a loss. Please help!
Thanks
Brian


Here's the Hijack File...



Logfile of HijackThis v1.98.2
Scan saved at 12:26:16 PM, on 11/30/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\McAfee Privacy Service\GUARDDOG.EXE
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\Sy... Read more

Answer:Redirected to xxxx:

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Please download Ad-aware SE and install it if you don't hav... Read more

5 more replies
Relevance 43.87%

Hello,
On my Windows 10 pro PC, I'm running (BDTS 2017 + Voodoo Shield Pro + Malwarebytes 3), and this combo is very smooth for me, but when I saw the results of MT tests here : AV Test - MalwareTips - Bitdefender Report - March 2017 and here : AV Test - MalwareTips - Kaspersky Report - March 2017, I think that these tests demonstrated that Kaspersky did a better job then Bitdefender
So my question is to know if it is a good idea to replace BD by KIS on my config ?
Thanks
NB: I have paid keys for both
 

Answer:Bitdefender Total Security 2017 vs Kaspersky Internet Security 2017

1/ kaspersky with tweaked settings alone

2/ kaspersky, slightly tweaked + Voodoshield

3/ bitdedender with ATC = aggressive + ransomware protection enabled | Heuristics = normal
 

40 more replies
Relevance 43.46%

Brought my laptop home, minus the keyboard that wouldn't fit in the briefcase,
so I could work on my Windoze desktop that's right on schedule, giving me problems again.

Have typed the same LONG email 3 times to my wife, then I apparently am
accidentally hitting somethng on he lower part of the keyboard and the whole darn thing disappears and I have o start over!

Any way to prevent that? Really getting aggravated with it.

HP Compaq 8230
 

More replies
Relevance 43.46%

Hi, I subscribe to stream-link for Jim Rome show. Recently, when I try to access his radio show, I log in with my user name and password and get redirected to "xxxx:" that basically says "Page cannot be displayed.

I've tried running it on other computers and it loads up fine. I did notice one distinct difference. The computer that worked had a url address of...
https://members.premiereinteractive.....com/home.html

On my PC, the page is...
https://members.premiereinteractive....++++++++++++++

I tried just deleting the xxxx at the end of the URL and inserting the correct address, but that still does not work. I've also tried loading it up on Netscape Navigator, but there, I get an error saying "XXXX is not a registered protocol".

I'm lost!! Please help.
Thanks!
Brian

Answer:Browser re-directed to xxxx:

post a hijack log in the hijack forum,you can d/l hijack here
http://www.thespykiller.co.uk/

1 more replies
Relevance 43.46%

Hey all. Today I started my comp and had some program called spywarevampire pop on my desktop. Never installed or heard of this. Went to programs and uninstalled it. It didn't come back after restart. Now on explorer when I view internet pages, I keep getting hung up and seeing this "googlepagead1.xxooxx" address loading. It takes about 20 seconds and keeps the page from loading until the green bar on the bottom of the screen completes. I've run adaware and spybot but nothing unusual is found. I'm running a full virus check to see if anything shows up. Anyone have any ideas or know what I'm talking about?
 

Answer:googlepagead1.xxxx trojan??

Hosts file entry?
 

2 more replies
Relevance 43.46%

I noticed my Windows 8 PC was running slow. I took a look at the running processes and saw a suspicious "TODO" process. Some google searching reveals it is not good, but I have been unable to find a way to remove it. I am not able to run FRST64.exe. I see a message that says "The application has failed to start because it's side-by-side configuration is incorrect."
 
Any help would be appreciated. Thank you.
 
 
Chris

Answer:infected with TODO: <XXXX>

In an interesting note, if I include the Chinese characters in the topic title instead of XXXX, I get a message that says "Sorry, you don't have permission for that!". Must be some kind of filter. Anyway, the actual name of the process can be seen in the picture attached to the original message.
 
 
Thanks again for any help,
Chris

12 more replies
Relevance 43.05%

Just got back from vacation, turned on my Dell Dimension with XP Home Edition. ot the dreaded blue screen. Talked about something being "dirty" and then goes to File segment ##### unreadable. Every once in a while it updates on percentage of completion but takes hours. Help!

Answer:FIle Segment XXXX unreadable

Howdy EFC, And Welcome to TSF..

I hate to be the baeror of bad news, but it seems that your hard drive is dying..

http://discuss.joelonsoftware.com/de...oel.3.326637.6

4 more replies
Relevance 43.05%

I am using Outlook 2013 from last few months but did not face this type of error. Whenever I open the PST file I received this error:
?Errors have been detected in the file xxxx.pst. Quit Outlook and all mail-enabled applications, and then use the Inbox repair tool (Scanpst.exe) to diagnose and repair errors in the file. For more information about the Inbox repair tool, see Help.?

I tried repairing my PST file with ScanPST.exe but it did not work. Then I took help of demo version of Stellar PST Repair, It shows all my repaired data. But I am confused where I should buy this software or not.
 

More replies
Relevance 43.05%

Hi

somehow the name on my user/xxxx folder was entered incorrectly when my OS was installed, I think.

Is it possible to correct it?

Thanks

Daniel

Answer:Can I change the name on my user/xxxx folder

The only way to get your desired username under the \Users folder is to create a local account (not a MS account) and assign that local account the username that you want to appear under \Users. Then you can convert that account to a MS account login and the folder under \Users will not change. After you copy all the data files (documents, videos, etc.) from the old user account to the new user account, you can delete the old user account.

If you are going to do that, don't forget to change the new account you create to administrator.

Option three:
https://www.tenforums.com/tutorials/...a.html#option3

https://www.tenforums.com/tutorials/...a.html#option1

Microsoft Account - Switch to in Windows 10

https://www.tenforums.com/tutorials/...a.html#option1

2 more replies
Relevance 43.05%

Every time I leave my desktop alone for any length of time (more than 5-10min), when I return to it, I have many, many windows open that state:
Access violation at address 13183580 in Module '10LOSM~1.DLL' Read address of XXXXX (didn't get this part - let me know if it's important and I'll include it)

​Will appreciate any help you can give me. Here's the results of TSG utility:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel Pentium III Xeon processor, x86 Family 6 Model 23 Stepping 6
Processor Count: 2
RAM: 3061 Mb
Graphics Card: Intel(R) G33/G31 Express Chipset Family, 128 Mb
Hard Drives: C: Total - 473493 MB, Free - 413286 MB;
Motherboard: Dell Inc., 0RY007
Antivirus: Norton Security Suite, Updated: Yes, On-Demand Scanner: Enabled
 

More replies
Relevance 43.05%

Hi. First post for me, so please be patient.

