Windows Support Forum

# "Your System Is Infected" Background + "Internet Security 2010" virus/malware problem

Q: "Your System Is Infected" Background + "Internet Security 2010" virus/malware problem

Relevancy 100%
Preferred Solution: "Your System Is Infected" Background + "Internet Security 2010" virus/malware problem

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

Relevancy 194.99%

A:"Your System Is Infected" Background + "Internet Security 2010" virus/malware problem

Hi and welcome to TSF.

I'm afraid HijackThis no longer provides the information we require.

We want all our members to perform the steps outlined in the link given below, as far as they possibly can, before posting for assistance.

http://www.techsupportforum.com/f50/...lp-305963.html

If you have problems with any of the steps, simply move on to the next one and make a note of the problem in your reply.

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply - it may take a few days.

This thread will now be closed.

http://www.techsupportforum.com/forums/f50/your-system-is-infected-background-internet-security-2010-virus-malware-problem-445923.html
Relevancy 132.37%

The System Fix Virus amp Privacy Protection Virus hijacked and infected my system WinXP -bit They ve caused my & 64-bit "Privacy Virus" "System Fix Protection Virus" Infected with WinXP (Malware) default web browser to change frequently each time I reboot my PC So I ve been having trouble getting rid of all of this malware viruses from my system since Infected WinXP 64-bit with "System Fix Virus" & "Privacy Protection Virus" (Malware) I use Windows XP x ComboFix exe and TDSSKiller exe are not compatible with my Windows XP -bit system So how do I get rid of the malware viruses from this computer without those apps that were made to get rid of the following problems on other Windows OS s The latest version s of ComboFix and TDSSKiller don t work on the -bit version of Windows XP but they are compatible with other versions of Windows XP VISTA and Windows System Fix Virus the first virus that affected my Windows system days ago Privacy Protection Virus behaves almost exactly like the aforementioned virus Google-Redirect Malware redirects all my searches to this site Thanks in advance to ANY users for helping me and others with this malware virus problem I understand and read the previous pinned-thread about the revelant malware virus issue that Windows-users solved with the programs I ve been unable to install on my system The aforementioned malware viruses began to infect my PC on December since that day I haven t found a single anti-virus program that can detect the Google-redirect malware virus on my system nbsp

Relevancy 122.76%

A:System infected with "Vista Antivirus 2010" malware

Hello, and welcome to TSF.

I am currently reviewing your log. I will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.

http://www.techsupportforum.com/forums/f50/system-infected-with-vista-antivirus-2010-malware-467258.html
Relevancy 120.9%

About a month ago Computer Associates internet security suite free through my ISP told me it couldn t update Tried a couple of things and gave up Uninstalled CA and installed AVG Free Same thing AVG Free can t update Today I got a message quot attention trojan spm lx etc quot with a prompt for a web page but instead I closed the window from the top right corner Today I also got a background on my desktop that said quot your system is infected system has been stopped due to a serious and is spm/lx" "your indicates "trojan infected" Malware system malfunction quot I started through some of the threads on this site and was looking at a promising thread -trojan-spm-lx-infection that cybertech posted and instructing kramer to run malwarebytes I installed malwarebytes and it opens but self closes in a matter of seconds regardless if I hit quick scan or not Some additional symptoms Can t open computer in Safe Mode Can t use quot run quot from start menu Can t use volume on computer Malware is redirecting my url choice to its own choices This is the first virus that I can t seem to deal with myself Any help is appreciated nbsp

A:Malware indicates "trojan spm/lx" and "your system is infected"

Windows XP operating system
It has also disabled my Task Manager and is currently running something in the background

Relevancy 120.9%

Relevancy 119.04%

A:"Security Center Alert" popups, "Malware Defense" self install

Let's try this version of gmer.

If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO, then use the following settings for a more complete scan.

Click the image to enlarge it

In the right panel, you will see several boxes that have been checked. Ensure the following are unchecked Sections
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and attach it in reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Relevancy 118.73%

Hi Despite Norton's usually good protection Norton just let a virus take over our little Toshiba Satellite bit laptop running Windows XP Media Center Edition It blocks access to internet so we can't download or get remote help It ... Security virus help!???? 2010" "Internet does not show up on the computer's list of installed programs so there is no entry on the list to delete or uninstall It blocks Task Master "Internet Security 2010" virus ... help!???? so we can't use TM to stop it It is happy to let us run full comprehensive scans with Norton -- which reports that it finds no "Internet Security 2010" virus ... help!???? infections whatsoever "Internet Security 2010" virus ... help!???? so it is invisible to Norton Although the norton events log did note a quot medium security quot violation from outside when this all started -- meaning Norton did realize an infection was entering the computer But Norton did not block it and the log entry says there is no user action to be taken Meanwhile it pops up nunerous at one time I got a bit behind and wound up counting of them quot error messages quot of various types all consistently saying that it had found various serious security infections or problems and that we need to click to purchase their program to fix them Of course the only security infection we really need to fix is this quot internet security quot virus itself We spent a day on the phone with a nice Microsoft lady who ran us through dozens of tries to remove the infection This failed to work however and they are going to try further in a couple days after they have chance to study it more Norton's phone lines are backlogged apparently in major part with this problem And their email intake won't ingest you write the problem and push the button to send the form to them and their webpage just sits with it and tells you to wait We waited hours and Norton's website still won't accept emails reporting problems with their quot protection quot program Meanwhile we are being shaken down by this quot internet security quot virus' protection racket to pay them off to remove their infection or else our little computer is fit only for the junquepile We cannot use internet and we cannot do much else with the computer due to all the fake warning messages popping up all the time Even these are tricky you have to read them because they keep switching back and forth which button you have to click on to delete them you make one mistake and they will switch you over to their purchase department We would very very much appreciate a simple means of fixing getting rid of this pesty infection And if we can find out who is doing this to innocent people I for one will be happy to file a criminal complaint with the proper authorities Thanks for any help MuchoAppreciato TGIF though we will probably be up all night again trying to fix this poor little laptop since it has medical records on it that are really really needed

A:"Internet Security 2010" virus ... help!????

If you can save you files to cds or a usb stick or externel hard drive.
That is the most important thing to do first.
Then if you can boot the computer in safe mode with networking and
see if you can get on the net. Download Maleware bytes (a free program)
install it update it run it.
If that does not work you may have to redo windows.
Some times the effort you put in to removing that crap you would be better off
just to wipe it.
That is why I wanted you to save your files right away.

I know I was not much help but I tried.

Jimmy

http://www.vistax64.com/system-security/266507-internet-security-2010-virus-help.html
Relevancy 118.42%

Relevancy 117.8%

In Windows XP, fully updated, I have several folders full of mp3's and want to see the bit rate and duration. I right click on a column heading and select "Bit rate". I then click on "More..." so I can get to "Duration", and I select that one too.

But all the figures in the "Duration" column appear to be in "hours" and "minutes", so I see "00:04" or "00:03", but what I want is "minutes" and "seconds".

Any thoughts as to how to change this?

A:Solved: Windows Explorer "Duration" Column - no "Seconds", just "Hours" and "Minutes"

Relevancy 117.8%

A:IE crash after "Insecure Internet activity", "Security Center Alert" popup

Before any work can be done on this machine, there is something that requires your immediate intervention.

This machine is messed up pretty badly because you have several anti-virus programs on your machine. That's not a good idea!!

Alike firewalls, anti-virus programs have conflicts co-existing with each other & produces undesirable results. Please uninstall ALL leaving only one of them.

ALL the antivirus programs must be removed via add/remove program.
For any program that doesn't have an add/remove entry, you will have to do this:re-install the program -> reboot -> uninstallPost a fresh logs when you have completed the above task.

Relevancy 117.49%

A:Infected with "AV Security 2012" bundled with "ZeroAcess rootkit"

Oh, one more thing, after the infection, the computer told me that I need to restart the computer to install Windows updates and stupidly I did.

Relevancy 117.49%

Keep getting popups about computer being infected. The windows are titled "Internet Security 2010". Can't open applications such as system restore. And I attached a screenshot of my unwanted desktop background. Seems to be a rather common problem with other users lately. Also, it won't let me run dds.

A:Have the "Internet Security 2010" problem

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Double-click dds to run it. When you get the warning, 'Application cannot be executed', leave it open, then double-click dds again. It should run. Post/attach the logs as requested.

