Over 1 million tech questions and answers.

New 'issue' affecting IE

Q: New 'issue' affecting IE

Details here; http://blogs.technet.com/b/msrc/archive/2013/09/16/microsoft-releases-security-advisory-2887505.aspx

Apologies if already posted elsewhere.

RELEVANCY SCORE 200
Preferred Solution: New 'issue' affecting IE

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: New 'issue' affecting IE

More on this from the ESET Threat blog;http://www.welivesecurity.com/2013/...for-internet-explorer-after-targeted-attacks/

Although I don't use IE, I've installed the 'Fix It' anyway pending a full patch. Note that, if you use the Fix it, you need to have the September Cumulative patch for IE installed first and restart IE afterwards.

Read other 1 answers
RELEVANCY SCORE 49.6

I'm looking for some advice/info/knowledge.. I have not found anything concrete in my numerous searches, so please forgive me if in my frustration I overlooked a pertinent thread..

I have been dealing with a frustrating situation, which has only been happening the past 3-4 months.. let me provide some background info so y'all know where I'm coming from.. I'm a business owner, who has decided to handle my own I.T. responsibilities.. I have a pretty good working knowledge of networking, PC's, etc.. I've always tinkered with PC's.. (since the days of the Commodore64) built and re-built PC's, coded/programmed, wrote html/css/websites, graphic design/Photoshop, etc. as a hobby because I've always enjoyed doing these things, and from a knowledge standpoint, I have kept up with the changes and advancements.. When I decided to take on I.T. for my business, I read a couple of networking and A+ books.. I know more than your average joe.. enough to effectively be the "I.T. Guy" for my business, but I'm not a certified pro.. my business consists of 3 main areas - the storefront, my office, and the stock room.. they're all in the same building, but because of the layout of the building and logistics, the 3 main areas are all on the same ISP, but have to be on 3 different LAN's, therefore 3 different routers.

That said, here is the my situation.. ebay.com and amazon.com will not load some of the time.. the message I get regardless of the browser used is:

"This site can'... Read more

Read other answers
RELEVANCY SCORE 48.8

For the past week or two now I've been having very strange latency issues only in online multiplayer games. The latency is gone when playing single player/offline. I've ran maleware scans, I've uninstalled what I thought was the problem, I've closed/stopped processes...nothing is fixing this. I ran an internet test, but the linked site doesn't offer any servers of the ISP I'm with, so I ignored that reading.

The funny thing here is that in game, it says my ping is fine, my fps is fine...so where is the issue, exactly? There's only two people in my household, me and my roommate, and he is gone to work during the late nights. Never before have we had this issue, and we've even tested to see if one of us was the problem.

My internet is wireless and goes through a couple walls, but it has never been a problem before.

I'm at a loss as to what to do.

Read other answers
RELEVANCY SCORE 48

I had a virus that took over the desktop. It was the Systemtools 2011. I used Malwarebytes to remove it, but now I have another that is canceling my sound driver, and flashing pages to my internet. I use IE and Mozilla.
Here is my DDS report
DDS (Ver_10-12-12.02) - NTFSx86
Run by Owner at 13:03:05.20 on Wed 01/05/2011
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_20

============== Running Processes ===============

C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\idt\intelxpv_v103\wdm\STacSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files&... Read more

A:Malware issue with rootKit activity, i belive affecting registries

Hello tazbear, Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.1.We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make. Open Windows Defender. Click on Tools, General Settings. Scroll down and uncheck Turn on real-time protection (recommended). After you uncheck this, click on the Save button and close Windows Defender.After all of the fixes are complete it is very important that you enable Real-time Protection again.2.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be ... Read more

Read other 8 answers
RELEVANCY SCORE 47.6

Hi, I seem to be having a problem with my laptop lately. It has been running a lot slower than usual, especially when browsing the internet.Worse still, since yesterday, I am unable to open any internet browser page as it keeps getting re-directed to another page that google chrome will not allow to open.The number of pop-ups blocked is also sky-rocketing and I am not too sure what virus/trojan/malware is affecting it. I would really appreciate your great help and thank you beforehand for it! Thanks,TraceEdit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum, due to the absence of any malware logs included in the topic. ~ Animal

A:Some Sort of Virus/Malware/Trojan issue affecting all internet browsers

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Up... Read more

Read other 1 answers
RELEVANCY SCORE 43.2

I had this issue before, all of a sudden the sound coming from my computer gets really quiet even though everything is maxed out. Before, it seemed to have been triggered when I moved my computer from one room to another. I wasn't able to move it back right away but when I did it was still happening. I removed the sound card I have, replaced it, tried different PCI slots, tested my onboard sound card, etc but to no avail. Eventually it fixed itself and I have no idea what caused it.

Earlier today my sound was working perfectly fine. I left my computer (on the entire time) to do other things and when I got back to it the volume is again really low. When it was happening before the sound seemed to be crackling on higher volumes but there's no crackling that I can hear this time. I again tried my onboard sound card and the issue was also affecting it. I normally use headphones but also tried speakers and the issue is still there on them too. Like I said though, my computer was on the entire time I was gone and nothing was changed but this suddenly started happening.

Considering it's affecting both sound cards I imagine it has to be an issue with something else, like my motherboard or Windows 7 itself. I wasn't able to find what was causing it last time though so honestly I have no idea.

Edit: Update, I found a pair of USB headphones and their volume seems fine. I hope this means something. I assume that with USB it's not going through either sound card (though that doesn't m... Read more

A:Reoccurring low sound issue affecting two sound cards

Hello and welcome Sakonoso now to me it seems that the audio through the USB port might be coming from the board audio and not the sound cards hence why it is ok. Having said that usually the on board stuff is usually cut off if there is a sound card installed.

