Over 1 million tech questions and answers.

Received email from Comcast saying a computer in my house is in a botnet. MBAM came up clean. Here's logs for computer 1...

Q: Received email from Comcast saying a computer in my house is in a botnet. MBAM came up clean. Here's logs for computer 1...

Logs attached.

There are no malware symptoms that I can see, but I did find it very strange that MBAM scans were set to skip everything other than memory. So if you did a quick scan or full scan, it would scan like 400 files and say it was done. I figured out how to turn the rest of the scan back on in the settings and a full scan or quick scan didn't find anything.

Thanks.

------

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_20
Run by Eric at 20:22:54 on 2011-07-02
Microsoft? Windows Vista? Business 6.0.6001.1.1252.1.1033.18.2046.785 [GMT -7:00]
.
AV: ESET Smart Security 3.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET Smart Security 3.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Mindjet\MindManager 7\MmReminderService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageEchoEnterpriseServer\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Razer\Imperator\RazerImperatorTray.exe
C:\Program Files\PrivacyEraser Computing\Privacy Eraser Pro\PrivacyEraser.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 8\SnagPriv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Eric\AppData\Local\Temp\Rar$EX00.247\RootRepeal.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
S:\Documents\downloads\Defogger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: CmjBrowserHelperObject Object: {07a11d74-9d25-4fea-a833-8b0d76a5577a} - c:\program files\mindjet\mindmanager 7\Mm7InternetExplorer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
uRun: [Privacy Eraser Pro] c:\program files\privacyeraser computing\privacy eraser pro\PrivacyEraser.exe /Startup
uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10h_Plugin.exe -update plugin
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [MMReminderService] c:\program files\mindjet\mindmanager 7\MMReminderService.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimageechoenterpriseserver\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimageechoenterpriseserver\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Skytel] Skytel.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" -H
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Razer Imperator Driver] c:\program files\razer\imperator\RazerImperatorTray.exe
StartupFolder: c:\users\eric\appdata\roaming\micros~1\windows\startm~1\programs\startup\hddlife.lnk - e:\autoplay\programs\portables\portablehlp\app\HDDlifePro.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\gigane~1.lnk - c:\program files\giganews accelerator\GiganewsAccelerator.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\launchy.lnk - c:\program files\launchy\Launchy.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\pdfcre~1.lnk - c:\program files\pdfcreator\PDFCreator.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snagit~1.lnk - c:\program files\techsmith\snagit 8\SnagIt32.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\totalm~1.lnk - f:\uBBMonitor.exe
uPolicies-explorer: RestrictWelcomeCenter = 0 (0x0)
uPolicies-explorer: AlwaysShowClassicMenu = 0 (0x0)
uPolicies-explorer: MemCheckBoxInRunDlg = 0 (0x0)
uPolicies-explorer: DontSetAutoplayCheckbox = 0 (0x0)
uPolicies-explorer: NoThemesTab = 0 (0x0)
uPolicies-explorer: NoChangeAnimation = 0 (0x0)
uPolicies-explorer: HideRunAsVerb = 0 (0x0)
uPolicies-explorer: DisableThumbnails = 0 (0x0)
uPolicies-explorer: DisableThumbnailsOnNetworkFolders = 0 (0x0)
uPolicies-explorer: TurnOffSPIAnimations = 0 (0x0)
uPolicies-explorer: NoSMBalloonTip = 0 (0x0)
uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
uPolicies-explorer: NoSearchCommInStartMenu = 0 (0x0)
uPolicies-explorer: NoSearchComputerLinkInStartMenu = 0 (0x0)
uPolicies-explorer: NoSearchFilesInStartMenu = 0 (0x0)
uPolicies-explorer: NoSearchInternetInStartMenu = 0 (0x0)
uPolicies-explorer: NoSearchProgramsInStartMenu = 0 (0x0)
uPolicies-explorer: NoStartMenuMyGames = 0 (0x0)
uPolicies-explorer: NoUserFolderInStartMenu = 0 (0x0)
uPolicies-explorer: HideSCABattery = 0 (0x0)
uPolicies-explorer: HideSCANetwork = 0 (0x0)
uPolicies-explorer: HideSCAVolume = 0 (0x0)
uPolicies-explorer: TaskbarNoNotification = 0 (0x0)
uPolicies-explorer: TaskbarNoAddRemoveToolbar = 0 (0x0)
uPolicies-explorer: TaskbarNoDragToolbar = 0 (0x0)
uPolicies-explorer: TaskbarNoRedock = 0 (0x0)
uPolicies-explorer: TaskbarNoResize = 0 (0x0)
uPolicies-explorer: TaskbarNoThumbnail = 0 (0x0)
uPolicies-explorer: ClearRecentProgForNewUserInStartMenu = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
uPolicies-system: HideLogonScripts = 0 (0x0)
uPolicies-system: HideShutdownScripts = 0 (0x0)
uPolicies-system: NoColorChoice = 0 (0x0)
uPolicies-system: NoSizeChoice = 0 (0x0)
mPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
mPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
mPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
mPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
mPolicies-explorer: UseDefaultTile = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - c:\program files\mindjet\mindmanager 7\Mm7InternetExplorer.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{97386CF8-698B-4279-9B81-35C8BCDBF627} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
LSA: Authentication Packages = msv1_0 relog_ap
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\eric\appdata\roaming\mozilla\firefox\profiles\gwwgnxrc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\eric\appdata\roaming\mozilla\firefox\profiles\gwwgnxrc.default\extensions\[email protected]\components\coolirisstub.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\eric\appdata\roaming\mozilla\firefox\profiles\gwwgnxrc.default\extensions\[email protected]\plugins\npcoolirisplugin.dll
FF - Ext: Cooliris: [email protected] - %profile%\extensions\[email protected]
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Extended Statusbar: {daf44bf7-a45e-4450-979c-91cf07434c3d} - %profile%\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}
FF - Ext: Resurrect Pages: {0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3} - %profile%\extensions\{0c8fbd76-bdeb-4c52-9b24-d587ce7b9dc3}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\program files\real\realplayer\browserrecord\firefox\ext
.
============= SERVICES / DRIVERS ===============
.
R2 ekrn;Eset Service;c:\program files\eset\eset smart security\ekrn.exe [2007-12-21 472280]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-7-7 38224]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2010-4-17 115944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c9a02425a2f850;Google Update Service (gupdate1c9a02425a2f850);c:\program files\google\update\GoogleUpdate.exe [2009-3-8 133104]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-3-8 133104]
S3 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2008-5-11 42376]
S3 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2008-5-11 66952]
S3 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2008-5-11 81288]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-2-12 21504]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-5-11 337800]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-5-11 1017224]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
.txt=
.
=============== Created Last 30 ================
.
2011-07-03 01:54:56 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4c6821e0-1441-4f7c-8d0f-39d2ec4ad183}\mpengine.dll
2011-06-30 02:27:23 276992 ----a-w- c:\windows\system32\schannel.dll
2011-06-17 23:51:59 758784 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-06-17 23:51:58 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-17 23:51:57 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-17 23:51:57 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-17 23:51:53 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
.
==================== Find3M ====================
.
2011-05-28 06:08:58 916480 ----a-w- c:\windows\system32\wininet.dll
2011-05-28 06:04:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-28 06:04:17 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-28 06:04:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-05-28 06:04:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-28 05:10:26 385024 ----a-w- c:\windows\system32\html.iec
2011-05-28 04:33:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-28 04:31:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-25 02:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-02 15:58:28 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 12:49:57 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 12:49:55 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-21 13:16:42 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-14 14:24:14 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
.
============= FINISH: 20:23:35.09 ===============

RELEVANCY SCORE 200
Preferred Solution: Received email from Comcast saying a computer in my house is in a botnet. MBAM came up clean. Here's logs for computer 1...

