Over 1 million tech questions and answers.

Got a bit ahead of myself - already ran combofix

Q: Got a bit ahead of myself - already ran combofix

long.Hi, my name is Jim. I have been hearing crazy beeps coming from the PC - the sound windows defaults to when a program fails - so I started doing some checking. I have run HijackThis and didn't see anything unusual. Also ran Autoruns and disabled a few unessecery items.Still concerned, today I downloaded and ran TrendMicros RootkitBuster. It found 1 hidden file that it couldn't remove. I've tried deleting it fom command prompt in safe mode and it tells me the file is too long. So in exploring google for long filename i came across a Bleeping Computer thread that mentioned combofix. Instead of joining and realizing that there were certain steps you wanted us to follow before posting, I went to the combofix tutorial and downloaded it and the windows recovery console.When I dragged the recovery console onto combofix things went a little crazy. Boclean reported a rootkit (couldn't catch the name message disappeared too quickly) then shut itself down. Next my AT&T antivirus shutitself down. Spybot Teatimer reported 2 registry key changes and shut it self down.I never got the message that recovery console was successfully installed. Instead the combofix box stayed open and said preparing to scan. It never started. I closed the window. Left all FW,AS AV's off and dragged the revery console onto combofix again. This time nothing unusual happened but I still didn't get the message that recovery console was installed.Combofix went on and ran it's scan and I have the logfile. What I'm not sure of is it safe to shutdown my system and restart? It looks like it may have deleted a bunch of windows files. Anyway here is the log from combofix. Thanks in advance for any help.ComboFix 08-12-01.01 - Owner 2008-12-01 19:03:58.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.419 [GMT -5:00]Running from: c:\documents and settings\Owner.YOUR-81140121F7\Desktop\ComboFix.exeCommand switches used :: c:\documents and settings\Owner.YOUR-81140121F7\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe * Created a new restore point.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system32\hpvaut32.dllc:\windows\system32\hpvcp70.dllc:\windows\system32\hpvcr70.dllD:\Autorun.inf.((((((((((((((((((((((((( Files Created from 2008-11-02 to 2008-12-02 ))))))))))))))))))))))))))))))).2008-12-01 18:15 . 2008-12-01 18:15 <DIR> d-------- c:\program files\CyberScrub Privacy Suite2008-12-01 18:15 . 2008-12-01 18:15 <DIR> d-------- c:\documents and settings\Owner.YOUR-81140121F7\Application Data\CyberScrub2008-12-01 18:15 . 2008-12-01 18:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\TEMP2008-12-01 18:15 . 2007-02-07 12:08 84 --a------ c:\windows\csact.ini2008-12-01 17:51 . 2008-12-01 17:53 <DIR> d-------- c:\program files\Unlocker2008-12-01 17:34 . 2008-12-01 17:34 268 --ah----- C:\sqmdata10.sqm2008-12-01 17:34 . 2008-12-01 17:34 244 --ah----- C:\sqmnoopt10.sqm2008-12-01 16:14 . 2008-12-01 16:14 142,096 --a------ c:\windows\system32\drivers\tmcomm.sys2008-12-01 15:57 . 2008-12-01 15:57 244 --ah----- C:\sqmnoopt09.sqm2008-12-01 15:57 . 2008-12-01 15:57 232 --ah----- C:\sqmdata09.sqm2008-12-01 15:16 . 2008-12-01 15:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\Hewlett-Packard2008-12-01 15:16 . 2007-10-20 18:25 117,760 --a------ c:\windows\system32\hpzll5mu.dll2008-12-01 15:15 . 2007-11-09 01:59 271,704 --a------ c:\windows\system32\hpzids01.dll2008-12-01 15:15 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys2008-12-01 15:15 . 2004-08-03 23:08 31,616 --a--c--- c:\windows\system32\dllcache\usbccgp.sys2008-12-01 15:09 . 2008-12-01 15:17 153,768 --a------ c:\windows\hphins26.dat2008-12-01 15:09 . 2008-01-19 03:52 787 --------- c:\windows\hphmdl26.dat2008-11-30 17:41 . 2008-11-30 17:41 268 --ah----- C:\sqmdata08.sqm2008-11-30 17:41 . 2008-11-30 17:41 244 --ah----- C:\sqmnoopt08.sqm2008-11-29 02:37 . 2007-03-08 10:36 577,536 --a------ c:\windows\system32\bowut2008-11-28 20:21 . 2008-11-28 20:21 244 --ah----- C:\sqmnoopt07.sqm2008-11-28 20:21 . 2008-11-28 20:21 232 --ah----- C:\sqmdata07.sqm2008-11-25 23:13 . 2008-11-25 23:14 <DIR> d-------- c:\program files\QuickTime2008-11-25 22:47 . 2008-11-25 22:47 <DIR> d-------- c:\documents and settings\Owner.YOUR-81140121F7\Application Data\Apple Computer2008-11-25 22:34 . 2008-11-25 23:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer2008-11-25 22:34 . 2008-11-25 22:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple2008-11-25 19:15 . 2008-11-25 19:15 244 --ah----- C:\sqmnoopt06.sqm2008-11-25 19:15 . 2008-11-25 19:15 232 --ah----- C:\sqmdata06.sqm2008-11-21 19:13 . 2008-11-21 19:13 268 --ah----- C:\sqmdata05.sqm2008-11-21 19:13 . 2008-11-21 19:13 244 --ah----- C:\sqmnoopt05.sqm2008-11-17 23:41 . 2008-11-17 23:43 <DIR> d-------- c:\program files\WinPcap2008-11-17 23:38 . 2008-11-19 17:23 <DIR> d-------- c:\program files\WMR112008-11-16 19:42 . 2008-11-16 19:41 158,192 --------- c:\windows\system32\pxwma.dll2008-11-16 04:06 . 2008-11-16 04:06 <DIR> d-------- c:\program files\IVCsoft2008-11-16 04:00 . 2008-11-16 06:58 <DIR> d-------- c:\program files\Total Video Player2008-11-15 19:35 . 2008-11-15 19:35 <DIR> d-------- c:\windows\system32\QuickTime2008-11-14 23:22 . 2008-11-14 23:22 268 --ah----- C:\sqmdata04.sqm2008-11-14 23:22 . 2008-11-14 23:22 244 --ah----- C:\sqmnoopt04.sqm2008-11-14 23:17 . 2008-11-14 23:17 <DIR> d-------- c:\program files\Common Files\Apple2008-11-14 21:24 . 2008-11-14 21:24 244 --ah----- C:\sqmnoopt03.sqm2008-11-14 21:24 . 2008-11-14 21:24 232 --ah----- C:\sqmdata03.sqm2008-11-13 23:25 . 2008-11-13 23:25 244 --ah----- C:\sqmnoopt02.sqm2008-11-13 23:25 . 2008-11-13 23:25 232 --ah----- C:\sqmdata02.sqm2008-11-13 12:28 . 2008-11-13 12:28 244 --ah----- C:\sqmnoopt01.sqm2008-11-13 12:28 . 2008-11-13 12:28 232 --ah----- C:\sqmdata01.sqm2008-11-12 17:52 . 2008-11-12 17:52 244 --ah----- C:\sqmnoopt00.sqm2008-11-12 17:52 . 2008-11-12 17:52 232 --ah----- C:\sqmdata00.sqm2008-11-12 00:43 . 2008-11-12 01:50 <DIR> d-------- c:\program files\Adsen Image Grab2008-11-11 13:49 . 2008-11-11 13:49 <DIR> d-------- c:\documents and settings\Owner.YOUR-81140121F7\Contacts2008-11-11 13:48 . 2008-12-01 15:15 <DIR> d----c--- c:\windows\system32\DRVSTORE2008-11-11 13:45 . 2008-11-11 13:47 <DIR> d-------- c:\program files\Windows Live2008-11-11 13:45 . 2008-11-11 13:47 <DIR> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller2008-11-11 13:45 . 2008-11-11 13:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\WLInstaller2008-11-11 13:33 . 