Over 1 million tech questions and answers.

Windows XP SP2-IE7-HJT Log-posted 2 days ago-reposting to see if someone has time now

Q: Windows XP SP2-IE7-HJT Log-posted 2 days ago-reposting to see if someone has time now

I was hoping someone could look at this log
My friend has IE-Spyad--script-defender

Spybot is clean
adware is clean
Spyblaster is up to date
Norton antivirus is clean

I am wondering about the R1 And all of the OSEENUS are they ok?
His computer seems to be running very slow, there are a bunch of this stuff
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR" target="_blank" class="wLink">http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR" target="_blank" class="wLink">http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR" target="_blank" class="wLink">http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR" target="_blank" class="wLink">http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR" target="_blank" class="wLink">http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
I cleaned all the temps, cookies, history
ran cleanup

Here is the log

Logfile of HijackThis v1.99.1
Scan saved at 1:27:50 PM, on 1/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\HJT Program New\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://games.espn.go.com/ffl/frontpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?27d098239e714898b18f4e287d238537
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?27d098239e714898b18f4e287d238537
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC11CB4F-32A3-4F05-9100-42F6E75B3418}: NameServer = 167.142.225.3,167.142.225.5
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Windows XP SP2-IE7-HJT Log-posted 2 days ago-reposting to see if someone has time now

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

RELEVANCY SCORE 73.2

http://www.bleepingcomputer.com/forums/topic436236.html

A:reposting here after 3 days elsewhere lol

posted

Read other 1 answers
RELEVANCY SCORE 66.4

3rd time I have posted this log, no one has ever looked at it, 1st time 2 or 3 days, 2nd time 4 or 5 days I am trying again. Can someone just tell me if this log is clean or not?

I was hoping someone could look at this log
My friend has IE-Spyad--script-defender

Spybot is clean
adware is clean
Spyblaster is up to date
Norton antivirus is clean

I am wondering about the R1 And all of the OSEENUS are they ok?
His computer seems to be running very slow, there are a bunch of this stuff
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
I cleaned all the temps, cookies, history
ran cleanup

Here is the log

Logfile of HijackThis v1.99.1
Scan saved at 1:27:50 PM, on 1/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.573... Read more

A:Solved: Windows XP Home SP2-Have had this posted for about 7 or 8 days can someone just look

They're okay and it's clean
 

Read other 3 answers
RELEVANCY SCORE 59.2

I have severe computer problems, I logged on yesterday and while I was waiting for a page to change it went blue, said Technical Information: "STOP: 0x0000007A" followed by three more string of numbers then: " NTFS.Sys Address: F9A45000, DateStamp 45cc56a7, I read the instructions it listed, turned off my PC then started it up again, it was fine except I kept getting the pop up in my task bar saying "security warning, viruses have been detected. download antivirus program to remove" something like that, I ran scans and found a few things, quarantined them and turned off my PC, this morning after turning it on it turned blue again, saying the say thing but this time had different string of numbers, said something about software or hardware installation maybe causing problems, only thing Ive installed new is my new printer,it did have a yellow ! next to it in some file, said it had an error and I should uninstall it so i did. I did this in safe mode. When I rebooted it this time my PC totally freaked out!! My desktop came on as it normally does, all programs loaded up, then all of a sudden my screen went white, then my desktop went red and it turned into something else, like a whole new desktop but it wasnt mine, it had a BioHazard symbol in the middle of page/desktop and it said your privacy is in Danger, I thought it had hijacked my desktop but then I noticed the little hand instead of a pointer and knew it wanted me to click on somewhere on the deskt... Read more

A:Will Someone PLease Help Me, Posted 2 days ago.

Read other 16 answers
RELEVANCY SCORE 59.2

Hey, I'm new here and recently I've been having some trouble with my laptop. It started around the time my Norton expired. And don't worry I have renewed it.

I've been getting CiD pop ups everytime I go into internet explorer and it's really worrying me. My laptop is a HP Pavilion Entertainment PC and it's running on Micosoft XP Professional.

Please help!

I've recently installed the HijackThis program onto my laptop and this is the log:

Logfile of HijackThis v1.99.1
Scan saved at 10:57:21 AM, on 14/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apd... Read more

A:Posted 4 DAYS Ago: CiD POP UPS PLEASE HELP ME!

Read other 10 answers
RELEVANCY SCORE 59.2

Hi I posted about 10 days ago and have bumped my thread 4 times but haven't received a response.
 

Read other answers
RELEVANCY SCORE 58.8

Hey, just wondering if I had made a mistake here somewhere or posted in the wrong forum maybe? it's been 6 days now and i've only got 6 days left to fix the problem =(

http://forums.techguy.org/malware-r...8241-w32-koobface-b-tinyproxy-downloader.html
 

Read other answers
RELEVANCY SCORE 58

Hello,I posted 5 days ago (http://www.bleepingcomputer.com/forums/topic346553.html) and no one has responded to me yet. I am not trying to rush anyone or be mean, I just don't want to bump my topic because you guys say not to; but at the same time, no one new is looking at my topic so I think it might have been overlooked. Please let me know what to do!!!Thank you!

