Over 1 million tech questions and answers.

Newbe, kindly requests a look over, thanks

Q: Newbe, kindly requests a look over, thanks

I don't know if I have a malware problem or not. I know enough to know that I don't know enough about hijackthis. So, if someone with the knowledge will take a look at the hijackthis file below and let me know what I should do, It will be much appreciated.

Thanks in advance,

karic123

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:16:39 PM, on 2/18/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: ALPassHelper Class - {00533B73-E574-46E9-B06A-FDF4592E67CB} - C:\Program Files\ESTsoft\ALPass\ApsHelper14.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ALPass - {572E3910-4764-4E88-8929-176B2B192FF7} - C:\Program Files\ESTsoft\ALPass\ALPass.exe
O9 - Extra 'Tools' menuitem: ALPass - {572E3910-4764-4E88-8929-176B2B192FF7} - C:\Program Files\ESTsoft\ALPass\ALPass.exe
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (file missing)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O13 - Gopher Prefix:
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RelevantKnowledge - RelevantKnowledge - C:\Windows\system32\rlservice.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 7042 bytes

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Newbe, kindly requests a look over, thanks

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

RELEVANCY SCORE 44.4

I had tried to post this question earlier but really don't know where it or I belong on this site. Could someone lead me in the right direction? My previous question was as follows:

Since my purchase of this hp pavilion, I have had this problem on and off. When I try to install software I have downloaded or have the cd for i get the following message. "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." If I use the trick of changing the name of the .exe file to notepad I can sometimes get the program to install but most times not. I have virus checked with Avast, Malware bytes, and adaware. All say I dont have a virus.

A:Newbe needs help

When you're running the installation, instead of double clicking icon, right click on it and choose "run as administrator". Try that out and let us know how it works out.

Read other 8 answers
RELEVANCY SCORE 44.4

hi im new to customization
and gettting grazy i want to chance the taskbar with an image ican do that with
vista style bulder but it looks not good because the ico thats on the bar gets in the picture
and second how can i chance the background from the start button and the richt of the taskbar

of has someone tips 4 me to use other programs??

obelix

A:newbe needs help

ive tryed unlock the taskbar but it didnt work
help please

Read other 1 answers
RELEVANCY SCORE 44.4

here is a log i am a running slow Logfile of HijackThis v1.98.2Scan saved at 12:49:27 PM, on 9/7/2004Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Sony\HotK... Read more

A:newbe here

2 questions:

Are you on a work network?
Is that the whole log from HJT?

Read other 5 answers
RELEVANCY SCORE 44.4

WOW I was reading some responses from people, and you guy`s are far, far, above my computer knowledge.
My problem is that I bought a computer from a store that was going out of business. This computer is a Dell, running Microsoft Windows Professional Version 2002 Service Pack 2
76487-OEM-0011903-00102 Dell Optiplex GX280 Intel(R) 279 GHz. 504MB of Ram
It is a fairly new computer. What my problem is that I have NO windows XP CD, I have NO BOOT DISK with password, and I have NO Administrator Password, or any other for that matter. This computer was part of a work group labled WORKSTATION2. I can access the computer, because they locked in the users password, I can change that password to anything I want, BUT I cannot use any programs, because it tells me I am not the administrator, I cannot download any thing at all from the net, because it tells me I am not the administrator, I can access my web mail with outlook express, but thats all, I tried to go to bios and clear all passwords out, and that worked, But i still cannot access any programs, or downloads, because it says that the administrators password is part of Windows and cannot be accessed or deleted.if I can`t remove the password can you tell me how to Format, uninstall, delete, or just completly clear my hard drive, I would be very, very, grateful!!
 

A:Hi All, Newbe that needs help!!

Read other 8 answers
RELEVANCY SCORE 44.4

Hey, guys as most of you rpobly know i'm only 14, and juss started as a freshmen this year in h.s they gave us tablit p.c's and i have comcast at home for my computer in my room. I know i can hook up a wireless connection in my house but don't know wht i would need? Or what i would need to do? it would only be 2 computers maybe 3 includeing my perants but i doubt it, cuz there running 98, and the other 2 are running windows xp home for desktop and windows tablit pc editon for lab top. I would like to setup a network with the 2 xp computers could some please tall me how or give me a website thank you!
 

A:Newbe..PLease help..

cnelson04 said:

Hey, guys as most of you rpobly know i'm only 14, and juss started as a freshmen this year in h.s they gave us tablit p.c's and i have comcast at home for my computer in my room. I know i can hook up a wireless connection in my house but don't know wht i would need? Or what i would need to do? it would only be 2 computers maybe 3 includeing my perants but i doubt it, cuz there running 98, and the other 2 are running windows xp home for desktop and windows tablit pc editon for lab top. I would like to setup a network with the 2 xp computers could some please tall me how or give me a website thank you! Click to expand...

