Over 1 million tech questions and answers.

Virus/Trojan -- "gutigiwiz" and "yavuhoki.dll"

Q: Virus/Trojan -- "gutigiwiz" and "yavuhoki.dll"

Maybe you can help... I found a virus or trojan (don't really know which) and was able to boot in safe mode and disable it at startup. I don't think it bothers my system anymore but I'd like to know a safe way to remove it, but when I look up either name above I find absolutely nothing.

When I look in System Config, under the Startup programs where I disabled this, it reads as:

Startup Item: gutigiwiz
Manufacturer: Unknown
Command: Runndll32.exe "c:\progra~2\yavuhoki\yavuhoki.dll",a
Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Has anyone heard of this, and can you give me a hand? I'd really appreciate it, thank you. ~RTG

RELEVANCY SCORE 200
Preferred Solution: Virus/Trojan -- "gutigiwiz" and "yavuhoki.dll"

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Virus/Trojan -- "gutigiwiz" and "yavuhoki.dll"

Hi and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance.

http://www.techsupportforum.com/f50/...lp-305963.html

If you have problems with any of the steps, simply move on to the next one and make a note of the problem in your reply.

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply - it may take a few days.

This thread will now be closed.

Read other 1 answers
RELEVANCY SCORE 165.2

Hey everyone,
        I am trying to get the REST queries to work with the sharepoint end points instead of graph end points. I first created an app with relevant permissions and have given it the admin consent. Then I am hitting the https://login.microsoftonline.com/<tenant>.onmicrosoft.com/oauth2/token?Content-Type=application/x-www-form-urlencoded end
point with https://<tenant>.sharepoint.com as resource. I am then using the access token retrieved to give the rest call to https://<tenant>.sharepoint.com/_api/v2.0/drives/b!3indYSbqZ0-hVSPnCgIZy-2xDMh7jH9AuQnEzJMc6TEfQoSJvJT-R6tT0lFBQiPr/root/delta
but it is failing with "error":{"code":"generalException","message":"General exception while processing"}}. The REST response code is 401 Unauthorized. I have filed a Microsoft support ticket but they
have asked me to post on these forms. Can someone please help me with this? I am not able to move forward because the error is pretty generic and doesn't give any additional details.
Thanks,
Sai Kiran Katuri.

Read other answers
RELEVANCY SCORE 153.2

In Windows XP, fully updated, I have several folders full of mp3's and want to see the bit rate and duration. I right click on a column heading and select "Bit rate". I then click on "More..." so I can get to "Duration", and I select that one too.

But all the figures in the "Duration" column appear to be in "hours" and "minutes", so I see "00:04" or "00:03", but what I want is "minutes" and "seconds".

Any thoughts as to how to change this?
 

A:Solved: Windows Explorer "Duration" Column - no "Seconds", just "Hours" and "Minutes"

Read other 16 answers
RELEVANCY SCORE 151.6

I am running Windows XP SP3, fully updated, on an Acer lap top PC.

I have several folders full of .mp3's and want to see the bit rate and duration. To do this I right click on a column heading and select "Bit rate". I then click on "More..." so I can get to "Duration", and I select that one too.

The two new columns appear, but the format of the "Duration" column appears to be "hours:minutes", so I see "00:04" or "00:03" for most .mp3's, when what I want to see is 'hours:minutes:seconds", e.g. "00:03:45".

This also happens for video files (.avi files), e.g. all my episodes of "Heroes" (sad, I know) have a duration of "00:42" instead of "00:42:xx".


Here are two pictures showing the problem with the .mp3's. The first is of Explorer showing the Duration as "Hours:Minutes":




The second picture is of the properties window of the first .mp3 in the list above:




I copied some .mp3 files to another (old) PC on my home network, and it displayed the duration field correctly:




Also, the properties window correctly shows the duration also:





I'm not the only person to have this problem. I received a private message from a member of another forum where I posted about this problem several weeks ago. That person also has the same problem with the duration field.

The tech guys on that forum were unable to find the source... Read more

A:Windows Explorer "Duration" Column - no "Seconds", just "Hours" and "Minutes"

* bump *

Tricky, this one!

Read other 8 answers
RELEVANCY SCORE 144.8

My office just upgraded, and I can no longer use Windows XP. On this system, I was able to add a separate taskbar to facilitate quick access to commonly-browsed folder locations on our vast network, and another one expedited the launching of useful programs and lists. Each task on each taskbar was represented with a big custom icon to save eye strain. I had them installed in opposite vertical margins, and they were set on auto-hide to keep them out of the way when not being used. Just move your mouse pointer to the left or right margin, and BAM! Sorry for the cliche, but I really got used to the convenience of what I had set up, and I just don't think I can be as efficient without anything comparable.

Now there appears to be nothing comparable in the Windows 7 GUI, and it's making me sick with rage! I see only the option to put a "toolbar" on an existing "taskbar", and no option to create any additional taskbars! This cramps up your one-and-only taskbar, plus the tiny toolbar access buttons require way too much precision for anything that's supposed to be quick. When you've figured out how to bring up that ridiculous button, the list that it yields is small enough to cause painful eyestrain - nothing efficient, much less cool about this at all! I have seen customization options in other OS GUIs that may have resolved some of these issues, but I see none such in W7.

I have tried every google search string that I can think of, and found... Read more

A:Need to add "TASKBARS" (MSese for "Launchpads", "Docks" NOT "Toolbars"

Several possibilities here: Second taskbar in windows7? [Solved] - Windows 7 - Windows 7

Read other 1 answers
RELEVANCY SCORE 144.4

Hi,

When our website users click on an html attachment embedded on a web-page in IE9, the download manager will not display the "Open" option. It will only display "Save" and "Cancel" which our users don't like, having to save the
html document in a folder to open it. Whereas, when downloading attachments like pdf, word etc. all three options are displayed. 

Is there any setting to tweak , which will display all the 3 options for HTML attachments as well?

A:IE9 download manager will not display "Open" option (only "Save" and "Cancel" is displayed) for downloading HTML documents.

