Over 1 million tech questions and answers.

infected machine, but can't find or remove infection!

Q: infected machine, but can't find or remove infection!

Please help!!

This is a pretty old computer (Nspire, Windows XP SP3, more info in attached hijack this log file). Was running Avast Free, but couldn't update. So I uninstalled it, redownloaded it and it wouldn't install, just froze during installation. Tried to install several others, AVG, Antivira, Microsoft Security Essentials, but all failed to install or update. Know there is something infected, but don't know what. In an IObit Security 360 Security Analysis scan, it finds two problems:

1. Update for Root Certificates [October 2010] (KB931125) 10/26/2010 343KB
2. Security Update for Microsoft Visual C++ Service Pack 1 Redistributable Package (KB2467174) 4/21/2011 4376KB

IObit won't fix these, keeps telling me they can't be fixed until a system restart has been performed. After numerous restarts, it still won't fix them. I've searched everywhere (at least I thought I had) on my machine for these and can't locate them. Don't know if they are what's causing my problem, but they're definitely undesirable!

I do not have the original XP disc for the computer. I have tried to do a system restore several times, both in and out of safe mode, but it wouldn't work.

Any help would be greatly appreciated. I am not an expert technician, but know just enough to be dangerous; so please keep instructions relatively simple.

RELEVANCY SCORE 200
Preferred Solution: infected machine, but can't find or remove infection!

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: infected machine, but can't find or remove infection!

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE-------------------------------------------------------------In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problemIf you still need help, please include the following in your next replyA detailed description of your problemsA new DDS log (don't forget attach.txt)Thanks and again sorry for the delay.

Read other 51 answers
RELEVANCY SCORE 62.4

I asked this question to the PCMover team, but I haven?t got any competent answer or solution. However, the question is related to how the Windows registry works. This is what happened:
 
1. I had performed an In-Place upgrade from XP to Win8, so I got the Windows.old folder.
2. I had transferred many of the XP applications onto the Win8 machine, using PCMover.
3. Recently, I launched PCMover again to transfer more applications. It went past the ?[Transfer] Setup? screen/stage, where is asked me about the location of Windows.old. Then it got to the ?Analyze PCs? screen/stage. That means PCMover accepted that
location of Windows.old.
4. During the analysis stage, PCMover stopped responding (crashed).
5. I re-launched PCMover, but this time, on the ?[Transfer] Setup? screen/stage, it gave me this error:
-----------
ERROR: "The registry is already loaded for this image. Remove the virtual machine or use another image prefix."
-----------
 
It is obvious that PCMover tries to build a virtual machine image, but it cannot, because there is another one with the same name/prefix. Who had created that?? Obviously, PCMover itself in its previous session that went wrong. No other application was
run between the 2 attempts! PCMover seems unable to cancel the previous image and create it again fresh.
 
Although my problem is specific, my question goes beyond PCMover itself:
 
Where can I find a virtual machine "image"... Read more

A:How to find in and how to remove a virtual machine from the registry?

First I'd try rebooting the PC, then if that doesn't make a difference, it'd be better to ask the makers of PCMover.
http://forums.laplink.com/viewforum.php?f=20
Bob Comer - Microsoft MVP Virtual Machine

Read other 4 answers
RELEVANCY SCORE 60.4

I recieved a message from Time Warner Cable today that a machine in my household is compromised and I must deal with it. There are 3 machines on the lan currently. For two of them I have been able to run malwarebytes and it didn't find anything. I am currently at work and only able to access the two remotely. I ran a CBL look up and it said a machine is infected with rustock. Is there an easy way to identify which machine is infected without having to run cleanup up on all 3? Also, the 3 computers have all different operating systems from XP to win7. I would have tried to run Combofix on them but it only works for XP. Any help is appreciated.

PS. I Posted this in the log section previously by accident. I didn't read where I should post this until now. Sorry about that.

A:> Infected with rustock, easy way to find which machine?

Some more information. I ran advanced port scanner which found 6 devices. 3 computers, 1 printer, 1 router and 1 Wii. I looked at the open ports for all of the devices and there is no indication SMTP or any port that isn't normal is open.

Read other 2 answers
RELEVANCY SCORE 59.6

Recently, a computer in my household came up with one nasty case of a rootkit/malware infection. While the case with that one is handled, fears have risen that the machine I'm currently using to type this may have also acquired the infection via a memory stick that was used to transport files from the infected one to it. Although I've experienced little myself, I have received complaints from other members of my family that the potential one was exhibiting strange behavior, particularly at start-up.

The computer in question is a Dell Inspiron that runs basic Windows Vista. The other machine it may have contracted from ran Windows XP, if that makes a difference.
I did confront some of the "problems" that seemed to revolve around starting up and logging into the machine: there was a notable slow-down for some minutes accompanied with flickering opened windows and delayed mouse movements, all of which I have not encountered before until now.

Here is the dds log:
DDS (Ver_10-11-10.01) - NTFSx86
Run by ken at 0:16:52.66 on Thu 11/18/2010
Internet Explorer: 7.0.6002.18005
Microsoft? Windows Vista? Home Basic 6.0.6002.2.1252.1.1033.18.2008.1046 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k... Read more

A:Potential Infection from Exposure to Infected Machine

"bump, please"

Read other 3 answers
RELEVANCY SCORE 59.2

My computer is infected , i do not know with what.I have noticed the following:ZoneAlarm anti-virus shut down and refuses to start up againWebsites and searches redirect me, eg. facebookPerformed an anti-spyware scan with ZA and as it was searching i saw files with names lke 'rootkit' , 'trojan' and 'virus' yet they were not 'detected'Any help or advice on what to do next would be appreciated.