All you would need is a wireless router and a wireless adapter(we use a Lynksis). Unplug your ethernet cable from the back of the pc that has the cable modem on it and connect it to the routers ethetnet port. Then from port #2 connect a cable back to the pc you just removed from. You will need to connect the wireless adapter via a USB port on the other pc. Run the newtwork setup wizard. Hope this helps
 

Read other 2 answers
RELEVANCY SCORE 44.4

Hi AllI posted the other one by mistake, sorry.I am helping a girl friend with her PC and have run Norton, spy-bot and adaware6. This got rid of a lot of junk. The PC runs fine and will log onto the internet but can't find any web pages. It just comes back with, the page can't be found. I loaded firefox thinking it might be IE but that came up with the same thing. Could use what ever help you can give.thanksgregwcLogfile of HijackThis v1.99.1Scan saved at 5:45:21 PM, on 8/10/2005Platform: Windows ME (Win9x 4.90.3000)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\SYSTEM\KERNEL32.DLLC:\WINDOWS\SYSTEM\MSGSRV32.EXEC:\WINDOWS\SYSTEM\SPOOL32.EXEC:\WINDOWS\SYSTEM\MPREXE.EXEC:\WINDOWS\SYSTEM\MSTASK.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXEC:\PROGRAM FILES\NORTON ANTIVIRUS\IWP\NPFMNTOR.EXEC:\WINDOWS\SYSTEM\mmtask.tskC:\WINDOWS\EXPLORER.EXEC:\WINDOWS\SYSTEM\SYSTRAY.EXEC:\PROGRAM FILES\LAN-EXPRESS\LANEXPRESS_11B\UTILITY\WLANUTIL.EXEC:\WINDOWS\SYSTEM\WMIEXE.EXEC:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXEC:\WINDOWS\LOGI_MWX.EXEC:\WINDOWS\SYSTEM\HIDSERV.EXEC:\PROGRAM FILES\COMMON FILES\SYMANTEC ... Read more

A:Very much a newbe HJT log

Hey there.First, please o to your Add/Remove Programs and unstall these if they are present:TV MEDIAWeatherBugNow run HiJackThis and fix these:R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://rd.yahoo.com/customize/ymsgr/defaul...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://rd.yahoo.com/customize/ymsgr/defaul...//www.yahoo.comR1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blankR3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\PROGRAM FILES\TV MEDIA\TVMBHO.DLLO2 - BHO: (no name) - {55F66D60-9ADB-032C-2364-826D7D976A31} - C:\WINDOWS\Lyxncitd.dll (file missing)O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\SYSTEM\NVMS.DLLO2 - BHO: PynixObj Class - {00000000-DD60-0064-6EC2-6E0100000000} - C:\WINDOWS\PYNIX.DLLO2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\CFGMGR52.DLLO3 - Toolbar: Search - {D1889976-B68D-CAA1-7261-313AB0ECEE92} - C:\WINDOWS\Lyxncitd.dll (file missing)O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\CFGMGR52.DLL,DllRunO9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00... Read more

Read other 3 answers
RELEVANCY SCORE 43.6

HI! I have a genericdownloader.g on my cpu also the cmd box pops up and starts typing on its own pinging various sites, mspaint and note pad also pop up and do macro type operations?? can any one help plz?

I ran Hijack heres my log.

Logfile of HijackThis v1.99.1
Scan saved at 6:15:47 PM, on 11/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\aol\ACS\acsd.exe
C:\WINDOWS\system32\cisvc.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkU... Read more

A:Solved: newbe needs help

Read other 11 answers
RELEVANCY SCORE 43.6

Hello All...just wondering if any of you have recommendations for me regarding my upcoming W7 Home Premium clean install for my Home PC? (see my profie for PC specs)

I will be upgrading from vista Home Premium (i have the upgrade version of W7)

I have the clean install tutorials from this site and will be backing up my data to the external drive as well as on DVD. Is there anything else I need to do to prep my system? i.e. first disconnect my card reader, printer..etc.

Thanks in advance!

A:Advice for Newbe

Hi, I was just like you just 2 weeks ago, fairly new at new OS and such but I really wanted Win 7, and took a chance and was glad I did. It went as smooth as silk.

This is what I did. On the day of the install, I used Windows Easy transfer to transfer all my settings etc to the new install. I made sure that I had my copies of the DVD's for all my programs and the key number, if applicable. Put the DVD into the drive. Instructions are real simple. When you get to the question clean install or upgrade, select clean install. When Asked for your key number do not give it. When you are done, use your computer for a while, you have 30 days. You can then remove the windows.old file. This file saves your old system's files. So that you can restore any documents etc that got lost somewhere. When you are satisfied activate with your pin. At this point after activation, use system image to make a copy of your system. The installation is really easy, trust me. If you run into a problem, your old OS should be reinstalled. Finally, enjoy.

Read other 9 answers
RELEVANCY SCORE 43.6

windows 7 HP laptop 64bit quad core, came with IE9 installed.
First off IE9 is not compatible with Chase banking, could not log on and called Chase tech and was advised of above and to use Firefox!!!!
Second, apparently an update i installed (according to a techie i know) mucked up IE9 runs slow as dial-up now. i did everything, scan with bit-defender, run C Cleaner, defragment, uninstalled the last update i did, re-boot and nothing worked. Firefox works fine......
Anyone have smiler issues?
 

A:newbe here...IE9 issue

Read other 7 answers
RELEVANCY SCORE 43.6

Any Help would be GREAT.

Thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:11:30 PM, on 10/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
d:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ResChanger 2005\ResChanger2005.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program F... Read more

A:[SOLVED] Newbe w/Log

Hello and Welcome. Apologies for any delay in replying, but we have been rather busy lately.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Since it has been a few days since you first posted, please do this:

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
Please attach extra.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.

What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. D... Read more

Read other 19 answers
RELEVANCY SCORE 43.6

I apologize if this is in the wrong area.

How would I search for files/folders in XP by only the size?
Say i want to find all files that are one GIG or more?

I vagly remember some DOS, *.* etc..
if dir *txt*.* finds all txt files how would I do size?

Or better yet is there a way to do the search in the search window? I didn't see it.