Hi,
As you know, the Open-Save-Cancel dialog box helps you prevent your computer from affecting by virus while downloading. 
So I suggest you test to reset all zones to a lower level temporarily and then please attempt to download this html attachment again.

However, since you can normally download the other documents, I suspect there is some restriction in the website which you are trying to view. I recommend you to contact the administrator of that website if possible.
could you please send me the link of the website from where you are trying to download the html attachment?
Thanks!


We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Read other 6 answers
RELEVANCY SCORE 144.4

I got my dell few days ago. Installed it with Samsung EVO 850 SSD 500 Gb and Kingston 8GB PC3L - 12800 SODIMM.The Windows 10 Home OEM home is installed on HDD 1TB so I decided to use Samsung Data Migration software to clone the data to SSD. However, the OS crashed and decided to install a fresh Windows 10 Enterprise to SSD and deleted the previous OS on HDD using diskpart.Now after Installing Windows 10 Ent OS files. Every after BIOS run, I got BSOD errors "MEMORY MANAGEMENT" + "Page Fault it non paged area" + "IRQL NOT LESS OR EQUAL" 

Read other answers
RELEVANCY SCORE 143.6

I am infected with this crap and have used the following tools to try to get rid of it:
Windows Defender, Unible PowerSuite (SpeedUpMyPC, Registry Booster & Spyware Protector) and Norton's One Button Checkup and WinDoctor.

Not sure if it's related, but my DISPLAY is locked at 640 X 480.

Atempted the 5 Step Process before posting and Panda ActiveScan froze and crashed after scanning 59253 files, but not before identifying 28 spyware files.

Here's my extra.txt log from Deckard's:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.80GHz
Percentage of Memory in Use: 36%
Physical Memory (total/avail): 1277.95 MiB / 810.39 MiB
Pagefile Memory (total/avail): 1516.89 MiB / 1165.44 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1930.88 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 37.21 GiB total, 18.7 GiB free.
D: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - ST340014A - 37.25 GiB - 1 partition
\PARTITION0 - Unknown - 39.19 MiB
\PARTITION1 (bootable) - Installable File System - 37.21 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled... Read more

A:Netsky Worm-Popups-The Three Icons - "Error Cleaner" "Privacy Protector" "Spyware..."

Bump.

Read other 14 answers
RELEVANCY SCORE 143.6

I am trying to use the fsutil file setshortname to set "Program Files" to PROGRA~1,

but the system is giving me an "Error: Access is denied" response.
what I have typed:
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.
C:\Windows\system32>cd /d D:\
D:\>fsutil.exe 8dot3name set 0
The registry state is now: 0 (Enable 8dot3 name creation on all volumes).
D:\>fsutil file setshortname "Program Files" PROGRA~1
Error:  Access is denied.
And I try it in Safe Mode.It is also "Access is denied.".
Can someone
help me?

A:"fsutil file setshortname "Program Files" PROGRA~1"=>"Error:Access is denied."

Hi TimFF,
This might be related with the UAC settings, check this thread:
give full permission for the users in program
files folder
The steps in the above thread is not recommended.
For the short name usage, we may consider to create a directory-junction from
PROGRA~1 to C:\Program Files:
With the following commands:
mklink /J "C:\PROGRA~1" "C:\Program Files"
Reference:
Mklink
Best regards


Michael Shao
TechNet Community Support

Read other 3 answers
RELEVANCY SCORE 142.8

It seems that no matter how I set this, after the next start-up it reverts to "15 minutes".  What registry key controls this?

Read other answers
RELEVANCY SCORE 142.8

Ok, so im new here so hey everybody..

to the point: my laptop is "stuttering"/lagging/skipping.
whatever you wanna call it its doing it.
my video/music/and cursor skip every second for a splt second it starts on start-up and dont stop til i turn my laptop off. it happens in a pattern its not random, ive done checked my drivers, spyware, and m RAM is good.. so can someone please help me? ***could it be because my battery wont hold a charger? so it has to be hooked up to the charger at ALL times or it dies Example: is the charger not got the "juice" to run the laptop by itself so it studders/skips..*** i dont know if this has anything to do with my problem but i ran "event viewer" and found this : The following boot-start or system-start driver(s) failed to load:
Cdrom
Imapi
redbook

PLEASE HELP




OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Genuine Intel(R) CPU T2250 @ 1.73GHz, x86 Family 6 Model 14 Stepping 8
Processor Count: 2
RAM: 502 Mb
Graphics Card: Mobile Intel(R) 945GM Express Chipset Family, 224 Mb
Hard Drives: C: Total - 39723 MB, Free - 23484 MB; D: Total - 12684 MB, Free - 3633 MB;
Motherboard: Dell Inc., 0FF049, , .HWPLLB1.CN1296167S5169.
Antivirus: McAfee VirusScan, Updated: Yes, On-Demand Scanner: Disable
 

A:Solved: Whole computer "studders"/"skips"/"lags" .. have event viewer report (PLEASE

Read other 6 answers
RELEVANCY SCORE 142.8

I double-click and get "search" instead of "open"--only when I click a disk, like Hard Drive C: or Floppy A: or CD F: and so on.

It didn't used to do this, so I must've inadvertently changed some setting somewhere, but darned if I can find it now.

Any ideas?
 

A:Solved: On the "my computer" list, I double-click on disks and get "search" instead of "open"

Read other 12 answers
RELEVANCY SCORE 142.4

Hello
I have been experiencing some problems with my computer recently. Firstly, my virus scanner (AVG) keeps on finding a virus called 'not-a-virus:RemoteAdmin.Win32.WinVNC-based.f' and some trojans called 'Trojan.JavaClass'. I have also been getting random pop-ups whenever I have been browsing the internet, and my computer seems to be running very sluggish, especially at startup.

I also believe that, last week, someone gained remote access to my computer, as all of a sudden, my mouse wouldn't move properly and the computer became really slow. This only stopped when I engaged the internet lock on my Zonealarm firewall.