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Received email from Comcast saying a computer in my house is in a botnet. MBAM came up clean. Here's logs for computer 1...

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. Please take note: If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far. Upon completing the steps below another staff member will review your topic an do their best to resolve your issues. If you have already posted a DDS log, please do so again, as your situation may have changed. Use the 'Add Reply' and add the new log to this thread. We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE We also need a new log from the GMER anti-rootkit Scanner. Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here: How to create a GMER log Thanks and again sorry for the delay.DR

Read other 14 answers
RELEVANCY SCORE 85.2

Hi everyone,
  Been lurking these forums awhile back and I usually resolve it by following other thread's solution except this current issue of mine. Earlier today I received from TWC about botnet activity. I am using Windows 8.1, Avira Anti-virus. The two browsers I mainly use, chrome and mozilla FF, doesn't redirect to any malware but I am treating the email i received from my isp very seriously.
  I ran MalwareByte's Anti-RootKit and it didn't found anything.(attached). I then ran tdsskiller.exe and it found 6(attaching log). I then uploaded each file it referenced in https://virusscan.jotti.org/ and 1 out of the 6 files, BTServer.exe, was flagged with  PUA.Win.Packer.SetupExeSection-1 by ClamAV. I then stopped as I haven't found anything online on how to get rid of this one. I also ran GMER and attaching the log.
  This is the first time I've received a botnet activity email from my ISP. Any help/assistance on this would be great!
 
Thank you very much.

Read other answers
RELEVANCY SCORE 77.2

I got an email from Comcast saying one of my computers has an email bot. I went directly to comcast to verify the email itself was real. Im looking for advice on what I should use to scan for the bot as I check all my computers. Thank you.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion:

1.6.0_17
Run by PDK at 19:51:22 on 2012-04-19
Microsoft Windows 7 Home Premium

6.1.7601.1.1252.1.1033.18.4025.2662 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated*

{108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated*

{ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-



4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware

\MsMpEng.exe
C:\Windows\System32\svchost.exe -k

LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k

LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:�... Read more

A:Comcast says I have a computer with email bot

Please uncheck wordwrap from your notepad, it makes the logs hard to read thanksplease run the following:Please download TDSSKiller.zipExtract it to your desktopDouble click TDSSKiller.exewhen the window opens, click on Change Parametersunder ?Additional options?, put a check mark in the box next to ?Detect TDLFS File System?click OK Press Start Scan
As we are only looking for a log of what is on the machine right now > choose to skip whatever is foundThen click Continue > Reboot nowCopy and paste the log in your next reply
A copy of the log will be saved automatically to the root of the drive (typically C:\)NEXTPlease download aswMBR to your desktop.Double click the aswMBR.exe icon to run itWhen asked if you want to download Avast's virus definitions please select Yes.Click the Scan button to start the scanOn completion of the scan, click the save log button, save it to your desktop and post it in your next reply.You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well

Read other 16 answers
RELEVANCY SCORE 76.4
A:computer very slow/infected with virus - hjt, mbam and combofix logs attached

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructio... Read more

Read other 2 answers
RELEVANCY SCORE 75.6

I've have just received my brand new Windows 8 laptop today, and everything is great except for one thing:  whenever I try to sign into my Comcast email, I get a "Certificate Error" page saying "There is a problem with this website's security certificate (blah blah blah)".  I have no idea why I'm getting this error because I have never gotten this error before until today when I try to sign in on my new computer.  And I'm definitely not on a fake site, so I don't know why I'm getting this error.  Does it have something to do with me using Windows 8 or some type of setting?

A:Comcast Email won't open on new Windows 8 computer

First of all make sure your computer date is correct.
 
What browser do you use to access Comcast site?
Did you try different browser?

Read other 4 answers
RELEVANCY SCORE 75.2

Hey friends, "W"

Have an infected computer, I think. Ran malware bytes, and, it showed clear. Here is the log.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4666

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

9/21/2010 2:27:50 PM
mbam-log-2010-09-21 (14-27-50).txt

Scan type: Quick scan
Objects scanned: 164954
Time elapsed: 21 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Read other answers
RELEVANCY SCORE 74.4

I was recently given a used laptop, which uses Vista Home Basic service pack 2. The security software installed on it had been expired for a while, so I ran an MBAM full scan and some items were detected. I haven't noticed any issues/problems with the computer so far, so I was a little surprised that malware was found. Now I am concerned that there could be other malware hidden deeper in the computer and not found yet. I want to transfer files from the computer, but I don't want to spread any viruses, malware, trojans, etc.
So how can I determine if the computer is really clean and safe?
Can I post the MBAM log, to see if there is cause for concern?

A:Items detected in MBAM scan, is computer really clean now?

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Up... Read more

Read other 29 answers
RELEVANCY SCORE 74.4

Hi there,
 
I recently left for a few days and came back to see my mom, and while the issue with my aunt was resolved my mom's computer also had/may still have some malware bc my Aunt sometimes also uses it. 
 
Mom does have Bitdefender Total Security (2015 still) as a paid anti virus but no one program gets everything (especially when you download a ton of stuff... ::cough cough::... auntie... mooom)
 
She does have Win 10 which seems basically the same but I am not very familiar.
 
I did run through a few beginning clean steps from a previous clean but didn't want to take it too far,
 
Could a Moderator please help me check it over, it's much appreciated.
 
So far have done
ADWcleaner, (cleaned)  Then CCleaner, cleaned results (didnt mess with registry) MBAM cleaned,  JRT cleaned, have yet to run ESET. 
 