Thanks
 

A:newbe xp question

Read other 8 answers
RELEVANCY SCORE 43.6

1st off, I am glad to be here. I can use the help!I am doing a 5 step process at "tech support forums" http://www.techsupportforum.com/security-c...osting-log.htmlit seems prettty in-depth.If U have ever use IE-spyad you get to a point where you can load the Restricted Sites file to your registry or some other place which isnt mentioned. windows system 32? I dont know. but which is better?And there is a IE-spyad2 out. But I just stayed with what they had in the tutorial. will probrbly end up switching them.thanks for any helpModerator Edit: Moved topic to the more appropriate forum. ~ Animal

A:Newbe Needs Help With Ie-spyad

I don't have an answer for you, but since this is Tech Support Forum's instructions, I would recommend that you ask your question on that forum.

Good luck!

Read other 1 answers
RELEVANCY SCORE 43.6

I am not a genius here if someone could just let me know if anything on this log should NOT be there and I need to get rid of it that would be most helpful. I am intelligent enough to look up stuff on the internet when it comes to removing things however the last time I did not ask for help and screwed up my PC.Right here we go:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 22:50:26, on 10/19/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\svchost.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\PROGRA~1\AVG\AVG8\avgnsx.exeC:\Program Files\AVG\AVG8\avgcsrvx.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\AVG\AVG8\avgtray.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Microsoft ActiveSync\WCESCOMM.EXEC:\Document... Read more

A:Newbe needs help with slow PC

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 43.2

After some years away from building I finally built a new box.
In need of help Installing win 7/64 on SSD and linking HDD for larger Programs.
Have read that some use robocopy to link drives to each other.
does anyone have a post on how I can get this done ?
My main reason for this is to keep all the storage of larger files on the large HDD.

Thanks to all in advance..

A:Newbe? New build Need help to set up SSD And storage HDD.

hi hardwire... welcome to the windows 7 forums.

install the OS on your SSD (NICE!!) and see how much space you have. can i ask the capacity of the SSD? windows 7 usually takes 20gb.

i run my os on my desktop and load all my games etc to the second HDD.

all you need to do is point the file installation in the direction of the HDD when installing your programs. I dont' think theres any need to link them up.

as long as your computer knows where to look it shouldnt be an issue?

both drives will show under my computer if installed correctly using SATA connections.

Read other 3 answers
RELEVANCY SCORE 43.2

I feel a bit silly asking this question, but I am just starting to use Live Mail and do not know my e-mail address for it.
How will I find it?

jack

A:Newbe Live Mail

To use live mail, you must have an email account. Its the one that you use everyday, but it must have POP3 as an option.
Your address is the same as your regular email account. Live mail, just brings the mail to yiour hard drive. It is not email.

Read other 3 answers
RELEVANCY SCORE 43.2

First...you guys rock..clean install tutorials and all the advice worked great. Wow, my computer speed sure went up and my RAM usage gauge dropped even with the programs re-installed. (guess I had a lot of stuff running in the backgroud)

Having some trouble with sharing documents between computers. I see my laptop when looking at my home network..but when I click on the laptop icon it prompts me for my computer name and password. I am assuming that they are looking for my desktop computer name and password. However, it won't accept this as an entry.

Do I need to re- authorize my desktop computer on my vista laptop machine? Any advice as how best I do this? please let me know..

again...can't thank everyone enough

A:Newbe W7 Upgrade Results

ckmerc, I beleive you are trying to connect via a workgroup, right? You need to make sure the disk you want to access is shared and that you are going thorugh your firewall (disable it and try, see if it connects). You also have to make sure you are in the same workgroup.

Read other 9 answers
RELEVANCY SCORE 43.2

System info: Amd athlon 1500+ 1.34Ghz Win2000 5.00.295 60gHDD 384DDrRam Audigdy Sound Card Gamer
Gefroce 256 DDr

I Was playing my new game of Medal of honor assult when it lockup on the shores of normandy...i controld and alt delte, ended game it wasn't responding...so after the comp settled down..i restarted windows...that was the last time i had been able to use my cd-rom drives all together.
When i click on 'My computer' on desktop it only shows C-drive and control panel and floppy.
When i go to Hardware manager it shows them as_ This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)_

I'm In a pickel..can't find drivers for them to use online..can not reinstall window2k..

Please and Thank Yous

 

A:A Newbe Cd-Roms No-Show...

What kind of drivers are you looking for.. Any of these
 

Read other 3 answers
RELEVANCY SCORE 43.2

fter having issues with my windows update for a few weeks i have began to investigate as ive dbaned the harddrive and also freshly installed windows 7 home premium. im after help ive had all sorts of codes recently and it appears every time i fix one another pops up. currently its 80070246. minitoolbox added.
 
Exerpt from MTB:
Ran by laptop (administrator) on 18-08-2015 at 21:50:28
Running from "C:\Users\laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NX3AEC7M"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: Aspire 5741 Manufacturer: Acer
Boot Mode: Normal
***************************************************************************
Application errors:
==================
Error: (08/18/2015 09:23:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/18/2015 09:16:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/18/2015 08:57:14 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (840) SUS20ClientDataStore: The database page read from the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 59801600 (0x0000000003908000) (database page wuaueng.dll0) for 32768 ... Read more

A:help me please im screwed (laptop newbe)

after a malware scan i believe it to be the software i used to activate windows code with as i have only got a factory written code which wouldnt be accepted and didnt know any other way to do it.