A:Requesting assistance with infected machine (Unknown infection)

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Read other 1 answers
RELEVANCY SCORE 58

Somehow I've been infected with "snapdo". I have read and followed every suggestion I could find on the internet to no avail. I can't actually find it anywhere to remove it. All the files that are to be removed aren't there either.

It's not there in "add/remove programs", it's not there in "plugins", it's not anywhere!

Snapdo only shows up when I open a new tab, not on the first home page.

Please, can anyone help!!!

Thanks in advance,
Alison

PS. I'm running Windows 7 and using Chrome

A:Snapdo infection, unable to find to remove!

Hello ,

Did you try running adware cleaner 2.004 , if not here is the link - Download AdwCleaner 2.004 Free - Adware and toolbar remover - Softpedia

Download and ran a search.
Try if this works.

Read other 8 answers
RELEVANCY SCORE 57.6

Hey Guys,
 
I've been a system admin for 14 years now and I'm pretty decent at what I do, but for some reason I can't get rid of this stupid infection. Basically when I'm surfing the net (it could be any site) a popup will come up saying some bull about "You're infected! Call 1-888-xxx-xxxx to remove it. I have to click "ok" like 15 times before it goes away. I don't notice any slowdown of my computer or anything and no redirects for the browser either. And occasionally a video want to download itself onto my computer. I'll be doing nothing, just booted up my PC and IDM (which I use for downloading) pops up and says that a video it going to be downloaded something from memecentral.com. It's bugging the hell outta me. I have ran MalwareBytes Anti-Malware, SuperAntiSpyware, Spybot Search & Destroy, (fully updated and latest version) TDSSKiller and Combofix. I have Comodo Anti-Virus running and I have unistalled Firefox and Chrome and reinstalled them but still to no avail. Also I'm running Windows 7 Ultimate x64 (fully updated)
 
So I have turned to you guys for help.
 
Thanks in advance for any help.
 
 
 ComboFix.txt   42.78KB
  4 downloads

A:Infected but I can't find the infection...

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Download the version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first t... Read more

Read other 8 answers
RELEVANCY SCORE 57.6

Hey Guys,
 
I've been a system admin for 14 years now and I'm pretty decent at what I do, but for some reason I can't get rid of this stupid infection. Basically when I'm surfing the net (it could be any site) a popup will come up saying some bull about "You're infected! Call 1-888-xxx-xxxx to remove it. I have to click "ok" like 15 times before it goes away. I don't notice any slowdown of my computer or anything and no redirects for the browser either. And occasionally a video want to download itself onto my computer. I'll be doing nothing, just booted up my PC and IDM (which I use for downloading) pops up and says that a video it going to be downloaded something from memecentral.com. It's bugging the hell outta me. I have ran MalwareBytes Anti-Malware, SuperAntiSpyware, Spybot Search & Destroy, (fully updated and latest version) TDSSKiller and Combofix. I have Comodo Anti-Virus running and I have unistalled Firefox and Chrome and reinstalled them but still to no avail. Also I'm running Windows 7 Ultimate x64 (fully updated)
 
So I have turned to you guys for help.
 
Thanks in advance for any help. 
 

A:I am infected but I can't find the infection

Hello circaalHaving run ComboFix we now need to see that log. repost your info with that log in a new topic here... Virus, Trojan, Spyware, and Malware Removal Logs  Let me know if that went well.

Read other 1 answers
RELEVANCY SCORE 56.8

I have a virus that causes pop ups claiming I need to update software and forces downloads that are blocked by Chrome. I updated and ran Malwarebytes and Microsoft Security Essentials which found nothing on my machine. I then ran Spybot Search and Destroy which finds several things but the problem remains. I've reset the settings on Chrome and ran CCleaner to empty the temporary files and folders. There is no evidence of any software being installed. Nothing in add/remove programs, no recently changed files in C:\Program Files and nothing in the downloads folder. This is my mother's computer so I cannot give you an explanation of when it began. I need some help and don't know where to go from here. 
 
Update: New pop up which locked up the browser with an audio file that repeated "You are infected by malware you need to download this program and run a scan!"

A:Infection of moderate severity. Cannot find or remove with Malwarebytes or Spybo

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

Read other 19 answers
RELEVANCY SCORE 55.6

Following is a report from my anti virus log. The antivirus (bitdefender) cannot remove it. Please can somone help as BITDEFENDER are useless and you are my last hope before i re-format the computer completely!!!!!!!!

C:\Documents and Settings\Nick\Local Settings\Temporary Internet Files\Content.IE5\NKB3W5X3\x[1].chm=>/exec.htm Infectés avec Exploit.Html.Codebase.Exec.Gen

C:\Documents and Settings\Nick\Local Settings\Temporary Internet Files\Content.IE5\NKB3W5X3\x[1].chm=>/x.htm Infectés avec Exploit.Html.Codebase.Exec.Gen

C:\Documents and Settings\Nick\Local Settings\Temporary Internet Files\Content.IE5\EX5E3QDW\1575688910[1].chm=>/index.html Infectés avec Exploit.Html.Codebase.Exec.Gen

C:\Documents and Settings\Nick\Local Settings\Temporary Internet Files\Content.IE5\G7LB2IJD\EXPLOIT[1].CHM=>/exploit.htm Infectés avec Exploit.ADODB.Stream.Gen
 

A:Infected with exploit.html cannot remove or find it

Read other 11 answers
RELEVANCY SCORE 55.2

I got the XP Antispyware popups and followed instructions to remove. However, I think I am still infected because I can't get into my internet browser.

I have Windows XP and when I boot into safe mode with networking I still can't open my browser or run my Malwarebytes.

I have attached the DDS files.

I have a 64 bit computer so GMER will not work.

I was trying to do a system recovery to see if I could clear the infection because everything else had failed and get the below error:

File \minit\system32\halaacpi.dll could not be loaded. The error code is 14. Setup cannot continue. Press any key to exit.

