Computer Support Forum

HiJackThis Log file please help info inside

Question: HiJackThis Log file please help info inside

ok i have windows vista home premium. i am having link redirect problems. not just from google. basically any link i click redirects me. i ran gooredfix.exe deleted what came up still have problems. ran malwarebytes and still having trouble. so i am posting a log file from hijackthis. i would love it for someone to please check it out and give me some advice thanks.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:18:28 PM, on 7/15/2009Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:Windowssystem32sdra64.exeC:Windowssystem32Dwm.exeC:WindowsExplorer.EXEC:Windowssystem32taskeng.exeC:Windowstemp1154251.tmpC:Windowssystem32taskeng.exeC:WindowsSystem32igfxtray.exeC:WindowsSystem32hkcmd.exeC:WindowsSystem32igfxpers.exeC:WindowsRtHDVCpl.exeC:Program FilesSynapticsSynTPSynTPEnh.exeC:WindowsSystem32rundll32.exeC:Program FilesDropboxDropbox.exeC:Windowssystem32igfxsrvc.exeC:Program FilesSynapticsSynTPSynTPHelper.exeC:Program FilesMozilla Firefoxfirefox.exeC:Program FilesTrend MicroHijackThisHijackThis.exeR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0" target="_blank" class="invilink">http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.comcast.net/R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.toshibadirect.com/dpdstartR1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.localR0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:Windowssystem32userinit.exe,C:Windowssystem32sdra64.exe,O1 - Hosts: ::1 localhostO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dllO2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.5NppBho.dllO2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dllO2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dllO2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program FilesWindows LiveToolbarwltcore.dllO3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.5UIBHO.dllO3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:Program FilesDAEMON Tools ToolbarDTToolbar.dllO3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program FilesWindows LiveToolbarwltcore.dllO4 - HKLM..Run: [IgfxTray] C:Windowssystem32igfxtray.exeO4 - HKLM..Run: [HotKeysCmds] C:Windowssystem32hkcmd.exeO4 - HKLM..Run: [Persistence] C:Windowssystem32igfxpers.exeO4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exeO4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exeO4 - HKLM..Run: [Malwarebytes Anti-Malware (reboot)] "C:Program FilesMalwarebytes' Anti-Malwarembam.exe" /runcleanupscriptO4 - HKLM..Run: [autochk] rundll32.exe C:Windowssystem32autochk.dll,[email protected] - HKCU..Run: [autochk] rundll32.exe C:WindowsSERVIC~2LOCALS~1protect.dll,[email protected] - HKCU..Run: [userinit] C:UserspatrickAppDataRoamingsdra64.exeO4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - HKUSS-1-5-18..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe (User 'SYSTEM')O4 - HKUS.DEFAULT..Run: [Picasa Media Detector] C:Program FilesPicasa2PicasaMediaDetector.exe (User 'Default user')O4 - Startup: ChkDisk.dllO4 - Startup: ChkDisk.lnk = ?O4 - Startup: Dropbox.lnk = C:Program FilesDropboxDropbox.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dllO9 - Extra button: @C:WindowsWindowsMobileINetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dllO9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dllO9 - Extra 'Tools' menuitem: @C:WindowsWindowsMobileINetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:WindowsWindowsMobileINetRepl.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLLO13 - Gopher Prefix: O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exeO23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:Windowssystem32agrsmsvc.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exeO23 - Service: AVO2009 Defrag - Systweak Inc. - C:Program FilesSystweakAdvanced Vista Optimizer 2009AVODefragService32.exeO23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exeO23 - Service: ccEvtMgr - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exeO23 - Service: ccSetMgr - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exeO23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exeO23 - Service: COM Host (comHost) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedVAScannercomHost.exeO23 - Service: Google Update Service (gupdate1c9f105fb4c3d4e) (gupdate1c9f105fb4c3d4e) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exeO23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:Program FilesJumpstartjswpsapi.exeO23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXEO23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSvcHst.exeO23 - Service: Symantec Core LC - Unknown owner - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exeO23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:Program FilesTeamViewerVersion4TeamViewer_Service.exeO23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:Program FilesTOSHIBATOSHIBA DVD PLAYERTNaviSrv.exeO23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:Windowssystem32TODDSrv.exeO23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:Program FilesTOSHIBAPower SaverTosCoSrv.exeO23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe--End of file - 8454 bytesif you need any more information to help fix it please let me know.Merged posts. ~ OB

Relevance 100%
Preferred Solution: HiJackThis Log file please help info inside

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: HiJackThis Log file please help info inside

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

2 more replies
Relevance 75.03%

Hi - I feel so embarrassed that I downloaded and installed a dodgy file pretending to be IE6.

The most obvious and annoying behaviour on the infected PC is now I can't type in text boxes in IE, (eg the google search box, or the one that I'm typing in now)

Another behaviour is that I can't select text or images off a website using my mouse.

I am now unable to install a Windows update (Cumulative security patch for Outlook Express, I think.)

Also, the Add/Remove control panel feature is doesn't show the names of the installed applications, but it does show their icons.

Here's the log - I've already got rid of a couple of references to www.savewealth.com, and I've ran the HiJack this cleaning app. From what little experience I have, this log doesn't look like it's hiding any nasties, but I think my PC suggests otherwise... (Does anyone know what 'bdoscandel.exe' - it might be Bit Defender?)

Thanks,

Richard


Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:31:16, on 22/03/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MD... Read more

More replies
Relevance 73.39%

Hi,
This is my first post as a new member. I've been directed here by a friend saying you guys are really good at fixing problems.
The story begins with a new computer. I got a custom built AMD 3200+ system, with an eVGA motherboard and eVGA7800GT vid card, 2GB OCZ Value Ram, 200GB Maxtor HDD, and a floppy drive.

I had Windows XP installed on it, along with tons of games, and various other applications, and most importantly all my university work. Recently the OS got corrupted, according to the Geek Squad at Best Buy. Instead of paying countless dollars for a Best Buy Geek to fix my comp, I decided I would buy a new HDD instead, install Windows XP, then back up all the data I needed.

The plan started off nicely. I got a 200GB Seagate SATA2 drive and was able to install XP with minimal fuss. I installed my vidcard drivers. Then I updated my Windows OS with their autoupdate program, including SP2. Following that, I was not able to boot normally. It would hang on the loading screen of XP.

I booted in safe mode, used the system restore function to before SP2, then started up normally. I reinstalled SP2, and now the same problem persists. I'm completely lost at what has happenned, seeing as how this should be a clean installation of XP. I find it odd that I can't install SP2 normally, as I had done earlier with my previous HDD. I have attached and I will list my Hijackthis log.

Thanks to everyone who read through all this and is trying to help.

Logfile of Hijac... Read more

More replies
Relevance 71.75%

Hello, MajorGeeks!

If anyone has a spare moment, I'd really appreciate somebody taking a look at my HijackThis log/Aida info and seeing what, if any, problems I have. My computer's been even slower than usual lately, and it's been displaying web page errors/ads (and I have an ad blocker already, which makes me think these are spyware). I've run AdAware, Spybot S&D, Peper Removal and CWShredder, and though they've caught a lot of cookies and extraneous problems, I'm still getting the ads and the lag/errors.

Here's my HijackThis log from today:

[[BEGIN LOG]]

Logfile of HijackThis v1.97.7
Scan saved at 3:33:02 PM, on 5/17/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\INTRIGUE LEARNING\PCBODYGUARD.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\SCANJET\PRECISIONSCAN\HPPPT.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\TEMP\1K1RM4T.EXE
C:\WINDOWS\SYSTEM\WINOA386.MOD
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKLM\Software\Mi... Read more

Answer:Please help...ads, computer freezing, system lag. HijackThis/Aida info inside!

Welcome to MG's Minnie,

You should delete this file:

C:\WINDOWS\TEMP\1K1RM4T.EXE

Not sure what it is but nothing that is required for your system should be running from windows\temp. You may need to boot in safe mode to delete this file.

Also, have HiJaak This fix the following:

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = ,
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - (no file)
O4 - HKLM\..\Run: [1k1rm4t] C:\WINDOWS\TEMP\1K1RM4T.EXE

Not sure what the following line is for but it should be under suspicion:

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://anu.popcap.com/games/popcaploader_v5.cab
 

10 more replies
Relevance 71.75%

Hi guys. I'm having problems with a possible virus/malware on my computer. Everytime I try to open up windows defender I get the blue screen of death and whenever my pc restarts itself, windows defender closes due to an unexpected error.

I tried downloading other anti virus programs like spybot and avira but spybot couldn't open and crashed and avira gave me blue screen.

I'm currently trying ESET's online scanner since thats the only thing thats working for me. Oh and heres the hijackthis log. What should I remove?

----------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 3:47:29 PM, on 1/17/2010
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\Smart Web Printing\hpswp_clipbook.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.o... Read more

More replies
Relevance 65.19%

hello everyone im having numerous pop ups and its slowing down my machine big time for virus scanners and random pop ads. Here is the Hijackthis log file. What do you think?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:34:21 PM, on 1/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\... Read more

More replies
Relevance 64.37%

Hello folks. I'm trying to fix my mother's computer and needless to say it's in bad shape. The memory is being hogged like crazy and the only form of virus scanner i have at my disposal atm is housecall. What's weird is the terms don't load for me to continue, but hijack this works. Here's the log from safe mode. I'm going to restart and run it normally and see if there are differences. ty in advance.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:01:23 PM, on 8/2/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Users\Mahnaz\Downloads\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,... Read more

Answer:Mess of a system (Hijackthis file inside)

not on safe mode:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:33:28 PM, on 8/2/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mahnaz\Downloads\HijackThis(2).exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http:... Read more

2 more replies
Relevance 62.32%

Logfile of HijackThis v1.99.0
Scan saved at 6:09:01 PM, on 1/2/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE
c:\Program Files\Microsoft Money\System\urlmap.exe
C:\Documents and Settings\Owner\Desktop\New Folder\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us4.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Softwar... Read more

More replies
Relevance 58.63%

Hi, I have tried everything to get rid of this malware, from system restore to scanning it with five diffrent anti-virus. I have no where else to turn to. Below is the Hijackthis log. Please help me.

Thank you in advance, ShadowDusk

List of problems I have seen:

google redirecting me to unsafe or advertisement sites
Firefox needing to be clicked multiple times for it to load up once
Firefox freezing ever so often for anything from 30 seconds to a minute
on log in there only being no start menu or desktop (task manager appeared when I loaded it though)
all round slowdown
Also part of the Windows interface have become classic instead of the normal Windows 7





Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:56:56, on 23/11/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Edit by chaslang: Inline HJT log removed. READ & RUN ME FIRST. Malware Removal Guide sticky not followed.Click to expand...


 

Answer:Bad infection notes inside (Hijackthis log inside)

Welcome to Major Geeks!

A HijackThis log is of no use to us.

Please read ALL of this message including the notes before doing anything.

Make sure you uninstall ALL but one antivirus. You have Panda and AVG installed.

Please follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide



and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.
After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:
If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives ar... Read more

1 more replies
Relevance 56.99%

Hello, We have gone to the website
http://www.salonrenovationmaisonneuve.com/en/exposants
and download the file to open Inside of IE. Once the file is open, none of the links either e-mail or web site works. However, if we open the same file Inside of Google Chrome, the links work. So, we want to know if we are missing something in IE or a plugin.
The PDF file opens with no problem but the links are not enabled. The file works in an Apple Machine and Google Chrome. However, if we download the file physically inside of the computer and then open the file with Adobe Reader, the links all work! Any ideas
how to solve this issue? Thanks Miguel Moreno

Miguel A. Moreno Alfa Logos inc. Tel. 514-253-2548

Answer:UNABLE TO OPEN AN HYPERLINK INSIDE OF A WEB PDF FILE OPENED INSIDE OF IE 11

Internet Options>Security tab, click "Reset all zones to default" (there's a setting for scripting of ActiveX controls)
Start>Adobe Reader>Edit Preferences>there are setting for how embedded links are handled.
Chromium uses its own pdf reader plugin.Rob^_^

3 more replies
Relevance 55.35%
Question: Info Inside

Hi! I made a game with a program called GameMaker. I had it hosted, but the host (www.filein.com) went under construction about 4-5 months ago and all my data was lost . It hasn't been open since (if there is any info on when it will be open again, please let me know!) , so I turned to the GameMaker forums
The server must at least have a direct upload, (cgi bin) rather than sites asking for a link.
It has to hold at LEAST 20 mb
No file size upload limit
FREE!!!
Thankyou in advanced ^_~

Oh, and is there a program out there that will analyze a program and tell you what opperating systems it is compatible with? Its not that important, but it would help me get my game out on the market better.
 