Read other 2 answers
RELEVANCY SCORE 43.2

Sorry, this is all new to me. I'd rather dropkick electronics. Please fix my computer

Read other answers
RELEVANCY SCORE 42.8

Very new to macro vbs. Need to solve a problem, not become an expert.

Wish to search a second excel data table and find line where 2 cell values are equal to 2 cell values in first tables line and then copy the 3:d value in table 2 to table 1 line (1 line table 1 search all lines in table 2, then 2 line table 1 search all lines in table 2 etc.)

Table 1 is a set of deliveries from-to, table 2 distance table with the distance between from and to. Data tables can during run be copied in same spreadsheet (different columns)

Tryed this (for value in columns p-u), did not compile due to errors in code:

Sub loop1()
Dim I As Integer
Dim J As Integer
For I = 1 To 10
For J = 1 To 10
If Cells(x, 16).Value Like Cells(y, 19).Value And Cells(x, 17).Value Like Cells(y, 20).Value Then Cells(y, 21).Copy Cells(x, 18).Paste
Next
Next
End Sub

Thankful for any help
 

A:Newbe need excel search and copy value

Read other 9 answers
RELEVANCY SCORE 42.8

Thanks for the invitation to tell something of myself and for welcoming a Yank into your forum. At least I do have roots in England. My mother was born in Walthamstow in the late 1890?s to the Cullum family who later immigrated to Canada then the US. I am also a descendent of Nickolas Snow who sailed to New England 3 years after the Mayflower in the 1600?s. I am retired from a family retail business where I started computerizing the operation with first NCR magnetic ledger cards, then online terminals to data center where I learned to program in assembler and machine language and finally with first a mini-computer followed by several PC based systems I started using a business basic application to develop a POS (point of sale) and Inventory Control system. I am now retired. For my own use I have used a PC starting with Windows 95 to 98 and XP. Now to my reason for joining this forum:

In November I called Dell to order a Laptop that could replace both my Massachusetts and Arizona desktops and the problem of moving files back and forth. I asked for one that would also be excellent for gaming and would run XP. They said XP was no longer an option but that Dell have a very stable problem free version of Vista Home Premium. If I had problems I could call Dell Support. Both of these things were lies. So far Vista has given me more problems than I have ever had with any other system and I found that the Dell support was for hardware only. Any software help was limited to the suppo... Read more

A:A Newbe's initial Post and first questions

I ordered a Dell laptop with Vista64 in November also and had major system stability problems for the first three weeks. It was always crashing and trying to fix itself. The computer has been running very well lately. It seems whenever there is an update it would crash my laptop so I have turned of automatic updates and update manually now.

I was having similar problems with 64 bit Explorer. I've loaded 32 bit Firefox and have been running it problem free.

I am happy with my laptop now but I did not get off to a very good start with it. I place the blame with both Microsoft and Dell. Microsoft for the operating system, and Dell for telling me will work just fine.

This forum has been very helpful for me in solving many of my problems and I'm sure it will do the same for you.

Read other 2 answers
RELEVANCY SCORE 42.8

I have ran Malwarebyte and it found various malware on my laptop, I deleted them but they seem to keep coming back, here,s my log:

Malwarebytes' Anti-Malware 1.31
Database version: 1500
Windows 5.1.2600 Service Pack 3

2008-12-14 13:35:09
mbam-log-2008-12-14 (13-35-09).txt

Scan type: Quick Scan
Objects scanned: 54218
Time elapsed: 7 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 4
Registry Keys Infected: 21
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 2
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\SYSTEM32\idekbtna.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\tuvWonLD.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\iiffEtts.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\iinmulnc.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iiffetts (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
HKEY... Read more

Read other answers
RELEVANCY SCORE 42.8

hello thankyou for this site. i have been familure with here for awhile and finally joined. i have been fighting malware sites for years, but now cant trust any help, free or buy. i have been bombarded with bundle crap and pc  is getting worse with ad,s and slower. this all started when trying to remove tribalfusion, adchoices, torntv v6.0 and whitecloud to no avail. cannot remove the from control panel remove programs or they come back. IT IS DRIVING ME BONKERS! i tried help herdprotect and adwcleaner to some help, but not the previous crap listed. is there any one trusted way to remove these? i have a 1 year old samsung, just updated to win 8.1. please help with you smart guy's or gals would be greatly felt. anything to complicated is above my fried brain. thank you, PAPAHOGEdit: Moved topic from Windows 8 to the more appropriate forum. ~ Animal

A:newbe with old problems, walware etc, worse

Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.Note: When using "Reset FF Proxy Settings" option Firefox should be closed. Download TDSSKiller and save it to your desktop.Extract (unzip) its contents to your desktop.Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here....ADW CleanerPlease download AdwCleaner by Xplode and save to your Desktop.Double click on AdwCleaner.exe to run the toolClick on the Scan button.AdwCleaner will begin to scan your comp... Read more

Read other 3 answers
RELEVANCY SCORE 42.8

I have a Toshiba laptop that has three partitions on my C drive. One for my os & data and then another 2 Gig and a 11 gig one. Now I deleted the content of the 2 & 11G partitions when I did the clean install of the new w7 OS.

but both the 11 & 2 gig partitions still remain as "unallocated" when I look in my drive management tool in w7? (darn manufacturers)

- Can I get rid of these and allow them to be combined with my main OS partition?
- If so how? and is it harmful to my system to do so?

