Computer Support Forum

Would Like To Determine If My Computer Is Infected

Question: Would Like To Determine If My Computer Is Infected

Last night I purchased an airline ticket on-line from a major carrier (I verified I had an https connection before entering my credit card number) and within minutes of making the purchase someone started using my credit card to make numerous charges.  I ran a scan with McAfee and with Malwarebytes Anti-Malware and they both came up with nothing unusual.  However, I have noticed some unusual behavior recently.  My computer no longer will go to sleep when not used for a while, even though the power setting for sleeping are enabled.  I've noticed this for the last few months.  In addition, for the last few days I now have had several occasions where I locked my screen for a few hours and when I returned and tried to unlock it, the computer was frozen and I had to shut it down using the power button.  I've never had this problem before.  Can you please take a look and see if you can find any malware?
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16736
Run by Bruce at 21:24:29 on 2013-12-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4009.2230 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Windows\system32\LMabcoms.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
c:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Users\Bruce\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120624210839.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
uRun: [LMab1err] C:\Program Files\Lexmark\ErrorApp\LMab1err.exe
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
mRun: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] C:\Windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{90140000-0018-0409-0000-0000000FF1CE}] C:\Windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
StartupFolder: C:\Users\Bruce\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Bruce\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1 71.252.0.12
TCP: Interfaces\{0117EE33-8129-4AA6-8A22-0DFE62F01503} : DHCPNameServer = 192.168.1.1 71.252.0.12
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20120624210839.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-13 771536]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-13 340216]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-4-2 55856]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2011-6-16 87368]
R2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-1-28 32336]
R2 HTCMonitorService;HTCMonitorService;C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2013-9-2 87368]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-8-3 350792]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-23 201304]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-23 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-23 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-23 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-4-2 241456]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-4-2 218760]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-4-2 182752]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2013-8-1 4292960]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-11-8 167424]
R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [2012-9-6 206120]
R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [2012-9-6 185640]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-13 70112]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-4-2 317440]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-13 309840]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-13 515968]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-4-2 539240]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-4-2 1691848]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-23 196440]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-4-2 224704]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-13 106552]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2011-4-4 21504]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-11-8 11776]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-31 19456]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-31 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-7-31 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-11 1255736]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-23 201304]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-11-29 19:44:09 -------- d-----w- C:\Windows\Migration
2013-11-14 00:12:33 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-11-14 00:11:53 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-11-14 00:11:53 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-11-14 00:10:41 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-11-14 00:10:41 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-11-14 00:10:41 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-11-14 00:10:40 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-11-14 00:10:40 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
.
==================== Find3M  ====================
.
2013-12-12 00:31:12 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-08 18:28:58 5 ----a-w- C:\Windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2013-10-12 08:45:20 2241536 ----a-w- C:\Windows\System32\wininet.dll
2013-10-12 08:43:37 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2013-10-12 08:43:32 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-10-12 08:43:32 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-10-12 07:03:50 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-10-12 07:02:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-10-12 07:02:29 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-10-12 07:02:29 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-10-12 06:35:26 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-10-12 06:08:58 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-10-12 05:44:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-10-12 05:15:39 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-10-11 00:55:19 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
.
============= FINISH: 21:25:15.52 ===============
 

Relevance 100%
Preferred Solution: Would Like To Determine If My Computer Is Infected

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Would Like To Determine If My Computer Is Infected

Hi and Welcome!!   
My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
The fixes are specific to your problem and should only be used for the issues on this machine.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
Please be sure to subscribe to the topic if you have not already done so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.
Having said that....      Let's get going!!  
----------
  Please download TDSSKiller
Double click TDSSKiller.exe
Press Start Scan but do nothing else as we are just looking for what is there.
If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
Attach the log in your next reply
A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------
   AdwCleaner
Please download AdwCleaner by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the toolVista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
----------

19 more replies
Relevance 66.83%

Hello,

My year old computer has been running much slower than usual and I have noticed a few problems:

1. Every time I restart my computer, McAfee says "we blocked a device driver on your PC because it contains a threat or is untrustworthy." When I go to details it says Driver name = \Device\HarddiskVolume3\Windows\Temp\mc259B3.tmp

2. Also, each time I restart my computer a program (which I think is java) called Oracle America asks me to update jucheck.exe. This occurs even though I believe my java is up-to-date and was just updated.

Please help me out. Below are my DDS and GMER logs. I appreciate it.

2012-10-10 08:50:53 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
.
==================== Find3M ====================
.
2012-10-12 23:35:52 72104 ----a-w- C:\windows\CouponPrinter.ocx
2012-10-12 05:52:51 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-10-08 19:26:15 73656 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-08 19:26:15 696760 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-10-05 06:14:16 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll
2012-10-05 06:14:16 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 39... Read more

Answer:Please help me determine if my computer is infected

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the t... Read more

28 more replies
Relevance 64.78%

Hello, since I am new to this I am just trying to get a sense of direction,

Where could I get help to determine if my computer is infected? Already ran microsoft defender, ad-aware and spybot search and destroy. I ran hijack this and have some items which look suspicious.

Answer:Where could I get help to determine if my computer is infected? Suspicuous items in hijackthis log.

Hello and welcome please run these next. If you have Spybot installed temporarily disable it.Next run ATF:Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".Please download ATF Cleaner by Atribune & save it to your desktop.Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browser click Firefox at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser click Opera at the top and choose: Select AllClick the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program. Next run MBAM (MalwareBytes):Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.Before you save it rename it to say zztoy.exe alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, fol... Read more

5 more replies
Relevance 54.12%

I am running XP Home, SP2. Interet Explorer 7. Windows are fully up to date. My AV and my Antispyware program keep taking longer and longer to scan and each day more and more files are being added to my computer. A virus scan of a month ago took 30 minutes to scan 389000 files. Todays scan took 37 minutes to scan 408,000 files. Each day the number of files scanned increases. Also, whatever I have seems to corrupt my Outlook Express (OE) file. OE will run fine for a day or two. Then it will not open. When I click on the icon to open OE, I get the Windows XP error ding. I then run SFC /scannow and then OE works fine for a day or two. I ran a bunch of scans:1. Spybot, Adaware and Superantipsyware detected nothing2. NOD32 Antivirus detects nothing3. Panda detects:a. adware/wupd in the windowes registryb. Potentially unwabted tool: Application/killapp.b in c:\hp\bin\killit.exec. adware/Vog in C:\program files\comcasttoolbar\comcasttoolbarr.dll_0_Logfile of HijackThis v1.99.1Scan saved at 5:12:19 PM, on 7/3/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spool... Read more

Answer:I Think I'm Infected, But Can't Determine The Cause

PROBLEM RESOLVED.

Somehow, my system restore function got turned on. Turned it off and my AV/AS scans are back to normal. Please disregard my original post.

1 more replies
Relevance 53.3%

Recently my Wells Fargo online banking was hacked.  I travel a good bit with my work and use a multitude of wireless networks.  Most of the time, I am at a work location where I'm behind a corporate firewall on a private network, but some of the time I'm using hotel wireless or god-forbidden airport wireless networks.  In order to hack my online banking info this person would have needed to know my username and most of my social security number in order to get the WF customer service to believe that he was me.  Fortunately, I caught everything this bugger was doing before he did any real damage.  However, the Wells Fargo people are telling me that I should treat this incident as identity theft and thoroughly scan my computer for viruses, trojans, keyloggers, and other malware to try to make sure that this does not repeat.  My company has McAfee VirusScan Enterprise + AntiSpyware Enterprise 8.8 running on all machines on the network (including my laptop) and I've run scans with Malwarbytes and CCleaner and I appear to be coming up pretty clean there.  What else should I do to insure that I'm not infected in some way?

Answer:Trying to determine if my laptop is infected

Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Update Malwarebytes' Ant... Read more

7 more replies
Relevance 52.89%

System has not been all that reliable with various alerts and strange behavior. I have run scans using Malwarebytes and SuperAntiSpyware and only founded and cleaned up tracking cookies. However I have been receiving periodic displays such as the following:
IntuitUpdater.exe - Corrupt File. The file or directory c:\Windows\assembly\NativeImages_v4.0.030319_32\System.Xml.Linq is corrupt and unreadable. Please run the Chkdsk utility. Problem is this Win7 x64 has a Solid State Disk drive and I have been informed by Lenovo support that you cannot run fix or recover check disk operations on a SSD. I recall have a similar alert for DivX as I am not convinced the updater program is functioning. Also encountered a pop-up dialog when after starting up that was asking me to choose a program to open a file. I was able to trace this file name to "Kevin" and was found in the directory path of: Computer > Windows7_OS (C > Users. When file is opened using NotePad the contents said: The given profile is not found. AVG-Free 2013 and Comodo Firewall has not detected or quarantined anything malicious. Malwarebytes did quarantine on 12/8/2012 4 files attributed to vendor PUP.RiskwareTool.CK so there has been some prior history of Malware on this computer. At this stage I would like assistance in determining if the computer is still infected, so please send me a list of instructions that I'll need to follow to disable any software before running diagnostic reports to be anal... Read more

Answer:Determine if Malware has infected WIN7 x64

2/14/12 Please note: I had not intentionally duplicated this as I had no idea whether my thread had been submitted as I just found it hanging out in limbo.
Subsequently, I have attached files for analysis as I had not done so. You may either use this 2/13/2012 Post or the below that was created today - Thank you, Kevin

Win7 x64 logs detected Malware
I am attaching the logs for analysis as Malware has been detected and I have followed your instructions to the T. The only exception had been I had executed MalwareBytes Anti-Malware on 2012-12-08 as it Quarantined and deleted successfully 4 files as 2 registry items where false positives. Prior to executing your Win 7 Malware Removal/Cleaning Procedure I had restored these quarantined files so your scripted steps would do another scrubbing to ensure this computer will end up entirely clean after I take the next steps of instructions you provide to me. I am pasting below the mbam-log-2012-12-08 (15-39-09).txt results for reference only as I have attached all of (5) five logs from today's 2/14/2012 scans.

