Computer Support Forum

what could be worse than heartbleed?

Question: what could be worse than heartbleed?

anything? anyone?

no?

gonna be a long day for some of us i think

EDIT: this may help

http://www.csoonline.com/article/26...ity/remote-exploit-in-bash-cve-2014-6271.html

Relevance 100%
Preferred Solution: what could be worse than heartbleed?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: what could be worse than heartbleed?

CentOS appears to have a new patch out. Get it via YUM.

New file is bash-4.1.2-15.el6_5.1.x86_64.rpm

https://rhn.redhat.com/errata/RHSA-2014-1293.html
http://lists.centos.org/pipermail/centos-announce/2014-September/020585.html

29 more replies
Relevance 48.79%
Question: AOL & Heartbleed?

I've received tons of emails from Hacked AOL users.

Now this:
Dear AOL User,

At AOL, we care deeply about the safety and security of your online experience. We are writing to notify you that AOL is investigating a security incident that involved unauthorized access to AOL's network and systems. Recently, our systems alerted us to an increased incidence of email users receiving spam emails from "spoofed" AOL email addresses. AOL's security team immediately began investigating the cause of the spoofed emails. Spoofing is a tactic used by spammers to make it appear that the message is from you in order to trick the recipient into opening it. These emails do not originate from the AOL Mail system – the addresses are just edited to make them appear that way. AOL is working with other email providers like Gmail, Yahoo! Mail and Outlook·com to stamp out spoofing across the industry, and we have implemented measures that will significantly limit its future occurrence.

Although our investigation is still underway, we have determined that there was unauthorized access to AOL users' email addresses, postal addresses, contact information (as stored in the AOL Mail "Address Book"), encrypted account passwords, and encrypted answers to security questions that we ask when a user resets his or her password. We believe spammers have used this contact information to send spoofed emails that appeared to come from roughly 2% of our email accounts.

... Read more

Answer:AOL & Heartbleed?

It is a fact that AOL was hacked and some information was stolen. Are you asking if this is legitimate?
 

3 more replies
Relevance 48.79%
Question: Heartbleed Bug

On top of the thread I put in the gaming section, ( http://www.pcreview.co.uk/forums/he...resolved-say-valve-t4063797.html#post14221577 ) I thought I'd post a bit more here for those who don't go in there much.


http://heartbleed.com/




The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.


Am I affected by the bug?

You are likely to be affected either directly or indirectly. OpenSSL is the most popular open source cryptographic library and TLS (transport layer security) implementation used to encrypt traffic on the Internet. Your popular social site, your company's site, commerce site, hobby site, site you install software from or even sites run by ... Read more

Answer:Heartbleed Bug

So, will this be picked up by the popular anti virus packages that we all use?

Or, do we need to do something else, other than change passwords? (I don't intend to).

It's not clear to dummies like me just what all this means.
 

9 more replies
Relevance 48.79%
Question: Heartbleed

Hello I think I may have been infected with this can you advise what I need to do to remove this please
 

Answer:Heartbleed

Hello Jayner - welcome to the TSG Forums

Your computer cannot be infected by the Heartbleed vulnerability. Heartbleed is not Malware in the normal sense of the word. Heartbleed is a vulnerability in the source code of OPEN SSL which enables an attacker to view secure data while that data is held in memory.

If you are interested to learn more about this issue then the following will help.

http://blog.malwarebytes.org/online-security/2014/04/be-still-my-bleeding-heart-qa-on-the-heartbleed-bug/

T.
 

1 more replies
Relevance 48.79%
Question: Heartbleed

How worried should we be about this Heartbleed Bug? I know with internet access to my bank account, they provided all the log in details. With them it wouldn't just be a simple case of changing my password.
 

Answer:Heartbleed

Very worried, but it requires action on the company's part before you change your password.
 

7 more replies
Relevance 48.38%

Summary: Industry and standards bodies had announced the transition from SHA-1 hashes to SHA-2 in certificates some time ago, but adoption was weak. Now Heartbleed has created an opportunity to jumpstart the transition.

Heartbleed is a great example of how spectacular security failures grab the popular imagination. There is another set of problems much less sexy and harder to fix: keeping standards progressing. As it happens, Heartbleed creates an opportunity to advance one of these standards: cryptographic hashes.
Because of their importance, a great deal of research, both black- and white-hat, is done on the important crypto functions. Over time, weaknesses will appear in even the state-of-the-art ones, sometimes just because computing power increases over time to the point where some brute force attacks become practical.

Hashes are a fundamental part of much of cryptography, and a weak hash makes for weak encryption. A hash function takes a block of data as an input and outputs a value of a defined size, known as the hash or digest. With a good hash algorithm, there is no way to take the hash output and learn anything about the input data, and even a small change in the input will cause a large change in the hash output. Cases where two different blocks of data produce the same hash may be possible, but they better be rare and, more importantly, unpredictable.


Full Article
 

Answer:SHA-2 takes off, thanks to Heartbleed

Great post champ
 

3 more replies
Relevance 48.38%
Question: Heartbleed Virus

On the news today there was an warning about the Heartbleed Virus.  They mentioned the need to change all our passwords.  I can't find much information on this.  What is the truth about this virus?
 
rlight

Answer:Heartbleed Virus

Heartbleed is basically a buffer exploit, Not a virus.

10 more replies
Relevance 48.38%

this one is called Bash, and in theory it could be worse than the heartbleed.

https://securityblog.redhat.com/201...-environment-variables-code-injection-attack/

This just broke, so just toss any updates into this thread.
 

Answer:New Vulnerability a la Heartbleed

10 more replies
Relevance 48.38%

Has anyone else heard of this? I just heard about it yesterday from my local abc station affiliate. Take a look at the link below and tell me what ya think:

Heartbleed bug: Online security flaw exposes millions of passwords_ - ABC15 Arizona

I tell ya; it sounds pretty scary to me. I hope someone comes up with a fix for it and quick!

Answer:heartbleed bug/virus

Its a server problem running OpenSSL 1.0.1 and there is a fix available. Other versions of that software are not affected. Affected companies are in the process of fixing their systems.

Jim

9 more replies
Relevance 48.38%

Just heard about this. Not entirely certain how big it's impact will be.

http://heartbleed.com/
 

Answer:Heartbleed vulnerability

16 more replies
Relevance 47.97%

Hi all,

I started the day on a high note, before turning on the computer that is, thinking I was going to get some things done. This was not to be: So we start at:

FAIR:
After XP loaded it said that it had recovered from a serious error Product ID _251... so I did some digging around and got some info from microsoft's web pages complete with registry fixes (deleting bad entries, etc.)

I did a quick scan with malwarebytes and it found some stuff that I deleted and when I did a restart it didn't come up correctly.

Went into safe mode and it came up.
(made a HUGE mistake here. Did not copy files I wanted to save when I had the opportunity)
Closed out of safe mode and let it start normally.
Would not boot normally.
Tried to boot in to safe mode and now its recycling back to POST, we have gone to...
BAD:
Hmmm. So I thought how about putting the XP disk in and then do an install leaving file system intact.
When I got to the point of doing the install I chickened out because it said that it might delete the My Documents folder (had some things in there I didn't want to lose) I've done this procedure before and perhaps I should have taken the second opportunity to recover gracefully but I did not.

I hit F3 to cancel out of the install to try and boot from my other HD that has XP (but with some driver issues that I had yet fixed.)

I went into the CMOS to change boot order and notice that the hard drive (the one that I was trying to boot into is not showing ... Read more

Answer:HD/Filesystem prob:Went from fair to bad; then to worse, much worse

Test the HDD with the drive manufacturers disk tools (preferably using a different PC). Run the short and long tests. If either test fails or has errors, the drive is faulty.

4 more replies
Relevance 47.97%

My icons are disappearing
The computer is running slow
Viruses have completely taken over my computer
I am going through financial difficulties right now and would REALLY appreciate help.
I understand computers therefore I can take direction fairly well..
Just please tell me what I need to do.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:43 AM, on 5/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\system32\svcd\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDO... Read more

Answer:It's Getting Worse & Worse. PLEASE. I cannot afford to bring it anywhere:( LOG INSIDE

7 more replies
Relevance 47.56%

So, since I know a lot of people here run DD-WRT (which has several builds that use the affected version of OpenSSL), what risk is there in running those versions of the firmware?

I just went to DD-WRT and got the router mostly configured exactly the way that I want, so I'd really like to not have to update right away unless it's something severe. Not only that, but I'm fairly sure that there isn't even an update yet for my particular router anyway.

In which scenarios would be be dangerous to use it? (VPN, Web-facing router gui, etc)
 

Answer:What does Heartbleed mean for home networks?

someone could potentially gain the admin username and password and then log on and screw up your settings, thats about it.
 

9 more replies
Relevance 47.56%

Anyone running web servers should probably read this, and patch:

http://heartbleed.com/

Oddly I used the tool to test my server and it says it's ok. Anyone know more details about this bug, do I need to redo all my certs, will this affect VPN servers as well, like OpenVPN? What about SSH?
 

Answer:Heartbleed: very serious flaw in Open SSL

If the application in question uses OpenSSL 1.0.1 through 1.0.1f during the handshake you're vulnerable and need to upgrade the version of OpenSSL and change out your certs. This can include VPN software and SSH depending on how they're configured.

Also, which tool did you use to test, I've found that there are problems with some tools returning back false negatives.
 

26 more replies
Relevance 47.56%

Akamai, the network provider that handles nearly one-third of the Internet's traffic, released a Heartbleed patch to the community on Friday, saying that it would protect against the critical Web threat. Now it appears that's not the case.

Writing on his company's blog Sunday night, Akamai chief security officer Andy Ellis said that while he had believed the Akamai Heartbleed patch fully fixed the issue, a security researcher discovered it had a bug that caused it to be a partial, not full, patch.

"In short: we had a bug," Ellis wrote. "An RSA key has 6 critical values; our code would only attempt to protect 3 parts of the secret key, but does not protect 3 others."








Akamai is now heading back to the drawing board. Ellis says that his company has already started rotating SSL certificates that are vulnerable to protect its customers. Ellis says that some certificates will rotate quickly, while others will take a bit longer.

CNET has contacted Akamai for additional comment on the security flaw. We will update this story when we have more information.



Akamai Heartbleed patch not a fix after all - CNET

More replies
Relevance 47.56%

For those who want to check any website manually:

https://www.ssllabs.com/ssltest/index.html

GL & Cheers

Answer:HEARTBLEED: Check any website yourself!

JOOC, did anyone tried it?

2 more replies
Relevance 47.56%

I'm in a bit of a situation with some recent goings-on at my home computer and internet.

