Over 1 million tech questions and answers.

Popups, redirects, reduced system performance, and blue screens...

Q: Popups, redirects, reduced system performance, and blue screens...

So, I'm at school and I receive a text from my mother stating that she is receiving porn popups and that google results are sending her off to random pages. This isn't uncommon because no one in my family understands computers anymore than your average secretary (no offense, but let's be honest. lol)... That being said, I went over and ran a few scans as I normally do which tends to clean it up fairly well. I begin by running HiJackThis and looking through it's logs and then looking at the startup items...

During this processes, I noticed several suspicious files that definitely did not belong. I then made sure to update the definitions on the current AV installed (BitDefender) and ran a scan with it. Afterwards, I continued to run Malwarebytes AntiMalware and SuperAntiSpyware. All 3 of them came back with results of finding several trojans... After running those, cleaning with them, rebooting, ect.. The popups were gone and the system was operating much more smoothly...

However, I got another text 2 days later, after returning to campus, that she was getting redirects again and BitDefender kept popping up several alerts about trojans... For insance, when I used that machine to google GMER; it showed the proper results but when clicking on the first result it then redirected me to:
"hxxp://www.njksearch.net/cc.php?id=27946228"

Also, to summarize what MBAM found, it listed Rogue.Spypro, Trojan.Agent, Trojan.FakeAlert, Trojan.Dropper, Exploit.Drop.2, and Backdoor.Bot.. Two of the files had interesting names posing as svchost.exe (in the windows/system folder, not system32 folder) and microsoftupdt32.exe

Anyway, that's my detailed description. :) Below is the log and attachment.

Thanks in advance. :)

Edit: I should also note that ComboFix results in a BSOD everytime.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_17
Run by Administrator at 17:49:43 on 2011-09-15
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dlcjcoms.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\BCMSMMSG.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\taskeng.exe
C:\Users\Administrator\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uInternet Settings,ProxyOverride = <local>
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers runtime\YontooIEClient.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2010\IEToolbar.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
uRun: [AdobeBridge]
uRun: [Google Update] "c:\users\Administrator\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2010\IEShow.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2010\bdagent.exe"
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BCMSMMSG] BCMSMMSG.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [AppleProfilePolicy] rundll32.exe "c:\programdata\AppleProfilePolicy.dll",DllRegisterServer
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: intuit.com\ttlc
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://zone.msn.com/bingame/amun/default/mjolauncher.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/popcaploader_v10.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{284B1697-036C-45B9-A550-C30ABE119C22} : DhcpNameServer = 172.16.7.167 172.16.7.167 8.8.8.8
TCP: Interfaces\{81000FD6-9E97-4521-A193-AC1E8A178C1D} : DhcpNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: jifdorh - c:\windows\system32\config\systemprofile\appdata\local\jifdorh.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File
Hosts: 95.64.61.141 Google
Hosts: 95.64.61.142 Bing
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\Administrator\appdata\roaming\mozilla\firefox\profiles\52uwnjgf.default\
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - bf4f386a-3b0c-4580-853d-1d00f106bb1b
.
============= SERVICES / DRIVERS ===============
.
R? Adobe Version Cue CS4;Adobe Version Cue CS4
R? Arrakis3;BitDefender Arrakis Server
R? b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? itlperf;Network Location Awarenes
R? MBAMSwissArmy;MBAMSwissArmy
R? Netaapl;Apple Mobile Device Ethernet Service
R? PCANDIS4;PCANDIS4 Protocol Driver
R? WatAdminSvc;Windows Activation Technologies Service
S? BDFM;BDFM
S? bdfwfpf;bdfwfpf
S? TeamViewer5;TeamViewer 5
S? TeamViewer6;TeamViewer 6
S? teamviewervpn;TeamViewer VPN Adapter
.
=============== Created Last 30 ================
.
2011-09-15 21:05:58 -------- d-s---w- C:\ComboFix
2011-09-15 18:53:59 98816 ----a-w- c:\windows\sed.exe
2011-09-15 18:53:59 518144 ----a-w- c:\windows\SWREG.exe
2011-09-15 18:53:59 256000 ----a-w- c:\windows\PEV.exe
2011-09-15 18:53:59 208896 ----a-w- c:\windows\MBR.exe
2011-09-15 02:11:06 185856 ----a-w- c:\programdata\AppleProfilePolicy.dll
2011-09-06 00:58:06 0 ----a-w- c:\windows\system32\0.21187082121402334.exe
2011-09-06 00:34:31 0 ----a-w- c:\users\Administrator\appdata\local\Agaqeva.bin
2011-09-06 00:34:30 -------- d-----w- c:\users\Administrator\appdata\local\{5BD9A4D4-247A-44B8-AE17-16220288BB96}
2011-09-06 00:33:29 -------- d-----w- c:\program files\Yontoo Layers Runtime
2011-09-06 00:33:25 -------- d-----w- c:\programdata\Tarma Installer
.
==================== Find3M ====================
.
2011-07-06 23:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 23:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 17:51:48.71 ===============

RELEVANCY SCORE 200
Preferred Solution: Popups, redirects, reduced system performance, and blue screens...

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Popups, redirects, reduced system performance, and blue screens...

Hello,


Quote:




I should also note that ComboFix results in a BSOD everytime.




While you may see ComboFix being used quite often, and possibly you have used the tool yourself without incident, the tool should not be run unsupervised (as stated in the Disclaimer that is first displayed by ComboFix when you run the tool)

Going forward, I highly recommend you heed such instructions. As explained in Post 2 of our pre-posting topic...


Quote:




Why we don't ask you to run ComboFix from the onset

ComboFix is a very powerful tool which when improperly used may render your machine to a doorstop.

We first need to verify if there's any rootkits present and how they could affect our tools. DDS & GMER are preliminary scans. We use their logs to map our strategy for attack.

With these logs we can determine the infections present & decide whether to deploy ComboFix.




That being said, I'll need a log from another tool. Again, it's important you follow these instructions as given.

Please download aswMBR.exe and save it to your desktop.

Double click aswMBR.exe to start the tool. At this time, select No when prompted to download the Avast database.
Click Scan
Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

Read other 19 answers
RELEVANCY SCORE 73.2

hi, my laptop has slowed down considerably and when i ran norton on it it found plenty of spyware and adware but then when all was quarantined the laptop regained almost it's former speed yet the internet explorer's homepage is still hijacked. This is the hijack this logfile

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:11:04 PM, on 12/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\9fdb1.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\QQRun.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\D6E0C\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\D6E0C\ctfmon.exe
C:\DOCUME~1\XPPRESP3\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\syste... Read more

A:popups and reduced system speed

Please do this:

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
Please attach extra.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.