I am constantly getting the error message: "xxxxx.DLL is not a valid Windows image. Please check this against your installation diskette". This appears many times for various applications when the computer starts up, and whenever I open an application. Once I click 'OK', the message disappears and the application opens as usual.

I am running MS Windows XP Professional Version 2002, Service Pack 3.

I believe I have been infected by a Trojan Horse virus.

I have run a HijackThis scan and have the log, but have not posted it here as per Bleepingcomputer's advice.

Please advise on how to proceed - looks like Combofix is the answer but I am technically challenged so will need guidance.

Many thanks for your help.

Answer:xxxx.DLL is not a valid Windows image.

Hello, let's do these first. If needed I will ask for the HJT log. PLEASE do not run ComboFix on your own,note the blue text atop this forum.Next run MBAM (MalwareBytes):Please download Malwarebytes Anti-Malware and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the ... Read more

5 more replies
Relevance 43.05%

I just had to reload my System due to hard drive failure, after reinstalling and running Windows Updates (upgrading to IE11), now when I attempt to Download programs I get a error message after downloading and attempting to run, during validating the following message occurs....
The Signature of "xxxx".exe is corrupt or invalid. Learn More Delete View downloads

* "xxx".exe is whatever file you are attempting to run after downloading.

I found where one site stated to unmark the Box under Internet Options.... Advanced.... Security.... Allow software to run or Install even if Corrupt or Invalid.

Either way Marked or unmarked and even after system reboot it still does not work.... Any Ideas on how to fix this???

More replies
Relevance 43.05%

Hey,
while working on Outlook I was suddenly bombarded with an error message ?Errors have been detected in the file xxxx.ost?. Please provide me the necessary details.

Answer:How to fix Errors have been detected in the file xxxx.ost

Simply an offline copy of your outlook mailbox ...
Connect to Outlook (online) ...
DELETE it (the file referenced, it has errors - possibly sync errors) & Outlook will save a new version.

1 more replies
Relevance 43.05%

I don't quite understand what the bug-a-boo is with Hotmail and Vista. Like, aren't they both Microsoft, and why did MS launch a OS platform that doesn't support their own mail program????? Duh... Anyway... here is the problem. I downloaded Windows Live Mail, thinking I could utilize my Hotmail account with Vista, but still not working. EXAMPLE: I am on Craigslist... I want to repond to an ad by clicking on the link that shoudl bring me to my mail program.... I got the message that it didn't support my "msn.com" address, so I changed to Yahoo... it will bring up Yahoo mail program, but I want to use my main mail program, msn.com (Hotmail).... how can I utilize accessing the mail links in craigslist ad, for example and have it go to my Hotmail program?
THANKS!
Windows XP was just great! What is Vista all about, anyway?

Answer:Using Hotmail ([email protected]) mail with Vista

You can use Hotmail with Windows Live Mail...I'm using it at the moment. however my address is "@hotmail.com" and not "msn.com". Howver looking around on the web I found this..

Your mail is here, come and get it&#33;

I have not had time to look at it all, but could be a starting point for your problem.

1 more replies
Relevance 43.05%

The above menu appears in my itunes but since i reloaded latest version of itunes the menu is blank/empty and any new downloads are not appearing when uploaded . This used to occur in the past.All songs are in Lw folder ok.JUst not appearing in itunes liked they used.Any ideas why this is.

Answer:XXXX's Limewire Files [itunes]

Limewire leaves a very unpleasant taste in the mouth

2 more replies
Relevance 43.05%

Hello,

I did this without really thinking much about it while following a guide on how to setup Active Directory in server 08. I put xxxx.com as the active directory domain. Is this a security issue with doing this???

If so what should i change it to??

I planning to setup exchange on server08 also.

Thanks in advance.
 

Answer:xxxx.com As Active Directory Domain Ok?

internal network domain names are usually ending with .local, .priv, etc, theres no problem with having a .com domain name for your network, but not everyone does it that way
 

7 more replies
Relevance 43.05%

Hey,
while working on Outlook I was suddenly bombarded with an error message Errors have been detected in the file xxxx.ost. Please provide me the necessary details.

Answer:How to fix Errors have been detected in the file xxxx.ost

Simply an offline copy of your outlook mailbox ...
Connect to Outlook (online) ...
DELETE it (the file referenced, it has errors - possibly sync errors) & Outlook will save a new version.

more replies
Relevance 42.64%

Although its small and trivial, it bothers me a lot and it ruins the mood any wall paper puts out for me. How do i remove it?
http://i.imgur.com/d6d2kXA.png?1
(its at the bottom right)

Answer:Windows 8.1 Build XXXX stuck on desktop

That happens when your OS is not activated. You can confirm this by pressing Windows key+S and typing "PC Info". Select it. At the bottom of the information it will tell you something like "Windows is not Activated" or "Windows is Activated"

if it's not activated Microsoft wants you to provide the key to activate your OS.

4 more replies
Relevance 42.64%

Hello my computer appears to be infected with this antispyware soft rogue. Every time someone logs in on the family account a host of warning messages appear and many programs cant be opened. I'm logged in on my seperate password protected account and there are no symptoms of it here. I did a AVG, Malwarebytes and HijackThis scan; The AVG found a trojan, malwarebytes found rogue.antispywaresoft although after removal of all the infections, the problem is still apparent on the family account. Any ideas? Here is the hijackThis log but this was on my log in account as hijack this can't be opened on the other user so not sure if this is even helpful, should I get that rkill program?: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 10:37:11 AM, on 17/05/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.17023)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\VTTimer.exeC:\PROGRA~1\... Read more

Answer:Application cannot be executed. the file xxxx is infected

okay i downloaded all of the rkill files .exe, .scr etc and none of them are able to be opened on the family xp account, it just comes up with a host of fake security messages about the files being infected. I AM GETTING ENFURIATED.cheeers guys

5 more replies
Relevance 42.64%

My C: drive has several eula.xxxx.txt and install.res.xxxx.dll files on it (plus a few other file types)
- they look like orphans after an update by Microsoft.