A:Posted problem 5 days ago, No one is answering

Hello,I know how frustrating it is when your computer isn't working properly. Let me assure you that your topic isn't lost, forgotten, or ignored. We work with hundreds of logs every day, so we have devised a means of seeing only those topics that don't have responses yet. At the moment, we have over 250 unanswered topics, the oldest dated Sept. 8, 2010 at 8:08 pm Eastern Daylight Savings time in the U.S.A. Your log topic is dated Sept. 10, 2010 at 9:22 PM using the same time zone.Our volunteer MRT team members have various levels of expertise and training, so while we try to take the oldest DDS/HJT logs, it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us would want someone to assist you who is not familiar with your issue and attempt to fix it.Please be patient. It may take a few more days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.Orange Blossom

Read other 2 answers
RELEVANCY SCORE 57.6

Hey everyone, I believe I have the most current hijack this version and ive run norton, microsoft antispyware, spybot search and destroy, ad aware... etc, and my computer keeps freezing. I thought it was Winamp or AOL instant messanger but it still does it when these programs arent running. Here is my log for hijack this.... any help would be greatly appreciated, thanks guys...

Logfile of HijackThis v1.99.1
Scan saved at 5:00:51 PM, on 3/29/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Bluetooth Software\bin\btwdins.exe
C:\WINNT\System32\cisvc.exe
C:\WINNT\system32\CTsvcCDA.EXE
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\WUSB11 WLAN Monitor\WLService.exe
C:\Program Files\WUSB11 WLAN Monitor\WUSB11B.exe
C:\WINNT\Explorer.EXE
C:... Read more

A:Windows 2000, computer freezing all the time HJT log posted

Read other 11 answers
RELEVANCY SCORE 57.6

Hello,
I posted a message 2 days ago and still have not received one reply, yet there are SEVERAL messages that were posted after mine that are well on their way to being fixed or addressed! I attached all of the requested logs to my original post.

Please I need help fixing my computer ... PLEASE HELP ... ASAP!!!!!
 

Read other answers
RELEVANCY SCORE 57.6

posted 5 days ago .. please bump me and i dont know how. will some one please help me now?
 

Read other answers
RELEVANCY SCORE 57.6

Hi, sorry to post again and I know your overwhelmed with requests.  Seven days ago I posted for help.
I still need it.  At the moment, my original post is on page 18:
Poweliks attack every minute & Crypt-s.Hon; Java exploit: howeled; MalSign.Generic
 
And, oddly my AVG popped up this morning with this named virus attack:
VBS /Heur   www.bleeping computer/forums.....   ...   ..script-injection-html.  huh?
 
Thank you for your help.        Mrs. M
 

Read other answers
RELEVANCY SCORE 56.4

MSE detected the alureon.a but cannot remove it. I tried the tdsskiller as someone else had been told to try, and it can't get past 80% initializing. I downloaded and tried multiple antivirus softwares, which did detect and delete several other infections but nothing I have tried can delete this one. I have attached the logs from dds and gmer. I first posted this in another forum category, for the attached logs please see http://www.bleepingcomputer.com/forums/topic394709.html


.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Starlight DJ at 19:54:42.79 on Sat 04/30/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1423 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Kaspersky Anti-Virus *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS&... Read more

A:Trying to remove DOS/Alureon.a I posted this a few days ago in a different forum, not sure if it was in the wrong spot or not.

Your log is properly posted, here, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the logs you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Removal Team member is already assisting you and not open the thread to respond.To avoid confusion, I am closing this topic.Average wait times fluctuate de... Read more

Read other 1 answers
RELEVANCY SCORE 56

 Hi,
Something is going on with Windows update and new/restored 7 machines. Been going on pretty much all year so far and has been noticed by a great many other technicians besides me.  Windows 7 has seamed to taken the hit hard. With machines I have built
and restored for customers over these past few years. I know how long the update process approximately took with in an hour or 2. but the same machines are now running into days. Something is not right and needs to be investigated by Microsoft to locate the
problem unless it is being done intentionally for some reason. ??? Windows 8 and 10 machines don't seam to have as much problem 8 more than 10 but 7 never used too.

This involves too many different manufactures machines and clean installs of 7 SP1 for this to be a OS install problem. Not when doing the same machine with in less than 2 years and I could turn the machine over and have it ready to return to work in
a day. Not with the current problem with the update system for 7 OS anyway. I have read where this problem has been very frustrating for other techs.

I have tried a number of the so called KB fixes for this and they pretty much do not correct the problem, I believe it is with the update system and older OS's.

If is an effort to force 10 on folks is not good, if they don't like it and just don't want it, or have other issues with it. They ask for 7 OS machines. You have something people really like!!! So keep selling it and supporti... Read more

Read other answers
RELEVANCY SCORE 55.6

Everytime I boot up windows normally I get this blue screen:

http://s20.photobucket.com/albums/b2...t=download.jpg

I can boot up in safe mode, safe mode with networking, and safe mode with command prompt. I am able to perform a system restore, and that fixes it until I restart again, then the same blue screen comes up.