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.08.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kevin Morgan :: KEVINMORGAN [administrator]

12/8/2012 3:39:09 PM
mbam-log-2012-12-08 (15-39-09).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options ... Read more

4 more replies
Relevance 52.89%

Hello,
I need some help determing if my system is infected.
I found patch.js under Windows/temp folder and I thought it was suspicious I suspect its Norton AV related but can't tell for sure.

few days ago, I found couple of trojans under Windows/temp but it was successfully removed.

Please examin MGlogs attached and advise.

Your assistance is greatly appreciated.
 

Answer:need assistance to determine if system is infected.

attached is patch.js renamed as patch.txt for your review
 

8 more replies
Relevance 52.48%

Dell Inspiron 9400 LT
Win XP Pro
 
XP updaes will not install, and it takes 10 minutes for it to start up. Browsers don't always take me where I want to go.
 
ETC.
 
I reviewed a similiar situation in another post and am going to try those tecniques.
 

Answer:My Dell 9400 is infected, but I am unable to determine by what.

That slow start could be caused by too many items in startup, a failing hdd, a very fragmented hdd or malware.
Suggest you backup all important files or create an image of the entire drive and store it on an external medium. If the 
hdd is failing, the more you use it the more likely it will become unbootable and unable to recover files.
 
Use CCleaner to cleanup the crud. Once you have done that open CCleaner and click on Tools and choose Startups.
At the bottom of that page you will see a button when clicked will allow you post the list of programs presently starting up
at boot. Post that list back here.
 
After you have backed up the computer and posted the list of startups you can run some programs to hopefully find and
remove whatever adware and malware is on the computer.
 
Use the instructions for Rkill, MBAM, AdwCleaner, Junkware Removal Tool, and Eset online scanner in your previous topic for a different computer.
Make sure that all active security programs are stopped from running/ disabled before running the scans.

27 more replies
Relevance 48.38%

Okay some time I got info that my processor was an Intel Celeron 900Mhz,Socket 370.I'm not sure what higher but compatible CPU I can get.Some suggestions?

Answer:How to determine what CPU is right for my computer?

We'll need to know the manufacturer and model number of your motherboard.

7 more replies
Relevance 48.38%

I want to buy an external hard drive 2.0 USB but don't know whether to buy 60GB or 80GB. My HP PC says I have "512MB Ram memory" but also says I have "120GB DMA hard drive." How do I determine how much actual MB (or GB) I am using? Thanks
 

Answer:How determine GB in use in computer?

6 more replies
Relevance 47.97%

I am very new at this . My computer has listed a DVD/CD-RW Driver CD Drive. Is this a DVD buner? Sorry

Answer:To determine if I have a DVD burner on my computer

From the sound of it, no. A drive described as a DVD/CD-RW drive (or combo drive) can usually only read DVDs, not write to them. It can, however, read and write CDs.

3 more replies
Relevance 47.97%

DDS (Ver_09-12-01.01) - NTFSx86 Run by Nita at 14:58:45.49 on Sun 03/07/2010Internet Explorer: 8.0.6001.18882Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.1013.192 [GMT -7:00]AV: Trend Micro PC-cillin Internet Security 2007 *On-access scanning enabled* (Outdated) {7D2296BC-32CC-4519-917E-52E652474AF5}SP: Trend Micro PC-cillin Internet Security 2007 *enabled* (Outdated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}FW: Trend Micro PC-cillin Internet Security (Firewall) *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Wind... Read more

Answer:Trying to determine what is wrong with my computer

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEnetsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%systemroot%�... Read more

2 more replies
Relevance 47.97%

Hello!

I'd like to know how can I determine my computer's IP address.

Thanks as usual!!!
 

Answer:How can I determine my computer's IP address?

what os

for win98/me go to start/run/type winipcfg and press enter, hit the more info button(make sure you current modem is selected in the drop down box)

for win2k/xp go to command prompt, type ipconfig /all
 

2 more replies
Relevance 47.97%

im using vista hp 32bit and i was wondering how i can tell if my computer is using both cores i dont think so i only see one core in the performance graph

Answer:determine if my computer is using both cores

Try looking for the May computer tip.

14 more replies
Relevance 47.97%

My Dell computer OS is Windows 7.  I am considering upgrading my HD to a SSD and transferring my OS & data to the SSD.  From what I understand, I will get the best performance if I have SATA III instead of SATA II.  How can I determine what version of SATA my computer has?

Answer:How To Determine SATA III In Computer

The manual should tell you...Major brands took awhile to include it so check at the Dell site...Medium / high end MBoards have had it longer.

2 more replies
Relevance 47.97%

My wife's computer is just a few days old. It's a home built machine on an Asus P8H61 mb, with intel i3-2100, 4MB of Corsair ram, and a new 120GB SSD. I have Win 8.1 x64, Office 2013, and Malwarebytes installed (and a few other apple phone support products) - that's about it.

It ran fine all weekend, this morning it was "frozen". None of the apps would open. I could cntrl+Alt+del and get to Task Manger but it would not open.

Oddly, I could switch Users to my account (admin) and access all of the apps, everything worked, resource manger, event viewer, etc. Under Admin account CPU, Memory, Disk activity were normal (0 - 4%).

So it was just wife's account (standard user) that was frozen. I rebooted, ran DISM and SFC and nothing wrong was reported.

How can I determine why it froze? If it happens again, what do I look for?

More replies
Relevance 47.97%

I have HP dm3 laptop and windows 7 installed on it. There is some beep for a 0.5 seconds periodically. There is no regularity. I did not found nothing suspicious in evets log. There is nothing suspicious in processes running on a machine. There is also avg 2012 anitvirus installed. My question is, how can I trace who is sending that signal. Which software do I need for this purpose or which functions to use in c/c++/c# to write a program by myself. I know for sure that this sound comes from sound card and not from pc-speaker.

More replies
Relevance 47.56%

I've found a sensor that can detect a chock has occured, but it was ment for shipping materials and has a 100pc min.
Has anyone a good source for something similar. I've got a few customers that drop their lapotp every few months and act like they got a bad hard drive.

Answer:Determine laptop computer is dropped

The best way to check? "Look at it" If somebody dropped it, you will see a dent or stripped off paint.

3 more replies
Relevance 47.56%

Here is the log list I think some virus may be affecting my sound

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:18:01 PM, on 7/4/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 4\firefox.exe
C:\Documents and Settings\Jaya\My Documents\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html
R1 - HKCU\So... Read more

Answer:Please help me determine the spyware on my computer that is messingwithmyaudio!!!!!!!

Welcome to TSF :)

Please to to your Control Panel --> Add/Remove Programs ---> Remove the following program

Revelent Knowledge (if present).


Please download Malwarebytes' Anti-Malware from Here.



Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.


Extra Note:



If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

3 more replies
Relevance 47.56%

Hello,

I followed all the steps in the Vista malware removal guide. The only one I could not get to work was ComboFix.

I have attached logs. Is there a way to determine if the system is now clean? The system no longer appears to be hijacked but is there a way to know for sure?

Thanks!
 

Answer:how do I determine if antivirus system pro is off computer

I have also attached my avplog.

Thanks again!
 

2 more replies
Relevance 47.56%

How can I determine if my computer has Service Pack 1 installed

Answer:How can I determine if my computer has Service Pack 1

@Fallriver Go to System Properties and it should say there. REO

2 more replies
Relevance 47.56%

setup could not determine the type of computer you have. is the error i am getting when i am try to load window xp on my machine.please help

Answer:XP setup could not determine the type of computer you have

How about listing the make/model of your computer, whether it has an IDE or SATA HDD, & how you're attempting to reinstall XP - booting from CD or recovery disc?

2 more replies
Relevance 47.56%

All,

My Win7 x64 machine has recently developed a bad habit - it wakes itself up from S3 standby mode! Is there an event log, or something similar, which would allow me to determine what woke the computer? While I doubt that there is malware on my machine, I would really like to track down the cause of this behavior.