------------------------------------------------------

http://www.techsupportforum.com/forums/f284/have-the-internet-security-2010-problem-450044.html
Relevancy 116.87%

A:Solved: virus.. popup "Malware Wipe" "the spy guard" and alot of commercials

Relevancy 116.56%

I ve run SuperAntiSpyware Wizard" "Sys Pop-ups "Security & Integrity System Scan Warning" Ad-Aware SpyBot and Norton which removed some trojan files and registry items but I m still getting pop-ups quot Security System Warning quot and quot System Integrity Scan Wizard quot Below is my HiJackThis log Thanks in advance Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v "Sys Integrity Scan Wizard" & "Security System Warning" Pop-ups SP Boot mode Normal Running processes C WINDOWS System "Sys Integrity Scan Wizard" & "Security System Warning" Pop-ups smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C Program Files Common Files Symantec Shared ccSvcHst exe C Program Files Common "Sys Integrity Scan Wizard" & "Security System Warning" Pop-ups Files Symantec Shared AppCore AppSvc exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files Bonjour mDNSResponder exe C WINDOWS system cisvc exe C Program Files Common Files Symantec Shared ccSvcHst exe C Program Files Microsoft SQL Server MSSQL VAIO VEDB Binn sqlservr exe C Program Files Intel Wireless Bin RegSrvc exe C WINDOWS system cryptainersrv exe C WINDOWS system svchost exe C Program Files Sony VAIO Event Service VESMgr exe C WINDOWS Explorer EXE C Program Files Common Files Sony Shared VAIO Entertainment Platform VCSW VCSW exe C Program Files Viewpoint Common ViewpointService exe C Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzCdbSvc exe C Program Files Canon CAL CALMAIN exe C Documents and Settings All Users Application Data kfsnolql ynynormr exe C WINDOWS system igfxpers exe C Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzFw exe C Program Files Apoint Apoint exe C WINDOWS RTHDCPL EXE C Program Files Apoint Apntex exe C Program Files Java jre bin jusched exe C Program Files Sony VAIO Power Management SPMgr exe C Program Files Sony ISB Utility ISBMgr exe C WINDOWS Logi MwX Exe C Program Files Common Files Real Update OB realsched exe C Program Files Common Files Symantec Shared ccApp exe C Program Files HP HP Software Update HPWuSchd exe C Program Files iTunes iTunesHelper exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Plaxo PlaxoHelper exe C WINDOWS system clghcnev exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C Program Files iPod bin iPodService exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Yahoo Messenger ymsgr tray exe C Program Files HP Digital Imaging bin hpqSTE exe C Program Files HP Digital Imaging Product Assistant bin hprblog exe C WINDOWS System svchost exe C WINDOWS system wuauclt exe C WINDOWS system cidaemon exe C PROGRA MOZILL FIREFOX EXE C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http softwarereferral com jump php wmid amp mid MjI Ojg amp lid R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www sony com vaiopeople R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www sony com vaiopeople R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - URLSearchHook AOLSearchHook Class - EB EA-E BE- CFD- F F-C A C EAFA - C Program Files AOL AOL Search Enhancement AOLSearch dll R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - BHO ... Read more

A:"Sys Integrity Scan Wizard" & "Security System Warning" Pop-ups

Hi Welcome to TSG!!

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

Relevancy 116.56%

I am running Windows XP SP fully updated on an Acer Explorer Column Windows no "Minutes" "Seconds", "Hours" just "Duration" - and lap top PC I have several folders full of mp 's and want to Windows Explorer "Duration" Column - no "Seconds", just "Hours" and "Minutes" see the bit rate and Windows Explorer "Duration" Column - no "Seconds", just "Hours" and "Minutes" duration To Windows Explorer "Duration" Column - no "Seconds", just "Hours" and "Minutes" do this I right click on a column heading and select quot Bit rate quot I then click on quot More quot so I can get to quot Duration quot and I select that one too The two new columns appear but the format of the quot Duration quot column appears to be quot hours minutes quot so I see quot quot or quot quot for most mp 's when what I want to see is 'hours minutes seconds quot e g quot quot This also happens for video files avi files e g all my episodes of quot Heroes quot sad I know have a duration of quot quot instead of quot xx quot Here are two pictures showing the problem with the mp 's The first is of Explorer showing the Duration as quot Hours Minutes quot The second picture is of the properties window of the first mp in the list above I copied some mp files to another old PC on my home network and it displayed the duration field correctly Also the properties window correctly shows the duration also I'm not the only person to have this problem I received a private message from a member of another forum where I posted about this problem several weeks ago That person also has the same problem with the duration field The tech guys on that forum were unable to find the source of the duration field problem But after I had such a great success on this forum with my hard disk problem here I decided to try to get help here Thanks in advance for any suggestions

A:Windows Explorer "Duration" Column - no "Seconds", just "Hours" and "Minutes"

* bump *

Tricky, this one!

http://www.techsupportforum.com/forums/f10/windows-explorer-duration-column-no-seconds-just-hours-and-minutes-253928.html
Relevancy 116.25%

The two main malware items I think I have. I've already assumed I will do a total C: delete and re-install. I've tried lots of things in safemode, etc. with Spybot, Malwarebytes, a Norten scanner, etc. either directly running or downloading/renaming, or by downloading on another computer and using memory stick to transfer. Nothing stays launched, runs nor completes.

What a pain in the butt. I use AVG and whatever it did jumped right through in no time.......I've read lots of posts in cnet, pctools, a few here, etc.

What a mess.

Some people have way to much free time......maybe they ought to get a job somehow using these skills...they'd make a mint.

Pete

A:"Total Security" and "Antivirus Pro 2010"

simpler to just reformat the whole computer

Relevancy 115.94%

A:Infected: "Win 7 Internet Security 2012" virus

Hello,

As mentioned, I am not sure if I should post anything, since I am not able to uninstall "Alcohol" from my system as the instructions directed.

However, I'm not sure if there have been no replies to my post, since I have not attached anything, so below is a text of the "DDS" file and attached is the logfile "Attach.txt" in winzip format.

I could not run GMER (possibly because of the virus or "Alcohol" still being present), so therefore nothing is attached for that.

Please assist. My machine is virtually unworkable. Thank you.

__________________

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by PDC at 2:25:31 on 2012-01-09
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6000.4093 [GMT -5:00]
.
AV: Norton AntiVirus *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\PROGRA~2\BRINGM~2\bar\1.bin\1cbarsvc.exe
C:\windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Sonique\SQStart.exe
C:\Program Files\Logitech\SetPoint\LBTWiz.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files (x86)\WinZip\WZQKPICK.EXE
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
C:\windows\system32\SearchIndexer.exe
C:\Users\PDC\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\BringMeSports_1c\bar\1.bin\1cbrmon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
C:\Program Files (x86)\iPod\bin\iPodService.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\PDC\AppData\Local\ixm.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Norton In... Read more

http://www.techsupportforum.com/forums/f50/infected-win-7-internet-security-2012-virus-623353.html
Relevancy 115.01%

hi every body
My PC has lots of files called "Thumbs.db" & "System volume information" in all its drives.I cant delete these files and I think the cause of shutting my pc down automatically and showing blue screen is these files.the operating system is win xp/sp2.
I don't know what to do with these and what anti virus will delete them.please help me.
thanks

Relevancy 114.39%

A:Malware/Virus Problem ("Live Safety Center/Online Security Guide")

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt in your thread in the HijackThis Log Help Forum.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

---------------------------------------------------------------------------------------------

http://www.techsupportforum.com/forums/f100/malware-virus-problem-live-safety-center-online-security-guide-194724.html
Relevancy 113.46%

Hi everybody I suddenly lost the ability to connect to the internet through cable I think it is related to the security update addressing a vulnerability in kerberus http support microsoft com kb I have no idea what it does but I m reasonably sure that it happened just after the update The network connection keeps cycling between quot identifying quot and quot network cable unplugged quot every - seconds I m running windows on an older lenovo laptop and I ve tried rebooting system restore reinstalling the drivers removing lenovo s connectivity program uninstalling the security update manually but all to no avail A thread with a similar problem led me to try changing the quot link speed and duplex quot from quot auto negotiation quot to quot mbps full duplex quot under the advanced tab of the network connection properties this gives me a network connection but no internet access Connecting the cable through the side of the computer changes nothing compared to connection through the docking station I can access the internet just fine through wifi Any ideas Any help will be much appreciated Thanks nbsp

A:Mysterious "Identifying"/"cable unplugged" cycle Internet connection problem

Relevancy 113.15%

A:Minor Problem with New Windows 7 Installation on my Inspiron E1705/9400 - two entries for "Base System Device" under "Other Devices" with yellow exclamation point

BTW, I just downloaded and installed the driver pack from that ftp location and it worked, even for Windows 8.1 - 64 bit.
Thanks Steve!

