Over 1 million tech questions and answers.

Weird activity and no access to programs - Help

Q: Weird activity and no access to programs - Help

have had no issue at all for a long time and all was well. Then this week I was on my pc (Windows XP) and went to shut down the pc, but when I went to Start to look for shute down it was not there and neither was the Run command. I researched online and found out it maybe called the quickinfo virus. I followed a few steps and got back the run command and shutdown button. I though all was fine but now when I go to open Adobe Photoshop CS I get and error I must have Admin rights to load program and it shuts down. I looked at user accounts and their is only one mine and it has admin rights. Also if I hit ctrl+alt+delete it says it has been diabled as I do not have admin rights.

How do I fix this issue?

Is this the name of the virus I have, or is it something else?

I pasted what I followed to get links back below just as FYI. Please help as I can not do any work. Thanks Much
Open a command prompt (CMD) from accessories menu -> type "gpedit.msc" expand the user configuration node -> expand admin templates -> click "Start Menu and Taskbar -> int he right pane look for "remove run menu from start menu from start menu" it should be set to "not configured" if it is double click it set to enable, click apply, then set to disable and click apply. if it's set to enabled then set to disable. Reboot and see if run's back on the start menu.

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Weird activity and no access to programs - Help

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 55.6

Running on a WinXP Pro SP3 system with Norton Internet Security (NIS). NIS reports that the system is infected with Zero Access Rootkit Activity 4 and Tidserv Activity 2 and offers manual removal instructions but I've tried those and the don't work.

The dds.txt output file appears below. The attach.txt from DDS and the output from GMER (ark.txt) are attached.

Thanks for your help,
Gary

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Owner at 16:09:39 on 2012-02-19
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2006.814 [GMT -8:00]
.
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files ... Read more

A:Infected with Zero Access Rootkit Activity 4 and Tidserv Activity 2

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links.Link 1Link 2Link 3 1. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the r... Read more

Read other 33 answers
RELEVANCY SCORE 55.6

I have a Win XP Pro SP3 system running Norton Internet Security. It reports that my machine has been infected with "Zero Access Rootkit Activity 4" and "Tidserve Activity 2" and that both require manual removal. I've followed the instructions provided by Norton but those instructions fail to help clear the problem. Also, other strange things are happening. I can't reach the Windows update site via IE. When I try to ping it, the mysterious domain suffix nsatc.net is appending to the domain name but that suffix doesn't show up in my TCP/IP properties.

Please advise as to how I can remove these threats.

Thanks,
Gary

A:Infected with Zero Access Rootkit Activity 4 and Tidserv Activity 2

Hi Gary, to remove this we need to repost as we need a deeper look. Please go here....Preparation Guide ,do steps 6-9.Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.If GMER won't run skip it and move on.Let me know if that went well.

Read other 2 answers
RELEVANCY SCORE 55.2

Hey there, first time poster, hope I follow all the rules right.I've recently run into a series of issues with my desktop. Long story short, I got AVG 8.5 and Advanced Systemcare Professional. I thought all my problems had been fixed, till I turned my computer on today.I cant think of anything I've downloaded or done that could have caused my problems but..Now, if I click on a google search result, I typically get redirected to another site. If I click back in internet explorer from this new site, then click the search result link again, it works everytime and takes me to the correct place.2nd problem, firefox can never find a server. I click the firefox shortcut from the desktop, google pops up, but nothing works after that. If I try to search in google, it says server cannot be found. If I type in a direct URL, same result.I also tried logging into a few different poker sites that I use to play online poker at. As soon as I enter any characters in the username fields, the programs lose their connection to the internet and just sit there trying to reconnect, strangely enough though, internet explorer still has access to the net just fine.Advanced Systemcare Pro sees no problems.AVG 8.5 comes up with 2 problems.1)"C:\WINDOWS\explorer.exe (1884)" "Virus identified Packed.Hidden" "Infected"2)"\\?\globalroot\systemroot\system32\kbiwkmkbmuiyqv.dll";"Virus identified Packed.Hidden";"Infe... Read more

A:Google searches redirected, programs lose internet access, other weird problems.

Hello, trustandfall.Welcome to Bleeping Computer. My name is etavares and I will be helping you with your log.Please give me a little time to go through your log. I'd also like to let you know that I am in training here at BC. At each stage of the process, my work will be checked by an expert coach. That means there may be a slight delay between my responses as they check it. Don't worry, we won't leave you.Please note that I may have taken this log out of order. As a HJT trainee, I occasionally take logs out of order to further develop my skills. I have a balance of older logs (e.g. first come, first served) and fresh logs. If you are reading this and are still waiting, please be patient. Our volunteers are working as hard we as we can to help everyone.Here's a few things to get started: Please subscribe to this topic, if you haven't already, and wait for me to get back to you. Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible. Even if things appear better, that does not mean we are finished. Please continue to follow my instructions until I give you the all clean. If at any point, you are not sure what I am asking for, please ask me and I can better communicate what I mean. Please reply within 5 days of my last post or the thread will be closed. If you will be away or unable to reply, please let me know in advance so the thread is not closed. We have many folks waitin... Read more

Read other 9 answers
RELEVANCY SCORE 55.2

Two things. First, my virus scanner, Trend Micro, has picked up and quarantined several viruses in the system volume information folder. I then went and tried to get into the folder, but was denied access. When i click to open it is says "C:\System Volume Information is no accessible. Access is denied." Second, when i look in my task manager and the processes that are running on my machine, i often see a weird program running that is named with random letters and numbers like "QO8F91.EXE." When i end it, another one, with a different name, comes up the next time i use my computer. Below is a scan from hijack this, which shows the weird program running. Any ideas? Thanks.