Thank you.

Answer:Determine action that woke up computer

Useful article here that may help you: Fix Windows Vista/7 Sleep mode from waking up by itself

5 more replies
Relevance 47.15%

Ok, this will probably be a rather long and not very well educated post.

I had a great computer, everything seemed fine, then one day it dies on me. Whenever i turned it on in the past it would give a single short *beep* which i believe is to show it has passed POST. Now it gives a long *beeep* and does not display anything on screen. After some fumbling around, it worked, once. I turned it off, and the same thing happened. I fiddled around some more and found that it would turn on if the monitor wasn't connected, but now not even that works.
Now here's a bit of a guess/some backstory.
My belief is its a problem with the graphics card, partly due to it working without a monitor attached (once) and partly because there was a problem in the past.
I have a Leadtek Winfast 128MB PX6600GT graphics card. The card has 2 ports for my monitor, which handily has 2 leads. I was informed that it may be possible to connect a single monitor to each port, so i thought of considered the 2 ports to be independent of one another. How does that matter?
I had a problem where when i played videos they would run in full screen, and i couldnt change this, nothing worked, all i could do was ALT F4 to close. I found by right clicking on the desktop i could access some options for the graphics card, one was a video option, to play on either 'Primary display' 'Secondary Display' or 'None.' So i guessed that the 2 ports being independent of each other was right, and that these were the 2 differ... Read more

Answer:Computer crashes during POST - how can i determine problem?

Remove the memory then reinstall it. Blow out any dust in the process. Do that same with the video card. Make sure connections are snug. Post back results please.

6 more replies
Relevance 47.15%

First, let me say that we use FOG to deploy images, and for good or for bad, that probably won't change soon. So no MDT for us.

What I'd like to do is, during a phase of Sysprep's mini-setup during deployment, determine the computer model. Then, based on the computer model, change the driver path in the registry that mini-setup uses to install drivers.

Effectively, mini-setup would use only drivers applicable to the hardware to install devices rather than looking through all drivers for all models.

Any ideas?

More replies
Relevance 47.15%

I want to upgrade my memory, but im not really in the mood to take my computer to a shop to find out what kind of memory i need. ive already gone to one place that installed memory for me without me asking and then charged me the same price as best buy, but the memory started showing problems after a bout a month of use, including random "program cannot read/write to memory at xxxxx" with a number in place of the x's. id rather order the memory myself and do it myself, but im not sure what type i should get. my computer is a PC Warehouse brand, but other than that i can't remember many details about it. can anyone help?
 

Answer:Solved: How do you determine the type of memory your computer has?

16 more replies
Relevance 47.15%

Does anyone know where to find the Netbios name for a computer running Windows XP? (I need this information to network my Macintosh to my PC network). I found the following directions on the internet:

1. From the Start menu, right-click My Computer, and click Properties

2. Click the Computer Name property sheet, and click Properties. The Computer name: text box displays your server's NetBios name

Unfortunately this method doesn't seem to work. I can click on Computer Name (not sure this is a property sheet) but it does not have a text box displaying the servers NetBios name.

Where else can I look to find the netbios name?

I have a Linkys Router ( WRT54GS) attached to my computer which has both wired and wireless connections. (The installation of this router may have changed the XP networking control panel)

Thanks,
VJD
 

Answer:Determine the NetBios name of a computer running Windows XP

8 more replies
Relevance 47.15%

It is unclear whether my Thinkpad is infected.  There are no popups or browser redirects or rogue programs; however, computer speed has slowed.
 
Windows Lag time, after booting into windows has increased.  Does this determine Trojan infection?
 
Please explain wat I need to tell you and how to gather this information.
 
Help from experienced Computer Experts is appreciated.
 
Hear from you soon
 
Thank you
 
Computer Specification
 
IBM Thinkpad R51
Windows 7 Ultimate
1 Gb RAM
80Gb Hard Drive
AVG Antivirus 2011
 
 
 
 

Answer:Computer Behavior has slowed. Determine Possible Infection.

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Delete tab follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
===

Please download
Junkware Removal Tool to your Desktop.
Please close your security software to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete, depending on your system's specifications.On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Link 1
Link 2

IMPORTANT !!! Save Com... Read more

1 more replies
Relevance 47.15%

Recently, my windows 8.1 become extremely slow when booting.
As soon as my computer shows the desktop, i can move mouse, but the task bar won't response my click, even i can't right click the desktop to refresh it. This situation will last for about 5 minutes.

normal windows program won't stop my mouse, so i think it should be some driver fault. But how can i determine which one?

Answer:How to determine which program or driver slow my computer?

Recently, my windows 8.1 become extremely slow




so then "recently" what did you install/change?

if you didn't change anything then that means dust/electrical/ some physical problem has occurred in your system..

7 more replies
Relevance 46.33%

My Lenovo T61 Thinkpad won't power up and I've been told that the motherboard is dead. I'd like to get a new mobo before dis-assembling the unit. Am I able to determine the actual mobo number via the computer number? It's a Lenovo T61 7658-CTO serial number L3-F00780H12. Any help will be appreciated. Thanks.
 

Answer:Can I determine the motherboard number before dis-assembling the dead computer?

You could download the free Everest diagnostic.
 

2 more replies
Relevance 46.33%

Hi Guys - Lenovo X1 CarbonI have been happily using my Fingerprint reader to power on and sign in for some time and I have either mis-remembered my password or the one I remember from my "HINT" no longer works.It occurs to me if my fingerprint reader fails I will need to know my password ormy computer will turn into a glorified paper weight--Once i power on and log in via the fingerprint reader - how can I find out my password?Thanks for any help - Stephen

More replies
Relevance 46.33%

Hey guys,

So I have been trying to install Vista on my PC using my Iphone as a flash drive and booting the setup from there. Everything works fine until I come to the window where you have to choose which partition to install to, my options are either:

DISK 0 PARTITION 2 Total Size: 35.1gb Free Space: 35.0gb (LOGICAL) or
DISK 0 PARTITION 3 Total Size: 35.6gb Free Space: 35.5gb (PRIMARY)

Selecting either one of these partitions and clicking next causes a pop up saying 'Windows could not determine if this computer contains a valid system volume' then the setup fails!

I have googled this but can only find suggestions to take out the USB or change boot priority in BIOS. I cannot do this without my Iphone/USB being plugged in as this is where windows boots from.

Does anybody have any idea's how I can work around this as i need to get my PC back up and running ASAP!

Thanks

Answer:Problem installing Vista 'Windows could not determine if this computer contains

"I cannot do this without my Iphone/USB being plugged in as this is where windows boots from."

Correction - your iPhone/USB is where Setup boots from, not Windows.

Provided the hard drive has no operating system on it & no boot code, you should be able to set the iPhone/USB as the last boot device. The system should still boot from it after checking for other bootable media and finding none.

1 more replies
Relevance 46.33%

Under Windows 7, is it possible to determine if a specific computer is logged in to a network? If so, how?

Thank you.

Answer:Determine if a network computer is online from a batch file

You mean if some other computer is connected and turned on?

If so, the easiest way is to simply ping it, if it replies it's online. If it fails, it's either powered off, or firewalled (by default Windows allows pings from anyone).
You can also use that in bat files, and use the returned errorlevel value for further actions.

2 more replies
Relevance 46.33%

Hey guys,

So I have been trying to install Vista on my PC using my Iphone as a flash drive and booting the setup from there. Everything works fine until I come to the window where you have to choose which partition to install to, my options are either:

DISK 0 PARTITION 2 Total Size: 35.1gb Free Space: 35.0gb (LOGICAL) or
DISK 0 PARTITION 3 Total Size: 35.6gb Free Space: 35.5gb (PRIMARY)

Selecting either one of these partitions and clicking next causes a pop up saying 'Windows could not determine if this computer contains a valid system volume' then the setup fails!

I have googled this but can only find suggestions to take out the USB or change boot priority in BIOS. I cannot do this without my Iphone/USB being plugged in as this is where windows boots from.

Does anybody have any idea's how I can work around this as i need to get my PC back up and running ASAP!

Thanks
 

Answer:Problem installing Vista 'Windows could not determine if this computer contains

Hello,
first off, why are you booting/installing Windows Vista off of your iPhone?
 

1 more replies
Relevance 46.33%

Under Windows 7, is it possible to determine if a specific computer is logged in to a network? If so, how?

Thank you.

More replies
Relevance 45.92%

I found this snippet of code while searching for things to help me solve the initial problem. It works like I thought it would but I don't understand what the || in the middle of the ping statement does.

Will someone give me a boost here?

Thank you.



Another variation without using any variable
ping racer -n 1 -w 100>nul || goto ingerror ... ingerror echo Host down goto eof :eof exit /b

More replies
Relevance 45.92%

i have Time computer which i bought in 2004 and then later it went bust and now i have virus on the computer and try using the reload or recovery cd but i get the error message unable to determine bios lock please contact manufacturer which have gone bust and need to my computer back as quick as possible running please help much appreciate with owners of time computer or ho have experienced this problem please help! what shall i do and how to bypass it and reinstall windows xp because it's not happening with bootup disks

Answer:Time computer showing unable to determine bios lock?