It's kind of weird how this happened, I was converint some files on my computer for my ipod for a few hours straight, turned the laptop off, b/c i thought i was done wiht it, but wasn't, go to turn it back on and this happens. I ran norton full system scan, only found cookies, ran speed up my PC, deleted over 1500 files, still that blue screen.

specs:

HP dv9500t
Vista Ultimate (64-bit)
Intel Core 2 Duo processor T7500 (2.20 GHz;4 MB L2 Cache;800MHz FSB)
17" HD BrightView WS (1680x1050)
2GB DDR2 Mem
511MB NVIDIA 8600M GS
200GB 7200RPM SATA Dual

HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:27:39 AM, on 1/20/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\HP\QuickPlay\QPService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Butt... Read more

Read other answers
RELEVANCY SCORE 50.8

I have installed ad-aware and search and destroy.Logfile of HijackThis v1.98.2Scan saved at 8:54:09 PM, on 2/14/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exec:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exec:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\System32\nvsvc32.exeC:\Program Files\Softex\OmniPass\Omniserv.exeC:\Program Files\Softex\OmniPass\OPXPApp.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\WINDOWS\Explorer.EXEC:\windows\system\hpsysdrv.exeC:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exeC:\Program Files\HP\HP Software Update\HPWuSchd.exeC:\WINDOWS\System32\hphmon05.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\WINDOWS\system32\ps2.exeC:\Pr... Read more

A:Please Help, 2nd time I posted

Please run this online scan and post a new log and the results of the scan:http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

Read other 3 answers
RELEVANCY SCORE 50.4

I have a series of viruses that I cant get rid of. I tried Superantispyware, Adaware and VundoFix and ComboFix. Nothing will fix them.... so far.

Please please help me.... I have spent way too much time trying to fix this already.

Here is my current HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:58:14 PM, on 3/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\live.messenger.com
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Progr... Read more

A:Please help... spent too much time trying to fix-- HJT log posted

Hi Welcome to TSG!!
Please visit this webpage for instructions for downloading and running ComboFix.

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.
 

Read other 1 answers
RELEVANCY SCORE 50.4

Logfile of HijackThis v1.99.1
Scan saved at 1:36:37 PM, on 5/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\wuauclt.exe
D:\GB Programs\Motherboard Monitor 5\MBM5.EXE
C:\WINDOWS\system32\bcmwltry.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\gb programs\quicktime\qttask.exe
D:\GB Programs\itunes\iTunesHelper.exe
C:\WINDOWS\ddkcgngA.exe
C:\WINDOWS\cfg32.exe
C:\WINDOWS\retadpu1000106.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\GB Programs\AIM\aim.exe
C:\Program Files\iPod\bin\iPodService.exe
D:\GB Programs\ActiveSync\wcescomm.exe
C:\Program Files\Ipwindows\ipwins.exe
D:\GBPROG~1\ACTIVE~1\rapimgr.exe
C:\WINDOWS\cfg32a.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\GB Programs\f... Read more

A:My first time doing this, Hijack this log posted..

Hi, Welcome to TSG!!

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

 

Read other 1 answers
RELEVANCY SCORE 50.4

I think I have a virus. I cannot download an anti-virus program or update one I had. I have AOL and there's a free version of McAfee that I've had for a long time. It stopped updating so I uninstalled and tried to install it again, but it would not let me install saying that the website was not available. I have another IP that I do not use the AV on and the same thing happened. I tried a couple of other AV prgrams, but it would not let me download them either. Also, when clicking on a link sometimes it redirects me to Dell search or Google search. Can anyone help me? Thank you


DDS (Ver_09-07-30.01) - NTFSx86
Run by Mary Guedry at 23:29:22.06 on Thu 08/13/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.525 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\1168318571\ee\AOLSoftware.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\SetPoint\LBTWiz.exe
C:\WINDOWS\system32\dumprep.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Pr... Read more

A:Help me! I think I posted correctly this time

Please help!

Read other 3 answers
RELEVANCY SCORE 50.4

my net searches from google after i click a link post-searching.. brings me to some spam site.. not much but, yeah..

O13 - Gopher Prefix:
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
??????
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:26:04 PM, on 10/13/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18498)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Winamp\winamp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Trillian\trillian.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Progr... Read more

A:ugh, first time ive posted a long

Hello Sp1nn3yWelcome to BleepingComputer ==========================Download OTL to your desktop.Double click on OTL to run it.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.====================Please download Rootkit Unhooker and save it to your desktop.Double-click RKUnhookerLE.exe to run it.Click the Report tab, then click ScanCheck Drivers, Stealth Code, Files, and Code HooksUncheck the rest, then click OKWhen prompted to Select Disks for Scan, make sure C:\ is checked and click OKWait till the scanner has finished then go File > Save ReportSave the report somewhere you can find it, typically your desktop. Click CloseCopy the entire contents of the report and paste it in your next reply.Note - You may get this warning it is ok, just ignore it."Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?"

Read other 5 answers
RELEVANCY SCORE 49.6

Hi Everybody,

Ok so yeah I'm getting a system exchange for my dell laptop since its really messed up and I only use it for internet but I can upgrade to different things they are going t call me so I can order upgrade so here is my question.