Can I delete all of the files ... ?
This is the contents of install.ini file

Code:
[Setup]
ProductName=Microsoft Visual C++ 2008 Redistributable Package
ProductMsi=vc_red.msi
ProductRegKey=
ProductRegName=
ProductRegData=
ProductSupportURL=http://go.microsoft.com/fwlink/?LinkId=45396
DefaultDirInstallToken=
SupportWin9X=0
MinNTVersion=5.0
CheckAdminRights=1
ShowFeatureOptions=0
ShowDestinationFolder=0
LogFilePrefix=dd_vcredist
VerboseLog=1
RebootMode=0
UILanguage=1033
BitmapFile=vcredist.bmp
CustomTextPrefix=CustomText

[DetectDarwin]
X86=2.0
I64=2.0
A64=2.0
Install=0
Link=http://go.microsoft.com/fwlink/?LinkId=45724

[VSSetupWatson]
VSSWSuccessEnabled=1
VSSWSuccessHeadless=1
VSSWFailedEnabled=1
VSSWFailedHeadless=1
VSSWProdName=Microsoft Visual C++ 2008 Redistributable Package
VSSWProdVer=[VERSION]_[LAB]_[PFLAVOR]
VSSWSectionEnabled=1
VSSWProdSAID=11867
VSSWInternalRelease=1
and the contents of globaldata.ini

Code:
[ProductNames]
ProductName.1033=Microsoft Visual C++ 2008 Redistributable
ProductName.1041=Microsoft Visual C++ 2008 Redistributable
ProductName.1042=Microsoft Visual C++ 2008 Redistributable
ProductName.1028=Microsoft Visual C++ 2008 Redistributable
ProductName.2052=Microsoft Visual C++ 2008 Redistributable
ProductName.1036=Microsoft Visual C++ 2008 Redistributable
ProductName.1040=Microso... Read more

Answer:eula.xxxx.txt + DLL files on my C drive ... orphans ?

Yes they can be safely deleted. It is due to a bug. See the article below:

https://support.microsoft.com/en-us/...?wa=wsignin1.0

3 more replies
Relevance 42.64%

Hi There,

I'm new to the forum so Hi all

OS: Win 7 Home SP1

Recently discovered in the security properties of certain Folders/files have 4 x unkown user 'S-1-5-21 xxxx'
I am able to remove the unknown users, but there are far to many folders to manually remove from all.
Am curious to know if this is some kind of security risk? and is there an easier way of removing the users?

Also noticed if I create a new document within 'documents' in my library then the 4 unknown users appear in security properties?
Yet if I create a document on my desktop I only get sytem/user/admin users created. if i then copy this to 'Documents' Folder in 'libraries' again the 4 'unknown user s-1-5-21 xxxx' are present in security user group?

I have run several thorough virus/malware checks but found nothing?
Also have not created any users apart from my own and am not part of any Domain.

Any help regarding would be much appreciated as after searching the web am seeing conflicting advise.

Answer:unknown User S-1-5-21 xxxx in Folder properties

Quick update. Have now removed the unknown users from the parent folder 'My Documents' found in libraries. This has removed all unknown users from folders/files found in 'libraries\documents' so problem solved.

Would still like to know where these unknown users originated from though?

1 more replies
Relevance 42.64%

OK I have a win 7 (beta and 7100)32 bit dell which has been giving me the dreaded "the app xxxx has stopped working" windows will now try to find a solution online. Its happened on many apps both installed and on installation. I have tried xp compat mode, run as admin, no joy. Its happening on both machines. Here is a sample clipped from the evnt log.
this particlular one involved itunes and ntdll.dll, but kernalbase.dll and others are also listed[IMG]file:///C:/Users/Kenn/Desktop/Capture.PNG[/IMG]. Any idea?

TIA

Kenn

We have come a long way my Aussie partner. Have you found yours.?

Answer:app xxxx stopped working event id 1000

  
Quote: Originally Posted by zigzag3143


others are also listed[IMG]file:///C:/Users/Kenn/Desktop/Capture.PNG[/IMG].


Sorry... it's off-topic. To be able to use the [IMG] tag, you need to make your image hosted on either ImageShack or Photobucket (or others0. I would suggest you to create a Photobucket account to link your Image files to us.

On-topic.
Since when it started to do so?
Did you run any diagnosis utilities (Memtest, etc)?
Did you try to backup your stuff and do a clean install?

Just a few suggestion. In my life, I never had that much errors on any of my Windows installs.

7 more replies
Relevance 42.64%

winfuture.de publish an image about WINDOWS7 SP1... Is possible microsoft release the system with an SP ??? the RC and betas is soo good, inst an bad idea to have an system with all updates!!!

http://www.baboo.com.br/absolutenm/a..._7_sp1_big.jpg

Answer:WINDOWS 7 7138.0.090523-xxxx-winmain_win7xxx_sp1_x

I've heard about this, but why do they need to block the compiled date in the build number.

9 more replies
Relevance 42.64%

So I'm in the market for a new pc and a used dell precision with a graphics card added in seems like a pretty good value. I realize that at least some power supplies on these will be proprietary, but my question is, if for the most part, they are replaceable, and if there's an easy resource to find out if they are when looking at a specific model. Thanks for any help.

More replies
Relevance 42.64%

File Record Segment xxxx is unreadable.

Ok so I am having a huge problem that I'd like fix. If you also know methods for what to do in the future to prevent this from happening again (second time a HD has failed on me) I'd appreciate it.

Anyways so here's my setup:

CPU: P4 2.8GHz c
MOBO: Abit AI7
RAM: 2 512MB Mushkin 3500 Level II (Running at 2-5-2-2)
The hard drive: Maxtor 6Y200PO

My problems first happened after a random bootup (meaning I hadn't changed anything while I was previously using the computer, just had shut it down for the night). Windows took about 10 minutes to load, and I was having some hardware issues. After looking around at different sites and FAQs, one thing lead to another and I decided to flash my BIOS. ABIT recommended using their new and "wonderful" program called Flashmenu. After downloading this program I downloaded the latest BIOS for my MB. I backed up my old BIOS using Flashmenu then flashed to the latest BIOS and rebooted.

Here's where my problems began.