I can do what I need except for anything that has to do with the internet which I use a great deal. I'm using a friends computer to post and can put data on a USB stick.

Any help anyone could give me would be greatly appreciated.

Thanks in advance

A:Infected with XP Antispyware - Could Not Remove All Infection

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/437384 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 52.8

I have a nasty infection that has taken over my machine and which I cannot remove. The infection seems to hijack the google page and any links that I click from this page take me to what appears to be rogue websites, which want me to download their stuff.

I am currently running Ad-aware Free Edition and have also run Malwarebytes Anti-Malware.

I have downloded the DDS tool, ran the scan and have now attached the log to this post.

Also you will find a copy of the Ad-aware scan log that detects Win32.Trojan.Tdss. Ad-aware prompts a re-boot to remove it, but upon reboot it still detects it.

Attach.txt & ark.txt are attached as well.

Thanks for any assistance.

DDS (Ver_09-10-26.01) - NTFSx86
Run by David DuBow at 9:49:24.23 on Tue 10/27/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.201 [GMT -4:00]

FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java�... Read more

A:Infected with WIN32 trojan TDSS, Detected by Ad-Aware but Cannot remove infection

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No inp... Read more

Read other 2 answers
RELEVANCY SCORE 46

WinXP Service Pack 3 Dell m4300 machine.Last week, let wife use machine, surfed to billboard.com and machine was infected with something.Could not open Task Manager among other things.Shut down, restarted, on restart, logged in to different local admin user and deleted all temp files from profiles. That stabalized machine. Updated McCafee and Ad-Aware. Scanned, no major issues uncovered first day.2nd day, same thing, updated McCafee, Ad-Aware, scanned. McCafee removed a virus, cannot recall which.Machine seemed stable.This week, started getting hijacked links in Firefox and IE. Also locked pop-ups with 'x' and 'cancel' loopping back to advertisement pop-ups.Also, evertime opened a new tab in firefox, a new firefox window would pop-up with a dozen or so tabs open to local files.I was in an urgent situation, so I ran Combofix, it found some stuff and removed it. The entire Combofix.log will be pasted below. Note, I could not figure out how to turn off McCafee on-access scan, so ran it with it on, and I could not download the 'update' for combo-fix, so it ran as I downloaded it.The machine is now stable, but I would like expert help making sure it is clean.After the Combofix log below, I have posted the DDS.scr and the RootRepeal.exe logs from this morning.Please let me know.Thank you, Pete.ComboFix 09-12-02.01 - pwood 12/02/2009 10:07.1.2 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.3072 [GMT -6:00]Running from: d:\downloads\cf\... Read more

A:Infected Machine - infected copy of atapi.sys found by Combofix

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until ... Read more

Read other 3 answers
RELEVANCY SCORE 45.2

hi

i have a computer at work .. as i am an architect i need a powerful machine with good gfx power etc
the machine i have been given is a few years old which i dnt really mind
its got 2x 3ghz pentium 4s
a reasonable gfx card asfar as i know (havent been able to push it to hard yet)
but only 512 ram!!!!

i dont understand why its got such a small amount of ram.
so im trying to push for at least another 512 or even a stick of 1gb then eventually (a few months time when my work load increases) another couple of gig.

anyway as my computer is also used a print server for a couple of printers 512 just wont cut it as i usually end up with about 80mb of ram spare
because i have a steady flow of prints through my computer i cant turn it off to check the ram type by eye etc
so i was wondering is there a way to check the fsb of the computer through windows?
ive heard that pentium 4 3ghz were 800mhz fsb ... but i dont want to just go on that


thansk for your time
 

A:How to find out what my machine is!?

download and use CPU-Z. IT's free.
 

Read other 4 answers
RELEVANCY SCORE 44.8

Hi,
As above, how I find my Machine Access Code on Windows 7?
Thanks,
 

A:How do I find the MAC for my Win7 machine?

Hi,
Is this anything to do with the question you asked about bypassing your Uni's policies?

http://forums.techguy.org/networking/974682-activating-wireless-router-uni.html

Richard
 

Read other 3 answers
RELEVANCY SCORE 44.8

samsung NP275E4V-K02

i need reviews, product page, will i be able to find drivers...etc
 

A:plz help me find information about this machine

Read other 16 answers
RELEVANCY SCORE 44.8

Hi,

I have a Desktop, "HP Pavilion a6040a", the machine comes stock with Vista.

I have formated and installed XP SP3 onto the machine and am having trouble with the Audio and LAN drivers.

HP only has Vista drivers on their website (because this model wasnt released under XP):

http://h10025.www1.hp.com/ewfrf/wc/softwareCategory?lc=en&cc=au&dlc=en&product=3401207&lang=en&

HP has this specification sheet for the machine:

http://h10025.www1.hp.com/ewfrf/wc/document?lc=en&cc=us&docname=c00892664&dlc=en
Looking at the back of the case, the lan and audio are onboard (part of the mainboard). By the specs listed by HP, the chipset is a Intel 945G . The motherboard is a ASUS P5LP-LE.

I downloaded from this page...

http://www.intel.com/support/chipsets/sb/CS-020683.htm
the Graphics Driver and the Intel Chipset Software Installation Utility. All worked fine but neither of these downloads provide audio or lan drivers.

I found the following link on Intels website (some generic intel network driver?), but when downloading, it continually points to 404 page not found:

http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldId=4275&lang=eng
Ive used PC Wizard 2008 to try and identify the LAN, it reports as "Intel Corporation 82801GB ICH7".

Any light on this would be really helpful.

Thanks so much.
 