When I got home from my 2-day vacation, I started my computer like usual and started doing my everyday things. TFoutpost and Netflix, but then I noticed something a bit odd. I saw a command prompt open for a split second, all I could read was System32. I quickly started scanning with Windows Defender and Malwarebytes but the scans came back negative. By the time the scans were done, who ever was getting onto my computer was installing things I couldn't close or see, so I just turned off my computer. I then went to my other computer which wasn't set up until I quickly through it together. As I was trying to sort things out and look around for answers, but then something scary happened. Command Prompt. System32. I yanked out the power cord from the wall so fast. I think I saved my back-up computer, even though the same anti-virus couldn't find anything. My main computer how ever, the start up screen shows the blue circle with "HP" like it usually does, but then "System Repair" which then went to a black screen with two quick command prompts, which scared me. I turned off my computer and then restarted it, this time just a black screen. I think my computer has been destroyed, and I sort of don't want to take both my computers so it'll have to cost $999 or more just to have someone say "Yep, its broken." I'm on a library comput... Read more

More replies
Relevance 47.15%

This list is going to be live and constantly updated; please return to view the latest information as we get it.



Heartbleed bug: Check which sites have been patched - CNET

Answer:Heartbleed bug: Check which sites have been patched

Thanks, very useful!
Can you get Jason Cipriani to poll IRS and tax-preparer companies, especially the efile companies featured on the IRS site?
Also, State tax Treasury departments

3 more replies
Relevance 46.33%

I bought a Think Pad in April last year which does not start anymore, no lights,nothing.I wanted to send it back to Lenovo for guarantee.Ther ist only ONE problem, there is no sticker on the laptop which shows me the serial numer. Obviously there supposed to be on, but it is missing!!!I do have the invoice which shows the purchase date, but no serial either.I already quit wasted some time to with this bull**bleep**, I hopefully do not need a layer for that.Here you see the last response of the "support" manager -Dear Michael Mueller,Unfortunately I have to inform you that you have no guarantee for this machine.Repair of machines that do not have a sticker can only be carried out by a Lenovo service partner.Lenovo Service Partner:https://pcsupport.lenovo.com/de/de/serviceproviderIf you have any further questions about this service case, please send us an e-mail to [email protected] or call us on the free phone number DE 0800 - 500 4618 / AT 0810-100-654 / CH 0800-55-54-54. Lenovo regularly conducts customer surveys on service quality.If you are selected, please take a few minutes to answer the questions.We thank you in advance.  Yours sincerely, Davor KrpanLenovo Technical Support IBM Hrvatska d.o.o. za proizvodnju i trgovinuMiramarska 23, 10 000 Zagreb, HrvatskaUpisan kod Trgova?kog suda u Zagrebu pod br. 080011422Temeljni kapital: 788,000.00 kuna - upla?en u cijelostiDirektor: ?eljka Ti?i??iro ra?un kod: RAIFFEISENBANK AUSTRIA d.d. Zagreb,... Read more

Answer:guarantee handling - bad worse than worse

I just forgot to mentioned, that the purchase was done through the Leonovo online shop itself -  VERSANDBESTÄTIGUNG Ihre Bestellung wurde versendetSehr geehrte(r) Michael Müller,vielen Dank für Ihre Bestellung im Lenovo Online-Shop, der von Digital River unterstützt wird.Die folgenden Produkte wurden versendet.Bestelldatum14. April 2017Bestellnummer23856585462Tracking-nummer1ZAF68846704024055Folgende Artikel wurden versendet: BestellmengeProdukt-SKUProduktnameVersandmengeVersandmenge gesamtBetrag120J1CTO1WWThinkPad 13 2G11800,52EURWenn Sie per Kreditkarte bezahlt haben, wurde Ihre Karte nun belastet.

1 more replies
Relevance 46.33%

Initially it was Edge not working properly, now it mostly crashes. Even the new "amazing" feature of tab previews doesn't work properly. Imagine, I moved back to Chrome after so many years of being a happy IE user. Cortana was a bit iffy with "Hey Cortana". Now she doesn't listen to what I say at all, even when I press the button. The notification center has its own mood. Often decides to hide until I restart for absolutely no reason at all. Same goes for the sound volume and other flyouts on the desktop.
In short, there is massive degradation of various major features with every new build. And since I post all the issues I find using the feedback app, I know it is not just me experiencing these things. This is disastrous.
So, is it just me or you experience similar issues yourself?

Answer:Is it just me or does Windows 10 get worse and worse with every new build?

It's just you.

10 more replies
Relevance 46.33%

I was curious if anyone out there knows anything about this...

I have a self-built computer, three years old now...and day by day it's getting worse and worse!

AMD Athalon XP @ 1.1 GHz
512MB PC2700 DDR-SDRAM
Windows XP Pro.
Radeon 9500 Pro. 128MB DDR

The problems started about six months ago--every time I'd turn on the computer, it'd scan the hard drive for errors, claiming an improper shutdown. Then, two months ago, it started going to a black screen saying a windows file is corrupt, use the XP CD to restore the file--but simply restarting the computer at that point would get it going (only came up on a fresh start).

Then in the recent times, the screen is completely black. I turn on the computer, and no signal is sent (I'm guessing) to the monitor, so it's just flashing the power light...but after waiting approximently 10seconds, and restarting ('reset button'), it would go to the other problems--file corrupt screen, then the error scan...and this latest time, it took 4 resets for the screen to catch a signal...

All wires are plugged in good, and everything seems to be functioning properly, except for, of course, this problem I have...and I really have no idea where to start on fixing this. I planned on keeping this computer for another year or so--and hope this can be fixed! Anyways, any ideas/suggestions, please let me know!

Thanks,
-X

Answer:My Computer - Getting Worse & Worse! Is there hope?

take the graphics card out and insert it back in firmly making sure it is sat properly in its slot. check the manufacturers websites for your motherboard and graphics card and see what the bios updates do, and see if they have any FAQ's to check if anyone else has been having similiar problems to you in terms of people who have the same motherboard or graphics card??

Email the manufacturer(s) for your motherboard company and graphics company.

2 more replies
Relevance 46.33%

Hi everyone,
My bottom fan on my PC was being very loud, so I opened up my case and unplugged the power supply, and flicked off the power switch on the back. I unscrewed the bottom fan and dusted it a little bit, and then I put it back together how it was before.

The part that I unscrewed also contained my hard drive, and now that it is reseated I cannot boot.


At first I got an error when booting:
Loading operating system . . .
disk boot failure, insert system disk and press enter.

THEN, I tried making sure everything was connected well and tight, and now I am not getting anything displayed on my screen.

Apologies for the lack of knowledge and thanks for the help.

Jeremy
 

Answer:Boot problem, getting worse and worse

It is possible that when you removed the fan and hard drive, you plugged the hard drives SATA cable into a different SATA port on the motherboard. Get into the bios, and make sure that the hard drive is being detected properly
 

1 more replies
Relevance 46.33%

i've had verizondsl for about half a year or so now, and from last month to present, the connection has been horrible.. sometimes it would just hang for up to a minute at a time, with the modem activity light blinking slowly (loss of connectivity).. before it started, speeds were decent, and although slow compared to the optimum cable i was used to, it was sufficient. now it's just pure garbage. if it weren't for the fact that we're getting free cable, i would immediately switch to roadrunner

i figure asking you guys is probly much more helpful than those scripted outsourced fools at tech support. i tried all that "reset your modem" "unplug the ethernet cord" "make sure you're computer is on" crap already and would like some REAL answers..

PS- at my old house, we used to have verizon as well, and after a while it just stopped all of a sudden and when we called to see what happened, they said since there was construction in the area, they must have switched our phone line over to one with a further CO, and we were now too far to service. verizon is teh gay.
 

Answer:verizondsl getting worse and worse speeds

Well try plugging the modem into the demark jack if you have one (by where the phone line comes into your house). See if this still happensl. If it doesn't maybe something happened to your internal phone lines. (this probalby won't be the issue I'm betting).

Beyond doing that phone your ISP and get them to file a support ticket or whatever they call it there. When I was having trouble with my DSL connection a couple years ago I phoned up, they sent a guy from the telephone company to test the line and they replaced a device at the CO and the connection has been perfect ever since.




The [H]orde needs You!
 

15 more replies
Relevance 46.33%

Tens of millions of servers were exposed to a security vulnerability called Heartbleed in OpenSSL, software used to encrypt much of the internet. While an emergency patch has been released, sites like Yahoo have raced to fortify security.On Monday afternoon, the open-source OpenSSL project released an emergency security advisory warning of Heartbleed, a bug pulls in private keys to a server using vulnerable software, allowing operators to suck in data traffic and even impersonate the server.As described by the Verge, Heartbleed allows an attacker to pull 64k at random from a given server's working memory. It's a bit like fishing attackers don't know what usable data will be in the haul but since it can be performed over and over again, there's the potential for a lot of sensitive data to be exposed. The server's private encryption keys are a particular target, since they're necessarily kept in working memory and are easily identifiable among the data. That would allow attackers to eavesdrop on traffic to and from the service, and potentially decrypt any past traffic that had been stored in encrypted form.OpenSSL is used by around 66 percent of the web to encrypt data, according to LifeHacker. The software is used to protect usernames, passwords, and any sensitive information on secure websites.According to reports, sites need to install updated, non-compromised software to vanquish further exposure to the bugs vulnerabilities. Tens of millions of servers were exposed to Hea... Read more

Answer:Heartbleed - Vast security breach on 2/3 of worlds servers

Here is some information on the "Heartbleed" security bug.
http://lifehacker.com/what-the-heartbleed-security-bug-means-for-you-1560801201

50 more replies
Relevance 46.33%

Millions of websites, applications from Cisco and VMware, Google Play apps, as well as millions of Android devices are vulnerable -- and the list keeps growing.

Just how many products and websites need to be patched, and related digital certificates revoked and reissued, before the Heartbleed vulnerability will be mitigated?

Heartbleed, the recently spotted vulnerability in OpenSSL, could allow attackers to steal websites' private keys. Google engineer Neel Mehta and the Finnish security firm Codenomicon discovered the flaw separately this month. But information about the vulnerability, which later became known as Heartbleed, wasn't made public until OpenSSL issued an April 7 security advisory about a "TLS heartbeat read overrun." At that time, more than half of all web servers, collectively hosting more than 500 million websites, were thought to be vulnerable.

What's the status of Heartbleed vulnerability discovery and related mitigation efforts since then? Here are 11 related facts.

More
 

Answer:11 Heartbleed Facts: Vulnerability Discovery, Mitigation Continue

Alot of information on that site.
 

1 more replies
Relevance 46.33%

Hey all,

Just curious... where do you go when things like ShellShock hit the news and your boss is all like "OMG are we affected? What does it do? How does it work? Can we squish this bug?"