Answer:Info Inside

8 more replies
Relevance 55.35%
Question: info inside

I know this is a double post, but im not getting anything on the original .

Heres the lowdown. I have "RollerCoaster Tycoon (tm) Loopy Landscapes Includes Corkscrew Follies (tm) Expansion 2 Pack". I installed it sucessfully and everything works great. But one boring day, I decided to see what made the game tick. So i went into...
C:\Program Files\Hasbro Interactive\RollerCoaster Tycoon . There, I went into the Data folder, and found a .txt file entitled "CUSTOM" (exact print). So i read and it said...
"UNSUPPORTED FEATURES IN ROLLERCOASTER TYCOON V1.20.xxx
------------------------------------------------------

Custom ride music
-----------------
Additional ride music may be added as follows:
1. Convert the new music file into a .WAV file, PCM format, 22,050Hz,
8bit, Stereo.
2. Move the file into the 'Data' subfolder in the RollerCoaster Tycoon
installed folder, and rename it to either CUSTOM1.WAV or CUSTOM2.WAV
3. Run the game as normal. The additional music file should be recognized
by the game, and will appear in music selection menus as "Custom Music 1"
or "Custom Music 2".

Note
----
This feature is unsupported by Hasbro Interactive.
It should work, but if you experience problems then you're on your own!"
So heres the question... how do i "Convert the new music file into a .WAV file, PCM format, 22,050Hz, 8bit, Stereo."?

I know this is going to take alot of people, and a couple of double ... Read more

Answer:info inside

This site may help with a utility to convert MP3's or whatever to a WAV format.

http://www.doom9.org/index.html?/software2.htm
 

1 more replies
Relevance 55.35%

I've ran Adaware SE and Pc-cillin housecall and I'm still getting popups continuously. Attached is my Analyzed hijack log. If more info is needed please let me know. Thank you.

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 9/28/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O20 - Winlogon Notify: NavLogon - C:\WINNT\system32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 3:24:38 PM, on 11/10/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Cisco Systems\CiscoTrustAgent\ctalogd.exe
C:\Program Files\Cisco Systems\CiscoTrustAgent\ctad.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\tphkmgr.exe
C:\WINNT\system32\ltmsg.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter... Read more

Answer:Please help...HJT log info inside

Hello and Welcome to TSF!

Please describe the pop ups that you have been experiencing.
Are you experiencing them on any particular site?


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Please download these additional files/programs. Do not run them untill instructed to do so.

CleanUp! - Install.

Ewido Security SuiteInstall Ewido Security Suite
When installing, under "Additional Options" uncheck..Install background guard
Install scan via context menu

Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.On the left hand side of the main screen click update.
Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.


'UNPLUG'/DISCONNECT YOUR COMPUTER FROM THE INTERNET WHEN YOU HAVE FINISHED DOWNLOADING


This webpage would not be available when you're carrying out the fix. Please save the following instructions in Notepad. I have customed my instructions on the assumption that you are using Notepad. It may lead to some confusion should you choose to do otherwise.

If there's anything that you don't understand, kindly ask your questions before proceeding with the fixes. There should not be any opened browsers when you are carryi... Read more

11 more replies
Relevance 54.53%

hi, last week i downloaded a trainer for a game and opened it , then avg alert poped up saying i had a svchost.exe trojan. and after i tried remove it came up a few more times then stoped poping up so i dnno if its gone or not.afterwords i ran the following spyware removal tools : adaware / malwarebytes anti-malware/ spybot / SUPERantispywar / true sword. and cleaned up the issues that came up. i dnno if its fully removed, here is a log from my hj. is there anything out of the ordinary that shouldn be there,this is my first time posting a hj log. if more info ect is needed, let me know . thx

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:01:11, on 04/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Fil... Read more

Answer:hj log. problem & info inside

9 more replies
Relevance 54.53%

I had a few questions about excel. If I put a whole paragraph of text inside one cell, is there any way to make it so the text doesnt run over to the cell next to it and the ones below it once I've put in the paragraphs?

Obviously all of the words stay in the one cell but in normal viewing it just covers up the next cells if there's nothing in them.

And is there any way to have all the paragraphs copy normally? When I copy the paragraph from the cell and paste it somewhere else, it usually comes out weird.
 

Answer:how do I keep excel info inside one box?

Right click on the cell and select Format Cells, select the alignment tab and then click on wrap text and click on OK.

You can then widen the column or row or both to make the text fit in the way you want it
 

1 more replies
Relevance 54.53%

First of all I would like to thank all members of TSF team for being very informative and helping a lot of people on these forums, the fact that this is my first post only confirms the fact that a lot of information is available already and after reading carefully 99% of problems can get solved without bothering team once more.Thanks for your help an efforts!
Now I'd like to tell about my problem, it may look like one that Bubbawut had.
Some time ago I started to have blue screens of death, I'm no afraid of such things but, it started to be very frequent. Reasons were various. IRQL NOT LESS OR EQUAL, BAD POOL CALLER, unexpected termination of various SYS files, PAGING ERROR in NON PAGED AREA and others. The times and events were different, blue screen could occur while Xp was booting up, or while closing an application, but rather during Processor and RAM straining operations. Also a lot of corrupted data was being written to HDD sometimes corrupting system files so Windows Reinstall was and is very frequent.
my system specs are:

PSU - PSU is 250 watt. sticker was half covered with a supporting metal but I think it's 17 amps on my +12 rail, although power is something I would not suspect at the moment.

Operating System: Microsoft Windows XP Professional
OS Service Pack Service Pack 2
DirectX 4.09.00.0904 (DirectX 9.0c)
CPU Type Intel Pentium 4, 2400 MHz (12 x 200)
Motherboard Chipset VIA Apollo P4X533/PT880
System Memory 512 MB (PC3200 DDR SDRAM)
BIOS Type... Read more

Answer:Help Needed, All info Inside

Sorry for bumping the thread, still no answers.. no ideas? :)

4 more replies
Relevance 54.12%

I've been recieving some errors lately and I'd really like to clean them up since they are driving me insane.

First error occurs spiratically as I'm surfing the error says "Information you exchange witht his site cannot be viewed or changed by others.However, thereisa problem with the site's security certificate.

Thesecurity certificate is from a trusted certifying authority.
The security certificate has expired or is not yet valid.
The Security certificate has avalid name matching the of the page youare trying to view.

Do you want to proceed?"

now whether I choose no or I choose yes it comes up 3 or 4 times and persistently irritates me at nearly every website I go to.

The next error happens when I've been on a website for a little while. Out of no where even if I'm not doing anything and the page is just sitting there then this message comes up and the page is forced to shut down

The instruction at 0x01793c6e referenced memory at "0x0acc6638", The memory could not be "read" , click on ok to terminate

I use Windows OneCare as my virus software and I also have Symantec's McAfee on my flash drive that I sometimes scan with after Windows OC is working. Any and all light that can be shed on my annoying little problems would be very much appreciated.

(Computer Specs)
Dell Inspiron 6000 Notebook
Intel Pentium M
Windows XP Home Edition (Service Pack 2)
1.50 GHz Processor
1.00 GB of RAM
128MB ATI Mobility Rad... Read more

Answer:Recieving 2 different errors PLEASE HELP (more info inside)

11 more replies
Relevance 54.12%

THE ISSUE
Ok so here is the issue as i know it. I am running Windows Vista Ultimate, everything is ok. However just yesterday i noticed these 3 very weird bugs.

1. My mouse cursor keeps on flashing the 'busy circle' every second for half a second...which really bugs the crap outta me.
2. When i start up i get 1-3 notepad crashes, which when i close it Microsoft indicates its trying to prevent an execution of a virus etc. It continues to crash during my computer session.
3. Something you cant see, my inbuilt web cam keeps flashing every 10 seconds for a duration of about 3-4 seconds, and being a bright green light can REALLY annoy.
(Im running on an ASUS G1 notebook FYI)

Of course my main concern was the notepad crashes which had no explanation, other then that windows is trying to prevent a virus doing harm using notepads (lol?)

MY 'SOLUTION'
Out of anger and motivation i looked at task manager and closed all my processes running under my name (moondy) as im pretty sure it couldn't harm my computer. Anyway i noticed that a process 'iexplorer' was running. Of course you may say "Well duh thats internet explorer". However i had just logged in, and i had not started anything (besides msn) up. So i terminated the process and what do you know, it was fixed!

Why i need YOUR help
Simple really. Now you know what the cause is and so do i, but i want to get rid of it. What can i do to get rid of this processes that pretends to be iexplorer?

Screen... Read more

Answer:3 weird bugs. Log and more info inside

sorry wrong forum, please delete thread

1 more replies
Relevance 54.12%

OS: Windows 7 Home Premium 64 bit
GPU: MSI 270x HAWK
CPU: AMD A10-6800k 
MOBO: ASUS F2A85-V pro
PSU: Smart Standard 650W Power Supply
HDD: Seagate 1TB Desktop HDD
SSD: Kingston HyperX 3k Series
 
Hello, I've recently just purchased and build my own PC, brand new. 
 
For some reason, it has been freezing more than occasionally, forcing me to hard-reset my pc multiple times, maybe twice a day on unlucky days. I've tried testing multiple theories with this problem by: updating drivers, checking potential problems in the registry, updating the bios, scanning hard drives for any problems, updating drivers, testing memory, checking for malware or any other type of infection. I've looked inside my pc multiple times for any hardware problems. Everything is brand new, and everything is up to date. Event viewer only lists the times that I hard-reset my pc.
 
What usually happens is everything completely and suddenly stops (no cursor movement, num lock key won't function) and if there was sound playing, it would play the same 20ms clip of audio over non-stop. kinda difficult to explain. Another thing that could happen is that windows would hang, with cursor movement and a working num lock key, and then a few minutes later, the damn thing would freeze with no response. Also, it has recovered from hangs a few times.
 
I am up for any sort of testing I could do to resolve these problems. Suggestions would be highly appreciated.
 
Thank you for your t... Read more

Answer:Computer Freezing (More info inside)

voidray to Bleeping Computer Community

 

"The driver detected a controller error on \Device\Harddisk1\DR1"
no idea what to do
 

Run the Seagate Tools for DOS bootable CD but make sure your data were already backed up before running the long test to correct unstable sectors. But if the drive is still under warranty, it would be best to take advantage of the replacement policy.

13 more replies
Relevance 54.12%

THE ISSUE
Ok so here is the issue as i know it. I am running Windows Vista Ultimate, everything is ok. However just yesterday i noticed these 3 very weird bugs.

1. My mouse cursor keeps on flashing the 'busy circle' every second for half a second...which really bugs the crap outta me.
2. When i start up i get 1-3 notepad crashes, which when i close it Microsoft indicates its trying to prevent an execution of a virus etc. It continues to crash during my computer session.
3. Something you cant see, my inbuilt web cam keeps flashing every 10 seconds for a duration of about 3-4 seconds, and being a bright green light can REALLY annoy.
(Im running on an ASUS G1 notebook FYI)

Of course my main concern was the notepad crashes which had no explanation, other then that windows is trying to prevent a virus doing harm using notepads (lol?)

MY 'SOLUTION'
Out of anger and motivation i looked at task manager and closed all my processes running under my name (moondy) as im pretty sure it couldn't harm my computer. Anyway i noticed that a process 'iexplorer' was running. Of course you may say "Well duh thats internet explorer". However i had just logged in, and i had not started anything (besides msn) up. So i terminated the process and what do you know, it was fixed!

Why i need YOUR help
Simple really. Now you know what the cause is and so do i, but i want to get rid of it. What can i do to get rid of this processes that pretends to be iexplorer?

Screen shot a... Read more

More replies
Relevance 54.12%

My internet explorer keeps crashing on me whenever I click on a hyperlink, or sometimes when I change webpages. I get a message that states modver urlmon.dll is causing the problem. I read up and got the hijack this program, and here is what it shows. Any help would be greatly appreciated

Logfile of HijackThis v1.96.0
Scan saved at 2:28:08 PM, on 8/4/03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\SPEEDKEY.EXE
C:\PROGRAM FILES\COMMON FILES\SHUTTLE TECHNOLOGY\ICONFIG.EXE
C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\MY DOCUMENTS\HIJAC\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/comcast.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://205.134.182.164/1/
O2 - BHO: Activater - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\RE... Read more

More replies
Relevance 54.12%

I'm not sure I have a problem. But, Firefox does seem to have slowed a lot.
Thanks!
PS I don't seem to be able to attach the zipped logs...don't have the manage attachments button under add'l options (and can't insert a smiley)...will submit this and then see if I can add it then.

My last Avast scan showed:
4/29/2009 10:40:20 AM 1241030420 Leigh 3208 Sign of "Win32:Small-KMM [Trj]" has been found in "C:\System Volume Information\_restore{11710026-9BFD-4653-B8F8-1D6DE9FA165E}\RP1401\snapshot\_REGISTRY_MACHINE_SOFTWARE" file.