Now it seems to narrow it down a little if this is the case and there are some things you can run sfc and a chkdsk to see if there is anything going on in the system
http://www.sevenforums.com/tutorials/139810-sfc-scannow-run-command-prompt-boot.html

http://www.sevenforums.com/tutorials/433-disk-check.html if you need to - run the latter using the /f and /r "switches"

The other thing to do is update the drivers if you haven?t done so already
http://www.htomega.com/downloads.html

Read other 6 answers
RELEVANCY SCORE 34

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:26:19 PM, on 9/20/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\RtHDVCpl.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\firedog advisor\faAgnt.exeC:\Windows\ehome\ehtray.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Users\Owner\AppData\Local\Temp\a.exeC:\Users\Owner\AppData\Local\Temp\c.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstartR1 - HKCU\So... Read more

A:I Don't Know What Is Affecting It.

Hi hokom and welcome to Bleeping Computer.I apologize for the delay in response to your thread.If you have since resolved the original problem you were having, I would appreciate you letting us know.. If not please post back a new Hjt log so I can have a look at the current condition of your machine.Thanks

Read other 2 answers
RELEVANCY SCORE 33.6

on my laptop there was something accidentally installed it a while back and since then it's been running up my ram to the point where it sometimes crashes. every now and then i hear these advertisements from different websites in the background but no web pages pop up. I tried ATF Cleaner and some of the others but still have the same problem. I used speed up my pc to clean all the temp files and etc. Here is my LogLogfile of Trend Micro HijackThis v2.0.2Scan saved at 10:17:31 AM, on 9/28/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16681)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\Explorer.EXEC:\Windows\system32\Dwm.exeC:\Windows\system32\WTablet\Wacom_TabletUser.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Lexmark 2500 Series\lxddmon.exeC:\Program Files\Lexmark 2500 Series\lxddamon.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Program Files\PowerISO\PWRISOVM.EXEC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exeC:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\2Wire Wireless Manager\2Wire.exeC:\Program Files&... Read more

A:Spyware Affecting Ram

Hi AFTERLIFE2012Hello and welcome to BCWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. We aim to provide the valuable service known to come from BC to every member we can, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay. Please see here for instructionshow to install HijackThis and make a logfile. Save it into convenient location and include it to your next reply, please.NextPlease do a scan with Kaspersky Online ScannerNote: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.Click on the Accept button and install any components it needs.The program will install and then begin downloading the latest definition files.After the files have been downloaded on the left side of the page in the Scan section select My ComputerThis will start the program and scan your system.The scan will ta... Read more

Read other 1 answers
RELEVANCY SCORE 33.6

I believe my brother might have some sort of Malware or Virus affecting our internet. Everytime he even opens his laptop (he doesn't even need to be using Chrome or anything to do with the internet he just needs to be connected) my internet turns terrible. I will be on a game and have 20-30ms, the second he turns his laptop on BAM 500+ms. I know it's his laptop because I have tried turning it off and the internet is fine, as soon as it's back on it's terrible. The amount of times I have tested this tells me there is NO WAY that this is a coincidence that the internet just spikes at coincidentally the same time his laptop is on. Only problem is, it's a school laptop. So there is no anti-virus turned on, windows defender is off. The school refuses to turn it on and says there is no problem. I can't download/install any anti-virus/malware because it requires admin rights. What can I do, and is it even a virus or malware or is there a possible clash somewhere, not too sure, all comments and help is greatly appreciated.

*Edit 1* - I have full access to everything on my computer, so if I need to access CMD or anything of the sort I can do so. I am just not sure on how it all works, I have heard words of "Tracerouting" but have no idea what that is or how it works, I never used CMD before if that could come in handy.

Thankyou for taking the time out of your day to assist me.
 

A:Possible Virus Affecting Net

What is the operating system on your brother's laptop? can you check if the issue still occurs when his laptop is wired to the router/modem?
Do you have a single modem/router device or two seperate devices? what happens when you have your smartphone connected to internet parallely without your brother's laptop connected to internet ? can you test it to see if the issue still occur? who is the isp? what is the os on your laptop? is the issue intermittent or it happens all the time?
 

Read other 1 answers
RELEVANCY SCORE 33.6

Hi There,
I'm using Windows 2000 Professional, and I've only had this computer for about a week. It was a clean installation of the OS when I got it, so it should be all good - just one (big) problem:

Every time I start up now, it installs a file in my C: folder called dnmc10.exe - this file then proceeds to self-extract using its own built-in winrar and then unzips the following files to my C Drive:
tr.bat
tr.exe
w3.exe

Once these files pop up in my C drive, Internet Explorer shows 'Page Cannot be Found' errors until I remove the files manually.
Please help, it's getting really really annoying.

- Ash
 

A:Virus affecting IE

Download the trial version of Ewido Security Suite http://www.ewido.net/en/download/ (W2K/XP Only)
· Install ewido.
· During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
· Launch ewido
· It will prompt you to update click the OK button and it will go to the main screen
· On the left side of the main screen click update
· Click on Start and let it update.
· DO NOT run a scan yet. You will do that later in safe mode.

Restart your computer into safe mode now. Perform the following steps in safe mode:
(Start tapping F8 at the first black screen after power up)

Run Ewido:
· Click on scanner
· Click Complete System Scan and the scan will begin.
· During the scan it will prompt you to clean files, click OK
· When the scan is finished, look at the bottom of the screen and click the Save report button.
· Save the report to your C: Drive
This will take some time to run!
Boot to normal mode
Post that log and a new HiJack log
Get HiJack This V1.99.1 http://thespykiller.co.uk/files/hijackthis_sfx.exe - double click the DL file and click UNZIP letting it extract to its default folder C:\Program FIles\HiJackThis, run it from there, DO NOT fix anything, post the log here.
 