Roger

http://en.community.dell.com/support-forums/software-os/f/3524/t/19313275
Relevancy 112.22%

I was having an issue with my Windows cursor flickering between arrow and working in background at an irritianting rate and found the following TechSupportGuy thread a couple of minutes ago http forums techguy org windows-vista -mouse-cursor-constantly-flickering-between html One of the posts in the thread lead me to the solution but unfortunately it seems most people have opted for reinstalling the OS instead Given the the original thread is closed I decided to create a new in flickering II "working background" cursor "arrow" and constantly between Mouse one and post the solution here in an attempt to prevent Mouse cursor constantly flickering between "arrow" and "working in background" II people from taking such drastic measures to get rid of this incredibly irritant issue in the future I simply disabled the Windows Search service and killed the process behind it SearchIndexer exe in Task Manager My cursor is now back to normal Disabling this service Mouse cursor constantly flickering between "arrow" and "working in background" II means any new files will not be indexed although you can re-enable it and leave the pc running for a couple of hours every now and again so that new files are indexed Hope this helps nbsp

Relevancy 112.22%

Mouse cursor constantly flickering between "arrow" and "working in background" .
How can this be fixed?

A:Mouse cursor constantly flickering between "arrow" and "working in background"

Hi, is this a desktop or a laptop?
Let us have some Pc specifications.
Check and post
TSG System Information Utility - found here.

Relevancy 112.22%

My mouse cursor is constantly flickering between the normal "arrow" and "working in background". I restarted the pc, but that didn't work. Anyone had this happen before, or know how to stop it?

A:Mouse cursor constantly flickering between "arrow" and "working in background".

Relevancy 111.29%

A:No internet&hardware errors after removal of "Security Essentials 2010"

Formatted. Fixed~

Relevancy 111.29%

If this has been covered, can someone direct me to a thread with help? Home computer is overrun with "Internet Security 2010" pop ups and malware - cannot connect to internet, access system restore or much else. It disabled my MalwareBytes and Symantec Anti virus programs. Tried running a win32NetSky removal tool from disc yesterday with no luck. It will sporadically connect to viagra website or porn.org ...any suggestions?

Thanks!!!!

Relevancy 111.29%

i have a winXP SP laptop hewlett-packard and i m stuck in an auto log-off problem i ve read a lot around various sites about possible causes and fixes seems it could be a quot userinit exe quot file that is missing or corrupt i used malwarebytes to remove the internet security virus and then upgraded from AVG antivirus v to v i also used latest spybot to scan the computer malwarebytes found infected files which i removed quarantine and delete and spybot found two more which were also healed now i have been trying to get into the computer through safe mode and safe mode with command prompt i can not get past the user acct OR the administrator after 2010" "internet auto-logoff removing security account logon before i get logged off auto-logoff after removing "internet security 2010" i can not auto-logoff after removing "internet security 2010" get to a command prompt as far as i can tell in order to try any of the fixes i ve read about can anyone tell me how i might get to a command prompt to run a system restore or otherwise fix this userinit exe file problem thanks nbsp

Relevancy 111.29%

Several possibilities here: Second taskbar in windows7? [Solved] - Windows 7 - Windows 7

Relevancy 110.98%

Hi,

When our website users click on an html attachment embedded on a web-page in IE9, the download manager will not display the "Open" option. It will only display "Save" and "Cancel" which our users don't like, having to save the
html document in a folder to open it. Whereas, when downloading attachments like pdf, word etc. all three options are displayed.

Is there any setting to tweak , which will display all the 3 options for HTML attachments as well?

Hi,
So I suggest you test to reset all zones to a lower level temporarily and then please attempt to download this html attachment again.

However, since you can normally download the other documents, I suspect there is some restriction in the website which you are trying to view. I recommend you to contact the administrator of that website if possible.
Thanks!

We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

Relevancy 110.36%

I am infected with this crap and have used the following tools to try to get rid of it Windows Defender Unible PowerSuite SpeedUpMyPC Registry Booster amp Spyware Protector and Norton's - "Error Worm-Popups-The Icons Netsky Cleaner" Protector" "Spyware..." Three "Privacy One Button Netsky Worm-Popups-The Three Icons - "Error Cleaner" "Privacy Protector" "Spyware..." Checkup and WinDoctor Not sure if it's related but my DISPLAY is locked at X Atempted the Step Process before posting and Panda ActiveScan froze and crashed after scanning files but not before identifying spyware files Here's my extra txt log from Deckard's Deckard's System Scanner v Extra logfile - please post Netsky Worm-Popups-The Three Icons - "Error Cleaner" "Privacy Protector" "Spyware..." this as an attachment with your post -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition build SP Architecture X Language English CPU Intel R Pentium R CPU GHz Percentage of Memory in Use Physical Memory total avail MiB MiB Pagefile Memory total avail MiB MiB Virtual Memory total avail MiB MiB A is Removable No Media C is Fixed NTFS - GiB total GiB free D is CDROM CDFS PHYSICALDRIVE - ST A - GiB - partition PARTITION - Unknown - MiB PARTITION bootable - Installable File System - GiB - C -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install Windows Internal Firewall is disabled AntiVirusDisableNotify is set FirewallDisableNotify is set FW Norton Internet Security v Symantec Corporation AV Norton Internet Security v Symantec Corporation HKLM System CurrentControlSet Services SharedAccess Parameters FirewallPolicy DomainProfile AuthorizedApplications List quot windir system sessmgr exe quot quot windir system sessmgr exe enabled xpsp res dll - quot quot C Program Files Logitech Logitech Harmony Remote Software HarmonyRemote exe quot quot C Program Files Logitech Logitech Harmony Remote Software HarmonyRemote exe Enabled Logitech Harmony Remote Software quot quot windir Network Diagnostic xpnetdiag exe quot quot windir Network Diagnostic xpnetdiag exe Enabled xpsp res dll - quot quot C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe quot quot C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe Enabled Logitech Desktop Messenger quot HKLM System CurrentControlSet Services SharedAccess Parameters FirewallPolicy StandardProfile AuthorizedApplications List quot windir system sessmgr exe quot quot windir system sessmgr exe enabled xpsp res dll - quot quot C WINDOWS system LEXPPS EXE quot quot C WINDOWS system LEXPPS EXE Enabled LEXPPS EXE quot quot C Program Files Logitech Logitech Harmony Remote Software HarmonyRemote exe quot quot C Program Files Logitech Logitech Harmony Remote Software HarmonyRemote exe Enabled Logitech Harmony Remote Software quot quot windir Network Diagnostic xpnetdiag exe quot quot windir Network Diagnostic xpnetdiag exe Enabled xpsp res dll - quot quot C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe quot quot C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe Enabled Logitech Desktop Messenger quot quot C Program Files LimeWire LimeWire exe quot quot C Program Files LimeWire LimeWire exe Enabled LimeWire quot quot C Program Files Yahoo Messenger YahooMessenger exe quot quot C Program Files Yahoo Messenger YahooMessenger exe Enabled Yahoo Messenger quot quot C Program Files Yahoo Messenger YServer exe quot quot C Program Files Yahoo Messenger YServer exe Enabled Yahoo FT Server quot quot C Program Files Messenger msmsgs exe quot quot C Program Files Messenger msmsgs exe Enabled Windows Messenger quot quot C Program Files Veoh Networks Veoh VeohCli... Read more

A:Netsky Worm-Popups-The Three Icons - "Error Cleaner" "Privacy Protector" "Spyware..."

Bump.

http://www.techsupportforum.com/forums/f284/netsky-worm-popups-the-three-icons-error-cleaner-privacy-protector-spyware-207223.html
Relevancy 109.74%

Ok so im new here so hey everybody to the point my laptop is quot stuttering quot lagging skipping whatever you wanna call it its doing it my video music and cursor skip every second for a splt second it starts on start-up and dont stop til i turn my laptop off it happens in a pattern its not random ive done checked my drivers spyware and m RAM is good so can someone please help me could it be because my battery wont hold a charger so it has to be hooked up to the charger at ALL times or it dies Example is the charger not got the quot juice quot to run the laptop by itself so it studders skips i dont know if this has report viewer "studders"/"skips"/"lags" Whole Solved: (PLEASE computer .. event have anything to do with my problem but i ran quot event viewer quot and found this The following boot-start or system-start driver s failed to load Cdrom Imapi redbook PLEASE HELP OS Version Microsoft Windows XP Home Edition Service Pack bit Processor Genuine Intel R CPU Solved: Whole computer "studders"/"skips"/"lags" .. have event viewer report (PLEASE T GHz x Family Model Stepping Processor Count RAM Mb Graphics Card Mobile Intel R GM Express Chipset Family Mb Hard Drives C Total - MB Free - MB D Total - MB Free - MB Motherboard Dell Inc FF HWPLLB CN S Antivirus McAfee VirusScan Updated Yes On-Demand Scanner Disable nbsp

A:Solved: Whole computer "studders"/"skips"/"lags" .. have event viewer report (PLEASE

Relevancy 109.74%

I double-click and get "search" instead of "open"--only when I click a disk, like Hard Drive C: or Floppy A: or CD F: and so on.

It didn't used to do this, so I must've inadvertently changed some setting somewhere, but darned if I can find it now.

Any ideas?

A:Solved: On the "my computer" list, I double-click on disks and get "search" instead of "open"

Relevancy 109.12%

A:2 evil friends on desktop "Live Safety Center" and "Online Security Guide" Help?