The computer booted up and I got the checksum errors, and since this was the first time I've ever flashed a BIOS I was not accustomed to this error (I'm fairly sure it's normal after flashing, please tell me if I'm wrong). After googling around a bit the first recommendation was to clear the CMOS (I later found out that Flashmenu is supposed to do this anyways). I shut down the computer, unplugged the power, waited 30 seconds, set the ... Read more

Answer:File Record Segment xxxx is unreadable.

7 more replies
Relevance 42.64%

Well, I bought a new DVD drive yesterday and when I insert a disk it reads and I can browse through the discs contents but whenever I try to copy something it freezes for a few seconds and I can see the little light flashing violently on the device and when I get past that and try to put it on my desktop I get "Cannot copy XXXX. The request could not be performed because of an I/O error." I have tried using both cds and dvds, the oddest thing of this all is the drive allowed me to burn a CD, and this CD is working perfectly. My drive is called TSSTCorp CDDVDW SH-S222A in the device manager and the box for it says it is a RetailPlus+ DVD+/-RW.
 

Answer:Cannot copy XXXX. The request could not be performed because of an I/O error.

9 more replies
Relevance 42.64%

On the netbook that I've had for a quite some time now, it has started to slow down. Last night while I was using it I would constantly get a "C++ visual blahbahbahbbh" about how a program that I don't know which it is because it would say C:/..... and nothing else. Now, I go to restart the netbook and now it can and will hang at the splash screen. If I wait then it would go into the chkdsk thing and would list this huge line of

"file record segment xxxx is unreadable"
With at least 50+ of these unreadable errors. I had waited for quite some time and then it would go to into something 'deleting' I do not remember exactly what it was but my main concern is the

"file record segment xxxx is unreadable"

because of the sheer amount of unreadable segments there are.
 

Answer:File record Segment xxxx is unreadble

10 more replies
Relevance 42.64%

I keep getting that same error message over and over again. I don't know what to do. please help

Answer:application cannot be executed. File xxxx is infected..

Hello, and welcome to Computer Hope.Please note the following information about the malware forum:Only the Malware Specialist Team is allowed to give advice on removing malware from your computer.From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above. Please do not attach logs or post them in Quote/Code boxes unless requested.Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.If you have already asked for help somewhere, please post the link to the topic you were helped.We try our best to reply quickly, but for any reason we do not reply in two days, reply to this topic with the word BUMPLastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.Please download and run RKill.Download mirror 1 - Download mirror 2 - Download mirror 3Save it to your Desktop.Double click the RKill desktop icon.It will quickly run and launch a log. If it does not launch a log, try another download link until it does.Please post its log in your next reply.After it has run successfully, delete RKill.Note: This tool only kills the active infection, the actual infection will not be gone. Once you reboot the infection will be active again! Pl... Read more

3 more replies
Relevance 42.64%

Hello Everyone !
Here we are again happy to announce that we have fixed the Compatibility issue with Google Chrome 45.x and COMODO Internet Security/Antivirus/Firewall V8.2.0.4703 Chrome Hotfix is released!

Existing CIS 6.x, CIS 7x and CIS 8.x users will receive an automatic update offer V8.2.0.4703 Chrome Hotfix Release update !

Download Location

Comodo Internet Security
http://download.comodo.com/cis/download/installs/4020/standalone/cispremium_installer.exe

Size: 216M ( 225688096 )
MD5: 0ba1bc28183f06f955b011fea48791a1
SHA1: f20daaf44758ee21cef08416dbaca69c68a9df3e
Comodo Antivirus
http://download.comodo.com/cis/download/installs/4020/standalone/cav_installer.exe

Size: 216M ( 225688096 )
MD5: eb8cd8abd88e4cfb891eb1cf613cba1f
SHA1: c5f588177aeb26e4fad34fa8260ed41fd525d8c7
Comodo Firewall
http://download.comodo.com/cis/download/installs/4020/standalone/cmd_fw_installer.exe

Size: 216M ( 225688096 )
MD5: 2a0be00850233a1dc774b84b7f12f7d6
SHA1: 3d97a319af800a578928121fdc5ec44c272cce73
 

Answer:Comodo Internet Security V8.2.0.xxxx is released!

Hi all

Comodo Internet Security 8.2.0.4792 (Windows 10 Version1511 Hotfix) is released!

https://forums.comodo.com/news-anno...version1511-hotfix-is-released-t113688.0.html

With best Regards
Mops21
 

5 more replies
Relevance 41.82%

Dear Community, Please help me to solve the following issue. My notebook is an Ideapad Y570, i7 2630QM, 8GB RAM, Nvidia GT555M, Win7 HP 64 bit.I?m using the Comodo free firewall since many years, but since the version 8.2.xxxx I have a very strange issue.(I?ve tried all 3 versions 8.2.0.4508 / 8.2.0.4591 and the latest one 8.2.0.4674)The problem is:after updating the 8.1.0.4426 version with any other 8.2, it is not possible to run basic windows tools (task manager, calculator, sticky notes, notepad etc.).These programs are sending the message ?xxxx has stopped functioning?, this happens already before reboot?Some programs can be started like word/skype etc.After reboot nothing changes.The only solution is to remove the 8.2.xxxx version ? fortunately this windows feature is not blocked ? reinstall the 8.1.0.4426 and disable the comodo program updates.Removing the old version, cleaning the registry and fresh install of 8.2.xxxx is also not working.The next try was:I reinstalled (OKR button ? clean install) Windows 7 from the Lenovo factory image.Installing Comodo FW 8.2.0.4674 promptly after win7,so without any windows update, without internet connection, without any programs/utils, without antivirus. etc.the same issue is present on a fresh untouched windows.It looks like this craziness is only on this laptop.Within the family one Ideapad Y560 (w7 hp 64bit) is happily running the latest comodo fw version.Did somebody experience the same issue?Do you h... Read more

Answer:IdeaPad Y570 and Comodo free firewall 8.2.xxxx

This happened to me as well.  It also happened to coincide with me being at a hotel and the problems Comodo caused were severe.  It looked as though there was someone on the hotel wireless that was attacking the network and I figured that I was somehow hacked  with a zero day exploit.  When I got back home I did a factory restore (thank god I took an image when I first got the machine!), but the problem kept occurring.  I even thought it may have been some kind of motherboard virus so I flashed the firmware and then re-imaged again.  Once that didn't work, I knew something else was up.  I finally put two and two together that Comodo and my antivirus software were the first things to go on the machine after the re-imaging.  Watching closely it was then easy to identify that the problem occurred immediately after installing Comodo Firewall (only the latest version).  I also have a Lenovo (but a different model).  I have a Z580. I lost/wasted a lot of time because of this.  But then again, I suppose I can't complain too much as it is free software, after all.