Thanks in advance

A:Newbe clean install successful but..

just tried deleting my extra two partitions with partition wizard..but when I select the unallocated partitions..the delete option is grey and I can't click. any ideas? FYI the partitions are 0 bits..I deleted the data when I did the clean install.

Read other 3 answers
RELEVANCY SCORE 42.8

Please help me if you can.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:10:25 PM, on 12/6/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\svchost.exeC:\WINNT\system32\spoolsv.exeC:\Program Files\Avira\AntiVir Desktop\sched.exeC:\Program Files\Avira\AntiVir Desktop\avguard.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINNT\System32\NMSSvc.exeC:\WINNT\TPPALDR.EXEC:\Program Files\Avira\AntiVir Desktop\avgnt.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeC:\WINNT\system32\ctfmon.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\Common Files... Read more

A:Newbe..super slow computer Please help

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No inp... Read more

Read other 2 answers
RELEVANCY SCORE 42.8

Please let me know if I have missed something regarding the clean install of my W7 upgrade version by way of the steps below (Vista Home Premuim to W7 HP)

1. Back up all my data to my external HD & Disk. (Done)

2. Review and document all programs currently on the PC for re-install
(Done)

3. Run Windows 7 upgrade advisor (though I have a relatively fast system)
(pending)

4. Deauthorize my Itunes stuff on this computer.


5. Run Windows Easy Transfer (use the version on my W7 DVD )transfering all data files and setup stuff to my External HD as well
6. Disconnect all USB Cables from my computer add ons (printer, card
reader)

? do I need to disconnect my SATA cable from my External HD as well?

7. Install W7 disk in the DVD drive and shut down computer...follow the various Clean install/upgrade tutorial from this site to install W7.

8. Reinstall my settings and data from my external HD using W7 Windows
Easy Transfer

9. Reinstall my programs...

A:Newbe Install Steps Review

I think you have a pretty good handle on it. I didn't do step 4 because I don't use I-Tunes. I didn't do steps 5 or 8 because I had done step 1 and then manually restored my data. If any of your programs are downloads (rather than on DVD or CD), you should plan on revisiting their web sites and getting the most recent download that is compatible with Windows 7. Immediately after the install finishes, make sure you have all critical and important Windows updates installed and then do your antivirus and antispyware programs. Consider your partitioning scheme before you start--if you don't want to make any changes in it, then just dive in.

I left my USB printer plugged in and off and had no issues, but yes, it can't hurt to disconnect all of your external stuff. I can't see any reason to leave the external drive plugged in.

A lot of people make an image of the new Windows 7 install immediately after the installation finishes. Some would advise you to make a final image of Vista before beginning the Windows 7 install.

Read other 9 answers
RELEVANCY SCORE 42.4

hi guys im new to the open office power point but i have made a few power point files and i have found the weay to make the power points into PDF files but i would like to know is there any programs that will convert them into .EXE files would like to send them to friends, co-workers, and family so any help with this would be great

thanks tondowg
 

A:newbe help!!!!! open office power point to .EXE

Read other 9 answers
RELEVANCY SCORE 42.4

hi guys im new to the open office power point but i have made a few power point files and i have found the weay to make the power points into PDF files but i would like to know is there any programs that will convert them into .EXE files would like to send them to friends, co-workers, and family so any help with this would be great

thanks tondowg
 

Read other answers
RELEVANCY SCORE 42.4

  Hey guys I am trying something new today by posting to y'all. first off I spend a lot of time working on fixing this computer after my husband a few hours on,  then hands it to me and says something's wrong...here fix it...  . Not knowing much about software I spend a lot of time in ur forums.  and have learned so much.
 
This is now something I need ur help with! over the past few weeks I have seen many FBI browser locks happening, malicious software blocked, tracking cookies blocked, but I am still not convinced that the laptop is completely free of PUP's, Malware, Spyware, viruses, etc.
because today when he handed it to me that darn conduit hijacker was back this time with a vengeance!! This time bringing 10 new extensions to my browser and speed analyzer, pc performer,  and mpc backup! I asked him what he was trying to install he said DIVX so he could watch something that wouldn't play in the windows media player....  what can ya expect from a 50 yr old caveman that never touched a computer til 2011? huh?
 
I have "Norton Anti Virus Online" with windows firewall. few months back had avast. Then, before that when McAfee was running from the law my virus program was his and the virus program crashed and got a virus which I thought was rather strange.
Ever since then I have not been able to go into any of my DOCX
also I don't know if it is related not, but my "t" and "y" on my keyboard hasn't worked since then either.(on ... Read more

A:Newbe to forum has a boat load of issues!!!

Hello NoNameWonder and Welcome - First a few logs to look at your system, and then a few basic clean-ups to start with.In this area Copy and Paste is needed for most logs, so tell me if you have a problem with this. Also you can add the replies to each item one at a time if that is easier for you.If you have any questions please ask them a we go along ........ Download Security Check by Screen317* Save it to your Desktop.* Double-click SecurityCheck.exe* Follow the onscreen instructions inside the black box.* A Notepad document should open automatically called checkup.txt; please post the contents of that document.Note: If any security program requests permission to access the Internet, allow it to do so.  Download MiniToolBox, Save it to your desktop and run it.Close any Firefox browsers you may have openCheckmark the following boxes:•Flush DNS•Report IE Proxy Settings•Reset IE Proxy Settings•Report FF Proxy Settings•Reset FF Proxy Settings•List content of Hosts•List IP configuration•List last 10 Event Viewer log•List Installed Programs•List Users, Partitions and Memory size.•List Minidump Files Click Go and copy / paste the result (Result.txt).Close any Firefox browsers you may have open while you reset FF Proxy Settings  Please download Malwarebytes Anti-Malware Free (aka MBAM)* Double-click MBAM -setup.exe and follow the prompts to install the program.NOTE - Do n... Read more

Read other 19 answers
RELEVANCY SCORE 41.6

I have a dell Dimension 4600, My computer guy told me to install a new video card to my computer b/c no images would come up ( my computer screen still works). So I have this Nvidia geforce 6200 agp I'm trying to put in with a computer that has intergrated video on it. Need help please!!!!!!!!!
 