What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

---------------------------------------------------------------------------------------------

Read other 12 answers
RELEVANCY SCORE 69.6

Good Day Folks,
I have been recently plagued with random occasional blue screens that cause me to reboot, and diminished computer performace. I have active anti virus software that constantly updates and does automatic scans. There have been no instances of virus' or malware found and everything seems to be up to date. here is a copy of the hj log, I hope someone can help me fix this...John

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 3:39:40 PM, on 2/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\L... Read more

A:Blue screens and slow performance

Read other 15 answers
RELEVANCY SCORE 69.6

I've never posted in a forum for help before because usually just coming and reading other posts/topics on one has helped me enough to get whatever I need to removed but this time it has proved more resilient. Thank you in advance for your time/help.I have two problems, though I think they aren't entirely related.First:I seem to have some sort of redirect virus/spyware. Half of the time when I click a link, the address in the URL bar changes, but the screen stays solid white. Refreshing does nothing. Typing the URL directly/hitting enter does nothing. The other half of the time instead of getting the white screen, I get a solid white page with the text: "This page has moved here."Clicking the link "here" successfully takes me to the page I was originally going to "most" of the time. Sometimes it just takes me to the solid white page (this is always the case with GMail.. I can only use gmail on my phone)I also randomly have a new window pop up with an ad page.I use RKill and then run Malwarebytes and it finds nothing. At the suggestion of a friend I downloaded and ran Microsoft Security Essentials, and it found 2 items and "removed" them, after which it asked me to restart my computer. Once I restarted I got a blue screen in startup (between the windows logo screen and the screen where you type your password to get to the desktop - it was only on the screen for a moment, appeared to be 2 lines of code and the only number/word I c... Read more

A:Redirects/Blue Screens/Etc =(

Forgive the double post. The redirect thing messed me up. When I hit post, it gave me the solid white screen, so I hit refresh and apparently it posted again. Sorry.

Read other 2 answers
RELEVANCY SCORE 68.8

I was casually browsing today when Google started to redirect its searches to other websites. I'd had this problem before, so I ran Malwarebytes, which found nothing. I went ahead and ran GooredFix, which worked before, and I have included the log here. Also, upon restarting my computer, I received a blue screen when starting Windows normally and in safe mode (and had to use the last known good configuration to boot back into Windows.) [See EDIT] I'm gonna go ahead and post my DDS logs and GooredFix log here, and then try to recreate the blue screen while you're looking at those logs.===GooredFix===GooredFix by jpshortstuff (12.07.09)Log created at 19:50 on 20/07/2009 (Johanan)Firefox version 3.0.11 (en-US)========== GooredScan ==========C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [00:08 15/01/2008]{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} [02:37 05/12/2008]{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [00:34 17/12/2008]{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} [18:48 20/04/2009][HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]"{3f963a5b-e555-4543-90e2-c3908898db71}"="C:\Program Files\AVG\AVG8\Firefox" [18:41 14/06/2009]-=E.O.F=-===DDS===DDS (Ver_09-06-26.01) - NTFSx86 Run by Johanan at 19:42:36.92 on Mon 07/20/2009Internet Explorer: 7.0.5730.13Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2581 [GMT -4:00]============== Running Processes ======... Read more

A:Google Redirects, Blue Screens, etc.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 13 answers
RELEVANCY SCORE 68.8

Hello,My son tells me that immediately after hitting a website (where he looking for movies to watch), his computer has started getting BSODs. I verified that, and I tried to run Windows Update after booting in Safe Mode with Networking. Windows Update failed (something about a network connection, even though other websites are accessible), and I noticed that the browser is redirecting to unrequested websites. I tried running a Malwarebytes scan, and that didn't help.After finding your website, I followed your instructions posted here, and I have attached the files attach.txt, dds.txt, and ark.txt.Thank you so much, in advance, for your advice on how to fix our computer!- BrokenLenovoAn update:I forgot to mention that I downloaded (from Microsoft) and ran the Malicious Software Removal Tool, and that did not help. I just booted up (Safe Mode with Networking) the computer with the problem, to see if I could find the log, and I am now seeing pop-ups labeled Antivirus Antispyware 2011. I don't remember seeing these before. Maybe our computer is compromised in a way that it is now acquiring additional malware. Do I need to re-run the programs that generated attach.txt, dds.txt, and ark.txt ?Thanks!Merged posts. ~ OB

A:Please help! Browser redirects, Blue screens, ...

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 48 answers
RELEVANCY SCORE 68.8

My daughter went to some Harry Potter site and my Symantec Endpoint Virus scanner caught some virus attack from that site. But the virus got by SEP! I used Malwarebytes to clean but I am still having issues with browser redirects, freezes of OS & blue screens.
The BSD stated something about pcmcia.sys and iastor.sys (sp).

I do have access to a Windows XP install CD in order to boot off it if needed.
-Andrew


DDS (Ver_10-03-17.01) - NTFSx86
Run by adouglas at 17:47:27.80 on Thu 09/30/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2014.1204 [GMT -4:00]

AV: Symantec Endpoint Protection *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

============== Running Processes ===============

C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VP... Read more

A:Redirects, freezes & blue screens

Please help!

Read other 12 answers
RELEVANCY SCORE 68

Whenever I try to use wireless at any location, I start to get google redirects and eventually (days later) blue screens. I usually do a system restore to a day before I used the wireless and everything seems to run fine again...except I can't use the wireless without "releasing" these problems again. No problems with the wired connection though. I ran DDS and GMER before doing a system restore, and the files are for that. I also ran mbam before the restore and attached the results as well...which is where I realized I have the Vundo virus.

If any more information is needed, please just let me know!

~Supersox

Here are the contents of the dds.txt log:

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by David M. Behm at 3:02:38 on 2011-08-05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.359 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\I... Read more

A:Vundo, Google Redirects, and Blue Screens

Hi,Please do the following:Download ComboFix from one of the following locations:Link 1 Link 2 VERY IMPORTANT !!! Save ComboFix.exe to your Desktop * IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here Double click on ComboFix.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:Click on Yes, to continue scanning for malware.When finished, it shall produce a log for you. Please include the C:\C... Read more

Read other 19 answers
RELEVANCY SCORE 68

Hello,

I evidently have the Google redirect virus. The computer also evidently crashes with a 'blue screen', though I have not actually seen the blue screen itself... it's my work computer, and I'll just come back to my desk sometimes and the computer will have restarted itself, or have a blank screen that can't be exited from without restarting the computer.

My logs are attached:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6000.16757
Run by Tristan at 10:04:23 on 2011-12-11
Microsoft? Windows Vista? Home Basic 6.0.6000.0.1252.1.1033.18.2037.306 [GMT -6:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program ... Read more

A:Google Redirects and Apparent Blue Screens

Welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please download OTL from... Read more

Read other 4 answers
RELEVANCY SCORE 68

About three or four days ago, my Windows firewall has been warning me about something trying to get through. I clicked on quarantine, but it still kept popping up. After a few more clicks on quarantine, my computer blue screened. I restarted my computer, and every time I type in my username and password for the Windows login, it would blue screen right after. I get multiple different stop codes. These are the ones that I currently remember: 0x000000D1, 0x0000000A, and I'm sure there are more, but I don't remember the rest. Those two stop codes occur the most. Every once in a while(after about 30 restarts..), I would be able to login and load up to my desktop, but after a couple of hours of use, or maybe even some minutes later, it would blue screen again. Other times, after I type in my password, my screen would stay black with my movable cursor on screen.