2008-11-11 17:24 54,156 --ah----- c:\windows\QTFont.qfn2008-11-11 13:33 . 2008-11-11 13:33 1,409 --a------ c:\windows\QTFont.for2008-11-11 13:14 . 2008-02-22 02:33 69,632 --a------ c:\windows\system32\javacpl.cpl2008-11-11 13:13 . 2008-11-11 13:13 <DIR> d-------- c:\program files\Common Files\Java2008-11-11 12:53 . 2008-11-11 12:53 410,976 --a------ c:\windows\system32\deploytk.dll2008-11-11 12:21 . 2008-11-11 12:21 <DIR> d-------- c:\program files\Common Files\xing shared2008-11-09 19:18 . 2008-11-09 19:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo!2008-11-09 19:17 . 2008-11-09 19:18 <DIR> d-------- c:\program files\Yahoo!2008-11-09 19:12 . 2008-11-09 19:12 <DIR> d-------- c:\documents and settings\Owner.YOUR-81140121F7\Application Data\MSNInstaller2008-11-09 18:50 . 2004-08-04 00:56 159,232 --a------ c:\windows\system32\ptpusd.dll2008-11-09 18:50 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys2008-11-09 18:50 . 2004-08-03 22:58 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys2008-11-09 18:50 . 2001-08-17 22:36 5,632 --a------ c:\windows\system32\ptpusb.dll2008-11-09 18:48 . 2003-12-11 11:15 44,544 -ra------ c:\windows\system32\MSXML4a.dll2008-11-09 18:42 . 2008-12-01 15:15 <DIR> d-------- c:\program files\HP2008-11-09 18:42 . 2008-11-09 18:48 <DIR> d-------- c:\program files\Hewlett-Packard2008-11-09 18:41 . 2008-11-09 18:49 234,421 --a------ c:\windows\hpdj3740.his2008-11-09 18:41 . 2008-11-09 18:49 10,802 --a------ c:\windows\hpdj3740.ini2008-11-09 18:14 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys2008-11-09 18:14 . 2004-08-03 23:01 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys2008-11-09 18:02 . 2008-11-09 18:02 <DIR> d-------- c:\documents and settings\Owner.YOUR-81140121F7\Application Data\CyberLink2008-11-09 18:02 . 2008-11-09 18:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\CyberLink2008-11-09 16:51 . 2008-11-09 16:51 <DIR> d-------- c:\windows\Sun2008-11-09 16:51 . 2008-11-09 16:52 <DIR> d-------- c:\program files\NOS2008-11-09 16:51 . 2008-11-09 16:51 <DIR> d-------- c:\documents and settings\Owner.YOUR-81140121F7\Application Data\AdobeUM2008-11-09 03:43 . 2008-11-09 17:47 3,240 --a------ c:\windows\system32\PerfStringBackup.TMP2008-11-08 23:00 . 2008-11-09 16:22 <DIR> d-------- c:\windows\ServicePackFiles(2)2008-11-08 20:29 . 2008-11-08 23:05 <DIR> d-------- c:\windows\system32\scripting2008-11-08 20:29 . 2008-11-08 23:05 <DIR> d-------- c:\windows\l2schemas2008-11-08 20:10 . 2008-08-14 04:55 2,142,720 --a------ c:\windows\system32\ntoskrnl.exe2008-11-08 19:58 . 2008-04-13 19:12 8,461,312 --a------ c:\windows\system32\SET319.tmp2008-11-08 19:57 . 2008-04-13 19:11 3,066,880 --a------ c:\windows\system32\SET3F8.tmp2008-11-08 19:56 . 2008-04-13 19:11 1,082,368 --a------ c:\windows\system32\SET4A9.tmp2008-11-08 19:55 . 2008-04-13 19:11 1,267,200 --a------ c:\windows\system32\SET519.tmp2008-11-08 18:57 . 2008-11-09 17:02 <DIR> d-------- c:\program files\Common Files\Java(3)2008-11-08 16:38 . 2008-11-09 17:04 <DIR> d-------- c:\program files\Common Files\Java(2).(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-12-01 06:52 --------- d-----w c:\program files\Spybot - Search & Destroy2008-12-01 06:52 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy2008-12-01 04:39 99,216 ----a-w c:\windows\system32\drivers\cmdguard.sys2008-12-01 04:39 31,504 ----a-w c:\windows\system32\drivers\cmdhlp.sys2008-12-01 04:39 143,096 ----a-w c:\windows\system32\guard32.dll2008-11-26 03:34 --------- d-----w c:\program files\Apple Software Update2008-11-17 00:41 9,200 ------w c:\windows\system32\drivers\cdralw2k.sys2008-11-17 00:41 9,072 ------w c:\windows\system32\drivers\cdr4_xp.sys2008-11-17 00:41 44,944 ------w c:\windows\system32\drivers\pxhelp20.sys2008-11-16 08:37 --------- d-----w c:\documents and settings\All Users\Application Data\BOC4272008-11-14 05:41 --------- d-----w c:\program files\DivX2008-11-11 18:39 --------- d-----w c:\program files\SUPERAntiSpyware2008-11-11 18:39 --------- d-----w c:\program files\Common Files\Wise Installation Wizard2008-11-11 18:39 --------- d-----w c:\documents and settings\Owner.YOUR-81140121F7\Application Data\SUPERAntiSpyware.com2008-11-11 18:23 --------- d-----w c:\program files\a-squared Anti-Malware2008-11-11 18:14 --------- d-----w c:\program files\Java2008-11-11 17:21 --------- d-----w c:\program files\Common Files\Real2008-11-09 22:37 --------- d-----w c:\documents and settings\All Users\Application Data\NOS2008-11-09 22:32 --------- d-----w c:\program files\Windows Media Connect 22008-11-09 21:51 --------- d-----w c:\program files\Real2008-11-09 20:14 --------- d-----w c:\documents and settings\All Users\Application Data\comodo2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx0c.dll2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx07.dll2008-10-28 22:35 815,104 ----a-w c:\windows\system32\divx_xx0a.dll2008-10-28 22:35 802,816 ----a-w c:\windows\system32\divx_xx11.dll2008-10-28 22:35 684,032 ----a-w c:\windows\system32\DivX.dll2008-10-25 06:05 --------- d-----w c:\documents and settings\All Users\Application Data\QuickTime2008-10-23 10:12 --------- d-----w c:\program files\Common Files\Adobe AIR2008-10-23 09:33 --------- d-----w c:\program files\Trend Micro2008-10-22 22:10 8,552 ----a-w c:\windows\system32\drivers\asctrm.sys2008-10-22 13:46 --------- d-----w c:\program files\Windows Defender2008-10-22 13:39 --------- d-----w c:\program files\Pure Networks2008-10-22 13:39 --------- d-----w c:\program files\Google2008-10-22 13:36 --------- d--h--w c:\program files\InstallShield Installation Information2008-10-22 13:36 --------- d-----w c:\program files\Privacy Mantra 2.052008-10-22 13:36 --------- d-----w c:\program files\CyberLink2008-10-22 13:35 --------- d-----w c:\program files\Napster2008-10-22 13:35 --------- d-----w c:\documents and settings\All Users\Application Data\Napster2008-10-22 13:25 --------- d-----w c:\program files\BigFix2008-10-22 13:24 --------- d-----w c:\program files\Common Files\AOL2008-10-22 13:24 --------- d-----w c:\documents and settings\All Users\Application Data\AOL2008-10-22 13:08 --------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com2008-10-22 13:06 --------- d-----w c:\documents and settings\Owner.YOUR-81140121F7\Application Data\DivX2008-10-22 12:37 53,192 ----a-w c:\windows\system32\drivers\rp_skt32.sys2008-10-22 12:37 --------- d-----w c:\program files\Raxco2008-10-22 12:37 --------- d-----w c:\documents and settings\All Users\Application Data\Raxco2008-10-22 12:26 --------- d-----w c:\program