1 more replies
Relevance 41.82%

When placing important numbers, such as SSN. and Credit Card etc., how

do you place them in the XXXXX Format ?
Thanks,

Billjh
 

Answer:Solved: HOME XP Formatting numbers to xxxx Form

6 more replies
Relevance 41.82%

Windows XP setup canot continue. I have the this problem in a Fujitsu Amilo pc which I have reinstalled several times each time with success. The last time I formated HD and installed WinXP as usual. After a few days my wife who is using it, brought it back because the pc could not boot, reporting damaged boot.ini file.When i try to set up windows Xp from a MS Gold original disk i get this same message with different line number each time.Could it be a virus?edited by moderator: email removed

Answer:Line xxxx of the INF file \i386\txtsetup.sif is invalid...

"Could it be a virus?"Sounds like it,.Make sure when you reinstall, you delete ALL partitions & format to NTFS.XP - D to Delete the selected partitionhttp://www.blackviper.com/os-instal...Here are some examples of why you delete all partitions.http://forums.spybot.info/showthrea...http://forums.whatthetech.com/index...http://blog.eset.com/2011/10/18/tdl...

8 more replies
Relevance 41.82%

Hi,Could you please help me. I do not know where FRU# of the mother board is.My laptop is T61p 6459-CTO S/n L3-xxxx.I could not find mother board # under the memory.I have lablel on the board (under the battery) saying FRU: 42W67653 and at the same label another # P42W3817 lenovo and google searches do not show "FRU: 42W67653" at all. Please advice. -vnplus

Answer:system board FRU # location for T61p 6459-CTO S/n L3-xxxx

Welcome to the forum!I believe that you have one too many digits in that first FRU number, could you please verify it again?

5 more replies
Relevance 41.82%

I tried to repair my computer based on what I read and I seem to have a complex problem.
First, on startup when I reach the desktop I get a windows notification that "the Google installer encountered a problem and needed to close". I get it twice. Then I get the following:
1. I am unable to run anitvirus, antimalware. ComboFix, etc. programs from the desktop.
2. I was able to run the CWshredder (latest download) and it found 3 items when I just scanned. When I tried to "Fix", a box pops up that says Windows must shutdown...by NT Authority... (somthing like that...I tried to record it, print screen it, etc. but it does not let me. The remaining 2 variants are CWS.olehelp and CWS.AlfaSearch. I'm sorry, but I did not record the name of the one that was removed...my bad.
3. I did some scanning and fixing on my own and removed some trojans in safemode using Dr. Web Cureit! I did not record the variants, another mistake I made.

The speed of the computer is good and has not degraded. Here are some specs:
Win XP SP3
512 mb ram
Althlon xp 3000+

Here is the dds log, thanks for your help in advance. Regards, Rich
DDS (Ver_09-07-30.01) - NTFSx86
Run by Owner at 13:07:12.25 on Sat 08/08/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.165 [GMT -5:00]
============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.... Read more

Answer:Malware - CWS.xxxx, unable to install MBAM, SuperAntivirus, etc.

Hello RDVoller, and welcome to BleepingComputer.com!We apologize for the delay in responding to your request for help. Here at BleepingComputer.com we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not, please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.If you do not make a reply witin the next 5 days, we will need to close your topic.Please take note of some guidelines for this fix: I will start working on your malware issues, this may or may not solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine. Refrain from making any changes to your computer including installing/uninstalling programs, deleting files, modifying the registry, and running extra scanners or fix programs not requested by me: doing so could change the results in the reports I request. The process is not instant: even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I tell you ... Read more

4 more replies
Relevance 41.82%

Hi I keep getting these pop ups when I'm trying to run a program.

Answer:Application cannot be executed. File xxxx is infected. Do you want to activate

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. 1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.2. The fixes are specific to your problem and should only be used for this issue on this machine.3. If you don't know or understand something, please don't hesitate to ask.4. Please DO NOT run any other tools or scans while I am helping you.5. It is important that you reply to this thread. Do not start a new topic.6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.7. Absence of symptoms does not mean that everything is clear.If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line. *************************************************************************Please download AdwCleaner by Xplode onto your Desktop.Double click on AdwCleaner.exe to run the tool.Click on Search.A l... Read more

1 more replies
Relevance 41.82%

Hi you.I have purchased  Fifa 2010 and now I have installed it on my computer. But when i try to play it, the message: "Requires 3D Hardware Graphics acceleration"So i have searched on the internet to find a solution.These are thethings i have tried:- Display ->options ->advanced, to set the Graphic acceleration on Fuld.- Dxdiag. Direct draw acceleration enabled, Direct3D enabled.-Tested the system several times whit pc doctor and Dxdiag.- Have restored the system several times.-Downloaded the newest drivers. Now I have run out of options and that is why i write here. The Videocard is Nvidia quadro NVS 140M Older Fifa games have worked on this Laptop before so I now that there is a solution.It was after I restored the systim ones that Fifa didn't work anymore. Please help if you can. Regards David 

More replies
Relevance 41.82%

Hi, it's a while since I saw that. It means your universal apps are corrupt. As I recall, the solution is an in-place upgrade repair install.

But see this
Weird tile don't go away... cannot uninstall or nothing... - Solved - Windows 10 Forums
#3
may help.

This was also suggested:
Reset Start Layout in Windows 10 - Windows 10 Customization Tutorials

Could you tell me your current build?
(Windows key + R, winver). Thanks.

Answer:Getting strange @{microsoft.xxxx appearing in start menu

dalchina said:

Hi, it's a while since I saw that. It means your universal apps are corrupt. As I recall, the solution is an in-place upgrade repair install.

But see this
Weird tile don't go away... cannot uninstall or nothing... - Solved - Windows 10 Forums
#3
may help.

This was also suggested:
Reset Start Layout in Windows 10 - Windows 10 Customization Tutorials

Could you tell me your current build?
(Windows key + R, winver). Thanks.