Hi, thanks for trying to perform all the steps.

Quote:

I downloaded DSS, but after many attempts to run, it just wouldn't let me.

At what stage does DSS stop working?

http://www.techsupportforum.com/forums/f284/2-evil-friends-on-desktop-live-safety-center-and-online-security-guide-help-195707.html
Relevancy 108.81%

Apologies for the double-post. I could not see an edit function.
I've cleaned out a couple of nasties with Adaware, although i've not seen much change - still getting the same "VIRUS ALERT!" and popups. Still, I thought it best to update the log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:37: VIRUS ALERT!, on 12/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avast\Avast4\aswUpdSv.exe
C:\Program Files\Avast\Avast4\ashServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Avast\Avast4\ashDisp.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Avast\Avast4\ashMaiSv.exe
C:\Program Files\Avast\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php...MjI6Ojg5&lid=2
O2 - BHO: QXK Olive - {65352C87-3458-4CD8-A4A0-EDDAFE7CEDF2} - C:\WINDOWS\vortsgbqrfe.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: olnmraew - {BC589E0B-BDE4-4CF5-B052-9E97921302B1} - C:\WINDOWS\olnmraew.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SeekmoOE] C:\Program Files\Seekmo\bin\10.0.406.0\OEAddOn.exe
O4 - HKLM\..\Run: [SeekmoSA] "C:\Program Files\Seekmo\bin\10.0.406.0\SeekmoSA.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [Li... Read more

Relevancy 108.5%

**(DONT KNOW IF THIS WILL HELP..)***

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Genuine Intel(R) CPU T2250 @ 1.73GHz, x86 Family 6 Model 14 Stepping 8
Processor Count: 2
RAM: 502 Mb
Graphics Card: Mobile Intel(R) 945GM Express Chipset Family, 224 Mb
Hard Drives: C: Total - 39723 MB, Free - 23484 MB; D: Total - 12684 MB, Free - 3633 MB;

Relevancy 108.19%

I'm having the same problem that a lot of people are having These icons have showed up on my desktop and i keep getting pop ups telling me to download them because i have a virus i would really applicate the help thanks John -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point -- Last Restore Point s -- - - UTC - RP - Deckard's System Scanner Restore Point - - UTC - RP - System Checkpoint - - UTC - RP - System Checkpoint - - UTC - RP - Software Distribution Service - - UTC - RP - Removed Banctec Service Agreement -- First Restore Point -- - - UTC - RP - System Checkpoint Backed up registry hives Performed disk cleanup Percentage of Memory in Use more than Total Physical Memory MiB MiB recommended System Drive C has GiB less than free -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend security center" "live log guide" deckard here "online and safety Micro HijackThis v Scan saved at - - Platform Windows XP Service Pack MSIE Internet Explorer Boot mode Normal Running processes C WINDOWS SYSTEM SMSS EXE C WINDOWS SYSTEM WINLOGON EXE C WINDOWS SYSTEM SERVICES EXE C WINDOWS SYSTEM LSASS EXE C WINDOWS SYSTEM SVCHOST EXE C WINDOWS SYSTEM SVCHOST EXE C Program Files Common Files Symantec Shared ccSvcHst exe C Program Files Common Files Symantec Shared AppCore AppSvc exe C WINDOWS SYSTEM "online security guide" and "live safety center" deckard log here spoolsv exe C Program Files Symantec LiveUpdate AluSchedulerSvc exe C Program Files Common Files Symantec Shared ccSvcHst exe C WINDOWS SYSTEM CTSVCCDA EXE "online security guide" and "live safety center" deckard log here C WINDOWS SYSTEM SVCHOST EXE C WINDOWS SYSTEM MsPMSPSv exe C WINDOWS explorer exe C Program "online security guide" and "live safety center" deckard log here Files Java j re bin jusched exe C Program Files Intel Modem Event Monitor IntelMEM exe C WINDOWS SYSTEM RUNDLL EXE C Program Files Dell Media Experience PCMService exe C Program Files CyberLink PowerDVD DVDLauncher exe C WINDOWS SYSTEM dla tfswctrl exe C WINDOWS SYSTEM hkcmd exe C WINDOWS SYSTEM igfxpers exe C Program Files iTunes iTunesHelper exe C Program Files Common Files Symantec Shared ccApp exe C Program Files iPod bin iPodService exe C Program Files Mozilla Firefox firefox exe C Program Files Mozilla Firefox firefox exe C Program Files Mozilla Firefox firefox exe C Documents and Settings John Desktop dss exe C Program Files Internet Explorer IEXPLORE EXE R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKCU Software Microsoft Internet Explorer Main Search Bar http www google com ie R - HKCU Software Microsoft Internet Explorer Main Start Page http securityresponse symantec com fix homepage R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www dell me com myway R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - E A - - D F-BEAE-D A C - C Program Files Common Files Symantec Shared coShared Browser NppBHO dll O - BHO no name - CB F B - F - D E-BC B- A - C WINDOWS SYSTEM ssqnnnm dll O - BHO RXResultTracker Class - FA - - c-A CC- EC DE CA - C Program Files RXToolBar sfcont dll file missing O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS SYSTEM dla tfswshx dll O - BHO ab ae b- - a- -ffe f d a - a d f- eff- -a - b ea ba - C WINDOWS SYSTEM jgqnbgas dll O - BHO no name - A B - D E- -A - C DE A - C WINDOWS SYSTEM ujxxmekz dll O - BHO no name - DC BD B-BB - -B -C B C BCD AB - C WINDOWS SYSTEM pmnno dll O - Toolbar no name - BA B -B - c -B - F F - no file O - Toolbar Show Norton Toolbar - -F - -B -FBEE C B DF - C Program Files Common Files Symantec Shar... Read more

A:"online security guide" and "live safety center" deckard log here

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Start ERUNT, confirm the Welcome message.

Next, select the backup options:

System registry
Current User Registry
Other open user registry

Click "OK" and wait until the backup process is complete. (Note that depending on your system configuration this may take some time, and that the first bar is NOT a progress bar, just an indicator that the program is still running.)
# Note: To ensure proper operation of ERUNT, you should be logged in as a system administrator.

Disconnect from the internet.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

---------------------------------------------------------------------------------------------

Copy and paste the following into Notepad (don't forget to copy and paste REGEDIT4):

Quote:

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00

Save the file as "delete.reg". Make sure to save it with the quotes. It should look like this:

Double click on the delete.reg file and choose Yes to merge/add it to the registry. You may delete the file afterwards.

---------------------------------------------------------------------------------------------
Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.
Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.

Once VundoFix has completed it's work....

After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Select the first option, to run Windows in Safe Mode, then press Enter.

Open HijackThis and click on 'Do a System Scan Only'. Check the following entries if they still exist and click Fix Checked

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O2 - BHO: (no name) - {4CB8F4B4-5F66-4D9E-BC3B-184596A58824} - C:\WINDOWS\SYSTEM32\ssqnnnm.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461... Read more

http://www.techsupportforum.com/forums/f100/online-security-guide-and-live-safety-center-deckard-log-here-196041.html
Relevancy 108.19%

I don't have a clue where to begin trying to fix this problem. Spybot doesn't seem to fix the problem. I keep getting random icons on my desktop and start menu called "online security guide" and "live saftey center". There are also many fake balloon warnings appearing and a window titled "Critical System Warning!" that wants me to download stuff. What process can I go through to clean my system. Any help would be great...thank you!

A:i need help - "online security guide" & "live safety center" icons!!

http://www.techsupportforum.com/secu...tml#post342651

After running through all the steps, please post the requested logs.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f284/i-need-help-online-security-guide-and-live-safety-center-icons-193369.html
Relevancy 108.19%

ok!!!!!!!!!! what is it and how do i fix it,,,, eyes crossed knees woobly help?????????????????????

A:[Solved] mplay32.exe,1"/play/close"%L"." and sndrec32.exe"%L"."