A:Newbe needs help installing video card to dell dimension 4600

Install the card in the empty AGP slot.

http://support.dell.com/support/edocs/systems/dim4600/en/4600i/sm/parts.htm#1140565

Your Service manual for that Model of Dell
http://support.dell.com/support/edocs/systems/dim4600/en/4600i/sm/index.htm

.
 

Read other 1 answers
RELEVANCY SCORE 39.6

My OS is Windows XP. I keep getting a Win Min message when I try to shut down. Can someone please help me?

Logfile of HijackThis v1.98.2
Scan saved at 12:11:42 AM, on 9/21/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\zhelp.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\WINDOWS\wanmpsvc.... Read more

Read other answers
RELEVANCY SCORE 39.6

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD Turion(tm) II P540 Dual-Core Processor, AMD64 Family 16 Model 6 Stepping 3
Processor Count: 2
RAM: 3834 Mb
Graphics Card: ATI Mobility Radeon HD 4200 Series, 256 Mb
Hard Drives: C: Total - 465137 MB, Free - 382803 MB;
Motherboard: AMD Corp., Guam
Antivirus: Norton Internet Security, Updated and Enabled

pls i use windows 7. for some months now i have been receiving a warning message of 'high disk usage'. currently, however, my system is just hanging every now and then that i am unable to do anything. i don't know what the problem is, and i would be glad if i received help from you.

thanks.

ibaje
 

A:kindly help me, pls

What is the verbatim error message, in its entirety?
 

Read other 1 answers
RELEVANCY SCORE 39.6

Hi all, need a great help here to remove the spyware in my pc.. Followed the instructions, had done a scan using AdWare SE and found abt 94 threats! omg.. symptoms of problem: auto pop-up of a search-result in every few min, and everytime i try to uninstall the EliteToolbar, it comes back every time the pc starts.

Would appreciate it if someone could kindly help..Thanks alot!

Log was analyzed using HijackThis Analyzer - Updated on 12/6/04
Get updates at http://www.greyknight17.com/download.htm#programs

Logfile of HijackThis v1.98.2
Scan saved at 11:15:51 PM, on 12/13/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\ADVTOOLS\NPROTECT.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\COMMON FILES\NOKIA\TOOLS\NCLTRAY.EXE
C:\WINDOWS\SYSTEM\KALVWRC32.EXE
C:\PROGRAM FILES\SPYWARE DOCTOR\SPYDOCTOR.EXE
C:\PROGRAM FILES\COMMON FILES\PCSUITE\SERVICES\SERVICELAYER.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\DOWNLOADS\HIJACKTHIS.EXE

R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRAM FILES\ICQTOOLBAR\TOOLBAR.DLL
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version ... Read more

A:HJT Log.. Please kindly help..

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled.

Go to Start->Settings->Control Panel and double-click on the System icon. On the Performance tab click File System. Click the Troubleshooting tab, and then check Disable System Restore. Click OK. Click Yes when you are prompted to restart Windows. When we have confirmed that your log file is clean, you may enable System Restore again by following the same steps as above except you should uncheck Disable System Restore. Reboot your PC and proceed from here.

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there. Download CleanUp! (Alternate Link if main link don't work) and install it. Run CleanUp! and click on CleanUp! button. When it asks you if you want to logoff, click on Yes.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to de... Read more

Read other 6 answers
RELEVANCY SCORE 39.6

My mistake cus got tempted by cute msn emoticon - downloaded and installed unrecognised *.exe from unreputable website :3crying:

Please help to check this out.
Can you see anything suspicious?

Logfile of HijackThis v1.99.1
Scan saved at 8:11:58 PM, on 9/11/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre... Read more

A:Kindly help ;o;

Have HijackThis fix these:

O16 - DPF: {24311111-1111-1121-1111-111191113457} -
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {33331111-1111-1111-1111-611111193457} -
O16 - DPF: {33331111-1111-1111-1111-611111193458} -


Then, perform an online scan with Internet Explorer with Panda ActiveScan Click Scan your PC & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
Click Scan Now
Enter your e-mail address & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer If it finds any malware, it will offer you a report.
Click on see report. Then click Save report
Post the contents of the report in your next reply along with a fresh copy of HJT log

*You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
*Turn off the real time scanner of any existing antivirus program while performing the online scan

Read other 1 answers
RELEVANCY SCORE 39.6

Here's the content of my log file, kindly help me... thanks!

Logfile of HijackThis v1.98.2
Scan saved at 9:51:57 AM, on 10/13/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\xampp\apache\bin\Apache.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\xampp\mysql\bin\mysqld-nt.exe
D:\xampp\apache\bin\Apache.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\servicelog.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\system\lassa.exe
C:\Program Files\Windows SyncroAd\SyncroAd.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows SyncroAd\WinSync.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\HJT\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\Acti... Read more

A:Kindly Help Me...