Google gives you news articles filled with FUD, but I was able to find a few articles.

Cheers and happy patching everyone!
 

Answer:Trusted sources for security news? i.e. ShellShock, Heartbleed, etc...

Best thing is to look up the CVE for the issue. It will usually have a technical description and links to references (i.e. mailing lists, patch commits)

https://www.us-cert.gov/ncas/alerts/TA14-268A

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169

Alerts: https://www.us-cert.gov/ncas/alerts/
RSS: https://www.us-cert.gov/ncas/alerts.xml
 

2 more replies
Relevance 44.69%

 
The ability of Google Chrome to block secure website connections compromised by the Heartbleed bug is "completely broken" because the browser detects less than three percent of the underlying digital certificates that have been revoked, according to a detailed analysis recently posted online.

http://arstechnica.com/security/2014/04/google-chrome-protection-for-heartbleed-hacked-sites-called-completely-broken/

More replies
Relevance 42.64%

Hello my new bestest friends. I need help ! (as does everyone who comes here) My computer has been running like a bag of you know what for about 3 weeks. IE became corrupt and will not start even after uninstalling and re installing Versions 6 & 7. However this is not the problem as I am currently using safari and finding it great. The problem lies with my computer and it's sluggishness, ever since IE became corrupt my computer seems to have slowed. I am getting occasional Internal memory (blue dos screen) errors and several other little glitches like windows XP's search program will not close after I perform a file search. I have performed several Virus & spyware checks such as AVG and Spyware Doctor also several registry progs like registry Booster.AVG comes up clean, however Spyware Doctor and Registry Booster both show a lot of Registry errors inluding heaps of lnk file and url files. I removed most of these the first time around but discovered it to have deleted all my shortcuts and bookmarks that I much needed (well not so much the shortcuts) It did not remove the actual .exe files but was a major hassle as my dektop shortcuts where wiped. So I performed a system restore and now have everything back.I am wondering are/have these files become corrupt or is this just overkill on the software (spyware Doc & reg booster) behalf?? I have also noticed in my Hijack this log that there are several (missing files).I am so in need of help as i use my computer to p... Read more

Answer:Need Help Computer Getting Worse And Worse!

Hello Krisso,

Welcome to Bleeping Computer

Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Thanks,
tea

2 more replies
Relevance 34.44%

Hi, I have been using PC tools for the last couple of years with no bother. However, when I wanted to put it on my laptop I lost the ability to access the internet. They told me (eventuallY) to reboot using my windows XP home edition disc. having done that I was initially able to access the internet, but I could not open links or download any thing, and now explorer won't open at all, I just get error reporting. Things have gone from bad to worse and I need some help.Thanks

Answer:going from bad to worse

sorry - spyware doctor

2 more replies
Relevance 34.44%

Just a curiosity question. I found an old AMD K6 chip in a scrap computer.
I would like to know if it is better/faster than my "Cyrix Instead" with MMX?
Both I think are 266's and socket 7.......

It's for my first PC that is now used for solitaire and surfing the net...

And what steps, if any, should I do to swap them, if the K-6 turns out better?
 

Answer:Better/Worse? Two old CPU's for old PC..

10 more replies
Relevance 34.44%

I just finished a download that had some pretty nasty side effects. I am getting a pop up saying "It is recommended to update you antispyware protection to prevent data loss. Please install the most up-to-date antispyware for you" then an ok button. This isn't the only one, there are about 2 or 3 that seem random, none of which seem encouraging at all. Please help.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:48:46 PM, on 1/26/2009Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.20935)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\LSI SoftModem\agrsmsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\TVersity\Media Server\MediaServer.exeC:\WINDOWS\explorer.exeC:\Program Files\Unlocker\Un... Read more

Answer:pop ups and probably worse

Hi,Your system is severly infected. Problem with these infections nowadays is, it causes a lot of damage. Even if we clean the malware off your system, I can't guarantee that your system will be clean afterwards, because these infections/bundles leave a lot of leftovers behind that most scanners won't even recognise and logs won't show.Also, I can't promise you we can repair all the damage it caused... Even after cleaning the malware, you can still get errors afterwards because of the damage. Solving these is not always possible since it will be searching for a needle in a haystack to find the right cause and solution.So, we can try to clean this up and do what we can, but keep in mind that we can't solve ALL problems this malware already caused.In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start. Reason I am telling this is because when a system is so terribly infected and we try to clean this up manually, the damage that is already present may interfere with our removal attempts. Actually, this doesn't suprise me at all.I notice that you never scanned with an Antivirus previously before starting this thread - because you don't even have an Antivirus installed!This is somewhat suicidal in today's digital world.That's why I want you to install one first!!* Please install Avira Antivirus: http://www.free-av.com/This is a free Antivirus.Perform a full scan with Avira and let it delete everything it i... Read more

18 more replies
Relevance 34.44%

I have a virus on my computer in which my Windows Defender warning pops up every few minutes I remove it and it keeps coming back. I am also getting lots of internet pop-up ads. Please help before I throw my lap top out of my window. I ran hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:44:47 PM, on 12/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Softw... Read more

Answer:Please help! It's getting worse

it is:
browser modifier: win32/fotomoto
 

2 more replies
Relevance 34.44%

Hi. I hate to be a nooge, but I posted a problem I had a week ago with a single search term being redirected in Google -- only that one search term was redirected. That much has stayed constant -- I've been using Google all week and only that one search term is redirected. My post has dropped down to page 12 and I think it's pretty much off the grid by now.Tonight I tried to run Hostsman to update my Hosts file and Avast! immediately put up the Warning notice that:12/2/2009 11:40:42 PM SYSTEM 2016 Sign of "Win32:Delf-MZG [Trj]" has been found in "C:\Program Files\HostsMan\hm.exe" file.I quarantined the file, but now I'm very concerned. When it was just the one redirect it was interesting, but this has me a bit panicked.I've copied last week's post here.Can anyone help?EDIT: Okay, it looks like Avast! may be reporting false positives right now with virus database 091203-0, the one I'm using right now, according to what I read in the various forums. I'll keep a good thought, anyway.But my redirect problem IS still there, and I'd like to get to the bottom of it, if anyone can help. Thanks!Hello again -- I was here with a severe problem about a year ago. It took several weeks, and a lot of help, but I got cleaned.I also learned a few things. I have since installed the NoScript and Cookie Whitelist addons to Firefox, I installed the free version of ZoneAlarm, and I installed a Hosts file manage... Read more

More replies
Relevance 34.44%

Hey all.
I am loaded with popups. I went through all my prelim scans, booted safe mode, all that jazz. I didn't notice anything for about three minutes, then it all came back. If anything, they just seem to be getting worse. Anyway, here's my log, thank you much for your time.

Logfile of HijackThis v1.97.7
Scan saved at 11:43:05 PM, on 11/27/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tablet.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\mllcrap.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wsxsvc\wsxsvc.exe
C:\WINDOWS\system32\vmss\vmss.exe
C... Read more

Answer:Keeps getting worse.

Hi
You will need to get rid of the Peper Trojan first so run the PeperFix from my list..

After that
Make sure you have already run Adaware, Spybot S & D(check for updates) as these will do a preliminary clean first.Some files below may not be present after running the above programs.

Then....
Turn off your System Restore SEE HERE Reinstate it when your log is cleaned and then create a new restore point.Close your browser window and run hjt in safe mode... HOW TO RUN SAFE MODE and have "Hijack This" fix all the following items by placing a check in the appropriate boxes and selecting "fix checked".
Folders that have been highlighted RED in the log will need to be uninstalled.Check first as some folders maybe uninstalled via the Add/Remove program. Files highlighted in BLACK in the log will need to be removed from your hard drive. Make sure to have your system set to show hidden files and folders.. HOW TO SHOW FILES ..Please post a new log when finished...

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\system32\SearchBar.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\CxtPls\cxtpls.dll
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
O4 - HKLM\..\Run: [W7ABA] c:\documents and settings\... Read more

5 more replies
Relevance 34.44%

I've been trying to fix this computer for several days now, and it keeps getting worse instead of better

I know from my Ad-Aware scans that it has coolwebsearch on it, but CWShredder doesnt find anything wrong when I run it. ad-Aware does and keeps fixing it, but it's back within seconds. I've also run spybot search, about buster, and pest patrol. My HJT logs are getting worse, not better.

I would be much obliged if someone could help me; I can't figure out what else to do.
Thanks!
-Vanessa

Here is my HJT log, let me know what if anything else will help.

Logfile of HijackThis v1.97.7
Scan saved at 11:41:07 PM, on 2/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program... Read more

Answer:It's Getting Worse....

I downloaded the newer version of HJT...new log file is:

Logfile of HijackThis v1.99.0
Scan saved at 12:13:41 AM, on 2/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\iety.exe
C:\WINDOWS\system32\wscript.exe
C:\WINDOWS\system32\wscript.exe
C:\WINDOWS\system32\msbo32.exe
C:\DOCUME~1\ness\LOCALS~1\Temp\Temporary Directory 9 for hijackthis.zip\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscript.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system... Read more

3 more replies
Relevance 34.44%

i now cannot access my e-mail since doing an update every time i click on the e-mail icon nothing happens its just blank, nutty norm again

Answer:its seems to get worse

What email icon?????????????

3 more replies
Relevance 34.44%
Question: From Bad to Worse

Hello to all the experts here at Bleeping Computers.

I was in the process of following your steps from the "Preparation Guide" when my computer decided to crash big time.
Initially I had my homepage hijacked by something called start.search.us. That by itself didn't seem to be a big deal. I was proceeding through the steps and made it to step 8 (Create a GMER Log). Approximately 5 minutes into the scan my entire screen went all screwy. It looked like the GMER scan program filled the screen and scrambled itself.

Now my computer won't work at all. After a restart, the computer locks up on the black screen with the green progress bar (Microsoft Corp underneath). I tried a safe mode reboot but it stops loading at the following line of text, "Windows\System32\Drivers\avgidshx.sys" This was the same line of text that was being scanned during the GMER scan.

After another restart (so many I lost count) my computer reads the following, "Windows failed to start. A recent hardware or software change might be the cause. To fix the problem:...." Several options are listed but even after inserting the original operating disc to repair, I can't get past the green progress bar thing.

Help!!! I'm moments away from turning this laptop into a very unaerodynamic flying brick.

(I'm typing this on my wife's Macbook, in case anyone was wondering how I could post)

More replies
Relevance 34.44%
Question: It's worse

my computer has been acting up for awhile running really slow, but now it's started this trick of adjusting the screen every little bit. It either moves up or down. It changes the sizes of the window as well. Then i noticed down at the bottom in the task bar, a button appears for just a second with a little icon in it. Then it disappears before i can do anything. Now, my email has started bouncing and i can't get outlook express to connect. Also, i was kicked off yahoo messenger and then all i could get was page cannot be displayed on even my home page. Here is my HJT log. I would appreciate your help.