Avast was able to deal with it and subsequent scan of the folder was clean. (If you can help me understand how something can be in a restore point but never anywhere else, especially the fourth to last RP and not the third, second, and last ones I'd appreciate it).

So then I ran Kaspersky free online scan and got:
C:\Program Files\Common Files\aolback\Comps\toolbar\toolbr.exe Infected: not-a-virus:AdWare.Win32.SearchIt.t 1

Here's the DDS log:
DDS (Ver_09-03-16.01) - NTFSx86
Run by Leigh at 12:58:02.88 on Thu 04/30/2009
Internet Explorer: 6.0.2800.1106
Microsoft Windows XP Professional 5.1.2600.1.1252.1.1033.18.383.153 [GMT -8:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program File... Read more

Answer:Possible infection - DDS and gmer info inside

I signed on using IE and can attach the zip file. Not sure what's up with Firefox.

18 more replies
Relevance 54.12%

I bought my R60 9460 last summer, and I didn't use my battery very frequently. But recently when I use the battery , the power may SUDDENLY drop down to 4% from more than 50%, and if I continue to use my ThinkPad, the battery can still hold more than 1 hour!! The Power Manage shows me that everything of my battery is OK. I wander how to solve the problem. Is there any problem with my battery? Thank you?





ThinkPad R60 9460ARC WinXP SP3









Solved!

Go to Solution.

Answer:HELP! Battery problem of R60 (more info inside)

Welcome to the forum Harris_Yang!  Does it say that the condition of the battery is good? What is the design capacity vs full-charge capacity? What is the cycle count? ------ You could try the following steps to recalibrate the battery: (Your laptop has to be on and plugged in) Click on  Start --> Programs --> ThinkVantage --> Power manager --> Battery information --> Battery maintenance --> 'Perform reset...'   





__________________________________________John B @ forum.notebookreview.com

9 more replies
Relevance 54.12%

These are supposed to be the most developed drivers ever. Does anyone have insider info on what to expect Weds.??????
 

Answer:Anyone have inside info on 3.8cats to be out 3PM E on Weds.???

A delay notice.
 

4 more replies
Relevance 53.3%

The error:

Assinatura do problema:
Nome do Evento de Problema: BlueScreen
Vers?o do sistema operacional: 6.1.7601.2.1.0.256.1
Identifica??o da Localidade: 2070

Informa??es adicionais sobre o problema:
BCCode: 1a
BCP1: 00008884
BCP2: 851CE8C0
BCP3: 851CF51C
BCP4: 00000500
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

Arquivos que ajudam a descrever o problema:
C:\Windows\Minidump\061116-17940-01.dmp
C:\Users\Pedro\AppData\Local\Temp\WER-32635-0.sysdata.xml

Leia nossa declara??o de privacidade online:
Declara??o de Privacidade do Windows 7 - Microsoft Windows

Se a declara??o de privacidade online n?o estiver dispon?vel, leia nossa declara??o de privacidade offline:
C:\Windows\system32\pt-BR\erofflps.txt
----------------
I uploaded bluescreenview log and log collector
Pc was formated, installed drives, updated amd drive from oficial site, and for last updated all my drives with drive booster 3 pro and the problem persists.

More replies
Relevance 53.3%

Ok here's the scoop...

I got two new sticks of 512 ram (already had 1 512 in there), so I went to go stick them into my computer today and when I did I fired up the old beast and there was kind of a quiet pop sound then the computer went dead (There is also the possibility I'm an ***** and stuck one of the ram modules in upside down, but I'm not sure.) Now when I try to boot it (have to turn off PSU, turn it back on) the fans spin for about a second then stop, but nothing else powers up.

So obviously something got fried but I have no idea what it was... I'm thinking it's probably the motherboard but I have no idea.
Anyways here's my setup:

P4 2 GHZ Socket 478
Old Soltek motherboard (not sure of model but if its important I can probably find it)
400W Antec PSUP
512 266 DDR Ram (attempted expansion to 1536)
Radeon 9800 PRO 256MB
Audigy 2
2 HDD
2 CD Drives
1 disk drive
Modem and an Ethernet Card

Anyways... help please :/
 

Answer:I fried something trying to install a ram module, info inside

Well a pop is never a good thing. IT seems like something is shorting out, thus causing the quick power down. I would check the capaitctors on the board. See if any are broken or oozing. If they are, take it to a local repair shop. Remove all fans they could of went bad..causing the short, (ive had it happen before) also take out the new RAM.

Sean
 

6 more replies
Relevance 53.3%

Okay first off I pay close to $110 for internet a month so Its safe to say I have a good internet connection (even though i have a router) but when im gaming on the computer (low system requirement games that were made in like 1996 off of quake 2 engine) ill lag at some points, i dont know what it is or when it started (or maybe its been doing it ever since i got the computer (or the gfx card)) but when a go into a server on the game thats like semi crowded ill get hugee lag (but my ping doesnt rise, my FPS just goes super low like to 11 FPS from 40 - 60 average) and i tell peopel in the game any1 else lagging? and no1 else is but me, the same problem happens when i play World of warcraft, ive been trying to figure it out for a long time people say it could be my nvidia drivers arent up to date but ive looked for new ones and they either screw up my computer or dont seem to be working or making a difference (maybe ive been dling the wrong ones) but i have a compaq presario, 704mb of ram, umm... like 6 gigs left out of a 30gig hard drive, what else.... ive had the computer for a year and a half.... its AMD 3000+ sempron whatever that means (im not too computer tech literate) 2.00ghz ... graphics card is GeForce 5500 AMD... thats about it, so i dont know what the problem is but I'm hoping to correct this problem soon. also if it matters when i use fraps (PC video game video capturing program) its all good but then when i press the button for it to start recording it seriously ... Read more

Answer:Help please, PC games are really laggy at time.. more info inside

I think it's because of your graphics card. It probably can't handle the graphics since it's pretty old.

8 more replies
Relevance 53.3%

Hey, I've been getting the blue screen of death a lot lately, mostly when I'm playing online games such as Crysis and COD4 and sometimes when playing music. Here is information on this blue screen and the error code would really appreciate the help thanks.

-----------------------------------------------------------------------------------------------------
roblem signature
Problem Event Name: BlueScreen
OS Version: 6.0.6000.2.0.0.768.2
Locale ID: 2057

Files that help describe the problem (some files may no longer be available)
Mini010708-10.dmp
sysdata.xml
Version.txt

View a temporary copy of these files
Warning: If a virus or other security threat caused the problem, opening a copy of the files could harm your computer.

Extra information about the problem
BCCode: d1
BCP1: 00000008
BCP2: 00000002
BCP3: 00000001
BCP4: 806675B2
OS Version: 6_0_6000
Service Pack: 0_0
Product: 768_1
Server information: 18bf4a60-f431-4ff3-99da-199207e6c18f

Realtek 8101/8168/8169 PCI/PCIe Adapter Driver (RTLH86.SYS)
 

Answer:Blue Screen problem - Info inside.

14 more replies
Relevance 53.3%

Computer: ASUSTek Q524UQ 2-in-1 Laptop/Tabet
-Purchased in early August, 2016

Specs:

Intel i7-6500U Dual Core 2.5GHz Processor

NVIDIA GeForce 940MX - 2GB

2TB HDD @ 5400 RPM

12GB DDR4 SDRAM @ 2133 MHz

NOTICE:

I would consider myself a decently experienced and knowledgeable computer owner. I keep drivers up-to-date and I actually monitor the health of my hard drives. I have a kickass cooling pad for my laptop so it doesn't overheat too easily. I also have an anti-virus called Webroot Secure, which people have told me is a very powerful anti-virus that sometimes blocks too much. My laptop only freezes after a while of playing games.

HOWEVER, I check task manager every now and then just to make sure that...

1) My hard drive isn't overworking itself
- My hard drive usually holds at 100% during boot up

2) My CPU isn't breaking a sweat
- I have never seen my CPU work above 60%

3) I'm not using too much RAM
- I have never used more than 75% of my RAM

What I want to know is why my laptop freeze up every now and then. I was thinking of installing a type of software that monitors my internal temperatures as well as CPU usage, RAM usage, and hard drive usage.

Stuff I am CERTAIN about:

1) My GPU isn't acting up
- I actually fixed a freezing problem by updating the drivers

2) Not a virus or any other type of malware
- Webroot Secure is a juggernaut

I'm fairly certain my OS is NOT corrupted. My hard drive is not running out of space, I a... Read more

More replies
Relevance 53.3%

SCRATCH ALL THIS I HAD THE JACK IN THE WRONG PORT>>>>> BUT FUNNY I TRIED ALL THEM BEFORE AND IT DIDN"T WORK

Well just put together my monster computer. Ran vista on it, hated it, fdisked that. Now I'm using XP 64 bit.

I have the HD jumper on my mobo.

My problem, I have no sound. Everything is installed and recognized on my system. When I change the speakers to different jacks the realtek sound board recognizes that it's moving to different jacks and shows me a picture.

Heres a picture of my system showing everything is installed:
--------------------------------------------------------------------------------------------------
Computer Specs:

SAPPHIRE 100245L Radeon HD 4850 512MB 256-bit GDDR3 PCI Express 2.0 x16 HDCP Ready CrossFire Supported Video Card - Retail

OCZ Fatal1ty Edition 4GB (2 x 2GB) 240-Pin DDR2 SDRAM DDR2 1066 (PC2 8500) Dual Channel Kit Desktop Memory Model OCZ2F10664GK - Retail

CORSAIR CMPSU-650TX 650W ATX12V / EPS12V SLI Ready CrossFire Ready 80 PLUS Certified Active PFC Compatible with Core i7 Power Supply - Retail
CPU

AMD Phenom II X4 940 Deneb 3.0GHz Socket AM2+ 125W Quad-Core Black Edition Processor Model HDZ940XCGIBOX - Retail

MOBO

MSI K9A2 CF-F V2 AM2+/AM2 AMD 790X ATX AMD Motherboard - Retail

-------------------------------------------------------------------------------------------------

More replies
Relevance 53.3%

Since the winter time, my (four year old desktop) has been freezing a lot! More recently, it will freeze when I'm using it, mainly when I'm tampering with media or browsing the web. The cursor will even freeze at the Windows XP Password/Login startup page. I've heard many things, like download spyware, run virus scans, run the Registry cleaner, defragment... etc...etc... This is what I have ALREADY tried.

- Downloaded Registry Cleaner and cleaned up the drives
- AntiVirus has deleted all "malicious programs and the like"
- Defragmented entire C:/ drive a month or two back
- Ran the "cmd" function and disabled many Startup items

The only things I have left to do are run a memory scan (to make sure my memory is working correctly), check my Motherboard for overheating issues, and what else? I really don't want to keep paying money for programs I don't need to check my computer. I'm running out of options and this is getting very aggravating. Again, my computer will OFTEN freeze every five-twenty minutes after I start using it. I can leave it on all night with no activity and it won't freeze. Sounds to me like a hardware problem. Maybe you guys can help? Thanks a ton.

Answer:Win XP user. Frequent lock ups, please help. info inside

open it up and make sure its dust free. then try running it as normal with the cover off, its one way to check and see if its overheating.

1 more replies
Relevance 53.3%

PC Specs:

AMD Athlon FX-55
Asus A8V-Deluxe motherboard
Graphics Card(s): GeForce 6800GT (also tried Radeon 9800 Pro)
RAM: 2GB Kingston in 4x KVR400X64C3A/512 modules
HDD's: 2x WD Caviar 250GB 7200 RPM models (and an older WD IDE model) in a RAID0 configuration using the Promise FastTrack 378 controller.
Windows XP x64 Edition
PSU: CoolerMaster Real Power RS-450-ACLY ATX12V 450W

I use the onboard soundcard, and have no PCI cards installed.

For starters: I built this machine about two and a half years ago, and it has been rock solid for the last two and a half years up until about a week ago.

Here's my issue: I started getting various crashes, everything from DRIVER_IRQL_NOT_LESS_EQUAL to NTFS.sys or fasttx2k.sys (the onboard RAID controller of my motherboard's driver) to no BSOD and just random reboots.

I've got a fair bit of PC building experience and extra hardware laying around, so I decided to troubleshoot the problem for a bit myself before asking for help. I've cleaned all the parts with compressed air, and all the contacts of the RAM cards and my video card, but still no luck, the system still crashed.

I started by running memtest for a night, and it got through 8 passes on all 2GB of RAM with no errors. Kingston is usually quality RAM, so I didn't really think this was the problem.