Read other 1 answers
RELEVANCY SCORE 33.6

Hey. I've been trying to get some help with an issue over at another thread. But I'll try here too I suppose. Here's a log. I just need someone to tell me what within the log might be able to effect my connection, in a way that it 'stutters' for a second every few seconds in Online Games.
I'm positive it has to do with my connection, as none of this occurs in offline games.
Thanks in advance.
 

A:Affecting Connection/ within log.

Bump, Anyone? I really need some advice on this.
 

Read other 1 answers
RELEVANCY SCORE 33.6

The fan in my computer goes extremely loud whenever I open up programs which have a high memory usage, such as java, itunes, msn and streaming youtube videos.

It has been getting increasingly louder over the past few months and I'm not sure if I should just get a new fan altogether or somehow fix it.
Thanks.
My computer is a custom, but a pretty poor one

512mb ram
3.06ghz processor speed
 

A:Mem usuage affecting fan

Read other 10 answers
RELEVANCY SCORE 33.6

I have scanned my system for virus with avg 7.5 no infection found and also scanned with trendmicro no infections or bad files found however I keep when i use google or yahoo search when i click on a relevant link to my seacrch keep getting porn adds - I want to remove this but can't seem to find where the infection is located as all my diffrent searches with online and offline virus scanners etc keep coming up clean any idears (I know never lend a relative your computer, but hey he was visiting ! ) Logfile of HijackThis v1.99.1Scan saved at 18:30:58, on 22/04/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16414)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exeC:\WINDOWS\SOUNDMA... Read more

A:Only Affecting I.e 7 - My Hijack This Log

Apologies for the delay in responding. The workload on this forum is intense, and sometimes it is not possible to respond to every inquiry.As you suspect, there are malware entries showing on the last log. It is best to have the most current log possible, so please run HijackThis again. However, before doing so, please make sure HijackThis is in its own folder.If you want to keep the program on the Desktop, right click an empty area, select New > Folder, name the folder HijackThis, and place the HijackThis.exe file in it. HijackThis makes backups of what is fixed/removed, and needs its own folder to create and keep these secure. Backups allow you to restore removed entries, and this option may be necessary. Then, run the program from its own folder, and post the new log.I will be notified, and will be glad to assist you.

Read other 1 answers
RELEVANCY SCORE 33.6

Logfile of HijackThis v1.97.7
Scan saved at 1:04:33 PM, on 4/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\PROGRA~1\Grisoft\AVG6\avgserv.exe
G:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
G:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
G:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
G:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
G:\WINDOWS\System32\nvsvc32.exe
G:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
G:\WINDOWS\System32\MsPMSPSv.exe
G:\Program Files\Common Files\Real\Update_OB\realsched.exe
G:\WINDOWS\System32\devldr32.exe
G:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
G:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
G:\program files\altnet\points manager\points manager.exe
G:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
G:\PROGRA~1\COMMON~1\ADAPTE~1\CreateCD\CREATE~1.EXE
G:\Program Files\Messenger\msmsgs.exe
G:\PROGRA~1\Altnet\DOWNLO~1\asm.exe
G:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
G:\Program Files\MSI\PC Alert 4\PCAlert4.exe
G:\WINDOWS\System32\P2P Networking\P2P Networking2.exe
G:\WINDOWS\System32\wuauclt.exe
G:\Program Files\Common... Read more

A:Something is affecting my computer, please help.

Read other 11 answers
RELEVANCY SCORE 33.6

My boss brought me his personal computer. Someone had convinced him to download "Antivirus 2009" on it. It has been preventing me from running Malwarebytes (which I read can remove it) or updating any of the scanner/virus programs. I booted in safe mode and ran AVG. My boss thinks I fixed it, for most purposes it runs ok. However when you search for spyware programs, antivirus updates, or try to go to the main webpages to download updates you get redirected to a trash advertisement page. I even went to Download.com and tried to get Hijackthis from there and when the download started it canceled it and redirected the browser to a trash page. Instead I was able to download Hijackthis onto my laptop and transfer it via media key. I ran it and below is the log. I tried running gmer and the other program you ask for logs from, but even transferring from my media key the programs won't run. Thanks for your time.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:08:32 PM, on 12/4/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svch... Read more

A:Only Affecting attempts to fix

Please visit this webpage for download links, and instructions for running combofix:

http://www.bleepingcomputer.com/comb...o-use-combofix

Note: Please rename combofix.exe to cfix.exe

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Read other 13 answers
RELEVANCY SCORE 33.6

Mcafee always pops up zapchast.reg affecting a.bat message.

Here's waht i got from Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:38:43 AM, on 3/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\LxrJD31s.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
... Read more

A:Zapchast.reg affecting a.bat

need some urgent help.
 

Read other 1 answers
RELEVANCY SCORE 33.6

Here is HiJackThis Log

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 4:51:18 PM, on 3/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SafeandSecure\SafeandSecure\app\Prism.exe
c:\program files\safeandsecure\safeandsecure\app\CurtainsSysSvcNt.exe
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Dell Support\DSAgnt.exe
G:\PHOTOS~1\data\Xtras\... Read more

A:PLease Help - Smething affecting IE

Read other 9 answers
RELEVANCY SCORE 33.6

Norton detected a trojan while surfing and recommended deleting it. Everything has recovered except that the home page for I.E. is locked out to that web address and it will not let me change. I cannot even highlight it to attept to change it. I tried reinstaling I.E. but no help. Any suggestions?

A:trojan affecting ie

You have been hijacked!Create a directory on your hardrive, to save HijackThis.exe, called c:\hijackthis. This is a mandatory step, for the backup and restore functions, of HijackThis, to be able to work.Download the latest version, from here.Read the pinned post in the HJT forum, hereThen, run a log, and post it in the HJT forum. Do not fix anything, yet.A member, of the HJT Team, will help you out.Please, be patient, these people are volunteers. They will help you out, as soon as possible.