Logfile of HijackThis v1.99.1
Scan saved at 7:37:26 PM, on 5/26/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\System32\pctspk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\WINDOWS\System32\nvsvc32.... Read more

A:Solved: System Volume Information access denied and weird programs running

Duplicate.

Continue posting here: http://forums.techguy.org/t365863.html
 

Read other 1 answers
RELEVANCY SCORE 51.6

Was working on some homework earlier and noticed AVG E-mail Scanner popping up above my tray bar. I didn't have Outlook or any web-based e-mail service open at the time, and I've never noticed this happening before... The screenshot won't display for some reason, so here is a text version of what the e-mail scanner was displaying:

Connecting to i222-150-69-88s04.a014.ap.plala.or.jp
Connecting to i222-150-69-88s04.a014.ap.plala.or.jp
Connecting to i222-150-69-88s04.a014.ap.plala.or.jp
Connecting to i222-150-69-88s04.a014.ap.plala.or.jp
Connecting to i222-150-69-88s04.a014.ap.plala.or.jp
Connecting to i222-150-69-88s04.a014.ap.plala.or.jp

Over and over about six times, each time.

Any thoughts on what could have caused this? The same thing popped up three times in a period of about two minutes.

A:Weird AVG Activity

Hello and Welcome to TSF.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

------------------------------------------------------

Read other 1 answers
RELEVANCY SCORE 51.6

Must be that time of the year again, as my PC is acting weird. Not sure if it is the full moon or did something creep into my system. My PC is slower than normal and has rebooted itself several times.

I am using XP Pro and McAfee Total Protection which is up to date. I did a scan using McAfee and it comes back clean. I rebooted into safe mode with networking and ran a Panda Online scan. First time it restarted in the middle of the scan. The second time it said it found stuff, but it was mostly tracking cookies.

I am attaching a HJT log and the Panda results. Suggestions?
 

Read other answers
RELEVANCY SCORE 51.6

Hey, I have a somewhat new PC, only about a month old. I bought a few computer games for my PC the same day I got the computer, they played fine. Up until recently my system has been acting weird, taking longer to load pages, taking longer to open programs, and gaming performance seems to have decreased. I scanned with norton antivirus, and ad-aware, cleaning up everything I found. Could you maybe take a look at my hijackthis log?

Logfile of HijackThis v1.98.0
Scan saved at 12:21:13 PM, on 7/4/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\SRNMIC~1\SOLOSENT.EXE
C:\PROGRA~1\SRNMIC~1\SOLOCFG.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\... Read more

A:Weird PC activity

Read other 16 answers
RELEVANCY SCORE 51.6

My laptop has been restarting on its on, freezing up a lot. I shut it down last night and when I started it this morning, it started up with my user account like it was brand new. My desktop is a windows desktop, not the one I had on, my favorites are erased. My home page is the "welcome to windows" page. It's like starting from scratch. I tried to do system restore and I got a message saying "system restore is not able to protect your computer. Please restart your computer and then run system restore again." When I shut it down, everything was normal, it has been running weird but my stuff was as I had it, now its gone! I don't know if I need hjt or now but I'm posting it just in case. Ive done AVG and its clean, and Malware bytes is clean. I hope there's something I can do to get it back to normal. Just noticed all my pics and music are gone too.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:40:39 AM, on 11/7/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Lavasoft... Read more

A:weird activity HJT log

Hello. I am PropagandaPanda (Panda or PP for short), and I will be helping you with your log.I apologize for the delay in response. We get overwhelmed with logs at times, but we are trying our best to keep up. If you have since resolved the original problem you were having, we would appreciate you letting us know. If you still need help, post a new HijackThis log.You may want to keep the link to this topic in your favourites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.Please take note of some guidelines for this fix:Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself. Finally, p... Read more

Read other 2 answers
RELEVANCY SCORE 51.6

I have had really strange messages. 1 is you are not the adminstrator and I am the only person and the administrator of this system. By looking at this can you see anything ODD? I ran one in October too and it is copied below. Wasn't sure if having both would help? If there is any more info you need to help assess whether I have any "wares" please let me know.
I am running Vista

Logfile of HijackThis v1.99.1
Scan saved at 9:24:26 PM, on 11/25/2008
Platform: Unknown Windows (WinNT 6.00.1905 SP1)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\ArcSoft\TotalMedia Backup & Record\uBBMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Windows\System32\mobsync.exe
C:\Users\Margaret\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.aol.com/
R1 - HK... Read more

Read other answers
RELEVANCY SCORE 50.8

In my Windows Task manager I have this: "rundll32.exe msvcrt.dll,sleep". This process hogs memory and CPU time like crazy. It can go to 550MB of RAM and 50% of CPU time pretty quickly one it starts up. I end this process from time to time, but it comes on again after a while. I end it 3 to 4 times a day. I was wondering if my msvcrt.dll is hijacked by some virus?
 