Today, I was asked by Zonealarm to give a program called spoolsv.exe "access to privileged rights" which I have never seen before for this program. When I looked at the properties of spoolsv.exe, it said that it was created in 2006 but modified in 2005 (???), and so therefore didn't allow the program access. (I don't know if that has anything to do with the problems that I am having but thought I would mention it)

I have done "the 5 things you need to do" before posting a blog; here are the files requested:

Panda Scan:

Incident Status Location ... Read more

A:[SOLVED] &quot;not-a-virus&quot; virus and &quot;javaclass&quot; trojan keep appearing on virus scans

Bump.

Read other 4 answers
RELEVANCY SCORE 141.2

Ok, so im new here so hey everybody..

to the point: my laptop is "stuttering"/lagging/skipping.
whatever you wanna call it its doing it.
my video/music/and cursor skip every second for a splt second it starts on start-up and dont stop til i turn my laptop off. it happens in a pattern its not random, ive done checked my drivers, spyware, and m RAM is good.. so can someone please help me? ***could it be because my battery wont hold a charger? so it has to be hooked up to the charger at ALL times or it dies Example: is the charger not got the "juice" to run the laptop by itself so it studders/skips..*** i dont know if this has anything to do with my problem but i ran "event viewer" and found this : The following boot-start or system-start driver(s) failed to load:
Cdrom
Imapi
redbook

PLEASE HELP
 

A:Whole computer "studders"/"skips"/"lags" .. have event viewer report (PLEASE HELP)

**(DONT KNOW IF THIS WILL HELP..)***

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Genuine Intel(R) CPU T2250 @ 1.73GHz, x86 Family 6 Model 14 Stepping 8
Processor Count: 2
RAM: 502 Mb
Graphics Card: Mobile Intel(R) 945GM Express Chipset Family, 224 Mb
Hard Drives: C: Total - 39723 MB, Free - 23484 MB; D: Total - 12684 MB, Free - 3633 MB;
 

Read other 2 answers
RELEVANCY SCORE 140.8

ok!!!!!!!!!! what is it and how do i fix it,,,, eyes crossed knees woobly help?????????????????????
 

A:[Solved] mplay32.exe,1"/play/close"%L"." and sndrec32.exe"%L"."

Read other 9 answers
RELEVANCY SCORE 139.2

Hi everyone!

Yesterday my HP laptop (Windows 7) started getting BSOD with various types of errors (mostly "STOP: 0x00000F4", "STOP: 0x0000007A", "c00021a" and one "missing %hs, c0000135"). Most of the time it restarts without any issues and works fine right after the BSOD and then an hour or two later I get a BSOD again.

I have tried restoring to Last Known Good Configuration, startup repair, hard disk check, virus scans and I also uninstalled any recently added programs I could think of and cleared up more than 50% of my hard disk space. None of these seem to have helped and I still get BSOD regularly.

I have attached the folder from the SF Diagnostic Tool and would appreciate any advice!
Thank you!

A:BSOD every few hours: mostly "STOP: 0x00000F4", "c00021a" & "c0000135"

Welcome to the forum.

MSINFO32:
Please go to Start and type in "msinfo32.exe" (without the quotes) and press Enter
Save the report as an .nfo file, then zip up the .nfo file and upload/attach the .zip file with your next post.
Also, save a copy as a .txt file and include it also (it's much more difficult to read, but we have greater success in getting the info from it).
------------------------
Upload a screenshot using: CrystalDiskInfo For how to upload a screenshot or file, read here
Test your Hard Drive(s) by running: Hard Drive Diagnostic Procedure
------------------------
Test and Diagnose RAM Issues with Memtest86+: RAM - Test with Memtest86+


   Tip
Pay close attention to Part 3 of the tutorial "If you have errors"
Test the RAM with Memtest86+ for at least 7-10 passes. It may take up to 22 passes to find problems. Make sure to run it once after the system has been on for a few hours and is warm, and then also run it again when the system has been off for a few hours and is cold.


------------------------
Monitor hardware temperature with system monitoring software like Speccy or HWMonitor. Upload a screen shot of the Summary tab as well:Piriform - Speccy
CPUID - HWMonitor
For how to upload a screenshot or file, read here

Code:
*******************************************************************************
* *
* Bugche... Read more

Read other 5 answers
RELEVANCY SCORE 139.2

Hello guys, the last week I've been strugling with these nasty BSODs. At first I thought it was my HDDs as ntoskrn.exe somewhat hinted towards that from googling it. My HDDs have been causing a lot of trouble earlier as well due to their somewhat long years of service. However, I've recently reformated my computer and installed W7 on a brand new Corsair Force GT 120GB SSD hoping the BSODs would go away, they didn't.

I googled BSOD and I stumbled upon this forum and I thought I'd give it a try. I'm somewhat desperate, as I need my computer working for both work, school and amusement.

I've been trying to run Memtest in order to test my memory but without any results. I'm also currently running on only on 4GB chip instead of two, to see if the problem still exists. Also, without any results.

This is the second time I'm writing this thread btw, I was just about to post it and my PC crashed.

Here is my two logs + dxdiag (last crash didn't generate a log oddly enough).

Here is additional hardware/gear that I use:

Razer Megalodon 7.1 Headset
Razer Naga
Logitech G19
Logitech C920 (Webcam)
Corsair 750W PSU

My temperatures are also good. Both CPU and MB idles at around ~25. GPU's all good too. I'm also using a Corsair 650D chassi with dustfilters at both air-income so dust is minimal. On top off this, I use airpressure to clean away dust somewhat regularly and I also did exactly this 2 days ago when I reinstalled the pc.
... Read more

A:BSOD - "Memory management", "Bad pool header", "ntoskrnl.exe"

Are you over-clocking? Is the bios set to its defaults? Is the SSD set on a SATA 3 port in AHCI mode?
 

Read other 5 answers
RELEVANCY SCORE 139.2

I am using Windows 7 on my laptop and I have question about when to use "Home", "Work" and "Public" profile.

If I am logging in without setting password, and I am logging in network with "Public" profile, then will any other user, who can see my computer, be able to enter my computer and check the contents on my computer ?