A:Please help me find drivers for HP machine

Read other 6 answers
RELEVANCY SCORE 44.8

Is there an event history stored on a PC that can tell me who logged onto a PC and from what time to what time?

Thanks.
 

A:How to Find Who Logged On My Machine?

Only if you have it set that way.
 

Read other 3 answers
RELEVANCY SCORE 44.4

A very long time ago, I had a user account for me and one for one of my friends. After a while, he didn't need to use my computer anymore, so I deleted his account, through the control panel's users option. He had downloaded something called Beam!2D and it shows on my Add/Remove programs. I try to do the add/remove and it will not remove it. I can see the path of where the program is supposedly installed, but the thing is that it's under the c:/Documents and settings for my friend and that account doesn't exist, so there is no folder.

It's taking 19,992mb and 19,923mb, because there are two instances of the program. How can I uninstall something that technically doesn't really exist? I don't want to restore my computer if I can avoid it.

A:Add/Remove Programs Cannot Remove Program: Can't Find It

No need to reformat you will however need to edit the registry.
Are you feeling comfortable to edit the registry?

Read other 6 answers
RELEVANCY SCORE 44.4
RELEVANCY SCORE 44.4

I want to find out the screen type for a X201T I want to buy, I do not have physical access to the machine, but the information I have is MTM is 3093CTO and SN is R9*****. 
 
I can not find any information Lenovo MTM search or serial number search. Is there any way I can find out if the laptop has the outdoor display or normal display? I know it it not multitouch because the edge is not flush.
 
Admin note; s/n edited to prevent the spambots from getting it



Your mum

A:How to find part number for a machine?

Using the S/N and the machine type I found the following:
 

 
According to the HMM, FRU 13N7296 is a "LCD panel, 12.1-in. WXGA, LED backlight for multi-touch panel"
 
But to be 100% sure the best would be to ask the seller to use HWInfo or any other Hardware scan software to read the panel this machine has...

Read other 3 answers
RELEVANCY SCORE 44.4

Hello, I am trying to determine if the processor (AMD) in a 6305 small form factor is compatible with the intel core i3 processors in an 8300 sff and 6200 sff. The reason I am trying to find this out is I would like to put solid state hard drives in ALL of those machines. Is there a way for me to find this out?

A:How can I find out if a processor in one machine is compatib...

@Pitts2k You can not interchange AMD and INTEL. Different sockets and chipsets. Sorry. REO

Read other 3 answers
RELEVANCY SCORE 44.4

Problem: As a member of the security team, I am not a member of the IT team. Therefore do not have access to physical lists of a given machine.

The easy solutions are-1. Ask IT for the list of machine names, 2. Ask someone physically at the location to look for the users cubical and tell me the machine name (located on the ID tag)

Issue: Examine the contents of a workstation somewhere on our intranet.
Known Data: Username, server, server profile, physical address (big deal), personal storage on the LAN. Every workstation on the intranet has a unique identifier assigned by IT and placed on label on the physical case. Connecting remotely is permissible for my position.

Question. Is there a way to look on the local server (remotely) and determine the IP or machine name from a profile stored on the server or any other identifying characteristics to help me map to this workstation.

The problem with my "easy solutions" are that IT is NOT security, asking anyone opens the door to multiple questions that cannot be answered during an active investigation, and the separation of management (which I am classified as) and the workers prohibits them from assisting. Last resort, if there is no way to virtually accomplish this, is to contact the manager of the office to physically look at the workstation.

Thanks for your help,
MM
 

A:Solved: Need to find remote machine name

Read other 10 answers
RELEVANCY SCORE 44

I have the blue screen on my desktop telling me

"spyware infection, your system is infected with spyware. Windows recommends you to use a spyware removeal tool to prevent loss of important data and increase system performance...."

Haven't noticed much of a change in system performance, yet the desktop background is frozen. I don't really know if there is anything hidden, used windows antispyware beta to run system scans twice and both turned out clean.
Can anyone help? Please!
Here is my Hijack This Log file:

Logfile of HijackThis v1.99.1
Scan saved at 7:40:06 AM, on 12/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program ... Read more

A:help remove: "spyware infection your system is infected with spyware..."

Hi domd, Welcome to TSG!!

* Click here to download smitRem.exe.
Save the file to your desktop.
It is a self extracting file.
Doubleclick the smitRem.exe and it will extract the files to a smitRem folder on your desktop.
Do not do anything with it yet. You will run the RunThis.bat file later in safe mode.

* Download the trial version of Ewido Security Suite here.
Install ewido.
During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido
It will prompt you to update click the OK button and it will go to the main screen
On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe mode.
* Click here for info on how to boot to safe mode if you don't already know how.
* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.
* Restart your computer into safe mode now. Perform the following steps in safe mode:
* Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.
* Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the repor... Read more

Read other 2 answers
RELEVANCY SCORE 44

Hi, This is the second of two posts, one per machine in my network that have virtumonde.dll. This machine has apparently been hit harder than the first, and is for example attempting to reinstall office when logging in. As far as I can tell winlogon hasn't been affected as in some other virtumonde infections I have heard of. I hope this post helps, and that this was the right approach rather than posting both logs in one request. As I mentioned in the other post, many thanks for your help - I will most likely not have access to these machines until Monday. Hijack this log follows:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 17:30:39, on 28/03/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\WINDOWS\avgagent.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exeC:\WINDOWS\System32\svchost.exeC:\Pr... Read more

A:Vitrumonde Infection - Second Machine

Hi,* Please download Malwarebytes' Anti-Malware from Here or HereDouble Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply along with a fresh HijackThis log.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Read other 10 answers
RELEVANCY SCORE 44

Hi. I originally posted this problem on 7/14/09 and never received any advice. A few lookers but no replies. I still have no internet connectivity on this machine so unless I can create a bootable cd I can't get any tools to run to clean it up. I did get the paid version of AVG 8.5 to load off a cd and it reports 5 instances of win.32 huer on the machine. They are supposed to be locked in the AVG virus vault. I know earlier versions of AVG were giving false positives for this trojan but I tend to believe this report since the machine is screwed up. Since removing the virus without any tools is impossible can any one advise me on how to restore internet connectivity? Or can I use this machine running XP pro sp2 to load a cleaner to the infected machine? They share the same WLAN I know you guys are busy but a little advice sure would be appreciated.