HI, i have the same issue with tiny PC, any help appreciated. In fact what i would prefer is not tohave to do the reload, but it all keeps crashing on me, cant boot up even in safe mode. Got as far as defrag in safe mode then crashed and cant get anywhere near it now

1 more replies
Relevance 45.92%

I have an HP Compaq d530 CMT tower computer that was given to me with all components intact except a hard drive. I put a spare hard drive in it and installed Ubuntu 9.04.

This computer is a Pentium IV; i believe the processor speed is 2.8GHz. It has 512MB of RAM in it. I'm thinking about adding some RAM; I might want to try Windows 7 on this computer, probably in a dual-boot configuration with Ubuntu.

I know the computer uses 184-pin DDR memory. crucial.com says it can use either PC2700 or PC3200 and that it can use dual-channel memory. It currently has 2x256MB in it. I'd like to determine whether the existing RAM is PC2700 or PC3200. How can I do that?
 

Answer:How to determine type of memory installed in computer running Ubuntu

Get a working OS on the hard drive, take it to crucial and let the site scan your computer. It will tell you what memory is currently installed.
Looking at the specs here:
http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=4187643&CatId=2645
it appears that it came with 4 sticks of 128 DDR333 (PC-2700).
Not sure why someone might replace 4 sticks with two and still have 512MB total.
Pull a stick out and post what is printed on it.
 

6 more replies
Relevance 39.36%

the computer wont start properly in normal mode most of the time. the hard drive just constantly goes crazy and nothing will load windows explorer freezes. after multiple boots and leaving it on overnight it seems to settle down and run ok, all security programs, commodo, avast, SAS claim to need updating and windows also says this. however upon restart the above problems start again.

SAS and MAB were ran in safe mode. managed to run combofix and MGtools in normal mode. please help, thanks.
 

Answer:infected computer 64bit. logs attached. system file infected

* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
If it is not on your Desktop, the below will not work.
* Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
* If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
* Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::

File::
C:\Users\Francis\AppData\Local\4w1twtdbd4me
C:\Users\Francis\AppData\Roaming\Microsoft\Windows\Templates\4w1twtdbd4me
C:\ProgramData\4w1twtdbd4me

FCopy::
C:\Windows\ERDNT\cache86\svchost.exe | c:\windows\SysWow64\svchost.exe
* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
If it asks you to overide the previous file with the same name, click YES.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe

* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt
* I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That ... Read more

5 more replies
Relevance 39.36%

Hi, everyone... my name is Avi... and I'm running XP service pack II. I thought I was pretty good with computers, since I've been playing with them since the era of Wing Commander and Star Control II, and usually I can solve computer issues on my own. However, 2 days ago I noticed that my background had changed to a blue screen that said "Warning, Spyware detected your computer...", and I repetively get a "Blue screen of death" notice on my computer which indicates that its about to shut down, but... then it just goes back into windows. My system restore seems to have become disabled, and the background and screensaver modes on my display menu are not working. I have Kaspersky AV 7.0 installed, but I never installed the Kaspersky firewall cause i felt it slowed down my PC too much. I am running the windows firewall, though... and I have adaware. Please help me get my PC back to normal!I ran the Deckard's Scan, along with the Hijack This scan, and I have included main.txt and extra.txt in this post. Thanks so much!Deckard's System Scanner v20071014.68Run by Avishek on 2008-06-14 15:19:30Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Failed to create restore point; System Restore is disabled (service is not running).Backed up registry hives.Performed disk cleanup.System Drive C: has 15.3 GiB (less than 15%) free.... Read more

Answer:Infected With Trojan.win32.pakes.czg/warning Your Computer Has Been Infected...

Hello Ice9996 and welcome to BC. Let's see what we can find. Please follow the steps below in order:Before running a new scan let's clean out the temporary folders. Download ATF Cleaner to your Desktop.Double-click ATF-Cleaner.exe to run the program.Click Select All found at the bottom of the list.Click the Empty Selected button.If you use Firefox browser, do this also:Click Firefox at the top and choose Select All from the list.Click the Empty Selected button.NOTE : If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser, do this also:Click Opera at the top and choose Select All from the list.NOTE : If you would like to keep your saved passwords, please click No at the prompt.Close ALL Internet browsers (very important).Click the Empty Selected button.Click Exit on the Main menu to close the program.Now download OTScanIt from here or here to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.Note: You must be logged on to the system with an account that has Administrator privileges to run this program.Close ALL OTHER PROGRAMS.Open the OTScanIt folder and double-click on OTScanIt.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).
In the Drivers section click on Non-Microsoft.Under Additional Scans click the checkboxes in front of the following items to select them:Reg - BotCheck
File - Additiona... Read more

1 more replies
Relevance 38.95%

Hi, this is my first time posting here.

I'm running Windows XP Pro SP2, and my computer has a virus that, at first, was giving me a tool-tip-like message from the system tray saying "Your computer is infected! ..." and something about installing a scam antivirus program. I've done a lot of searching for this issue and have seen many cases of it. Posts on other forums offered specialized programs like "Smitfraudfix.exe" and others that I was unable to get to work.

I've updated my Java (which stopped the annoying "Your computer is infected!" popup), removed my Temporary Internet Files, and run Avast! and Avira every time I restart my computer, but each time there seems to be malware that needs removed. Can someone please help me clean this virus / trojan off of my machine completely?

Thank you for your time, here is a HJT log from the time of this post:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:10:53 PM, on 9/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files... Read more

Answer:"Your computer is infected!" Popup message. Computer infected with Trojan

16 more replies
Relevance 38.95%

Since today, my computer doesn't load the explorer anymore. I can still run it through Windows Task Manager though but running explorer.exe, but after it loads, my background has been changed to a message saying "WARNING! You're in Danger! Your computer is infected with Spyware! All you can do with computer is stored forever in your hard disk."
It also constantly badgers me with faulty anti-virus applications called "System Security."

Thank you very much for any help.

Update: I can't load up any applications or even task manager after explorer has started. An icon in the bottom right continues to state "Warning! Application cannot be executed. The file _______.exe is infected. Please activate your antivirus software."

Answer:Infected: WARNING! you're in danger! Your computer is infected with Spyware!

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Relevance 38.13%

Hello,I really need some help! My computer had a virus that made the fake Windows XP antivirus popup appear where they want you to download the bogus antispyware program, and the desktop background changed to blue with a message that read " WARNING! Spyware detected on your computer. Please install an antispyware...." Blah, Blah Blah! And it would act like it was restarting and go to a blue screen, but if I pressed F8 it would go back. So I followed some steps I had read on here from other people, and that part of it is gone. I am now able to change my desktop background. Now the problem is that every time I try to go on to the internet, Google or whatever other search engine I use will come up, but then when you try to go to another site, it just says " Loading, internet browser redirecting." And I get redirected to another site, usally ADT (weird) or another antispyware site which I believe is just part of the virus. Also, the computer will freeze up completely to where I can't do ANYTHING. Even CTRL+ALT+Delete doesn't work. So we end up just unplugging it (I know that is probably REALLY bad!) I downloaded spybot S&D from my other computer and put it on the bad one, and it did find a couple things and I deleted them, but it didn't help. So I got hijackthis from my other computer also and dowloaded it to the messed up one and obtained my log. I had to do this in safe mode and allow networking to even get my computer to keep running, so... Read more

Answer:Computer Infected-internet Browser Redirects And Computer Freezes/ Computer 2

Hi Please Download Malwarebytes' Anti-Malware from Here :-http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.htmlor here :-http://www.besttechie.net/tools/mbam-setup.exeDouble Click mbam-setup.exe to install the application.* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.* If an update is found, it will download and install the latest version.* Once the program has loaded, select "Perform Quick Scan", then click Scan.* The scan may take some time to finish,so please be patient.* When the scan is complete, click OK, then Show Results to view the results.* Make sure that everything is checked, and click Remove Selected.* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.* Copy and Paste the entire report in your next reply.This should do enough to enable you to boot your computer into normal mode THEN ...Please follow these directions to run Combofix & post a log.http://www.bleepingcomputer.com/combofix/how-to-use-combofixsteam