Relevancy 107.88%

I've been having some problems with my computer and I've always somehow managed to work my way around the issues spyware malware etc have created but lately it's been getting out of hand Some time ago I got a virus or something that made the entire tab under quot Processes quot dissapear So I could not see process-names in the task-manager I have re-installed XP but this problem persists I have been using a different application to monitor and handle processes The problem now is the constant pop-ups generated from this fake anti-virus program calling itself quot Anti Virus Pro quot or something It pops up with fake commercials and even attach itself into other explorer-windows while I view other pages As popups and messageboxes keep popping up I close them but after a while windows will open a messagebox telling me quot Buffer overrun detected in e Windows system explorer exe quot or windows explorer exe I don't remember really but you get the idea and explorer exe will be terminated sometimes taking some internet explorer windows along with it other times explorer exe just starts up again and all my windows remain I used to have Norton but was forced to remove it as it was sucking up all my CPU It rendered my computer and something++ fake a "Buffer Infected "Win overrun Spyware" - dialer or Anti error" useless as I mainly use it for gaming I've also experienced having the connection between me and my modem broken while beeing on the internet and I don't know if my computer actually is offline or if -I'm- just offline The LAN-connection won't detect my modem and I can't even find it by pinging it I have been trough Step without finding anything I could remove in control-panel The panda online search take hours if not days to finish as it slows down severly after a certain time I have tried acouple of times but before it finish a popup or an error will close the browser window EDIT I forgot to mention I have tried to follow acouple of solutions I saw you guys giving people Infected - "Win Anti Spyware" "Buffer overrun error" and a fake dialer or something++ with similiar problems Infected - "Win Anti Spyware" "Buffer overrun error" and a fake dialer or something++ as I had and searching for malware and stuff it did find some infected dll-files in my system folder and other windows-folders I deleted afew but something called nnommmll dll or something was attached to winlogon exe and therefore I couldn't delete it The other files came back after my computer crashed anyway though x x I'll now paste the logfile generated by dss exe ---------------------------------------------------- Deckard's System Scanner v Run by Per Killer on - - Computer is in Normal Mode -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point -- Last Infected - "Win Anti Spyware" "Buffer overrun error" and a fake dialer or something++ Restore Point s -- - - UTC - RP - Deckard's System Scanner Restore Point - - UTC - RP - Kontrollpunkt for system - - UTC - RP - Kontrollpunkt for system - - UTC - RP - Kontrollpunkt for system Backed up registry hives Performed disk cleanup System Drive E has GiB less than free -- HijackThis run as Per Killer exe ------------------------------------------ Unable to find log file not found running clone -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of HijackThis v Scan saved at - - Platform Windows XP Service Pack MSIE Internet Explorer Running processes E WINDOWS system smss exe E WINDOWS system winlogon exe E WINDOWS system services exe E WINDOWS system lsass exe E WINDOWS system svchost exe E WINDOWS system svchost exe E WINDOWS system spoolsv exe E WINDOWS system CTSVCCDA EXE E WINDOWS system nvsvc exe E WINDOWS system PnkBstrA e... Read more

A:Infected - "Win Anti Spyware" "Buffer overrun error" and a fake dialer or something++

Hello and welcome to TSF

Note: It is important that it is saved directly to your desktop.

Close all browsers. Double click combofix.exe & follow the prompts.
Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.

Double-click on HJTInstall.exe to run the program.
By default it will install to C:\Program Files\Trend Micro\HijackThis.
Accept the license agreement by clicking the "I Accept" button.
Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
Click "Save log" to save the log file and then the log will open in Notepad.
Click on "Edit -> Select All" then click on "Edit -> Copy" to copy the entire contents of the log.
Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

Expected logs:

Combofix.txt
HijackThis log

http://www.techsupportforum.com/forums/f284/infected-win-anti-spyware-buffer-overrun-error-and-a-fake-dialer-or-something-185695.html
Relevancy 107.57%

A:PC INFECTED with "System Security Version 4.52"[MOVED]

Please be patient, a security analyst will be with you to give further instructions

http://www.techsupportforum.com/forums/f50/pc-infected-with-system-security-version-4-52-moved-397434.html
Relevancy 107.57%

Hi First thank you for taking the time to look at this My "System my infected not Help: much desktop Security" after its better PC & 'removal' desktop was infected with System Security I followed an online tutorial to remove the malware All visual signs of the malware were removed The computer runs very slow now For some time it also had a google redirect issue Currently Chrome does not work at all it loads a blank page indefinitely unless the no sandbox command is inserted into the target within the icon Many antivirus programs malware programs and rootkit programs have been tried yet the computer remains at the point where it is barely usable The last thing I want to do is reformat I have seen many users online that have had almost identical if not identical problems which seem to also stem from Help: "System Security" infected my desktop PC & after 'removal' its not much better the same or similar infection but nothing has helped get the computer back to peek performance Help: "System Security" infected my desktop PC & after 'removal' its not much better I recently ran a rootkit remover and it detected quot redbook sys quot and removed it Windows XP SP The computer works perfectly when Help: "System Security" infected my desktop PC & after 'removal' its not much better in quot Safe Mode w Networking quot let me know what other info you need as I am in this for the long haul with you this forum may be my last hope nbsp

Relevancy 107.26%

System Acer Aspire one netbook Win XP home ed SP Synopsis of issue Got this comp from my company for a new line of work I started Was quot deep frozen quot when I got it and was useless to me in that state Got it thawed and it suddenly wanted to do loads of updates so I let it Apparently I was not careful enough amp got the quot XP antivirus quot malware Eventually conquered that beast and installed avira free almost immediately avira picked up on the quot html infected win gen quot malware I quarantined deleted scanned comp w avira rkill amp malwarebytes all scans came up clean but I now have no connectivity wired conn continually tries to acquire network address and w less has limited or no Not my router or modem win.gen2&quot; [SOLVED] issues antivirus &quot;XP and 2012&quot; &quot;infected No Connectivity after as I have home comps actively cnctd as I type this Also tried multiple other networks w same neg results After loads of searching and t s'ing I believe I have found the root of the problem When I look under quot services quot I found that quot netbios helper quot quot Network Location Awareness quot amp quot dhcp client [SOLVED] No Connectivity after &quot;infected win.gen2&quot; and &quot;XP antivirus 2012&quot; issues quot [SOLVED] No Connectivity after &quot;infected win.gen2&quot; and &quot;XP antivirus 2012&quot; issues are all not started Trying to start them results in failure b c some quot dependencies are marked for deletion quot the afore-mentioned things are dependent upon the Netbios over tcpip and tcpip protocol driver Those drivers are in the system drivers folder but I cannot find a quot non plug and play quot section in the device manager Yes I looked under quot hidden devices quot and I looked in every drop down I successfully cmd netsh int ip reset c resetlog txt but when I tried to reset winsock I got winsock is not recognized as an internal or external command operable program or batch file I have no reboot disk or thumb drive and bios is p w'ed so I can't wipe the slate clean and start fresh Is there anything I can do short of giving it to the quot IT guy quot at work That's a black hole I'd really like to avoid if possible I hope I have been as clear and concise as possible and I appreciate all the help Happy New Year dds report UNLESS SPECIFICALLY INSTRUCTED DO NOT POST THIS LOG IF REQUESTED ZIP IT UP amp ATTACH IT DDS Ver - - Microsoft Windows XP Home Edition Boot Device Device HarddiskVolume Install Date AM System Uptime PM hours ago Motherboard Acer Aspire one Processor Intel R Atom TM CPU N GHz CPU mhz Disk Partitions C is FIXED NTFS - GiB total GiB free D is Removable Disabled Device Manager Items System Restore Points RP AM - Software Distribution Service RP PM - Software Distribution Service RP PM - Software Distribution Service RP PM - Software Distribution Service RP PM - System Checkpoint Installed Programs Adobe Flash Player ActiveX Adobe Reader Adobe Shockwave Player Avira Free Antivirus Critical Update for Windows Media Player KB Hotfix for Microsoft NET Framework SP KB Hotfix for Microsoft NET Framework SP KB Hotfix for Windows Media Format SDK KB Hotfix for Windows Media Player KB Hotfix for Windows XP KB Hotfix for Windows XP KB Hotfix for Windows XP KB -v Hotfix for Windows XP KB Hotfix for Windows XP KB -v Hotfix for Windows XP KB -v Intel R Graphics Media Accelerator Driver Java TM Update Malwarebytes Anti-Malware version Microsoft NET Framework Microsoft NET Framework Security Update KB Microsoft NET Framework Service Pack Microsoft NET Framework Service Pack Microsoft NET Framework SP Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Compression Client Pack for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack Microsoft National Language Support Downlevel APIs Microsoft User-Mode Driver Framework Feature Pack Microsoft Visual C x Re... Read more

A:[SOLVED] No Connectivity after &quot;infected win.gen2&quot; and &quot;XP antivirus 2012&quot; issues

Hello Gunnersfan13,

I do see the problem and I'll have to ask you to please stop any more action on your part to resolve this yourself or you'll make my job that much more difficult. :)

You are still very much infected with ZAccess. I need to see the dds.txt. (You posted, and attached, only the Attach.txt produced by dds.scr)

Run dds.scr again, and post the contents of the dds.txt.

==============================

Next, open Notepad and copy/paste the contents inside the quote box below, into Notepad.