Which is better
currently I have a 1.40ghz celeron mobile but the system exchange I tihnk will either have the sme or a 1.60ghz celeron mobile but I was considering paying more and I dont know how much eyt and if they still will let me they said they freezed the process of egtting the omptuer so I could upgrade now. But anyways which is better a 1.40ghz-1.60ghz celeron m or a IntelŪ PentiumŪ M Processor 735 (1.70GHz/2MB Cache/400MHz FSB) Im not sure what chace or fsb I currently have also I dont use it much on battery mostly on a/c adaptor so I'm not really concered about battery life. And i'm sorry for the rush but I dont really have much time to act or if they will eve let me they most likey will but im not sure
Also as always thanks techspot members you sure do make a great help
 

A:Which is better-not much time (1-3 days)

Of course, the 1.7 GHz Pentium M is better than the Celeron M, because 1.7 is larger than 1.6
 

Read other 7 answers
RELEVANCY SCORE 49.6

OS - Vista
x64
OEM Version
1 Year old System
1 Year old OS installation
Intel Core 2 Quad CPU Q9550 @ 2.83 ghz
ATI Radeon HD 4850
ASUS P5Q SE/R
? Power Supply - brand & wattage - NOT SURE :(


Ok! So bare with me here.

I've been getting BSOD randomly for the last 2 or 3 months. Recently they seem to be happening much more frequently though. In the last few days, it seems to happen everytime I'm on the computer at least once.

I had NO idea where to start and after some google searches I download a program called bluescreenviewer. When I pull up the .dmp files, the most common issue that has been showing up is one of these;

ntoskrnl.exe+5a450
ntoskrnl.exe+baa46

and occasionaly this one:

hcw18bda.sys+abff

When the BSOD happens, the blue screen comes up and it dumps the memory. I usually have less than 10 seconds before it reboots. After reboot, sometimes the computer runs fine for hours, sometimes it crashes again.

I have no idea where to begin. I read somewhere about the ntoskrnl.exe file being corrupt, or perhaps the boot.ini file. I'm such a tech noob, and a good friend suggested I come to this forum and ask for some help.

So here I am!

Look forward to any replies, and really appreciate any help that can be provided.

Thanks!


ps - I will attach the TSF Vista.zip file to my reply (never mind figured it out) I think that is what the original instructions said to do. Also, I tried to run the Reliability and Performanc... Read more

A:BSOD - First time here, hopefully I posted correctly!

Hi -

The BSODs go back to July 1, 2009, and continue through today, March 27, 2010. The bugchecks from the 26 dumps vary, but are primarily limited to 3 -

Code:

BugCheck 3B, {c0000005, fffffa6002b49bff, fffffa600b456e70, 0}
Probably caused by : hcw18bda.sys ( hcw18bda+abff )
??????????????????????????????????????????????????????????????????????????????????????
BugCheck 3B, {80000003, fffffa80077ce930, fffffa600bb0fe60, 0}
Probably caused by : hcw18bda.sys ( hcw18bda+ac01 )
??????????????????????????????????????????????????????????????????????????????????????
BugCheck 3B, {c0000005, 0, fffffa600b466e60, 0}
Probably caused by : hcw18bda.sys ( hcw18bda+ac01 )
??????????????????????????????????????????????????????????????????????????????????????
BugCheck 3B, {c000001d, fffffa800a012607, fffffa600b1f9e60, 0}
Probably caused by : hcw18bda.sys ( hcw18bda+ac01 )
??????????????????????????????????????????????????????????????????????????????????????
BugCheck 3B, {c000001d, fffffa8008b1d5f0, fffffa6009936e60, 0}
Probably caused by : hcw18bda.sys ( hcw18bda+ac01 )
??????????????????????????????????????????????????????????????????????????????????????
BugCheck 3B, {c0000005, fffffa6002b4abff, fffffa600ba4ae70, 0}
Probably caused by : hcw18bda.sys ( hcw18bda+abff )
??????????????????????????????????????????????????????????????????????????????????????
BugCheck 3B, {c000001d, fffffa80093ef930, fffffa6009c94e60, 0}
Probably caused by : hcw18bda.sys ( hcw18bda... Read more

Read other 9 answers
RELEVANCY SCORE 49.2

? OS Windows 7
? x64
? Original Install
? OEM version (came pre-installed on system)
? System is max two years old
? Os installation is the original install

? AMD A6-3620 APU with Radeon(tm) HD GRaphics 2.20 Ghz
? AMD RAdeon HD 6530D
? No clue on MoBo Manufacturer
? No clue re: power supply

? Hewlett-Packard
? p6-2127c


BSOD has been happening regularly after 6-8 hours of productivity.

I am currently running the driver verifier.

Any clue?

A:BSOD around the same time of day, most days.

Hi,

All of the attached DMP files are of the IRQL_NOT_LESS_OR_EQUAL (a) bug check.

This indicates that Microsoft Windows or a kernel-mode driver accessed paged memory at DISPATCH_LEVEL or above.

This bug check is issued if paged memory (or invalid memory) is accessed when the IRQL is too high. The error that generates this bug check usually occurs after the installation of a faulty device driver, system service, or BIOS.