Read other answers
RELEVANCY SCORE 50.8

My laptop is fairly new (only got it 3 weeks ago), but already i have experienced a BSOD around 2 weeks ago and two crashes, both a few days apart.

Today's crash was odd though: I forced a restart when it became unresponsive (i was installing updates at the time) and as it loaded it came up with the usual safe mode suggestions, but then, after telling it to start normally, it came up with a black screen with some white text and was cycling through registry keys. It was over very quickly so I'm afraid i cannot give more details, but i remember seeing "600 items" or something similar. Is this a vista recovery operation or something more sinister? After it was done, the computer didn't continue to load up but restarted itself, at which point it loaded fine.

Anyone know what this was? Thanks.

Oh, i also checked the reliability tool but nothing reported for the 13th.

A:crash then weird activity

Hi. . .

Given the fact that you experienced a BSOD on a 1 week-old new laptop and now seeing the information on subsequent crashes, I would recommend that you reset the laptop back to factory condition by re-installing Vista via the recovery partition.

Usually you press an F key to invoke the recovery partition - it may be F10, F11, ctrl-F11, or the esc key. Look in your owners manual for the exact key/combination.

This will place your system back to the way it was when you turned it on for the first time.

If you have difficulties or questions, please let me know.'

Regards. . .

jcgriff2

.

Read other 3 answers
RELEVANCY SCORE 50.8

Ok, my 1st time here, seemed like a good place for some advice.

My basic problem i'm connected to a network and it seems to be changing its security type. jumping from WPA2-PSK to WEP.

I'm using this same wifi antenna. What's weird is no other detectable network does this. my pc's network access menu only rarely shows the change from wpa2-psk to wep but I did get inSSIDer for checking this thing, and it does show its changing security types about every minute or so.

The other strange thing it would never let me connect at all with just entering the key, only by manually making a network. sometimes it shows full bars, others (like now when i'm typing) it shows a red X over the icon.

I went and checked 192.168.0.1 for any strangeness but can't find anything in there, but it is broadcasting 2 separate frequencies, 2.4 and 5 GHz at the same time. I can see that both frequencies are set to use WPA2-PSK, with the same password but different SSIDs.

The noticeable thing is when it has the red X the internet seems slower, and tends to just not let anything after the 1st few minutes of using the net.

Any ideas what's going on with this stuff? i've never seen any network do this.
And yes, i'm on neighbors wifi, and they do know i'm poking around. any help would be appreciated.

P.S. I can do screenshots if needed/appropriate.
 

A:Weird Wifi Activity

howdy and welcome. Whether or not the neighbor knows about your using their wifi is immaterial, as it's the ISP that makes the call as to whether or not it's legal. And ISP's do not allow that, unfortunately, so I'm going to have to close this one up.

thanks for understanding,

v
 

Read other 1 answers
RELEVANCY SCORE 50.8

hi i went from facebook to a website through a link....to look at something anyway i copyed the web link to send to my brother through facebook message and when i pressed send instead of the link being sent it sent a copy of facebook along with a picture of someone i was talking too at the time on skype so i knew it was a picture of my desktop. This is the second time this has happened to me. I am on a new hp laptop only a few weeks old with windows 8. I am scratching my head to how a link copy turned into a picture of my desktop showing my open facebook page along with a photo box of someone i was talking too on skype? Oh i was using google chrome as a browser at the time if that helps and i have norton as security....If anyone has any ideas please let me know...thanks ..glory
 

A:Hacked? weird activity

I am serious about this issue i still have the link i was trying to send and a copy of the pic it sent instad of my desktop with my browser open and my skype open on it. I am a bit computer illeterate to say the least so if you think this is a joke its not...i do not understand how copying a link to a page turned into a pic of my desktop so if you can explain it to me please do.....if its something i am unaware of great if not what is going on
 

Read other 1 answers
RELEVANCY SCORE 50.4

Hello All,

I have a weird activity going on with my HP laptop. The laptop is a custom DV3. Here are the specs:

Windows 7 Ultimate 64-Bit (upgraded in place from Windows Vista Home Premium 64bit)
Intel Core 2 Duo P7550 @ 2.26 GHz
BIOS version: F.12
4GB DDR3 ram
NVidia Geforce G 105M w/ 512MB dedicated video ram
HDD: WDC WD2500BEKT-60F3T1
I have been noticing that my computer has been slow lately and that every time I restart, Win7 starts the chkdsk command at boot. The abnormal thing is that it hangs at the end of the "hit any button to skip check" countdown. The other issue that I have is that under Disk Defrag, my C: drive does not show up. I believe that this is due to the "dirty bit" being active on the C: drive.

I have tried to do the commands listed on this page: http://forums.techguy.org/windows-xp/465184-volume-dirty.html
and unfortunately I am in the same position. I do not want to let this issue run rampant and I feel that I am at a stand still with it.

Any help or advice would be awesome. I am hoping I do not have to format to fix this issue.
 