Hi
Make sure you have already run Adaware, Spybot S & D(check for updates) and CWShredder as these will do a preliminary clean first.

Then....
If running XP turn off your System Restore. See Here.Reinstate it when your log is cleaned.Now close your browser window and run hjt in safe mode... How To Run Safemode and fix the items listed.Uninstall any folders that I have highlighted likewise,remove the highlighted files from your hard drive, as well as fixing all the items from the log. Make sure to have your system set to show hidden files and folders.. How To Show Files .Check first as some folders maybe uninstalled via the Add/Remove program..Please post a new log when finished....Please ask if you require further assistance.

O2 - BHO: IEFRvalue.FRmodule - {8582D693-18FB-4CFC-AF4E-79B9FC4A4D53} - C:\Program Files\IEFRvalue\IEFRvalue.dll
O4 - HKLM\..\Run: [WSAConfiguration] wmon32.exe
O4 - HKLM\..\Run: [USB Device] servicelog.exe
O4 - HKLM\..\Run: [Printer] C:\windows\system32\wintme.exe
O4 - HKLM\..\Run: [.mscdr] C:\WINDOWS\system\lassa.exe
O4 - HKLM\..\Run: [Microsoft media services] winmplayer.exe
O4 - HKLM\..\Run: [Microsoft Update] msupdate32.exe
O4 - HKLM\..\Run: [MS FIREWALL] msfirewall.exe
O4 - HKLM\..\Run: [Windows SyncroAd] C:\Program Files\Windows SyncroAd\SyncroAd.exe
O4 - HKLM\..\RunServices: [WSAConfiguration] wmon32.exe
O4 - HKLM\..\RunServices: [USB Device] servicelog.exe
O4 - HKLM\..\RunServices: [Microsoft media services] winmpla... Read more

Read other 1 answers
RELEVANCY SCORE 39.6

Ok I am at my wits end.I cannot remove the "Cannot find blah blah run bridge.dll"all this clicking is not helping my Carpel Tunnel problemsI have used Microsoft beta spyware remover, Ad War 1.05, and finally Spy bot,I have fiddled about in the registry removing entries and so according to symantec, althouhg I use Zonelabs for firewall and virus scanning, Symantec & McAfee seem to bottleneck most system unnessecarily (minor gripe)Spy bot is the only one so far to find the following, DS0 Expliot (of whihc there are 5) Blazefind.brdigeAll of whihc are registry located and I imagine the cause of my WOES!Now here is my Hijack log,Logfile of HijackThis v1.99.0Scan saved at 22:51:02, on 10/02/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\hkcmd.exeC:\WINDOWS\SOUNDMAN.EXEC:\WINDOWS\system32\CTHELPER.EXEC:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\WINDOWS\system32\ctfmon.exe... Read more

A:Could someone kindly look @ my HJT log

Topic closedGetting help here:http://www.bleepingcomputer.com/forums/ind...topic=11064&hl=

Read other 1 answers
RELEVANCY SCORE 39.2

Hi,

I am using HP 6530b laptop, running Windows 7 Ultimate, recently I found my laptop wouldn't recover from Hibernate or sleep, after press power button, monitor shows nothing but HD indicator light shows HD is working something, can't do anything about it, I can only reboot by pressing power button till power off and restart.

I have also generated dump files, please kindly help to check my problem.

Appreciate of your help.

Derrick

A:BSOD please kindly help

  
Quote: Originally Posted by lince1218


Hi,

I am using HP 6530b laptop, running Windows 7 Ultimate, recently I found my laptop wouldn't recover from Hibernate or sleep, after press power button, monitor shows nothing but HD indicator light shows HD is working something, can't do anything about it, I can only reboot by pressing power button till power off and restart.

I have also generated dump files, please kindly help to check my problem.

Appreciate of your help.

Derrick


Derrick Hi and welcome

We are going to have a problem analyzing your DMP's because your version number is different from the RTM. Have you activated and registered it with microsoft?

Microsoft has not provided us with the symbols to analyze this version.

Ken


Code:

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\K\Desktop\031410-24180-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

DbsSplayTreeRangeMap::Add: ignoring zero-sized range at ?ffffffff`84131ad4?
Symbol search path is: SRV*F:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compati... Read more

Read other 1 answers
RELEVANCY SCORE 39.2

Hi,
I'm getting regular BSOD with the latest one being

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

Additional information about the problem:
BCCode: 3b
BCP1: 00000000C0000005
BCP2: FFFFF88004C363FC
BCP3: FFFFF880025C2400
BCP4: 0000000000000000
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\042111-15646-01.dmp
C:\Users\Aashay\AppData\Local\Temp\WER-24211-0.sysdata.xml
I cant seem to attach these files as it says I dont have admin rights even though I'm the administrator.

I think it is ATI related as during crash it says something about ATIKMDAG.SYS

I know you will probably need more info. If someone can help me attach these files, I'll be glad to do so.

Please help me. Its a humble request.

Thanks

A:BSOD..kindly help me

  
Quote: Originally Posted by eraserhead


Hi,
I'm getting regular BSOD with the latest one being

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 1033

Additional information about the problem:
BCCode: 3b
BCP1: 00000000C0000005
BCP2: FFFFF88004C363FC
BCP3: FFFFF880025C2400
BCP4: 0000000000000000
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\042111-15646-01.dmp
C:\Users\Aashay\AppData\Local\Temp\WER-24211-0.sysdata.xml
I cant seem to attach these files as it says I dont have admin rights even though I'm the administrator.