Thanx again in advance
Steve

A:infection on vista machine

Hello,I've a couple ideas.See if this fixes your Net issues .Go to Start ... Run and type in cmdA dos Window will appear.Type in the dos window: netsh winsock resetClick on the enter key.Reboot your system to complete the process. If you cannot use the Internet,you will need access to another computer that has a connection.From there save mbam-setup.exe to a flash,usb,jump drive or CD. Now transfer it to the infected machine, then install and run the program. If you cannot transfer to or install on the infected machine, try running the setup (installation) file directly from the flash drive or CD by double-clicking on mbam-setup.exe so it will install on the hard drive.***Manually Downloading Updates: Manually download them from HERE and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.***Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may... Read more

Read other 3 answers
RELEVANCY SCORE 44

Hello,

I am facing a problem for a couple of days now that seems impossible to resolve...

I was using outlook and had the preview pane enabled. as soon as I opened my inbox folder the first email appeared. for my bad luck, it contained a virus which my Symantec Antivirus (full version: 10.0.0.359, with updates on 20/5/09) detected. I deleted the email, unfortunately it seems my system has been compromised.

The problems:
Keep getting reports from my antivirus that it found and successfully deleted files like "hacktool.rootkit", or "downloader".
Apart from that, there was a file in one of my folders in Docs&Settings under a folder named "nameOfFolder.exe" which I could not get rid of - I turned to safe mode and removed it, but it came back up on restart to normal mode. I finally managed to remove it today by first renaming and then deleting (!).
Moreover, there is a file in my system32 folder with the name bootok.exe which from what i read is a virus/trojan - which again I cannot get rid of: i can delete it, but it keeps coming back.
Finally, I cannot go to my registry editor.

I have updated my antivirus but in every scan my machine appears clean...
I also scanned with malwarebytes' antimalware: clean.
also with rootkit.reavealer: clean.
tried also to run HiJackThis, but it cannot run...


any help much appreciated :)

A:Infection in a WinXP SP2 machine

As a continuation to my original post:

I would like to correct the mistake where is said: "I also scanned with malwarebytes' antimalware: clean."

I scanned, but it showed multiple infections.

Please see attached file.

Thank you!

Read other 2 answers
RELEVANCY SCORE 44

Hello!
 
I'm trying to remove an infection from an old XP laptop.  I'm very hesitant to just re-install because I'm using this computer to edit a movie, and it took me weeks and weeks of research and trial and error to find all the codecs and virtualdub addons and such to do this for free, and commercial editing software is both espensive and keeps wanting to re-compress stuff I don't want re-compressed.  I realize this computer will never be secure, but if I can ever get it clean I will simply keep it off the internet as I don't need the internet to edit this movie.
 
Anyhow, I searched this forum for info and have tried a few things.  So far it's only gotten better, but I'm still having the problem where one or another of the system processes shuts down and then XPAuthority tries to reboot my machine.  I can stop it from doing so with "shudown -a" but then the computer just gets slower and slower until I can do almost nothing.
 
I have been able to successfully run MalwareBytes software and ComboFix.  I figured I had enough experience with computers to do that on my own.  Both found, removed and fixed various things.  I can post logs if you like, but neither completely solved the problem.
 
I am unable to run ESET or Hijackthis.  ESET hangs at an empty browser window while waiting for the scanner to load, Hijackthis uses an msi installer and the msi functionality has been compromised, I get an error when I try to i... Read more

A:Very stubborn infection on old XP machine.

Hello and Welcome on board gaheller ,my Name is Machiavelli and I will assist you with your problem.If you booted into safe mode on your computer then print my instructions!I'm in the 'Malware Staff Team' and will provide you with advice:To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.Below are a few tips:Removing Malware is usually very difficult.We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!Please follow these instructionsIf you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!Please stay in contact with me until your problem is resolvedAs Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.Please don't run any other tools without consulting with me as this can complicate finding and removing all MalwareDon't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!Read my post completelyIf you don't do so, you may make mistakes that could result in your System crashing by... Read more

Read other 28 answers
RELEVANCY SCORE 43.6

Our network admin is currently trying to find the hardware configuration/specs of all the servers. Between looking at the General tab of the Properties box on My Computer and msinfo32.exe, I can get all the information that I need on XP and 2K machines.

Is there a way to get this information on a Windows NT machine?
 

A:How to Find Hardware Configuration Specs on an NT Machine?

techgirl05 said:

Our network admin is currently trying to find the hardware configuration/specs of all the servers. Between looking at the General tab of the Properties box on My Computer and msinfo32.exe, I can get all the information that I need on XP and 2K machines.