Things that I've done so far:
Tried to run Safe Mode, still blue screens.
System restored to multiple points, still blue screens.
Reinstalled Windows 7 professional 64bit OS twice with all my files in tact, blue screens after Windows update.
Ran two different scanners, Malwarebytes and Avira AntiVir before windows update, deleted infected files, updated Windows, still blue screens.

I've noticed each time that I reinstalled a new OS, the blue screens don't occur until after I update Windows. My Avira has been popping up malware warnings, and each time I click on quarantine, my computer would freeze. It ... Read more

A:Blue screens, malware, and Google redirects.

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

Read other 4 answers
RELEVANCY SCORE 68

I think my original post was in the wrong place... I read all the instructions for posting etc and now I think I'm posting in the right place. =/ Sorry for the inconvenience.Original Post:I've never posted in a forum for help before because usually just coming and reading other posts/topics on one has helped me enough to get whatever I need to removed but this time it has proved more resilient. Thank you in advance for your time/help.I have two problems, though I think they aren't entirely related.First:I seem to have some sort of redirect virus/spyware. Half of the time when I click a link, the address in the URL bar changes, but the screen stays solid white. Refreshing does nothing. Typing the URL directly/hitting enter does nothing. The other half of the time instead of getting the white screen, I get a solid white page with the text: "This page has moved here."Clicking the link "here" successfully takes me to the page I was originally going to "most" of the time. Sometimes it just takes me to the solid white page (this is always the case with GMail.. I can only use gmail on my phone)I also randomly have a new window pop up with an ad page.I use RKill and then run Malwarebytes and it finds nothing. At the suggestion of a friend I downloaded and ran Microsoft Security Essentials, and it found 2 items and "removed" them, after which it asked me to restart my computer. Once I restarted I got a blue screen in startup (between... Read more

A:Infected causing redirects, Blue Screens etc..

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/434678 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 67.2

Hi,

I have recently had this problem with my computer: I have gotten blue screens of death that say bad_pool_header when I start up my computer and was only able to run in safe mode. Now however, I can run my computer regularly, but when I start my computer, an internet explorer window will pop up and a website www.clickleg.org will come up with random search results. Also, when I use google in firefox for my searches and I click on a link, they get redirected to websites such as webhostingfrance.com

I have used McAfee's On Demand Scans, Super Antispyware, and Malwarebyte's Anti-Malware to try to counter the problem, but they have not seemed to help much, and they now don't find anything outside of tracking cookies. I have also used system restores, CCleaner, and recently just tried Sophos Anti rootkit but it hasn't remedied the problem either.

Here is my most recent DDS:

DS (Ver_10-12-12.02) - NTFSx86
Run by David Deng at 11:14:08.01 on Sun 01/16/2011
Internet Explorer: 7.0.6002.18005
Microsoft? Windows Vista? Home Basic 6.0.6002.2.1252.1.1033.18.1977.704 [GMT -5:00]

AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows... Read more

A:Internet Search Redirects, Blue Screens of Death

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far. Upon completing the steps below another staff member will review your topic an do their best to resolve your issues. If you have already posted a DDS log, please do so again, as your situation may have changed. Use the 'Add Reply' and add the new log to this thread. Thanks and again sorry for the delay. We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explaination about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that... Read more

Read other 3 answers
RELEVANCY SCORE 67.2

Hey, i tried using a windows vista recovery disc, but that does me no good, i get google redirects almost 90% of the time i click a link, and when i want to shut down my computer, i cant because it just shows a blue screen warning, then restarts. My computer is also very slow now, any help?
 

A:I get google redirects, random firefox tab ads and blue screens

Read other 16 answers
RELEVANCY SCORE 66

Hello all,First, I am running Windows Vista Home Premium 32-bit Service Pack 2. On to the issue(s)... I have let my teenage son use my computer. I am not sure what he did or his browsing activity. Well, Avast let me know I was infected with INF:AutoRun-AA and JS:Redirector-SQ in two separate instances and supposedly Avast took care of them. Well, I thought it was all done but lately I get error warnings, my computer freezes every time I use it, performance and internet are super sluggish, I get random restarts, and I keep getting blue screens. I have ran several scans including Boot scans with Avast, RootRepeal, and TDSS Killer; nothing found. Have I have Avast as my Anti-virus program so I run scans on a regular basis, along with Disk clean ups and Defrags as part of regular maintenance. I have recently added CCleaner as part of my routine. I have also ran MBAM, Spybot Search and Destroy,Kaspersky Online Scans, Eset... to see if I could find what is going on but nothing found, yet problems still persists.Today, I tried running HiJack This and I got a warning stating: "For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this..." I did disable Avast first before the scan. I've also tried to run it as Admin but it will NOT allow me to do so. The "Run as Administrator" option doesn't appear on the menu... I am not sure what is going on and now here I am... En... Read more

A:Possible Infection. Freezes, Errors, Blue Screens, Random Restarts, Poor Performance...

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Please DownloadTDSSKiller.zip>>> Double-click on TDSSKiller.exe to run the application.Click on the Start Scan button and wait for the scan and disinfection process to be over.If an infected file is detected, the default action will be Cure, click on Continue
If a suspicious file is detected, the default action will be Skip, click on Continue
If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it Click the "Scan" button to start scan. Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANTPlease post the contents of that log in your next reply.There shall also be a file on your desktop named MBR.dat. Righ... Read more

Read other 2 answers
RELEVANCY SCORE 65.6

My operating system is 32-bit Windows 7 Professional, and my laptop is an HP Probook 4430s. My problems all started about a week ago when I discovered that my Google searches kept redirecting to random websites every now and again. I did a Malwarebytes scan and it caught something called Exploit.Drop.9. I removed it, and when I found that my searches were still redirecting I did another Malwarebytes scan and it caught Exploit.Drop.9 again. It took a couple more scans before this Malware was gone for good. However, my Google searches were still redirecting, regardless of the browser (Internet Explorer, Chrome, and FireFox).

Malwarebytes wouldn?t detect anything, so I went to Bleeping Computer and followed the instructions to download and run TDSS Killer, buy it didn?t detect anything either. Then I downloaded Spybot Search & Destroy, and it did detect a bunch of cookies and other low threat things, but even after removing everything that it detected the redirects still kept happening.