Thanks for this i'll check them out today. As for my current built its Version 1607 OS Build 14393.0

4 more replies
Relevance 41.82%

I have a Toshiba Equium A200-26D which needs a new motherboard due to localised water damage.

I've seen an Equium A200-1VO motherboard available to buy, and I'm wondering if these 2 motherboards have the same fixing points, and should they fit into the same casing?
If so, am I being over-optimistic that this replacement will work?

Many thanks
Matt

Answer:Equium A200-XXXX motherboards cross-compatible?

Hi!

I?m not sure but I think this will not work because the notebook have different model part numbers.
The Equium A200-26D has the PSAE5E number and the other PSAF5E.

In your case I would contact the salesman and ask it.
Furthermore you can ask an ASP. The technicians will know this and also order and exchange the part.

Bye

1 more replies
Relevance 41.82%

Good evening everyone! Thank you for your access to here and reading my post.
Tonight, I want to ask you that how much the Avast Free Antivirus reaches some solid anti-malware software, which are the paid version.

Now I am using F-secure SAFE as Trial license on desktop PC, which is one of the mine.
It seems to nice for protect PC and F-secure SAFE is light despite it is one of the very strong scanning system as consumers.

But now, I am worrying about false blocking by browsing protection of F-secure SAFE.
In usually, f-secure is not making something to bad situation for me, I am feeling it.
But the Browsing protection feature of F-secure SAFE blocks websites too many times.
The most of sites,which were blocked by F-secure are obviously safe. Of cause, they are judged safe sites by other major antimalware soft (e.g. Avast, Bitdefender Total Security).

So I want to compare them; Avast Free Antivirus 2017 and F-secure SAFE 2017(or Internet Security 2017).
I want to ask you that which is the more strong software under the below situation...

1.
OS is Windows10 Home and updated with latest security patch.
2.
Main browser is the latest of Mozilla Firefox with ublock origin.
3.
If I use Avast Free 2017, I will configure some setting (e.g. File Shield, Mail Shield, Web Shield, and Behavior Shield) to aggressive security level. For example, I will configure by referring to this page avast! Optimal Protection settings by RejZoR​
I heard that the latest edition of Avast Free A... Read more

Answer:"Avast Free 2017 with aggressive setting" vs "F-secure SAFE 2017"

Try Avast with these settings. How to setup Avast Internet Security for Maximum Protection (2016 Guide)
 

1 more replies
Relevance 41.82%

I know 2017 version of avg devoloped from Avast. And also both of them use the same engine. But i want to ask you a question. Which one have more feature at the moment? And which one do you recommend to install my computer?

Sorry for my bad english.

Thank you in advance.

Best regards.​
 

Answer:Avast 2017 vs AVG 2017

Hey man. Of the two I would choose Avast, much more reliable and customizable.
My personal choice is Bitdefender though. I believe you could do some research on Youtube so that you form your own opinion. Here are some interesting channels:

The PC Security Channel [TPSC]
Malware Blocker
cruelsister1
Aca Faca

Make sure to post on Security Configuration Wizard forum your full setup after you made your choice
 

26 more replies
Relevance 41.41%

Hey there. I'm very new to MDT and to IT in general and I might need some help here
I was imaging a Dell Latitude E7440 with Windows 7 OS using MDT 2013. It runs Lite touch installation, drivers, etc. and progresses to phase 2 with the error message:

A connection to the deployment share could not be made.
DHCP Lease was not obtained for any Networking device! Possible cause: Check physical connection
Retry: Try again to connect to the deployment share.
Cancel: Give up, cancelling any in-progress task sequence.

Any help on this?

More replies
Relevance 41.41%

I usually have to update a list of clients about the same message occasionally. The whole body of the email is the same except the recepents' name in the begining. eg. Dear John, Dear Ivan, Dear David etc.

Is there a way outlook can send 100s of emails with the same body except editing the Dear xxxx with the first name of the addressee for each email?

I am using Outlook 2007
 

Answer:How to send many emails with the same body except editing the Dear xxxx in Outlook

Google the term "Outlook Mail Merge" and you should be able to find plenty of info.
Regards,
Rollin
 

3 more replies
Relevance 41.41%

Hey there. I'm very new to MDT and to IT in general and I might need some help here
I was imaging a Dell Latitude E7440 with Windows 7 OS using MDT 2013. It runs Lite touch installation, drivers, etc. and progresses to phase 2 with the error message:

A connection to the deployment share could not be made.
DHCP Lease was not obtained for any Networking device! Possible cause: Check physical connection
Retry: Try again to connect to the deployment share.
Cancel: Give up, cancelling any in-progress task sequence.

Any help on this?

More replies
Relevance 41.41%

Please help I'm getting popups that say:"Application cannot be executed. File xxxx is infected. Do you want to activate your antivirus software now?."Is there any way to get rid of these popups?

Answer:"Application cannot be executed. File xxxx is infected. Do you want to activate

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs. 1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.2. The fixes are specific to your problem and should only be used for this issue on this machine.3. If you don't know or understand something, please don't hesitate to ask.4. Please DO NOT run any other tools or scans while I am helping you.5. It is important that you reply to this thread. Do not start a new topic.6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.7. Absence of symptoms does not mean that everything is clear.Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.Save Rkill to your desktop.There are 4 different versions. If one of them won't run then download and try to run the other one. Vista and Win7 users need to right click Rkill and choose Run as Administrator You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.* Rkill.exe* Rkill.com* Rkill.scr* Rkill.pifOnce you've gotten one of them to run then try to immediately run... Read more

8 more replies
Relevance 41.41%

When will Toshiba release a Windows 8 compatible Firmware?

current is Toshiba 7.1.52.1176
other have "Lenovo" 7.1.60.1193 (- Added support for Microsoft Windows 8)

J?rgen

Answer:Portege Z830-11J: Intel ME Firmware for Windows 8 needed 7.1.60.xxxx

Intel AMT is part of the Intel Management Engine (Intel ME).