Then, I unplugged my HDD's from the RAID controller, and stuck in an old IDE HDD I had laying around and formatted it to a new ... Read more

Answer:Numerous Crashes/BSOD's... info inside

Okay, this is what I found:

Your first two Minis point to driver fault with tcpip.sys which is a file essential for a Windows based machine machine to use tcp/ip protocols (use Networking or the Internet).

There was also this warning that ntoskrnl.exe was unabled to be verified by checksum; therfore there is the possibility it could be either corrupted or missing.


* Microsoft has information on errors with tcpip.sys


Third Minidump - amdk8.sys which is an AMD Processor Driver required by motherboards supporting AMD Athlon processors.

In all three minies you will find them pointing to either X64_0xD1 errors (the first two) or X64_IP_MISALINGED (third one).

I know you did a fresh reinstall of XP, but the dumps are pointing to faulty drivers as the issues. Could it be your CPU???

By the way, I know several people who have the same motherboard and they all say the same thing, "Rock Solid."
 

8 more replies
Relevance 53.3%

Computer: ASUSTek Q524UQ 2-in-1 Laptop/Tabet
-Purchased in early August, 2016

Specs:

Intel i7-6500U Dual Core 2.5GHz Processor

NVIDIA GeForce 940MX - 2GB

2TB HDD @ 5400 RPM

12GB DDR4 SDRAM @ 2133 MHz

NOTICE:

I would consider myself a decently experienced and knowledgeable computer owner. I keep drivers up-to-date and I actually monitor the health of my hard drives. I have a kickass cooling pad for my laptop so it doesn't overheat too easily. I also have an anti-virus called Webroot Secure, which people have told me is a very powerful anti-virus that sometimes blocks too much. My laptop only freezes after a while of playing games.

HOWEVER, I check task manager every now and then just to make sure that...

1) My hard drive isn't overworking itself
- My hard drive usually holds at 100% during boot up

2) My CPU isn't breaking a sweat
- I have never seen my CPU work above 60%

3) I'm not using too much RAM
- I have never used more than 75% of my RAM

What I want to know is why my laptop freeze up every now and then. I was thinking of installing a type of software that monitors my internal temperatures as well as CPU usage, RAM usage, and hard drive usage.

Stuff I am CERTAIN about:

1) My GPU isn't acting up
- I actually fixed a freezing problem by updating the drivers

2) Not a virus or any other type of malware
- Webroot Secure is a juggernaut

I'm fairly certain my OS is NOT corrupted. My hard drive is not running out of space, I a... Read more

Answer:Any ideas as to why my laptop freezes? More info inside

Windows Events please?

7 more replies
Relevance 53.3%

If i could get my kids computer to stay on long enough I would be able to post what kind of system it is. I do know its OS is windows xp but the problem I'm having with it is that it continues to shut down and then displays a blue screen with a ton of information that is foreign to me. Something that did seem important was some of the following below:

DRIVE_IRQL_NOT_LESS_OR_EQUAL does that mean an internal conflict????

Near the bottom of the page is mentions:

TECH SUPPORT:

***STOP: then a bunch of zeros with a few letters

and cmvda.sys and more zeros/numbers....

then it says
beg. dump of physical memory
etc
accccckkk, where do i begin??????
 

Answer:Blue Screen of mumbojumbo to me...info inside

8 more replies
Relevance 53.3%

I just bought and updated my IBM Thinkpad 2684 (r40e) To Windows Vista Home Pri.  I need drivers for the Actiontec 802mip Wireless LAN driver FOR VISTA.   I have tried downloading the drives on IBM's site and lenovo's site and Actiontec's site as well.   but none of them support vista.   Please help. Thank youidspence161

Answer:Need R40e Vista Drivers *more info inside*

Welcome to the forum! R40/e units are not supported by Vista, and you will not find any official drivers from either IBM/Lenovo or Microsoft. There are third-party drivers available, but you have to search all over the web. The wireless card that you're referring to is not supported by Vista either. Good luck.

5 more replies
Relevance 52.89%

Alright, over a week into 64-bit, and I have noticed the following benefits/problems:

Tremendous WiFi improvements! Downloading while simultaneously having multiple browsers working. Major for me! W-o-W!

Much faster transfers from one hard drive to another! I've seen transfer rates of over 40MB/sec when moving or copying LARGE files. Again, very useful for me! W-o-W!

Startup/shutdown MUCH faster: Most noticeable on startup! It boots in SECONDS...It takes a mere 20 seconds from the fingerprint reader (at the BIOS) to having the desktop populated, with the hard drive idle. W-o-W!

Firefox 2 x86 users: I had initially been under the erroneous impression that the popular Tab Mix Plus extension did not work under Vista x64, so I had installed Session Manager, and it worked just fine. HOWEVER, the "culprit" was my having installed both Firefox 2 AND FF3 (Beta 3 a.k.a. Minefield) at the same time. I uninstalled FF3 Beta 3 a while ago, and just recently came to the conclusion, that it had probably interfered, and sure enough, that was it. I re-installed the TBP extension, restarted, and it worked. Then Session Manager. Uninstalled, rebooted, works just fine. So now I have ONLY TBP (which I prefer to Session Manager) for managing tabs, and no "quick links" on the toolbar are missing (which happened when I had both FF versions installed), and TBP works without any problems.

On a different note, I won two free games that run under Steam, so I thought, alright, p... Read more

More replies
Relevance 52.89%

I started playing World of Warcraft again last night, then I had a BSOD and I had another barely 10 minutes ago. The pc restarted soon after so I was not able to grab an image of it (I have since turned off the automatic restart so if it happens again I will obtain a picture.)
I'm not the best when it comes to fixing computer issues, I used to have BSOD constantly on my old computer until one day the harddrive just wouldn't work and I lost literally everything. Now I am on a ?600+ cyberpower PC built to my own specs, and I would rather fix the issue sooner rather than later.
Anybody that can give me any advice I will be eternally grateful for, and if I have made a faux pas on this forum please draw my attention to it, and I will resolve it. Cheers


This is the information I was able to obtain when windows had restarted... note, I am using Windows 7 Ultimate x64 (which may not be entirely legit... hopefully that isn't too much of an issue)

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 2057

Additional information about the problem:
BCCode: 3b
BCP1: 00000000C0000005
BCP2: FFFFF80002C8B01E
BCP3: FFFFF8800A9F3DE0
BCP4: 0000000000000000
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\092814-30420-01.dmp
C:\Users\....\AppData\Local\Temp\WER-47330-0.sysdata.xml

Edit:// Ran Dm Log Collector - Zipped file attached

Answer:BSOD playing World of Warcraft (more info inside)

bump somebody has gotta know the answer

1 more replies
Relevance 52.89%

recently i was deleting all these old files on my cpu by going to the start menu, control panel, and clicking "change, remove" programs.... i did that and i was almost positive i didnt delete anything i need (not to good w/ cpus) but i think i did b/c whenever i start up my cpu it says DELL and i can press f2 and f12 but after that it just goes blank and i only have to press the power button one time to turn off not hold it to turn it off please help me.
 

Answer:My computer wont boot up (more info on whats going on inside)

Try removing and replacing the CMOS battery also clearing the BIOS may help. I could try to assist more but the only description you give of your System (cpu) is DELL or as you said



Andino said:





(more info on whats going on inside)Click to expand...


 

2 more replies
Relevance 52.89%

(spoiler alert: this is a long story ~~ )
---------------------
computer specs:
mainboard: msi i875p chipset sata I supported, onboard lan, agp&pci slots.
cpu:intel p IV 3.06 ghz HT (single core)
vga I : sapphire ati radeon x1950gt 256mb 256bit gddr3 agp8x
vga II: his ati radeon 9250 something
hdd I: seagate 120gb sata I
hdd II: samsung 200gb sata I
hdd III: wd 250gb sata I
rams: 2gb(4*512mb) kingston ddr I pc3200(400mhz)
psu : fsp epsion 700w psu.
psu II: stock 350w psu(came with case, never used it)
os: windows xp pro eng sp3 retail version (unattended)
---------------------

hi, I have been having problems with my 5 year old pc lately, it bitches twice a month, but now, it gotten worse than ever.
Last week, my pc became unstable, after replacing the hdd,vga card, I thought maybe the ram was the problem. I downloaded memtest and made a bootable cd, it said there is at least 1 error. Then I removed all of the rams(4rams, 4slots). Then I started trying rams 1 by 1. 16 different times, no errors. So, I put them all back on, this time no errors. Then I formatted my pc, installed windows xp pro eng sp3 (retail version, unattended). Downloaded updates, and when I restarted my pc, I only got black screen. No beeps, no sounds. The hdd light(the red one) is lit, and never goes off.
By the way, when I press the power button, my pc starts, all fans run, the mainboard chipset fan runs, too, with the lights on.cpu fan runs, too.

Here are the steps I tried:
- used a different hdd(... Read more

Answer:pc does not start, black screen only, detailed info inside

9 more replies
Relevance 52.89%

I have two windows 7 home premium 64 bit installs in my home on the same network. I've set up a homegroup on one and put the password on the other pc. Turned off asking for credentials, turned on network discovery, have set up two shares on the 2nd pc with EVERYONE as having full access. (the shares are drives, not folders).

By all means, I should be able to access the shares on the 2nd computer, but I always get prompted for user/pass. I should add, the user/pass on both computers is the same and they are both in the same workgroup, MSHOME. By reading up on a few other posts here, I decided to try to rename the second computer, reboot, name it back to the original, reboot, and see if that fixed the problem. It did, and I was able to access the shares without having to put in a user/pass.

However, MS patches came down and I had to patch and bounce both machines (typical weekly patch load). After doing so, I'm back to the same problem--requesting the user/pass again. And, when I do put in the user/pass, it doesn't connect either.

I'm stumped. I did read another post where someone had to put in the user or group of NETWORK with full access and that solved his problem, but for the life of me, I cannot figure out why I cannot get this homegroup to work properly. I've set up probably 4-5 homegroups in the past without any issues and have done all of the same things here.

/tearing my hair out.

Answer:My homegroup is corrupted and works until next reboot -- info inside

This a homegroup or workgroup?

3 more replies
Relevance 52.89%

Greetings,
I have been having various BSOD?s for months now. They are unpredictable and no one action causes them (That I am aware of).

I am running:
Vista x86 SP 2 (although the problem has occurred on SP 1)

On a custom built computer with:
M2N-SLI Deluxe MB
Nvidia GeForce 8800 GT
AMD Athalon X2 6400+
Recently replaced Turbolink 500w PS (The last PS fried, I was crashing before it did)
3 gigs of Mushkin RAM
1 Seagate and 2 WD HDD?s
Asus DVD drive
TSST DVD +RW drive
Aver Media M780 TV tuner (PCIe)

History/Steps taken:
The computer originally had a dual boot of Vista x86 and XP x86 and worked splendidly with no crashes for months. When it started to crash, and has continued to crash, I could not recall any recent hardware or software changes at the time. At the time, I restored the computer to an earlier state and it continued.

Recently I have:
Wiped the OS drive and completely reinstalled just Vista.
Flashed the BIOS and reset CMOS.
Ran the packaged RAM test with Vista (No problems. In the past I ram memtest 86+, and also had no problems)
Cleaned out and reinstalled older drivers for the Graphics card and tested for BSOD (All bsod?d)
Ran AusLogics diskdefrag multiple times.
Tested each stick of RAM in each slot on the MB (Each stick crashed in each slot)
Monitored temperature with Everest (Did not find anything abnormal, although it does not have RAM temp)
I have the side of the case open with the fans still plugged in (Couldn?t hurt... Read more

Answer:Vista x86 random BSOD - Full info inside

hi and welcome to TSF this could still be a psu issue if your psu is 500w it may not be producing enough power to run the computer,the supply may say 500w but may only produce 80% of what is stated

19 more replies
Relevance 52.89%

Hello WindowsTenForums

I was wondering if anybody can help me with this problem I seem to have, I used to run windows 7 flawlessly on my SSD with no problems at all, I upgraded to windows 10 a while back and that was fine. But for some reason a few months on windows 10 would just freeze up on me and I was unable to open programs, shut down. It would just completely freeze.

So I did a fresh install of windows 10 on my ssd and it worked fine again for 2 months.

Then again today it updated automatically and restarted and it keeps freezing again, and when I try to boot my computer up sometimes it loads windows and sometimes it does not.

The SATA Controller is looking for hard disk, and it takes a long time to find anything. Then it finds the hdd's and my ssd and it says loading operating system. Then the dots go like this . . . . . . . . . . FAILED TO BOOT FROM DISK

I ran a CHKSDK /r and /f and that seems to help the problem for sometime. But then its just a matter of time before the problem returns.

Not sure what the problem is.. ?

SSD Dying ? But if that is the case why did it work fine for months after a fresh format?

Sata cable?

Mobo dying?