I am connecting to a network and there are 6 other users connected to this network. In the set network location window, if I select the netwoek as "Home", does it mean that other 6 users will not be able to see my computer on network and if I use "Public", then all other six users will be able to see my computer on network ?

Thanks

Read other answers
RELEVANCY SCORE 139.2

Ok so I'm using a custom visual style made by another user however I don't really like the buttons used that I mentioned above. The creator states it is acceptable to change the theme to however you like as long as you don't redistribute it anywhere.

Ok so I opened up the .msstyles file (using Restorator) located in the theme folder of this VS. I went into the images directory and located what seems to be the images used for the buttons. Intuitively, it seems like it would make sense to replace those images with different ones (perhaps from another visual style) and it should change them. However, would this actually work? Could the theme get messed up in some other way (like proportions or something if the new button images are smaller)? I don't know of any other way to change them that would be easy.

But I did run into another problem. For some visual styles I can't even locate those buttons in the images directory. Where else would they be?

A:Changing the "minimize" "maximize" and "close" buttons of a theme

Use Windows Style Builder to do that...

Read other 9 answers
RELEVANCY SCORE 139.2

Hi all,

So I'm kind of stuck.. I currently have the problem where I am in an endless cycle of "loading files" -> "Windows Boot Manager" (see: How To Boot Into Safe Mode On Windows 8 (The Easy Way)).
I have tried to load all of the options -- and none successfully load.
I also end up at a OneKey Recovery as well.. unfortunately, the laptop does not have initial backup or user backup images.
I have a Windows 8 CD for repairing purposes.. however, I cannot load the BIOS/UEFI to change the boot order to load the optical drives first. I have also tried to remove the CMOS battery to fix it.. did not work. .
Also - Windows Boot Manager:
Windows Setup [EMS Enabled] -- does not load properly (leads to OneKey Recovery) Safe Mode (does not load properly) Safe Mode with Networking (does not load properly) Safe Mode with Command Prompt (doesn't load - tries to boot and load all files onto partition that is too small.. can't change partition?)
Enable Boot Logging Enable Low-Resolution Video Debugging MOde Disable automatic restart on system failure Disable Driver Signature Enforcement Display Early Launch Anti-Malware Driver
Start Windows Normally
Any ideas would be greatly appreciated! Thanks!

Read other answers
RELEVANCY SCORE 139.2

Example sentence: vrytim I prss ths kys, nothing happns. Now I'm writing with my on-sreen keyboard. I'm clueless when it comes to computer stuff. How do I fix this? Is this a software problem, or a hardware problem?Help is much appreciated!

A:Kyboard deos not respond to the keys: "e", "d", "c" and "3"

My keyboard hath the thame problem with the thupid eth key. The blathted thing ith driving me nutth.

All theriousneth...er...seriousness aside, usually, that is a hardware problem. Can you find or borrow another keyboard and see if it will work correctly on your machine?

Read other 6 answers
RELEVANCY SCORE 138.4

Got my computer back today (Windows XP), and my background is now all green with a black box in the middle saying "Your System Is Infected...etc"

Also a red circle with a white X in the task bar

I can't open the task manager

Can Anyone Help???...

Downloaded HiJackThis

My log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:51 AM, on 12/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\i... Read more

Read other answers
RELEVANCY SCORE 138.4

Got my computer back today (Windows XP), and my background is now all green with a black box in the middle saying "Your System Is Infected...etc"

Also a red circle with a white X in the task bar

I can't open the task manager

Can Anyone Help???...

Downloaded HiJackThis

My log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:51 AM, on 12/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\sy... Read more

A:"Your System Is Infected" Background + "Internet Security 2010" virus/malware problem

Hi and welcome to TSF.

I'm afraid HijackThis no longer provides the information we require.

We want all our members to perform the steps outlined in the link given below, as far as they possibly can, before posting for assistance.

http://www.techsupportforum.com/f50/...lp-305963.html

If you have problems with any of the steps, simply move on to the next one and make a note of the problem in your reply.

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply - it may take a few days.

This thread will now be closed.

Read other 1 answers
RELEVANCY SCORE 138

virus.. popup "Malware Wipe" "the spy guard" and alot of commercials like porn poker and more crap..
this is what I get when I start internetexplorer
Recommended Anti-Spyware Software: Pest Trap, Malware Wipe, Spy Guard Internet Security

TOP RATED
Pest Trap
Most popular spyware/adware cleaner software all over the world. Cleans all known viruses and worms.

Visit Website Free Scan
Malware Wipe
Became one of the most popular programs very fast. It`s really easy to use and at the same time very effective.

Visit Website Free Scan
The Spy Guard
Developed as the most efficient spyware cleaner with realtime protection.

Visit Website Free Scan
Brave Sentry
Award-winning spyware removal utility that will help you fighting all kinds of spyware including keyloggers, trojans and password thieves.

Visit Website Free Scan
AD Protect
World's leading software application that checks, protects and re-checks spyware and spam vulnerability in your home computer.

Visit Website Free Scan

WARNING! YOUR SYSTEM IS VULNERABLE TO HACKERS' ATTACKS AND BREAKDOWNS!
Attention! Your system is currently exposed. Any remote computer can easily browse following folders and files on your computer:
- \Windows\System32
- \Program Files\Internet Explorer
- \My Documents
- Drive C:\ files
Click here to download official intrusion detection system (IDS software)
YOUR PRIVATE INFORMATION IS IN OPEN ACCESS TO OTHER COMPUTERS
Your... Read more

A:Solved: virus.. popup "Malware Wipe" "the spy guard" and alot of commercials

Read other 14 answers
RELEVANCY SCORE 137.6

Hi All, Happy New Year!

First time posting... On 1/3/08 i ended up with a bunch of viruses on my computer. From what I can gather they are bad news. I down loaded PC Tools to do a search and found a bunch of Trojans and other nasties...

I have uploaded a screen shot of the PC Tools scan...

In the "C:\Program Files\Video Add On" folder the following can't be deleted:
icmtr.dll
icthis
isfmdl.dll
isfmm
isfmntr

In the "C:\Program Files\Helper" folder the following was found:
turbosearchsite.dll e404 Module

What is this? Do I need the file in Helper?