Will post logs below as requested and/or re run them or other programs as needed
 
 
the other thing, was that I wanted to check out the free trial for MBAM (website protection included) has also been showing these warnings:
Detection, 2/22/2016 12:25 AM, SYSTEM, SUSAN, Protection, Malicious Website Protection, Domain, 54.230.102.162, cdn.directrev.com, 50698, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
Detection, 2/22/2016 12:25 AM, SYSTEM, SUSAN, Protection, Malicious Website Protection, Domain, 54.230.102.162, cdn.directrev.com, 50698, Outbound, C:\Program Files (x86)\Mozilla Firefox\fire... Read more

Read other answers
RELEVANCY SCORE 71.6

Hey there, My OS is Windows XP SP3 and I was running McAfee Total Protection, when one day my Security Center was messed up. I went to McAfee's website, where they told me to uninstall/reinstall. When I uninstalled, I could no longer access McAfee's website nor reinstall. Knowing of Bleeping Computer, I came to your forums and read other users' problems, which led me to download the following:Ad-Aware 2008SuperAntiSpywareAvira AntiVirusSygate Personal FirewallMalwareBytes AntiMalwareKaspersky Online ScanUpon installing and running the programs they each found various infections which they cleaned up. I believe I'm now clean, but would really appreciate someone double checking my logs to confirm.Thanks for your time and assistanceMy various logs as follows:KASPERSKY ONLINE SCANNER 7 REPORT Friday, December 19, 2008Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)Kaspersky Online Scanner 7 version: 7.0.25.0Program database last update: Friday, December 19, 2008 07:38:45Records in database: 1480857 Scan settings Scan using the following database extended Scan archives yes Scan mail databases yes Scan area Critical Areas C:\Documents and Settings\All Users\Start Menu\Programs\StartupC:\Documents and Settings\Wayne\Start Menu\Programs\StartupC:\Program FilesC:\WINDOWS Scan statistics Files scanned 32048 Threat name 0 Infected objects 0 Suspicious objects 0 Duration of the scan 00:29:... Read more

A:My computer had an infection, but think it's now clean. Could someone please check my various logs?

Hello CPO'd,This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.1. Download this file - combofix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe2. Double click combofix.exe & follow the prompts.3. When finished, it will produce a log for you. Post that log in your next reply please, along with a new HijackThis log.Note:Do not mouseclick combofix's window while it's running. That may cause it to stall.Thanks,tea

Read other 12 answers
RELEVANCY SCORE 69.2

Hi there, a friend reccomended this site to me. I have had this thing for a while but it seems to "hibernate" so to speak. It's spyware possibly. I am usually pretty good at getting rid of infections, so I suspect this one may be difficult. I have never asked for help on a forum before so let me know if im doing anything wrong.Spybot is catching it trying to alter the startup and registry files, and immediately after this happens, Malwarebytes will pop up saying it has blocked two outgoing requests to ip's.I have run every security program I can think of, Spybot S&D, nothing, Malwarebytes, nothing, Lavasoft Ad-aware, nothing, Windows Security Essentials nothing (and useless....I have never had it warn me of anything! I uninstalled it.) YEsterday I ran Combofix (before coming here) and today after reading a thread here, GMER. Here are the logs:GMERGMER 1.0.15.15641 - http://www.gmer.netRootkit quick scan 2012-01-22 12:22:08Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e ST9160821AS rev.3.CDDRunning: 5zh2wctk.exe; Driver: C:\DOCUME~1\Naomi\LOCALS~1\Temp\pwlirfod.sys---- Devices - GMER 1.0.15 ----AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)---- EOF - GMER 1.0.15 -... Read more

A:Slow computer, too many suspicious svchost, MBAM blocking outgoing, SS&D blocking startup edits COMBOFIX/GMER logs

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/439456 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 69.2

Hi, malware hunters.My father recently got a notice from Vidéotron, his ISP, that his IP address was being used for malicious activity and they asked him to run a virus scan (and get an antivirus if he didn't already have one). I ran a full MBAM scan and Windows Defender as well on his computer a couple of weeks, but he got a second notice from his ISP last week.While going through his bils this week, he found a number of charges on his credit card that were fraudulent. Something on his comuter might have logged it from an online payment or something.Following are the DDS and MBAM logs.DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.5.1Run by Jacques at 20:57:53 on 2013-09-03Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.2.1036.18.4056.1549 [GMT -4:00].AV: McAfee AntiVirus et AntiSpyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: McAfee AntiVirus et AntiSpyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetwo... Read more

A:Warning email from ISP, Stolen CC number, (mostly) Clean MBAM

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.   Scan with Malwarebytes Anti-RootkitPlease download Malwarebytes Anti-Rootkit from here Malwarebytes : Malwarebytes Anti-Rootkit and save it to your desktop.Be sure to print out and follow the instructions provided on that same page.Caution: This is a beta version so please be sur... Read more

Read other 10 answers
RELEVANCY SCORE 62

Hi
I think I have a problem with too much activity and usage while I’m away from my computer that might be male ware. This is a recurring situation. When I walk away from my computer for about 20-30 minutes and return I notice the hard drive very active and the CPU at about 10-35%. But there are no active programs running (that I know of) that would do this for so long.  As soon as  I click the desktop this activity stops right away. I've tried turning off indexing but this changes nothing. Otherwise my computer operates fine. Nothing shows on scans with MSE, MBAM and Super Anti-Spyware. I did have a virus cleaning earlier this year on this site and was given a clean bill of health. Since then I've modified my online activities to avoid malware. Thanks in advance for your help
And thanks for all the previous help I’ve gotten from this fine site.
 
 

A:Possible Botnet on Win 7 sp1 computer

CPU at 10-35% is not very high, how many processes you have?
 
Please press Ctrl+Shift+Esc then at the lower left corner it will told you how much processes you have.

Read other 23 answers
RELEVANCY SCORE 62

After about 15 minutes of not inputting anything on my computer, the HD activity light begins to rapidly flicker and CPU usage goes from about 1%-2% to about 20%-35%. It stays this way for hours although sometimes I've this activity settle down to normal after about thirty minutes or so, although RAM usage seems normal during this time.There should be no intensive background processes running at these times.As soon as I move my mouse this activity almost immediately ends. This has been repeated many times.Below is a link I was requested to place by noknojon who suggest my machine might be, "missing the correct C++ runtime components for your type of system. (x86 or x64). Installing the following update(s) resolves the issue"But that didn't work as the 2010 downloads he linked me to refused to install saying that there were newer versions already existing on my machine.http://www.bleepingcomputer.com/forums/t/499305/possible-botnet-on-win-7-sp1-computer/DDS.txtDDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16635Run by Gary at 13:07:00 on 2013-07-14Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.5607 [GMT -4:00].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\... Read more

A:Possible Botnet on my Win 7 sp1 computer

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/501080 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 12 answers
RELEVANCY SCORE 62

Well, I am using PeerBlock to help block any malicious websites, and I see that it is showing logs of blocked BotNets recently in the past hour. I see four recently that are coming from my computer and going to VimpelCom(some telephone company in Russia.) I was doing a full scan earlier with Comodo and it had returned 6 infections at 63% through, but the computer basically froze during the scan and had to shut it down.

Just hoping that someone can help me solve this and make sure my computer is clean. And if it isn't, then hopefully you can help me clean it out.
Edit: I just checked my history on PeerBlock, and searched for botnet. I have 43 results of botnet attacks coming from and to my computer. I do not know much about a BotNet, except that I know they are normally bad (no idea if this is just a normal thing for a program on my computer.)

A:My computer has a botnet?