Demi

Logfile of HijackThis v1.99.1
Scan saved at 1:01:23 AM, on 3/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\sistray.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Dig... Read more

Answer:It's worse

6 more replies
Relevance 34.44%

Hi,

I just wanted to start by saying a very big thankyou to all of you that help people on this forum. It is very generous of you and it is appreciated.

I have been infected by this fake security application that says "Windows Security has found critical process activity on your system". It keeps redirecting our web searches. In safe mode I have ran malware bytes, super anti spyware and created a hijack this log all before finding this forum. Both these scans found problems initially however upon following the instructions of this forum no more were found. I tightened up my zonealarm resetting it to default and searching programs that try to run as they popped up, mshta.exe was one of the programs.

I have followed the instruction on this web site to the best of my knowledge and i will attach the logs of the various scans. All scans went well except for the combo fix scan that ran through to stage 50, flashed a page suggesting it was deleting files and then restarted my computer. I repeated it with the same result.

I now have a message that says "SQL Server could not find the default instance (MSSQLSERVER) - please specify the name of an existing instance on the invocation of sqlservr.exe." whenever i start my computer and it takes a long time before all the applications are loaded and ready to be accessed. It seems to run faster if the internet is turned off?

I am posting this from another computer.


Here are the logs - Thankyou for yo... Read more

Answer:Please Help, its getting worse

I am not seeing much in the way of malware on your system. Let's do this and see where you are after:

Download The Avenger by Swandog469, and save it to your Desktop.

* Extract+ avenger.exe from the Zip file and save it to your desktop

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:




R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:50370
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present --Unless you set this.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present --Unless you set this.Click to expand...

After clicking Fix, exit HJT.

* Run avenger.exe by double-clicking on it.
* -Do not change any check box options!!
* Copy everything in the Quote box below, and paste it into the Input script here: part of the window:



Files to delete:
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Ta... Read more

5 more replies
Relevance 34.44%
Question: from bad to worse

please help-got a new laptop trying to use the wi fi.there is no wireless connection icon any where.maybe there no driver,im guessing. do i need to use the disc that came with my router.my other laptop works fine.maybe i need to use another keycode,i dont know please help.thanks

Answer:from bad to worse

I think you're already running a thread on this: click herePlease don't double-post.

1 more replies
Relevance 34.44%

I tried to run a payment on a website and the submit button did nothing but make the cursor blink which it still is.  I looked under inspect Element and there was a JS file that downloaded.  I looked at it and it looked fishy.  I tried to run the normal cleaning techniques (ADW Cleaner, JRT, RKiill etc) and they all returned a messagge. "the service cannot accept control messages at this time "
 
It is slowly getting worse by the minute so I am not sure that this will even get to someone in tim,e cause I know u guys are backed up but if possible I dont know what to do I tried to use msconfig.exe , and the search functions to get safe mode to work but I just get either nothing happening or the same message.  I am afraid that if I turn off the computer to shift into safe mode that it will loack up..  Any helop would be appreciated.

Answer:I have something bad going on and ts getting worse byt the second

Sorry, but it seems that your pc is infected with a virus or malware which is going to take some more work and a deeper look. No sense running a bunch of tools here.Please follow this Preparation Guide, post in a new topic and include a link to this thread.Let me know if all went well.

3 more replies
Relevance 34.44%
Question: Getting worse

I followed your advise to rid my computer of a BHO and virus (red circle w/white X in system tray). Now my computer takes 20 minutes to boot, asks what mode to load in, (safe, normal, MS-DOS, etc), and only loads in 640 x 480 video. I've also lost the printer driver.

Logfile of HijackThis v1.99.1
Scan saved at 12:49:56 PM, on 12/12/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\WINDOWS\SYSTEM\ATIPTAAB.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant ... Read more

Answer:Getting worse

hi, welcome to TSG.
you don't appear to have a firewall, even if you have a router you still need
a software frewall, downlaod the one from the link below!
Filseclab Personal Firewall Professional Edition

http://www.filseclab.com/eng/download/downloads.htm

http://www.wilderssecurity.com/showthread.php?t=92710
Download the pocket killbox

http://www.bleepingcomputer.com/files/killbox.php
Download A2

http://www.emsisoft.com/en/software/free/

update A2 and run a full scan.
*Download Cleanup from Here

http://www.stevengould.org/software/cleanup/download.html

* A window will open and choose SAVE, then DESKTOP as the destination.
* On your Desktop, click on Cleanup40.exe icon.
* Then, click RUN and place a checkmark beside "I Agree"
* Then click NEXT followed by START and OK.
* A window will appear with many choices, keep all the defaults as set when the Slide Bar to the left is set to Standard Quality.
* Click OK
* run cleanup

have hijack this fix these entries. close all browsers and programmes before
clicking FIX.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Ex... Read more

1 more replies
Relevance 34.44%
Question: Bad to Worse

Friends,

It appears my browser (IE/XPpro non-sp2) has been hijacked - at boot time I get an IE page that advertises WinAnti-Virus and demands I purchase. I can close the window and continue, but there are 37 processes running and the drive is constantly active, where an identical box has 28 processes running. I have downloaded (but not run) all the software you recommend, but apparently nudged the wrong bad actor and now the system won't boot at all. I have backed up some data, but don't want to loose everything if I can help it. I don't know how to use command line recovery and I can't remember the Admin password to use it anyway.

This happened once before and I let the system just run and reboot itself and after about 4 hours it was successful. I have about 4 hours on it now and no luck. I will let it run all night to be sure it doesn't heal itself.

If I reload XP, will all my data still be there?

Things started to go south about 2months ago when McAfee found Vundo and couldn't seem to kill it off.....

thanks, GearHead.
 

Answer:Bad to Worse

Hi GearHead,

Check out this link and try the removal tool from Symantec.

READ ME: Virtumundo Problems/Resolution Threads

Should that fail, I would suggest following the steps here:

READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

Best luck
PP
 

2 more replies
Relevance 34.44%

I have been workin on this for several days now and I am at my wits end. I am attaching my Bitdefender log and an HJT log. I have followed all of the instructions in the "Before Posting" page. And should tell you the following. My Add/Remove programs hasn't worked in years so when necessary I use the free trials downloadable from various places.
When I try and run Microsoft Windows Defender it says I need to perform an upgrade, and will not open.
I tried running Pandascan this morning and waited for over two hours and it never did complete downloading.
As I mentioned, I am at my wits end and believe it's time for some help.
Thanks
 

Answer:The more I try the worse it gets! I need Help!

Welcome to Majorgeeks!

You did not attach your HJT log. Make sure you follow all instructions in step 7 properly and then attach your HJT log.

You should look at your Bitdefender log (change the .txt to .html and then double click on it and you can see it in your browser) You need to delete those items it is pointing out in your email.

Is your copy of Windows licensed to you and has it been activated with Microsoft?

What happens when you try to use Add/Remove programs? Be specific.
 

9 more replies
Relevance 34.44%

dear all, any softwares that can fix this...

3 men go into a hotel for the night. The clerk informs them that it's $30 for the room, so they each take out a $10 bill to pay for the room. So far they paid $30, correct? You with me so far? Good.

A few moment after the men went up to the room, the manager reminds the clerk that there was a special promotion that night, and that the room was only $25. So the clerk gives the bell boy five dollars to bring back to the men. On his way up to the room, the bell boy says. "Hey, I'm not stupid, I'll give each of the man a dollar back and keep two for myself, $5 right, 30-5=25.

Well, since the bell boy gave each man a dollar back, that means each man only paid $9, correct?

Well, the last time I checked, 9x3=27, plus the 2 that the bell boy took makes 29, what happened to the other dollar??????

[This message has been edited by kokaik (edited 07-03-2000).]
 

Answer:the more you think, the worse it gets

7 more replies
Relevance 34.44%

Hi,
I made a post about my windows 7 explorer crashing, it seem to only happen when I move files from my internal to my external hard drive. it was still happening, nothing i tried fixed it.but NOW its gotten worse. Its crashing on a loop...every single second.this happens as SOON as I SIGN ON...in seconds it crashing and looping
and I cannot do a thing but use my internet...I get a message that tells me my program
fences (stardock program) has detected that there is problem with 7, and it disables itself, Then windows7 explorer crashes. sends info. then restarts...If I start a video or a program before it closes (which is seconds) then it will run. I have been up for HOURS trying to get this solved. I have NO clue what is going on. I ran Anti-Spyware free edition, found 8 harmful things, had them deleted. I also ran my microsoft essentials...BEFORE that..and it Finds nothing...it NEVER does. but anti does...that confuses me.

SO what is going on? what do I do? PLEASE anyone, I am computer illiterate...
I have windows 7 (genuine)
32bit home premium.
I was tryng to get the rest of the info. but I can't as the explorer is completely locked up as I type this...please help I am so frustrated, I want to make Bill Gates come fix my computer lol...who has his number!?
ASLO! After it crashes and re-opens it keeps bringing up the c drive file location library? every single time, so now i have a list of these file locations open...also I JUST get a message saying that my firewall is... Read more

Answer:Oh no its worse! Help!

Can you get into Safe mode instead? If so, does it happen in safe mode?
Safe Mode

EdiT:--------------------------------------
Do you have a system restore point you can revert to?
http://www.sevenforums.com/tutorials/700-system-restore.html

Oops sorry just read last line of your post.

9 more replies
Relevance 34.44%
Question: Gotten Worse...

I know i posted about it a couple days ago with my computer going down the pooper. Well it was running real smooth untill recently. i had lots of disk drive space open now today it says i have 55.6GB of free space now i have a total of 74.5. I have been running virus protectors and spyware programs but its not working and there are icons showing up on my desktop that i cannot get rid of.... Do i have to re install windows or something? Sorry to ask again but i need help. Also i forgot to mention in my add remove programs there is a new program called search plug in and also micromedia flash player which im unfimiliar with and they are the biggest files in there.
 

Answer:Gotten Worse...

Please don't start a new thread for the same issue

If you are not getting any responses bump the original back to the top by simply posting to it...

here's the oiriginal... http://forums.techguy.org/t313054.html

closing this one

buck
 

1 more replies
Relevance 34.44%

I've had 10 for a few months now. During that time I've had several automatic updates. Most have been unnoticeable, a few others were anti productive. The first and the last (two days ago) have been horrible. When I first downloaded 10 I immediately lost my CD/DVD drive. No matter where I look my computer can't find the old one. It also disabled sound from anything I recorded. The latest update is making me log in if I leave the computer for more than a couple of minutes. It also makes me wait before the log in window pops up. I'm beginning to think that switching from 8 to 10 was not a good decision.