Read other 1 answers
RELEVANCY SCORE 33.6

Hey guys, I've recently purchased a new notebook, and the items on the screen were incredibly small. I used the 'make text or other items larger or smaller' option in control panel and set it to 150%.
The problem is when I run Camtasia studio and go to record the screen the recording section of the screen is only the top left quarter of the screen. Even if I set Camtasia to 'record thw whole screen' it still only records the top left box. I know the problem isn't Camtasia because on another program which allows you to take and edit screenshots, when I take screenshots it only screenshots the top left quarter of my screen.
I tried installing the programs after I had changed the DPI and the problem persists. Is the any way to 'zoom in' so to speak without messing with the DPI and screen ratio's for programs?

Any help is appreciated.

A:DPI Affecting Programs

Type magnifier in help and support for detailed information.
.

Read other 2 answers
RELEVANCY SCORE 33.6

When we attempt to browse using Google we are directed to web sites and cannot use the browser without typing the URL address directly into the address bar. I have free AVG and installed Spybot but neither has helped. You were recommended to me by my IT director at my office.
DDS (Ver_09-12-01.01) - NTFSx86
Run by Tamra at 19:55:29.86 on Sun 12/06/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.104 [GMT -8:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:&#... Read more

A:Infected with something affecting IE

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.We need to create an OTL ReportPlease download OTL from hereSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT


Click the "Quick Scan" button.The scan should take just a few minutes.Please copy and paste both logs back here in your next reply.=============The next log will show us any hidden files that are present.Download GMER from here:Unzip it to the desktop.Open the program and click on the Rootkit tab.Make sure all the boxes on the right of the screen are checked, EXCEPT for ?Show All?.Click on Scan.When the scan has run click Copy and paste the results (if any) into this thread.

Read other 14 answers
RELEVANCY SCORE 33.6

I have uninstalled and reinstalled IE, ran malware bytes, adware and virus software. Removed several files but still have issue. Cannot completely remove IE. Here is Hijack this log.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:36:50 PM, on 5/5/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0013)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\ibmpmsvc.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exeC:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exeC:\Program Files\Network Associates\Common Framework\FrameworkService.exeC:\Program Files\Network Associates\VirusScan\Mcshield.exeC:\Program Files\Network Associates\VirusScan\VsTskMgr.exeC:\Program Files\Common Files\Microsoft Shared ... Read more

A:Spyware affecting IE

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

Read other 2 answers
RELEVANCY SCORE 33.6

Just dropped embarq internet and now get internet through a verizon hotspot (love the speed). But I have a major networking problem. I have been told that i have to still connect my printer to my computer through my linksys E2000 router so I now have 2 networks on my computer. I run a business from home and trying to switch from one network to another one to print and one to search the web and send e-mails is a real pain in my [email protected]@. Can someone please tell me how this problem can be fixed I can now go on like this. thanks in advance.
 

A:please help affecting my business

Do you connect to the Verizon hotspot via Wi-Fi? If so, you can simultaneously connect to the router by ethernet or by another wireless adapter.

Most printers these days can connect by USB to a computer. That is not the case with your printer? What's the brand and model?
 

Read other 3 answers
RELEVANCY SCORE 33.6

Hello.

This computer that has been placed on my hands at work...

Acer Inc.
AcerSystem
Intel(R) Celeron(R) M
processor 1500MHz
1.50 GHz, 480 MB RAM
Windows XP Home Edition 2002 SP2

... has been giving me headache after headache. As soon as itboots a dos window comes up with some flippy progra called explori.exe and as I use Internet Explorer some sites simply don't work or show up all messed up (namely using hotmail.com and gmail.com).

Could anyone please lend a hand?
Thanks in advance.

Now for the HTJ log:

------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 11:01:33, on 03-09-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\Synaptics\SynTP\SynTPLpr.exe
C:\Programas\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\acer\epm\epm-dm.exe
C:\Programas\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W... Read more

A:Virus affecting IE? HJT log

Read other 10 answers
RELEVANCY SCORE 33.2

Posting for a friend running Win 8.1:

I have a friend who appears to have a virus... ONLY within Edge which freezes his PC. He's run Malwarebytes, SUPERAntiSpyware and rebooted. Everything is fine when using Chrome... but if he opens Edge by mistake (or his system somehow opens a hyperlink in Edge), the virus reappears and freezes his PC. The virus instructs him to call an 800 # to resolve the issue. Malarkey. If he reboots there are no issues... UNLESS he opens Edge. He can browse the web with Chrome with no problems. It would be nice to simply uninstall Edge... but I have yet to find out how.
 

Read other answers
RELEVANCY SCORE 33.2

I have WIN 7 64-bit and recently it upgraded to include SP1. Shortly after this I found that software I had previously installed and which accessed a Server through PORT 9000 was not accessible.

This was a Logitec App called Squeezebox which is used to administer a music database of .mp3 files installed on my hard disk to play on my Hi-Fi speakers.

To access this I set the browser to "http://127.0.0.1:9000" which normally brings up the Squeezebox Control Page but does not when I use WIN 7 with SP1 installed.

Since this problem arose I have reverted to a previously installed Image File of the C: DRIVE which does not contain the SP1 WIN 7 upgrade.

This action has now restored the working of the Squeezebox Web page.

My question here is :- Is it likely that the installation of SP1 in WIN 7 likely to have had this effect on the operation of PORT 9000?

If it is likely , what can I do to work around this ?

A:WIN 7 SP1 affecting operation of some Ports ?

Same problem here. Also using Windows 7 SP1 x64. Squeezebox server can't connect to the player. A suggested fix from Logitech is to edit the server.prefs file (in ProgramData/Squeezebox) and change httpport from 9000 to another value (9001, or 9101). Tried that but the server is still unable to connect.

I hope someone can post a solution.