files\Common Files\Scanner2008-10-22 12:26 --------- d-----w c:\program files\Common Files\Authentium2008-10-22 12:26 --------- d-----w c:\program files\CA2008-10-22 12:25 --------- d-----w c:\program files\AT&T2008-10-22 12:25 --------- d-----w c:\documents and settings\All Users\Application Data\AT&T2008-10-22 12:24 --------- d-----w c:\documents and settings\Owner.YOUR-81140121F7\Application Data\AT&T2008-10-22 12:23 --------- d-----w c:\documents and settings\Owner.YOUR-81140121F7\Application Data\InstallShield2008-10-22 12:21 --------- d-----w c:\documents and settings\LocalService\Application Data\McAfee.com Personal Firewall2008-10-22 12:21 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee.com Personal Firewall2008-10-22 12:20 --------- d-----w c:\documents and settings\Owner.YOUR-81140121F7\Application Data\McAfee.com Personal Firewall2008-10-22 12:20 --------- d-----w c:\documents and settings\Owner.YOUR-81140121F7\Application Data\ATI2008-10-22 12:17 --------- d-----w c:\program files\ATI Technologies2008-10-22 12:05 --------- d-----w c:\program files\Lavasoft2008-10-22 12:05 --------- d-----w c:\documents and settings\Owner.YOUR-81140121F7\Application Data\Lavasoft2008-10-22 11:41 --------- d-----w c:\program files\Comodo2008-10-22 11:41 --------- d-----w c:\documents and settings\Owner.YOUR-81140121F7\Application Data\Comodo2008-10-22 10:48 --------- d-----w c:\program files\Microsoft Works2008-10-22 10:36 --------- d-----w c:\program files\MSXML 4.02008-10-22 10:31 --------- d-----w c:\program files\McAfee2008-10-22 10:31 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee2008-10-22 10:30 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee.com2008-10-22 10:29 --------- d-----w c:\documents and settings\Owner.YOUR-81140121F7\Application Data\SampleView2008-10-22 10:29 --------- d-----w c:\documents and settings\Administrator\Application Data\SampleView2008-10-22 10:28 --------- d-----w c:\program files\gtw_logo2008-10-22 10:27 --------- d-----w c:\program files\Microsoft Money 20062008-10-22 10:26 --------- d-----w c:\program files\MSN Encarta Plus2008-10-22 10:25 --------- d-----w c:\program files\Common Files\Nullsoft2008-10-22 10:25 --------- d-----w c:\program files\Common Files\aolshare2008-10-22 10:25 --------- d-----w c:\documents and settings\Owner.YOUR-81140121F7\Application Data\You've Got Pictures Screensaver2008-10-22 10:25 --------- d-----w c:\documents and settings\All Users\Application Data\Pure Networks2008-10-22 10:25 --------- d-----w c:\documents and settings\Administrator\Application Data\You've Got Pictures Screensaver2008-10-22 10:24 --------- d-----w c:\program files\Common Files\Roxio Shared2008-10-22 10:23 --------- d-----w c:\program files\Microsoft Digital Image 20062008-10-22 10:22 --------- d-----w c:\program files\Common Files\Adobe2008-10-22 10:19 --------- d-----w c:\program files\Realtek2008-10-22 10:18 --------- d-----w c:\program files\Common Files\InstallShield2008-10-22 10:17 --------- d-----w c:\program files\Common Files\ATI Technologies2008-10-22 10:13 --------- d-----w c:\program files\Microsoft CAPICOM 10:07 --------- d-----w c:\program files\Common Files\New Boundary2008-10-22 10:07 --------- d-----w c:\documents and settings\All Users\Application Data\Prism Deploy2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll2008-10-16 19:08 34,328 ----a-w c:\windows\system32\wups.dll2008-10-16 19:06 268,648 ----a-w c:\windows\system32\mucltui.dll2008-10-16 19:06 208,744 ----a-w c:\windows\system32\muweb.dll2008-09-25 08:03 81,920 ----a-w c:\windows\system32\dpl100.dll2008-09-25 08:03 593,920 ----a-w c:\windows\system32\dpuGUI11.dll2008-09-25 08:03 57,344 ----a-w c:\windows\system32\dpv11.dll2008-09-25 08:03 53,248 ----a-w c:\windows\system32\dpuGUI10.dll2007-07-23 19:08 8 --sha-r c:\windows\neoqaz2.dll.------- Sigcheck -------2008-04-13 19:12 111104 ed7262e52c31cf1625b65039102bc16c c:\windows\SoftwareDistribution\Download\59fc8f12b80caa991163249076d0bcca\wuauclt.exe2008-10-16 14:09 51224 e654b78d2f1d791b30d0ed9a8195ec22 c:\windows\system32\wuauclt.exe2008-10-16 14:09 51224 e654b78d2f1d791b30d0ed9a8195ec22 c:\windows\system32\dllcache\wuauclt.exe.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ISW.exe"="c:\program files\AT&T\Internet Security Wizard\ISW.exe" [2007-05-03 2061816]"AT&T Internet Security Suite"="c:\program files\AT&T\AT&T Internet Security Suite\Rps.exe" [2007-06-28 310000]"-FreedomNeedsReboot"="c:\program files\AT&T\AT&T Internet Security Suite\ZkRunOnceR.exe" [2007-06-28 13552]"BOC-427"="c:\progra~1\Comodo\CBOClean\BOC427.exe" [2008-07-14 351480]"COMODO Firewall Pro"="c:\program files\Comodo\Firewall\cfp.exe" [2008-11-30 1796856]"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]"COMODO Internet Security"="c:\program files\Comodo\Firewall\cfp.exe" [2008-11-30 1796856]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-11-11 185872]"RTHDCPL"="RTHDCPL.EXE" [2006-01-11 c:\windows\RTHDCPL.exe][hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]2008-07-23 16:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]--a------ 2008-11-05 21:59 4347120 c:\program files\Yahoo!\Messenger\YahooMessenger.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]--------- 2004-10-13 18:24 1694208 c:\program files\Messenger\msmsgs.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]--a------ 2002-09-14 00:42 212992 c:\windows\SMINST\Recguard.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]"CHotkey"=zHotkey.exe"ehTray"=c:\windows\ehome\ehtray.exe"MSKDetectorExe"=c:\program files\McAfee\SpamKiller\MSKDetct.exe /uninstall[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="c:\\Program Files\\Real\\RealPlayer\\realplay.exe"="c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-10-22 99216]R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-10-22 31504]S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-01-25 42000]S4 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-10-23 33752]*Newly Created Service* - PROCEXP90.Contents of the 'Scheduled Tasks' folder2008-12-01 c:\windows\Tasks\MP Scheduled Scan.job- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]..------- File Associations -------.txtfile=c:\windows\NOTEPAD.EXE %1.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-12-01 19:06:32Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'winlogon.exe'(1032)c:\program files\SUPERAntiSpyware\SASWINLO.dllc:\windows\system32\Ati2evxx.dll.Completion time: 2008-12-01 19:08:17ComboFix-quarantined-files.txt 2008-12-02 00:07:54Pre-Run: 115,091,595,264 bytes freePost-Run: 115,905,564,672 bytes free294