Answer:Just when you think it can't be worse!

Would you consider doing an in-place upgrade install, also known as Repair install ?
Repair Install Windows 10 with an In-place Upgrade

9 more replies
Relevance 34.44%

Ok my computer has been progressivly getting worse becuase before i wasnt able to enter my control panel becuase explorer would just crash. And now i started up my computer and restarted a couple of times and i cannot see my tool bar(the one with the start button) and my cousin is bringing my xp disk christmas.. what can i do in the meantime? oh and when i click my windows key it doesnt do anything.

Answer:it just got worse...

looks like a virus to me
what antivirus program are you using? and is it up to date?

9 more replies
Relevance 34.44%

Sorry to be such a bother but this problem is driving me bonkers!
Every turn develops into a new drama-here's the situation so far-

(1.) When I go to click on a program (any program) my computer either immediately or soon afterwards pops up a window that says "program error-process has already been exited-has generated errors and will be closed by windows. You will need to restart the program. An error log is being created." Of course restarting the process only sends me in circles-the same thing continues to happen-sometimes, obviously, I'm able to start the program but usually during the course of operation the "program error" window pops up and it's back to musical chairs again!
My system is, O/S Windows 2000 Pro, P4-1.6GHz 400MHz/P4FAN (P4-1600AR), Motherboard-D850MVL -MB Intel D850MV w/LAN, Rambus 256MB (2).

(2.) Now if I didn't already have enough problems I've apparently been infected with the Fortnight.E virus-it gets worse, in turn, I infected my ex-wife with the virus via an email (well, I'm sure you can imagine my situation-it would be better to have my nipples dipped in honey and dangled over a pool of hungry piranhas-she's pissed! Of course, the fact that the virus installed porno weblinks into her favorite file made matters even more unbearable-you'd think she was a nun or something! At any rate,
I have run a Panda On-Line AV-Scan-several Norton AV scans-SpyBot, Ad-Aware and SpySweeper-nothing works!
... Read more

Answer:Sos....from Bad 2 Worse!

6 more replies
Relevance 34.44%

Is a 635 slower than a 640? Is the camera worse? Is there less internal memory? What are the differences?

Answer:How much worse is a 635 than a 640?

Here's the differences compared to the 640...
The 635...
...has half the RAM, which meant Facebook and Messenger refused to run in my case on W10M, multitasking is less smooth and whatnot. But it works for the basics.
HOWEVER, there are some 635's that have 1 GB of RAM, matching the 640.
...is not supported currently so you won't be getting Windows 10 Mobile easily, although some 635's have indeed been getting it with little effort oddly enough.
...has an inferior, lower-resolution 5 MP camera with no LED flash. (the 640 has a flash and an 8 MP shooter)
...is smaller than the 640.
...does not have a proximity sensor.
...does not have double-tap to wake or Glance.
...has a smaller and lower-resolution display.
...has a smaller battery.
Although the 635 and 640 share the same Snapdragon 400 processor and 8 GB of storage + microSD.
The 640 is the better all-around phone but I your needs are very basic and the 635 is significantly cheaper then the 635 may make sense.

2 more replies
Relevance 34.44%

I've had 10 for a few months now. During that time I've had several automatic updates. Most have been unnoticeable, a few others were anti productive. The first and the last (two days ago) have been horrible. When I first downloaded 10 I immediately lost my CD/DVD drive. No matter where I look my computer can't find the old one. It also disabled sound from anything I recorded. The latest update is making me log in if I leave the computer for more than a couple of minutes. It also makes me wait before the log in window pops up. I'm beginning to think that switching from 8 to 10 was not a good decision.

Answer:Just when you think it can't be worse!

Would you consider doing an in-place upgrade install, also known as Repair install ?
Repair Install Windows 10 with an In-place Upgrade

0 more replies
Relevance 34.44%

my topic is here http://www.bleepingcomputer.com/forums/t/134217/virus-and-rootkits/ and it has been a couple days since a reply, and i was told not to reply again until i get a reply from someone to help me. but my computer is now losing the whole task bar whenever i close anything...i can bring up the task manager and see everything there, and i can ALT+TAB between programs and they will come up, but when i press the windows button will not bring up the start menu. the HJT log is in that other topic. thank you for looking

Answer:I Think My Pc Is Getting Worse

Hi dizz15,I know it's frustrating, but please be patient. It may take a while to get a response, because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible.If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?".To avoid confusion, I am closing this topic.

1 more replies
Relevance 34.44%
Question: bad to worse

Now I'm getting a little spooked.First it was just some irritating re-directs from Google searchers.Then multiple windows began propagating, sometimes blaring music, voices, phone sounds.Then, trying to work my way through the instructions in the preparation guide, I discovered that attempting to run the gmer.exe crashed me, locked up the processor, prevented me to restarting, the whole thing.Now, my touchpad has stopped responding. I uninstalled and restarted to replace the driver, but no effect. I am having to use a USB mouse, which works OK, but has not improved the touchpad.What's next?!Just curious. A question, for those of you who have experience with this forum--how long does it usually take to get help? Should I assume that all topics are addressed eventually, as folks find time? If I have failed to supply some bit of information, or violated some etiquette, I'd rather know, make my amends and start over that wait on the sidelines longer than necessary.Or should I just throw this piece-of-crap netbook out the window and get a real machine?

Answer:bad to worse

Hello pfosinger,It's hard to say how long it will take for a topic to get picked up. I know how frustrating it is when your computer isn't working properly. Let me assure you that your topic isn't lost, forgotten, or ignored. We work with hundreds of logs every day, so we have devised a means of seeing only those topics that don't have responses yet. At the moment, we have nearly 300 unanswered topics, the oldest dated Aug. 26, 2010 at 5:14 pm Eastern Daylight Savings time in the U.S.A. Your log topic is dated Aug. 30 2010 at 10:00 pm using the same time zone.Our volunteer MRT team members have various levels of expertise and training, so while we try to take the oldest DDS/HJT logs, it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us would want someone to assist you who is not familiar with your issue and attempt to fix it.Please be patient. It may take a few more days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.Orange ... Read more

2 more replies
Relevance 34.44%

new note pad mesgwhen I boot up.
[.ShellClassInfo]
[email protected]%SystemRoot%\system32\shell32.dll,-21787

I get this on start up and firefox is giving me an error

Well, this is embarrassing.

Firefox is having trouble recovering your windows and tabs. This is usually caused by a recently opened web page
Can any one help me out?

Thank you so much
 

More replies
Relevance 34.44%

Like all AOL software, I'm wondering if the new AIM version is worse than the previous. Has anyone tried it yet?

It seems to have a lot of the features that AIM mods have introduced. I use DeadAIM myself, and have loved it for years. I tend to like things minimal. I've tried GAIM and Trillian, but I only use AIM, and GAIM messes up direct connections and profiles. I've tried AIMutation (sp?) and didn't like it much either.

What do you guys think?
 

Answer:AIM 6: worse because it's new?

i like it, but alot of people don't.
you just have to tweak it to the way you want it.
 

3 more replies
Relevance 34.44%
Question: It could be worse

I come to this forum and read all the time in search of knowledge . With the reading and help of the fine people here I have fixed many problems . Some posts I have read complain about a program taking a minute to start up . Some complain about a slow boot up . Well when I said it could be worse I found one that couldn't be . Uncle brought his PC out to me to see iffin I could make it work for him . HP Pailion with 128 ram and XP Home . Hooked it up to my monitor and turned it on . One hour and 15 minutes later I could finally do something . First thing I attempted to do was run defrag . It took 15 minutes for the menue to work enough to let me click on defrag and another 29 minutes to open defrag . Now I have it open and click on derag to run , 7 hours later it finished . Pc Was still slow . A bit better but not much . Started to empty temp folders . One temp folder took 15 minutes to empty . Emptied all the temp folders and the history then deleated some programs . Only deleted 3 small programs but with them and the temp folders I regained 17 gigs of hard drive . Did another defrag and this time it went much faster . Then I started on malware and viruses . Did the ususal scans I learned from here and took a bunch of them out . Got to the point that the PC was healthy again . Took out the 128 megs of ram and replaced it with 512 which is the max for this HP . Now it is running very smooth and probably as fast as it ever will . So when you think you are running slow do t... Read more

More replies
Relevance 34.44%
Question: Bad to Worse.

Hi all,  So not only does the Control Panel on my T520's nVidia card fail to work, but safe mode doesn't either. It gets stuck in a reboot loop for memory reasons. Using last known boot configuration I can get it to boot normally but the networking cards/drivers don't work. They are detected in Windows 7 but ipconfig only gives the Tunneling adapters.  Any ideas? Or should I just send it in for servicing?













Solved!

Go to Solution.

Answer:Bad to Worse.

Hi kingofthering
 
If you need to use the machine temporary or to ensure your Nvidia GPU is defect, you could change the graphics settings in the BIOS to Integrated Graphics.
 
If you are not technical savvy or / and wish to save the hassle, it's probably good to send it in for servicing.
Have a nice day!
Peter
W520 (4284-A99)
Does someone?s post help you? Give them kudos as a reward, as they will do better to improve | Mark it as solved if the solution works for you, so it could be reference for others in the future
=====================================
Sound Enthusiast and Enhancement (Post comments, share mixes, etc.)
http://forums.lenovo.com/t5/General-Discussion/Dol?by-Home-Theater-v4-for-most-Lenovo-Laptops/td-p/6...
http://forums.lenovo.com/t5/IdeaPad-Slate-Tablets/?IdeaPad-Tablet-Sound-Enhancement-Thread/td-p/7150

9 more replies
Relevance 34.44%
Question: Bad to worse

I posted a previous problem in regards to my computer shutting down at random and suspect virus. It seems things have gone from bad to worse in rapid time. I have lost internet connection, I open a program "regedit" and it closes, same with "msconfig" I cannot boot in safe mode. Suddenly all that was in my "connections" are completely gone, that folder is now blank. I know in the past I have tested your patience here but am throwing myself at your mercy once more. Sorry if this should have been posted with my previous question but I am unsure as to how protocol is.

btw forgot to give the basics.
Winxp
Medion computer.
should be current on updates.
again tia.
 