Read other 9 answers
RELEVANCY SCORE 33.2

Windows Vista 6.0 SP 2IE 8Dell Inspiron 1525For the last couple weeks, I haven't been able to access the Windows Update page, or many other control panel functions. If I click on Windows Update, Backup and Restore Center, or Security Center (among others), nothing at all happens. I've tried to go to the Windows Update webpage, and it looks like it will open, then immediately closes. If I go to the Microsoft Update page, it's completely blank. No error codes or anything, just blank. Also, on Facebook, I can't "like" anything, or comment on someone's status. Several of the games aren't working either.Probably not coincidentally, at about the same time, I started getting a message at startup saying something (I don't remember the exact phrasing) about reverting back to the original theme, and also one that says "Runtime Error - Program: C:\Program Files\Dell|Media Direct\PCMService.exe" stating that the application has requested the runtime to terminate it in an unusual way. I'm guessing that a virus or trojan has caused a conflict?When this started, I was running AVG Free, not sure which version. When an AVG scan didn't pick anything up, I switched to Norton 360, which didn't find anything either, so I re-installed AVG Free 9.0. In addition to AVG and Norton, I've run Spybot Search and Destroy, Malwarebytes, Windows Defender (although I get an error when I try to update it). None of them h... Read more

A:Virus affecting Windows?

Hello, this may not be a malware issue. I need to ask if you now have more than one active antivirus running.Let's do one online scan.ESETHold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScanClick the ESET Online Scanner button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on Export to text file... to download the ESET Smart Installer. Save it to your desktop.Double click on the Eset Smart Installer icon on your desktop.Check the "YES, I accept the Terms of Use"Click the Start button.Accept any security warnings from your browser.Check Scan archivesPush the Start button.ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.When the scan completes, push "List of found threats"Push "Export to text file", and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.Push the "<<Back" button.Push FinishIn your next reply, please include the following:Eset Scan LogNOTE: In some instances if no malware is found there will be no log produced.

Read other 5 answers
RELEVANCY SCORE 33.2

Have some sort of re-director on one of our office computers affecting all browsers.We have the corporate version of McAfee running. I have also already tried the free versions of Spybot, Malwarebytes, SuperAntiSpyware and installed and ran MSE which I have since removed since it conflicts with McAfee when they're both attempting to load at startup. Have found numerous trojans including Hiloti, Rownidal.A, Alureon.CT, FakeSpypro, and others. The last run was SAS and it found nothing except tracking cookies.I have the dds.txt log.Cannot create the gmer log. It blue screens the computer with a "STOP: d0000144 Unknown Hard Error". Three times I've tried running it thus far. Have not tried running it in Safe Mode if that is an option?Contents of dds.txtDDS (Ver_10-03-17.01) - NTFSx86 Run by Jill at 6:54:37.00 on Mon 08/30/2010Internet Explorer: 6.0.2900.5512Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.502 [GMT -5:00]AV: Total Protection Service *On-access scanning enabled* (Updated) {8C354827-2F54-4E28-90DC-AD391E77808C}FW: Total Protection Service *enabled* {259FBE35-46BE-45F3-8F2F-4DB67BBBC614}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\dla\tfswctrl.exeC:\WIND... Read more

A:Some re-director affecting all browsers

Hello rlhar, My name is Syler and I will be helping you to solve your malware issues. Sorry for the delayin replying, we are very busy at the moment.Please note because we are very busy, if I don't hear from you within 5 days the topic will be closed, If youhave since resolved your issues I would appreciate if you would let me no so I can close this topic.Scan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check all of the boxes. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?"We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%systemroot%\System32\config\*.sav%systemroot%\*. /mp /s%SYSTEMDRIVE%\*.exenetsvcsmsconfigdrivers32CREATERESTOREPOINTPush the button.Two reports will open,... Read more

Read other 5 answers
RELEVANCY SCORE 33.2

Hello and thanks for looking at my problem.
I am not sure if my problem is due to malware or something else.
This problem occurs on my desktop machine (Win XP SP2) and one laptop (Win XP SP2) but not on an older but frequently used desktop ( Win2K SP4)

Spybot S&D (free version) is my regular malware tool,
Avira (free) for virus protection and the Comodo (free) Firewall
are run on this desktop machine.

The symptoms have shown up recently in Firefox not completely loading
a few sites which my wife uses regularly. They load fine with IE6 here
and with firefox on my older more heavily used desktop.
So its not the web sites' fault.
www.thestar.com and www.citytv.com home pages will not completely load. The tab/window will not close , eventually go white and I have to kill firefox.exe with task manager to end it.

I have tried backing off to vers 2.0.0.19 from 2.0.0.20.
I have tried clearing cache and cookies.
I have tried unchecking the "block popup windows" in the Tools menu.
I have tried turning off the Comodo firewall briefly.
I have checked the hosts file which has only the localhost entry.
I have tried running a copy of firefox under another name.

Basically I have followed the advice at mozilla.com knowledge base
"firefox never finishes loading certain websites"
http://support.mozilla.com/en-US/kb/...rtain+websites

Last week I was installing a UMAX Astra 1220p scanner and took some drivers off the internet. Before ... Read more

A:Is malware affecting my firefox

FYI to others who think this may apply to them I have found the answer in my case through solving a related problem where google maps "still loading ...." occured
in my Firefox but not in IE6 and from there I found that it was a BAD Add-on ( extension ) which only existed on the 2 machines giving me all these problems.
This "malware" I think has been withdrawn but you can still find references on the net
to "RealPlayer Browser Record Plugin 1.0" for example here
http://real.lithium.com/real/board/m...hread.id=17120

I had 4 extensions on my firefox 2.0.0.20 and started by disabling all of them and restarting firefox - voila all my reported problems were solved! So enabling each
extension one at a time and restarting firefox each time I could pin the problem on this
one. So this is one troubleshooting tip I would recommend as its fast and easy to do.