Quote:

regedit /a afdexport.txt "HKEY_LOCAL_MACHINE\SYSTEM\currentcontrolset\Services\AFD"

Save this as afdexport.bat Choose to "Save type as - All Files"

Double click on the .bat file & allow it to run. Then post the log which it produces

===============================

Copy the content of the following codebox into the main textfield:

Code:
:filefind
afd.sys

Click the Look button to start the scan.
Note: The log can also be found at on your Desktop entitled SystemLook.txt

http://www.techsupportforum.com/forums/f100/solved-no-connectivity-after-and-quot-infected-win-gen2-and-quot-and-and-quot-xp-antivirus-2012-and-quot-issues-621728.html
Relevancy 107.26%

A:infected with "vbs", afte "Flash_Disinfector" all folders on hard drive don't open

Hello buct,

It will require more than 1 round to clean the system. Please stay with me until given the 'all clear' even if symptoms seem to abate.

* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================

Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal.

====================================================

Double click on combofix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

http://www.techsupportforum.com/forums/f100/infected-with-vbs-afte-flash_disinfector-all-folders-on-hard-drive-dont-open-468423.html
Relevancy 107.26%

HI i got infected with quot vbs quot through someone's usb i ran quot Flash Disinfector quot then installed quot kaspersky quot scaned the whole computer it also deleted open used & drive "vbs", on unable with folders "Flash_Disinfector" to hard infected vbs trojan However after that when i tried to open my computer by clicking on its icon it did not open i tried to open it fron strat up but the result was same all others like my documents etc were all right i open my computer through my documents opened my c drive when i tried to open further any folder present infected with "vbs", used "Flash_Disinfector" & folders on hard drive unable to open present in the C drive it gave me the error i am including the error meggage in attachment howerever all my folders were not having any shortcut sign amp it was same with all folders present in all my drives infected with "vbs", used "Flash_Disinfector" & folders on hard drive unable to open but when i wrote the name of the folder in the address bar it opened normaly infected with "vbs", used "Flash_Disinfector" & folders on hard drive unable to open so now i cannot open my computer through its icon plus all the folders present in my hard drive please help me to sort this thing out

A:infected with "vbs", used "Flash_Disinfector" & folders on hard drive unable to open

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:

Having problems with spyware and pop-ups? First Steps

link at the top of each page.

---------------------------------------------------------------------------------------------

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

http://www.techsupportforum.com/forums/f100/infected-with-vbs-used-flash_disinfector-and-folders-on-hard-drive-unable-to-open-468303.html
Relevancy 107.26%

Hi all Sorry to repeat a question I see a lot of instances of but none of those seem to be addressing my problem correctly I have not done anything new to my computer in recent days so this problem has caught me off guard I see most instances of this problem come after upgrading to Windows I have had Win installed for a while now Here is a summary of my problem My computer recently got stuck on the quot Starting Windows Screen quot So I manually held the power button to reboot On reboot it said there was a need to run a startup repair which I did Everything checked fine except for the Corrupted" Windows", is on Repair "Starting Stuck Shows Disk Volume "System on last one which said quot System Volume on Disk is Corrupted quot which it claimed to have successfully fixed After rebooting from repair the system gets stuck on quot Starting Windows Screen quot for a good - minutes after which it runs a registry check After it completes that I get hopeful -- but the screen then gets stuck on an all black screen with just the mouse cursor and nothing more Additional note Attempting to start the computer on quot safe mode quot leads Stuck on "Starting Windows", Repair Shows "System Volume on Disk is Corrupted" safe mode startup to become stalled Stuck on "Starting Windows", Repair Shows "System Volume on Disk is Corrupted" on quot DRIVERS CLASSPNP SYS quot The lastest attempt to repair yielded this message quot Startup repair cannot repair this computer automatically Problem event Name Startup Repair Offline Problem signature uknown quot AutoFailover Corrupt Volume OS Version Locale Id In need of help not sure where to start Thanks nbsp

A:Stuck on "Starting Windows", Repair Shows "System Volume on Disk is Corrupted"

Hi Stan, Hopefully I can help you out....or at least lead you in the right direction. From my experience, the symptoms you are suggesting sound like perhaps a dying Hard drive.

1. Do you have the windows 7 boot disks that came with your computer or when you bought the Operating System? If so, you could try and insert one of those and boot from it, and attempt to repair the installation. (this won't affect your data, only the windows system files).

2. If that doesn't fix it, you could try a fresh reinstall of windows 7, and see if that works.

I hope this leads you in the right direction.

Relevancy 107.26%

Relevancy 107.26%

I don't have a clue where to begin trying to fix this problem. I keep getting random icons on my desktop called "online security guide" and "live safety center". There are also many fake balloon warnings appearing and a window titled "Critical System Warning!" that wants me to download stuff. What process can I go through to clean my system. I didn't have this problem until I upgraded to Norton 2008. I am currently running IP tool antivirus and spyware, I also have ran Smitfraudfix, still getting pop ups like crazy. Also my IP tools is finding Trojan.Virtumonde. I use Quicken and it seems to have attacked it because I am no longer able to use it. Any help would be great...thank you!

A:"online security guide" and "live safety center"

Hi and welcome to TSF.

Apologies for any delay in replying, but we have been rather busy lately, and, of course, all our helpers are volunteers.

Since it has been a few days since you first posted, please follow these instructions if you still need assistance.

Download Deckard's System Scanner (DSS) to your Desktop . Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - minimised > extra.txt and maximised > main.txt.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt back in this thread (do not attach it).

To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

http://www.techsupportforum.com/forums/f284/online-security-guide-and-live-safety-center-193888.html
Relevancy 107.26%

A:Need to get rid of "Live Safety Center" and "Online Security Guide"

I did follow MicroBell's 5 Step process and the Panda scan said that no virus could be found. However, my Avast anti-virus warned me 5-6 times about files while I was running the Panda virus scanning. One of them was named "win.exe" and was in C:\temp\ but has now been deleted. Every time Avast issued a virus alert I chose the option to delete the file in question.

http://www.techsupportforum.com/forums/f284/need-to-get-rid-of-live-safety-center-and-online-security-guide-194341.html
Relevancy 107.26%

Relevancy 106.95%

Newly purchased Laptop with windows 8.1 OS preinstalled. We have successfully added this system to domain. While accessing the application after logging into the domain with Domain Credential, we found below attached error where  user is having local
admin previledges and  the UAC disabled.

A:"This application can't open" --- There is a problem with " application name" . Contact your system administrator about reparing or reinstalling it

Hi,
Firstly, please enable UAC and restart your computer to test if this problem resolved.
If problem persists, try to use APP troubleshooter to check APP problem, if there is any reports, please feel free let us know.
Windows App troubleshooter:

Roger Lu
TechNet Community Support

https://social.technet.microsoft.com/Forums/en-US/5e9c1304-0a8c-49c5-acb3-0d1b41462365/quotthis-application-cant-openquot-there-is-a-problem-with-quot-application-namequot-?forum=w8itprogeneral
Relevancy 106.95%

Good Morning I would like to introduce "Incomplete" NO DESKTOP Files ? up & RESTORE Temp after "Strange" & SYSTEM booting ? myself I am new to the forum Should I address an issue inappropriately kindly alert me Most recently I have experienced multiple PC issues Recently I performed a System Recovery and encountered the following Cannot perform a SYSTEM RESTORE The message is Restoration Incomplete Your computer cannot be restored quot When I booted up this morning and DID NOT HAVE A DESKTOP The screen was blank no Icons The items below are APPEARING IN MY TEMP FOLDER and are located at C DOCUME COMPAQ LOCALS Temp a tmp plus similar numbers b IswTmp c msohtmlclip d msohtmlclip I delete the above items through safe mode but they re-appear I am MOST CONCERNED ABOUT Items amp SYSTEM SPECIFICATION DESKTOP PC Windows XP SP HP Compaq Presario - Media Center Edition AMD Athlon m Processor X -Based PC - -bit package MOTHERBOARD Chipset - ATI RADEON XPRESS CHIPSET Version Build Processor If someone would give me some feedback I would appreciate it tremendously THANKS IN ADVANCE Kind regards AJ

A:NO DESKTOP after booting up … & SYSTEM RESTORE "Incomplete" … & "Strange" Temp Files

Usually when the machine has a "blank" desktop, the boot/startup process has been interupted or is frozen to before Explorer is launched.

You can launch Explorer manually be navigating C:\Windows and double-clicking "Explorer".

If successful, do the following:

Start>Run>(type) "msconfig" and turn off all non-MS services and all startups.

Then, Start>Run>(type) "cmd", and at the command prompt type "chkdsk /f" and schedule a chkdsk to run on next reboot.

Reboot system and report results.

http://www.techsupportforum.com/forums/f10/no-desktop-after-booting-up-and-system-restore-incomplete-and-strange-temp-files-516065.html
Relevancy 106.95%

Ok so I'm using a custom visual style made by another user however I don't really like the buttons used that I mentioned Changing of "minimize" buttons a theme and "close" "maximize" the above The creator states it is acceptable to change the theme to however you like Changing the "minimize" "maximize" and "close" buttons of a theme as long as you don't redistribute it anywhere Ok so I opened up the msstyles file using Restorator located in the theme folder of this VS I went into the images directory and located what seems Changing the "minimize" "maximize" and "close" buttons of a theme to be the images used for the buttons Intuitively it seems like it would make sense to replace those images with different ones perhaps from another visual style and it should change them However would this actually work Could the theme get messed up in some other way like proportions or something if the new button images are smaller I don't know of any other way to change them that would be easy But I did run into another problem For some visual styles I can't even locate those buttons in the images directory Where else would they be

A:Changing the "minimize" "maximize" and "close" buttons of a theme

Use Windows Style Builder to do that...

http://www.sevenforums.com/customization/200947-changing-minimize-maximize-close-buttons-theme.html
Relevancy 106.95%

Hi everyone!