Preferred Solution: Got a bit ahead of myself - already ran combofix

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Got a bit ahead of myself - already ran combofix

Thanks all, I went ahead and restored PC prior to combofix. Not sure if I have a problem or not but I did find a program to get rid of the long filename hidden file.

Read other 2 answers

Hi,I am wondering whether combofix.net and combofix.org are GENUINE sites to download ComboFix.There's no Impressum and the whois-info is private registered.Just wanted to know.Edit: Moved topic from Am I infected? What do I do? to the more appropriate forum. ~ Animal

A:Is combofix.net and combofix.org GENUINE Site to download ComboFix?

Please Take a look here: ComboFix usage, Questions, Help? - Look hereSpecifically the link to the combofix disclaimer image. AlsoThere are only two sites that are authorized for combofix, which are shown in red in the last quote box.

Read other 3 answers

Hello...my son's MSI GE60 OND (think it's a OND anyway) laptop which came with win8.1 has not yet got the go-ahead to install win10.

We signed up for it when it came out and got the win 10 icon ...but it states something along the lines that it isn't yet ready to be installed.

The MSI website isn't much good .....I have an account but can't log in as I now need a code that I haven't got , to log in. Some companies seem to try to discourage forums in my opion-

The laptop though doesn't seem to appear on their list though of LAPTOPS OK FOR UPDATES.
Windows 10 MDA Microsites

However the specs are better than my homemade PC which is upgraded as is my son's

Is it still early days (in europ?) and should I wait or should I force the update (registry edit required I believe)


A:win 10 not got go ahead yet

you can download the iso and install it. You may want to create an image file of the current install in case there is a reason for not getting the download.

Windows 10 ISO

Read other 5 answers


Please Help me..

I know you must be busy people but please read this and please help me, I am ever so grateful, thank you, I mean it

I am in need of help with my computer

(EDIT: WAY, WAY too much info.....we'll help you, just hang tight.)

I also used Hijack This Analyzer and here?s a copy of the ?results file?

Log was analyzed using HijackThis Analyzer - Updated on 12/17/04
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O... Read more

A:HELP!! PLZ!! I'd like to thank u ahead!! plz help it'll mean a lot for me

Hi and Welcome to TSF

Please move hijackthis to the root of C:\.
Do you know what program this entry is related to? C:\Program Files\Mini Motty\skinkers.exe

Before attacking an adware/spyware problem with hijackthis make sure you have already run ad-aware SE with VX2 add-on cleaner, Spybot Search & Destroy (with updated database) and CWShredder as these programs will clean a lot of the crap out first. All links to programs are in my signature. Ok..on to the log?..

Download Winsock2Fix and unzip it. Then double-click on it to run it.

Go to My Computer->Tools->Folder Options->View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing/visible also. Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers. Open add/remove programs and remove the following if listed.

Messenger Plus

Messenger Plus= Produces adware on the PC.

Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn't be but make sure)

C:\Program Files\Messenger Plus! 2\MsgPlus.exe

Check and fix the following in HijackThis if they still exist (make sure you do not miss an entry)

R1 - HKCU\Softwar... Read more

Read other 5 answers

Looking ahead to FF 57 (expected to be released Nov. 14) :
1) Firefox 57 will feature a new core engine, called Quantum, that purports to make FF 57 run twice as fast as FF 52 (released about a year ago).
2) FF 57's Photon User Interface will offer a new look for the entire browser.
3) Firefox 57 will replace the old Add-ons API with the new WebExtensions API.  As a result,  legacy add-ons that have not been ported to Firefox's new add-ons technology will stop working  --- meaning that nearly 75% of all Firefox add-ons won't be available to users on the new version.


Read other answers

I'm trying to keep my old computer running as smooth as possible until I get another one in the not too distant future. I have Norton/Symantec as my security program. At one time I had a few other programs that helped protect my computer & things were running fine.

Then I had a problem & I called Norton & they wanted to do the deal where they hook-up with my computer. I noticed they were getting rid of the other security programs I had - & they told me that having them could mess up Nortons ability to do what it did.

I've recently noticed that I still have files on my computer from the program I had called Malwarebytes Anti-Malware. The person that told me about this program said it was good to have & wouldn't be a problem to have it along with Norton. When I say Norton I mean the security & anti-virus program that I pay for every year from them.