Read other 1 answers
RELEVANCY SCORE 33.2

I am running windows XP. Now I have a virus and whenever I try to run a program or internet explorer it posts a warning that the entry point is not found- the program could not be located on the dynamic link library SHLWAPI.dll. I have downloaded some antivirus programs and loaded them on the bad computer but whenever I try to run or open them I get the same warning. This may have all started when I foolishly opened the XP defender, XP fixer, system defender- virus/ program- thinking it was really from microsoft update. Anyway I can clean my computer. (if you haven't noticed my computer skills are limited.)
Thanks
Mark
 

Read other answers
RELEVANCY SCORE 33.2

Hi,

Im having a problem with internet explorer 8 on WinXP. I ran a program to install adobe acrobat which appeared to do nothing. I ran a virus scan of the file before i ran it however now im getting problems.

The computer noticably takes much longer to startup
internet explorer (8) i cant right click on a webpage, yet i can on the toolbar.

Ive ran a full system scan with Avira AntiVir and Adaware using the latest definitions. Also ran a scan with spybot search and destroy. Nothing came back. I submitted the suspicious file to virustotal.com and also came back negative.

Performed the steps however gmer kept crashing when scanning. It would perform the initial scan and then when i clicked scan (after setting the options) it would cause a BSOD with a message IRQ_not_less_than_equal or something like this.

Any help would be greatly appreciated!

Thanks
Michael

------------------

DDS (Ver_09-03-16.01) - NTFSx86
Run by Michael at 15:18:43.15 on 02/05/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2046.1213 [GMT 1:00]

AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated)
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated)
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated)
AV: AntiVir Desktop *On-access scanning enabled* (Updated)

============== Running Processes ============... Read more

A:Possible V/T/S - Affecting IE - Loosing sleep...

Bumpo

Read other 4 answers
RELEVANCY SCORE 33.2

1 of my hdd is causing issue, windows can't bootup properly with it running.
i have to disabled the sata port in bios in order to get windows bootup properly
this hdd is logically split to 2 partitions, storing my documents and also as sys temp folder drive
a googled post suggest to try plug this hdd to a hot-plug sata port to troubleshoot.
apart from this, is there a way to retain existing setup, so i can boot into windows and run diagnostic over the hdd?
i already tried safe boot, even that also hang at when loading CLASSPNP.SYS.
i'm posting this with the sata port disabled, normal windows mode, else there is no way to bootup properly.
I found a lot of these error logs:
The device, \Device\Harddisk1\DR1, has a bad block.
it's like start logging these about 2 hours ago

Read other answers
RELEVANCY SCORE 33.2

Lately, I've been having random pop-ups appear in my internet browser. Also, my laptops internet connection won't work. It'll be connected but won't work. Meanwhile the internet for all other devices in my house still work.



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2
Run by Adonvdo at 20:08:30 on 2014-02-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6026.2607 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files (x86)\Common F... Read more

A:Malware affecting Internet?

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please explain why this computer has no antivirus program installed and running. This is an open invitation for infection.

It can take as little as eight seconds to infect an unprotected computer.

Please keep this computer offline except when downloading tools and posting in the forum until we get one installed.

Let me know your intentions for an antivirus program, and/or if you need a suggestion.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.Do NOT click the green 'Download' button(if visible).
Click the blue 'Download now @bleepingcomputer' button.
Run AdwCleaner and select Scan
Once the Scan is done, select Clean
Once done it will ask to reboot, please allow the reboot.
On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[S#].txt
Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Read other 7 answers
RELEVANCY SCORE 33.2

Hi

Everytime I do a search on Google using IE7 a pop up appears telling me I have spyware and to click here to scan. My google results also have porn results come up whatever I search. After a certain amout of searches on Google it redirects to website which starts scanning my computer.
I have downloaded Firefox and that seems to work ok but computer is slow and now cant access IE.

I would like the malware/virus removed can anybody please help?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:29:13, on 16/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Wirelwss LAN Utility\TIWLANCu.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc... Read more

Read other answers
RELEVANCY SCORE 33.2

Basically, PC Antispyware popped up recently on my computer and everthing is so slow now. Need to get this off my computer ASAP.

Gmer.exe crashes my computer and always has, roughly mid way through the scan. Here are the other two logs though:


DDS (Ver_09-07-30.01) - NTFSx86
Run by Ben at 17:38:02.17 on Wed 08/05/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1006.127 [GMT -4:00]

AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
svchost.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\WI... Read more

A:PC Antispyware really affecting system. Help!

Hello and welcome to TSF.

Let's try this special version of gmer.


Download GMER Rootkit Scanner from here to your desktop. Double click the exe file. If asked to allow gmer.sys driver to load, please consent .
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.



Click the image to enlarge it


In the right panel, you will see several boxes that have been checked. Uncheck the following ... Sections
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and post it in reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Read other 2 answers
RELEVANCY SCORE 33.2

Hi there,
I suck at getting rid of malware properly, so really need some help here.
I've tried running safe mode then running Ad-Aware, Super AntiSpyware and Spybot, and nothing's working.

The problem is evident when I open up Firefox, firstly my homepage which is still that Firefox Google powered search page doesn't load and I get aload of Chinese characters on the page which looks a bit like a traditional page cannot load page but in Chinese. Then when I try accessing any search engines (with a few exceptions such as dogpile), I get redirected to a fake Microsoft page telling me to download some clearly bogus anti spyware software, can't remember the name of the software, just something like AntiSpyware, I've heard of this virus/issue before, obviously I'm not dumb enough to do that, just dumb enough to get this virus on my computer somehow in the first place.

Please could someone tell me if there is a way of getting past this short of reinstalling XP because I can't be bothered to find the files I need again and back them up.

Thanks,

Skisy
 

A:Need help: Malware affecting browser

Sorted. It was actually that changes had been made to my hosts file.
 