Is there a way to get this information on a Windows NT machine?Click to expand...

try getting it from dxdiag.exe
 

Read other 2 answers
RELEVANCY SCORE 43.6

We have a script that installs an application on a user's box. It can run on XP, Vista, Win 7.... So it uses the ver command and find to figure out what the os is. It used to run on my win 7 box. It no longer does. The find command now gets an error. I tried substituting findstr and it returns a good completion code regardless! The grep command works great but most machines don't have grep so that is not an option to use. I would just like to figure out why find doesn't work. The date for find.exe in the System32 folder says 7/13/2009. Is there something I can do to restore find? Listed below is the the command & output that helps determine the OS version using find/findstr/grep

C:\Users\pwilliams>ver
Microsoft Windows [Version 6.1.7601]
C:\Users\pwilliams>ver|find "Version" <-- this used to work!!
find: `Version': No such file or directory
C:\Users\pwilliams>echo %ERRORLEVEL%
1

C:\Users\pwilliams>ver|findstr "Version"
Microsoft Windows [Version 6.1.7601]
C:\Users\pwilliams>echo %ERRORLEVEL%
0

C:\Users\pwilliams>ver|findstr "Version 6.0" <-----
Microsoft Windows [Version 6.1.7601] |
C:\Users\pwilliams>echo ERRORLEVEL% |--one should fail!
0 |
C:\Users\pwilliams>ver|findstr "Version 6.1" <-----
Microsoft Windows [Version 6.1.7601]
C:\Users\pwilliams>echo %ERRORL... Read more

A:find command no longer works on my win 7 machine

findstr is not failing because it uses regular expressions to find strings (unless you specify otherwise) so it's not literally interpreting the string you're inputting. In order for it to interpret the string literally, you'd want to use the following:

findstr /C:"Version 6.1"

Read other 1 answers
RELEVANCY SCORE 43.6

Hi,

I have a linux virtual machine that I forgot which machine it being hosted on. Is it possible to find that some if I ssh into the virtual machine?
 

Read other answers
RELEVANCY SCORE 43.6

Hi all,

I am home for Thanksgiving and my mother has requested my computer help. Her Dell Latitude d531 runs Windows XP Home edition. It's running *incredibly* slowly. It is also completely offline, even though other computers can use the wireless and I've tried various things to get the connection back. I'm currently running a Spybot Search and Destroy scan in Safe Mode with the admin setting. Here is my Hijack this log, if anyone can shed any light:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:05:39 PM, on 11/27/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\Administrator.AL\Desktop\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=5080617
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,St... Read more

A:Possible spyware infection--VERY slow machine

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far. Upon completing the steps below another staff member will review your topic an do their best to resolve your issues. If you have already posted a DDS log, please do so again, as your situation may have changed. Use the 'Add Reply' and add the new log to this thread. Thanks and again sorry for the delay. We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explaination about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that... Read more

Read other 2 answers
RELEVANCY SCORE 43.6

Hello,
 
Last night I ran into some trouble with AVG telling me I had an infection that it was unable to remove, I think it was the Win64/patched.A thingy.  It was throwing up some other infections etc. and causing some issues.  However, I like to do battle with these things, somewhat cavalier.  I went round the houses and tried a manual deletion.  I got so far, looking at files like services.exe in the windows32 folder, it wouldn't let me, though I renamed the file s.exe and then had some system failure.  
 
Well I then went down the system restore route, finially getting the thing running again.  Computer said it had had some trouble, restoring, though now when I look at my AVG archive, the s.exe is in the vault.
 
Now I am still a littel suspicious and worried, though computer seems fine, sooo....I ran the combofix thing (disabled AVG) and this is my log...
 
ComboFix 13-03-16.02 - Scotty G 16/03/2013  15:52:30.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.8169.6377 [GMT 0:00]
Running from: c:\users\Scotty G\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   ))))))))... Read more

A:Possible infection on machine? Win64.pachted.A

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===
 
Lets have a look.
 
Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.
 
Download DDS by sUBs from one of the following links if you no longer have it available.  Save it to your desktop.
 
1: DDS.scr (Not recommended if you use Chrome to download this .scr file. Use the other options.)
2: DDS.pif
3: DDS.COM
 
Double click on the DDS icon, allow it to run. 
A small box will open, with an explanation about the tool.  No input is needed, the scan is running. 
Notepad will open with the results. 
Follow the instructions that pop up for posting the results.[/list]Please note:  You may have to disable any script protection running if the scan fails to run.
 

 
Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.===
 
Third party programs if not up to date can be the cause of infiltration an infection.
===
 
Please run this security check for my review.
 
Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically c... Read more

Read other 5 answers
RELEVANCY SCORE 43.6

Malware has causeed My Windows XP Service Pack 3 machine to be used as a web surfing proxy.
This is the result of a rogue Anti Virus program-- the name of which I'm not sure-- gave fake alerts etc... Once it (the rogue Anti Virus started installing from a site through Firefox, I
turned the machine off and rebooted. The fun began.

My current security suite is as follows:
Ad Aware/Malware Bytes and Clamwin along with R-Firewall make up the defense.

There were many problems i.e. searches being redirected-- all solved by the previously mentioned programs, but the proxy issue remains and appears to only be "patched" via strong firewall policies.
(AVG was installed and in use when the infection happened. I no longer use it.)

I suspect that a process has somehow attached itself to the svchost process....

Netstat shows correct web links with strict firewall policies. Firewall off and we get a million net connections I don't recognized. More evidence of proxy use. What commercial reason would motivate this?

The evidence for the proxy use is in:

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5

Yes this a very hidden place on everyone's machines and includes an index.dat file that records web searches along with various folders acting as cache for web searches. On my machine it contains a cache of web assets
that do not belong to me or anyone in my local network (home). It appears to... Read more

A:Windows XP SP3 machine used as proxy after infection

Hi,Please do the following:Open HiJackThisClick on Do a system scan onlyCheck the boxes next to ONLY the entries listed below (if still present):R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5577O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)O23 - Service: JUNOUKGQ - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\JUNOUKGQ.exe (file missing)Close all windows except Hijackthis and click Fix CheckedClick Yes when promptedClose HijackThis.NEXTPlease download DDS from either of these linksLINK 1 LINK 2and save it to your desktop.Disable any script blocking protection Double click dds to run the tool. When done, two DDS.txt's will open. Save both reports to your desktop.---------------------------------------------------Please include the contents of the following in your next reply:DDS.txtAttach.txt. NEXTPlease download aswMBR ( 511KB ) to your desktop.Double click the aswMBR.exe icon to run itClick the Scan button to start the scanOn completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Read other 2 answers
RELEVANCY SCORE 43.6

My machine has been taken over by a virus that will not let me read e-mail, download utilities, monitor Task Manager or MSConfig without being in Safe Mode.