If we take a look at the call stack:


Code:

1: kd> kb
RetAddr : Args to Child : Call Site
fffff800`02cc8169 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff800`02cc6de0 : 00000000`00000010 fffff880`099ea260 00000000`0000000b 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff800`02cd1c3f : 00000000`00000003 00000000`00000002 00000000`00000003 00000000`00000002 : nt!KiPageFault+0x260
fffff880`0162b9a7 : 00000000`00000004 fffff880`099ea4e0 00000000`0000d40d fffffa80`087b37c8 : nt!KeAcquireInStackQueuedSpinLockAtDpcLevel+0x4f
fffff880`018e605d : fffffa80`0aba5010 fffffa80`0914bc60 fffff880`099ea4e0 00000000`0000d40d : NETIO!WfpExpireEntryLru+0x17
fffff880`018ad787 : 00000000`00000004 fffff8a0`08350032 fffff880`099ea510 fffffa80`00000001 : tcpip!WfpAleCloseRemoteEndpointConnection+0x2d
fffff880`01925e2b : fffffa80`0aba5010 fffffa80`0a04874a 00000000`00000001 fffffa80`0aba5010 : tcpip! ?? ::FNODOBFM::`string'+0x20f72
fffff880`019261... Read more

Read other 3 answers
RELEVANCY SCORE 48.8

Hello I have a DELL XPS M170 Laptop. I used to run an ebay business which I would sell INSTANT DELIVERY items. I used Outlook Express to send emails once I had received payment. Outlook Express has an option that it will automatically send emails if it picks up key words. The problem was that my laptop had to be on with Outlook Express running in order to instantly send emails. I used to leave my laptop on for days at a time, not only that but I had it on a bed so there wasnt any airflow. I know im a IDIOT for that and it was the biggest mistake I ever made. My laptop doesnt have any problems like shutting down or anything like that. It actually still runs perfectly except that it gets so hot I could barely touch the bottom of it. After leaving it on for a couple hours i could feel the heat coming through the top. I need your help guys what can I do to fix my very hot laptop. What part do I need to replace (because I know I need to replace something) in order to get my laptop back to its original condition? All the replys from other people about this type of situation always say use air to blow out dust but that is clearly not the case for me. I left my laptop on for days and it wasnt on a flat surface. I basically just need to know what i need to replace in my laptop and I can just purchase the new part and install it myself. I am aware of laptop cooling pads but I just want to fix the problem. I would really appreciate ANY help from anyone who knows which part is getting ho... Read more

A:My Laptop Gets VERY HOT...I used to leave it on for days at a time. HELP

Read other 11 answers
RELEVANCY SCORE 48.8

Get BSOD the past few days and they have all happen around the same time each day. thought maybe was gpu drivers but still happens even after updated gpu driver. any help would be great. thank you. all my computer specs are listed under My System specs. also add file from your bsod tool. thank you again.

Read other answers
RELEVANCY SCORE 48.8

Is this okay? I usually shut my laptop off every night before bed. But lately I have been having shutdown and start up problems. Something is causing Windows to hang during shutdown, and therefore I have to hold the power button down for it to turn off.
Doing this at night, then causes Windows not to want to boot up in the morning. It eventually boots up and loads fine after a few attempts. So instead of having to deal with the frustration of doing this every night, is it acceptable to leave it on for a few days at a time?

(And in regards to the problem my laptop is having, My CD-ROM is also broken..so at this time, I'm unable to use the Windows recovery disk :/)
 

A:Leaving Laptop on for a few days at a time.

It won't hurt it as long as it has enough ventilation. Don't stuff it into a corner or anything. You could also set it to hibernate, which basically turns it off without shutting down Windows. Of you could just put it in standby, which uses more power but basically does the same thing.
 

Read other 2 answers
RELEVANCY SCORE 48.8

It sort of seems to be happening at random. I was running Photoshop when it happened, then Ableton music software, and then when I was running my anti-virus...

Here is an attached image of the BSOD error:
http://img805.images...74/photohnv.jpg

Any help would be great.

PS: When I built this computer about 7 months ago, I had memory problems and was sent new sticks of memory. That's the only problem I've had so far with this rig.

A:BSOD happens at almost any time, randomly, image posted of error

Follow instructions here please:
http://www.sevenforums.com/crashes-d...tructions.html

Test your RAM according to these instructions, and post back results:
RAM - Test with Memtest86+

Read other 3 answers
RELEVANCY SCORE 48.8

Hello. I have an issue that I cannot make sense of. I NEED YOUR HELP! I have Windows Vista Home Basic with SP1 installed on my computer. I have a copy of a legit retail version of Windows Vista Ultimate Upgrade SP1 DVD-ROM. I want to upgrade my current Vista Home Basic to Vista Ultimate. Sounds simple enough. I have read everywhere on the web and it can upgrade easily as long as you upgrade within Windows Vista and not a reboot installation. Okay, but when I get to a point in the Vista grade process, I CANNOT! During the installation process, when I get to the screen that states, "Which type of installation do you want?" AFTER INPUTTING THE VISTA ULTIMATE KEY CODE ON A PREVIOUS SCREEN, the option should be "Upgrade" ONLY and NOT "Custom (Advanced)" since the key code is set for upgrade option only. I GET THE TOTAL OPPOSITE!!! I only get the option "Custom (Advanced)" and the "Upgrade" option is grayed out. WHAT??? NO "Upgrade" option??? I SHOULD BE GETTING THE "Upgrade" OPTION!!! This does not make any sense!!! It states at the reason at the bottom of this screen, "Upgrade has been disabled. - The upgrade option cannot be started, to upgrade, cancel the installation and then choose to upgrade to a version of Windows that is more recent than the version you are currently running." This does not make any sense, does it??? I should be able to only upgrade since I only have an upgrade disc. I am upgra... Read more

A:Cannot Simply Upgrade Within Vista??? First Time Issue Ever Posted!

The slipstream may be the problem. Have you tried upgrading without slipstreaming first?