Welcome to BC. A botnet refers to a type of bot running on an IRC network that has been created with a trojan. When an infected computer is on the Internet the bot can then start up an IRC client and connect to an IRC server. The Trojan will also have been coded to make the bot join a certain chat room once it has connected. Multiple bots can then join in one channels and the person who has made them can now spam IRC chat rooms, launch huge numbers of Denial of Service attacks against the IRC servers causing them to go down. http://www.webopedia.com/TERM/B/botnet.htmlThis allows hackers to remotely control your computer, steal critical system information and download and execute files. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.We need to see a few logs.Please download MiniToolBox, save it to your desktop and run it. Checkmark the following checkboxes: Flush DNS Report IE Proxy Settings Reset IE Proxy Settings Report FF Proxy Settings Reset FF Proxy Settings List content of Hosts List IP configuration List Winsock Entries List last 10 Event Viewer log List Installed Programs List Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool ... Read more

Read other 3 answers
RELEVANCY SCORE 62

Hello!
So last week, my computer started randomly playing a song that I had downloaded on my computer, then followed by someone pressing CTRL and F to bring up "Find" on Firefox and started typing to me, I instantly turned my computer off by the power button. I then, ran the computer in Safe Mode with networking and had him type "hello I'm the ghost" on the Firefox search. After opening CCleaner, I found a jusched.jar file running on start up and started looking up what to do. I have deleted the start up entry for the file, I believe I have deleted the file (it was appearing invisible despite folder options being on) and I found a registry in a Java Folder on Regedit regarding the jusched.jar and removed it in hope that that would remove it. I am too scared however, to use my computer as I do not know if it has gone or not, I would really appreciate it if you could help me get this resolved, I am on a 64 Bit windows 7 computer and have AVG, Avast. Spybot, Microsoft Essentials and Malware Bytes installed, in which none of the scanners have currently found anything from what I believe, thanks for your time, I really appreciate it

A:Possible RAT / Botnet on my computer

AS both of those would be very serious infections to have, we should get a deeper look. Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.Let me know if all went well.

Read other 3 answers
RELEVANCY SCORE 61.2

Hi

Is there a easy way to find out if you have botnets on your HP computer.
So the story goes.
I was on my AOL accounts, ( i know, i know better now,)
Checking on some emails. logged off. Then went to log back on, & it wounldnt accept my password.
A pop up window came up, & instructed me to call a phone #. 18556785282.
So I called, Bangladesh, & India.
They gave me some six digit codes to input in my computer, to get my aol account back.
i tried it afew times, with differant #s, they gave me.
Anyways, I never gained access. Lost the accounts!

My computer hasn't been the same since,
I need to know a way to check if it has botnets, on it.

Thank you.
 

Read other answers
RELEVANCY SCORE 60.4

From the ESET Research Team,






Quote:
There are few signs that indicate your computer is part of a botnet that might not be indicating something else. Any malware can cause almost all of the same symptoms that a bot can. Sometimes conflicts between programs or corrupted files can cause the same symptoms as well, but still, there are some signs that should not be ignored.


Provided in no particular order at Top 10 signs your computer may be part of a Botnet | ESET ThreatBlog.

A:Top 10 signs your computer may be part of a Botnet

Good to know

Read other 3 answers
RELEVANCY SCORE 60

Hello, BleepingComputerStaffI am infected with "Virut" which I read was a backdoor/botnet. I am noticing at sometimes my internet throttles and I cannot load webpages or play games etc... Also something keeps throtting my firewall so I have to turn it off while gaming just to play.I have read the malware guide and attached the logs below.Thanks,

A:Infected with "Virut;Backdoor botnet" (All Logs Attached)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 5 answers
RELEVANCY SCORE 59.2

This one is even worse than my computer at work. Thanks for taking the time to look over it.Logfile of HijackThis v1.99.1Scan saved at 1:08:12 PM, on 4/3/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\system32\crypserv.exeC:\WINDOWS\system32\drivers\KodakCCS.exeC:\Files\Norton Antivirus\navapsvc.exeC:\Files\NORTON~2\NPROTECT.EXEC:\WINDOWS\System32\nvsvc32.exeC:\Files\NORTON~2\SPEEDD~1\NOPDB.EXEC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\WINDOWS\Explorer.EXEC:\Files\Norton Antivirus\SAVScan.exeC:\WINDOWS\System32\igfx... Read more

A:Computer at the house

Please follow these steps in order to clean your computer of Malware which can include Viruses, Trojans, Worms, Spyware, Hijackers and Dialers.Step 1:Download Spybot and Adaware from the following locations and install them. You should run both programs and clean up what it finds. This is to gaurantee that you find the most malware you can installed on your computer.Before running the scans on both programs, it is mandatory that you update the programs. There are update options in each program when you run them.SpybotAd-awareIf you would like to learn more about how to use these two programs with the proper settings you can read the tutorials below:Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer.Using Spybot - Search & Destroy to remove Spyware, Malware, & Hijackers from Your Computer.When you scan with both programs, fix everything that it finds.When you are done with the scan and fixing the items. Please continue with the next step.Step 2:It is important that you run Spybot and Adaware before you proceed with this step. Fixing enties with Hijackthis may leave behind unwanted files on your computer if the previous step was not done first.Create a directory on your hardrive to save HijackThis.exe. A directory like c:\hijackthis. If you do not do this, you will not be able to use the backup/restore features.Download HijackThis from:HijackThis Download SiteSave this file into the directory you made previously and then run the program. Click on... Read more

Read other 1 answers
RELEVANCY SCORE 59.2

I have seen little $35 devices i can get that i plug into my network router and plug my computer into and my monitor into, and vouala... but id like to avoid that if possible. Yes i want to log in from any of the computers in the house, but at the same time i would like to avoid a 3d party device if at all possible. is there a way i can set this up directly on the network? I have a lot of very high end computers i dont want being bogged down my a third pary device, now no longer allowing me to use a graphics card or do anything of any real use.

If there is a way i can do this...
I already have opened ports so i can access my network publicly when i need, so could i make it so i can log in anywhere through the server? (i know this is not only a security risk but also probably a huge long shot and probably prety difficult, but it also seems kindof cool... if i cant do this, i always have 'LogMeIn' XD).

A:I would like to be able to log in from any computer in the house

Hi Thornton,

Have you tried setting up Remote Desktop connections?
Allow Remote Desktop connections from outside your home network
Configure Remote Desktop Access on Windows 7 Systems

There's nothing wrong using a 3rd party software, Team Viewer is another great software.

Read other 9 answers
RELEVANCY SCORE 58.8

forget it...obviously none of you are here to really try to help people
 

A:computer works everywhere except new house

What has your friend been smoking?
 

Read other 9 answers
RELEVANCY SCORE 58.8

Hello, its been a day since this has been happenning. My internet connection stopped working such as google chrone, modzilla firefox, & internet explorer. When I click on the icon it says "currently connected to- unidentified network- no network access" Although below it reads my internet connections and it allows me to disconnect so it has to be connected. Our internet is wireless and everyone else in my house has perfect connection. I have tried troubleshooting, shutting off the wireless box and restarting it, and disconnecting then reconnecting. Please help!
 