Yesterday my HP laptop (Windows 7) started getting BSOD with various types of errors (mostly "STOP: 0x00000F4", "STOP: 0x0000007A", "c00021a" and one "missing %hs, c0000135"). Most of the time it restarts without any issues and works fine right after the BSOD and then an hour or two later I get a BSOD again.

I have tried restoring to Last Known Good Configuration, startup repair, hard disk check, virus scans and I also uninstalled any recently added programs I could think of and cleared up more than 50% of my hard disk space. None of these seem to have helped and I still get BSOD regularly.

I have attached the folder from the SF Diagnostic Tool and would appreciate any advice!
Thank you!

A:BSOD every few hours: mostly "STOP: 0x00000F4", "c00021a" & "c0000135"

Welcome to the forum.

MSINFO32:
Please go to Start and type in "msinfo32.exe" (without the quotes) and press Enter
Save the report as an .nfo file, then zip up the .nfo file and upload/attach the .zip file with your next post.
Also, save a copy as a .txt file and include it also (it's much more difficult to read, but we have greater success in getting the info from it).
------------------------
Test your Hard Drive(s) by running: Hard Drive Diagnostic Procedure
------------------------
Test and Diagnose RAM Issues with Memtest86+: RAM - Test with Memtest86+

Tip
Pay close attention to Part 3 of the tutorial "If you have errors"
Test the RAM with Memtest86+ for at least 7-10 passes. It may take up to 22 passes to find problems. Make sure to run it once after the system has been on for a few hours and is warm, and then also run it again when the system has been off for a few hours and is cold.

------------------------
Monitor hardware temperature with system monitoring software like Speccy or HWMonitor. Upload a screen shot of the Summary tab as well:Piriform - Speccy
CPUID - HWMonitor

Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F4, {3, 87a2e968, 87a2ead4, 83a55cf0}

----- ETW minidump data unavailable-----

Followup: MachineOwner
---------
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F4, {3, 87a7bd40, 87a7beac, 83a1fcf0}

----- ETW minidump data unavailable-----

Followup: MachineOwner
---------

http://www.sevenforums.com/bsod-help-support/307397-bsod-every-few-hours-mostly-stop-0x00000f4-c00021a-c0000135.html
Relevancy 106.95%

Are you over-clocking? Is the bios set to its defaults? Is the SSD set on a SATA 3 port in AHCI mode?

Relevancy 106.95%

I am using Windows 7 on my laptop and I have question about when to use "Home", "Work" and "Public" profile.

If I am logging in without setting password, and I am logging in network with "Public" profile, then will any other user, who can see my computer, be able to enter my computer and check the contents on my computer ?

I am connecting to a network and there are 6 other users connected to this network. In the set network location window, if I select the netwoek as "Home", does it mean that other 6 users will not be able to see my computer on network and if I use "Public", then all other six users will be able to see my computer on network ?

Thanks

http://www.techsupportforum.com/forums/f217/when-to-use-home-work-or-public-profile-while-connecting-to-network-478413.html
Relevancy 106.95%

Relevancy 106.95%

Example sentence: vrytim I prss ths kys, nothing happns. Now I'm writing with my on-sreen keyboard. I'm clueless when it comes to computer stuff. How do I fix this? Is this a software problem, or a hardware problem?Help is much appreciated!

A:Kyboard deos not respond to the keys: "e", "d", "c" and "3"

My keyboard hath the thame problem with the thupid eth key. The blathted thing ith driving me nutth.

All theriousneth...er...seriousness aside, usually, that is a hardware problem. Can you find or borrow another keyboard and see if it will work correctly on your machine?

http://www.sevenforums.com/hardware-devices/311639-kyboard-deos-not-respond-keys-e-d-c-3-a.html
Relevancy 106.95%

Relevancy 106.95%

My wife seems to have recently installed quot System Security quot malware even though we were running an updated version of the AVG antivirus and the computer XP Home is fully patched I find many references to it on the internet and even some at techguy Security" "System malware more potent New org But all of the instructions tell you to run some malware removal program This version of the program not only pops fake security messages and asks you to quot register quot to get rid of them but it claims that EVERY exe I try to run except Internet Explorer is quot infected quot and therefore will not be run This includes the malware removal installation programs that it does allow IE to download regedit even notepad And since it won t let anything run NONE of the usual antivirus and antimalware programs will run Is there anything short of a full reinstall that I can do And is AVG really this bad Thanks nbsp

Relevancy 106.64%

A:Infected by "System Security" Rogue

Ok, I was reading through some other threads and saw that Malwarebytes is often suggested. I downloaded that and ran it and I think it got rid of the rogue.

Things are still running pretty slow and choppy so I suspect other issues.