Read other 5 answers
RELEVANCY SCORE 48.8

Hello. I have an issue that I cannot make sense of. I NEED YOUR HELP! I have Windows Vista Home Basic with SP1 installed on my computer. I have a copy of a legit retail version of Windows Vista Ultimate Upgrade SP1 DVD-ROM. I want to upgrade my current Vista Home Basic to Vista Ultimate. Sounds simple enough. I have read everywhere on the web and it can upgrade easily as long as you upgrade within Windows Vista and not a reboot installation. Okay, but when I get to a point in the Vista grade process, I CANNOT! During the installation process, when I get to the screen that states, "Which type of installation do you want?" AFTER INPUTTING THE VISTA ULTIMATE KEY CODE ON A PREVIOUS SCREEN, the option should be "Upgrade" ONLY and NOT "Custom (Advanced)" since the key code is set for upgrade option only. I GET THE TOTAL OPPOSITE!!! I only get the option "Custom (Advanced)" and the "Upgrade" option is grayed out. WHAT??? NO "Upgrade" option??? I SHOULD BE GETTING THE "Upgrade" OPTION!!! This does not make any sense!!! It states at the reason at the bottom of this screen, "Upgrade has been disabled. - The upgrade option cannot be started, to upgrade, cancel the installation and then choose to upgrade to a version of Windows that is more recent than the version you are currently running." This does not make any sense, does it??? I should be able to only upgrade s... Read more

A:Cannot Simply Upgrade Within Vista? First Time Issue Ever Posted!

I upgraded my XP pro laptop to Vista Business. I bought the upgrade DVD (not oem) and chose 'Clean Install'. It's worked perfectly since February 2007.
Do you have that option?

Read other 2 answers
RELEVANCY SCORE 48.8

CANNOT SIMPLY UPGRADE WITHIN VISTA??? FIRST TIME ISSUE EVER POSTED!

Hello. I have a question that I cannot make sense of. I NEED YOUR HELP! I have Windows Vista Home Basic with SP1 installed on my computer. I have a copy of a legit retail version of Windows Vista Ultimate Upgrade SP1 DVD-ROM. I want to upgrade my current Vista Home Basic to Vista Ultimate. Sounds simple enough. I have read everywhere on the web and it can upgrade easily as long as you upgrade within Windows Vista and not a reboot installation. Okay, but when I get to a point in the Vista grade process, I CANNOT! During the installation process, when I get to the screen that states, "Which type of installation do you want?" AFTER INPUTTING THE VISTA ULTIMATE KEY CODE ON A PREVIOUS SCREEN, the option should be "Upgrade" ONLY and NOT "Custom (Advanced)" since the key code is set for upgrade option only. I GET THE TOTAL OPPOSITE!!! I only get the option "Custom (Advanced)" and the "Upgrade" option is grayed out. WHAT??? NO "Upgrade" option??? I SHOULD BE GETTING THE "Upgrade" OPTION!!! This does not make any sense!!! It states at the reason at the bottom of this screen, "Upgrade has been disabled. - The upgrade option cannot be started, to upgrade, cancel the installation and then choose to upgrade to a version of Windows that is more recent than the version you are currently running." This does not make any sense, does it??? I shou... Read more

A:Cannot simply upgrade within vista??? First time issue ever posted!

Did you have an OEM copy of Home Basic? I have never seen Microsoft allow a OEM to Retail upgrade before. You can get a OEM Home Basic to Ultimate upgrade kit and license key from Microsoft.

Read other 12 answers
RELEVANCY SCORE 48.8

Hey my computer has been rapidly slowing down it's processing power.I was hoping someone could see if my log needs cleaned up:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:54:30 PM, on 1/28/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\cisvc.exeC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeC:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exeC:\WINDOWS\system32\IoctlSvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Apoint\Apoint.exeC:\Program Files\PowerDVD\PDVDServ.exeC:\WINDOWS\system32\svehost.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpe... Read more

A:Slow Computer. Haven't Posted Log In Lonnnng Time.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the ... Read more

Read other 17 answers
RELEVANCY SCORE 48

I just watched a YouTube video of a Win7 Image Restoration.
The author indicated he had trouble restoring a System Image that was over 30 days old, due to the fact that the 30 day activation period for Win7 had expired from the time the System Image was made. It returned an error message for an Image that was over 30 days old, whereas an Image that was restored within 30 days of making it did not. Can anyone definitively shed some light on this? Do I have to create a new System Image each 30 days to remain protected due to Microsoft activation requirements?

A:Is a System Image time-limited to 30 days ?

This guy did not activate his system with a valid product key. Else there is no such restriction.

Read other 4 answers
RELEVANCY SCORE 48

For the most part, I finally got Windows 10 to work, except I have a micro-stuttering problem after just a few days of power-on time. I also have a WD My Cloud on my home network, so I'm wondering, does backing up to cloud storage have a negative impact on my system performance?

Read other answers
RELEVANCY SCORE 48

Hi everyone.

I recently bought a custom-made computer from a well established business in the UK.

The computer arrived and as I was installing everything onto it, the internet dropped out a few times. I thought nothing of it and continued. After a day or two, the dropping out happened more and more until after about 4-6 days, it become unusable.

I contacted the business, and they sent out a new network card. Whilst I was waiting for this to arrive, I tried using a USB adaptor instead of the installed card. This worked fine, until again, after 2 days or so, it started having the same issues and then stopped working completely after a similar amount of time.