Please help!

PS: I am not a techno savvy guy. I kinda know what is going on but only enough to get myself into trouble and not be able to get out! I tried a few things to get rid of them but was unsuccessful.

From what I have seen I will be here for a bit. Thanks in advance.

bassndude (that's Bass as in the fish not the musical instrument ;-)
 

A:Infected: "Video Add On" and "Helper" folder that contain Trojan viruses...HELP

Read other 16 answers
RELEVANCY SCORE 137.2

The "Idle-time Full System Scan" in Norton 360 v4 is bogging down my computer constantly, and there is no option to turn it off in "Automatic Tasks".

I contacted Norton and (after several attempts to find someone at Norton who could understand what I just said above and getting "hung-up" on over Norton chat. Inexcusable!!!) I was able to get a hold of a technician who told me that Norton intentionally removed this option "for security reasons, because they didn't want people turning it off".

The problem is, people will then be forced to turn it off by turning off ALL scheduled tasks (under "Settings/Scheduling/Schedule:Manual Schedule") and that is an even worse security problem than the relatively small one that would be created by turning off idle-time full system scanning.

Once the system has completed a full system scan, all files are on-access scanned anyway, so running a full system scan every 3-4 days is rather silly and extremely annoying--especially, because it will continue to try to run every time the system is idle if you cancel it.

A warning urging the user to not turn off idle-time full system scans without fully understanding the risks, and after explaining the risks, would be VERY preferable. Or at least the option to run the full system scans when the system is idle on a certain day of the month/week! The schedule for idle-time full system scans really needs to be separate from other tasks. In fact, t... Read more

Read other answers
RELEVANCY SCORE 137.2

I think I am infected with Malware, Spyware, or some type of virus. My desktop background has become a bright red screen with a toxic symbol on it and underneath it, it says "Your Privacy Is In Danger!" On the bottom right, in the taskbar, right next to the time and date, it says "Virus Alert!" My computer is also attempting to run anti-Spyware programs all by itself, opening browsers with websites to Spy programs and pop-ups warning me of possible hackers. Below is my HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:36: VIRUS ALERT!, on 7/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched... Read more

Read other answers
RELEVANCY SCORE 137.2

my computer was hijacked by "support tool" a so called virus protection hijacker. i'm in safe mode with networking now & attached you see my hjt log file. help please. THanks!

actually, i'm on a different computer. it has windows xp home ed. & its a dell inspiron 530S

also, in trying to fix the problem initially, my wife deleted the file "rundll32" beacause the virus stated that had a virus error. so this file may be missing as well & we may need to replace it.
 

A:Computer Hijacked by "Support Tool" "Virus Protection" Prog

I posted this yesterday to get help for a "Support Tool" hijack on a computer. Please help. Log file attached. Thanks.
 

Read other 3 answers
RELEVANCY SCORE 137.2

hi every body
My PC has lots of files called "Thumbs.db" & "System volume information" in all its drives.I cant delete these files and I think the cause of shutting my pc down automatically and showing blue screen is these files.the operating system is win xp/sp2.
I don't know what to do with these and what anti virus will delete them.please help me.
thanks
 

Read other answers
RELEVANCY SCORE 136.8

Ok, so i am new to this site and please be understanding if i do not know what to do at some points. I have AVG anti-spyware and AVG anti-virus, both free and home edition. I was on my computer and i was downloading some software and an AVG screen popped up and said threat detected, it was in red which meant it was at high risk.. I have about maybe 7 of these pop up in the last 5 days i guess. Some of the ones that popped up were the trojan virus and then others popped up as the " Virus Found Lop ".

I have had problems now on my computer because of this. I use Mozilla Firefox but i also have Internet explorer. When ever i would open IE a little box with pop up from IE and saying that i have security and privacy issues. It would say that my whole computer could be at risk and i could lose important information. My computer is very slow now, i will click to open my internet and it takes about just under a minute to load. SOme sites do now work and others do. I also have been have Adult sites pop up.

I ran my AVG anti-virus and it came up clean all the time. I would only know i have a virus or whatever when it pops up like i said before, ( " Threat Detected" ). I have ran my AVG anti-Spyware and it came up with 4 or 5 medium risks so i just deleted them.

When the threats were detected by AVG anti-virus they were not heal-able so i put them in the virus vault. After a day or so i just deleted them from the vault. Im not sure if that was the right idea or s... Read more

A:" Virus Found Lop " and " Trojan " Please Help!

Not so long ago i was running my AVG anti-spyware and it came up with 11 threats detected at medium risk and i also glanced over at something and it said Malware Detected: 107
sooo i really dont think that is good. I really need help with this, please someone reply.
 

Read other 1 answers
RELEVANCY SCORE 136

Hi guys, I ask you a lot of help because I'm in trouble up to my neck. I try to be as detailed as possible.
I have a Packard Bell with initially installed Windows Vista Home Premium (I don't know if 32-bit or 64-bit). Over time I updated it to later versions, and in fact before the problem I normally had Windows 10.

Brief introduction: as you know, telematic lessons have started in the world at home. So I installed Microsoft Teams and so far everything is ok. I noticed, however, immediately that the fan of my old PC with more than 10 years of intense work was starting to fuel quickly. While I was thinking about how to solve, the inevitable happened: during a lesson the PC freeze in the screens, and after waiting 5-10 minutes I turned it off by the button. By re-accessing it, this screen appeared, as the title says:

"Windows failed to start. A recent hardware or software change might be the cause. To fix the problem:
1. Insert your Windows installation disc and restart your computer.
2. Choose your language settings, and then click "Next."
3. Click "Repair your computer."

If you do not have the disc, contact your system administrator or computer manufacturer for assistance.

File: \ Boot \ BCD
Status: 0xc000000f
Info: The Boot Configuration Data for your PC is missing or contains errors. "

What I did: I searched on this and other sites but I was not able to juggle well. I understood that you need an installation CD, which I DO NOT ha... Read more

Read other answers
RELEVANCY SCORE 136

Guys,

I am a little confused with regard to some of the mail options in Outlook Express. (I have version 6) What is the difference between the "Drafts" and "Outbox" folders?