Read other 1 answers
RELEVANCY SCORE 33.2

Hello everyone. I picked up a virus that is causing my browsers to behave strange. I have ads that show up on the sides, top, and bottom of certain websites that never had ads there before, with little disclaimers underneath the ads that say, "Ads not by this site".

I also get websites that hotlink certain keywords written out on the site that link to other ads, that I know would normally never show this kind of behavior. Screenshot to show example.


I also get a popup with the following url:
hxxp://rvzr-a.akamaihd.net/sd/wrap-0.01.html?u=http%3A%2F%2Frvzr-a.akamaihd.net%2Fsd%2Fapps%2Ffusionx%2F0.0.4.html%3Faff%3D1019-1007

Here are the required logs. Thanks for your help in advance.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2
Run by Trace at 15:04:59 on 2013-11-26
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8175.4644 [GMT -7:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system3... Read more

A:Malware Affecting Browsers

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please explain why this computer has no antivirus program installed and running. This is an open invitation for infection.

It can take as little as eight seconds to infect an unprotected computer.

Please keep this computer offline except when downloading tools and posting in the forum until we get one installed.

Let me know your intentions for an antivirus program, and/or if you need a suggestion.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.Run AdwCleaner and select Clean
Once done it will ask to reboot, please allow the reboot.
On reboot, a log will be produced. It can also be found at C:\AdwCleaner[S#].txt
Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Read other 19 answers
RELEVANCY SCORE 33.2

Hi Experts,

My Norton Anti Virus popped up a message saying it found a virus but its not able to delete the file.. Access to the file is denied.

I tried to delete the file by going to safe mode but was not successful.
I used some programs which will delete the file immeadiately when the system starts.. that also was not successful.

I tried to delete the registry values of the infected dlls'. but they are coming back agian in the registry..

I dont know what to do know... please help me...

Let me know if you want any logs to be posted ? I have hijackthis log but dont want to post it without confirmation..

Regards,
PR.

A:Trojan horses affecting DLL's

Hi,

I have installed Malwarebytes Anti-Malware software and it is amazing...

Here is the log of MBAM.

Malwarebytes' Anti-Malware 1.30
Database version: 1421
Windows 5.1.2600 Service Pack 2, v.2096

11/24/2008 9:43:28 PM
mbam-log-2008-11-24 (21-43-28).txt

Scan type: Quick Scan
Objects scanned: 63389
Time elapsed: 13 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 5
Registry Keys Infected: 27
Registry Values Infected: 10
Registry Data Items Infected: 14
Folders Infected: 6
Files Infected: 25

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\hujeziva.dll (Trojan.Vundo) -> Delete on reboot.
c:\WINDOWS\system32\zaworido.dll (Trojan.BHO) -> Delete on reboot.
c:\WINDOWS\system32\yinazeku.dll (Trojan.Agent) -> Delete on reboot.
c:\WINDOWS\system32\vetaweyo.dll (Trojan.Agent) -> Delete on reboot.
c:\WINDOWS\system32\pekafaje.dll (Trojan.BHO) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fcaddc14-bd46-408a-9842-cdbe1c6d37eb} (Spyware.Banker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5321e3... Read more

Read other 2 answers
RELEVANCY SCORE 33.2

Hello... I would like to say thanks for all your help in the past, now i have another problem... It seems (after doing a little research) my computer is infected with a trojan known as trojan.adclicker. I have followed everything that symantec has told me to do to remove it, however it is not going away... Here is the link for the symantec site, and what they told me to do about it: http://securityresponse.symantec.com...d.clicker.html

Also... Here is my HJT log...

Logfile of HijackThis v1.99.1
Scan saved at 9:58:32 PM, on 11/8/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\Mixer.exe
C:\DOCUME~1\Gregory\LOCALS~1\Temp\8F.tmp.exe
C:\DOCUME~1\Gregory\LOCALS~1\Temp\90.tmp.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Fi... Read more

A:Trojan.adclicker affecting me :(

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to Subscribe to this thread (Thread Tools) so that you are notified when you receive a reply.

Please be patient with me during this time.

Read other 2 answers
RELEVANCY SCORE 33.2

When I transfer/share files from one computer to another on my network, my mouse gets extremely slow during the transfer process.If I transfer a file,upon completion of the transfer my mouse will return to normal. If I interrupt or cancel the file transfer, then my mouse has to reconnect.My question would be, is it possible that these things are sharing the same resources, MAC addresses, or something of that nature? and if so,how could I find out and change them? Or am I looking in the wrong direction all together? Any help would be greatly appreciated.
OK, now for the specs.
One of the computers is a Dell™ OptiPlex™ GX270 running Windows XP Professional with service pack 3 and is generally the host computer. My other computer I built myself:
OS:Microsoft Windows 7 Ultimate Build 7600-64bit
Enclosure Type: Desktop
Processor Main Circuit Board 1.87 gigahertz Intel Core 2 Duo
64 kilobyte primary memory cache
2048 kilobyte secondary memory cache
64-bit ready
Multi-core (2 total)
Not hyper-threaded Board: Intel Corporation DG965RY
Bus Clock: 266 megahertz
BIOS: Intel Corp. MQ96510J.86A.1761.2009.0326.0001 03/26/2009
Memory Size:3054 MB Type DDR2-SDRAM
Drives 240.06 Gigabytes Usable Hard Drive Capacity
129.71 Gigabytes Hard Drive Free Space
WDC WD1600JS-00NCB1 [Hard drive] (160.04 GB) -- drive 1, SMART Status: Healthy
My network is at home on a Belkin F5D8236-4 v2 wireless N Router with(or without,depending on the game and number of players) a Linksys WUSB100 RangePlus Wireless ... Read more

A:Network affecting Mouse

Read other 16 answers
RELEVANCY SCORE 33.2

Windows XP, SP3

Well, let's just go down the list of problems that I'm having, shall we?