The new network card has now arrived and after 2 days, the errors seem to start to be happening again. It has dropped out 3 times now and looks as though to be getting more frequent like before.

I have tried numerous attempts to fix the errors - resetting the adaptor, reinstalling the adaptor, pausing anti-virus, and all the other methods I could find online - but none have made any difference. Using the troubleshooter works okay for the first few times, but as the issue gets worse, it becomes less and less effective. The errors it reports change but most often it is related to a gateway not being available, or there being some form of IP issue.

Perhaps worth noting is that I use my phone as a hotspot as the internet signal is terrible where I have the computer. However, I've tested it, and it works absolutely fi... Read more

Read other answers
RELEVANCY SCORE 48

Hi guys!
I dont know what is happening, I am good with computers but not that good , and I dont know what to do about it. I am getting a weird blue screen that restarts my laptop all of a sudden... These are the specs:

One thing I am sure of is that every time I got this BSOD i was running PS3 Media Server (java). My system is in Romanian so I tried my best at translating it. I just want to know what to do next. Thank you

Signature error:
Error even name: BlueScreen
Version SO: 6.1.7601.2.1.0.768.3
ID regional settings: 1048

More error Info:
BCCode: 1000009f
BCP1: 0000000000000004
BCP2: 0000000000000258
BCP3: FFFFFA8003CDF040
BCP4: FFFFF80000BA2740
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\092511-18361-01.dmp
C:\Users\Sebastian Catana\AppData\Local\Temp\WER-44787-0.sysdata.xml

A:BSOD 3rd time in 7 days error 1000009f

Hi sebicatana welcome to SF

Please follow these steps and upload here the crash\bsod folder.

http://www.sevenforums.com/crashes-d...tructions.html

Read other 1 answers
RELEVANCY SCORE 48

I am getting a BSoD. It started the day I built computer. I formatted. Not one problem for 3 weeks. I left my computer off for a full day, and wen I turned it on, it won't even start up. Blue screen loop. Here is the error code as I could pull it off of one that actually stayed up longer than a blink.

STOP: 0x00000024 (0x000000000001904FB, 0xFFFFF88008811CA8, 0xFFFFF88008811500, 0xFFFFF88001CCBC27) Ntfs.sys - address FFFFF88001CCBC27 base at FFFFF88001C1F0000

The last thing I did was install an update suggested for Windows. I'm running the following.

850w corsair psu.
AMD Black Edition - AMD Phenom II X4 3.4 GHz Processor
8gb Patriot 1333 ddr3 ram
ati radeon hd5770 1gb gddr5 graphics card
2tb western digital caviar hdd
dvd rom


It's in an endless cycle of blue screens.

A:Random BSoD Loop On Startup (Posted Incorrectly First Time: Sorry!)

Have you tried memtest?

Read other 8 answers
RELEVANCY SCORE 48

I'm on a cable internet connection via Time Warner (Road Runner). What I find frustrating is that I can see the state I'm located in, and my ISP, simply by looking at my website stats (visitor logs). My geographical location shows up in my website stats as "state.res.rr.com" where "state" is the state I'm located in, and "res" means residential services (as opposed to a business cable/DSL account). I am a huge privacy advocate, and I do not like the fact that Time Warner displays this information. Any way to get rid of this identifying information?

Also, when I'm using a certain free webmail account (Hotmail) I often see personal ads with the name of my city embedded in the headline. For example, "Find sexy singles in Cityville," where "Cityville" is the name of the city I live in. How are the advertisers getting the name of the city I'm located in? Any way to block this? I don't like giving advertisers more information than is absolutely necessary!

P.S. I did NOT give Hotmail the correct city or state when I signed up for the free webmail account seven years ago. So, there's no way the advertisers are pulling my city from any information that I personally submitted.
 

Read other answers
RELEVANCY SCORE 47.6

Thank you all for your time, I got bsod every time I tried to install a new AV and do a prescan. After a while I searched and many places in the net told that the Gygabite App Center sometimes create this, so I uninstalled it, andthe BSOD stopped when using AV, but my pc got very slow. I atm followed a thead here for malware removal, and detected 3 instances of Win32/Bundled.Toolbar.Google.D with Eset Scan online, I am waiting for an answer for eliminating them in the other thread, but want to check if the hardware have something to do with the bsod. So any help there? Thanks for your help, this site is REALLY a godsend for me
 

A:Since 3 days ago i got bsod all the time i wanted to scan with a new antivirus

If you can, post any minidumps created by the BSOD's by going to C:\windows\minidump and select all the .dmp files. Right-click sending all the files to a compressed(zipped)folder. Upload this folder as a file here.
 

Read other 5 answers
RELEVANCY SCORE 47.6

Hi,
in this video Laura E. Hunter from Microsoft describes behavior analytics: https://youtu.be/hNZdboDvnuU?t=1251
She says that ATA will analyze the behavior in a domain for 21 days and declare this as normal behavior. After the 21 days ATA will report unusual user behavior based on the 21 days analysis.
I have two questions about this:
1. Can we see the progress of the analysis somewhere? I searched through the ATA-center but there is nothing. Is it possible to see it in some kind of logfile or the Mongo-DB?
2. We have started ATA with one DC. What happens if we add our other DCs later? Will the analysis recognize behavior from those, also when the 21 days are already over?
I did not find anything about this 21 days analys period in the documentation. I'm more than happy with a hint if I have overseen something there.
Thanks in advance

Read other answers
RELEVANCY SCORE 47.6

I thought I would have up to next July to decide when to get Win 10 going after the update procedure but it only gives 2 days  - how can I postpone it for much longer?