A:Weird CHKDSK activity....need some advice

Read other 7 answers
RELEVANCY SCORE 50.4

Hi
I'm trying to set up a computer that has given me trouble in the past.
It runs VERY slow and acts weird at times.
I attempted to run GMER but it errored out every time.
I hope the files that I have attached help.
Yesterday I noticed that there was an Internet proxy going somewhere. I disabled the Ethernet interface and deleted it.
Thanks for the help!
Jim

DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 7.0.5730.11
Run by jim at 19:58:37 on 2012-10-19
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.638.106 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\BacsTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Airlink101\AWLL3028\RtWLan.exe
C:\Documents and Settings\jim\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\jim\Local Settings\Application Data\Google\Chrome\Application... Read more

A:Very slow desktop and weird activity

Hello and welcome to BleepingComputer! I am Elle and I will be helping you out with your problem. Firstly, you should know that we are working with specific tools which are used to identify the possible threats present on your system so I will analyze the results they produce. As a start we need to have some more up-to-date logs than the ones you have already provided. The current state of the files on your system might have changed so we need to get a clear look on that aspect. DO NOT bring any changes to the system except the ones I tell you to as that may produce more damage than helping us. If you will encounter a delay of over 2 days from me, please don't hesitate and private message me (link in the signature). Do not forget to check your topic periodically and subscribe to it so that you can receive notifications regarding my replies.Please generate another DDS log (download it from http://download.bleepingcomputer.com/sUBs/dds.com'>here if you haven't already) and post it in your next reply along with other changes that may have occured since you last posted.Also download and run GMER from this link: GMER download link.Thank you very much for your patience. Regards,Elle

Read other 66 answers
RELEVANCY SCORE 50.4

Two day ago my system began acting weird and having pop ups in the lower right corner about problems found.
I also now have tagasaurus on my desktop. I have run spybot, adaware and symantic. ALso bought Prevx CSI thinking it would help...

Computer is acting very slow and strange.
Below is my hijack this log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:03:02 PM, on 1/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\poin... Read more

A:2 minute startup and weird activity PLease Help

I was running Norton 360 but have since uninstalled it to keep it from interfering with scans.

Here is a new HJT log;

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:41:03 PM, on 1/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\So... Read more

Read other 1 answers
RELEVANCY SCORE 50.4

Sup forum?
Decided to come here before I decide to reformat and be left in the lurch and basically updateless.

Backstory: OK so the household has never had 'decent' internet as such and it has always been quite slow because of where we are, old house, etc etc.
We must be on some sort of low band 'talktalk' internet which has to be 3mb or 4mb at the most 5mb, nothing major. It is forever lagging out often reconnecting seconds later or there has been problems with our regional providing tower which means we've been out of internet due to technical problems or weather
Speed.net tests have resulted in around the 4.5mb on a good day and that's if noones using except on person. When everyone is using it its considerably slower because of the obvious bandwidth consumption.

So lately, and realising the problem it must be for a good 3-4 months now, things have been becoming a bit temperamental to do with the internet connectivity from the wireless router to my laptop. But it was only little things so I just assumed it was bandwidth or our provider had done something etc.

Well anyway, things like messengers started signing themselves out and then back in again, often lagging out before it happens meaning I don't get what people have said or messages haven't been sent. This happens mostly for Live Messenger and Skype. Only Skype now because I no longer use Live Messenger and for ever have to appear offline to save them from me constantly loggi... Read more

A:Weird wireless internet activity. Any help?

Read other 7 answers
RELEVANCY SCORE 50

Hello, I've got this weird " bug " lately where i open google crome with the icon in the activity bar and a new icon shows up next to it, one is a google crome startup icon, and one is the accual browser (will set up a picture)

http://www.sevenforums.com/attachmen...1&d=1374486107

How do i fix this so it only is one icon when i use the browser:
like this:
http://www.sevenforums.com/attachmen...1&d=1374486205

A:My google crome icon in the activity bar is weird!

Hi there ... Have you tried to unpin all of them .. What happens when you do that ?

Read other 9 answers
RELEVANCY SCORE 50

So I keep getting this thing that's trying to download something on my computer. There are multiple instances of mshta.exe that show up on task manager, and after having a look with Process Explorer, the same url that's trying to connect to my computer is in the command line of these mshta.exe's. Also, when using Mozilla Firefox, it can't connect to sites like this and won't even open. I also get random tabs opening in Firefox.
Any help?

http://img13.imageshack.us/i/51979454.png/

Note: I don't regularly use IE6, I used it this time because Mozilla wasn't working.

A:Reoccurring connection attempt and weird activity

Also, the url is hxxp://www.funnypinguinshow.com/sdad.php?kxasdasddkhjk= and after updated definitions and scans with SAS, MBAM, and NOD32, it still couldn't find the problem.

Read other 1 answers
RELEVANCY SCORE 50

Hello! I did have this problem before, i did make it work " i thought " by unpin the icon and pin the running icon, Unfortunatly te problem is comming again after using the new pinned icon 2-5 times so i have to re-do it again, Is there another way to fix this?
This is how it looks, one is the start icon and one is the " program Running Icon "

A:My google chrome icon in the activity bar is weird!

If you unpin both the icons, run google chrome from Start menu and pin the running icon, what happens?

Read other 1 answers
RELEVANCY SCORE 49.2

Hi,

My dell laptop has been doing weird things lately. The mouse moves and clicks all on it's own. I tried uninstalling the driver and reinstalling it but now it doesn't always recognize when I touch the mouse pad and it still moves around the screen voluntarily. Also my windows update install all updates that were down loaded except for these: 'Update for Background Intelligent Transfer Service (BITS) 2.0 and WinHTTP 5.1 (KB842773)'. Additionally my norton live update installation doesn't completely install all downloads either.