Anyway - being a novice I have this question. Is it good for me to have Malwarebytes Anti-Malware & run it once in a while even though I have Norton. I had the free version of it. If its OK to have it......should I just uninstall the files I have on it & then download the free version they have now which is probably updated from when I had it before.

A:Should I go ahead & do the following?

Read other 10 answers

With my below components, can I expect any problems (besides the WDM Creative card report from the upgrade advisor) with my components??

Please advise.. Thx

VISTA 64 Home Premium for now
AMD Athlon(tm) 64 X2 Dual Core Processor 6000+ (2 CPUs), 3.1
ASUS M2N32 SLI Deluxe Wireless (NVIDIA NFORCE) 590
Crucial 8GB RAM
GeForce GTX 295 2GB
Creative X-FIXtremegamer
HP w2408h HDMI - 1920x1200 Res
2-160GB RAID 0 and 1TB Drive
Artic Cooling Freezer 64Pro

A:Looking ahead

Creative has new drivers, so not a problem. In all previous builds, the driver worked flawlessly. I had to re-install it in build 7600, but likely due to a conflict created by the install of Sun VirtualBox.

You look good to go.

Read other 3 answers

OK... I moved to quickly to instal & run ComboFix, w/o registering & getting further instruction here first. I don't know that it has caused any problem yet, but now, I'm asking for your help (after I've already run ComboFix).What brought me to this point...What basics I know about the computer, I have learned through others over the last 5 or 6 years, so I'm limited. I had recently switched from three seperate free services (anti virus, anti spyware, & firewall) to "Microsoft Security Esentials", which I understood to have all three under one roof.Yesterday I began to see multipal pop ups, including "Nexplore". I Googled Nexplore & found this site & instruction about ComboFix. W/O fully digesting the whole thing, I went ahead & installed & ran ComboFix, W/O seeking instruction to do so first. Hopefully I haven't caused more problem. After ComboFix installed & ran I have done nothing except copy the screen of info it gave & came here. Sorry that I jumped ahead like that. I hope you will give me guidance from here.This is the info given by ComboFix...ComboFix 09-12-25.04 - Tim 12/26/2009 7:04.1.1 - FAT32x86Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1470.901 [GMT -8:00]Running from: c:\documents and settings\Tim\My Documents\Downloads\ComboFix.exe.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\documents and s... Read more

A:Jumped ahead of myself....

Just a note that I'm getting assistance on this issue from Icronics.

Read other 2 answers

Does anybody notice when you download a video file and it's not complete you can't skip ahead in the file because it's not complete? Is there anyway to get around this or any other media players that can skip ahead without any problems? Thanks.

A:Not able to skip ahead in WMP


If you downloaded this from a p2p program, we can't help you on that. Also, if its a asf or wmv file, you won't be able to skip ahead. Some say they're other types of file, but if it has a little sun in the bottom left, then its one of the previous two.



Read other 1 answers

Can anybody give me any clue as to why InCD 4.072 doesn't always load the icon in my system tray in WinXP?

Read other answers

can anyone tell me where ahead nero caches it's temporary files? please? and thank you

A:ahead nero 5.5.914

Read other 7 answers

Windows 10 surpasses Windows Vista and Windows 8 desktop usage

A:Steamrolling ahead...

The lame walk and the blind see

Read other 1 answers

My laptop comes with 4 drives...
C,D,E and F
see snip photo in how they are set up...

My question is it possible, when Windows 8 arrives, to load it on D drive?
That way I will have both Win 7 on "C" and Win 8 on "D".

I had Vista Home Premium on my Desktop then upgraded 7 Home Premium over it.
So my 2nd question is ....Anyway to fetch Vista HP off desktop and transfer it to Laptop?
Forgive my dumb questions but was told the only dumb question is one that is never asked.
Thanks In Advance,

A:Just thinking ahead....for Win 8

1) dual booting will make the Recovery Partition unusable.

2)What version Vista, OEM, Retail, or OEM manufacturer?

Read other 3 answers

Hi. Slight problem. All was well until the 16th July. On the 17th July, according to my PC it was the 23rd. For some reason know only to IT technology, my PC decided it didn't like the third week of July and promptly gained a week. I put the date back - only to literally watch it slowly then highlight the date it had decided upon. What happened on the 16th July originally that prompted this - I have no idea - no event log or anything else. Have synchronised with internet time stamp and it tells me it can't because my date is wrong. Every time I change it, it holds for one or two seconds and then literally unhighlights todays date (that I have just changed it to) and highlights the date approximately a week ahead. Anyone have any ideas because I'm getting more than a little frustrated with receiving mail a week before I send it. Many thanks

A:Solved: Way ahead

You'll probably need to adjust your time in the BIOS instead of windows. When you first power on your PC theres a screen that comes up for a few seconds, i.e. the manufacturers name. There is a key you must tap to get in. Unfortunetly, not all motherboards are the same. Its usually F2, F1, or the delete key. It might tell you what key to press on the screen itself for a few seconds, giving you enough time to see what it is. Whatever the key is just keep tapping it until you get in there and from there adjust the date/time. Be careful not to adjust anything else while you are in the BIOS. Save, Exit and restart. Next time you boot into windows, it should reflect the changed date correctly.

Read other 2 answers

Nero begins the burn the just as is comes to the end
it then tells me that the iomega device is not available.
then proceeds to close down.
all I can do is say "another disk down the drain"

Please any one have any suggestion?

Thank you very much

A:Ahead Nero v 6.6

try uninstalling nero then reinstall it ...we need more info..what cpu how much ram what CD/dvd drives..ect

Read other 1 answers

I'm running Windows XP Pro SP2. I've downloaded all the necessary patches for the daylight savings time fix and my clock is ahead one hour than it should. The checkbox to automatically adjust clock is checked and I've tried going back and forth on different time zones to get the it right; but it will not work. Also using Outlook 2007, but only for some minor email usage. Was told that Outlook 07 did not need a patch, only needed one if you did stuff with the calendar. Any help would be greatly appreciated.

A:Clock Ahead 1 Hr

Read other 16 answers

Dear fellows:
I have an older ( about 6 years) IBM Thinkpad 600X. I am trying to install MS Windows XP through CD-Rom over the Linux currently installed on the HDD. I have tried to make CD-Rom drive as a first boot drive, but haven't had any success. Please explain in a simple way:how to move CD-Rom Drive ahead of the HDD in the Bios. Thanks, brij.

A:CD-Rom Drive ahead of the HDD

Most BIOS will start with a screen that has system information and tabs along the top . . generally General . . Advanced . . Boot . . Exit are then ones most common.

Click on the Boot and in the body of the screen you should see "Boot Order" or something like that. Usually, you can click on the first item and move it up or down to change the order the syatem will look for a bootable device.

Default usually is : First FDD (or Floppy)
Second: HDD ( sometimes disc 0)
Third: CD-ROM

You would click on CD-ROM and move it up with the + - keys or Page up/Page down.
Then press F-10 to save and exit.