8 more replies
Relevance 38.13%

Hello! I am posting because I have offered to clean up a computer for a coworker, and want to make sure I do a thorough job. So far, I have seen indications of at least 4 separate malware programs. The first was Antivirus 360, which I believe I deleted for the most part via manually removing the files and registry values. I have also seen VirusProtect 3.8 and 3.9, though I had no luck locating the files I was told to delete...so I am not sure if the infection is there or not. His computer already has "Verizon Internet Security" installed, and I used that for an initial scan to see what it found. I deleted what it found, though that was done in safe mode, before I deleted all the files manually for AV360. When I enable Verizon Internet Security, it pops up two warnings, which mention a file by the name of Trojan.Win32.Monderb.xgy, in the C:\WINDOWS\system32\ljJCvSiI.dll. I looked up that file, and saw it was connected with the "Vundo" virus...or something along those lines. His computer is not connected to the internet at the moment. I am using my laptop to access the net, and transferring files via a flash drive to his computer. I have scanned with DDS, and will provide the log. I also have HJT ready to run on his desktop, as well as ComboFix. Here is the DDS log: DDS (Ver_09-01-19.01) - NTFSx86 Run by HP_Administrator at 16:34:39.23 on Mon 01/26/2009Internet Explorer: 7.0.5730.13Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033... Read more

Answer:Computer Infected/Possibly Infected With Various Malware

Hi,Your system is severly infected. I can see more malware present than anything else... Problem with these infections nowadays is, it causes a lot of damage. Even if we clean the malware off your system, I can't guarantee that your system will be clean afterwards, because these infections/bundles leave a lot of leftovers behind that most scanners won't even recognise and logs won't show.Also, I can't promise you we can repair all the damage it caused... Even after cleaning the malware, you can still get errors afterwards because of the damage. Solving these is not always possible since it will be searching for a needle in a haystack to find the right cause and solution.So, we can try to clean this up and do what we can, but keep in mind that we can't solve ALL problems this malware already caused.In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start. Reason I am telling this is because when a system is so terribly infected and we try to clean this up manually, the damage that is already present may interfere with our removal attempts. Actually, this doesn't suprise me at all...From the log I see:AV: Authentium Antivirus *On-access scanning enabled* (Outdated)AV: Verizon Internet Security Suite Anti-Virus *On-access scanning disabled* (Outdated)FW: Verizon Internet Security Suite Firewall *disabled*What's the point in having a security Suite / Antivirus present if it's outdated and disabled.Most probably the sub... Read more

7 more replies
Relevance 38.13%

Hi!

I seem to have been infected with some particularly vicious malware..

I get a red bubble with a white 'x' on my taksbar. The message 'your computer is infected! WIndows has detected a spyware infection! Click here to protect your computer with spyware!'

Anti - Vir is going nuts over it (It keeps on picking up trojans and worms) Malwarebytes' Anti-Malware can't get rid of it, and neither can spybot. It has turned off Windows firewall and won't let me turn it back on.

I use Windows XP, have automatic updates turned on, am running SP2 and update Antivir, Spybot and Malwarebytes' Anti-Malware regularly.

It won't let me run ad-aware or spybot.

If you require any further information, let me know!

Many thanks in advance for any help you can give me

Rob



DDS (Ver_09-07-30.01) - NTFSx86
Run by admin at 11:14:16.37 on 02/09/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1023.453 [GMT 1:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.ex... Read more

Answer:I'm Infected with 'Your computer is infected' taskbar malware

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

13 more replies
Relevance 38.13%

Here is my DDS log. Right now my desktop is pure white and I can't set a background image. Also I have a red X showing up in the tray saying "Your Computer is Infected - Click Here to Remove"

DDS (Ver_09-02-01.01) - NTFSx86
Run by Compaq_Administrator at 14:46:59.31 on Tue 02/10/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.606 [GMT -5:00]

AV: avast! antivirus 4.8.1296 [VPS 090210-0] *On-access scanning enabled* (Updated)
FW: Norton Internet Worm Protection *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSr... Read more

Answer:Infected with "Your computer is infected with a virus - Click Here"

Forgot to mention when I use google in Firefox, I have to open the link 6 or 7 times before it actually brings me to the link, other times it is redirected to a number of sites.

12 more replies
Relevance 36.9%

heyy guys,

okayy so about a month ago a trojan managed to get onto my netbook and i scanned with malwarebyte antimalware and super antispyware in safe mode which seemed to fix is for the most part, but im still getting some problems and avast, mbam and superantispyware are all coming up clean.

the worst thing is my internet just cutting out after about 40 minutes of use, wireless zero configuration turns itself off and will not turn on
and one of the svchosts using way too much memory and cpu, but i cant turn it off because that just messes up my netbook.

soo yeah some help would be great cuz this is really getting on my nerves.

More replies
Relevance 36.9%

Every 10 minutes or so, a red pop up box appears saying my computer is infected and asks if I would like to remove - it is called PC Security Guardian. Then a minimized window opens and says "PC Guardian has detected suspicious software - click to remove."

There was no data from the GMER scan, so the ARK.txt log will not attach.
DDS.txt Log:

.
DDS (Ver_2011-06-03.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Dunigan at 18:50:36 on 2011-06-08
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3839.2739 [GMT -5:00]
.
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\syst... Read more

Answer:Infected with a pop ups saying computer is infected followed by a pig squeel

Hello rallysport1992 ,Please download Malwarebytes Anti-Malware and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan ... Read more

4 more replies
Relevance 36.08%

I have the virus and am unable to boot safe mode. I have run the FRST scan and gotten a log. Below is the log, but I am not sure what do do next. 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-05-2013
Ran by SYSTEM on 15-05-2013 12:24:27
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-03-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-16] (Synaptics Incorporated)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [1573576 2012-12-10] (Ask)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [NACAgentUI] C:\Program Files (x86)\Cisco\C... Read more

Answer:Computer is infected with computer crime and intellectual property section virus

Hello njyoung2 I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same"... Read more

10 more replies
Relevance 36.08%

Had the day from hell with my computer, antivirus stopped working and my computer got infected. On safe mode with networking, I ran malwarebyte a couple times, cleaned most all of it out. When rebooting to windows, computer became super slow, like 5 minutes to open a window, etc. I had to force reboot a few times. But then I started getting a screen that demanded a reboot disk. Only one I have is. a windows vista disc. I had windows 7. It won't let me even get that blue startup screen where I can push f keys.
Can anyone give me some advice, or do I need to just get a new hard drive.

Answer:computer infected , cleaned, bsod, freezing, now computer wants boot disk

Welcme,
The problem isn't the hard drive, it's that you are still infected.
I'm going to ask a moderator to move this thread into Am I Infected so that you can work with one of the expert volunteers there to get your system cleaned correctly.
 
Dick

7 more replies
Relevance 36.08%

my emachines desktop running windows 8 recently became infected with the greendot moneypak  virus, I have visited many sites claiming to have the fix but none so far have worked.  
 
I try to boot in safe mode but because I have windows 8 I must boot from the advanced options, when I try to boot in safe mode my pc automatically restarts and its back to square one
 
any help would be appreciated.
 

Answer:Computer is infected with computer crime and intellectual property section virus

Welcome aboard
 
I'll report this topic to appropriate helpers.
Hold on....

27 more replies
Relevance 36.08%

ComboFix 11-04-22.03 - home 04/23/2011 1:49.1.2 - x86
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.2036.1258 [GMT -5:00]
Running from: c:\users\home\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AutocompletePro
c:\program files\AutocompletePro\AutocompletePro.dll
c:\program files\AutocompletePro\FireFoxExtension.exe
c:\program files\AutocompletePro\InstTracker.exe
c:\program files\AutocompletePro\[email protected]\chrome.manifest
c:\program files\AutocompletePro\[email protected]\chrome\content\browserOverlay.xul
c:\program files\AutocompletePro\[email protected]\chrome\content\options.js
c:\program files\AutocompletePro\[email protected]\chrome\content\options.xul
c:\program files\AutocompletePro\[email protected]\chrome\content\utils.js
c:\program files\AutocompletePro\[email protected]\defaults\preferences\predictad.js
c:\program files\AutocompletePro\[email protected]\install.rdf
c:\program files\AutocompletePro\unins000.dat
c:\program files\Autocompl... Read more

Answer:i think my computer is infected & my computer tech @work said to run a combo fix.I need help reading it?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your ... Read more

2 more replies
Relevance 36.08%

Hi,

About a month a go I installed kapersky anti-virus software as my norton trial had run out. 30 days have now gone and i found that i never had no antivirus software so i decided to download some free stuff online (avast) and (mcafee). To my horror i have noticed that although i can download this programmes, I am still unable to run them. I feel that an virus is preventing me to have antivirus software on my laptop and its really frustrating me!

I also was told by someone to download MalwareBytes (which i did). I run a full scan and was informed that i had 500 and something files that were infected (registry). When it came to me deleting these through the programme it was fine but there was 11 infected files that the programme was unable to delete and i think these are the files that are responisible for me not being able to download antivirus software on my laptop.

Additional info is:
When I browse on the internet and decide to click on a link from google, I sometimes get the message 'document moving' and it directs me to a suspiscious website.

My operating system is also windows vista.

Any help on how to get rid of these 11 infected files would be much appreciated!

Thanks x

Kacey

Answer:Virus on Computer wont allow me to delete 11 infected files on computer...PLZ HELP!!!

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 36.08%

Hi guys,

Thank you for reading this and hope we get somewhere.

I was initially infected with this trojan approximately one week ago. Symptoms are url redirect to 'licosearch' amongst others.