More replies
Relevance 34.44%

Hello, I never write posts to ask questions when it comes computers, but this time I saw myself having to do so.
I have had many problems recently, and it just got to the point where stuff just doesnt work anymore.
I upgraded to Win 10 about 10 days after its launch. I loved it. I had that often problem everyone had but I could solve it.
About 20 days ago, everything worked greatly. Then, I don't remember what exactly happened, but all of a sudden I couldn't access the Groove Music App. Then I realized I couldnt open any other Windows built in apps, not even store worked. However, Edge and apps like calendar for some reason do work. So in an attempt to repair this, I messed up the Appdata folders's permissions. I had recently installed this context menu button when I right clicked, that let me take ownership of a folder, so I took the ownership "administrators."
Then, the hidden items check box in the View Tab on Explorer suddenly unchecked itself when I checked it. I looked up online and there it said it had to do with the Administrator account, but hell, I am the admin account on my PC, so this just didnt make sense. Then I read a simple reboot would help, so I rebooted and it was fixed.
This is where I mention my recent installs. Around the time, I installed this now piece of software on my pc, and this software was Bit defender Total Security. I had replaced my previous antivirus, Avast Internet Security, with this. Now, I highly doubt this program contributed to this in ... Read more

Answer:Help! My pc is getting worse

That last part went wrong somehow, here are the links:
click here
href
10-windowsstore/store-not-opening-in-windows-10-this-app-cant-open/c0de1565-9c33-4604-a1cd-b4ce18b72117?page=2&auth=1
10-windowsstore/windows-10-app-store-will-not-run-cannt-add-a-user/682d6bd8-39ae-4ee4-b0fc-c19027b44552?rtAction=1444233209744&auth=1
storeandappswontopenreregistering/
1-windowsstore/windows-store-app-not-opening-in-windows-81/9882357f-ae86-4e4d-ba37-209aa960063c

7 more replies
Relevance 34.44%

 Can anyone help??? It all started when I installed a new game (well new for my old PC) the other day, when ever I tried to load it, once it got past the intro video it just returned to the desktop, most of the time, it did occasionally work. So I went to look on the web for advice and was told to update my sound and video drivers. My PC is an old PII 350 with windows 98. I went to ATI and downloaded what it said was the latest driver for my card, now when the game does play the colours are all wrong and blocky (I have also updated direct X above the one the game needs). So I tried a sligthly older driver, which was even worse, so I put the newer one back on. To add to this the company who made my sound card (Aureal) have gone out of business, so don't give drivers now. I have found on another page what was supposed to the the latest driver they did release, but when I load the diagnostic tool on my computer (some sort of direct X thing) when I test the sound, it says there is a fault there too. It seems that what ever I try to do, the thing just gets worse, I am starting to think about getting another PC, but when it works, it does everything I need. Does anyone have and advice how I should try and fix all this? Thanks James

Answer:It just keeps getting worse

Did you simply overwrite the videocard drivers? If yes, you may wish to thoroughly clean your computer by uninstalling them and running a program such Advanced System Optimizer V2 or Advanced Uninstaller Pro 2004 There is also a useful tool that removes drivers for you.. I'll get back to you on that once I recall the name. Even though your soundcard manufacturer has gone out of business, use Google to search for drivers. There is quite a high chance of still finding them.As for DirectX, see to it that you have the latest version from Mirosoft.Buying a new PC will not solve your problems. It is not the PC's fault, it is the users fault. Your problems will just start anew if you donot know what you're doing.

1 more replies
Relevance 34.03%

I pretty much summed it up in the questionnaire. I'm trying to save my dad's notebook from layers and layers of browse hijackers, adwares and maybe something even worse, I don't know.

Hopefully you guys can show me the right tools and instructions for the job.
Thank you in advance!
 

More replies
Relevance 34.03%

I posted two days ago but had no replies, so I'm back. (I value the expertise on this forum!) Our system is getting slower and I'm blocked from deleting temp files/cookies, among many other issues. Could someone please look at my fresh HijackThis log and advise me? Thank you!

Logfile of HijackThis v1.98.2
Scan saved at 11:57:04 AM, on 9/16/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON PERSONAL FIREWALL\NISUM.EXE
C:\PROGRAM FILES\NORTON PERSONAL FIREWALL\CCPXYSVC.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\WINDOWS\SYSTEM\HPZTSB09.EXE
C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\MY DOCUMENTS\HJT\HIJACKTHIS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\M... Read more

Answer:It's getting worse - fresh HJT log. Please help!

10 more replies
Relevance 34.03%

Hello, thank you for taking the time to view this. For some reason some links don't work on my home computer but do at my school. I tried them in both FireFox and IE, and nothing worked.

Links like:

Grinler's HiJackThis Tutorial

Said: "Not Found

The requested URL /forums/HijackThis_Tutorial_How_to_use_HijackThis_to_remov e_Browser_Hijackers_and_Spyware-tut42.html was not found on this server."

But they work perfectly at my school, or at my friends house. I'm starting to think its Mal-Ware vs. a problem with my browsers.

But I have the best of the best (pretty much every program Geek to Go admin's and staff has recommended) Anti Mal-Ware applications, and have been scanning non stop all day, and yesterday. Some have detected 1 or 2 problems, others have not, but nothing is better. I think things are getting worse, because now things are slowing down a lot, and programs are taking longer to open up.....and such.

So here is a HiJackThis Log:


Edit by chaslang: Inline HJT log removed. READ & RUN ME sticky not followed.


Help me please this is pissing me off
 

Answer:Serious Problems getting worse

Welcome to Majorgeeks!

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, renaming, running, and posting HijackThis logs as attachments.
Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
Make sure you check version numbers and get all updates.
Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
Downloading, Installing, and Running HijackThis​Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.​
When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
CounterSpy - only for Windows XP, 2K, & NT users
AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
Bitdefender - from step 6
Panda Scan - from step 6
runkeys.txt - the log from GetRunKey.bat
newfiles.txt - the log from ShowNew.bat
HijackThis

NOTE: You can o... Read more

49 more replies
Relevance 34.03%

Hi,Somehow I am being blocked from creating any log files and from running the suggested program "DSS.exe". My browser has been hyjacked. Things are progressivly getting worse. I ran the scan with Hyjackthis and I was able to save a copy that I sent to Trend for a comparasion to other users but I was not able to save it to a log file and I was not able to fix the log file because I could not see the text to erase it plus I could not save the file with another name. Here it is === I sure hope you can help. VictoriaIndex % of PCs with item Code Data1 0.2% O1 ::1 localhost2 0.2% O13 java script:void(0)3 0.0% O16 {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab4 0.0% O17 NameServer = 205.188.146.1455 0.8% O2 Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll6 0.5% O2 Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll7 0.2% O2 SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll8 0.1% O2 (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll9 0.0% O2 Spybot-S&D IE Protection - {... Read more

Answer:Please Help-it's Getting Worse By The Minute

HelloApologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having would appreciate you letting us know If not please perform the following below so I can have a look at the current condition of your machine.Thanks and again sorry for the delay.Please download Deckard's System Scanner (DSS) and save to your Desktop.alternate download siteDSS will do the following:Create a new System Restore point in Windows XP and Vista.Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives.Check some important areas of your system and produce a report for an analyst to review.Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes.You must be logged onto an account with administrator privileges when using.Close all applications and windows.Double-click on dss.exe to run it and follow the prompts.If your anti-virus or firewall complains, please allow this script to run as it is not
malicious.When the scan is complete, two text files will open in Notepad:main.txt <- this one will be maximizedextra.txt <- this one will be minimizedIf not, they both can be found in the C:\Deckard\System Scanner folder.Please copy (Ctrl+C) and paste (Ctrl+V) the c... Read more

4 more replies
Relevance 34.03%
Question: Bsod got worse

Hello, my laptop is not turning on after this error. I used to see this error almost every other day. I thought it's nothing serious.. I even don't see any battery light (on laptop) when I connect it with the charger. I really don't understand what's the main problem.. I bought the laptop 9months ago. I can't say if I need to change the battery. It's aspire v17 nitro. One last thing I want to add is I'm having this error after upgrading to Windows 10 from Windows 8.1. Please someone help me

Answer:Bsod got worse

Hi Zarminaehsan,

This sounds like a bug due to the upgrade.
I suggest to perform a clean install and let me know how it goes.
Windows 10 - Clean Install - Windows 10 Forums

1 more replies
Relevance 34.03%

I have a friends computer that won't allow the internet browser to function properly and won't play youtube videos. I noticed the following in the task manager: (refer to screenshot060, screenchot090). In which the things that look a little fishy like csrss.exe I try to close them and it comes back as access denied. When I restart the computer it says "Unable to set hook?" with an Nvidia header.  Any help will be much appreciated!![recovering disk space, attachment deleted by admin]

Answer:Virus or something worse?

Sorry I ran out of room on the OP. Also sorry for the size I would use an image host but the virus(s) won't allow it.[recovering disk space, attachment deleted by admin]

14 more replies
Relevance 34.03%

Ransomware is about to get a lot worse, by holding your operating system hostage






Now cybersecurity researchers warn that new ransomware features could make life even worse for victims. Rather than just encrypting key files, ransomware could soon infect a computer to such an extent that the only two options available to the user would be to pay, or to lose access to the entire system.

According to the Malwarebytes State of Malware Report 2017, we're likely to see more variants of this type of ransomware, which is designed to modify the infected computer's Master Boot Record, the part of the system which controls the ability to boot into the operating system.

Once modified in this way using malicious code, the system will boot into a lock screen set up by the malware, demanding payment not only to decrypt files but also to restore access to the main operating system. The inability to do anything with the system aside from viewing the ransomware note will only give victims two options: pay up, or have their system wiped completely. It's likely to make ransomware an even more appealing avenue of attack for cybercriminals.



Ransomware is about to get a lot worse, by holding your operating system hostage | ZDNet

Answer:Ransomware is about to get a lot worse

Assuming I have back ups of all my files, can clean installation solve the problem?

20 more replies
Relevance 34.03%

 Hi,I own a E1-570G. I bought a new set of ram : HyperX Impact So-dimm DDR3L 1600MHz 8GB (4gb x2)The problem is that i noticed that the performance of my pc got a lot worse.My fps dropped to 30 fps from a 120 fps ( in league of legends)I'm sure that my nvidia geforce 720m is active when i play...but i can't explain the drop of fps 













Solved!

Go to Solution.

Answer:Hi, can someone help me? new ram = worse performan...

I own a E1-570G. I bought a new set of ram : HyperX Impact So-dimm DDR3L 1600MHz 8GB (4gb x2)The problem is that i noticed that the performance of my pc got a lot worse.My fps dropped to 30 fps from a 120 fps ( in league of legends)I'm sure that my nvidia geforce 720m is active when i play...but i can't explain the drop of fps 

11 more replies
Relevance 34.03%

Well this all happened after I accidentally clicked a "you have won a million dollars" pop up in the middle of a site. Every minute now my computer is getting worse and worse, Half of my desktop is filled with random programs now and more just keep coming. I've tried symantec antivirus, spybot S&D, and adaware, and nothing is working. I have been keeping up on windows updates as well so I can't imagine how things have gotten so screwed up in fifteen minutes. As a last resort I ran hijackthis and saved the log. Hopefully someone here can help me. Adaware will delete 220 objects then ill run it immediately after and 300 objects will be infected. I have no idea what's going on and I'm about to scream. Here's the log:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\WINDOWS\system32\cba\pds.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\system32\cba\xfr.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\qpexgy.exe
C:\PROGRA~1... Read more

Answer:I've tried EVerything and my computer is only getting worse.