A:My Computer's the Only One in House Without a connection

TCP/IP stack repair options for use with Vista or Windows 7

Start, All Programs\Accessories and right click on Command Prompt, select "Run as Administrator" to open a command prompt.

In the command prompt window that opens, type the following commands, each followed by the Enter key:

Reset WINSOCK entries to installation defaults: netsh winsock reset catalog

Reset IPv4 TCP/IP stack to installation defaults: netsh int ipv4 reset reset.log

Reset IPv6 TCP/IP stack to installation defaults: netsh int ipv6 reset reset.log

Reboot the machine.

------------------------------------------------------------------------

TCP/IP stack repair options for use with Windows XP with SP2/SP3

Start, Run, CMD to open a command prompt:

In the command prompt window that opens, type the following commands, each followed by the Enter key:

Note: Type only the text in bold for the following commands.

Reset TCP/IP stack to installation defaults, type: netsh int ip reset reset.log

Reset WINSOCK entries to installation defaults, type: netsh winsock reset catalog

Reboot the machine.
 

Read other 1 answers
RELEVANCY SCORE 58.8

I needed a good budget PC so I picked up these parts:

XFX 8200 motherboard (shh i hate XFX too but they had a good deal)
AMD 5400+ Black Edition (got mobo/chip for 150$ cant beat that)
2 Gigs of OCZ DDR2 800
SATA 250Gig 3.0 HD
680 Sunbeam Hush PSU.
ATI HD4850

Went off with out a hitch, Installed OS. only problem is that My PC Freezes or Reboots when im doing the simplest tasks. and it could be from 5 mins from boot or 20 minutes.

I Tested all Ram slots, Ran a memory test all seemed clear, and 1 stick of ram would seem to fail on all slots like discribed in the paragraph above. used 2 sticks, 1 stick at a time, both not effective.

well im out of idea's, everything seems pretty air tight. I even used my old GeForce 8600GT, same problem, on board same problem. does my problem persist in the Hard drive or the new motherboard?

Edit------------------
I never over clocked my cpu, and it says 3.2 Ghz not 2.8 like it says :X I can play with settings in bios but its on auto, lol?

Heres the Error Codes Windows Spits at me XD

BCCode : 3b BCP1 : 0000000080000003 BCP2 : FFFFF80001026CD0
BCP3 : FFFFFADFB849FD40 BCP4 : 0000000000000000 OSVer : 5_2_3790
SP : 2_0 Product : 256_1


All these parts are new, and here is my DUMPS.
 

A:Made a house computer

Inside the 3 MiniDumps:




BugCheck 3B, {80000003, fffff80001026cd0, fffffadfb713cd40, 0}
Probably caused by : afd.sys
PROCESS_NAME: IEXPLORE.EXE

BugCheck 3B, {80000003, fffff80001026cd0, fffffadfc3f4f070, 0}
Probably caused by : afd.sys
PROCESS_NAME: MySpaceIM.exe

BugCheck 3B, {80000003, fffff80001026cd0, fffffadfb849fd40, 0}
Probably caused by : afd.sys
PROCESS_NAME: svchost.exeClick to expand...

Download WinsockFix Here
And reset your Network
Can also be related to faulty Firewall settings (you may need to set defaults on any personal firewall (or uninstall it then re-install it)

You may need to update your Drivers too
 

Read other 8 answers
RELEVANCY SCORE 58.8

Hi. I just recently purchased a new laptop because my PC desktop computer crashed. I have the laptop connected to my landline phone's modem in my living room, however I don't know how to use my laptop anywhere in the house without regard to it being hooked to the modem. Is it possible to have such portability all around the house- I hope? Thanks in advance.
 

A:Using my new laptop computer anywhere in the house

No not really unless you want to drag your phone wire all over the place. So are you really still on dial-up?
 

Read other 2 answers
RELEVANCY SCORE 58.8

Hello,

I've been having problems with my internet on my PC. I use it mostly for gaming (League of Legends specifically but it's also hooked up to my Xbox for internet connection), and I frequently (about every minute or so, sometimes more) get bad lag spikes when playing games. My character will freeze in place while I click wildly about and then appear somewhere else (and die or lose a kill).

The thing is, I'm connected to my Apple Airport which all other devices in the house are connected to (Wii, dad's Mac desktop, my Mac laptop), and only my PC gets this lag. Seems like a fairly generic problem but I have no idea what to do about it, so if you need more information let me know.

Here's my specs from the utility:
Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft(R) Windows(R) XP Professional x64 Edition, Service Pack 2, 64 bit
Processor: AMD Phenom(tm) 9600 Quad-Core Processor, AMD64 Family 16 Model 2 Stepping 2
Processor Count: 4
RAM: 4095 Mb
Graphics Card: NVIDIA GeForce 8800 GTX, 768 Mb
Hard Drives: C: Total - 76308 MB, Free - 37779 MB;
Motherboard: SAPPHIRE Inc., PC-AM2RD790, 1.0,
Antivirus: None
 

A:Lag spikes on my PC, not on any other computer in the house

I notice a lot of people have viewed this but no response yet... do I need to provide more information? Is this just unsolvable? Still need help with this.
 

Read other 2 answers
RELEVANCY SCORE 58.8

Logfile of HijackThis v1.99.1Scan saved at 12:25:14 AM, on 8/29/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\acs.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Dell\Media Experience\PCMService.exeC:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeC:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2H1.EXEC:\Program Files\Common Files\AOL\1149832989\ee\AOLSoftware.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Plaxo\2.6.2.15\PlaxoHelper.exeC:\Program Files\NETGEAR\WG311T\wlancfg5.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\rundll.exec:\program... Read more

A:Another House Computer Call :)

Hello Emunah, and welcome to Bleeping Computer. My name is Charles and I will be dealing with your log today. Please take note of the following: I will start working on your Malware issues, this may or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine.The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear. If you don't know, stop and ask! Don't keep going on. Please reply to this thread. Do not start a new topic.Please give me some time to look over your log and I will get back to you as soon as possible.Thanks,Charles

Read other 8 answers
RELEVANCY SCORE 58.4

Basically what the title says. I had a 3.5 hour scan on my computer and when I selected remove files I received an overflow error and the program quit. There is no trace of the run. There was about 30k detected files. All randomly generated by Guard Online. I seem to have no problem getting on the internet or anything in safe mode, but in normal startup, once Guard Online starts up I can't open any programs and all my current programs are frozen. What should I do now?

Thanks,
Ian

A:Received Overflow error in MBAM removing Guard Online

Hi Remobeater, With the information you have provided I believe you will need help from the malware removal team. I would like you to start a new thread HERE and include a link to this thread. Please make sure that you read the information about getting started before you start your thread.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.Regards,TheShooter93

Read other 1 answers
RELEVANCY SCORE 58.4

Reposted from Am I infected?:http://www.bleepingcomputer.com/forums/topic422917.html.

I just ran MBAM again in a quick scan and it has 113,533 objects infected. This time I saved a log and it looks like it froze from that now. Don't have too much time to mess with this because I'm a graduate student. Any solutions? Maybe I should try erasing part of them at a time? I don't really have time to run logging software, I already know where the files are and I can get the program to find everything. Maybe after I delete the files.