I think it is ATI related as during crash it says something about ATIKMDAG.SYS

I know you will probably need more info. If someone can help me attach these files, I'll be glad to do so.

Please help me. Its a humble request.

Thanks



To enable us to assist you with your computer's BSOD symptoms, upload the contents of your "\Windows\Minidump" folder.

The procedure:

* Copy the contents of \Windows\Minidump to another (temporary) location somewhere on your machine.
* Zip up the copy.
* Attach the ZIP archive to your post using the "paperclip" (file attachments) button.

To ensure minidumps are enabled:

Go to Start, in the Search Box type: sysdm.cpl, press Enter.
Under the Advanced tab, click on the Startup and Recove... Read more

Read other 9 answers
RELEVANCY SCORE 39.2

Hi All,

I'm not able to access any anti virus url. I have checked the hosts file, and it's fine. Did a updated scan with Symantec End-Point Protection and no virus is found. Anyone can help me?

thanks

A:infected, kindly help

Hi All,

I'm on microsoft windows xp professional sp3

thanks

Read other 4 answers
RELEVANCY SCORE 39.2

I have problem with nssfrch tool bar, please kindly help.

Deckard's System Scanner v20071014.68
Run by ekarong on 2007-10-30 13:51:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2007-10-30 06:51:18 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

System Drive C: has 5.13 GiB (less than 15%) free.


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-10-30 13:54:47
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Grisoft\AVG7\avgemc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\FileZilla ... Read more

Read other answers
RELEVANCY SCORE 39.2

Hello! I was told to come here by a friend.

I think I might have a keylogger of some sort.

I've cleaned my computer and got rid of infections with:

Ad-Aware
Malwarebytes' Anti-Malware
Spybot - Search & Destroy
Oh, and here's my log. Hope you boys can help me!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:10:58, on 2009-09-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
D:\WINDOWS\system32\taskswitch.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\PROGRA~1\MICROS~3\Office14\GROOVEMN.EXE
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\PROGRA~1\SYMANT~1\VPTray.exe
D:\Program Files\RocketDock\RocketDock.exe
D:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Rainmeter\Rainmeter.exe
D:\Program Files\S... Read more

Read other answers
RELEVANCY SCORE 39.2

My browser always include a header from searchportal.info. Please help.

Logfile of HijackThis v1.98.2
Scan saved at 7:17:31 PM, on 12/9/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: C:\WINDOWS\lbbho.dll - {26556B5E-1D4E... Read more

A:Pls kindly help with my HJTLog

Hello easilypanic, Welcome to TSG!

Fix the following entries in HijackThis:

O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL

O2 - BHO: C:\WINDOWS\lbbho.dll - {26556B5E-1D4E-42C6-9D6E-9C0BBE6197C5} - C:\WINDOWS\lbbho.dll

O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)

O2 - BHO: IEHlprObj Class - {CD4C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\Go!Zilla\GoIEHlp.dll (file missing)

O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL

O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"

O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe

O16 - DPF: v2cab - http://searchmiracle.com/cab/v2cab.cab

Download the following programs and run the on your computer.

Ad-Aware SE Personal Edition:
http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button

Spybot S&D:
http://www.download.com/3001-8022_4-10289035.html

Restart your computer and post a fresh HijackThis log back on this thread. Any improvements?
 

Read other 3 answers
RELEVANCY SCORE 39.2

Logfile of HijackThis v1.99.1Scan saved at 1:52:37 PM, on 8/22/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5700.0006)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Hijackthis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/def.../search/ie.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.intrex.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class ... Read more

A:Kindly Check My Hjt Log! Thanks.

Your log is clean, are you having any particular problems?

Read other 1 answers
RELEVANCY SCORE 39.2
A:Kindly help me for this error

Read other 1 answers
RELEVANCY SCORE 39.2

Logfile of HijackThis v1.99.1Scan saved at 7:13:57 PM, on 6/4/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16441)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\IFXTCS.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\IFXSPMGT.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXEC:\WINDOWS\system32\svchost.exeC:\Program Files\Venturi Client\Client\ventc.exeC:\Program Files\3S Software\CoDeSys ENI Server\ENI.exeC:\Program Files&... Read more

A:Cid Popup, Kindly Help Sir

Hello,Let's restore you lspchain/winsock first...To do this, Go to start > run and type cmdA dos Window will appear.Type next in the dos window: netsh winsock resethit enter.Then reboot.After reboot,Hello,Go to start > controlpanel > software > add/remove programs and look if you have one or more of next programs installed and uninstall them:NetpumperBitrollBitgrabberBitdownloadTorrent101CiD Help / CiD ManagerDownload Plugin for Internet ExplorerSearch PluginWinZixZone MediaThis because they are bundled with the malware you are dealing with (swizzor aka lop).This will uninstall the malware application.In case, during uninstall, when asked for the uninstall Verification, please enter the numbers that will appear in the window.In case it says that the file was not found, doublecheck again if you entered the exact command. If still the same, proceed with next steps.In case you can't find them,* Go to start > run and copy and paste next command below in the field:(Please make sure you copy and paste it exactly as you'll find below)"C:\DOCUME~1\ADMINI~1\APPLIC~1\MODERE~1\PopCoolPile.exe" -uninstall Hit enter.Then reboot. Important!After reboot, * Download Deljob.exe and save it on your desktop.Doubleclick Deljob.exe.A log, (logit.txt) should open afterwards. This log will be present on your desktopPost the contents of the logfile in your next reply together with a new Hijackthislog.

Read other 8 answers