I have scanned for viruses and nothing so this is my next stop.

Here is my hijackthis log file, please help me... this wondering mouse is driving me up the wall.

Thanks,
Mouse Trap

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:09:25 AM, on 6/10/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Prog... Read more

Read other answers
RELEVANCY SCORE 49.2

Hey all,

So I've been having this problem where my computer is constantly laggy and I noticed that my computer tower is constantly "loading". I'm not sure if thats the correct term but the yellow light that shows processing activity is constantly blinking and you can always hear certain sounds coming from it, even if I'm doing nothing at all. Even at startup, I will constantly get clicking sounds from the tower and I noticed that a disk boot sound comes on once after I login to my user name. This had never happened before, and usually only get a disk boot sound directly after turning on the computer or when scanning for viruses. I dont know if its a virus or just a system problem but I remember getting viruses which will constantly cause activity the computer.

This started when my virus scanner McAfee expired. I uninstalled it and installed Trendmicro. I had to uninstall Spybot and Malwarebytes prior to installing Trendmicro but reinstalled it after. I also installed AV antivirus because I thought it was similar to Spybot and Malwarebytes where it would be like a secondary program I can use as backup. But when I installed AV, it started automatically and interefered with my Trendmicro and I had to do a bunch of things to uninstall it or disable it. On Trendmicros first scan, it found one virus, Malwarebytes found nothing and Spybot found a couple things. I had not run Spybot in a while though, but usually only get cookies. This time it found cookies but also ... Read more

A:Computer acting weird, slow and constant activity

Hello and welcome.

I think the issues stem from remnants of multiple antivirus programs.

For AVG

After uninstalling AVG from the Control Panel, also run the AVG remover from their site.

AVG - Download tools

direct link to the AVG Remover:

http://download.avg.com/filedir/util..._2011_1184.exe


For McAfee


Download the McAfee Removal Tool
http://download.mcafee.com/products/...tches/MCPR.exe


Double click on MCPR.exe to launch it, then Click Run. A window should appear and disappear, this is normal. A new window should popup and begin the uninstall. When prompted to reboot your computer type Y


After running both tools, post new DDS logs.

Read other 13 answers
RELEVANCY SCORE 49.2

When I first start up my pc, whenever I open a folder with files in it, if I haven't opened that folder since it was shut down, my hard drive starts accessing and my mouse pointer turns into the little circle while it's waiting for something to finish. At that point I can't do much of anything until it's finished, which takes around half a minute or so usually. It happens with a folder with media files in it, and even just text files. What could be causing this? It's very annoying. Could it be my antivirus (Avira)? Is Windows doing this? Could I have some setting enabled in Windows that causes this to happen? Once the folder is opened and it stops whatever it was doing, it won't happen again until I shut off the pc and open that folder again. It seems something is scanning the files in the folders when I open them.

A:Weird hard drive activity when I open folders

Quote:
Could it be my antivirus (Avira)?


Quite possible.





Quote:
Is Windows doing this? Could I have some setting enabled in Windows that causes this to happen?


Probably, might check the Indexing function.

Read other 6 answers
RELEVANCY SCORE 48

I am completely perplexed with this.

Ok so I have the installation file for Alcohol 120% v1965529 on a DVD, so when I try copy pasting it to my E:\ drive I get an Access Denied - Make sure the file is not in use or write protected error.

However, I can copy it with no problem to my C:\ drive. Once I do that, if I try to run the installation, I get the "Windows cannot find the specified path, device or file. Make sure you have the appropriate permissions to access the item." error.

Trying to copy it from C:\ to E:\ gives me the access denied error again, and I've already removed all atributes, like read-only. What the hell is going on here? I'm system administrator, and in the 4+ years I've been using WinXP, I have never seen this problem! The file isn't corrupt, it works on other computers.

Right clicking on it, the context menu takes a good 6 seconds to show up.
 

A:Solved: Weird weird problem with Alcohol 120% - ACCESS DENIED

Read other 13 answers
RELEVANCY SCORE 47.6

I've tried going on safemode and run a scan on Malwarebytes, which picked up about 29 threatening softwares that I then got rid of. But when I try to log in on regular mode, there's still no activity and I can't click any of my programs. This only started happening last night and was wondering if there's anything I should do. The laptop was working just fine before last night.

I have a Windows 7 Toshiba model: L505D-S5983

Thank you!

A:None of my programs come up when I click them, and there seems to be no activity when I log in

Welcome aboard Stay in Safe Mode with Networking for now....Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. *... Read more

Read other 6 answers
RELEVANCY SCORE 47.2

Luckily I regained control of my computer somehow. Last week I updated to Norton Antivirus 2011, I've been having nothing but problems since then. Last night, something new popped up on my toolbar, I clicked wanting to find out what it is (I hadn't had any problems with spyware, have been diligent with spybot and ad-aware. My computer immediately shut down and restarted and I couldn't open any programs, Norton wouldn't start up, and I couldn't really do much of anything. I tried restarting again and same thing. Tried in safe mode, same thing. Called tech support at Norton, 3 hours later, nothing. Supervisor calls me back about 6. Somehow in all of those restarts, I started running programs again, and Norton Tech Support deleted Ad-Aware, HiJackThis, and Spybot. This afternoon I put them back. Bad idea? I ran Hijack this and what follows is the log, any assistance and guidance will be appreciated at this point. I don't want to have another issue like this. Guess I will finally have to go get that backup drive...