I formatted, re-installed windows 7 and up it popped again.

I did a complete format (even tried a low-level, or as close as possible to) and re-installed only to have it pop up again.

A malware bytes scan reveals two infections:

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5347

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18/12/2010 11:51:08
mbam-log-2010-12-18 (11-51-08).txt

Scan type: Full scan (C:\|)
Objects scanned: 167090
Time elapsed: 11 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\WILL\qwers\setup2.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\WILL\qwert\oops1.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

--------------------... Read more

Answer:Computer redirects to licosearch, computer infected with trojan.dropper

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

3 more replies
Relevance 35.67%

My computer is badly infected with a bunch of spyware and viruses. I'm not sure of all of them but I know that spybot can't get rid of one called mywebsearch. Any help would be greatly appreciated. Thank youLogfile of random's system information tool 1.04 (written by random/random)Run by owner at 2008-12-12 11:54:07Microsoft? Windows Vista? Home Premium Service Pack 1System drive C: has 87 GB (60%) free of 144 GBTotal RAM: 1982 MB (50% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:54, on 2008-12-12Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\Symantec AntiVirus\VPTray.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Windows\ehome\ehtray.exeC:\Windows\ehome\ehmsas.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Hewlett-Packard\HP wi... Read more

Answer:Computer badly infected with Spyware and Viruses/ Computer 2

Here is my info.txt

info.txt logfile of random's system information tool 1.04 2008-12-12 11:54:28

======Uninstall list======

-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe"
-->"C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Final Drive Fury\Uninstall.exe"
-->"C:\Program Files\HP Games\Flip Words\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Lemonade Ty... Read more

3 more replies
Relevance 35.67%

I've been having trouble with a malware of some sort (infomoneyserv or something like that) for several months now. Each time I think it's gone, it just comes back again and I figure it out when I go to reopen Firefox and get the restore error message and see 5 windows (that weren't open when I closed FF, at least not visible to me) with Infomoneyserv/blank or something of the sort in the address field. When I look in the history of the FF, there are LOTS of sites I haven't opened and haven't seen open.

I was due for a computer upgrade anyway, so bought one. My problem is I'm afraid to transfer any the files I want to save from this computer to the new one because nothing seems to be able to find the malware, trojan, virus, or whatever this is. I have run several anti adware programs, had Norton and ran that, uninstalled it and installed AVG antivirus and did a full scan with nothing found. It seems SO FAR only to have affected Firefox. IE does not seem to open things in the background, but at this moment there's a process called "SYSTEM" at 102,256K running, which doesn't seem right.

A new symptom that started today is that the MS Help and Support Center window keeps opening today with the message "Cannot display the page The page you are trying to view has an incorrect address and cannot be displayed. Please try another page. " I don't think I'm doing anything to trigger it.

What can I do to be... Read more

Answer:Have a new computer, afraid to transfer files from infected computer.

If your computer has been infected with malware and you need to back up data to transfer to another computer, you can back up all your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. If you're going to use a cloud backup, use one that provides strong encryption, includes versioning and does not utilize a drive letter. If you're going to use an external hard drive, you should back up your personal files separately from programs and applications.The safest practice is not to backup any executable files (*.exe), screensavers (*.scr), (*.pdf), dynamic link library (*.dll), .ini, .bat, .com, .cmd, .msi, .pif, or script files (.php, .asp, .htm, .html, .xml) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may even disguise itself by hiding the file extension or by adding double file extensions and/or space(s) in the file's name to hide the real extension as shown here (click Figure 1 to enlarge) so be sure you look closely at the full file name. If you cannot see the file extension, you may need to reconfigure Windows to show file name extensions.Why you should set your folder options to “show known file types”If your CD/DVD drive is unusable, another word of ca... Read more

21 more replies
Relevance 35.67%

A friend asked me to help clear up his computer, I see a lot of junk on the computer but nothing henious. I;d like to some help however in clearing this computer up. I attached the logs needed.

Answer:Computer infected with stuff. Possibly slowing down computer.

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Remove the programs in bold using the Add/Remove programs applet.FileParade bundle uninstaller (HKLM\...\FileParade bundle uninstaller) (Version: 1.0.0.0 - FileParade) <==== ATTENTIONIB Updater Service (HKLM\...\WNLT) (Version: 3.0.5.3 - ) <==== ATTENTIONIEËÑË÷ÖúÊÖ (HKLM\...\TXIEHlp) (Version: 3.0.3.10 - ÌÚѶ¹«Ë¾)iLivid (HKLM\...\iLivid) (Version: 4.0.0.3451 - Bandoo Media Inc) <==== ATTENTIONInternet Explorer Toolbar 4.7 by SweetPacks (Version: 4.7.0008 - SweetIM Technologies Ltd.) Hidden <==== ATTENTIONMovies Toolbar for Chrome (Dist. by Bandoo Media, Inc.) (HKLM\...\ilividmoviestoolbardlaGC) (Version: 1.5.0.0 - APN LLC) <==== ATTENTIONMovies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.) (HKLM\...\ilividmoviestoolbardlaIE) (Version: 1.5.0.0 - APN LLC) <==== ATTENTIONSearch Protect (HKLM\...\SearchProtect) (Version: 2.12.20.154 - Conduit) <==== ATTENTIONSupreme Savings (HKLM\...\Supreme Savings) (Version: 1.26.153.2 - 215 Apps) <==== ATTENTIONUpdater (HKLM\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTIONValueApps (HKU\S-1-5-21-4184212964-1714899893-2956565546-500\...\ValueApps)... Read more

8 more replies
Relevance 35.67%

Okay, so my computer was recently infected a few days ago. My laptop was working fine before, then suddenly started to act sluggish. I have wireless internet if that helps any.

My laptop runs at normal speeds when I'm not connected to the internet, it doesn't stall or anything. Then, when I connect to the internet or use a program that requires an internet connection, it starts to stall! It would run fine for a few minutes, freeze up, then run again. It's really annoying. Sometimes minimized windows in the taskbar would disappear and I would need to use task manager to bring them up again. (They would still be running but won't appear in the taskbar)

I ran a couple different virus/malware scans to try and solve the problem (norton antivirus, malware bytes, spybot search&destroy, trojanhunter etc). Trojan hunter found a trojan, here's what the log said:
TrojanHunter Scan Report - Saved 2010-05-24 09:41

Warning: Executable file with double extensions found: C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\MOM.Test.CMD.exe
Found trojan file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (VBDropper.A)
Found trojan file: C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll (VBDropper.A)
Found trojan file: C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx (VBDropper.A)
Found trojan file: C:\Program Files\Microsoft Office\Office10\1033\WEBPINTL.DLL (VBDropper.A)
Found trojan file: C:\Program Files\Micros... Read more

More replies
Relevance 35.67%

Hello,Yesterday, I foolishly ran an auto HiJackThis analysis and deleted everything that was either "potentially nasty" or "able to be deleted because unnecessary." I also had this strange thing in my HJT log, something like aolsomething.exe, which I learned was a worm. From that, I found an article telling me to go into my REGEDIT and remove many things.Where I am now: my computer has been infected with several spyware/malware bugs. When I turn my computer on, it says that my computer is infected and that, at worst, my passwords can all be stolen. I have tried to open up Windows Security Alerts, but it won't open and says, "Application cannot be executed. The file is infected. Please activate your antivirus software."I also keep getting a popup that says, "Warning: Attention! System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk. o get rid of unwanted spyware and keep youor computer safe you need to update your current security sofotware. Click OK to download official intrusion detection system (*IDS software)." ** I think this is bogus, right?***When I try to close that popup, I get a new popup that says, "Windows can't play the following media formats: AVI; WMV; FLV; MKV; MOV; 3GP; MP4; MPEG; MP3; AAC; WAV; WMA; CDA; FLAC; M4A; MID. Update your video and sound codec to resolve this issue."I also get a real Win... Read more

Answer:AHH!!!! Spyware, malware all over my computer now - my computer is VERY infected... (TrojanSPM/LX?)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.[We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEnetsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%systemroot%&#... Read more

2 more replies
Relevance 35.67%

I know this description may not help much, but I cannot get windows update to run on the computer and it's running very slow. Microsoft security essentials and Malwarebytes don't detect anything currently, and both have been updated. Thanks in advance for the help. DDS and GMER logs attached.

Joel

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Maryville at 7:52:22 on 2012-05-28
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.478.59 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher... Read more

Answer:Computer Infected? Cannot run windows update and computer SLOW!!!