I waited a few days, hoping that I would be able to research how to get rid of this problem, and then I decided to run TDSS Killer one more time. It asked me to run an updated version, and when I ran this version it found something. I cured the item it found, and when it was done and asked me to reboot the computer I decided to create a restore point just in case. However, as the restore point was being made, the computer suddenly blue screened. Now every time I start the computer normall... Read more

A:Google Redirects, Trojans, and Blue Screens After Exploit.Drop.9 Removal

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/461482 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 65.6

About two days ago popup windows started appearing every now and then. I ran ad-aware, spybot and norton virus scans. After running those scans I got my first blue screen so I did a system restore. That fixed the problem for about one day. This morning my computer was fine for the first couple hours, and then I started having the popups again. I ran the three scans again in both safe mode and normal. After running the scans I started getting more frequent blue screens with stop codes of 0x00000050 and 0x0000008e. My computer now gave me a system popup immediately after starting saying Windows must restart and gave me a countdown timer of 59 seconds. I disabled the DCOM server and that stopped that problem from happening and ran ad-aware and spybot again. My norton was out of date so I got another one and tried to install it and it gives me the error that it can't install because it can't access windows installer. Internet Explorer and the norton I have installed also crash immediately after starting the computer. I tried to run the DSS for it's report, but it would give me an error everytime during the creation of the system restore point (both in safe mode and normal.) Here are the hijackthis and panda software reports. Help would be greatly appreciated.

hijackthis report:
Logfile of HijackThis v1.99.1
Scan saved at 3:15:38 PM, on 4/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\... Read more

A:Popups, trojans, blue screens and error messages

Pandascan Software Activescan report attaced.

Read other 3 answers
RELEVANCY SCORE 65.6

hi there, i hope i've included everything needed.

Running Mcafee

Desktop cannot be changed, windows automatic updates cannot be turned on in the usual manner. randomly named programs in Program files folder, blue screens that can be removed via Escape button - otherwise they loop. research says Vundo trojan, however Mcafee once removed NTToolkit.trojan as well. Mcafee will constantly show jokebluescreen.src (or similar) as detected.
popups saying virus detected etc. i had a lot of trouble getting info from this site in particular

Deckard's System Scanner v20071014.68
Run by Leroy Robertson on 2008-07-09 00:21:27
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
18: 2008-07-08 23:21:47 UTC - RP173 - Deckard's System Scanner Restore Point
17: 2008-07-07 20:15:07 UTC - RP172 - Removed EO.Web Controls 2007.1
16: 2008-07-07 20:13:04 UTC - RP171 - Removed LiveUpdate Notice (Symantec Corporation)
15: 2008-07-07 20:11:41 UTC - RP170 - Removed Medieval CUE Splitter
14: 2008-07-05 02:22:15 UTC - RP169 - System Checkpoint


-- First Restore Point --
1: 2008-07-02 16:04:58 UTC - RP156 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 78% (more than 75%).
System Drive ... Read more

A:popups, slow machine, random blue screens..

Hello and welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please save this page to Notepad in order to assist you when carrying out the following instructions.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding.
Ensure that there aren't any opened browsers when you are carrying out the procedures below.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Your hard drive is almost full.


Quote:




Percentage of Memory in Use: 78% (more than 75%).
System Drive C: has 0.79 GiB (less than 15%) free.
C: is Fixed (FAT32) - 34.57 GiB total, 0.79 GiB free.




Having too little free space on your hard drive can compromise system perfo... Read more

Read other 9 answers
RELEVANCY SCORE 63.6

Hello,

I was downloading winpwn last night (should have known better but the files were compressed in a zip file)... saved it to the desktop.
Went to turn desktop icons on (I usually have them off).

The desktop wallpaper immediately has boxes that say spyware detected, etc. I right click the desktop to get my wallpaper back via display setting but half of the tabs are missing including 'Desktop'.

Did a Google search and find a solution to bring them back. Basically deleting some lines in the registry using regedit.

That fixes the display properties tab issue so I get my desktop back... but then things get a little weird... I get a notice from Windows Live OneCare that it has detected and cleaned a Trojan.

IE7 starts to load slow with errors and ads are placed oddly. MSN homepage and other familiar websites the layouts are a little skewed or different.
Google, Live & Yahoo results look almost normal (slightly enlarged font) - but when I click on a result to go to a page it redirects by opening a new browser window and takes me to a directory like page...

Had a couple of blue screens. 60 second warning to restart...
It hangs during startup on the welcome window or gives a BSOD style screen during startup or after the desktop has loaded.

Computer restarts on its own. Computer will freeze... sometimes the desktop will load but the start and task bar will not... or freeze allowing mouse movement but no mouseclick or keyboard input response.

I can't loa... Read more

A:Spyware Desktop Warning, Trojan, Google Redirects, Blue Screens, Slow, Auto Resta

Okay, I got impatient and decided to reinstall Windows.
We'll see if it fixes the issue.
 

Read other 2 answers
RELEVANCY SCORE 62.4

I am trying to get a computer back to functional status. It was not mine, so I have limited knowledge about the progression of symptoms(girlfriend). It is experiencing missing file errors on startup, and internet redirects to spam from basic Google searches(the links redirect to spam if they are clicked on, the addresses work fine if entered manually into a browser). On top of that, it is running AntiMalware programs installed by her father that I am unfamiliar with, which makes picking out the spam messages from the legitimate antivirus warnings rather troublesome. He works with computers, but he is also a native Russian, and consequently favors software I have never seen before.In the interest of maybe saving some time, do you guys think this is worth fixing? She is not, by any means, an avid computer user. So a backup of the few docs/music files/drivers she cares about would not be that difficult. And I would have no issue formatting her HDD and reinstalling windows(And she seems only mildly opposed to the idea).What should be my next step? I'll be happy to run any scans you think would help, but If it looks rather ugly and not worth salvaging, don't be afraid to say so.Cheers,MrEddieAttached is the HiJackThis Log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 10:02:02 PM, on 9/28/2011Platform: Windows 7 (WinNT 6.00.3504)MSIE: Internet Explorer v9.00 (9.00.8112.16421)Boot mode: NormalRunning processes:C:\Program Files (x86)\STMicroelectronics\... Read more

A:Missing System Files. Internet redirects. Fake system popups. (HiJackThis log)

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/421160 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 61.6

I've had a lot of reduced performance with my system lately, in addition to a lot of windows error messages for some reason. I just un-installed a handful of anti-spyware/malware apps because I had way too many.
Now I'm left with HJT, MalwareBytes (w/ active protection), TuneUp2009, ZoneAlarm, & Spyware Blaster
Is this sufficient protection?
Applications load up much slower and the start is lagged.
Otherwise I haven't had too many issues, a couple crashes few and far between.
Any ideas?
Thanks

GIGABYTE GA-EP45-UD3P LGA 775 Intel P45 ATX Intel Motherboard
Intel Core 2 Duo Wolfdale E8400 @ 3.0Ghz
G.Skill 4GB (2x2gb)
Sapphire 100245L Radeon 4850HD 512mb
Antec Earthwatts 650W PSU

Windows XP Pro SP3
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36:40 PM, on 10/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.ex... Read more

Read other answers
RELEVANCY SCORE 61.6

Hello guys. Recently I've bought I PowerColor ATI HD 6790 1 GB DDR5 video card. My old one was the 4670 version, though it was from Gigabyte. And oddly enough, my performance seems to have been reduced.