There is already a new version available Intel AMT *v8.xxxx* and this is a much newer than the *v7.xxx*
But I see that you have already installed the v8.xxxx for Win 8
http://forums.computers.toshiba-europe.com/forums/thread.jspa?threadID=70190

6 more replies
Relevance 41%

Have an Ideapad Y500 that is continuously locking up. Eventually I can get to the event viewer which shows a ton of errors "IO operation at logical block addres xxxx for disk 1 was retried - eventid 153." SMART data on the hard drive is flawless - nothing! Research has pointed to the storage controller as the cause of the problem. Suggestions are to update/change the storage controller. This machine is an Intel with nVidia graphics but no nVidia storage controllers. Only controller is Microsoft's dated 2006. Machine failed to upgrade to 8.1 as well as some other problems which may be related to an infection. However, because this is a hardware related problem, I want to address it first before moving on to any virus stuff (yes, I know viruses get into drivers....) From the looks of this forum, this is a fairly common problem but it doesn't appear that Lenovo's techs know what to do about it. So here's a chance for you (Lenovo) to step up to the plate.... What do you know about the cause of the errors? What can I do about them? Where can I get a storage controller that will work? Thanks, Tom













Solved!

Go to Solution.

Answer:Eventid 153 - IO operation at logical block addres xxxx for disk 1 was retried

Hello Tom, head over to tech inferno, they are more advanced and more likely to help.http://forum.techinferno.com/lenovo-ibm/





Lenovo y510p - Intel Quad-core 4th gen i7-4700MQ @3.40Ghz - 16GB RAM - 1TB HDD 8GB SSD - 1080p FHD - Nvidia 755m SLI

7 more replies
Relevance 40.18%

While looking through security audit logs, certain event types have fields with "%%xxxx" instead of a human readable fields. An example of this is (from PowerShell) the following output from a 4663 event type. Note that Accesses has a
field of %%4421 instead of an expected human readable form like DELETE or WriteData, as in the examples in http://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4663

"4663","IE11Win7","System.Byte[]","137219","(12800)","12800","SuccessAudit","An
 attempt was made to access an object.

Subject:
    Security ID:        S-1-5-21-3463664321-2923530833-3546627382-1000
    Account Name:       IEUser
    Account Domain:     IE11WIN7
    Logon ID:       0x18da2

Object:
    Object Server:  Security
    Object Type:    File
    Object Name:    C:\Windows\System32\IPHLPAPI.DLL
    Handle ID:  0x20c

Process Information:
    Process ID: 0x648
    Process Name:   C:\Windows\odb.exe

Access Request Information:
    Accesses:   %%4421
    Access Mask:    0x20","Microsoft-Windows-Security-Auditing","System.String[]","46
63","8/21/2014 2:00:20 PM",... Read more

Answer:Windows 7 Security Audit Logs - How do I translate %%4421, %%1537 and other %%xxxx data fields?

Hi,
Here is what I can find the relationship between these codes and accesses rights:


High level Generic Codes

1537 DELETE 
1538 READ_CONTROL
1539 WRITE_DAC 
1540 WRITE_OWNER
1541 SYNCHRONIZE
1542 ACCESS_SYS_SEC

File codes

4416 ReadData
4417 WriteData
4418 AppendData
4419 ReadEA
4420 WriteEA
4421 Execute/Traverse
4422 
4423 ReadAttributes
4424 WriteAttributes


Registry Codes

4432 Query Key Value
4433 Set Key Value
4434 Create Sub Key
4435 Enumerate sub-keys
4436 Notify about changes to keys
4437 Create Link


As I known, the Accesses rights are defined in system. An access right is a bit flag that corresponds to a particular set of operations that a thread can perform on a securable object. For example, a registry key has the KEY_SET_VALUE access right,
which corresponds to the ability of a thread to set a value under the key. If a thread tries to perform an operation on an object, but does not have the necessary access right to the object, the system does not carry out the operation.
And there are some standard values and generic values:
Generic Access Rights
http://msdn.microsoft.com/en-us/library/aa446632(v=vs.85).aspx
Standard Access Rights
http://msdn.microsoft.com/en-us/library/aa379607.aspx
The Windows API provides functions enabling an administrator to monitor security-related events.
The security descriptor for a securable object can have a system access control list (SACL). A SACL contains acc... Read more

3 more replies
Relevance 38.13%

Just threw this article together, I want all the brain's in this forum to chip in and if there is anything missing from this article (at all!) let me know ASAP, in this thread.

A top quote :
Quote:




Previously we wrote a long post about Best Laptops for Hackers, which included a run-down on the best laptops for programming and penetration testing (pen-testing). This article turned out to be very popular even though it wasn't exactly intended to be that, now we are proud to finally publish the long-requested article of 'Best Laptops for Video Game System Emulation'.

The idea of this post is to give an accurate summary of which laptops are suited for, or adept at emulating various consoles and their games, and which ones also can easily perform these duties, at the lowest possible cost.

Now obviously, the better hardware you have the better your system will be at emulating other hardware/software. That doesn't necessarily mean a more expensive laptop. Where the demands of hacking and pen-testing demand vital and significant internal storage, the prerequisites for game emulation are generally just a good graphics processor, and good RAM/CPU.

Your laptop should also be in good working order and not muddled with high-risk pirated downloads and large bits of video. To emulate efficiently, you should also have as little processes and programs running in order for the emulator to run smoothly.

These are all common sense tips but...
If you are lo... Read more

More replies
Relevance 37.72%

I've seen other people have this similar problem, but none of the threads I have read seem to have this affected EVERY program. Firefox, trillian, whatever I open I get this annoying message that comes up. I don't think it's causing any harm except being a real pain in the ***. I just fixed Vundo yesterday and ran Malwarebytes Anti-Malware again to include a FULL scan to clean up a few other things.

But I don't think any programs like that will fix the problem. I read somewhere else that some kind of windows password needs to be changed? Help would be greatly appreciated.
 

Answer:Fixed Vundo - Now "xxxx is not a valid windows image." on every program.

[Welcome to Major Geeks!


Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.
If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.

TDSSserv Non-Plug & Play Driver Disable

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.
READ & RUN ME FIRST. Malware Removal Guide


Helpful Notes:

If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can run steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
To avoid addtional delay in getti... Read more

1 more replies
Relevance 37.72%

Hey all, been a while since I posted here, though I do pop my head in from time to time. Well, we all know the scammy "your computer is infected, call 855-226-4686 to fix it" pop ups that happen. Unfortunately my mom panicked and actually called it, and gave the remote access to her computer. I've run the scans, can you please help me figure out what to do about this. Thanks all.
 