Sorry if this is typed really bad, it's 4am here and I am just a little fustrated.

Thank you all for readng

Answer:Windows 10 (Disk boot failure) more info inside

Please fill in your system spec's, make of mobo, age etc. this will help to determine what could be your problem.

I'm also having issues with my desktop, which started after 10586.0 was installed, that is a few days later, lots of freezing, have to do a cold reboot, there seems to be no reason why.

I run a dual boot, one with an older HDD running with the insider preview, and a SSD for my main windows 10.

Both are at the latest update 10586.14.

My older HDD runs just fine with no lockups, which is almost 10 years old.

Anyway the SSD is 6 months old and hopefully is not failing.

Have been doing the online update with my SSD, but since the problem started I've done sfc and dism checks, formatted twice, but the freezing continues intermittently.... we seem to have a similar problem.

Flopflip welcome to the forums, there are lots of helpful people on here.

4 more replies
Relevance 52.89%

Code:
[IMG]http://img18.imageshack.us/img18/861/systeminfor.png[/IMG]
[IMG]http://img32.imageshack.us/img32/5346/packetssent.png[/IMG]
[IMG]http://img194.imageshack.us/img194/8320/dnsservv.png[/IMG]
[IMG]http://img8.imageshack.us/img8/9482/nicenabled.png[/IMG]
[IMG]http://img207.imageshack.us/img207/2412/nicdriverdetials.png[/IMG]

ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Johns-Computer
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cinci.rr.com

Ethernet adapter Local Area Connection 7:

Connection-specific DNS Suffix . : cinci.rr.com
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethe
rnet NIC #2
Physical Address. . . . . . . . . : 00-E0-18-9E-0D-59
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 24.209.197.64
Subnet Mask . . . . . . . . . . . : 255.255.240.0
IP Address. . . . . . . . . . . . : fe80::2e0:18ff:fe9e:d59%4
Default Gateway . . . . . . . . . : 24.209.192.1
DHCP Server . . . . . . . . . . . : 10.55.96.1
DNS Servers . . . . . . . . . . . : 209.18.47.61
... Read more

Answer:Cannot Connect to Internet!! but i have an ip address?? all info, w/ pics, inside.

have you installed in that past any firewalls or have any on.

19 more replies
Relevance 52.89%

Dont Know If This Would Help you I Saved My DxDiag Log, I Had No Idea What Too Do In There. sound can last 10 minutes at times and i could leave my computer on and sound will last a week or even longer.

DxDiag Log
 

More replies
Relevance 52.89%

? OS - Vista/ Windows 7? Windows 7 Home Premium
? x86 (32-bit) or x64? x64
? What was original installed OS on system? This OS, Win7
? Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? OEM version, came pre-installed
? Age of system (hardware) Approximately 1 month old
? Age of OS installation - have you re-installed the OS? No, approximately 1 month old OS
? CPU Intel Core i5 760 2.80ghz (Stock setting)
? Video Card EVGA Geforce GTX 460 SuperClocked Edition 1GB Memory (Stock setting)
? MotherBoard MSI H55M-P33
? Power Supply - brand & wattage Xion 600 watts

God I hope someone can help me. My system will not boot at all, and I'm forced to use SafeMode. I'm not sure how useful the information will be in the attached file since I'm in SafeMode, but the perfmon test wouldn't work. I got an error saying the system cannot find the path specified. If there are any other ways for me to post or describe information please let me know and I'll gladly do so.

The BSODS will occur either during the Windows Loading screen, right before the desktop appears, or about 30 seconds after my desktop appears. It's almost like clockwork, and I'm forced to use SafeMode. I got this system about a month ago from iBuyPower, and haven't tampered with anything and have only gamed and browsed on it. I really hope I can find a solution before I consider sending it back, and I have more faith in the support here just by readi... Read more

Answer:Bizarre BSOD on startup. Detailed info inside.

Hello and welcome to TSF.

All bugchecks are video-related. The fact that a System Restore didn't help tells me that there's something wrong with that graphics card. I truly think your best bet is to send it back to the manufacturer or RMA the card.

I find it strange that it's so systematic if it's hardware-related, though. One thing you can try to do from Safe Mode is reinstall DirectX: Download details: DirectX End-User Runtime Web Installer

If that doesn't help, you can try removing the video driver via Device Manager (help here if you need it: Accessing Device Manager | DT Roberts) and seeing if you can get into Windows normally.

Keep us posted. Best of luck.

Devin

BSOD BUGCHECK SUMMARY
Code:

Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Debug session time: Fri Jan 7 02:52:00.740 2011 (UTC - 5:00)
System Uptime: 0 days 0:00:46.222
BugCheck 117, {fffffa8006ae4010, fffff88004935e64, 0, 0}
*** WARNING: Unable to verify timestamp for nvlddmkm.sys
*** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
Probably caused by : nvlddmkm.sys ( nvlddmkm+12ee64 )
BUGCHECK_STR: 0x117
PROCESS_NAME: System
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Debug session time: Wed Dec 29 21:31:38.164 2010 (UTC - 5:00)
System Uptime: 0 days 1:39:24.272
BugCheck 116, {fffffa80042db4e0, fffff88004f5c028, ffffffffc000009a, 4}
*** WARNIN... Read more

9 more replies
Relevance 52.89%

bootcamp doesnt work require optical drive but my imac doesnt have one
go figure!
plz help
imac 2011 21.5 inch screen sierra 10.12.3 os delete system preferences used x code text wrangler batchmod
nothing works
i am unable to replace info.plist regardless of what i do due otgold permissions
please help ty

More replies
Relevance 52.48%

Was originally a vista machine.

http://support.packardbell.com/uk/it...0X19701&g=2000


the vista driver is:

Realtek High Definition Audio driver 6.0.1.5377 Windows Vista 12-12-2007


I can't find one that will work with sp3.

Thanks for the help.

More replies
Relevance 52.48%

Hi, my video drivers are out of date and could someone please give me a link to update it. Here is my info

Windows Version: Windows XP
Description: RADEON 9200 SERIES
Version: 6.14.10.6614
ATI CATALYST

if you need any other info then that then just ask me because I am not sure what info you need. Thank you.
 

Answer:Can someone please give me a link to update my video drivers(info inside)

You should find everything you need at
http://ati.amd.com/support/drivers/xp/radeon-prer300-xp.html

Radeon (PC/Mac)
All-in-Wonder®/TV Wonder?
Mobility (Laptop/Notebook)
FireGL?
FireMV?
Motherboard
Catalyst? 6.11 Display Driver for Windows XP Professional/Home Edition
Download Link File Size Version Date Posted Package Includes
Catalyst Software Suite 46.6MB 6.11 Nov. 15, 2006 Display Driver
Catalyst Control Center
WDM Drivers
Optional Downloads:
* ATI Multimedia Center
Additional Links:
* Catalyst Crew Driver Feedback
* Windows Vista Information
* RSS Feed - Catalyst News Catalyst News
* Previous Drivers and Software
 

9 more replies
Relevance 52.48%

Hello, this morning I received a blue screen upon turning my PC on, this 'page fault in non paged area' happens during the windows loading screen so I'm unable to get into my PC to get any real information for you guys, I'll write down my PC specs and what I was doing on my PC yesterday that might've caused this, I hope it helps!

PC specs

Windows 7 64bit
Motherboard - Asus Z87-k
CPU - Intel i5-4670k ( I've tried booting in both the stock setting of the CPU and the oc'd setting, neither work
Graphics card - Nvidia 780gt 4gb
RAM - 8gb (2 sticks) DDR3 1600mhz corshair 9-9-9-24
SSD - Samsung 840 pro series 128gb (OS is on this)
HDD - Seagate barracuda 2tb
CPU cooler - Corsair h80
PSU - corsair 750w

Yesterday on my PC I installed the latest windows update and ran 2 games for the first time (apologies if this means nothing )

I had bsod issues in the past but they were due to an over clocked graphics card which has since been reset and I've been all clear since

The only other thing I can give you guys is a picture of the bsod that I took if that's of any use?

Thanks for reading this, I'd be very greatful for any help on this issue, I'm not too knowledgeable on PC's but I will do my best to give you more information if you need it, cheers guys!

EDIT - I ran windows startup repair and it said it couldn't fix my problem automatically

Answer:bsod happening during windows loading screen (more info inside)

Just a quick update, I triedbooting in safe mode and the bsod still happened

Any help would really be appreciated!

5 more replies
Relevance 52.48%

nothing goes dark, just that once or twice a minute, there is a kind of bright flash on the external monitor.   
i am not having the problem same HDMI cable and viewsonic monitor on a different laptop.   so it must be my dell e6530, not the cable or the monitor.
what do you think could be the problem?   more detail:
windows 10, Nvidia nvs 5200M, intel HD4000 graphics.   i disabled "optimus" in BIOS so it just uses tne Nvidia card, not the cpu graphics.  
device manager shows settings for 'display' and for 'monitor'.  for "monitors", device manager shows both the 'generic pnp driver' and the 'viewsonic' driver; disabling one or both of these "monitor" in device manager does nothing.   in the 'display' section, it is just showing the Nvidia because intel was disabled in BIOS optimus.

More replies
Relevance 52.48%

I Accidently Deleted my Sound, Thinking it was Spam. After i did this, a couple weeks later, i Got A super bad Virus, Wiping Everything out, and i had to start from Scratch. I tried a undelete program, But it did not work i think becouse of this. Do i HAVE to call my internet company?
(By the way, my modem name is compaq , Dont know much more.)
 

Answer:Umm.. I accidently deleted sound on my computer. More info inside, Please Read.

well that i know of internet companies don't take care of this stuff, so if you have a dell, compaq, gateway, hp,(im talking about the computer not the modem) or any other big company you should call costusmer support (besides it's free) so you only lose time.
 

16 more replies
Relevance 52.48%

Hey Everyone,
Im having problems with my computer and its driving me insane! Please help me. Even as a techie, I cant figure this one out...

I was working on my computer when it froze. It has done that before so I shut it off and turned it back on.


Well I turned it back on to a Windows XP boot logo that faded in half way then stopped. The blue status bar didnt show up but the XP logo faded in about half way.

Anyways, I tried rebooting in safe mode to no avail.

I tried booting with the Last Known Configuration to no avail.

I tried Memtest86, alls good.

I tried Microsofts Mem Test, alls good.

I tried booting to Linux. That worked but then it froze too! I shut the computer off (because it froze) and booted it back up and now SuSE wont even load!

I tried booting the Windows XP CD so I could repair the installation but it wont load, it hangs on "Setup is starting Windows".

I tried updating the mobo bios.

I tried resetting bios config back to defaults.

The day before I just ran Spybot and Adaware with latest definitions.

When I try to boot to Safe mode it hangs on nv_agp.sys (that may or may not have anything to do with it).



I have an MSI K7N2G-L mobo, 2x 512MB Crucial DDR400(?) RAM, im trying to boot from a fairly new (3 month old maybe) Maxtor 60GB hard drive 7200RPM. Ive also got an ATI Radeon 9800 Pro AGP video card, USB mouse and PS/2 keyboard. Two network cards (ones wireless, ones wired - both Netgear), a ... Read more

Answer:**XP Wont Boot - Hangs on EVERYTHING - DETAILED INFO AND STEPS INSIDE - PLEASE HELP!!

hi krazyjosh,

hmmm..........looks like you did plenty of troubleshooting and thats good job you did but sucks to hear that your comp is bad. hmmm....try clearing the cmos and see that works. also if you can get into another working computer and download the latest maxtor hdd diagnostics utility that would be great.

assuming you downloaded the utility, boot off of it and test your hdd for any errors. good luck

7 more replies
Relevance 52.48%

I'm an audio engineer doing work in Windows Vista 32 bit Home Premium edition. I have an HP dv6883us with a 1.83gHz Core2Duo with 3GB of RAM.

My system has been rock solid for months, then out of nowhere I started getting BSOD crashes the past few days. These crashes always happen when using audio software. Now, I'm using the onboard sound(I do have other sound devices that are better, but for convenience when at work I just use onboard) which is a Realtek HD Audio device. I use a driver "wrapper" called ASIO4ALL(www.asio4all.com) which basically takes the WDM drivers and lets it act as an ASIO driver, which gives the best performance in audio software generally. This is a setup that thousands of people use, and I've used it with no issues for months now on this system, and on several other systems for years.

Anyways, the BSOD crashes happen randomly, but always while using audio software. Sometimes it happens when I hit the "Stop" button in the software, or whenever I perform another action. But pretty random.

Now, the ASIO4ALL just uses the onboard sound and it's drivers, and traditionally is as stable as the drivers you have. My Realtek drivers are just the ones that the computer update software itself(from HP) installed, and are the latest version. I ran the verifier.exe on the drivers, even though all audio and video drivers are already signed by Microsoft. No errors or any other signs of instability came up.