This is my current setup

AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
PowerColor Ati HD 6790 1GB DDR5
ECS GF8100VM-M5
Lc-Power LC 420H-12
Western Digital 500gb Sata2 7200 Rpm 32mb Buffer
3,00 GB RAM
TSSTcorp CDDVDW SH-S203B ATA

What could be causing this and what would be the solution?

Thank you

A:Reduced Performance

No one got a clue?

Read other 6 answers
RELEVANCY SCORE 61.2

Hi ,
I Started having problems after downloading Grokster p2p . I get too many popups ( like http://z1.adserver.com etc..etc) and system perforamance has deteriorated.

Am copying the log of Ad-Adware Se. Please help me with this.


Ad-Aware SE Build 1.05
Logfile Created on:Tuesday, February 01, 2005 9:15:15 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R26 25.01.2005
???????????????????????????????????????????????????

References detected during the scan:
???????????????????????????????????????
AdRoar(TAC index:6):19 total references
AltnetBDE(TAC index:4):16 total references
BroadCastPC(TAC index:7):5 total references
Claria(TAC index:7):15 total references
Cydoor(TAC index:7):10 total references
FlashenhancerBHO(TAC index:7):35 total references
MRU List(TAC index:0):27 total references
Possible Browser Hijack attempt(TAC index:3):4 total references
PromulGate(TAC index:5):11 total references
Softomate Toolbar(TAC index:9):13 total references
TopMoxie(TAC index:3):6 total references
Tracking Cookie(TAC index:3):53 total references
TVMedia(TAC index:5):2 total references
???????????????????????????????????????

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R25 11.01.2005
Internal build : 30
File location : C:\mcp\HiJackThis\Ad-Aware SE Personal\defs.ref
File size : 412196 Bytes
Total size : 1300547 Bytes
Signature data size : 1270864 Bytes
Reference data ... Read more

A:Too Many Ad popups and slow system performance

Please do not post the Ad-aware log unless we ask for it. It's a huge waste of space posting that log. You may fix everything that it finds.

Do the following now:

Download and install Spybot S&D. Run Spybot and click on the 'Search for Updates' button. Install any updates that are available. Next click on the 'Check for Problems' button. Let it run the scan. If it finds something, check all those in RED and hit the Fix Selected Problems button. Exit Spybot. If you keep getting the DSO Exploit entries, even after you updated Windows and fixed them, then download the Spybot DSO Exploit Fix and install it over the current Spybot installation.

Download CWShredder and run it. Click on 'I Agree' button if you agree with it. Click on 'Fix' (it will automatically fix anything it finds for you) and OK. If it asks if you want to delete a certain random file, choose No and post that filename here. Let it finish the scan and then hit Next and Exit.

Please download HijackThis - this program will help us determine if there are any spyware/malware on your computer. Create a folder at C:\HJT and move HijackThis.exe there. Double click on the program to run it.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Get HijackThis Analyzer and save it to the same folder as the hijackthis.log file. Run HijackThis Analyzer and type in y if you ag... Read more

Read other 5 answers
RELEVANCY SCORE 61.2

It takes about ~4 mintues to boot this laptop, inexplicable CPU usage. Though the usage isn't consistently bad. Today I experienced such taxed resource usage, that simply moving the cursor across the screen had a choppy latent effect. I'd move the cursor, and about 1-2 seconds later, it would move it's position on the screen. I have ran Ad-aware, and Spybot, and they removed only tracking cookies. Trendmicro housecall came up with nothing. Here is the HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 9:47:57 AM, on 8/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\CISCOS~1\VPNCLI~1\cvpnd.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network... Read more

A:suspiciuosly reduced performance

Does not sound like malware but let's take a perfunctory look

1. Download this file using either of these links

http://download.bleepingcomputer.com/sUBs/combofix.exe

http://www.techsupportforum.com/sectools/combofix.exe

2. Double click on combofix.exe & follow the prompts.

3. When finished, it shall produce a log for you. Post that log & a fresh HJT log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Read other 4 answers
RELEVANCY SCORE 61.2

Cry Performance reduced after reinstalling WinXP pro

I have just reinstalled my system (XP Pro) and updated it online to SP2. Authenticated updated and all. I haven't changed any hardware and in fact I reinstalled less software than before.
Since reinstallation and updating, I've noticed considerable deterioration on system performance, reflected e.g. on scroll speed (eg in Firefox and in Word & Excel. For firefox I've checked "smooth scrolling" it's off. Especially Word used to be up to 1page/sec while scrolling with arrow keys, now is down to 5-6 sec/page. Also: normally Word shows the page numbers (lower left corner) changing as you scroll - not anymore in my case. Page numbers remain change only after scrolling stops. Other example is when I move windows on the screen, movement is not spooth but rather jerky.
Any ideas?
My 2.66GHz machine is clean according to avast antivirus, spybot, adaware & adwatch, Netscape's own spyware scanner. Reg mechanic finds no problems. HD (40GB) is error free and cleaned-up and defragmented. Smooth scrolling options are off.
Thanks to anyone who could help.

A:Reduced performance after reinstalling XP

Help with MS Office is another forum, so I can't hep you with Word settings.
As far as your general slowness issue: If it's slower now than it was before the re-install, then you did something different this time than you did previously. Try and think what that might be. I could sit here and guess all week and we might never stumble across it, there's just too many things that could affect performance.

Read other 8 answers
RELEVANCY SCORE 61.2

Today I've noticed a significant reduction in my computers performance. I installed a fresh copy of spy sweeper and it came up with 2 pieces of malware

Mal/Generic A
Mal/Keygen C

unfortunately it keeps jamming up so it wont erase them. Any help scanning the system would be much appreciated.

Windows 7 Home Edition, standard HP desktop.

Btw I did install a video card upgrade today, dont know if that could have potentially effected things, but it has been runnning worse since.. went from 256mb integrated to 1gig ATI Sapphire HD4670..

Thanks,

A:reduced performance and possible Malware

Spy sweeper has at last work and cleared the Malware it has found, but the fact that there is any on here worry's me. None should exist.

I would really appreciate help doing thorough malware and virus scans to help optimize performance.


Thanks,
Pete

Read other 3 answers
RELEVANCY SCORE 61.2

Hello,

I use my work PC mainly for developing an application in VB.NET using Visual Studio standard 2008. Up until a couple of weeks ago the system has run perfectly but during the last wee while ive noticed it takes ages to boot. And running even more than one or two applications cripples the machine to the point where your waiting around for 60seconds + for outlook to load.

PC SPEC:
Intel Core2 6400 @ 2.13GHz
2.00GB RAM
Vista Business 64-bit
System rating = 4.9
Anything untoward in this HJT log?