Further how does the "Send Later" option work from the file menu? I always thought that "Send Later" was the same as using "Drafts" but what happend was that I was doing an e-mail, went to Drafts, or clicked on "Send Later" or Outbox and then after I clicked on "Send" doing a regular send, I checked my Sent folder and about 3 copies of the same message were delivered to the same person! (I only sent one message-not 3!)

What is the deal with the "Outbox" folder? Apparently that is not like the Drafts folder....correct?

What's the difference between doing a Save, Save As, and Send Later with regard to OE functions? If I want to save a message that isn't done yet, which of these 3 options should I use? (I.e, I want the message to go to the Drafts folder for example and stay there until I TELL OE to send it.) I think whatever I did above was that I modified my message and then click on where it just automatically sent next time I opened the message. A review of these features would be helpful!

Just for the record, I also use Yahoo Mail and find that so much easier!

Jack
 

A:Please Review OE "Send", "Drafts", and "Outbox" Options

Jack
To save an E-Mail to your Drafts folder for work on later then you use the File\Save option.
If you wish to save the E-Mail in another format such as .EML or .TXT or .HTM then you use the Save as function. You will also be required to specify a folder to save in or use its "My Documents" default.
Send later function if only one e-mail account exists will place the e-mail in the outbox and send it the next time you click on the send receive button. If you have multiple accounts then you can specify which account to send it from.

Dave
 

Read other 2 answers
RELEVANCY SCORE 136

hi,

OK, this is a weird one.

I wanted to move the "My Music", "My Pictures", "My Videos" folders to another HDD. I moved the "My Documents" Folder to this HDD without a problem but the others I accidentally set the whole HDD as the folder (if that makes sense). So now the music, videos and pictures folders are set to this HDD and dont have an actual folder to change the properties of. Therein lies my dilema.

If anyone can offer any advice on this curly issue it would be greatly appreciated.

Shane

A:Remaking "My Music", "My Pictures", "My Videos" folders

  
Quote: Originally Posted by Legume


hi,

OK, this is a weird one.

I wanted to move the "My Music", "My Pictures", "My Videos" folders to another HDD. I moved the "My Documents" Folder to this HDD without a problem but the others I accidentally set the whole HDD as the folder (if that makes sense). So now the music, videos and pictures folders are set to this HDD and dont have an actual folder to change the properties of. Therein lies my dilema.

If anyone can offer any advice on this curly issue it would be greatly appreciated.

Shane


You have a backup from before the problem started? a win 7 dvd to do a repair install?
ken

Read other 4 answers
RELEVANCY SCORE 136

Ok, so basically, whenever I turn the computer on, 3 error messages appear:

- A virtual driver failed to inicialize DLL. Chose close to end the program. H:/Windows/system32/code/pRee.exe

- A virtual driver failed to inicialize DLL. Chose close to end the program. H:/Windows/system32/code/pRee1.exe

- Error loading H:/Archiv~/GBPLUG~/gbiehcef.dll. Couldn't find specific module.

(sorry if some terms are incorrect, my computer is in Spanish, to I tried to translate as best as possible)

Please help me solve this terrible problem, it is really getting me on my nerves! (oh, and if this helps, I've recently donwloaded this so called "Limewire acceleration", and whenever I ran the setup, it didn't work. I don't really remember the name of the website I downloaded it from, sorry...)

A:Can't Open "My Documents", "Trash" or other files in "My Computer"!?

Hi and Welcome to the forum

I am almost certain that you have malware problems. Most like caused by you doing file sharing/ P2P - Limewire.

Suggest that you go here and follow the directions:

http://www.techsupportforum.com/secu...oval-help.html

Please be advised that the malware people are very busy and it could take a couple days to assist you.

BG

Read other 1 answers
RELEVANCY SCORE 136

Hi:

Looking for insight/advice re: KB3054476.

According to Infoworld, it was "Optional" in May, but I was not offered it then.
This week, it was offered as "Important" and "Recommended" (!), but only for one of my 2 Win7/64 boxes.

I have read the MS KB article, as well as THIS FORUM THREAD, the latter of which includes a report of a BSOD due to this particular update.

However, there isn't much out on the web about it.
And most of the discussion about it is overly technical for me.
And I am confused as to why it was previously offered as "Optional", but now is "Important" or "Recommended".

I don't *think* I "need" it (as I have no webcam on this box). And I don't like to tempt fate by fixing things that are not broken.

So, 3 questions:
Is it safe to install?
Is it really necessary/important?
Or would I be OK to hide it?
Thanks very much in advance!

A:KB3054476 offered as "Important"/"Recommended"/"Optional"

The status of updates changes with circumstances.
If an update isn't relevant, it won't be offered at all.
If however it's relevant but the related software is not apparently in use, it may be 'optional' - and gravitate to 'Recommended' or 'Important' if the related software is in use.
It can also be promoted through the hierarchy by MS depending on feedback through WU and error-trapped feedback.


If you have (and use) a webcam, then it's probably best to install the update.

Read other 4 answers
RELEVANCY SCORE 136

I tried to associate the file extension .txt to a new editor program
with the well known cmdline programs ASSOC and FTYPE.

No, assigning them through WinExplorer menu does not work.
But this is another problem which should not discussed here.

When I type now one of the following alternative commands at the CommandPrompt then Win7 returns me something like:

assoc .txt=txtfile

"Access denied"
The following error occurs: .txt"

or

ftype txtfile=D:\notepad++\notepad++.exe "%%1"

"Access denied"
The following error occurs: txtfile"

Why?

The command above work fine under WinXP

Peter

A:"access denied" when using "assoc" and "ftype" from cmdline?