Here is my debug information:
[co... Read more

Answer:Soundcard related BSOD crashes- full info inside

The analysis says that RTKVHDA.sys is the image where the error occurred.
The date stamp on it indicates it's from Oct 2007 - which is fairly old.

I'd suggest uninstalling your RealTek audio drivers from Control Panel...Programs and Features, then install a freshly downloaded copy of the latest version of the drivers for your system.

Although there's no evidence of the ASIO4ALL program causing problems, that'd be the next thing that I'd check if the RealTek update doesn't fix things.

22 more replies
Relevance 52.48%

First I want to say I am new to this forum and have been out of the computer building loop for a while it used to be so much simpler. Whatever knowledge I have I will gladly share with others.

My system was built around 2 years ago but should still run some of the games I am having trouble with no problem.

First its a home built system I built in early 2002 I have been having this same problem on and off but now I am tired of it, and frankly want to actually use this thing.

Games I am having problems with are Serious Sam (I know this isn’t a good example as it is a temperamental game as it is) Unreal2, Undying, and Runaway sometimes as well as others. Those are the most recent, and are the quickest I can get to lock up.

The lockup will occur at different parts but near the first 15 minutes to 45 minutes Runaway being the exception because I have played it for 5 hours before a lockup. Most the time the sound is stuck on one note. BUT once in a while the sound will have a small loop. I have to do soft reset at the case, as the keyboard is not responsive.

Specs I will be as thorough as I can here:

300 watt Codegen Power supply
Win 98
SYK7V Soyo Dragon Plus VIA KT266 ATX Motherboard
AMD Thunderbird 1.4 NOT OC'd
256MB PC2100 DDR Ram Also swapped for 512 of Spectek 2700
Thermaltake Volcano 6 CU+
Sony 24/10/40 CDR Drive
Generic Floppy
Maxtor 60 GB 7200 RPM Drive
PNY Geforce4 MX440 8xAGP 64MBDDR
SB PCI 512 also swapped for SB16 PCI
US Robotics V.92 56K modem (No Bro... Read more

Answer:Most recent Games Lockup Please help detailed Info Inside. My last resort.

9 more replies
Relevance 52.48%

Hi there,

I am posting on behalf of my girlfriend as she has had a few problems with her laptop as of late. The most prominent of these problems is that when she tries to access Windows Update, her browser is redirected to Google English. This problem is browser independent, it occurs in IE, Firefox and Opera.

We figured it was some kind of malware causing the problem so tried a few virus/malware scans. Norton threw up nothing. It was suggested on other sites to use less, well known virus scanners. So we proceeded to use a program called 'Malwarebytes Anti-Malware'. This as first seemed to be a success as it found the following malware:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.189 85.255.112.94 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f1c69a9f-3f66-485e-b7a2-1cbfca7b7d28}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.189 85.255.112.94 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.189 85.255.112.94 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{f1c69a9f-3f66-485e-b7a2-1cbfca7b7d28}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.189 85.255.112.94 -> Quarantined and deleted succ... Read more

Answer:Accessing Windows Update Redirects To Google: HJT Log and Info Inside

7 more replies
Relevance 51.66%

As per posting instructions...I have removed the stuff on my thread and just attacthed the zip the rules request.

OK so I have been suffering from BSOD,freezing with no info that needs me to restart and graphical artifacts in and out of game.On top of that there are crashes happening randomly in various games and of different nature each time and even the internet browser crashes many times.(game errors can range from file verification errors to simple mapload crashes with no message)
Artifacts have happened since I upgraded to R9 280MSI but the BSOD happened before as well.Last GPU got fried.I thought it was my HDD but that died as well and the BSOD persists even while running single SSD.

WIN DEBUGGER error log(bsod dump analyzed) :
TinyUpload.com - best file hosting solution, with no limits, totaly free

[

Answer:BSOD,freezing,artifacts&crashes (big info inside - STOP 0x0000003B)

Still no light.
Am I supposed to let this sink?Is thread bumping allowed?(rules say no useless posts to increase your count, but what happens if thread gets buried?What is the point of not bumping if I am just gonna go make the same thread?)

9 more replies
Relevance 51.66%

I'm an audio engineer doing work in Windows Vista 32 bit Home Premium edition SP1. I have an HP dv6883us with a 1.83gHz Core2Duo with 3GB of RAM.

My system has been rock solid for months, then out of nowhere I started getting BSOD crashes the past few days. These crashes always happen when using audio software. Now, I'm using the onboard sound(I do have other sound devices that are better, but for convenience when at work I just use onboard) which is a Realtek HD Audio device.

I use a driver "wrapper" called ASIO4ALL(www.asio4all.com) which basically takes the WDM drivers and lets it act as an ASIO driver, which gives the best performance in audio software generally. This is a setup that thousands of people use, and I've used it with no issues for months now on this system, and on several other systems for years.

Anyways, the BSOD crashes happen randomly, but always while using audio software, except for one time I was just browsing the web. Sometimes it happens when I hit the "Stop" button in the software, or whenever I perform another action. But pretty random.

Now, the ASIO4ALL just uses the onboard sound and it's drivers, and traditionally is as stable as the drivers you have. My Realtek drivers are just the ones that the computer update software itself(from HP) installed, and are the latest version. I ran the verifier.exe on the drivers, even though all audio and video drivers are already signed by Microsoft. No errors or any other sign... Read more

Answer:[SOLVED] BSOD with Realtek drivers/Vista SP1/full info inside

Anyone have any ideas? Can't seem to find anything anywhere. I'm pretty frustrated with it, so please forgive the impatience.

Brent

5 more replies
Relevance 51.66%

A few days ago I tried logging in WLM 2011 and it gave me an error saying the application stop working or something like that. So I uninstalled the program using Revo Uninstaller and it uninstalled it and scan leftovers as well. The problem after installion the program gives me an error says wldcore.dll is missing from your computer. I found the dll file and placed it in the installation folder and then it gave me another error saying UXCore.dll is missing from your computer. And again I found a copy of this file and now it gives me another error. Here is a picture of the Error. I also deleted temp files. Also followed a guide for a Clean Installation of Windows Live Messenger and still no results.



I know I must be doing something wrong thats why I would like your help

Thanks alot

Answer:[SOLVED] Can't Make Windows Live Messenger to work [More Info Inside]

Did you update your Computer to the latest update from Microsoft? There's been a few other posts about Windows Live things stopping working after they've updated to the latest update.

Well, i doubt YOU have done anything wrong, unless you've been going about your computer deleting files at random, so rest asured.

That errormessage there indicated that you've gotten the wrong UXCore.dll file. You downloaded it from the internet, or took it off of another computer, didn't you?
That wouldn't work.

Check for new updates from Microsoft.

2 more replies
Relevance 50.84%

Hi everyone,

My name is Alex and I'm from Brussels, Belgium. I'm 30 and I work for a European institution
I'll try to explain my problem in the most detailed way possible. I hope someone will be able to help me because I'm at wit's end right now as to what could cause the problem...

SPECS:
I have a brand new system (except for CPU and PSU) as follow:

OS: Windows 7 x64 SP1
RAM (4GB total):
1x GSKILL STD SERIES DDRII PC6400 2GB CL5 (BRAND NEW)
1x KINGSTON DDRII 2GB (~2y old)
HDD: SAMSUNG SSD 840 120GB (BRAND NEW, no previous OS installs)
Motherboard: ASROCK N68C-GS FX AM3+NV GEFORCE 7025/NFORCE 630A (BRAND NEW)
GPU: SAPPHIRE RADEON HD7870 2GO (BRAND NEW)
CPU: AMD Athlon X2 6000+ 3.01GhZ (~2y old)
PSU: 800W Diamond Power / Power Supply ATX12V 2.2 / EPS12V (~1yr old)


HISTORY:
The computer had a hard drive failure and thus a hard drive replacement (both old and new being 1TB SATA HDDs) about 3 months ago.
I took the opportunity to switch from XP to win7. My computer did not like this and started constantly giving me 50% CPU loads even when fully idle. The process taking 50% cpu was "system". We traced this to ntkernel and after a deep analysis found it to be the USB ports. 2 of the 4 motherboard USB ports had died and we figured it was related --> NEW MOTHERBOARD + decided to buy a new GPU, HDD and extra RAM.


As you can see above, new motherboard, new HDD (SSD instead of SATA), more RAM, and new graphics card. The only hardware... Read more

Answer:Win7 freezes & BSODs when playing high spec games only (loads of info inside)

Pardon the very early bump, but I have new information that could help maybe!

I ran a processor (& ram) stress test using a program called Prime95. It put both my cores at 100% use and was supposed to do so for several minutes.

On the first attempt, one of the two cores suddenly dropped to 0% and I received the following message:
[Mon Apr 08 22:21:26 2013]
FATAL ERROR: Rounding was 0.5, expected less than 0.4
Hardware failure detected, consult stress.txt file.

The second core stayed at 100% as the test was still going on, but about 1 minute later, my computer completely froze (same way as explained in the first post).

I tried running the test again with another setting to try to focus more on the processors and less on the RAM (although I believe it still put stress on the RAM to a certain point), and this time within 30 seconds I received a BSOD. The error message mentioned atikmdag.sys.

I'm attaching the latest dump file which includes the new BSOD dump.

So, is my processor malfunctioning? :(

2 more replies
Relevance 50.02%

Hi, I dont know very much about computers, so I was wondering if anyone would help me with a problem I have. The problem I have wont let me change my Homepage in Internet Explorer. It keeps taking me to a webpage called http://letgohome.com.

Here's the log file(thanks in advance ):

Edit by chaslang: Unrequested, incomplete, inline log removed
 

Answer:Need Help (HiJackThis log inside)

Please read the Announcement at the top of everypage in the Spyware Forum. Also please read and follow the sticky thread guidelines. Do not post HJT logs unless requested and then do not post them inline.

Please follow the steps below:

- Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus RemovalMake sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

Now download the following tool: L2MeFix Tool

Please move the L2MeFix Tool to your Desktop and DoubleClick l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix Folder on your Desktop. DoubleClick l2mfix.bat and Type 1 and ENTER to select Option #1 for Run Find Log . Allow it as much time as it needs to run until NotePad opens with a log. Post that log later after completing the remaining steps.

NOTE: Please do not run any other options or files in the l2mfix Folder!

After doing ALL of the above you still have a problem:

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run ... Read more

4 more replies
Relevance 50.02%

Hello,

I'm so lost! I receive numerous pop-ups when opening Foxfire and Internet Explorer. Since this has been happening, my computer has been running very slowly. I have scanned my computer with many different Spyware programs, however none seem to fix this problem. I recently scanned my computer using Hijack This, and here is my log...

Please Help

Thanks,
Jeyh87

------------

Logfile of HijackThis v1.99.1
Scan saved at 10:48:08 PM, on 4/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Vi... Read more

Answer:Please help HijackThis log inside

Hi and welcome to TSF.

Apologies for any delay in replying, but we have been rather busy lately, and, of course, all our helpers are volunteers.

My name is Iain and I will be helping you clean your system.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your log is clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.


P2P - I see you have P2P software (i.e. Bearshare) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information. Note: Even if you are using a "safe" P2P program, it is only the pr... Read more

1 more replies
Relevance 50.02%

Something is causing my CPU processing time to be pegged and I'm pretty sure it's spyware, I've already ran Ad-Aware and Spybot which removed a bunch of stuff but there must still be an issue because if I boot into anything other than safe mode my CPU processing is pegged to 100%

Please help...

Logfile of HijackThis v1.99.1
Scan saved at 11:14:00 AM, on 2/7/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Trend Micro\OfficeScan Client\ofcdog.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\SYSTEM32\USRshutA.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Documents and Settings\tthreadgill.cmka\Desktop\Virus-Spywar... Read more

Answer:Help, hijackthis log inside

6 more replies
Relevance 50.02%

Hi,

My computer has been almost useless on the internet due to a bunch of adware and spyware. Please check my log and let me know what to fix. Thanks!

Logfile of HijackThis v1.97.7
Scan saved at 8:54:45 PM, on 5/13/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPClient.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Verizon Online\Visual IP InSight\IPMon32.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Lycos\IEagent\Loader.exe
C:\DOCUME~1\Johnny\LOCALS~1\Temp\bundle.exe
C:\windows\temp\p9N8jM.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe
C:\WINDOWS\System32\CTsvcCDA.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~... Read more

Answer:Please Help - HijackThis log inside

Download and save these freeware/donationware programs to a permanent folder. Remember to check
for updates and run them weekly.

***NOTE***A new version of SpyBot's been released (v1.3...it's no longer in beta). Click on "Immunize" and unload ALL the immunizations first before uninstalling.)