Update: Deleted Ad-Aware again, had similar problem again. Still have HijackThis, and installed Malwarebytes. Was trying to install RootKitRevealer but having difficulties.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:38:39 PM, on 10/23/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\IObit Sma... Read more

A:Suspicious Activity-Restart-No Programs

I appreciate all of you hard working folk, I have received help from another source, please close this thread! Thanks!

Read other 2 answers
RELEVANCY SCORE 46.4

Hey,

my XFX HD6950 1GB is running at 95%-99% when not performing any tasks. Here are some solutions i tried which did not work:

I restarted my pc but that did not solve the problem.
I tried to reinstall my driver but that also did not fix the problem.

the driver i am running for my GPU is the latest catalyst control centre. The problem started a few hours ago but my pc did not crash (yet).

I hope one of you knows the solution for this problem, I would be very grateful

PS. Sorry for my English grammar, it is not my main language

A:Problem XFX HD6950 1GB, 99% activity while running no programs

Don't just restart, do a complete power down, actually remove the plug from the wall and press the power button to completely allow everything to reset (unknown to many people a low power circuit stays active even when the system is turned off)
Then power back on and see if the card has begun to behave normally.
...I would also ask what application or monitoring feature are you using to determine the card is running at max output?

Read other 6 answers
RELEVANCY SCORE 46.4

After running Symantec Disk Optimizer the activity light is on continuously even though there are no programs running. The action of my cursor is now jerky also. What could be the problem?
 

Read other answers
RELEVANCY SCORE 46.4

I am looking for a network monitoring tool that will monitor download / upload traffic in real time on all the computers on my network.

All the computers are running Windows XP. I have a D-link DI-624 router. Some connections are wireless, some are wired.
 

A:Solved: Programs for Monitoring Network Activity?

Ethereal.
 

Read other 2 answers
RELEVANCY SCORE 46.4

I've had BSoDs before, less frequently, now I'm having them so much, that I can't rely on my laptop at all. I'v noticed that they tend to occur when launching or loading something. For example if I was to open a new tab in Chrome or Launch Crysis 2. I performed a memtest, which turned out to be fine, just as I expected. Could you please help me find out what causes those BSoDs?

The following error is being stated in BSOD: Driver Power State Failure

I'm running my laptop on battery or with battery attached and a charger in. I don't really have the chance to run it without battery and charger in.

The .zip should be attached.

EDIT: The windows volume mixer is running but seems to be unresponsive to anything besides changing volume levels. Don't get me wrong - the program IS RUNNING, however if I try to disable a microfon or change my speakers enchantments, simply nothing happens. I can press "ok" as many times as I wanted but no effect would be taken. If I go back to the settings, they appear unmodifyed again. Could this be a part of my BSOD problem? The drivers are up to date aswell.

EDIT 2: By uninstalling the audio drivers and reinstalling them from a backup disc, my audio problems were unresolved, however a rollback got my audio working again. The problem is still there, I can't change any audio settings. At least sound still plays. BSODs still occur.

A:BSOD triggered by launching programs or more CPU activity

Hi LaserChair.

Install Service pack 1 and all other windows updates. Otherwise the system will remain vulnerable to threats including BSODs.

Code:
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Learn how to install Windows 7 Service Pack 1 (SP1)
Service Pack and Update Center - Microsoft Windows





Quote:
The following error is being stated in BSOD: Driver Power State Failure


Most of the recent BSODs are VIDEO_TDR_FAILURE (116). But There are other codes too. Whatever, at first you need to update windows. Then we have to see what is causing display failure there.

Read other 1 answers
RELEVANCY SCORE 46

Hello, I would like some help on an issue that i have no idea is called. This problem i am faced with, is when i browse the internet, an unknown program flashes a page for a second with a blank paper looking icon appearing right next to my internet browser icon on desktop. this unknown program flash problem is similar to ALT + TAB shortcut, where it changes focus from one program to another or in some cases, minimize the internet tab itself except im not doing anything.
 
the unknown program flashes the page every two minutes, regardless if I'm doing anything on the computer or not.
 
i have tried running Norton Avast and other anti-malware to detect this problem. nothing detected. i tried a system restore that restored from a point of 5 days before this problem popped up, no success.
 
I don't know what to do, it is annoying as it interferes with my internet surfing and work related stuff using computer.
 