A:Received Overflow error in MBAM removing Guard Online

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

Read other 3 answers
RELEVANCY SCORE 58

My initial problem was that the my documents folder was automatically coming up on startup. So, I looked this up and I found this (From Microsoft):

1.Start>Run>Regedit>ok

2.Now navigate to the following key:-
HKEY_ LOCAL_ MACHINE\SOFTWARE\Microsoft\Win*dows NT\CurrentVersion\Winlogon

3.Look down the list in the Right Hand pane,scroll down to the value Userinit This value should read: C:\WINDOWS\system32\userinit.e*xe, (The comma at the end must also be there)

4.If the value is different from that mentioned above then Right Click on the Userinit value and, from the drop down menu, select Modify. Type in the value C:\WINDOWS\system32\userinit.e*xe,in the Modify dialogue box click OK

5.Exit the Registry.Restart your computer.

So I did, however, now when I log in it automatically logs out.
Any thoughts?
 

A:Solved: Computer logs in then immediately logs out

I do not know ehere you found this article suggesting the solution, but I can assure you that if you have typed correctly what it says the article is wrong.
It NEVER suggested Win*dows, unless it is a spoof article
and it never suggested typing e*xe.

Try F8 Last Known Good.
If no success try F8 Safe Mode.
If that does not work do you have the XP CD, without it, you now have a problem.

Is this the relevant part of the article you followed
To resolve this issue, follow these steps:

Back up the registry keys that you plan to edit before you modify the registry. For more information about how to back up the registry, click the following article number to view the article in the Microsoft Knowledge Base: 322756 How to back up, edit, and restore the registry in Windows XP and Windows Server 2003
Check the Userinit and PersistBrowsers registry entries to make sure that they contain the correct values. To check the Userinit and PersistBrowsers registry entries, follow these steps:
Click Start, click Run, type regedit in the Open box, and then click OK.
Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
In the right pane, right-click Userinit, and then click Modify.
In the Edit String dialog box, type Windows installation drive letter:\WINDOWS\system32\userinit.exe under Value data, and then click OK.
Locate and then click the following registry subkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVe... Read more

Read other 3 answers
RELEVANCY SCORE 58

I just moved into a house (a very old house) and my computer will freeze when trying to boot up windows (at various times during boot up). I have taken it to other places and had it work just fine. One of my room mates runs a similar computer and it runs fine. I have tried plugging in all over the house including where my room mate is plugged in. I can start up my computer in safe mode. This leads me to believe it must be something with the wiring of the house. The electrical in the house does not seam very good (lots of blown breakers) but I still cant figure out why one computer would run while another would not. I might be slow to respond because I don't have a computer!
 

A:Computer wont work in new house

Its possible, do you know what wattage your power supply is rated at? Your roommates may be a lower end one that consumes less, old outlets can be really bad with providing high wattage devices and computers in particular. I'm leaning this way because you said it works fine in other peoples outlets and that another computer works in the same circuit. You can start in safe mode because it disables the high end hardware (i.e. video card, sound card, etc) and that would technically lower the wattage required to use the machine.
 

Read other 26 answers
RELEVANCY SCORE 58

EVERY TIME I CHECK MY COMPUTER FOR VIRUSES WITH HOUSE CALL IT CRASHES AND DUMPS MEMORY?AND SOMETHING TRYS TO GET ON MY START UP (Moderator edit: moved post to HJT forum for team review. jgweed)Logfile of HijackThis v1.99.1Scan saved at 7:43:37 AM, on 13/03/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeD:\Program Files\ewido anti-malware\ewidoctrl.exeD:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exeC:\Program Files\Norton AntiVirus\navapsvc.exeD:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exeC:\Program Files\Norton AntiVirus\IWP\NPFMntor.exeD:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exeC: ... Read more

A:My Computer Keeps Crashing When Im Trying To Use House Call

Perform an onlinescan with Panda: (please use this scanner instead of any other scanner!)Panda Online- Once you are on the Panda site click the Scan your PC button- A new window will open...click the Check Now button- Enter your Country- Enter your State/Province- Enter your e-mail address and click send- Select either Home User or Company- Click the big Scan Now button- If it wants to install an ActiveX component allow it- It will start downloading the files it requires for the scan (Note: It may take a few minutes)- When download is complete, click on Local Disks to start the scan- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.Post the contents of the Panda scan report together a fresh HijackThis log

Read other 30 answers
RELEVANCY SCORE 58

Yesterday, the power went off in my house for unknown reasons. When I went to check my computer, it was off and when I tryed to turn it back on, it would not turn on. Now I don't know much about computers, so any ideas on what the problem could be would be really great.
 

A:Power goes out in my house, computer goes off and won't start.

the power supply maybe is damaged. could also be just the fuse for the power supply. you probably need to open the computer and check this first.
can you tell us what the computer actually does now. does it show any reaction when switching it on or is it just quiet and no fan or something moves, no sound, no nothing?

mscrx
 

Read other 5 answers
RELEVANCY SCORE 58

OK, I generally consider myself a skilled problem-solver when it comes to most tech support issues but this one is baffling me.

I have three roommates with whom i share a DSL connection. Everything has been going great, but all of a sudden this really strange problem occurs whereby after I've been online for awhile (awhile meaning maybe 5-20 minutes) everyone's web browsing will quit working at all. IM's such as MSN, AIM, etc still work fine, but web browsing no longer works.

Occasionally, it'll start cycling the modem's ADSL light meaning it is trying to re-establish a connection on the ADSL level; it stabilizes if i unplug from the switch that connects all the computers.

as soon as i am unplugged from the switch, the connection resumes for everyone else. That much is certain. My friend reported that while I was connected he could no longer ping the DNS servers.

When this problem originally started, I was operating under WinXP SP1a. I tried the following to fix the problem, to no avail:
- switch to a wireless network card (same exact problem occured with this new NIC)
- go into registry and remove all TCP/IP settings then reinstall TCP/IP over my NIC in order to re-initialize TCP/IP settings
- replace my winsock DLL with 'blessed' versions
and finally,
- install SP2

Now that SP2 is installed, the behaviour is slightly different -- no one else gets kicked off once my connection gets screwed. In firefox, when i try to load a page after t... Read more

A:My computer has been decimating the whole house's DSL access

Read other 7 answers
RELEVANCY SCORE 58

hi just wanted you guys to help me clean up this pre-built comp from its crap, thx

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:39:55 AM, on 03/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=73&bd=Pavilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search P... Read more

Read other answers
RELEVANCY SCORE 58

So I recently purchased a new PC from PC specialists. It arrived a few days ago and I'm having some trouble connecting it to our internet. Chipset drivers installed, wireless card drivers (Marvel Yukon 88E8056 PCI Gigabit Ethernet controller) installed, etc. Not left anything out in terms of drivers and firmware. So here's the problem, this computer barely even connects to the internet, sometimes one bar of signal, sometimes just nothing whereas my laptop (in the same room) that uses an Intel(R) WiFi Link 5100 AGN has full bars. Originally, I thought it to be the routers problem (it was nearly 8 years old) so we changed the router, we now have a Linksys E2000 wireless N router. I also thought it could be the wireless card, so I switched the PCI slots it was in which made no difference, and also purchased a usb network adapter to try that out, which also didn't work. I also tried fiddling with the security settings on the router, switching from wep - wpa and to no security at all and none of this helped. I'm stumped, and would really appreciate some help. Thanks in advance
Harrison Smith.
 