Hello and welcome to BleepingComputer! I am Elle and I will be helping you out with your problem. Firstly, you should know that we are working with specific tools which are used to identify the possible threats present on your system so I will analyze the results they produce. As a start we need to have some more up-to-date logs than the ones you have already provided. The current state of the files on your system might have changed so we need to get a clear look on that aspect. DO NOT bring any changes to the system except the ones I tell you to as that may produce more damage than helping us. If you will encounter a delay of over 2 days from me, please don't hesitate and private message me (link in the signature). Do not forget to check your topic periodically and subscribe to it so that you can receive notifications regarding my replies.Please generate another DDS log (download it from here if you haven't already) and post it in your next reply along with other changes that may have occured since you last posted.Also download and run GMER from this link: GMER download link.Thank you very much for your patience. Regards,Elle

2 more replies
Relevance 35.26%

Hi everyone. My computer seems to have been slowing down a little. I know why. The reason is because I have added more running processes to the computer. I have more things running in the System Tray than before. This, of course, is likely taking up more of my RAM. I know that it isn't Spyware or a slow CPU (2.53 Ghz isn't very slow) that is slowing down my computer so I narrowed it down to my RAM. However, I am not certain about this. I don't know much about hardware. Anyway, I have 512 mb of RAM. Is there a way of determining whether more RAM would increase my computer's performance or not?
 

Answer:How do I determine if I need more RAM?

16 more replies
Relevance 35.26%

Hi,
In trying to determine whether my current ATI Radeon 9200 Card is supported either in PCI or AGP, I ran EVEREST to determine it. This is a Screenshot and I am confuse about thr results. Is it that my PC supports both AGP/PCI ?
 

Answer:Trying to Determine - AGP/PCI ?

Take the side off the PC and see what slot it's plugged in to. The top one, if offset back an inch or so, from the rest, is the AGP slot. The white ones lined up in a row are PCI slots.
 

2 more replies
Relevance 35.26%

I Have computer that is an Hp Pavillion 700. I want to upgrade the video card inside of it. It originally came with a Geforce 4 MX 420 video card. I want to upgrade it to a XFX GeForce FX 5500 / 256MB DDR / AGP 8X / VGA / DVI / TV Out / Video Card. I dont know if my AGP slot is 4x or 8x. Someone please help me find out. The system # on my comp is DA192A
The serial # is MX307A1031.

Please help me find out.
Thank You
 

Answer:Need to determine if i have AGP 8X

doesn't matter as long as you have 4x agp.
 

5 more replies
Relevance 35.26%

GenuineIntel x86 Family 6 Model 8 Stepping 10 Intel MMX(TM) Technology
if it says mmx is isnt going to be any faster than 233 right? so basically my processor is a 233 maximum at the moment no?
 

Answer:help determine my cpu mmx

Not necessarily, all CPU's since the MMX series still have MMX technology.

Download Aida32 and it will tell your your CPU speed.
http://www.aida32.hu/aida-download.php?bit=32
 

3 more replies
Relevance 35.26%

Hello Friends,
Does anyone know How do I determine if I have a 64-bit or 32-bit CPU? If any body has knowledge about it please give your opinion.

Thanks,
James
 

Answer:How do I determine if I have a 64-bit or 32-bit CPU?

What is your CPU.....Press and hold down the Windows Logo key and then tap Pause Break key......or go to control panel and click on System
 

2 more replies
Relevance 35.26%

Hi.Looking at buying some software for XP. It only covers 32 bit for xp. How do I determine for cetain if my win xp is 32 or 64 bit please?

Answer:How determine 32 bit or 64?

A 32bit program will work on a 64bit processor or operating system.Right click my computer - properties general tab will tell you what system.

6 more replies
Relevance 35.26%

Does anone know of a program that can be booted from a floppy cd or usb drive that will tell me the hardware pre os.. on a blank machine for example
 

Answer:determine nic in pre os

AIDA16 apparently does thoug I've never used.

Ultimate Boot CD has this utility and many more: http://ubcd.sourceforge.net/

Or take the side off the computer and look at the components. Most have a sticker or markings on the PCB that will identify what they are. If a device is integrated into the motherbaord then any drivers or info can be obtained from the motherboard manufacturer's website.
 

1 more replies
Relevance 35.26%

Hello,

I was wondering if anyone knows how to see if a client machine has NT or windows on it.

We have added a few NT boxes to our network & one piece of VBA doesnt work on them.

Public Sub Open_Docs()
'this opens the user's explorer to the place where mail merge documents are stored

Dim browse As Variant
On Error GoTo ooops:
browse = Shell("c:\windows\explorer.exe \\server\database\Docs", vbNormalFocus)
ooops:

End Sub

I guess shell(c:\windows\explorer.exe) wouldnt work on a NT box would it.

Any ideas?

Thanks in advance,

$
 

Answer:can you determine an OS in VBA?

6 more replies
Relevance 35.26%

For anyone looking here, this is just a guide I thought up and I think this is pretty useful.
If you are deciding between 2 or more CPUs, use this equation:

A= Number of cores
B= Clock speed of each core
C= The cache of the CPU in MB, also make it as, for example, 6MB cache, that would be 0.6.
D= Your answer, or "CPU Rating".

A x B + C=D

We'll test this out with an Intel Pentium E6300, because it's the one I'm thinking of right now.

2 x 2.80= 5.6 + 0.2= 5.8

This can help you when buying a new CPU. I just thought that would help.

Thanks,
Qwertyfish01

More replies
Relevance 35.26%

size for virtual memory to set up on a P4 2.53GhZ pc with 1GB memory and 80GB hard drive running Windows XP Pro SP1.Other helpful advice appreciated

Answer:how to determine what the best

you may get some conflicting opinions on this one:my advice is just to let windows manage it.you have 1 gig of installed physical ram so there should be no problems here with this ammount of installe ram with most tasks what so ever if you choose this option.some people say the ideal setting should be around one and a half to two times your installed ram in both the min and max value boxes.this stops windows from resizing the swap file when it needs to.with your ammoun of ram installed and set to system managed size it shouldnt happen often if at all.i have only 512mb of installed ram,i play latest games,edit video,photo etc and have tried various different settings for the xp swap file and can see no difference at all in performance when setting to either a fixed size,windows managed size or even running with no swap file at all.if you had a low ammount of installed ram then it may be a different story altogether.try various settings and see for yourself but as above i would just let the system handle it.

3 more replies
Relevance 34.85%

hey guys i was just confused on how to determine good graphics in terms of gb or hddr or cores or anything else ....pls help and should i go 4 amd or nvidia

Answer:How to determine whether a gpu is good or not

It would completely depend on what your budget is and what you're going to be using it for, would it be gaming?

2 more replies
Relevance 34.85%

I'm using xnView to display exr files. With the UAC at the hightest level, I always get a warning with starting the program or double clickng on an OpenEXR file. It would seem like there is some action xnView is taking to trigger this. How can I find out what action is is trying to perform that needs a higher privilege?

Answer:Is there a way to determine what causes a UAC warning?

Hello 7powerWannabe, and welcome to Seven Forums.

Anytime that you see this shield icon next to a link (Window Explorer) or at the bottom right corner of a file icon, it indicates that you will get a UAC prompt when you open it for it to Run as administrator (elevated).




Hope this helps,
Shawn

9 more replies
Relevance 34.85%

I need to figure out the manufacturer and model of the motherboard in my laptop. It's a Toshiba Satellite P305-S8837. I've tried to look it up online and gotten nothing.
 

Answer:How do I determine what motherboard my PC has?

http://www.cpuid.com/cpuz.php
try that program
 

1 more replies
Relevance 34.85%

I need help. I just need someone to help me with my netbook's health. I've tried my best to improve my netbook because of the mistakes I've done when I installed registry cleaners. I have a lot of reasons on why I can't format this netbook. Tell me what essential programs I need to install like antivirus software and programs I need to uninstall. I hope the HijackThis Log helps.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:14:53 PM, on 9/28/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ChgService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Common... Read more

More replies
Relevance 34.85%

Is there a way to determine the IP of a person who is downloading from you via p2p? -specifically K-lite?
-Thanks,
522.
 

More replies
Relevance 34.85%

This was under a previous thread which was closed down but thought id share my 2 cents and start a new thread.

There is an inbuilt application called "Resource Monitor" which can do this for you.

Under Windows Seven (this is the only one I tested- might work under older operating systems) you can check what is currently downloading by:

Open Resource monitor by:

Method 1
1) Start Task manager ( press CTRL-ALT-Delete)
It will show a menu. choose "task manager"
2) After task manager is open click the "performance" tab
3) Towards the bottom of the screen there is another Tab - "Resource Monitor" click that
4) The resource monitor will open
5) then find the "network" tab and click it
6) under the network tab you will now see that it lists each application or service which is downloading something. It is usefull as you can then see if say MS office or adobe or whatever application is using your bandwidth
Method 2
1) Press "Start" menu and search for "resource monitor" and open it.
2) Follow from step 5 above
 

Answer:How do I determine what's downloading????

Are there any other ways to monitor the same in Windows Xp?
 

1 more replies
Relevance 34.85%

Hey, can anyone find out what my motherboard is just from these details?

Manufacturer: ASUSTeK Computer INC.
Model: Puffer 1.xx
Chipset: Intel i915P/i915G
Southbridge: Intel 82801FB (ICH6)
Processor: Pentium 4 540 Prescott LGA775 3.20GHz (2 CPUs)

I got this information from CPU-Z.
The motherboard came stock in a HP Pavilion 061 t760a, I rang the store I got it from and said they didn't know either. Thanks for your help.
 