---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:03:47, on 10/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\Kontiki\KHost.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\devenv.exe
C:\Program Files (x86)\RAMBooster.Net\RAMBooster.exe
C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
C:\Users\andrew\Documents\Visual Studio 2005\Projects\__LATEST__\MyOffice\MyOffice\bin\Release\My Office.vshost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
C:\W... Read more

Read other answers
RELEVANCY SCORE 60.8

The boss went overseas and came back with something that seems to redirect his searches in internet explorer.It also redirects him if he just refreshes the browser. He also gets some popups - but I can't tell you what the said.I installed a new version of symantec endpoint - that was pointlessI installed the malwarebyes software and it tells me that if found a couple of registry entries that it found and deleted them - but the problem persists - btw the registry entries that it found were:HKEY_CURRENT_USER\software\avsuite (Rogue.AntivirusSuite)HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite)I ran the scans but the gmer scan blue screened so I wasn't able to get any info on that.Attached are the two scans dds.txt & attach.txt. I hope you could look into these scans to gather any useful information.any help would be much appreciated.Thanks a bunchdoug

A:XP system w/ i.e. redirects & some popups

Ok, so to give you all an update - i'm cautiously optimistic about these results but it looks like we got rid of that nasty software by using the tdsskiller. this TDSSKILLER can be obtained at http://support.kaspersky.com/viruses/solutions?qid=208280684the boss ran it and within seconds it was done - rebooted - all's good he says.I think we're done here, unless you think there's some kind of cleanup work that needs to be done.incase its of any interest to you attached is the tdsskiller log file.

Read other 2 answers
RELEVANCY SCORE 60.4

Hello,I'm a newbie to Bleepingcomputer.com with moderate computer experience. In the last day or two, my system has become overrun by popups (anything from spyware software to adultfriendfinder) and the performance has slowed down considerably. I've followed all the steps outlined in the section on popup/malware. I'm attaching my hijackthis log for the experts to take a peek.Unfortunately I've got a guy from the cable company coming tomorrow to switch me over to a cable modem. I'm trying to get things ironed out before then, so a quick response would be GREATLY appreciated.Thanks so much!SteveLogfile of HijackThis v1.99.1Scan saved at 1:27:15 PM, on 7/7/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCS... Read more

A:Adultfriendfinder Popups And System Performance Degredation

Hello there, It is a good idea to print off these instructions - they will be needed later when internet access is not available. You may also like to save these instructions in word/notepad to the desktop where they can be easily found for the same reasons as above. It is important that you complete the following instructions in the correct order, and also that you don't miss anything out!I see you have Viewpoint installed.Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.ViewpointViewpoint ManagerViewpoint Media PlayerPlease download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it.Put a check next to Run VundoFix as a task.You will receive a message saying vundofix will close and re-open in a minute or less. Click OKWhen VundoFix re-opens,Click Scan for Vundo button.Once the scan is complete,Right Click inside the listbox (white box) and click add more filesCopy&Paste the 2 entries below into the top 2 boxesC:\WINDOWS\SYSTEM32\d3dfra.dllC:\WINDOWS\system32\arfd3d.*Click Add Files and Click Close WindowClick the Remove Vundo button.You wil... Read more

Read other 7 answers
RELEVANCY SCORE 60.4

Ok, let me try this again, my last thread was ignored for some reason. But I REALLY need help as this issue is preventing me from getting work done, etc.

Following is my HijackThis Log. My anti-spyware and antivirus software (AVG) has found and removed many things, OVER AND OVER again. This thing just keeps coming back! I have attempted to follow the directions given to others on here, as my thread was never replied to, with no success. The crap just keeps coming back. Most of the popups have to do with "Internet Speed Monitor" or "WinAntiSpyware" pitches.

ANY help would be VERY appreciated!

HIJACKTHIS LOG:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:42 AM, on 10/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\C... Read more

A:PLEASE HELP!!! Endless Popups...System Performance Issues...etc.

Closing duplicate to thread located here: http://forums.techguy.org/malware-r...634402-internet-speed-monitor-popups-etc.html

Please be patient awaiting a response, there are many people seeking help and only a limited number of members qualified to assist in these types of infections.
 

Read other 1 answers
RELEVANCY SCORE 60.4

Hello,

Week ago I bought new SSD drive. (OCZ Agility 3, 2.15 firmware)
I made fresh install of OS, newest drivers etc.
SSD and my system was working very well but I was disapointed to my SSD-benchmark results. Well I tried to increase performance by updating my motherboard bios. Bios update succeed but it didnt really increase performance of my ssd, new bios reduced writing performance notable. (MOBO = Asus m4a87td/usb, bios v.2001) AHCI is on.

What with that 103424? Shouldnt it be 1024? Previous score over 400 points, now just 300. (disappeared in picture)

Also noticed another problem. I can't boot my comp if I have external drive plugged in.
I just can't change my 1st device boot to agility drive in bios because it's not in the list of boot devices. Well I unplug external drive and its working. Also thought that bios update would fix it but it didnt.

-Valtsu

A:SSD Performance reduced after BIOS update.

Your numbers are lower than most, but I don't know if it would be noticed in real life as opposed to a benchmark.

I think that 103424 is a reference to alignment. If it's evenly divisible by 4, it should be OK--and it is.

Not sure about the BIOS/external drive issue. Was the external connected when you did the clean install to the SSD?

One way or another, I'd make sure all boot files were on the SSD and that it appeared in the BIOS and was bootable, regardless of whether the external was plugged in.

Read other 9 answers
RELEVANCY SCORE 60.4

Hi.i have recently purchanced a Lenovo Yoga-500. it's working perfectly when fully charged and not charging.although when i'm at home and using it while it's plugged to electricity it runs extremly slow.My operating system is windows 10, Specs are i7-5500u 2.40Ghz8Gb Ram, Display system Intel graphics 5500 and Nvidia GT 940M.when the laptop is charging and operaring at the same time the fan runs really slowly, once i remove it from the power source it IMMIDIATLY start running at full speed.Anyone can help me solve this issue please?? 

Read other answers
RELEVANCY SCORE 60.4

Hello, I am experiencing low performance & Some kind of freezin that dissapears and re- apears. Also, I have a big number of processes running . What can I do.

Thank You in advance
 

Read other answers
RELEVANCY SCORE 60.4

I am reasonably computer-literate, at least to the point of maintaining an efficient and virus free computer to operate at top performance. Inexplicably, my gaming performance on applications which normally achieve steady frames in the 40's and 50's range are completely stuttering around 2-3. My computer is very well maintained, with a commit charge of 123, regularly defragged, registry cleaned, scanned for viruses, etc. I thought that it might be a case of conflicting drivers, and as such updated all of them, with the exception of my BIOS (was going to try but am out of floppy disks). The only other thing that I can think of besides a BIOS conflict is that in the add/remove programs list is a Client Hack 1.9.2d that cannot be removed, nor is it recognized when I do deep scans with kaspersky or bitdefender. it seems unlikely to me that one virus is drastically reducing my gaming performance, its possible that a particular setting on my computer is wrong, but I checked everything I know (including BIOS AGP aperture settings, etc). Please, any assistance would be GREATLY appreciated, as this has been driving me mad as I've been trying to remedy this on my own for the past few days.
 