16 more replies
Relevance 34.03%

I have a Toshiba Satalite laptop (from around 2001) running Windows XP Pro. I bought it 2nd hand. About a month ago, we came down with a few viruses because my Windows Live One Care subscription ran out so I was naked for awhile...a friend bought Webroot, after installing program...within a couple of minutes every thing was back to good. Within 2 weeks, Total Security was making more of a mess than ever. So much so that I uninstalled Webroot and figured I would go with CA security suite only for it to load with errors, therefore it wouldn't do anything...Now it will let me connect to the internet but if I try to access my e-mail it says access denied. I am wondering if I am going to have to erase my hard drive (which might br harder than anything I've thought about doing. I have another computer that I am using for now but it's very slow! Can I download anything, put it oin a disk and run it on my laptop to clean it up? I don't know how to go about erasing/ (re/formatting). I have a disk that I made that says back-up from 2007. Would that have all numbers/files neccesary as I didn't get an original disk. I also found a 'registration number' file...Any and all help will be greatly absorbed.   

Answer:2nd time is far worse!!!

do you have your xp install disk and cd key?if not do not reformatdo you have anything important on it?did you try malware bytes super anti malware?also try avria and or AVGp.s. i am tring to use free soultions()

14 more replies
Relevance 34.03%

Hi Folks,

I somehow got nailed with Virtumonde two weeks ago and have been fighting with it ever since. Having tried everything I've been able to find on the web (short of attacking things in HJT), I've finally admitted defeat. I noticed some great postings here, so thought I'd ask for some help from the experts at Geeks. I've followed all of the steps in the READ & RUN ME FIRST sticky already, but have managed to end up worse off somehow. That's not a shot at the process, but typical of my last two weeks fighting this thing.

After finishing step 7 last night, I shut down. When I tried to boot into normal mode today, I am now getting a popup window with a title bar of RUNDLL and the message "Error loading C:\WINDOWS\system32\yekrmujm.dll. The specified file could not be found." When I click the OK button on that box, it pretty much causes the system to either grind to a halt or hang (can't tell which- the mouse moves, but nothing came back after an hour, and I can't get task manager to come up).

I can still get into safe mode OK, so I'm trying step 5 again in desperate hope it will at least let me boot into normal mode (it's my work laptop, so I'm a little unproductive right now...).

I've attached all the logs from yesterday's efforts and would greatly appreciate any help with getting back into normal mode, and even better, getting rid of Virtumonde. I was unable to get a log from Co... Read more

Answer:Virtumonde- From bad to worse

And the rest of the logs...

And I forgot to mention that I followed the additional step for Virtumonde and ran Vundofix, so that log is attached as well.
 

9 more replies
Relevance 34.03%

ok....i give up LOL
 

Answer:Problems are getting worse = new log

oh and also, the nortons "clean sweep/smart sweep log" picked up this
=
File 'C:\HP\KBD\PS2.DLL' added.
=======
and a lot more things, but the log is way to long to add here. Is the PS2 ok?
 

3 more replies
Relevance 34.03%

I have a series of problems. When booting up, a bright green light rises from bottom of the normally black Windows boot-up screen. Also, I am no longer able to prompt Safe Mode when I hit F8 during the start up. My screen is blurry (to the point that I can barely read text) and flickers. CPU is VERY slow (typing seems to make it slower). I have Symantec Antivirus and Spyware Doctor, but I don't believe either is working properly. Please help.
DDS (Ver_09-02-01.01) - NTFSx86
Run by Tom H at 8:09:49.23 on Wed 03/11/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.298 [GMT -5:00]

AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated)
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMg... Read more

Answer:Possible virtumonde or worse

Hello.Install Recovery Console and Run ComboFixDownload Combofix from any of the links below, and save it to your desktop. Link 1Link 2 Link 3Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.Close any open windows, including this one.Double click on ComboFix.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. If you did not have it installed, you will see the prompt below. Choose YES.Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help youshould your computer have a problem after an attempted removal of malware. It is a simple procedure that w... Read more

3 more replies
Relevance 34.03%
Question: Trojan and worse?

I discovered I had a problem when I couldn't keep "Show hidden files and folders" active in Folder Options. I re-download Avast AV and ran a scan and found some bad stuff. For the past 24 hours I've been reading info on the Web and trying to fix things on my own, but I need help, please. Thanks very much in advance!
Here's my DDS log and my attach.txt is attached.
DDS (Ver_09-02-01.01) - NTFSx86
Run by Kiko at 4:08:53.71 on Wed 02/11/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.339 [GMT -6:00]

AV: avast! antivirus 4.8.1335 [VPS 090210-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAn... Read more

Answer:Trojan and worse?

Hello. I am PropagandaPanda (Panda or PP for short), and I will be helping you.Disable Realtime ProtectionAntimalware programs can interfere with ComboFix and other tools we need to run. Please temporarily disable all realtime protections you have enabled. Refer to this page, if you are unsure how.Download and Run ComboFixDownload Combofix by sUBs from any of the links below, and save it to your desktop.Link 1, Link 2, Link 3 Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.Double click on ComboFix.exe and follow the prompts. If you are using Windows Vista, right click the icon and select "Run as Administrator". You will not recieve the prompts below if you are not using Windows XP. ComboFix will check to see if you have the Windows Recovery Console installed.If you did not have it installed, you will see the prompt below. Choose YES.
When the Recovery Console has been installed, you will see the prompt below. Choose YES.
When finished, ComboFix will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.Download and Run Scan with GMERWe will use GMER to scan for rootkits.Please download GMER.zip to your desktop from any of the links below:LINK1, LINK2Right click on GMER.zip and select "Extract All".Close all other open p... Read more

14 more replies
Relevance 34.03%

I have two PS3s in my house and a few months ago, they started to lag and disconnect altogether when we played at the same time. I thought it was the router, a Netgear, so we bought a new one, a Linksys. It was still lagging, so we decided to upgrade from TWC's Road Runner Lite to Road Runner Turbo. Of course the upgrade meant I had to upgrade all services and am now paying $60 extra. It didn't get better, instead, it's getting worse by the day. There is NO way to play the PS3s together now, it lags too bad and will disconnect quickly after. We called the router support and their advice didn't work. We bypassed the wireless aspect of the PS3s and plugged the ethernet cables directly into the router and it still lagged. So it has to be something with the ISP or the modem.

Now if I play the PS3 with the ethernet cable directly from the PS3 into the modem, which is the only way it won't lag, it dies after a few minutes and the modem doesn't send signals. That means my digital phone won't work and my Internet won't work. I unplug it and wait, blah, blah, blah. The only way I can get it to work is if I unplug the MAIN cable from the splitter, which means no cable TV and plug it directly into the modem. That doesn't even solve it, it STILL LAGS! It never lagged before a few months ago, we had two PS3s online wireless and we never had a problem. I called my ISP, Time Warner Cable, and they can't speak English and only say to unplug ... Read more

Answer:Lag, worse lag and disconnects

6 more replies
Relevance 34.03%

Kept trying to power up the computer-see latest posts:   http://www.computerhope.com/forum/index.php/topic,87693.0.htmlAll of a sudden the motherboard started to power up, and the chip that reads "Nividia nForce" next to the graphics card started to smoke.  Shut down the system.Not good. 

Answer:Ouch---When bad goes to worse

The good news is we have a new suspect!  Sorry about the vid card.

4 more replies
Relevance 34.03%

DDS (Ver_09-12-01.01)Microsoft Windows XP ProfessionalBoot Device: DeviceHarddiskVolume1Install Date: 18/06/2009 4:43:21 AMSystem Uptime: 12/02/2009 10:09:40 PM (7034 hours ago)Motherboard: MSI | | MS-7374Processor: AMD Athlon™ 64 X2 Dual Core Processor 5200+ | CPU 1 | 2700/200mhz==== Disk Partitions =========================A: is RemovableC: is FIXED (NTFS) - 466 GiB total, 375.161 GiB free.==== Disabled Device Manager Items ================= System Restore Points ===================RP100: 04/09/2009 3:12:42 AM - System CheckpointROOTREPEAL ? AD, 2007-2009==================================================Scan Start Time: 2009/12/03 00:04Program Version: Version 1.3.5.0Windows Version: Windows XP SP3==================================================Drivers-------------------Name: 1394BUS.SYSImage Path: C:WINDOWSsystem32DRIVERS1394BUS.SYSAddress: 0xB80C8000 Size: 57344 File Visible: - Signed: -Status: -Name: Aavmker4.SYSImage Path: C:WINDOWSSystem32DriversAavmker4.SYSAddress: 0xB8340000 Size: 19072 File Visible: - Signed: -Status: -Name: ACPI.sysImage Path: ACPI.sysAddress: 0xB7F79000 Size: 187776 File Visible: - Signed: -Status: -Name: ACPI_HALImage Path: DriverACPI_HALAddress: 0x804D7000 Size: 2150400 File Visible: - Signed: -Status: -Name: afd.sysImage Path: C:WINDOWSSystem32driversafd.sysAddress: 0xB43BE000 Size: 138496 File Visible: - Signed: -Status: -Name: AmdK8.sysImage Path: C:WINDOWSsystem32DRIVERSAmdK8.sysAddress: 0xB7745000 Size: 57344 File Visible: - Sign... Read more

Answer:help ive tried everything and i think im making it worse!!!!!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 34.03%

Hi. My computer is infected with vundo or virtub one of the two. I have run Malware byte Anti malware and it followed the steps and deleted the infected files. I then reran the program and got 0's for everything. I also ran Avira AntiVir Personal and came up as clean. The problem is that sometimes Avira Guard will tell me it has dected virtub and prompts me to delete it. I just want someone to help me figure out weather my computer is clean of viruses or is it still infected.
Thanks.

Answer:I think i have vondo or something much worse!

Let me check it:Download ESET SysInspectorhttp://www.eset.com/download/sysinspector.php- Start program through the SysInspector.exeThe program will collect information about the situation on your machine.- When "inspector" is ready and log file - generated, select File> Save Log- Confirm their wishChoose to save the file somewhere and then upload on http://4storing.com/ (when you open the page, click on the Great Britain flag to open the page in English), then give me the link.

1 more replies
Relevance 34.03%

Hello.