Ad-aware

http://www.lavasoftusa.com/support/download/#free

SpyBot:

http://majorgeeks.com/download3957.html

Run one. Restart you computer. Run the other. Restart.

I also highly recommend you install and update SpywareBlaster:

http://www.javacoolsoftware.com/spywareblaster.html

Tutorials for all 3 programs:

***NOTE*** The Ad-aware tutorial shows how to configure Ad-aware for a DEEP scan, the default settings are are ALWAYS changed
per advice from the security experts on these forums. If you already know the basics of Ad-aware skip to Step #4 and configure
it accordingly.

http://www.bleepingcomputer.com/forums/index.php?showtutorial=48

Spybot Tutorial:

http://www.bleepingcomputer.com/forums/index.php?showtutorial=43

SpywareBlaster Tutorial:

http://www.bleepingcomputer.com/forums/index.php?showtutorial=49

Re-start your computer and post another HJT log in this thread.

Hope this helps. A little.
 

1 more replies
Relevance 50.02%

Norton Found IEfeats but couldnt Delete. I followed Instruction on there site to remove but the registry locations they suggest do not contain the entries suggested.I was unable to update hijackthis..It said it couldnt connect to the server..and either i have no connection or the server is down.Here is the log..Logfile of HijackThis v1.98.0Scan saved at 2:34:33 AM, on 6/30/2004Platform: Windows ME (Win9x 4.90.3000)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\SYSTEM\KERNEL32.DLLC:\WINDOWS\SYSTEM\MSGSRV32.EXEC:\WINDOWS\SYSTEM\mmtask.tskC:\WINDOWS\SYSTEM\MPREXE.EXEC:\WINDOWS\SYSTEM\STIMON.EXEC:\WINDOWS\EXPLORER.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXEC:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXEC:\WINDOWS\SYSTEM\SYSTRAY.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXEC:\WINDOWS\SYSTEM\WMIEXE.EXEC:\WINDOWS\SYSTEM\RESTORE\STMGR.EXEC:\PROGRAM FILES\OPERA7\OPERA.EXEC:\WINDOWS\DESKTOP\HIJACKDE... Read more

Answer:Please Help..HijackThis Log Inside.

NEW LOG...After running spybot 1.3Logfile of HijackThis v1.98.0Scan saved at 4:27:11 AM, on 6/30/2004Platform: Windows ME (Win9x 4.90.3000)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\SYSTEM\KERNEL32.DLLC:\WINDOWS\SYSTEM\MSGSRV32.EXEC:\WINDOWS\SYSTEM\mmtask.tskC:\WINDOWS\SYSTEM\MPREXE.EXEC:\WINDOWS\SYSTEM\STIMON.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXEC:\WINDOWS\EXPLORER.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXEC:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXEC:\WINDOWS\SYSTEM\SYSTRAY.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXEC:\WINDOWS\SYSTEM\RESTORE\STMGR.EXEC:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXEC:\WINDOWS\SYSTEM\WMIEXE.EXEC:\PROGRAM FILES\OPERA7\OPERA.EXEC:\HJT\HIJACKTHIS\HIJACKTHIS.EXER1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\iigde.dll/sp.html#96676R1 - HKLM\Software\Microsoft\Internet... Read more

2 more replies
Relevance 50.02%

Everytime I try to click a .exe file it seems, I get "The requested resource is in use", and the path to the file.

I think its also causing FireFox not to update, as the upload process never works (even for any other program that does an automatic update) . I can't even access anything in Administration Tools (in Control Panel). In Google I kept finding stuff about ASP, but I'm not entirely sure thats it.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:29:30 PM, on 2/28/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft... Read more

Answer:Need help... HijackThis log inside...

Last attempt for help before I leave this site and look elsewhere...
 

1 more replies
Relevance 50.02%

ok well all of a sudden i started getting spyware on my computer and adaware couldnt erase it and it just stared building and building i tried installing norton but i think it just messed it up even more... let me know if you see anything that needs deleting in the hijackthis log...some of the programs that i want deleted or uninstalled that do not matter are spysweeper spyware doctor any norton product, or anything that i can safely delete from running in the back ground without messing up the proformance....like i know something with ipod is started in the background everytime the computer starts but i dont use the ipod that much...so it is taking up my computers proformance, but if its something like the ipod service that you can delete from running in the background but it opens up once you click on it to use it post-startup id like to get rid of those type of items to avoid unnessasary use of my computers resources. so like here O23 - Service: TSI Remote Control Service (TSIRCSRV) - LapLink, Inc. - C:\WINDOWS\System32\TSIRCSRV.EXE something with laplink. i dont need it everytime i start my computer but if i can delete this and have it still open when i decide to use laplink id like to delete it out of the background on startup if anyone gets what im saying. i dont want to remove anything that has to do with nessasary items such as the wireless internet programs that automaticly start etc. and of course trash all the spyware/viruses you can find... thanks a... Read more

Answer:Help Please Hijackthis Log Inside

bump....anyone wanna give me some help?

16 more replies
Relevance 50.02%

Hello,

Recently my laptop has been running extremely, and I know I am infected with Spyware as my Spybot scans consistently turn up things which cannot be removed. Also, in the past few days I have had several "blue screens of death" upon boot up. Your help would be much appreciated.
Logfile of HijackThis v1.99.1
Scan saved at 2:21:39 AM, on 4/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\cisvc.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\iPod\Bin\iPodSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Progr... Read more

Answer:Please help -- HijackThis log inside

Hi airjumpman, Welcome to TSG!!

Run HJT again and put a check in the following:

O2 - BHO: poke bend show - {709B4F86-C9B4-F558-355A-AC294B4B87CB} - C:\PROGRA~1\BYTEDV~1\memohide.dll (file missing)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O4 - HKLM\..\Run: [jonmlmz] C:\WINDOWS\jonmlmz.exe
O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\system32\ap9h4qmo.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/D...e/bridge-c9.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/19303f9ae638fb...ip/RdxIE601.cab
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - http://wdownload.weatherbug.com/min...uginstaller.cab

Close all applications and browser windows before you click "fix checked".

Restart in safe mode

Open Windows Explorer. Go to Tools, Folder Options and click on the View tab. Make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files". Now click "Apply to all folders" Click "Apply" then "OK".

Delete these files:
C:\WINDOWS\jonmlmz.exe
C:\WINDOWS\system32\ap9h4qmo.exe

Navigate to the C:\Windows\Temp folder. Open the Temp folder and go to ... Read more

3 more replies
Relevance 50.02%

I just tried to instull a new anti virus trial ,but it froze.
So i restarted my pc and now it is stuffed!
I try to reinstill the anti virus but it says it is already there please remove and sart agian.But i cant find it.

Im running Windows Vista.

Heres my log
----------------
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 3:50:18 p.m., on 25/09/2007
Platform: Windows Vista (WinNT 6.00.1904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Compaq Connections\3572475\Program\Compaq Connections.exe
C:\Windows\system32\wbem\unsecapp.exe
c:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Chris Kahui\Documents\HiJackThis_v2.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xt... Read more

More replies
Relevance 50.02%

I installed IE8, and it worked for a while.

Haven't installed anything new, but suddenly whenever I launch IE8, The window opens and immediately closes, sometimes before the window even rezzes on the screen.

Uninstalled IE8, going to IE7- same thing.

Browser works in Safe Mode.

Made a new user account-- same situation. I'd thought maybe my profile was corrupt.

HiJackThis Log follows:

****************************************************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:13:13 AM, on 7/24/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal


Edit by chaslang: Inline HJT log removed. READ & RUN ME FIRST. Malware Removal Guide sticky not followed.
*************************************************

I've run Spybot, AdAware, CCleaner, Super Antispyware, found some stuff and cleaned it- mostly cookies, nothing serious- no change.

I know most would say just run Firefox. I can't do that--what I need to view doesn't view properly in FF.

Help!!
 

Answer:IE won't run- Hijackthis inside.

Welcome to Major Geeks!

Most likely not a malware problem. You appear to have multiple antivirus applications running (McAfee and Symantec) and you should NEVER do this. Uninstall all but one immediately. Also disable Spybot's Teatimer and then reboot. See how things work then.


If you wish to check for malware anyway, you need to do the below as stated in the email received when you signed up. DO NOT do any of the below unless you have already uninstall all but one antivirus and Teatimer has been disabled.

Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.

If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First. If TDSSserv is not found, just continue on with the READ & RUN ME.
TDSSserv Non-Plug & Play Driver Disable

READ & RUN ME FIRST. Malware Removal Guide

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.
After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:
If you run into problems trying to run the READ & RUN ME or any of the sc... Read more

3 more replies
Relevance 50.02%

I have been to a few different forums looking for someone to give me some help with my hjt log. So far I haven't got any replies and only a handful of looks. A friend recommended this site so I thought I'd give it a shot.
This log is after a scan of Norton '04 and Spybot S&D
Thanks in advance - Adam

Logfile of HijackThis v1.97.7
Scan saved at 11:59:56 PM, on 5/2/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Cacheman\Cacheman.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\syml... Read more

Answer:Looking for help; HiJackThis log inside

The "about:blank" issue has proved difficult and complex in some cases. But for now try this.

1 -- reboot the computer in Safe Mode:

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406

2 -- In Safe Mode run HijackThis and check and fix the following entries:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - (no file)

3 -- Still in Safe Mode, go to the Control Panel > Internet Options applet and select Programs > Reset web settings.
Reboot and post a fresh scanlog.
 

3 more replies
Relevance 50.02%

Alright, well somebody sent me a virus or my computer flipped out and it made about 45-50 pages of my internet pop up, i let it finish spazzing out then cleared them with my task manager. The original page i was on is exited out but stuck on my computer like a background, its like the page isnt even their and its really annoying to see it everytime i come on my computer. Please Help me!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:28:29 PM, on 12/22/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Techno... Read more

Answer:Please Help.(hijackthis log inside)

8 more replies
Relevance 49.2%

Logfile of HijackThis v1.96.0
Scan saved at 9:18:29 AM, on 8/10/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\Program Files\DownloadWare\dw.exe
C:\WINDOWS\System32\msbb.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\PROGRA~1\COMMON~2\Toolbar\winnet.exe
C:\Program Files\NoAds\NoAds.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\ClientMan\mscman.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\ebkrdr\mediaman.exe
C:\Program Files\ClientMan\msckin.exe
c:\program files\clientman\run\ause3.exe
C:\WINDOWS\System32\SahDownloader.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\mdm.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Inte... Read more

Answer:Help Needed HijackThis log inside

16 more replies
Relevance 49.2%

hello. i was playing this one gaming private server and the owner said that he was going to send me 2 trojans and a backdoor. he can since heknows my ip. i have ran like 5 scans so for but nuthing came up. my computer is now running slow. my friend told me to give u this and u could help. plz and ty.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:02:29 PM, on 1/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common File... Read more

Answer:PleaseHelp!(Hijackthis log inside)

Hi Welcome to TSG!!

You have two anti-virus programs running, McAfee & AVG, which will cause trouble. Uninstall one of them.
The P2P programs you have installed expose you to risks because of the nature of the P2P file sharing process. File sharing/P2P programs rely on members giving and gaining unrestricted access to computers across the P2P network. This practice can make you vulnerable to data and identity theft. It also exposes you to very malicious worms and trojans. You change those risky default settings to a safer configuration but the act of downloading files from an anonymous source greatly increases your exposure to infection.

I suggest you go to add/remove programs and remove all P2P programs!
Go to Add/Remove Programs and remove these if you did not install them.
These programs are known as Foistware
ViewpointService
Viewpoint Manager
Please download ATF Cleaner by Atribune.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Click Exit on the Main menu to close the program.


Please download Malwarebytes Anti-Malware and save it to your desktop. alternate link 1 alternate link 2
Make sure you are connected to the Internet.
Double-click on Download_mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes&... Read more

1 more replies
Relevance 49.2%

Hi there. The issue I am having is with the new version of WindowsLiveMail. It will not open. After 20 emails with MS, they tell me it is a malware problem. It works in Safe Mode but not in regular mode. I have killed all processes in regular mode, but it still doesn't work. I don't know where to start. I ran AdAware and have found nothing. My hijackthis log is below. If you have any insights, let me know. Thanks!

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 10:30:48 PM, on 8/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\No-IP\DUC20.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_... Read more

Answer:HijackThis Log Inside - Malware?

Bump. Anyone? Please.
 