A:HELP!!Gaming Performance Drastically Reduced- Tried Everything!!

bump
 

Read other 2 answers
RELEVANCY SCORE 60.4

I have purchased a gaming laptop in august of last year and it has been about 11 months since I've got it. For the first 8 months everything was amazing, i was getting high fps and good performance on all my games. Then about 3 months ago, the performance
went dramatically downhill. I wasnt sure as to why this happened so i restored my whole laptop but to no effect.
Any ideas? Anything helps,
Thank you.

Specs:
Name: Asus GL503GE-RS71 ROG Strix Scar Edition 15.6" Gaming Laptop
CPU: i7-8750H
GPU: GTX 1050 Ti
RAM: 16 GB (Initially 8, I upgraded to 16 about 2 months into buying the PC.)
Memory 1: 500 GB 3.5" SSD
Memory 2: 250 GB M.2 SSD

Read other answers
RELEVANCY SCORE 60.4

Observations and Steps Taken:

IE crashes "on the reg"

Sample Event Log Entries Left by crashes:

Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 6/29/2006
Time: 6:28:11 PM
User: N/A
Computer: FREDXPS
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module vlsp.dll, version 1.0.0.11, fault address 0x0000443e.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 46 61 69 6c ion Fail
0010: 75 72 65 20 20 69 65 78 ure iex
0018: 70 6c 6f 72 65 2e 65 78 plore.ex
0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
0028: 30 30 2e 32 31 38 30 20 00.2180
0030: 69 6e 20 76 6c 73 70 2e in vlsp.
0038: 64 6c 6c 20 31 2e 30 2e dll 1.0.
0040: 30 2e 31 31 20 61 74 20 0.11 at
0048: 6f 66 66 73 65 74 20 30 offset 0
0050: 30 30 30 34 34 33 65 0d 000443e.
0058: 0a .

[and]

Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 6/29/2006
Time: 6:34:07 PM
User: N/A
Computer: FREDXPS
Description:
Faulting application iexplore.exe, version 6.0.2900.2180, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x0003426d.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69... Read more

A:IE Crashing & BSOD's & reduced performance

Hello ford66,

I'm not seeing anything malicious in this log and the error messages you posted are related to your Operating system and Wireless Networking Card.

There are however, a few entries we can fix in the log.


From Normal Mode:


Open HijackThis and click on 'Do a System Scan Only'. Check the following entries if they exist (make sure you do not miss any)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/mywaybiz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://bfc.myway.com/search/de_srchlft.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/mywaybiz
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
Fix all the Logitech O18 entries except the first one--leave one entry intact:
O18 - Protocol: bw+0 - {D2939ECD-BEA3-46F6-B9EF-2732BE9F4E2C} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Click 'Fix Checked' and close HijackThis.

-----------------------------------

Reboot your system.

----------------------------------

Although the tools and scans you ran previously didn't come up with much, let's double-check and run a scan with Panda and see if it finds anything.

Perform an online scan using Internet Explorer with Panda ActiveScan
** click on "Free use ActiveScan"... Read more

Read other 4 answers
RELEVANCY SCORE 60.4

hi i've had a slew of problems with my new computer

-i get blue screened and it says a warning message that isn't the same from the previous windows, you know hwo it normally said your system has become unstable and what not. this message says that there was an error and windows is shutting itself down to prevent further damage

-i get black screened(iduno if thats the term) but what happens is i'll be working on some files and then out of nowhere my monitor goes black, the computer and monitor stay on, but the monitor goes into some sort of standby mode thing where the power light flashes

-i also ocassionally have trouble rebooting one of my other computers and whenever it gives me a problem the screen goes black and there's a green line that goes across the top of the monitor

iv'e tried spy ware removing programs/anti viruses/fire walls none of them seem to be working

any help would be greatly apprecieated
 

A:Solved: blue screens black screens green screens

The issues sound a bit like a hardware failure, the blue STOP screen could be hardware or software.

The Black screen sounds like the PC has died, but the power supply continues to run. This could well be hardware.

Both issues could be something like overheating of the CPU (are all fans running, is the CPU fan dust clogged - shouldnt be if it's "new")?

If it's "new" and under warranty, take it back.

It would have helped to know if it was a desktop or laptop though.
 

Read other 2 answers
RELEVANCY SCORE 60.4

I just built a new system. I have been having problems from the start.
The system:
Processor ? AMD Phenom II x6 2.8GHz 1055T
MB ? Asus M4A89GTD with USB 3
RAM ? Gskill RipJaws 2x4GB DDR-3 666MHz CAS: 9-9-9-24
PSU ? Antec EA750 750W
Video Card ? Sapphire Radeon HD 5850
HD ? Western Digital Caviar Green 2TB
Windows 7 x64

I have been getting BSOD (six crashes in 3hr. as reported by BlueScreenView). BlueScreenView reported an UNEXPECTED_KERNEL_MODE_TRAP caused by driver ntoskrnl.exe.
I ran Memtest86 v4.10 for 19h and 20m for a total of 11 passes and it found 0 errors.
Ran each stick separately through memtest86 with no errors.

I tried disconnecting the video card and using the onboard one, made no difference.

Installed Ubuntu and I never managed to get it to crash with that. I think that would mean its not a hardware issue. Does anyone agree?

I have reinstalled windows a few times and it seems to run ok for awhile meaning a day to 3 days. Then, I start getting blue screens.

I am pissed right now put all this money into a system and from day one it blue screens.

Thanks, any help will be appreciated.

A:New system blue screens from start HELP!

Download BlueScreenView (in Zip file)No installation required.Unzip downloaded file and double click on BlueScreenView.exe file to run the program.When scanning is done, go Edit>Select All.Go File>Save Selected Items, and save the report as BSOD.txt.Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

Read other 5 answers
RELEVANCY SCORE 60.4

Im hoping someone can help me as this one is doing my head in.
im running an intel dual core setup with 80 gig sata drive ( drive c) and 250 gig backup drive (drive d) and nvidia geforce 7300 GS.

up untill two days ago everything was fine now im getting constant system failures and blue STOP screens.
with the following messages.
0X000000077, (0XC000009D),0X000009D,0X00000000,0X00546000

and another was

0X0000007A (0XE1A864FC,0X0000056,0XBF92F65B,0X196B6860)
WIN32K.SYS-ADDRESS13F92F65B BASE AT 13F800000,DATESTAMP 4341DEFF

from what i can establish
this would appear to be the problem
http://support.microsoft.com/kb/130801/en-us

i have checked and double checked the cable from the drive to the board and they appear to be fine, Does that then mean that it will almost certainly be the drive that is faulty as i only got it about 2-3 months ago.?
 