Answer:Need to determine my Motherboard

Download the free Everest programme from HERE. It will give you all the info you need.

Regards Howard
 

3 more replies
Relevance 34.85%

I'm using this program called SIW to get some of my RAM information. So far I know that it's has two 2GB rams.
DDR3 PC3 10600 1333 MHz from Kingston.
Under error correction, it says none. Does that mean it's Non-ECC?
:aptop model: VAIO VEPCEB32FM
Also, how do I determine SODIMM or DIMM?

Different websites are telling me different things and I'd rather not take it out just to find out.
 

Answer:Solved: How do I determine if my RAM is ECC or Non-ECC?

7 more replies
Relevance 34.85%

Hi,
I have two operating systems (Win 2000 and Win XP) on my PC. I would like to determine if they are on different partitions or on the same partition. I would then like to go in and delete one. I get the option to launch either 2k or XP on starting the PC.
Can someone please tell me how to find out the location of the OS? Any help will be appreciated.
Thanks!
 

Answer:How do I determine which OS is on which partition

If you go to start->run type msconfig and hit enter. Then under the boot.ini tab the bottom two lines should list your OS's and their partitions. If you have two OS's they are definitely on two partitions.

Having a second OS installed is handy if you ever have a problem in your regular OS, since you can get into your computer. Instead of removing one of them, I would suggest highlighting the one you always want to log onto and setting it as default. Then in the box Timeout: put something like 3 sec. That way your computer will log into your preferred OS more quickly and you still have the second OS if you need it.

If you really want the space the second OS takes up just set your preferred OS as default make sure it boots okay and then delete the other one.
 

9 more replies
Relevance 34.85%

I have a water cooled unit - 2 yr old Coolit closed system - and the CPU is not cooling and shutting down.
First suspect is the cooler but I believe the pump is running - the fan is not an issue.
If I power only the pump it sounds like it is turning - it hums and sounds like it spins down when I disconnect it (with my ear against it). Temp reached 125C on TMPIN0, which I assume is the CPU temp prior to it shutting down. Core temps indicate about 13C lower. I unplugged both the pump and the fan when temp was about 99C and the temp remained the same ~99C with 86C core - system doing nothing except SIW monitor running.

Would it be very safe to assume something is wrong with the Coolit system?

It looks like what I have is a very inefficient heat pipe.

Why would the pump be running and not circulating any fluid???

thx
 

More replies
Relevance 34.85%

Hi,

My current computer is 4 years old and has never had an upgrade (except for a graphics card which I bought because the integrated one stopped working)

At the moment my computer is struggling to run games as simple as minecraft (on the lowest possible graphic settings, after a full health check and even re-installing Windows 7). I don't need it to run amazing games like Call of Duty, but I would like my computer to be able to do more than just browse the internet, for as little cost as possible. Maybe run an RPG like Savage 2 or something similar.

Operating system: Windows 7 (Used to dual-boot with Ubuntu 11.04)

Motherboard: Foxconn RC4107MA
CPU: Intel Pentium 4 3GHz
RAM: 2 x 512MB
HDD: 80 GB (lol, I've never actually ran out of space though)
Graphics card: GeForce 7300 SE / 7200 GS

I think that's everything. All of these are disappointing but is it possible to upgrade it without buying a new computer? Thanks
 

Answer:Help me determine what to upgrade

7 more replies
Relevance 34.85%

Started having problems with ccApp.exe (Norton Anti-Virus) and HiddenShellIcon (MusicMatch 10) needing to be manually shut down when logging out of a user profile. Deleted MusicMatch, but, not going to delete Norton(!)...Ever since that time, computer seems to take a very long time to do anything - launching programs, logging on or off, etc. I've run Norton, Spybot S&D, Ad Aware, and Spyware Doctor. I was able to eliminate almost everything -Spyware Doctor is still reporting 'ssk.log' as a threat, even though I cannot find any SurfSideKick components or directories on my machine.If anyone can look this over and let me know if I'm missing something, I'd greatly appreciate it! Thanks!Logfile of HijackThis v1.99.1Scan saved at 8:21:28 PM, on 7/22/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Common File... Read more

Answer:Trying To Determine If I Have Any Problems

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. I apologize for the delay getting to your log, the helpers here are very busy.Please download ComboFix and save it to your desktop.Double click combofix.exe and follow the prompts.When it's done running it will produce a log for you. Please post that log in your next reply.Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

2 more replies
Relevance 34.85%

guyz i just told that GPU has 2 types of socket.and i cant buy a new GPU without knowing the socket of my GPU(the place to put GPU in CPU).i think the best way is to open the CPU and take out to see what type of socket it is.But its kinda inconvenient cuz the screws on my CPU is kinda tight n hard to turn them out.so are there any other ways than opening the CPU to determine the socket of my graphic card?
 

Answer:how to determine the socket of your GPU?

6 more replies
Relevance 34.85%

Hey guys!
I've just downloaded a movie and it's saying i need a codec to watch it. How do you go about working out which codec is the right one as there are heaps of them, and how to do you go about installing them?

Answer:determine the right codec

post the format type download.

14 more replies
Relevance 34.85%

I believe I accidentally removed the program(s) years ago and now I need to use my camera.

More replies
Relevance 34.85%

Had this problem recently, but usually it's provoked by a specific cause (running many application and then plugging in my iphone with the itunes program running at same time). So i learned to avoid that.

Anyway, it just crashed on me, completely unprovoked (from what i can tell), and i'd like to know why. I've had to start and turn off the pc a few times today to look at the internals and what not, but i changed absolutely nothing.

How can i figure out why it suddenly turned off on me?

running on xp btw

Answer:How do i determine cause of PC crash?

It is just shutting down completely or have you experienced any BSOD?

8 more replies
Relevance 34.85%

I have a device name "DVR", how do I determine the IP address of that? I have connected that device through straight cable but I don't know the IP pool of that device, I turn on DHCP of my computer but unfortunately it doesn't work.
 

Answer:Determine IP Address

Where are you seeing the DVR name ?
I have connected that device through straight cable Click to expand...

Is that to the router
Whats the make and model of the router
And what is the device meant to do
how do I determine the IP address of that?Click to expand...

You should be able to loginto the router and see the DCHP range that has been setup
Also you should have a tavle wich will show all the assigned IP Addresses
 

1 more replies
Relevance 34.85%

I'm having a hell of a time figuring out why I get the BSOD. I have a thread here: http://www.techspot.com/vb/topic34053.html

There I had my minidumps examined and it seemed to show signs of faulty RAM.

Then I tried one stick alone...no problems...then the other...no problems. Both again, and after several days, finally I get one crash.

I can't tell what it is anymore. A friend suggested maybe the mobo was having problems keeping up in dual channel, or that the mobo was set for a heavy demand on the RAM and when both are in, they can't work together fast enough.

I don't know...I'm close to getting new RAM, but would hate to still have the same problem.

I have 2GB (2X1GB) of Kingston PC3200 DDR 184 pin Value RAM. (Link to RAM given in thread listed above)

My PC is BRAND NEW, there seem to be no problems, brand new p/s, everything.

I'm half out of my head over this...I've had this system for nearly 3 months without stability!
 

Answer:How to determine if RAM is faulty

http://www.memtest.org
 

3 more replies
Relevance 34.85%

My friend has a dell demension desktop that is running way slower than it should. I can't figure out why. Her CPU is a P4 2.66 GHz; with 1.25GB PC2700 RAM; 80G HDD (using 25%); The only hard ware installed is a printer, high speed modem, and ipod. I updated the drivers for those, and still no help. I also went through add/remove programs and got rid of those that she will never use, I did not remove any system critical programs, I'm an advanced user so I know what not to delete. I also went into the system tools and stopped some services for running auto on system boot. Like her Ipod, I set to manual, Printer (not spoolsvc) I set to manual, etc. I also ran a defrag on the HDD. Still, not much difference.

I know this PC should be running must faster than it does, I mean it honestly puts me in mind of a PC that has been upgraded from Win98 to run XP. My desktop is an IBM; P4 2.53GHz; 1.25 PC2700 RAM; 120GB HDD; with 50% HDD usage, printer, scanner, camerea, highspeed modem, digital voice recorder, and mp3 player on it. My system blows hers away! To be honest, my laptop that I bought in 2000, that is running Win2000p, blows hers away!

Can someone help me troubleshoot, or help me find a solution. That PC should be able to run as fast/good as mine, if not better!
 

Answer:sluggish pc can't determine why

10 more replies
Relevance 34.85%

I'm interested in buying a USB flash drive that's compatible with USB 1.1/2.0 and I want to know if it's compatible with the ones on my laptop.

I attached a screenshot of the USB controllers listed in Device Manager.

Answer:How to determine if USB ports are 1.1 or 2.0

Your laptop has 4 USB2 ports.

6 more replies