2 more replies
Relevance 49.2%

So I connect to the internet, it says that a program named "Vsmon" or something has performed an illegal operation. I try to press "close" but the computer's dead. Responds to nothing. So I manually shut down and start up..try again..same thing..
after I manually shut down and start up again, I close VCatch first before I enter internet, and no problems now..I'm not sure if it is VCatch's problem? Do I need to get rid of it? (It's a Virus-Catcher)
Please check for problems:
Logfile of HijackThis v1.99.1
Scan saved at 4:02:48 PM, on 7/2/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\AIM\AIM.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\PROGRAM FILES\NETZERO\EXEC.EXE
C:\PROGRAM FILES\NETZERO\EXEC.E... Read more

Answer:Peculiar...HijackThis Log inside

12 more replies
Relevance 49.2%

Hello,

A friend having problems with IE, lots and lots of porn adds(the usual stuff), I cant seem to find a way to get rid of them . Have ran spybot and adaware.
Here's the log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:14:20, on 16.6.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

After taking the log, I tried removing IE7, it went OK. But now as soon as I open IE(6) it shuts down, prompts "save file ______"(=name of the page I'm trying to access).

Thanks
 

Answer:IE acting up, hijackthis log inside

Welcome to MajorGeeks.com!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

Read & RUN ME FIRST Before Asking for Support
 

1 more replies
Relevance 49.2%

I have been having problems with viruses and popups that I can not get to leave... Please advise on the way to remove, below is the log file. Thanks for your help.

Scan saved at 7:50:18 PM, on 7/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\DOCUME~1\Kevin\MYDOCU~1\CROSOF~1.NET\csrss.exe
C:\Program Files\Utilities\Ad aware\aawservice.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Utilities\Alcohol120\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Kevin\Desktop\HiJackThis_v2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office 2007\Office12\OUTLOOK.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/... Read more

Answer:I've been jacked... hijackthis log inside

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------
Download combofix.exe to your desktop.
Double click on combofix.exe & follow the prompts.
When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

---------------------------------------------------------------------------------------------


Open HijackThis and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here.

Please ensure that you include all the header information when posting a HijackThis Log. The header contains important information about your system critical to our review. When HijackThis o... Read more

7 more replies
Relevance 49.2%

Hi, I have a few trojans on my computer. downloader.Generic4.zqi, Generic5, Dialer.hye, and some others. Here's the hijackthis log.

Logfile of HijackThis v1.99.1
Scan saved at 1:21:06 PM, on 7/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\AIM6\aolsoftware.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HijackThis.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,... Read more

Answer:Trojan help please. Hijackthis log inside.

13 more replies
Relevance 49.2%

Logfile of HijackThis v1.99.1
Scan saved at 4:13:14 PM, on 6/18/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\SoundBlasterLive\Surround Mixer\CTSysVol.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\PC-CILLIN\PCCClient.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Parallel Tasking\ptask.exe
C:\PROGRA~1\Toolbar\TBPS.exe
C:\Program Files\Daemon Tools\daemon.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\?hkntfs.exe
C:\Program Files\cots\susr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CompuPicPro\ScsiAccess.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\PROGRA~1\Toolbar\TBPSSvc.exe
C:\PROGRA~1\Toolbar\PIB.exe
C:\Program Files\PC-CILLIN\Tmntsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\SpySheriff\SpySheriff.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Softwa... Read more

Answer:(yet another...) SpySheriff ! hijackthis log inside

read ad-aware website about item.
http://www.lavasoftresearch.com/spywareno.shtml
 

1 more replies
Relevance 49.2%

I get lots of illegal operations when I'm on AIM and I got a IEXPLORER illegal op today too. Please review my log, it's very weird, it's kinda out of order, but it's straight from the log.

Logfile of HijackThis v1.97.7
Scan saved at 11:02:56 AM, on 9/11/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\OFFICE51\SOINTGR.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\EASY KEYBOARD\EASYKEY.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE
C:\PROGRAM FILES\AIM\AIM.EXE
C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE
C:\PROGRAM FILES\NETZERO\EXEC.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explo... Read more

Answer:Please help! HijackThis Log inside(WEIRD)

13 more replies
Relevance 49.2%

Hello:I've been hijacked. I get a dialog box in the ceneter of my screen saying "Save! Repair" it say I have a game installed, which I don't. I try to kill the process in task manager it recreates a process. The process use one of 4 names.But aways one of those 4. If I try to exit w/ the exit button on the dialog box, it just repairs itself and I get more popups and this tool bar. Ad aware does not take care of it. spybot hangs on my XP machine.Any help would be appreciated as this dialog box is stuck on my desktop.Thanks,LoTechHijackthis log below:Logfile of HijackThis v1.98.1Scan saved at 7:55:57 AM, on 8/31/2004Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\PackethSvc.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\pctspk.exeC:\Program Files\WZCBDL Service\WZCBDLS.exeC:\Program Files\Compaq\Easy Access Button Support\StartEAK.exeC:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXEC:\COMPAQ\CPQINET\CPQInet.exeC:\Compaq\EAKDRV\EAUSBKBD.EXEC:&... Read more

Answer:Got Hijacked. Hijackthis log inside

Your log shows that you are seriously behind on windows updates. It is essential that you update your windows before we continue to help you as the infections could reoccur. Go to http://www.windowsupdate.com and if it asks to install software, let it. Then click on the Scan link and let it do its thing. When its done you will see on your left a section called critical updates. Click on that section and install everything that you can. When it prompts you to reboot, do so. Then repeat this process again until there are no more critical updates listed. You are using an outdated version of hijackthis. Please download the newer version.Download HijackThis from:HijackThis Download Site #1or HijackThis Download Site #2Then post a new log

9 more replies
Relevance 49.2%

I have always been careful with my computer with what to visit. But recently I went back home on vacation and well ... my little cousins managed to get a something on my computer(I think)....Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:30:58 AM, on 12/29/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\system32\AppleOSSMgr.exeC:\WINDOWS\system32\AppleTimeSrv.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Digidesign\Drivers\MMERefresh.exeC:\Program Files\Hotspot Shield\bin\openvpnas.exeC:\Program Files\Mediafour\MacDrive 7\MacDriveServiceD.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\PnkBstrA.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Webroot ... Read more

Answer:Please help me guys :< HiJackThis log inside!

DDS (Version 1.1.0) - NTFSx86 Run by TheTurk at 3:11:48.43 on Wed 12/31/2008Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2028.1364 [GMT 2:00]AV: Webroot AntiVirus with AntiSpyware *On-access scanning enabled* (Updated)FW: Webroot Internet Security Essentials *disabled*============== Running Processes ===============C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\system32\AppleOSSMgr.exeC:\WINDOWS\system32\AppleTimeSrv.exeC:\Program Files\Bonjour\mDNSResponder.exesvchost.exeC:\Program Files\Digidesign\Drivers\MMERefresh.exeC:\Program Files\Hotspot Shield\bin\openvpnas.exeC:\Program Files\Mediafour\MacDrive 7\MacDriveServiceD.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\PnkBstrA.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\WINDOWS\Explorer.EXEC:\Program Files\Webroot\WebrootSecurity\SpySweeper.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\... Read more

26 more replies
Relevance 49.2%

I ran CWShredder before i ran HijackThis, so i ran CWShredder and then i rebooted the computer. Here is the new log.

Logfile of HijackThis v1.97.7
Scan saved at 7:10:50 PM, on 6/21/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\Smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HistoryKill\histkill.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\HistoryKill\hkPopupKiller.exe
C:\My Shared Folder\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\DOCUME~1\robert\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\robert\LOCALS~1\Temp... Read more

Answer:CoolWebSearch, please help me-Hijackthis log inside

6 more replies
Relevance 49.2%

Hello, I have been getting pop ups for awhile now. Running ad-aware I find that something named virtuemonde or something similar is always detected, but if I delete it it comes back next time. I know from reading on the internet that this item is connected to spyware or popups.

Also in my report you will see something for logitech desktop messenger over and over. I kept on getting errors every time I would boot up my computer. I uninstalled the desktop messenger and it still shows up on my hijackthis report.

I don't use Norton anymore and I tried to uninstall/delete all symantec products but as you can see some are still on my computer I guess.

Any other things that need to be cleared up would also be appreciated, THANKS!



Logfile of HijackThis v1.99.1
Scan saved at 11:34:19 AM, on 7/29/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\AlienAutopsy\TEK... Read more

Answer:Pop ups, Hijackthis report inside

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before begining the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------


Please download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it.
Put a check next to Run VundoFix as a task.
You will receive a message saying vundofix will close and re-open in a minute or less. Click OK
When VundoFix re-opens, click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.
Please post the contents of C:\vundofix.txt at the end of this fix.
----------------------... Read more

8 more replies
Relevance 49.2%

Hello ,please can someone check if i have any problums?

I have been downloading stuff from rapidshare and megaupload and many other sites.
When i download i get speeds of around 100 KBs.

But in the last 2 days im not even getting 10KBs.Is there something wrong here.

I have Windows Vista and broadband (jetstream)

Thanks a lot to who ever may help.

Logfile of HijackThis v1.99.1
Scan saved at 11:50:31 a.m., on 15/11/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Compaq Connections\3572475\Program\Compaq Connections.exe
C:\Windows\system32\wbem\unsecapp.exe
c:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Grisoft\AVG7\avgwb.dat
C:\Users\Chris Kahui\Videos\Magic\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkI... Read more

More replies
Relevance 49.2%

Thanks for your help and time in advance!!!
I have been reading your forums and have downloaded and installed the hijackthis program.

I have norton antivirus installed and it does a scan of out going and incoming email and it keeps saying it is scanning outgoing email and I dont even have outlook running. What's this mean? I suspect I have some thing going on in the background some program or something.

I have run:
AdAware 6.0 with current definitions
Webroot Spy Sweeper with current definitions
The Cleaner with current definitions
Norton AV with current definitions
Trend Micro PCcillin with current definitions

All of these came up empty or saying there were no problems.

Here is my hijackthis log file:

StartupList report, 6/9/2004, 12:12:13 PM
StartupList version: 1.52
Started from : C:\Documents and Settings\Owner\Desktop\HijackThis.EXE
Detected: Windows XP SP1 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WIND... Read more

Answer:Noob help please - HijackThis log inside - can you help me?

::bump::
 

2 more replies
Relevance 49.2%

I get an error message saying "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator." whenever I right-click on my desktop or click on my clock and my control panel disappeared. This started happening a month ago but I sought no help to fix it seeing as I did not need to change anything at the time. Now it has become a burden and I found this website by researching on Google.

Norton Anti Virus also found 6 High-Risk Trojan virus's when I did a scan in Safe Mode. Supposedly they've been deleted or quarantined for now.

Below is my hijackthis log. Help is appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:47:14 PM, on 1/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.e... Read more

Answer:Possible Malware? Hijackthis Log Inside!

bump
 

3 more replies
Relevance 49.2%

My computer has been pretty slow lately, and when I reboot I find that automatic updates has been switched off everytime. Also when i'm on msn i'll send random messages to people when I havent typed them. Any help is appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:15:59, on 27/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\tydytyb.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files... Read more

Answer:I think I have a virus =[ (Hijackthis log inside)

Hello and Welcome to TSF.

The machine would appear to be, or have been, infected, however...

We no longer use HijackThis as our initial analysis tool. It is not detailed enough for today's infections.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 49.2%

Logfile of HijackThis v1.97.7
Scan saved at 5:23:34 PM, on 5/22/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\AzhGa.exe
C:\WINDOWS\System32\Uellw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ryan Hart\My Documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.iquicksearch.net/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\System32\SearchBar.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.iquicksearch.net/search.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.iquicksearch.net/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.iquicksearch.net/search.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://store.presario.net/scripts/redirectors/presario/storeredir2.dll?s=consumerfav&c=2c02&lc=0409
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yaho... Read more

Answer:Please help w/ my spyware (HijackThis log inside)

6 more replies
Relevance 49.2%

I was on my laptop today and little error windows was popping up with text that looked like someone was seeing what I was doing and making comments on what I did so I downloaded Hijackthis and got a log but have no idea what to do, can someone help me out? Here is the log.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 4:37:14 PM, on 7/24/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18928)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Windows Media Player\wmplayer.exeC:\Windows\ehome\ehmsas.exeC:\Windows\explorer.exeC:\Program Files\Apoint\ApMsgFwd.exeC:\Program Files\Apoint\Apntex.exeC:\Program Files\Common Files\Teleca Shared\Generic.exeC:\Program Files\Common Files\Teleca Shared\logger.exeC:\Program Files\Common Files\Teleca Shared\CapabilityManager.exeC:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exeC:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exeC:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exeC:\... Read more

Answer:Need help with problem, Hijackthis Log inside.

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until ... Read more

2 more replies
Relevance 48.79%

I recently got a msn virus on my laptop, it keeps sending rar files to all the people on my list after ive been signed in a bit.

Any help would be appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:30:13 PM, on 21/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Prog... Read more

Answer:Solved: Msn Virus - HijackThis log inside

10 more replies