Hope this helps . . wrs

Read other 1 answers

When I loaded Ahead Nero it gave me a virtual CD drive that I don't have.
Can anyone tell me,

1. Do I really need this extra drive and if not how do I get rid of it.
2. When I burn, and change the format of, mp3 files onto a CD I can't play these in my car. I think the format has to be .cda but Nero doesn't burn this format. Does anyone know of a solution.

A:Ahead Nero CD Burning

Read other 12 answers

I have someone's old XP Pro laptop and it remembers type-ahead values in every app from IE to God knows what. So if I type "Hello" in Google I might get :
Hello dolly
Hello magazine
etc etc etc!

I don't want any of the previous user's historic choices and it is driving me mad!

How do I discard them please? (Deleting temp files in IE doesn't do it.)


A:Disabling type-ahead

Try clearing history.

Read other 3 answers

How do I delete the type aheads in the address bar? Not all the History but just the ones in the address bar. I am using MSN Explorer. Thank you

Read other answers

I had this installed a while ago, but when i went to uninstall it recently i must have done something wrong because the uninstaller doesn't work properly now. When i go to add/remove programs and click the ahead incd icon, it simply states "InCD 4 is not installed on your computer" and closes.
Ive had a look in program files and there is no sign of it ever being there, but im sure there must be some parts of it left in the registry. If someone could point out the correct registry entries to remove or change that would be a great help! Or any other solution would be appreciated.
Its not an emergency, its just highly annoying when im trying to clean my computer up!

A:Solved: Ahead INCD

InCD is a part of Nero burning software. Go here: http://www.nero.com/enu/downloads-cleantools.html download and run the InCD 4 Cleantool.

Read other 2 answers

yea i wanted to know if nero worked on xp its a burning program that i have but i went from me to xp and now it wont work...can some one help me

A:problems with Ahead nero and xp

Read other 6 answers

I need to know how to turn off read ahead caching for my CD ROM only, in order to read my DirectCD's I have made. Please help me.

Read other answers

Hello everyone,

I've recently formatted my CD-RW with InCD, making it a "large floppy disk", but the problem i want to burn audio track on the CD-RW and with InCD you just cant. My question is that how do u re-format the CD-RW to NOT to be used like a "large floppy disk"????

So can somebody help me out??

A:AHead InCD problem

Read other 7 answers

I'm running IE 5.0 and this problem has been hounding me for the past year. It doesn't happen all the time, neither can I nail it down to specific sites. What happens is this: before a page finishes loading or right at the point when it has finished, it immediatly jumps foward to display the banner ad as an image by itself. So when it is done, all i have to look at is the banner ad. I can press the back button to get back to the page I wanted to be at. This will work as long as it doesn't jump foward again. If I am fast enough, I can hit the Stop button in time for it to stop and not jump foward.

Has anyone ever seen this problem before? If so, does the latest version of IE fix it? I'm not a bleeding edge kinda guy, so I tend to stick with the older versions until I have to upgrade....or maybe I'm just lazy

A:IE 5.0 insists on jumping ahead of me!

Read other 7 answers

I don't know in which category this should be in but the videos I watch on different platforms such as youtube, Netflix, Hulu and such have been having the problem of the audio is ahead of the video. I don't know what to do and I bought this computer less than a year ago and now it's doing this.

Read other answers

Ahead Nero 5.5 is installed and it works fine. But would it better to get a newer version? What are the extra with the newer versions and which of them is best (nero 6/7/8/9)?

A:ahead nero versions

Maybe it's just me, but I don't see how this relates to networking.

Read other 7 answers

Ahead Nero 5.5 is installed and it works fine. But would it better to get a newer version? What are the extra with the newer versions and which of them is best (nero 6/7/8/9)?

A:ahead nero versions

This comparison chart on the Nero web site shows the features of versions 6 through 9:

Read other 3 answers

I've chosen to Hide several of this months updates but was wondering if I should go ahead with the two .NET 3.5.1 ? One of them is actually from the August updates I guess, don't know why I missed it then.
I also have one for .NET 4 dated Aug. I do remember hiding a NET 4 because I was thinking about uninstalling it due to something? I'd read about problems with it. I just looked at my list of "Installed Updates" & see that I have 18 of the NET 4 all dated 6/25/13 so now don't know what to do about that.


A:Go ahead with .Nets if hiding some others?

The fact that you have 18 .NET 4 updates installed on the same day probably simply means that you only recently installed .NET 4 - and it was the first time the system had a chance to update to current levels.
You should still install all the later updates, if you're going to continue with .NET 4 installed.

.NET 3.5 is part of the operating system - you should install all updates for it.

Read other 8 answers

I'd like to store my digitial photos on cd. I go through the neessacary steps using other formats, audio + data mix, but it isn't reconizing my jpeg files. It is looking for wav, mp3, and cda files. When I searched the help menu it said it does accept these files, but how? Please help!

A:Ahead Nero problem

Read other 16 answers

For the past two days, my sister's system seems to be running exceptionally slow.  It also acts like it is freezing up or just extremely busy with almost constant hourglass/spinning circle, cursor freezes or sometimes even switches to a search glass or scroll arrows which I would normally relate to everything from corrupted drivers, to some software that got installed that was having issues and was basically locking up the system until a timeout occurs.  I have even seen the zoom of certain web pages change without ever touching anything.  I have never seen anything like this. 
But the main reason I suspect this is malware,spyware,virus related is because upon opening a web page (especially with firefox) things seem to be normal (no home page hijack, yet), but as soon as I click on a link, such as to read a news article, I get multiple new tabs and pop up windows (at least 5 or 6) with an assortment of ads, pictures, and everything else but what the link should have led to.  IE doesn't seem to have these issues
I have already did the normal type scans such as Malwarebytes, SAS, Spybot S&D, and even though they "sometimes" find a few items, they are limited to tracking cookies, and other such minimal threat items.  The system uses AVG Free as it's AV software and it also finds nothing.  But everything I try doesn't seem to get me anywhere.  So at this point, I have to relent and ask for Help!  ;... Read more

A:Sure something bad is living on my laptop, but can't get ahead of it

Additional info I was remiss in providing
Windows 7 Home Premium SP 1 64 bit

Read other 12 answers

Thank God for 7 mb of unpartioned space.

For monthes now my computer was super slow.
But I put up with it until it messed with my YOUTUBE.
Priorities you know.

I didn't know what it was. I must of got hacked or got some sort of virus.
So for 3 monthes, I.

I downloaded everything from
antivirus removers
backdoor remover
ad-ware remover
bho removers
process analyzers
Security Scans (One cave me a virus)
Looked on forums to find out why System Idle process have like a constant 95%
( So far as I now know, it means its good. -- less usage saves cpu)
Used 26 character passwords
Bugged tech support no less than 20 times.
Looked for Optimizers and Cleaners
(one remove one of my passwords and had to call isp for a reset 26 characters is alot to remember)
Reformated my hard drive no less that 10 times.
Went to hardware site to download drivers
And truthfully if that was not enough did no less than 100 other things.