So, following the instructions, I've downloaded and run the Farbar Recovery Scan Tool. Below is the FRST.txt log file and attached is the Addition.txt file. Can anyone help with this?
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016
Ran by Matenga - Wirihana (administrator) on MATENGA-WILSON (01-11-2016 16:45:11)
Running from C:\Users\Matenga - Wirihana\Downloads
Loaded Profiles: Matenga - Wirihana (Available Profiles: Matenga - Wirihana & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: E... Read more

A:Unknown Programs Flashing, Interfering with Normal Activity

Just realised that ive spammed the thread a few times. sorry about that and please delete the other ones except this one. thx.
 
the problem im talking about, i suspect is interfering with my posting and repeating the same actions.
 
this is a continuation of the first post FRST info - due to post possessing too much words and told me to shorten it.
 
also, another fact ill like to point out is im using window 10 that does not have a hard drive
 
 
 
2016-10-27 23:03 - 2016-10-27 23:03 - 00000000 ____D C:\Users\Matenga - Wirihana\AppData\Local\{824AB734-5C66-4518-BDC6-66C795D46389}
2016-10-27 22:58 - 2016-10-27 22:58 - 00000000 ____D C:\Users\Matenga - Wirihana\AppData\Local\{4DA782B0-DFDD-4C3D-A160-ACB94B795BF8}
2016-10-27 22:36 - 2016-10-27 22:36 - 00000000 ____D C:\Users\Matenga - Wirihana\AppData\Local\{CAD9F5EA-7BBF-4318-BF76-29CAC573286E}
2016-10-21 07:06 - 2016-10-21 07:06 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-10-19 22:35 - 2016-10-19 05:55 - 00000000 ___DC C:\WINDOWS\Panther
2016-10-19 22:30 - 2016-10-31 22:03 - 00000000 ___DC C:\Windows.old
2016-10-19 22:29 - 2016-10-19 22:29 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-10-19 22:26 - 2016-10-19 22:26 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-10-19 22:26 - 2016-10-19 22:26 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-10-19 22:26 - 2016-10-19 22:26 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-10-19 22:26 - 2016-10-19 22:26 - 000000... Read more

Read other 1 answers
RELEVANCY SCORE 46

attached are reports from combo fix, DDS and Attach, as well as a GMER log...I need anyone to help me IDENTIFY any rouge or malicious programs, root-kits, etc. Removal instructions may not be necessary at this time. Thanks in advance!==============================================DDS (Ver_10-03-17.01) - NTFSx86 Run by Owner at 21:38:40.87 on Fri 09/24/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.767.360 [GMT -4:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\WINDOWS\system32\svchost.exe -k UPHCleanC:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\WINDOWS\system32\notepad.exeC:\WINDOWS\explorer.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\Owner\My Documents\Downloads\HijackThis.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\DOCUME~1\Owner\LOCALS~1\Temp\7zO20.tmp\gmer.exeC:\Documents and Settings\Owner\My Documents\Downloads\dds... Read more

A:Requesting anyone to identify any malicious programs/root kit activity

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

Read other 5 answers
RELEVANCY SCORE 45.6

Woke up this morning to the BSOD. Nothing was running. Hoping you can help.

A:BSOD happened overnight No Activity No programs running at the time

BSOD was caused by the Atheros NIC driver, update this driver by downloading the latest version from the manufacturer's website
You can find individual driver updates here
ATHEROS drivers for Microsoft Windows (Atheros?????)

Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000028, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff880014a1650, address which referenced memory

Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002eb6100
0000000000000028

CURRENT_IRQL: 2

FAULTING_IP:
ndis! ?? ::FNODOBFM::`string'+15dd
fffff880`014a1650 8b4728 mov eax,dword ptr [rdi+28h]

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0xD1

PROCESS_NAME: Syst... Read more

Read other 2 answers
RELEVANCY SCORE 45.2

Hello,

My computer has been acting very strange for the past week or two. Every time I search anything on google chrome or IE I get redirected to another page. I know my computer is infected with something but honestly I am not too sure. I have ran Norton, ad aware, and countless programs but they all do not seem to find anything or when they do it never fixes the problem. Earlier today I see Norton said it blocked an intrusion attempt from Zero Access rootkit activity 2 but although they blocked the attack I know something is still wrong with my computer. Could you please help?

Thanks,
Jacquelin

A:Zero access rootkit activity 2

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

Read other 3 answers
RELEVANCY SCORE 45.2

I am experiencing unusual activity on my desktop computer, (Windows Vista Home Premium, Service Pack 2) UNABLE TO UPLOAD DOCUMENTS FROM MY COMPUTER TO THE INTERNET---[I used caps because this means that I can't actually attach the requested attach.txt file generated by DDS]Some programs won't install.  [eg., Mozilla Thunderbird, or TeamViewer_setup_en.exe (attempt made via a trusted third party who hosts the server of a website I'm building)].  An error is generated in a pop-up window: "Run as:   You may not have the necessary permissions to use all the features of the program you are about to run.  You may run this program as a different user or continue to run the program as the current user.  [radio buttons to select another user, with an area for a user name and password]"---however, I *am* an administrator---and no password is required to enter my user account.My initial run of HijackThis generated the following message: "For some reason your system denied write access to the Hosts file.  If any hijacked domains are in this file, HijackThis may NOT be able to fix this."  [followed by more detailed instructions.]A sudden spike in unusual bandwidth usage: [we run off of 10 GB/month, which has always been more than enough---we don't download videos or large files---and suddenly that is being eaten away so quickly (60 MB/hour, give or take)---that we won't have nearly enough bandwidth for the month.  Our usual online activity is s... Read more

A:Java hack? -- Unable to install programs, unusual bandwidth activity, etc.

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download the version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.===Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.To attach a file select the "More Reply Option" and follow the instructions.Wait for further instructions.

Read other 23 answers
RELEVANCY SCORE 44.8

I was doing some "Spring Cleaning" on my computer when i found some things in the "Add or Remove Programs" list. Can someone help me figure out what these are?