Answer:My Mother Clicked The "your Computer Is Infected Call Xxx-xxxx To Fix It" Redirect

Actually it does not look like anything bad is running. I do however suggest changing any passwords for user accounts on this PC and also changing all online email, banking.....etc account passwords just in case they were able to steal any info related to this from your PC.

Also I suggest deleting the below folder which they may have put on the PC for remote access:
C:\Program Files (x86)\Citrix
 

1 more replies
Relevance 37.72%

Very weird boot error: (right after Dell splassh screen)
disk read error code
press ctrl+alt+del to reRECOVERY xxxx

In place of the x's are weird gibberish letters.

When I try to run chckdsk /f/r via windows 7 recovery, it says the volume is locked.

It may be hardware related, but I suspect a virus that affected the MBR and somehow locked the drive--Is this possible?
I also suspect virus because about a month ago I had the "fake-AntiVirus" Virus, and those are quite nasty I heard, but was able to remove it with Stinger.

The reasoning behind me thinking it is a virus is that the error code is not very common( "reRECOVERY xxxx"), and does not look anything like any bios manufacturer would display.

If the MBR is affected and drive is locked I suspect any other drive testing tool will fail.

Are there any options, except reinstall win 7, to fix MBR and unlock the drive.

I already tried following in System Recovery Options from de Win 7 disk:
- chckdsk /f/r resulting output: it says drive is locked

-bootrec /fixboot - says completed succesfully

-bootrec /fixboot - says completed succesfully

- Startup repair does not find any problems

none of above solve issues.


Specs:
Win 7 Ultimate 32
Dell Inspiron 4010
Core i3


Thank you in advance, this is my first post, so if I have missed anything to report, please say.

Answer:Very weird boot error: "reRECOVERY xxxx" x = gibberish

I too have received this strange error message - re-Recovery?? Is that even a word? If so, it doesn't seem like a common error message based on extensive Google searching. I was also thinking that it is somehow virus related but scans have not shown anything. I am receiving this message on a Dell Inspiron One with Windows 7 Home Premium. The owner downloaded a spam letter from her email last week and has since then seen the exact message that you have. Once she presses Ctrl+Alt+Del, her computer boots up fine. She can restart her computer several times during the workday and not see this message, but each morning it is there to greet her. I have done scans with various spyware/malware removal programs, and have found a few entries to remove, but the problem still persists.

Have you come to a conclusion?

4 more replies
Relevance 37.72%

I am locked out of other computer through the network. Originally it asked for my credentials (username/password), which did not work. I found out I have to give it the machinename\domain. So, when I entered that, I still put the wrong name (or syntax?) and now it will not even ask for credential again, it just states: "Windows cannot access \\XXXX"

Relatedly, windows added a computer that was not there in the network list: WIN-SKM....

How can I get the credentials box back for the network computer?

build 10130

thank you,

Answer:Locked out of network computer, "Windows cannot access \\XXXX"

Shawn said:

I am locked out of other computer through the network. Originally it asked for my credentials (username/password), which did not work. I found out I have to give it the machinename\domain. So, when I entered that, I still put the wrong name (or syntax?) and now it will not even ask for credential again, it just states: "Windows cannot access \\XXXX"

Relatedly, windows added a computer that was not there in the network list: WIN-SKM....

How can I get the credentials box back for the network computer?

build 10130

thank you,



This may not apply to your situation, but if you are logging on to Windows 10 using the PIN system, change back to using your Microsoft or local password. That might get you sorted. The PIN system appears to cock up credentials.

5 more replies
Relevance 37.72%

Had read http://www.computerhope.com/forum/index.php?topic=107477.0completed scan but couldn't find saved SuperAntispyware log file.Everything is back to normal now. What to do next please?Malwarebytes' Anti-Malware 1.50.1.1100www.malwarebytes.orgDatabase version: 5977Windows 6.0.6000 (Safe Mode)Internet Explorer 7.0.6000.163867/3/2011 下午 12:19:22mbam-log-2011-03-07 (12-18-58).txtScan type: Full scan (C:\|)Objects scanned: 261797Time elapsed: 40 minute(s), 30 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 1Registry Data Items Infected: 0Folders Infected: 0Files Infected: 3Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\iNaPdCo09000 (Rogue.SystemTool.M) -> Value: iNaPdCo09000 -> No action taken.Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:c:\program files\SlySoft\anydvd.hd.6.7.6.0.final.patch-jw.exe (RiskWare.Tool.CK) -> No action taken.c:\Users\Jessica\AppData\Local\Temp\jar_cache55152.tmp (Rogue.SecurityShield) -> No action taken.c:\programdata\inapdco09000\inapdco09000.exe (Rogue.SystemTool.M) -> No action taken.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 下午 01:39:32, on 7... Read more

Answer:" Application cannot be executed. File xxxx is infected. "

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. 1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.2. The fixes are specific to your problem and should only be used for this issue on this machine.3. If you don't know or understand something, please don't hesitate to ask.4. Please DO NOT run any other tools or scans while I am helping you.5. It is important that you reply to this thread. Do not start a new topic.6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.7. Absence of symptoms does not mean that everything is clear.If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line. *************************************************You will need to re-run MBAM again and this fix the infections and post the log.*************************************************Open HijackThis ... Read more

14 more replies
Relevance 37.72%

I first noticed that these weird tmp. files were showing up like ~wrl3071.tmp the numbers in the file name varied. Next, when I "save as" a word doc, the file saves another copy with the first to characters of the filename being ~$ and another copy of the original will show up the the ~$ in place of the 2 first characters in the filename. If you try to open the ~$ file, a word file conversion text box opens and ask if you to select the code you want to convert from.. Japenese. I am a PC retard and luckily don't have many problems. I have ran Mcafee and Ad-aware and nothing seems to be a problem. Any ideas? Thanks
 

Answer:word docs "save as" filename ~$xxxx

7 more replies
Relevance 37.31%

Hi All,I am running chilisoft on an apache server, and for some reasons, there are lots of files with filename 'core.xxxx' where xxxx is a numerical value. This eats into my storage space and I don't know what they are.please help.many thanks.

Answer:ChiliSoft! files, unknown files 'core.xxxx'

Anti-virus: click hereTry finding the extension of the file by right clicking, it will say the file is: A .pif file or something.Or you could try click hereOther than that rename the files, if it stops programs from running put them back, if not delete them.

2 more replies