A:Wireless not getting picked up on one computer in the house

Positioning the wireless router

From Microsoft help:

Put your wireless router somewhere where it will receive the strongest signal with the least amount of interference. For the best results, follow these tips:

*

Position your wireless router in a central location. Place the router as close to the center of your home as possible to increase the strength of the wireless signal throughout your home.
*

Position the wireless router off of the floor and away from walls and metal objects, such as metal file cabinets. The fewer physical obstructions between your computer and the router's signal, the more likely that you'll be using the router's full signal strength.
*

Reduce interference. 802.11g networking equipment uses a 2.4 gigahertz (GHz) radio frequency. This is the same frequency as most microwaves and many cordless phones. If you turn on the microwave or get a call on a cordless phone, your wireless signal might be temporarily interrupted. You can avoid most of these issues by using a cordless phone with a higher frequency, such as 5.8 GHz.
 

Read other 2 answers
RELEVANCY SCORE 58

my computer is been acting up. i keep getting all kinds of stupid pop ups
and other crap. please help......

here is my hijack log

Logfile of HijackThis v1.99.1
Scan saved at 9:24:26 PM, on 4/22/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rmctrl.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security Professional\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security Prof... Read more

A:my computer is sick. is there a Doctor in the house?

I assume this is the same PC that you had us check out a few months ago? If you don't intend to post back a followup each time we give you a fix, there's no point asking for help here. If you want help, post back an updated log so we can verify if you are clean. Otherwise, you are probably still infected and didn't even know about it.

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. If you have Windows XP, the search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that 'Search system folders', 'Search hidden files and folders', and 'Search subfolders' are checked.

For the options that you checked/enabled earlier, you may uncheck them after y... Read more

Read other 4 answers
RELEVANCY SCORE 57.2

I am looking into getting a VPN to use for more internet privacy at my house (A house of several people and multiple computers) and have noticed with a lot of the VPN services out there that you can't make multiple connections from the same internet connection, which I would like to do. All the routers I have laying around are not capable of connecting via PPTP or whatever other VPN protocol from the router itself and that also isn't exactly what I want to do. I like the setup on Windows where you can create a new VPN connection and then it gives you a desktop icon you can click on to quickly connect to your VPN whenever you want and easily disconnect to use the normal internet connection. I would like to be able to have all the computers in my home capable of having this option, where by default they are using the normal internet connection and then multiple computers at once, if they wish, can connect to the vpn from an icon like this on the desktop. Searching around I came to this interesting guide on this ubuntu site about doing this very solution where you are technically connecting to a computer you have running on the local network as your "VPN" server which effectively routes all the traffic to your remote VPN connection so that your "server" computer is the only one connected but you can still use the VPN at will from any computer in the house.

I believe I would like to do precisely what is described in this thread, except on Windows XP:

htt... Read more

A:Use computer as server for multiple VPN connections in same house

Really? No one has the answer?

Read other 2 answers
RELEVANCY SCORE 57.2

my computer is a dell i just moved back home and can not connect to the internet with my computer. It runs vista and before i moved here it worked fine with wireless. I feel i have tried everything rebooting, reseting the modem and router my wifi capability is on, in the network and sharing center it shows my pc connect to the network but the network not connected to the internet wich is false cause im using the same internet right now on another computer beside my dell that wont work. when i run diagnostics it says the modem or router is not available. please help ive been trying to do this on my own for a month now. any advice is appreciated. thanks guys!
 

A:my computer wont connect but others in the house do just fine

The problem is the same for both ethernet and Wi-Fi connections?

What firewall or security suite is, or ever was, on the system?

Please attach a screen shot of the Networks page (don't collapse the Radar, Connection or Signal History) of the Xirrus Wi-Fi Inspector. If you need help with that see TSG Posting a Screenshot. FWIW to take screen shots with Windows 8 or 7 or Vista I prefer to use the built-in Snipping Tool.

Also show ...

Open a (black) Command Prompt window:
Hold the Windows logo key and press r; in the Run box type cmd and click on OK.

Type the following command:

IPCONFIG /ALL

[Note that there is no space between the slash and ALL.]

Right click in the command window and choose Select All, then hit Enter.
Paste the results in a message here.

If necessary use a text file and removable media to copy the results to a computer with internet access.
 

Read other 1 answers
RELEVANCY SCORE 57.2

Shooting zombie PCs in the head.
The IETF is developing a standard for how ISPs should go about cleaning up subscriber botnet infections.
A draft standard from the net standards body covers techniques for identifying compromised machines, how to notify affected customers and what advice to give them on the best way to clean-up infections - a sometimes tricky process. The IEFT's Recommendations for the Remediation of Bots in ISP Networks can be found here.



Link -
IETF forges botnet clean-up standard ? The Register

Read other answers
RELEVANCY SCORE 56.8

A total non-tech guy here. Have old Dell desktop connected to Comcast modem (ARRIS TM502G). When Comcast set it up they used USB connection rather than ethernet. Recently bought new Dell desktop and Netgear wireless router. Tried setting new computer/router up to modem. Router is looking for a static IP address, but Comcast says I am set up for dynamic. Finally gave up on setting up router and have just been trying to get new computer to connect. Feel like if I can get computer to connect I can get the router set up. So I don't even mention router to Comcast anymore. After telling me mulitple times how to power cycle everything, and me doing so 57,000 times , they blamed Windows 7 and told me to call Microsoft. Instead I hired a tech guy to come help. He had no luck at my house so took the new machine home with him, and instantly connected to internet with his Comcast modem. So he brings it back and says it's on Comcast's end. Getting nowhere with Comcast. I explained (mulitple times) that it's connecting on the tech guys modem but they continue to say the computer is not set up correctly but have yet to help me out. I asked for a Comcast tech to come take care of it but they say they will but if it's not a Comcast issue I will have to pay for tech visit. I wouldn't know enough to know if it was a Comcast issue or not so would have to take his word - so not excited about this prospect. Again, have power cycled everything every different way possi... Read more

A:New computer will not connect with Comcast modem

Read other 9 answers
RELEVANCY SCORE 56.8

Well I got [COLOR=blue! important][COLOR=blue! important]cable [COLOR=blue! important]TV[/COLOR][/COLOR][/COLOR]

for my computer I have it hooked up to my monitor ([COLOR=blue! important][COLOR=blue! important]HP[/COLOR][/COLOR] LP2475w) with component (Red, Blue, Green) and for sound I have a SPDIF ([COLOR=blue! important][COLOR=blue! important]digital[/COLOR][/COLOR] Coax) from the cable box Spdif to my mobo (Asus P6T)
I have updated my realtek sound drivers, and still no sound for my [COLOR=blue! important][COLOR=blue! important]cable[/COLOR][/COLOR]

.... I also went to the realtek panel and switched from Speakers to Realtek Digital output, and still no sound for cable.... I wont lie I have no clue what I am doing Thanks for any help!!!!!