A:system crashes and blue screens

Read other 7 answers
RELEVANCY SCORE 60.4

Hey, seems i got a virus. Antivirus system pro is killin me here. any help is greatly appreciated. thanks!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:25:15 PM, on 7/8/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Common Files\supportsoft\bin\sprtlisten.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\PROGRA~1\AVG\AVG8... Read more

A:Antivirus System Pro (popups and redirects)

Hello, my name is fenzodahl512 and welcome to Bleeping Computer.. Please do the following....Please download The Comedian.exe by Rorschach112 to your desktopPlease disable all of your antivirus/firewall before doing this step. Please visit HERE if you don't know how..Double click the program to run it. It will only take around several minutes to run.It will do a series of tasks and tell you when each one is finished.You will be prompted to press any key after each stepWhen it is done it will close and exit itself automatically.You can delete The_Comedian.exe once it is finishedSTOP! if you can't complete this step.. Tell me more about it..NEXTPlease download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and ... Read more

Read other 30 answers
RELEVANCY SCORE 59.6

Hi,

This problem has me completely baffeled. I'm not even sure if this is the right forum to be posting in. (If you can suggest a forum better related to topic please do).

Recently I noticed my whole system being slower and more sluggish. Especially playing games. I checked my windows experience index and it had changed from 6.5 to 2.9.

The only scores in the list that have changed signifigantly are my cpu (now at 2.3) and my memory access(2.9).

This happend to me once before about 6 months ago. In the end I updated my dell bios from a10 to a11 and my score went up to 6.5 and my performance was percieveably improved.

Now I dont understand why (what seems like the same problem) has happened again.

I'd be very grateful if somebody could help me figure out why my system has suddenly slowed down so drastically.

Thanks,

dub

A:CPU and memory performance suddenly drastically reduced

Take a look at Task Manager when it is running slow. Look at processes to see what is taking up RAM and CPU cycles.

Does it boot as quickly as before?

I wouldn't expect a BIOS change to improve things.

Look at Resource Monitor to see how much RAM you are using at any particular time.

Have you done any tests of your RAM or hard drive to confirm they are OK?

How confident are you that you have no viruses or malware?

Read other 9 answers
RELEVANCY SCORE 59.6

My laptop had a windows performance rating of 3.0 Today it is 2.6 (gaming graphics). How did it happen? The laptop is two months old. Many thanks.
 

A:Solved: Windows Performance Index reduced?

Read other 16 answers
RELEVANCY SCORE 59.6

 When using 90w adapter with Lenovo W510 the performance is reduced even when the system shows low power consumption (40W).  if you switch to battery - strangely, the performance improves. It is understandable that the performance will be limited (reduced CPU and GPU clock speed) under 90w power supply (to protect the adapter) but it shouldn't be limited immediately.  if I watch a video it doesn't really work with the 90w travel adapter (very very slow) - then I take the power cord out and WOW everything works fine... The bios should be fixed so that the clock limit will kick in only when the power consumption goes up.  otherwise, when you travel with this expensive machine you have to either carry the super heav y 135w adapter or get a performance of a net book.... Does anyone know about a fix?













Solved!

Go to Solution.

A:Lenovo W510 with 90W adapter - Reduced Performance

When using 90w adapter the performance is reduced even when the system shows low power consumption (40W).  if you switch to battery - strangely, the performance improves.
 
It is understandable that the performance will be limited (reduced CPU and GPU clock speed) under 90w power supply (to protect the adapter) but it shouldn't be limited immediately.  if I watch a video it doesn't really work with the 90w travel adapter - then I take the power cord out and WOW everything works fine...
 
The bios should be fixed so that the clock limit will kick in only when the power consumption goes up.  otherwise, when you travel with this expensive machine you have to either carry the super heav y 135w adapter or get a performance of a net book....
 
Does anyone know about a fix?

Read other 9 answers
RELEVANCY SCORE 59.6

Hello, there. I've got quite a mess on my hands. I've tried everything I know how to do and it hasn't worked. Reinstalling my OS wouldn't be the end of the world, because I have a back up from a few months ago, but I"d like to avoid it.

I am using a Gateway laptop with Windows Vista installed on it. I think SP1 was put on awhile back through windows update. I use avast anti-virus and do full scans every 2 weeks.

Here's the problem: one morning I couldn't get my computer to wake up. I couldn't get task manager to come up, so I restarted the computer (I now believe it was in the middle of a windows update when i did this). When it restarted, it would get to the login screen but wouldn't let me select a user or enter a password. Since then, whenever it restarts it gets to right before the logon should appear, and then it hangs or restarts. Sometimes I get a blue screen. The blue screen never stays around long enough for me to get it all, but it gives a 00000F4 error message and starts doing a memory dump. A different blue screen appears when I try to do start up repair. That one refers to C000001 and talks about a fatal system error.

I have tried everything I know: safe mode, start up repair, last known good configuration. I used the OS disc to do start up repair. I also tried system restore which told me that I would have to scan the disk first. Scanning told me that windows has detected file system corruption. When I saw the list of restore po... Read more

Read other answers
RELEVANCY SCORE 59.6

Hey all,
I have a new laptop running XP. Over the last day or so, the comp has been running really slow and I dont know what has caused it. Besides this, it has also crashed about 8 times over 24 hours giving me a blue screen. I am attaching a HJT log, can one of the experts here have a look and tell me whats screwed up with the laptop?
Thanks
H

Logfile of HijackThis v1.99.1
Scan saved at 1:44:11 AM, on 4/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Java\jre1.5.0_01\bin\jucheck.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\D-Link\AirPlus G Wireless Adapter Utility\AirPlus.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\104507\Deskto... Read more

A:System slow, blue screens of death

Start by running this online scan http://housecall.trendmicro.com/
 

Read other 3 answers
RELEVANCY SCORE 59.6

I am on a custom built system. It is fairly new -- roughly 3-4 months old. To date everything has been good, but today the computer crashed on me. No literal visible BSOD --- but my screens went solid red & solid blue and the audio got stuck in a horrible sort of a feedback loop so its possible it was there and I could not see it.

Ive attached my computer crash report. Any help would be greatly appreciated!

A:Crash - solid blue & red screens - new system

That sounds more like a system freeze with a display problem.
If I may suggest something it would be to install the display drivers without any software and limited drivers.
Please uninstall everything of Nvidia using Display Driver Uninstaller and install new drivers from Nvidia. Be sure the clean install box is checked and only install the Graphics driver and the PhysX driver.

Read other 4 answers
RELEVANCY SCORE 59.6

I am on a custom built system. It is fairly new -- roughly 3-4 months old. To date everything has been good, but today the computer crashed on me. No literal visible BSOD --- but my screens went solid red & solid blue and the audio got stuck in a horrible sort of a feedback loop so its possible it was there and I could not see it.

Ive attached my computer crash report. Any help would be greatly appreciated!

Read other answers