I have run Registry Macanic, Spy Sweeper, Norton Anti Virus but no luck. I also tried the Virus / Trojain sweeper recomended by Techspot which did identify and remove problems, but I am still in limbo.

Any Help would be greatly appreciated.

Steve O...
 

A:Virus Infection Controling Machine

Go HERE and follow the instructions exactly.

Once you have done that then go HERE for instuctions on how to post your Hijackthis log.


Regards Howard :wave:
 

Read other 1 answers
RELEVANCY SCORE 43.6

To Whom It May Concern:
 
I have always had one all-in-one security solution running on my machine (e.g. Norton, McAfee, Kaspersky, etc…). I have also always used a variety of on-demand and real-time anti-adware, anti-malware, anti-spyware and antivirus solutions on my machine. Typically I allow my all-in-one solution to do most of the work in protecting my machine. In addition to this I use the on-demand and real-time solution weekly to deal with anything that the all-in-one solution missed or couldn't handle. Up until recently this general scheme has worked well for me as I have not had any major issues. However, over the last few months I have become rather lacking in my efforts to maintain the security of my machine.
 
About one month ago I start to notice issues in the performance of my machine; including a few odd error messages,  several random program crashes, slow operation in general, web browser pop-ups (which are blocked, supposedly), OS crash (one time), and odd hard drive activity. At this point it occurred to me that my lackadaisical approach to machine security might have allowed some unwanted programs to infect my machine. Unfortunately, I did not copy the error messages I received when they occurred because I did not think much of them at the time. 
 
To eliminate the possibility of a malware/virus infection I ran all of my security software (all-in-one, on-demand, and real-time) to identify and eliminate any possible problems.... Read more

A:Possible Malware/Virus Infection on Machine?

Hello, please post the full ASWmbr log.also do these.MiniToolBoxPlease download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.TDSSKillerDownload TDSSKiller and save it to your desktop.Extract (unzip) its contents to your desktop.Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.AdwCleanerPlease download AdwCleaner by Xplode and save to your Desktop.Double click on AdwCleaner.exe to run the too... Read more

Read other 9 answers
RELEVANCY SCORE 43.6

Below is the Hijack this log for this PC. I am trying to diagnose whether or not it is infected. The user has complained about random errors like being unable to load webpages. Scanned with Malwarebytes and it came up clean(log only identified our remote admin software). Let me know what else I need to do. Thanks.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:40:58 PM, on 12/13/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\WINDOWS\dwrcs\DWRCS.EXE
C:\PROGRA~1\Ixia\Endpoint\endpoint.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\WINDOWS\system32\r_server.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\dwrcs\DWRCST.exe
C:\Program Files\Analog Devices\Cor... Read more

A:Windows XP Machine: Possible infection - Hijack this log

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/432266 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 43.2

For the past 2 months something is not right with our home computer, and I don?t know what.

I run McAfee, but the scan does not seem to run, takes days to finish and sometimes only says 1200 files scanned with no virus detected.
When I run task manager says CPU usage is 100%.
IE hangs up or is very slow to connect. Web pages don?t load and explorer hangs up and has to be restarted.

I am not getting pop-ups and explorer is not getting re-directed.
I have security set to refuse cookies.
Win Patrol set to ask before letting programs access internet.

I am thinking a family member (have multiple users) opened an infected e-mail or went to an unsafe site to download, only because of the suddenness of the change in system performance.

I am attaching the DDS.TXT and ATTACH.TXT files as instructed in the virus help page.

Thank you for looking at these.

TonyG


.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 19:12:39.40 on Tue 03/29/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.90 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServi... Read more

A:new issues with an old XP machine. Is it a virus McAfee can't find and clean?

Welcome to TSF :)

Download Combofix from this webpage: A guide and tutorial on using ComboFix

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" .
Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

Read other 19 answers
RELEVANCY SCORE 43.2

Hi, I found a couple threads with a similar problem, through searching, but I could not get to the bottom of things, so here is a new thread.

I have moved into a new place that has both Brother and Officejet machines hooked up on a preexisting wireless network. My roommate has had both machines for some time, and there are no problems connecting to either machine using her Mac laptop. (Allegedly, other people have also come over with Windows laptops, and have been able to access both machines as well).

However, I have an HP laptop with Windows 7, and while I was able to detect and connect to the Officejet, my computer can't even detect the Brother machine (MFC-7345N) through "add device" in the control panel. Troubleshooting did not help.

After reading other threads involving this type of issue, I took the liberty of going to my command line and typing:

nbtstat -n

and

ipconfig /all

These are my results:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Derp>nbtstat -n
Local Area Connection:
Node IpAddress: [0.0.0.0] Scope Id: []
No names in cache
Local Area Connection 2:
Node IpAddress: [0.0.0.0] Scope Id: []
No names in cache
Wireless Network Connection:
Node IpAddress: [10.0.1.4] Scope Id: []
NetBIOS Local Name Table
Name Type Status
---------------------------------------------
DERP-HP <00> UNIQUE Registered
DERP-HP <20> UNIQUE Registered
WORKGROUP <00> GROUP Registered
W... Read more

A:Laptop with Windows 7 can't find Wireless Brother Machine

How is the MFC-7345N connected to the router (ethernet?)?

How is the Officejet connected to the router (Wi-Fi? ethernet?)?