I need your help guys. I have some kind of virus on my computer and i cant delete it. I cant run any program and a cant run " RUN m first pograms all i do virus desabeles the program. Right now i am running my computer in safe mode, and trying to turn on the Search and Destroy program but once i do it it tell me "Error Invalid floating point operation". Whats seems now i can only run SUPERAnitSpyware... Milware bites is messed up too. Whan i press scan it scans my computer and once scan is finnished i pre3ss delete all selected and it sends my computer to lala land. ( different colors start to pop out and then blue screen of death ). Whan i start my pc windows is not starting explorer.exe. Just to let u know this happend in 2 days. Things like "AntiVirus 2009, and all the things from that category showed up before this happend, tried to delete them, but nothing was a succes.

Please help me and sorry for my english.
 

Answer:!Please HELP... fast before something worse happens

This might help.... Malwarebytes worked.... here is the log from that
 

13 more replies
Relevance 34.03%

Hi, I was wrestling with an infection of W32.trats!inf on a laptop - Windows XP home.

Norton Antivirus keeps finding it and has been unable to get rid of it, so I was attempting to remove it manually.

vtstr.dll is in the Windows/system32 folder along with various registry entries related to it

I just tried to boot into safe mode, and it now will not log in and says "Unable to log you on because of an account restriction" in both safe and normal boot modes

Any suggestions?

Thanks!
 

Answer:W32/Trats!inf gone from bad to worse

16 more replies
Relevance 34.03%

Hello!

Running windows XP.

Had Google redirects, ran SuperAnti Spyware, found vundo but couldn't clean. Ran MAM same results. Now today several new problems. SAS and MAM show no infections but I suspect otherwise. My McAfee icon vanishes when I hover over it. I can't access this website (bleepingcomputer) on the infected computer. On startup, the screen looks fine then goes blank for a second then reappears with anti-spyware icons gone. Except for the volume control, the lower left toolbar is empty. I tried to install the hijackthis version you have elsewhere on this site but the computer won't install it.

Your help is much appreciated.

Answer:Infected and getting worse

Please download Dr.Web CureIt, the free version & save it to your desktop. DO NOT perform a scan yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Scan with Dr.Web CureIt as follows:Double-click on launch.exe to open the program and click Start. (There is no need to update if you just downloaded the most current versionRead the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.The Express scan will automatically begin.
(This is a short scan of files currently running in memory, boot sectors, and targeted folders).If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All.When complete, click Select All, then choose Cure > Move incurable.
(This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)Now put a check next to Complete scan to scan all local disks and removable media.In the top menu, click Settings > Change settings... Read more

8 more replies
Relevance 34.03%

Hello and thank you in advance.

My mother-in-law's lap top has a sudden problem.

Window's XP

Computer boots up, and log in screen appears. There are two account login options: Nana & Nicole (granddaughter). Click on either one, it say loading personal preferences, then logs off, back to log in screen.

Sound familiar to any one?

Thanks!!

Jeff

Answer:Mother-In-Law's lap top (what could be worse/)

have you tried logging in the admin acount pressing Ctrl Alt Del twice and if you cant go in there try booting in safe mode

2 more replies
Relevance 34.03%

Please help!!!! My computer has been encountering various issues, the most severe has been the uninstalling of all installed printers. The issue first occured when we were not able to print using our photo printer, shortly after the photo editor application would be force closed everytime the "Print" button was clicked. Now all printers have been uninstalled without our doing. McAfee occassionally finds PrcViewer but cannot fully delete it.

Last scan came up with three detections (the two cookies were automatically deleted):
Cookie-Advertising
Cookie-Insightexpres
PrcViewer
HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20:42 PM, on 3/21/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGR... Read more

More replies
Relevance 34.03%

About 6 months ago I was infected w Trojan/Vundo and the BC gang helped me get back on my feet. I ran ComboFix, use Ad-Aware, AVG, Malwarebytes, Spybot, Spyware Blaster.

I enjoyed 6 worry-free months and now I'm stuck again. Windows will not complete loading--freezes. I tried to use my windows recovery in safe mode and clicking "next" prompts no further action after I've chosen a previous date. I have done a HJT log in safe mode only.

Symptoms when windows was working still:

Google results were links to other ad sites.
IE would not allow me to go to BC.com and other helpful forums but would allow me to go to youtube, google, yahoo, etc.
Updating Ad-Aware, Spybot, and AVG was not allowed.
Malwarebytes would no longer load (would show to load in the Task Manager but nothing further.)

So I feel frustrated because I can't use any malware/virus programs to clean. And I can't load windows in anything but safe mode.

Any advice would be extremely appreciated. Thank you in advance!!

Answer:Seems Worse than 6 months ago

Hi and welcome back. I am sending you a private message with instructions. Please follow those first and then run malwarebytes according to these instructions.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note:-- If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. -- MBAM may make changes to your registry a... Read more

12 more replies
Relevance 34.03%

Old, OLD Sony Viao.. been a great workhorse...Problems started with it not booting into XP unless it rested overnight! (Just like me I guess) Real problem is that I need this machine badly to teach classes.
I uploaded all the new drivers on Sony site.
. As long as I use it in the morning it boots.. EXCEPT now the keys are producing errors. Not all, just some.
One forum mentioned problems with bad memory. I have sent for a Memtest disk.. hope that will help confirm.. If so, its a doable fix.
Sony doesn't seem to have a keyboard driver .. I updated drivers for Processor, and Bios.
Any other suggestions??
I don't want to buy a old XP laptop but that may be my only choice.
 

Answer:Many problems, getting worse..

11 more replies
Relevance 34.03%

Hello everyone,

This is probably the very 1st time i have ever needed assistance this badly with malware removal...My spyware doctor picks up that i have a trojan called Trojan.Spambot, the file that it is in is called Rpcrt3.Dll, it is found in all of my Sv_chost prossesses as well, i have done safe mode, tried disabling everything that is Sv_chost related and i still cant delete this file...To my understanding what the trojan does is take up bandwidth and send spam e-mails....so the is not really a way for me to live with it, as i have tried, i would greatly appreciate any useful feedback...Thank you

Answer:Worse Trojan I Have Had

Please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may have performed some of these steps already. If you can't perform a step, then skip and continue with the next. In step #9 there are instructions for downloading HijackThis and creating a log. (This is a self-extracting version which will automatically install HJT in the proper location.) If HijackThis will not run, try renaming it. Open the HijackThis Folder, right-click on the HijackThis.exe file and rename it Scanner.exe. Double-click on Scanner.exe (which is still HijackThis) and then run your scan. If needed, change the .exe to something else such as .bat, .com, .pif, or .scr. Example: Scanner.bat or Scanner.comWhen you have done that, post your log in the HijackThis Logs and Malware Removal forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day. Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An... Read more

6 more replies
Relevance 34.03%

I'm pretty sure my Toshiba Satellite laptop (Windows XP, has Spybot and Symantec AV) has been hijacked by some hidden malware. It has started wreaking havoc on it. First it was keeping my internet uploading and downloading in the background. And now it won't allow my firewall to startup or give me access to the web through any browser.
I know other apps can access the web because I've updated Spybot and Symantec to try to clean this mess, but that has only partially helped.
The following is my Hijack this log. I'm hoping you can point my in the right direction on how to clean this. Hope to hear from you soon.

Thank you
Wizard Raz, Miami, Florida

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:00 PM, on 12/5/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Cisco Systems\SSL VPN Client\agent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symant... Read more

Answer:Hijacked and getting worse

16 more replies
Relevance 34.03%

Good Evening everyone,

I was asked to look at a Toshiba Satellite yesterday that was said it would not boot. I received said machine earlier today and started troubleshooting it. If I try to boot into regular Windows it comes to the starting Windows screen and just sits there hitting the hard drive, tried to boot into safe mode, but it starts loading the files and then just sits there again hitting the hard drive. At start-up it gives an option for a start-up repair if I click that it will load then just sit at a black screen with my mouse showing.
I was researching this and came across a post on the Toshiba boards with the same type of problem and it was said it could either be that the hard drive could be failing or it could be a deeper problem possibly the motherboard.
I had assumed from the beginning that it could very well be the hard drive, but I don't know how to make that a certainty so I can inform them of what their next step should be since I can not access the machine at all.
Any and all reply's greatly welcomed.

Thank you have a great evening.
Spock96
 

Answer:Possible HDD issue, or worse.

The easiest route is to boot from a Live Linux DVD. That still requires the computer to function but not the hard drive.
 

4 more replies
Relevance 34.03%
Question: I made it worse...

This isn't a computer problem *exactly* but the screen is basically a computer screen so I'm assuming the rest is similar? I really have no idea what I'm doing or why I thought I could do it myself but -

The screen on my PGE (Gaems G115) was totally obliterated by a well-meaning toddler.

I decided to google remedies and found a tutorial with links to everything I needed. Everything was going great until I had to remove the connector thing from the old screen and I broke it worse than the toddler busted the screen.

Is there any hope for my PGE? Can I get this part somewhere as well or is there somewhere I could get it fixed? Or is it a lost cause and do I need to sell it for parts and move on?
 

Answer:I made it worse...

Is this what you are talking about?
http://www.photoshopchop.com/store/Gaems-G115-Portable-Monitor_151699355195.html

If you are in the US, there is a toll free number to call the company.
https://gaems.zendesk.com/hc/en-us/articles/200877693-How-can-I-contact-Customer-Support-
They might be able to give info on the old G115 parts or where you can go for service; everything on the site in the M155 model.
 

1 more replies
Relevance 34.03%

Hi, everyone....
A couple of weeks ago, someone overseas used my credit card number to buy themselves a free train ticket. Since I don't do much (and usually through PayPal anyway) Internet purchasing, there is only one other direct way they could have gotten it - by hijacking my Internet connection. (I could be wrong about this, but it's what I think anyway....)

I use AVG, but after this, I also installed Avast, which I allowed to do a full system scan. It found 4 Trojans on this system, all in the System Restore areas. Naturally, I deleted them.

Prior to this, I was having problems with MSI programs not loading right. After I scanned and got rid of a couple of viruses and those Trojans, this problem seems to have gone away. (In the midst of this, I also upgraded the system to SP3, which could have corrected the MSI problem anyway - no idea.)

What the system is doing now is breaking as I type, which implies that something may be making screen-shots in the background, and transmitting whatever to whoever is watching. This bugs me - what would be helpful is a raw logger that tracks everything transmitted or received via the Net, but I haven't seen such a tool for Microsoft. In Linux, sure, but....

System: 2.0 GHz HP Pavilion 533w, 512 MB RAM, Two 60 GB HDDs, USB 2.0 500 GB HDD, XP Home w/SP3, AVG, (Ad-Aware, Avast)

Here's my HijackThis log file:

---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:23:56 PM, on 9/23/2008
Platform: Windows X... Read more

More replies