We'll today I was thinking it was a virus that installed its self on he 7mb of
unpartitional space, I had heard some where that they could do that, so I GOOGLED.

and found your forum

The punchline I had installed (misinstalled) and extra hard drive.
and had forgot about it. My computer was working so what did I care?


If you still don't get it re-read above.

The fix
removed hard drive
removed ... Read more

A:go ahead laugh I am happy

The moral of your tale is : Always do the solution first.:grinthumb

Read other 2 answers

Hey man, I have been grounded for about a month, for ....... drinking a little to much, but anyways as I return to my computer it seems my family has royaly screwed this PC. I have several Spyware and Adware, etc. on my computer and don't fully trust myself with cleansing it. The worst adware HOMO! is two coexisting files MediaAccess.exe, and MediaAccK.exe, it is an adware/spyware program that is only allowing one user to be signed on and you gotta restart just to go on the comp, or else it will flood the PC with million spawns of this program. Please check this out!!!....

A:Yar! Hijack This Log Dead Ahead!

Logfile of HijackThis v1.99.1
Scan saved at 12:03:16 AM, on 4/24/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Rrfhh\Freekvs.exe
C:\Program Files\... Read more

Read other 1 answers

As I am planning to upgrade to Bulldozer early next year when the FX 8170P is scheduled for release thought I?d go ahead and get the major pieces in place. Will be utilizing the following components from the current AMD rig and other spare parts:

OCZ Vertex 128GB
Corsair HX850
Sapphire HD5870 x 2
Auzentech X-Fi HomeTheater HD
Internal Hard Drives

Already have a buyer lined up to purchase the remainder of my current AMD system intact, also throwing in a Sapphire HD 4890 2GB. This will help cover roughly half the cost of this upgrade (not counting the FX 8170P).

The following components have been ordered and should arrive before the end of next week:

Cooler Master HAF X Full Tower $189
Gigabyte GA-990FXA-UD7 $250
Phenom II X6 1100T $189
Corsair H100 Liquid Cooler $120
Lian Li USB3.0 to MB 20-Pin Adapter $15
Tuniq TX-4 Extreme Performance $12
16GB Corsair Dominator GT DDR3 2000 $300
Scythe Kaze Master Pro Fan Controller $45
Logitech MK520 Wireless Keyboard & Mouse $44
Intel Gigabit Desktop Adapter $36

If everything arrives as scheduled hope to get started on this build next weekend

A:Plowing ahead with Bulldozer


I'm definitely interested to hear your thoughts on the H100 once you get her up and running as I've been considering it myself.

Read other answers

My norton and free adaware did not detect yet in another scan for last weeks...2 embedded Trojan Horses: Downloader.Agent.2.AA & 2.AS I can not get rid of..and have tried every source available. PC now is getting worse everyday. Locking up more and more. Can not pull up pages. Have to reboot over and over & worsening. Have windows XP. Satellite dish connection; earthlink - AOL piggy back. Everything else seems aokay. LOTS of infestations finding everyday cia adaware and others. Adaware did not detect trojans however shows Data Miner C:documents settings each day and quarantine. Daughter was using Soul seek/music sharing. Do not understand instructions for locking up browsers (BAD on instructions). Tried to delete .tmp files manually. over 6000 files..but will not delete with select all as some won't delete. Tried WINsomething prog & did not do for me..and now cant get it off PC and not helping with locking things up. Well bottom line..I DONT KNOW WHAT TO DO..and my biz is online..and can not function with having to constantly reboot and praying each time I will get back online. Ironically last night after multitude of earlier day procedures..all was well..buts its starting up again. THANKS ahead for ANY direction. I appreciate YOUR help to me..and to soooo many others. Here is the latest Hijacker Log..and hope I did it right as I do not know how to run without having AOL on..and earthlink sbeing active for satellite. Dumb ha?
OH my norton program..hmmm...did not ... Read more

A:My PC and I am losing it. Hijacker log. THANKS ahead

Hi Amber and welcome to TSF. Instructions to help are below. Are the Webcelerator and eAccleration programs necessary on your machine now? You appear to have broadband access and these programs do nothing but give false impressions of speed increases.


Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post... Read more

Read other 19 answers

Hello folks,

Any idea why I get intermittent error messages that say

Title: InCd
"Unable to connect to file system - Service not running"

every now and then?

As Enthusiast, USASMA and Albert Frankenstein will testify, this is a problem that may be part of a whole suite of problems which I am trying to erradicate and determine if the cause is viral, SP2 compatibility, more sinister or just plain stoopidity on my part.

I do have an SP2 patch from Ahead software's site which I tried to no avail.

Case Study
I tried to burn an iso disc earlier and Nero StartSmart wouldn't enable the "Next" button to commence the burn. I noticed on looking harder that my CDRW drive was "in use" and had a little red x next to the unit name in StartSmart. There were no other apps using the drive and InCd had displayed the window after the disc had been read and had been closed...I clicked options and the dialogue showed that the cd burning drive was still in use and did not display any info about the disc or the drive, but after a few seconds the drive became available and I could burn successfully.

1. Why is this error occuring intermittently (even after installing the InCD update) - The misconnection to the file system error that is.

2.Why does Nero state that the drive is in use when its not?

3. Why does InCD take longer than other applications to unload when logging off - (The End now window appears a few seconds after clicking log off)

4. I hav... Read more

A:Ahead "incd" Problems

What memory do you have installed and what does your motherboard support?

If you need info on your system download Everest version 1.51 (the last full feature freeware version) from oldversion.com

Tell us the make and model number of your motherboard and what the installed memory is. (Everest should tell you both those things).

Read other 10 answers

i always reset it by updating thing on internet time and it always goes ahead at least 10 minutes it does that slowly slowly frist it would like 1 min and then 2,3 etc. someone please help

A:Why does my clock get ahead of time

Replace the CMOS battery on your motherboard.

Read other 1 answers

Logfile of HijackThis v1.99.1
Scan saved at 8:39:14 PM, on 9/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\eBay\eBay Toolbar\\ebaytbar.exe
C:\Program Files\America ... Read more

A:please help with yieldmanager hijacking...thanks ahead for your help

Hi and Welcome
It may help you if you print out or copy this page for easy reference.. Make sure to work through the fixes in the exact order its listed..These instructions only apply to HJT v1.99.1

Please Keep your browser and all open programs closed (except firewalls and antivirus) when you are carrying out the fixes..

Download any of the required programs before attempting to start any of the fixes.

Please do NOT run Hijack This in a TEMPorary folder or on the Desktop. I recommend c:/program files/HJT/

Turn off System Restore instructions (WinXP)
Rightclick My Computer | Properties | System Restore | check ?Turn off System Restore?, <Apply>, <OK>. Reboot. When we have confirmed that your log file is clean, you may renable System Restore and create a new restore point.