If the answers are ethernet and Wi-Fi, respectively, does the router have an "isolation" feature that prevents wireless computers from "seeing" wired devices?
 

Read other 3 answers
RELEVANCY SCORE 43.2

I follow normal procedures to obtain a floating license for an app, but I get the error: Cannot find Machine ID. 
I seem to have verified that this error indicates that the client machine id (CMID) is the id that is not found. This is seen by running the below command in the Powershell screen:
https://social.technet.microsoft.com/Forums/windows/en-US/5de91700-e120-46cb-a9f7-a908cff1653c/how-to-find-your-client-machine-id-cmid?forum=w7itproinstall

The result is a blank where you expect to see the machine id.
MACHINE ID
-------------

How can this be corrected?  I would?ve done a system restore, but the oldest date available is after the problem was occurring.  
I'm not sure just how long this was occurring on my machine, but I did have some virus trouble a short while back, which I think is the likely cause. My machine seems good otherwise, Malwarewarebytes, McAfee cleaned me up. 

I downloaded MGADiag.exe, ran it, but the results look good to me, I don't identify any issues there. 
I'm posting a slightly shortened version of the report here.
Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-MV8MH-98QJM-24367
Windows Product Key Hash: wgci5Gdejx4esg7++zTOe3LWF+4=
Windows Product ID: 00371-OEM-8992671-00437
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.048
ID: {B086EBE8-D281-49D0-8CFA-0730D4E68088}(1)
Is Admin: Yes
TestCab: 0... Read more

Read other answers
RELEVANCY SCORE 43.2

Ever since two weeks age, I have this program crashing within 0.5-2 hours after I turn on my machine. I can not find it anywhere, not in processes, services, startup, registry, searched for mdm.exe in C: and no results. I have tried this KB which is relating to Window XP, didn't solve it. I've ran Systeminternal's Autoruns and it wasn't there either!

I'm afraid it start after I installed some old abandonware games, all are removed and deleted since then. How do I get rid of it or disable it?

A:Machine Debug Manager(MDM) Crashing error, yet I can not find it

I've monitored and found what triggered mdm, it was something in VLC's cache (?), I deleted the folder and uninstalled VLC Player. Can anyone guess what those things mean? How can something in VLC's cache trigger all the system's DLLs? And cause a crash after that?

Read other 1 answers
RELEVANCY SCORE 43.2

Hello all,

This is the first time I've ever had to post on a tech forum to assist me in an issue, but I'm at an absolute loss.

A friend of mine was having trouble with his Dell Inspiron 1525, informing me that every time he booted the machine normally, it would freeze. He's not exactly computer savvy, so the machine wound up in my care to be diagnosed and fixed. I'm only a computer programmer, but I'm not exactly a slouch.

Safe mode and safe mode with networking work perfectly. Thinking the issue was just a plethora of viruses, I downloaded SuperAntiSpyware and Windows Defender and began cleaning out around a dozen or so pieces of malware and spyware from my friend's computer. I figured I had done my job and rebooted the computer normally. No go--- the issue still remain unresolved.

I'll describe the problem in more detail. I can get to the Windows Vista login screen just fine, and I'm even able to log in and get to the desktop... for about a minute. Then the machine locks to the point where I can only use the mouse and nothing else. I was able to get both Task Manager and Process Explorer working, and there is nothing taking up 100% of the processing power before the machine locks up. There was a svchost that took up 20-30% of the processing power but PE showed nothing abnormal with it, and I've even seen the computer freeze when that process was down to 0%. The physical memory seems a bit high at 850+ but nothing that should... Read more

A:Windows Vista machine freezing, can't find issue

I'm pretty sure there is still some malware lurking on the computer which is causing the issue, since you say that it works just fine in safe mode.

Perhaps someone authorized to help with malware removal here can assist you.
 

Read other 1 answers
RELEVANCY SCORE 43.2

Hi,
 
I am trying unsccessfully to get rid of Apps Hat from my Win 7 computer.
 
I have Avira free and MalwareBytes. MB detects it in a full scan & removes but it returns on start up.
 
Any help on this would be appreciated. Thanks

A:Trying to remove Apps Hat from my Win 7 Machine

Hi, please run a FRST scan:Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)Start FRST with administator privileges.Make sure the option Addition.txt is checked and press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply.

Read other 2 answers
RELEVANCY SCORE 43.2

How do you remove a virtual machine from VMware player? When I looked in the help menu, It says that you can remove the title from the Library list, But the machine is still there. Do you just delete the folder that it's in? That doesn't seem the correct way to do it. I want to redo my Windows 10 preview install. Any help will be appreciated.

Clint

A:How to remove a virtual machine

Yes, Just delete the folder where you have it setup and yes, it is the correct way to do it.

Read other 10 answers
RELEVANCY SCORE 43.2

hi mates

i could not remove trend micro client from my PC

really this trend micro stopped running in my PC and i dont know why for that i want to uninstall it and install it again but i couldnt do that

pls could you help with this?

A:[SOLVED] i could not remove a Av from machine

Go to T H I S page
Follow the link to "I need help removing the Trend Micro product in my computer."
click on your product and follow the removal instructions.

-le

Read other 2 answers
RELEVANCY SCORE 43.2

First of all hello to all!
 
 
I just bought a new Windows 8.1 machine, a Dell Insperion 2 in 1.  It's for work which I do out of my car.
 
Anyhow, I want to rid myself of Windows store.  I do not have gpedit on this version of Winblows nor can I see the offending setting in Regedit.  HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsStore
 
Is there hope?  
 
 
As always, thanks in advance!
 
MK  
 
 

A:How can I remove this from my new Windows 8.1 machine?

Just ignore it. There isn't really a way to remove the Windows Store.

Read other 20 answers