-A Trojan crypts.dll installed many other viruses (or so I think) onto my computer, causing odd side effects.
-System Restore will not proceed after hitting the "Next->" button at the final step
-Spybot S&D will not boot, not even in Safe Mode
-Malwarebyte's Antimalware will not install, not even in Safe Mode
-AVG has been able to identify files with the following name: \\?\globalroot\systemroot\system32\UACjmvfbuyp.dll ; I believe these files are causing a script to run in Firefox and IE *ONLY* and *ONLY* on sites like google, yahoo, etc. It prints a 3000 px by 2000 px white screen in front of the actual information. AVG has put these files in the virus vault, but I cannot see them in Explorer and do not believe they're deleted.
-Internet hiccups are prevalent with Firefox and occur somewhat with Google Chrome, though not as frequently.
-I do not have System Restore points to go back to
-The only other site reporting on this odd Google problem is a Russian site which mentions the same file.

So...I'm lost, here. I need help desperately. While the main problem causer is gone, the side-effects are killing this machine.

Please help.

A:Odd virus(es?) affecting computer

Hello, Please try running SAS. Better in safe mode but we'll take a normal scan to get a log.From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox or Opera browser click that browser at the top and choose: Select AllClick the Empty Selected button.If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.NOW Scan with SUPEROpen from t... Read more

Read other 5 answers
RELEVANCY SCORE 33.2

I've got some messed up virus on my computer and its driving me insane. when i start up my pc it logs in, but only the desktop wallpaper appears, and none of the icons.

i can start programs, open stuff by pressing ctrl alt delete and starting a new task. there's something called a.exe in the processes that ive looked up and seems to be some kind of worm.

i have installed a fair few anti virus, syware, malware programs like spybot s+d, hijackthis, ad aware, avira etc etc, but the virus blocks all of them from working properly. some of them will scan and then shut down before i can delete the problems, and some of them wont work because they are being blocked from accessing the internet for updates

and to top it all off, i cant even seem to start the pc in safe mode. when i try i get a screen full of white text, then it just resets back to the startup menu.

i see you are all using hijackthis. i dont think i can get this to wrk, although i will try again. i've been told about something called combifix, will this be abe to help me?
 

Read other answers
RELEVANCY SCORE 33.2

Infected the last couple of weeks with something that affects my internet. Have TrendMicro, Malwarebytes' anti-malware, and spybot installed. None will open. Have tried several online scanners recommended by this site but whenever it needs to download I get a message that I'm not connected to the internet, even though I have an always on cable connection and the other computer in the house has no problems. I can use the internet, but am constantly redirected to random sites, and can only use internet explorer. Google Chrome is installed but like the antivirus and antimalware it will not open.
DDS (Ver_10-10-21.02) - NTFSx86
Run by HP_Administrator at 5:41:39.70 on Sat 10/30/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.958.454 [GMT -5:00]
============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common F... Read more

A:infected with something affecting internet

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please downloa... Read more

Read other 13 answers
RELEVANCY SCORE 33.2

Hello,
My first post here.
I am having trouble where my mouse freezes then disappears fron screen.
I am posting my hjt log below in the hope some nastis can be eliminated.
Thanks,
Ellemack

Logfile of HijackThis v1.99.0
Scan saved at 9:48:11 AM, on 3/30/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\CTsvcCDA.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Desktop\KillBox\hjt beta\hijackthis199_beta\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE Privacy Keeper - Last IE Window Detector -

{1201333E-BAD9-481C-BCF5-6904498CF85B} - C:\Program Files\UnH Solutions\IE Privacy

Keeper\IEPKbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program

Files\Java\jre1.5.0_08\bin\ssv.dll
O4 - ... Read more

A:Possible Malware Affecting Mouse

Further to this I have installed new mouse driver.

I have run Adaware and spybot and removed what they
said.

My HJT log is above.

Cheers,

Ellemack

Read other 1 answers
RELEVANCY SCORE 33.2

Hi,

This is my first time writing to this forum.
I'm unable to go to websites that I want. Whenevr I try to go to a website I am hijacked by the search-daily search assistant. I believe this is a trojan of some sort. I tried scanning my PC with Norton CE, AVG Anti-Spyware and Spybot but to no avail.

Could you please assist?

Thank you.

Gritt88

A:Search-Daily.com affecting IE

Please follow MicroBell's 5 Step process outlined here:

http://www.techsupportforum.com/secu...tml#post342651

After running through all the steps, please post the requested logs.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 33.2

I am writing on behalf of my father who has been experiencing problems with his computer. His operating system is WIN2000.

A few months back his MSN Messenger starting logging him in and out regularily. Sometimes in a conversation I can see him go offline and back online. Other times it appears he is still online, but the conversation isn't transmitting between us. Even stranger is the fact that he finds the problem occurs less often if he leaves his Windows Media Player running while using Messenger. He has had problems with spyware on his machine before and I'm wondering if this could be the problem this time. Would it be worth it to run HJT?

Thanks.

A:Spyware affecting MSN Messenger

It could be a number of things, Garfield. To make sure there is not a spyware issue, I would recommend you post a log.

Read other 11 answers
RELEVANCY SCORE 33.2

Hi.

Since About 2 Days Ago,The internet started acting up.
pages won't load,even though there's a connection since torrents are working.

I tried using malware bytes and spybot.
they both found some stuff and deleted them.

but the net still won't return to normal.

I scanned using malware bytes again earlier and it found nothing

only the first 2 scans of malwarebytes found something.

Edit.

-the internet is working now in normal mode,it's loading pages now.

I did this = netsh winsock reset catalog
netsh winsock reset
netsh int ip reset
netsh int ip reset reset.log

I found it on another thread here in this section.

I'll Re-Edit this post If It Stalls Again :D

Read other answers