A:Win 10 ready updated but how to increase 2 days of postponement time?

You can postpone it indefinitely I think by just ignoring the message and closing the window. If you want, you can uninstall the KB3035583 and simply upgrade via the Media Creation Tool whenever you are ready.

Read other 7 answers
RELEVANCY SCORE 47.2

From Google, the sound distortion appears to be worldwide and has been around for a long time - but Dell tech support appears they know nothing about it. I'm using Windows 7 SP-1. The distortion will stop if I reboot. Without rebooting, the distortion returns anywhere within a few hours to a few days and, as time goes on, the distortion gets much worse. If you have any ideas on how to fix this issue, I will provide as many other particulars about my computer and software as you need. If there is no known solution, I believe a class action suit may be warranted. Thank you in advance.

A:Sound Distortion in Dell Laptop - gets worse with time (days)

Responded to this post in the audio section

Read other 1 answers
RELEVANCY SCORE 46.4

Here's my HJT logfile. Thanks in advance for your expert help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51, on 10/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\NinjaVideo\NinjaVideo Helper\NinjaVideo Helper.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\LogiShrd\LV... Read more

A:I Love the Blue Screen of Death...computer shutting down all the time last 2 days

bump
 

Read other 2 answers
RELEVANCY SCORE 44.4

I stayed on my computer lastnight for a while and everything seemed to be working fine. I left it on overnight as i do sometimes, and when I woke up this morning it was on a different desktop. I went to shutdown and the only option it gave me was to log off or switch user. so i chose log off and when i did it took me to the normal log in screen. when i tried to log on a box popped up and said unable to load this profile insufficient resources will load a default profile and had a box to click ok. i did a manual shutdown and restarted and then it loaded but had taken away my background picture but now everything "seems" to be working and back to normal. I have been infected before and now to come here first to make sure that this suspicious behavior is not due to a virus or some other infection. I should note that I did a revo pro uninstall yesterday to clear up some space on my comp. I deleted temp files, removed the bits of stuff left over from my recycling bin, and cleared my browsers. I dont know if this has anything to do with it or not? while it was cleaning the leftovers from the recycle bin it took like three hours to do and right at the end a box popped up and said low memory and when i checked my space it was almost depleted completely. but then a couple seconds after revo was done it went back to the normal memory amount....so i didnt think much of it htought it was just because revo was running. now i am not so sure? I am running a dell with xp and have a... Read more

A:REPOSTING THIS

<<...a box popped up and said unable to load this profile insufficient resources will load a default profile...>>That's indicative of a damaged profile. Routine enough in Windows to be well-documented. Such can prevent a user from logging on, which is why a default profile was used and why your desktop may have been a bit different.I would suggest creating a new profile for yourself...and then transferring data from your old profile to the new. Once that is done and you are satisfied that everything works as it should...delete the old profile.See Copy Data from a Corrupted User Profile to a New Profile in Windows XP - http://support.microsoft.com/kb/811151.Louis

Read other 8 answers
RELEVANCY SCORE 44.4

Logfile of HijackThis v1.98.2
Scan saved at 10:13:06 AM, on 7/19/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\MsgSys.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\NavNT\vptray.exe
C:\WINDOWS\System32\S3tray2.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Microsoft Works\WksWP.exe
C:\Program Files\Microsoft Works\MSWorks.exe
C:\Program Files\Microsoft Works\wkgdcach.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\NetZero\qsacc\x1exec.exe
C:\WINDOWS\slrundll.exe
C:\Documents and Settings\Ted Pastrick\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\M... Read more

A:reposting: Please help with HJT log for XP

http://forums.techguy.org/t382523.html

Please reply to your original thread....plus, you need to get the new version of Hijack This. You are running an older version.
 

Read other 1 answers
RELEVANCY SCORE 44

Logfile of HijackThis v1.99.1
Scan saved at 8:39:51 PM, on 1/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\EARTHL~2\PROTEC~1\ADSSER~1.EXE
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPMon32.exe
C:\Program Files\EarthLink TotalAccess\FastLane2\IPClient.exe
C:\Program Files\EarthLink\Protection Control Center\elnk_pcc.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bi... Read more

A:REPOSTING: Pc Under Attack...my First Hjt Log Please Help!!

closed

multiple postings about the same problem just confuses the issue

all replies here

http://forums.techguy.org/security/430877-pc-under-attack-my-first-hjt-log-please-help.html
 

Read other 1 answers
RELEVANCY SCORE 44

We have three users on this computer. when opening up. each user gets a different pop up box.
c\windows\system32\info32.exe
c\windows\system32\scrnsize.exe
c\windows\system32\vidntl.exe
run adaware spybot and cw shredder as per DVK01 POSTING.
could somebody check the log below and give some advise.
newbie so not too technical please.

Logfile of HijackThis v1.97.7
Scan saved at 14:12:40, on 17/05/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Exif Launcher\QuickDCF.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YPAGER.EXE
C:\... Read more

A:Reposting for a friend in need

Read other 15 answers