To show hidden files instructions (WinXP)
Doubleclick My Computer | Tools | Folder Options | View tab
Select Show Hidden Files and Folders
Uncheck Hide extensions for known file types
Uncheck Hide protected operating system files (Recommended)
Select Apply to All Folders | Yes | Apply | OK

If you hav'nt already done so,download and run Adaware,SpyBot (check for updates) for a preliminary cleanup first.Some files below may not be present after running the above programs.Full instructions below.

How to setup Ad-Aware

Download Ad-Aware
Save aawsepersonal.exe into ... Read more

Read other 1 answers

I was using my pc 3 days ago and I restarted my pc and while Xp loads it stoped and pc restarted ........At the specific point where Windows Xp logo is there on screen and 'loading' animations is running below..Everytime it happens at specific point

After that I formatted my C drive and then during the restart that is required for graphical setup for Xp I got a blue screen "PAGE_Fault_In non paged area "NTFS.SYS" and then I restarted,I got the same error with "win32k.sys"........

Even Vista fails to install with error...........
PAGE_Fault_In non pages

There is no cahnce of driver outdating because Cis totally empty!!!!!

My Pc config-
Pentium D-2.80GHZ
RAM-1.5 GB
HDD-7200 RPM ;500GB
256 mb in-built Graphic Card

Need your help!!!!!!!!

A:I'm step ahead of suiciding

Use Memtest86 to test your RAM... Swap or replace the RAM if Memtest86 says all is good. Suisiding is not a word. A better chioce in Titles would be "I'm a step ahead of becoming suicidal"...

Read other 5 answers

I have a couple older programs that I use to use in Win 95 & 98 that require me to change the CD-ROM read ahead optimization from quad speed to no read ahead. I knew how to do this in Win 95 & 98 but can not figure out how to do this in Win 2K & XP. Does anyone know how?


Read other answers

hi people,im new to this forum i keep getting emails that for example say 9;30pm but it is barley 1;30 pm on my actuall time,so its as if its arriving 8 hours ahead of time,what could be the problem? and its the same day.

A:email says arriving ahead of time

I doubt the problem is on your end. In all likelihood the issue (problem) is with either your provider's email server location, or the location of the email server where the email originated. I'm guessing that there is no definite number of hours that [all] emails are off; in other words the time could be either correct, or the time could be off by 1, 2, 3, 4, etc. hours.

Read other 3 answers

I am looking for some advice please, if anyone can help me.
I have Windows 98SE and Ahead Nero and InCD. I also have a CD Writer.
I have got some blank CD-RW discs and would like to copy the files from 'My Documents' onto a CD-RW as a means of a backup.
I have read, somewhere, that it is really easy to do but I have no idea and wondered if anyone can please help me.
I would really be very grateful.
Many Thanks.

A:Ahead Nero and InCD - Backing up

Read other 6 answers

Recently had boot problems with an ECS 915P-A mobo. Though I have been burned by BIOS flashes before, I decided to go ahead and try it to fix the problem, after first getting sage advice from one AZ Vigilante. Black screen. Beep code: 2 beeps - pause - 5 beeps. This occurred three times on cold starts, then black screen - no beeps. Reset CMOS jumper, removed battery over night, etc, black screen, no beeps. No problem, Vigilante, I hated the dang thing any way; it's going back to Fry's.

Now: purchased ASUS P5P800, installed, reset Windows XP Pro, set BIOS, almost everything is hunky-dory. Minor (for now) glitches, just don't want them to be symptoms of underlying crisis. The BIOS recognizes my DVDRW DL drive, and my CDRW-ROM drive by name and number, but Windows device manager lists both as generic "CD-ROM drives." It used to know them by name. Tried to run a chip utility from Intel, but it said I have to have an active browser on my system, and none was detected. I have both Firefox and IE 6.0 w/ 4MB broadband connection. Tried to install the ASUS Update Utility, and it says there are no ASUS products detected on the system. ??

These things are not critical, but are annoying, and I'm gunshy after three mobos in two months. There is no coherent info at the ASUS site, and trying to find help from Microsoft is like, well, um,**%#[email protected]@&*(*&^!!! difficult, if not impossible. BTW, according to the ASUS site, I have the latest... Read more

A:New mobo quirks-serious probs ahead?

Just checking. Did you install the motherboard drivers?

Read other 4 answers

What is the correct way to resume from Sleep?
I'm working on a Compaq SR1750NX desktop,
Win7 Ult 32 bit
Athlon X2 4600
Moving the mouse and tapping keys won't wake it. Holding the power button in cause it to shut down and immediately restart and there's no monitor display. I don't want to pull the power and risk losing data.

A:Warning: Dumb question ahead.

What are the power settings?

Read other 9 answers

Hey all, after spending the better part of today trying to fix my computer, I'm now posting here in hopes someone more knowledgeable can help me out. I have what I think is a trojan or a rootkit infecting my computer, and it seems like with everything I try, it's always one step ahead of me.I'm running XP Home with SP2. Unfortunately I haven't had the disk for a long time, and I'm hoping I can get by without having to buy a new one.Here a small recap of SOME of the things I've tried, in no particular order...HijackThis - works, I can post a log if needed.MalwareBytes - works, gotten rid of some things, detects but can't get rid of uacinit.dll however, it comes backComboFix - opens after renaming, but tells me AVG is running though I'm pretty sure it isn't. Crashes the computer if I try to run it anyway.I've also cleaned up all temp files/cookies/etc.I've tried numerous other programs, many won't open due to various errors.Symptoms:- Originally, Windows ended up freezing. After rebooting, I'd get about 10 seconds on the desktop before it froze again - the mouse however still worked. After more reboots, I started getting a black screen after things loaded, mouse still worked, nothing else did. I managed to get into Safe Mode with networking, cleaned things up a bit, then managed to get back into regular mode for a while. Not sure what changed, but now when I try to boot in regular mode, Windows stops at the Welcome screen; mou... Read more

A:Trying to get rid of trojan, always 1 step ahead of me [Moved]

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

Read other 17 answers

I sync my Blackberry with my Outlook contacts and hard as I try I can't make the reminder on my phone to, well, remind me of the Birthday at say 10:00 AM on the actual date.

If and when it does, it does it before hand or it doesn't even do it... how can I make it remind me at 10:00 AM in the exact day of the B-Day?

In case I have not specify it enough... OUTLOOK 2010

Say my brother's birthday is on July 31, I want my Blackberry to remind me of it at 10:00 AM on the say (July 31) so I can either text or call him to wish him a happy B-Day. I DO NOT want to be remind it days before or even 2 hours before... let alone at midnight when I am already sleep.

All of the How Tos I have found on google tell you how to do this BEFOREHAND but not AFTER...


A:Birthday Reminder... ahead of time or On the day!

WOW... I guess I am the only one with this predicament!

Read other 7 answers