Question:

Did you run cmd.exe with administrative previlliges?
Elevated Command Prompt

Read other 3 answers
RELEVANCY SCORE 136

I thought I was computer savvy until this problem came up. When I double click my computer, recycle bin, control panel, etc, the hourglass comes up for a few seconds, goes off, and nothing else. No error messages or anything, just nothing. I have viewed a few of the threads covering this and a common link was the hijack this result. I have posted that here, and really hope that someone can help me with this. I have run SpyBotSD and adaware, I have run mutiple virus scans, I did an SFC, and the final thing was to repair windows using the original disk, none of which has help. I am running Window XP w/SP2. Any other suggestions would be certainly appreciated. Hope to here from someone soon. MTCS, out.

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TDSTEL~1\ENTERN~1\app\pppoeservice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusCl... Read more

A:I cannot open "my computer" "control panel" "recycle bin", etc...

You may want to reinstall the operating system.

Backupthe files that are importantto you before you reinstall.

The "New" installation will overwrite the current one

If you do not format your hard drive before the reinstall the installation should not harm your files (That's why I suggest backingup your files) and will speed up the installation process.
 

Read other 1 answers
RELEVANCY SCORE 136

OK.....
As I said I am new.....
Hope this info is the way you need it.
MANY MANY THANKS IN ADVANCE FOR THE TIME & HELP !!!
Check out the following .....HHEELLLPPP


Logfile of HijackThis v1.98.2
Scan saved at 12:38:36 PM, on 11/12/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\WINDOWS\System32\Promon.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\interMute\AdSubtract\AdSub.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\McAfee.com\VSO\mcshield.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Frank M. Gazzo\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Micro... Read more

A:NEW THREAD / "xads", "xlime", "Context3.kanoodle"

hi

how to create a folder ?

right click anywhere in your desktop
click new,a tab opens ,click folder ,name it hjtantivirus .

download again hijackthis and install it in the new created folder .

your hjt is here now
C:\Documents and Settings\Frank M. Gazzo\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

it will not work properly if it stays there .

and don t create a new thread ,keep only one thread .this one ,now .

Read other 1 answers
RELEVANCY SCORE 136

I have a 7200rpm hard drive that shows up as 3 separate partitions on my MacBook Pro desktop. They are "System Reserved", "Untitled 1" and "Untitled". When looking at them in the Disk Utility program, they show up as "System
Reserved",  "disk2s1" and "disk2s3". I can't seem to find a way to wipe the drive and just have 1 partition. I don't need to save anything on it so it can all be deleted and consolidated. Not sure if this helps but the previous
owner told me that he had accidentally erased another partition that prevented the hard drive from being reconsolidated. It also may have been a Windows boot drive. Any help in restoring this hard drive would be appreciated. Thank you.

Read other answers
RELEVANCY SCORE 136

My friend's computer seemingly got a virus, since it sent an email to somebody in her email list, on its own. She asked me to take a look.

She had a virus checker, but it had never been updated. So I installed "AVGfree" and ran that. It found a "trojan horse" virus as well as some other stuff that it said should be removed, so I did. I then ran "ccleaner" and it suggested to remove a TON of crap, like 500mb worth of files (she installs dumb stuff on her computer all the time). I removed these files. Then I ran "spybot" and it removed some stuff. I then defragged, which it needed.

So here I am, feeling like a hero, but then I reboot and there's a message saying that "lsass.exe" cannot be found. I cancel this message, and then there's another message saying that "ipwins.dll" cannot be found.

I tell her to just ignore these messages until I figure it out, but then she informs me today that she cannot access her email account on her computer. So I've gotta figure out how to fix this.

Any advice?? Thanks.

A:After virus checking and cleaning, "lsass.exe" and "ipwins.dll" missing

She could try the system file checker : tell her to prepare her XP CD (she'll need it if it asks to replace the missing files), then she will have to go to start => run, and type "sfc /scannow".

If that fails, she can perform a repair install if she has an OEM, retail or upgrade XP CD (recovery CD's cant' do that). She will have to boot on the cd, thus she needs first to change the boot order in the bios to CD-rom first. Then, when XP setup loads, choose the option "To setup Windows XP now" (not the one about recovery console). On the next screen (after the licence agreement) she should be given the option to repair her current xp installation by typing R.

Once that's done, if the CD wasn't a SP2 version, first thing is to go to windows update to reinstall XP SP2 and all updates she could have done since. Don't surf on the internet before any antivirus and firewall (either windows or another) is enabled.

Read other 2 answers
RELEVANCY SCORE 136

HI, first of all, I found out that my home computer was infected by the lovelorn worm. Plan to clean that tonight.

Secondly, I found copies of 2 files named "folder" and "desktop" in almost all folders. The files where identical so I suspect that there is a virus that's propagating this. Is my hunch correct? Is this related to the lovelorn virus or is it another kind? What should I do?

Thanks!!!
 

A:files named "folder" & "desktop" in all directories.. is this a virus???

Symantec site you may want to review. I don't see anything about the file replication you are experiencing but the site may be helpful to you.
 

Read other 1 answers
RELEVANCY SCORE 136

Hey guys, Ive run Adaware, Spybot, and Symantec in safemode. Adaware and Symantec successfully removed some entries but the problem still persists. Im getting constant popups including "netster", "heavy.com", "smashits", and others. Heres my log, and thank you in advance!

Logfile of HijackThis v1.99.1
Scan saved at 8:43:05 PM, on 7/22/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PGPserv.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\Program Files\VentSrv\ventrilo_svc.exe
C:\Program Files\VentSrv\ventrilo_srv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1... Read more

A:"Byte.Verify", "Downloader" virus, and endless popups

Also Backdoor.DSNX, Dropper.Agent.PP and Trojan.Dropper

Was looking around in the root C drive and found some interesting things there as well, but didnt want to do anything without advice first. Heres a "dir" listing