FileViewer utility 1.2
Remote Capture 2.7.0
SymNet
WebFldrs Xp

A:Weird Programs In "add Or Remove Programs"

Here are some possibilities. You don't give us much information to work on.FileViewer utility 1.2 Canon posts File Viewer Utility updates http://www.robgalbraith.com/bins/content_p...cid=7-6191-6209Remote Capture 2.7.0 http://software.canon-europe.com/software/0019428.asp?model=SymNet http://www.symnetaudio.com/index.phpWebFldrs XpWeb Folders, or WebDAV, is a file transfer protocol that supports secure file transfer over intranets and the Internet. With Web Folders, you can upload, download, and manage files on a remote computer across an intranet and the Internet. Web Folders is similar to File Transfer Protocol (FTP); however, Web Folders provides a more secure environment for transferring files over the Web.http://www.neowin.net/forum/lofiversion/in...hp/t166277.htmlGoogle is your friend.

Read other 8 answers
RELEVANCY SCORE 44.8

I have a virtual assistant which I entrust with a document containing credit card information. I want to be able to monitor when they access the file and any activity such as copying/pasting or uploading the file. Is there any software that can do this?

A:Monitor Document Access & Activity

What do yo mean with virtual assistant?

Read other 1 answers
RELEVANCY SCORE 44.4

I have DSL, and can surf the internet fine with the windows xp-1 firewall turned on. I cannot connect to my software vendor's VPN over the internet with the firewall turned on. It connects fine with the firewall off.
My DSL uses a dynamic address & I do not have a router. The DSL modem is connected directly to an ethernet port on the computer.
 

A:Windows XP-1 Firewall, any way to allow activity to be able to access corporate VPN?

What type of VPN client are you using? Have you allowed access to the VPN Gateway IP address in the XP firewall?
 

Read other 2 answers
RELEVANCY SCORE 44.4

I work in a small company with around 40 employess and most of them access our server through remote desktop connection. Most of them have limited capabilities and some were assigned admin rights.
Few days ago someone tried to mess with some confidential folders and we couldnt even open them logged in as administrator. Is a 2003 windows server. My question is if theres a way to track the activity and find out who might have done the changes? The IT guy said there is no way to track it, but since it must have been through one of those remote sessions I think probably theres a way?

Thank you
 

Read other answers
RELEVANCY SCORE 44.4

For some time now, I have had a recurring problem with internet access. All of a sudden (though not usually in the middle of activity), connectivity will slow to a crawl, with many requests timing out altogether. I finally got a helpful cable internet tech on the line (after many attempts to diagnose the problem) who told me there was a steady stream of outgoing traffic from my modem - while I had no applications open. The task manager didn't yield any clues to the source of the problem. I got the latest updates from Spybot S&D, which found a few problems (including Virtumonde, which sounds like it might be the kind of thing that causes this), but fixing them did not resolve the problem. Oddly, what appears to fix the problem, at least temporarily, is to uninstall my network adapter driver (Nvidia nForce MCP networking controller) - after reinstalling itself after a restart, the internet access is OK for a bit, then reverts to a useless state. I can tell when this state is reached by looked at the "Networking" tab on the task manager - it goes up to a more or less steady level of about 3% (whatever that means) when the problem is in place.
Any ideas on what the underlying problem might be, and how to resolve it permanently?
Thanks for any help!
Rob
 

Read other answers
RELEVANCY SCORE 43.6

I ended up with malware from a family member who used my computer. Svcvmx and Suspicious activities are still on my computer (and more). Due to the Suspicous imitating a Windows blue screen of death, I can not use the internet (that pops up with a fake windows update and then claims to find suspicious activities and call a 855 number for support. I cant minimize or do anything though I hear my computer still working in the background. Even task manager wont show up. All I can do is turn off the computer and turn it back on and have the cable unplugged from my computer. I have to download all files on to a laptop and take them to my computer. So far, Rkiller found them but wont remove them even in safe mode and all others wont activate due to "Resource in use" whether I try in normal or safe mode, installed on my computer or still on the thumbdrive.

Any help would be appreciated, I am not computer literate, I just play games (Everquest and Everquest 2, for the most part) and read and watch YouTube videos.

Thank you
 

Read other answers
RELEVANCY SCORE 43.6

After booting up my computer, I could not access the internet through my home wireless network that i was able to do the day before. My other computers can connect to the internet. I have tried multiple system restores but they have all ended up in unspecified errors. Pinging yahoo.com gives me error 1231.

*Edit
Tried a system restore in safe mode, solved my problem and worked ...
 

Read other answers
RELEVANCY SCORE 43.6

Im having similar issues. When I installed and ran Zemana it stopped due to no internet connection.
 

A:Suspicious Activity malware preventing access to Internet

Hello,
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.

It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Read other 1 answers
RELEVANCY SCORE 43.2

I have a dell xps computer and suddenly I have extremely slow web access and the machine is running slow. Hard drive continues to access. Have defragged, Run Norton anti virus and have run Adaware with some results.
 

Read other answers
RELEVANCY SCORE 43.2

Hello : I can't access network device normally ? It is a internet power switch . For example if I type in 192.168.1.5/20000 , I can access the device . But with 192.168.1.5:20000 gives no access . Ideas , If I could get the latter to work , I would be golden .. thanks .

Read other answers