Read other answers
RELEVANCY SCORE 56.8

I had Comcast internet installed on my 4-yr old Gateway computer and now my computer won't shut down.  Comcast said it's a computer issue and not theirs.  The only way it shuts down is if I put it on Log Off and sometime during the night is shuts down.  The next day, I get a message that my computer was not shut down correctly.Carol Kulik

A:I had Comcast internet installed, now my computer ...

Navigate to the folder:  C:\Program Files\comcasttb (C:\Program Files (x86) on 64 bit systems). Click on comcasttb and you'll see a new folder "comcast antispy" open that contains an uninstall file. Run the uninstall program.  Reboot your system and double check the process is no longer running (Task Manager).  You'll then need to manually remove the folder called "comcasttb".  If the comcasttb folder is not located in the Program Files folder, you will need to search your hard drive for it.

Read other 9 answers
RELEVANCY SCORE 56.8

I had Comcast internet installed on my 4-yr old Gateway computer and now my computer won't shut down.  Comcast said it's a computer issue and not theirs.  The only way it shuts down is if I put it on Log Off and sometime during the night is shuts down.  The next day, I get a message that my computer was not shut down correctly.Carol Kulik

A:I had Comcast internet installed, now my computer ...

Navigate to the folder:  C:\Program Files\comcasttb (C:\Program Files (x86) on 64 bit systems). Click on comcasttb and you'll see a new folder "comcast antispy" open that contains an uninstall file. Run the uninstall program.  Reboot your system and double check the process is no longer running (Task Manager).  You'll then need to manually remove the folder called "comcasttb".  If the comcasttb folder is not located in the Program Files folder, you will need to search your hard drive for it.

Read other 9 answers
RELEVANCY SCORE 56.8

My internet is so painfully slow on my desktop computer. It works perfectly fine on all the other laptops/tablets in the house, (roughly 6-10mbps) whilst my desktop only gets 0.4mbps (sometimes less). It is so slow I cannot even load a webpage - it makes the desktop unusable. It has not always been this slow. I have ran a malware bytes scan and nothing came up. I did a factory reset, and it changed nothing. I have updated my wifi drivers.
My specs are:
CPU: AMD FM2 A8 6600K APU Quad Core CPU 3.9Ghz (turbo 4.2Ghz)
Motherboard: Gigabyte F2A68HM-HD2
Memory: 16GB DDR3 1600mhz Memory
Graphics Card:ATI 8570D APU Graphics
Hard Drives: 1TB Seagate Sata 7200RPM 6Gb/s Hard Drive
I have an ASUS USB N-10 150MBPS 11n Wireless USB Dongle.

Please tell me any information I need to include to fix this problem as it is driving me insane.
 

A:Wireless internet unbelievably slow on one computer in the house

Press the Windows flag key + R and in the open run field type; cmd (press enter)
Enter the following command: netsh wlan show all > net.txt & net.txt (press enter)
Notepad should open, you can either copy and paste the information in your next post or
save the notepad and attach it to your next post.

What Anti-Virus/Security Suite are you using?
 

Read other 3 answers
RELEVANCY SCORE 56.8

Gentlemen,

Ever since a short while ago my computer has been making weird noises (like a fly is trapped in there, and clapping its wings like crazy). Also since recent we heven been experiencing our house losing power, while the rest of the street has no problem at all.

Now this could all just be a coincident but its not impossible for a computer to pull a mass amount of energy and causing these power outages, right?
Anyway, i have no idea how to test all this, but is there a program that lets you see all the power use and most important, that when the power fails again, and we get the power going again, i can be able to see that before the outage if there was a big uptake of power by my computer?

Thanks

A:Computer makes a weird noise, and the house has no more electricity

what country are you in


Quote:




Also since recent we heven been experiencing our house losing power,




do you mean the circuit breaker is tripping in the fuse box and therefore losing power to the house.
But from the description of
Quote:




while the rest of the street has no problem at all




I suspect the fuse box is OK
can you explain more in detail

Read other 5 answers
RELEVANCY SCORE 56.8

My computer is the most powerful in my home. It has the most RAM, GPU power, CPU power, ect. It's got all the fancy bells and whistles compared to the others. However, despite all that, my mother's laptop which is old, still runs on XP, filled with junk files, and runs much more slowly on the CPU power has a much stronger internet connection by up to 5x.

Here's some basic connection information:
Wireless connection on both computers.
Wireless Connection Speed Status on my computer reads 11/18 mbps (it changes between the two). It used to be a mere 2mbps, but I changed the channel in router settings to the default number (11) and that boosted it up.
Speedtest.net has my download speed at 4-5mbps on average. Upload is 3-4 on average.
Mother's crappy laptop gets nearly 20 mbps for download speed and 8-10 upload speed on Speedtest.net (54.0 mbps on Speed Status)

Here's some information on what I noticed and the steps I have already taken:
As stated above, often it would drop so slow that watching Youtube videos above 360p was impossible. I found I needed to change my router channel on my PC since there was interference. That helped my 0.5-2.5 mbps internet jump up to 4-5mbps (according to speedtest.net).
I have ran a virus scan/malware scan/defrag/computer cleanup/registry cleanup/ect.
Firewall is off and anti-virus is turned off.
I have attempted using Google's free DNS server.
I have also attempted a simple resetting of the router and restart... Read more

A:Most Powerful computer, but slowest internet connection in the same house.

do you still have an issue or is it resolved now ?

post an xirrus screen shot here
------------------------------------------------------------------------
Run Xirrus Wi-Fi Inspector
Download and install
If you cannot access the internet with this PC, then you will need to copy the program across to the faulty PC
Save the file to a USB flash drive or other removable media. Plug it into the working computer with internet access and copy the file and install the program.
You will now need to take a screen shot and copy that back to the working PC and attach the screen shot in a reply on the forum here.

If you do not have another PC - do you have a phone connected to the internet - can you photograph the result and post the image in a reply

http://www.xirrus.com/Products/Wi-Fi-Inspector.aspx
( the site now appears to require a business email, and does not allow webbased emails like gmail,hotmail or yahoo etc )

Use the links below

http://www.pcworld.com/downloads/file_download/fid,77196-order,4/download.html
http://www.softpedia.com/progDownload/Xirrus-Wi-Fi-Monitor-Download-99109.html

Then run and install the program - on a wireless enabled PC/Laptop
if you get an error - You need will need to have NET Framework installed for the WiFi Inspector to function.
On windows 8 - (i do not have windows 8) but, it would appear that, When you first try to run, you may get a message that .net framework is needed, and included in that message is a link to download/install.

Run... Read more

Read other 1 answers