07/22/2006 04:38 PM 586,928 626_101newer.exe
09/25/2005 11:25 PM 219,412 adlog.txt
07/22/2006 08:44 PM 627 asdf.txt
07/26/2004 06:18 PM 0 AUTOEXEC.BAT
08/26/2005 07:53 PM 11,859,569 AVG7QT.DAT
07/26/2004 06:18 PM 0 CONFIG.SYS
07/26/2004 06:28 PM 10 csb.log
05/17/2006 10:47 PM 81 CTX.DAT
07/22/2006 04:37 PM 73,728 dfndred_7.exe
07/22/2006 04:38 PM 27,648 dist13.exe
07/26/2004 06:22 PM <DIR> Documents and Settings
06/30/2006 10:41 PM <DIR> Downloads
07/22/2006 08:44 PM 32,768 drsmartload.exe
07/22/2006 08:45 PM 20,480 drsmartload45a7d.exe
07/22/2006 08:45 PM 20,480 drsmartload46a7d.exe
07/22/2006 08:45 PM 20,480 drsmartload849a7d.exe
07/22/2006 08:45 PM 578,560 Installer3.exe
07/22/2006 08:45 PM 290,816 installerwnusnewer.exe
11/16/2004 05:11 PM <DIR> KPCMS
07/22/2006 04:37 PM 28,672 kybrded_7.exe
07/29/2004 02:16 PM <DIR> mj-comp-files
07/22/2006 08:45 PM 25,105 MTE3NDI6ODoxNg.exe
07/22/2006 08:44 PM 25,105 MTE3NDI... Read more

Read other 19 answers
RELEVANCY SCORE 135.6

First things first, thanks to all who can help.....





I need to programmatically make some adjustments to the Internet Explorer security settings. Most of these settings I have found but there are a few I have not been able to get a clear exact location for in the registry. I will be using a .BAT file to make
the adjustments on 100+ PCs.





Here is what I am looking for.....





Under the "Internet  Properties" found in control panel, under the "Privacy" tab there is an "Advanced" option button. When I click on it I get an "Advance Privacy Settings" options box. On it are several settings.
The first setting, "Override automatic cookie handling" needs to be checked in order to access the other options. I can do that by adjusting the DWord value of "PrivacyAdvanced" under the "Internet Settings" key in the registry,
"HKCU\Software\Microsoft\Windows\CurrentVersion\Internet settings", to be specific.





What I have not been able to find are the registry entries for the "First-party Cookies" "Accept, Block, or Prompt" options, the "Third-party Cookies" "Accept, Block, or Prompt" options, and the "Always allow
session cookies" check box. Please see picture below....















I have seen references to the following settings as being where those options exist, but nothing that explains ... Read more

Read other answers
RELEVANCY SCORE 135.6

Hello,

Well this one is interesting - there are two main syptoms I noticed which made me think I have a problem. Ironically, I hadn't used the computer in about 2 weeks, and noticed these issues immediately.

1) Vipre identified a "Desktop.ini" Trojan, and asked me to reboot. Yet when i reboot, the problem was not fixed - instead, the message just keeps poping back up.

2) I figured i'd try to update Windows, yet the update functionality is not working - it asks me to reboot, yet rebooting does not allow me to update windows.

3) I use "Postgres" Database for one games i play online (online poker). Yet, this service will not run.

Other than the 3 symptoms above, there is nothing else (i.e// browser redirects) which are affecting my computer.

I'm posting the required documents below, and appreciate all the help. Thanks so much.

I also, as stated in the guide, do not believe i have access to my old boot/windows CD (really don't know where these are - but could potentially dig up if required). I am on a dell computer.

Also when running GMER - i kept getting problems regarding "not found hard disks/drives" - so i ran simply with "Sections and C:\" selected as per guide.

DDS Log:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.4.1
Run by Andrew at 23:08:56 on 2013-03-26
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.2.1033.18.3069.1602 [GMT -4:00]
.
AV: GFI Software V... Read more

A:Multiple "Trojans" / "Desktop.ini" Trojan via Vipre

Hello!

I am currently reviewing your logfiles and will assist you shortly with instructions. Please be patient.

Meanwhile: Please subscribe to this thread if you have not done already and please don't do any other scans on your own and don't install or remove software. Thank you!

Read other 18 answers
RELEVANCY SCORE 135.2

The System Fix Virus & Privacy Protection Virus hijacked and infected my system: WinXP (64-bit). They've caused my default web browser to change frequently (each time I reboot my PC). So I've been having trouble getting rid of all of this malware/viruses from my system, since I use Windows XP x64.

ComboFix.exe and TDSSKiller.exe are not compatible with my Windows XP 64-bit system. So how do I get rid of the malware/viruses from this computer without those apps that were made to get rid of the following problems on other Windows OS's?:

The latest version(s) of ComboFix and TDSSKiller don't work on the 64-bit version of Windows XP, but they are compatible with other versions of Windows: 98, XP, VISTA, 2000, 2003, 2008 and Windows 7!

1. System Fix Virus (the first virus that affected my Windows system, 2 days ago.)
2. Privacy Protection Virus (behaves almost exactly like the aforementioned virus)
3. Google-Redirect Malware (redirects all my searches to this site: 63.209.69.107)

Thanks in advance to ANY users for helping me and others with this malware/virus problem: I understand and read the previous pinned-thread about the revelant malware/virus issue that Windows-users solved with the programs I've been unable to install on my system. The aforementioned malware/viruses began to infect my PC on December 14, 2011 (since that day, I haven't found a single anti-virus program that can detect the Google-redirect malware/virus on my system).
&nbs... Read more

Read other answers
RELEVANCY SCORE 133.6

I believe i have the Adclicker virus, however neither my Adaware or my Norton Antivirus has found it. I get popups continously and I have noticed the IEXPLOER.EXE running. When i delete it, Size File.exe runs and reloads IEXPLORER.EXE. I have done a search for Size File.exe and deleted it then deleted IEXPLORER.EXE but then SIZE FILE.EXE appears again and I go through the whole cycle again. Please help me delete this sucker. I have also ran CWShredder and it didn't find anything (not sure if i ran the right one though). Please help! Thank you.

Here's my HijackThis file:

Logfile of HijackThis v1.99.1
Scan saved at 9:19:25 AM, on 11/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files... Read more

A:Virus: "IEXPLORERE.EXE" & "Size File.exe" - Can Anyone Help Remove?

Read other 9 answers