Here is the new HJT Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:11:39 AM, on 2009-06-18
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Symantec AntiVirus\SavRoam.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Documents and Settings\Jeff Lincoln\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Corel\WordPerfect Office 2000\Register\Remind32.exe C:\Startel WorkStation\te.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Documents and Settings\Jeff Lincoln\Desktop\Diagnostic & Maintenance\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.my.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O1 - Hosts: 94.232.248.66 spydetect.microsoft.com O1 - Hosts: 94.232.248.66 antivirwin2009.com O1 - Hosts: 94.232.248.66 www.antivirwin2009.com O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-00902... Read more https://forums.techguy.org/threads/infected-by-system-security-rogue.836051/ Relevancy 106.33% Using "System Performance" DCS reports some events are lost. To fix it, I need to increase buffer size but I can't do it because all parameters are disabled. When I create custom DCS with same trace (based on "Windows Kernel Trace" provider) I increase num of buffers and everything works fine. How can I change it for "System Performance"? https://social.technet.microsoft.com/Forums/en-US/4fefd1b3-0229-4374-8691-6a3d594dc3ea/increase-buffer-size-for-quotnt-kernelquot-trace-in-quotsystem-performancequot-dcs?forum=w7itproperf Relevancy 106.33% Which one should I do? I originally wanted to just do "Return computer to factory condition" but Theog just suggested "Use A System Image Created Earlier." I have no idea what to do. So confusing! A:"Return computer to factory condition" or "Use A System Image Crea..." Hello M4TE and welcome to Seven Forums. Sorry for the delay in responding but I just came across your question. Most newer manufactured computers have a hidden recovery partition on the hard drive. The manufacturer provides specific instructions on how to access that partition in case you want to restore your machine to the exact condition it was in when it left the factory. That means you'd have to go through the time consuming process of cleaning out factory bloatware (like free trials of programs you'll never need), installing programs you do need, updating everything, creating your personal settings, etc. Here is a general idea of how to access the hidden recovery partition. HP Recovery From Partition Let's say it took you a day or two to set up your machine to your liking using the hidden recovery partition. A System Image is like a snapshot of your entire hard drive. It will include everything from the operating system to all your programs, files, photos, music, all updates ... everything. Most folks keep it on a separate external hard drive. Let's say a week later you get a virus or your machine crashes for some reason. You can use that System Image to return your machine to the exact condition it was in when you made the image. Usually takes about 30 minutes or so and you're back in business. It's a lot faster and more convenient to only worry about a week of updates compared to probably months with the hidden recovery partition. The newer a System Image is the less you have to worry about. But one caution: since a System Image is, for all purposes, an exact duplicate of the hard drive, it will also include any malware that may be on the machine. So if in doubt, it might be best to use the hidden recovery partition to start off with a clean slate and then make a System Image immediately following all customizing. http://www.sevenforums.com/backup-restore/185899-return-computer-factory-condition-use-system-image-crea.html Relevancy 106.33% First off thank you for any assistance in advance Problem quot System Alert quot balloon in tray icon that will not go away and redirects me in IE to hxxp www virprotect com aff Using SpyBot Search amp Destroy and Ad-Aware SE I seem to have gotten rid of the problem of the Directs Trying Alert" That Balloon To "virprotect.com" Remove [SOLVED] To "System redirection of my home page as well as removed the trojan that caused all of this in the first place I think The pesky balloon however remains All pre-steps your forum recommeded have been completed Below are the logs your forum requests in advance please note that my DSS quot extra quot log file is attached PANDA ACTIVESCAN Incident Status Location Potentially unwanted tool application myglobalsearch Not disinfected c program files MyGlobalSearch Spyware Cookie Atlas DMT Not disinfected [SOLVED] Trying To Remove "System Alert" Balloon That Directs To "virprotect.com" C Documents and Settings Compaq Owner Cookies compaq owner atdmt txt Spyware Cookie Tribalfusion Not disinfected C Documents and Settings Compaq Owner Cookies compaq owner tribalfusion txt Hacktool HackTool KillProcWin A Not disinfected C Documents and Settings Compaq Owner Local Settings Application Data Wildtangent Cdacache E dat simple killw exe Potentially unwanted tool Application KillApp B Not disinfected C hp bin KillIt exe Spyware Spyware PeoplePC Not disinfected C Program Files Online Services PeoplePC ISP Dll RAS DLL DSS MAIN Deckard's System Scanner v Run by Compaq Owner on - - Computer is in Normal Mode -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point -- Last Restore Point s -- - - UTC - RP - Deckard's System Scanner Restore Point - - UTC - RP - Configured easy Internet sign-up - - UTC - RP - System Checkpoint - - UTC - RP - System Checkpoint - - UTC - RP - System Checkpoint -- First Restore Point -- - - UTC - RP - Software Distribution Service Backed up registry hives Performed disk cleanup -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v Scan saved at - - Platform Windows XP Service Pack MSIE Internet Explorer Boot mode Normal Running processes C WINDOWS system smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system ati evxx exe C WINDOWS system svchost exe C WINDOWS system svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system ati evxx exe C WINDOWS explorer exe C WINDOWS system spoolsv exe C WINDOWS system svchost exe C Program Files Common Files LightScribe LSSrvc exe C Program Files McAfee MSC mcmscsvc exe C Program Files Common Files McAfee MNA McNASvc exe C Program Files Common Files McAfee McProxy McProxy exe C Program Files McAfee VirusScan Mcshield exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system hpzipm exe C WINDOWS system svchost exe C WINDOWS system wscntfy exe C Program Files McAfee com Agent mcagent exe C Program Files Hewlett-Packard Toolbox Apache Tomcat webapps Toolbox StatusClient StatusClient exe C Program Files Common Files Real Update OB realsched exe C Program Files Java jre bin jusched exe C hp KBD kbd exe C Program Files Microsoft IntelliPoint point exe C Program Files HP HP Software Update hpwuSchd exe C Program Files iTunes iTunesHelper exe C WINDOWS system ctfmon exe C Program Files Messenger msmsgs exe C Program Files Windows Media Player wmpnscfg exe C Program Files Common Files AOL EE AOLHostManager exe C Program Files Yahoo Messenger Ymsgr tray exe C Program Files Common Files AOL EE AOLServiceHost exe C Program Files iPod bin iPodService exe C Program Files Hewlett-Packard Toolbox Javasoft JRE bin javaw exe C WINDOWS ALCXMNTR EXE C Program Files ATI Technologies ATI Co... Read more A:[SOLVED] Trying To Remove "System Alert" Balloon That Directs To "virprotect.com" Download SDFix from here and save it to your desktop. Please then reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, a menu with options should appear; Select the first option, to run Windows in Safe Mode, then press "Enter". Choose your usual account. In Safe Mode, right click the SDFix.zip folder and choose Extract All, Open the extracted folder and double click RunThis.bat to start the script. Type Y to begin the script. It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot. Press any Key and it will restart the PC. Your system will take longer that normal to restart as the fixtool will be running and removing files. When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt (Report.txt will also be copied to Clipboard ready for posting back on the forum). Finally paste the contents of the Report.txt back on the forum. ========================================= This will help to identify malware on your system. Please download Combofix from any of these locations: Here or Here Save ComboFix to the desktop and please ensure that you disable realtime security/virus programs that monitors your PC while CF is running. 1. Double click on combo.exe & follow the prompts. 2. When finished, it will produce a logfile located at C:\ComboFix.txt. 3. Copy and Paste the contents of that log in your next reply with a new hijackthis log. Do not use Code or html unless asked for. Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang. Caution...Never run and remove files using ComboFix without being supervised by a security analyst. http://www.techsupportforum.com/forums/f100/solved-trying-to-remove-system-alert-balloon-that-directs-to-virprotect-com-207199.html Relevancy 106.33% I have been getting these quot Bad Pool Header quot and quot System Service Exception quot BSODs for about a day now the quot Bad Pool Header quot one tends to pop up more often then the other btw I ran a registry cleaner which didn't work and ran memtest this morning and it showed that my memory was fine The BSODs tend to occur more often when I am playing a game or running some program that uses a bit more memory but it also happens when I am just on the internet On the other hand last night I did nothing but surf YouTube for hours and didn't get a BSOD at all However since then I haven't been able to do anything for more than minutes without being in safe mode without it crashing and this morning it completely froze until I turned it off My OS is Windows Random Service Exception" "Bad Pool BSODs "System and Header" Home Premium bit It came preinstalled from the manufacturer and unfortunately I do not have the install disc The entire laptop is less than years old and there have been no major hardware changes and I have never reinstalled the OS A:Random "Bad Pool Header" and "System Service Exception" BSODs UPDATE: Another BSOD just happened after I left the computer idle for a couple of hours except this one said something about Asdsm.sys. http://www.techsupportforum.com/forums/f299/random-bad-pool-header-and-system-service-exception-bsods-640978.html Relevancy 106.33% Dear Experts, I have created windows image on Drive F: but delete it after some time manually due to some space prob. But while backup shows about 40 GB only few GB space got free after deletion. When i try to again take the the backup using windows 7 backup & restore option, its still shows 35 Gb of System Image in drive F: when i brows the Manage Disc Space option but i cant find it on the same drive. (Plz see attached pic) Plz help me to locate this and delete the same. Thanks A:Cant find "System Image" of 36 GB but its shows on "Manage Disc Space" Hello sattyaji, and welcome to Seven Forums. It may still be showing if the system image was created as part of a Windows backup. Using the tutorial below to reset Windows Backup should clear it for you, but you will need to set up your backup again afterwards. Backup User and System Files - Reset to Default Configuration Hope this helps, Shawn http://www.sevenforums.com/backup-restore/284067-cant-find-system-image-36-gb-but-its-shows-manage-disc-space.html Relevancy 106.33% I have been getting these quot Bad Pool Header quot and quot System Service Exception quot BSODs for about a day now the quot Bad Pool BSODs Service Pool Random "System and Exception" Header" "Bad Header quot one tends to pop up more often then the other btw I ran a registry cleaner which didn't work and ran memtest this morning and it showed that my memory was fine The BSODs tend to occur more often when I am Random "Bad Pool Header" and "System Service Exception" BSODs playing a game or running some program that uses a bit more memory but it also happens when I am just on the internet On the other hand last night I did nothing but surf YouTube for hours and didn't get a BSOD at all However since then I haven't been able to do anything for more than minutes without being Random "Bad Pool Header" and "System Service Exception" BSODs in safe mode without it crashing and this morning it completely froze until I turned it off My OS is Windows Home Premium bit It came preinstalled from the manufacturer and unfortunately I do not have the install disc The entire laptop is less than years old and there have been no major hardware changes and I have never reinstalled the OS A:Random "Bad Pool Header" and "System Service Exception" BSODs UPDATE: Another BSOD just happened after I left the computer idle for a couple of hours except this one said something about Asdsm.sys. http://www.sevenforums.com/bsod-help-support/224813-random-bad-pool-header-system-service-exception-bsods.html Relevancy 106.33% Hi All Happy New Year First time posting On i ended up with a bunch of viruses "Video that and viruses...HELP "Helper" Infected: folder Add contain On" Trojan on my computer From what I can gather they are bad news I down loaded PC Tools to do a search and found a bunch of Trojans and other nasties I have uploaded a screen shot of the PC Tools scan In the quot C Program Files Video Add On quot folder the following can t be deleted icmtr dll icthis isfmdl dll isfmm isfmntr In the quot C Program Files Helper quot folder the following was found turbosearchsite dll e Module What is this Do I need the file in Helper Please help PS I am not a techno savvy guy Infected: "Video Add On" and "Helper" folder that contain Trojan viruses...HELP I kinda know what is going on but only enough to get myself into trouble and not be able to get out I tried a few things to get rid of them but was unsuccessful From what I have seen I will be here for a bit Thanks in advance bassndude that s Bass as in the fish not the musical instrument - nbsp A:Infected: "Video Add On" and "Helper" folder that contain Trojan viruses...HELP https://forums.techguy.org/threads/infected-video-add-on-and-helper-folder-that-contain-trojan-viruses-help.667700/ Relevancy 106.33% I have searched to see if this was asked before without any success. Maybe someone has run into this problem before. When I open "my computer" or "control panel" after I close it...it automatically goes into Internet Explorer as a blank page. Most of the time, when I close the IE blank page...it stops responding and I have the control-alt-delete to "end the program" Thanks in advance for any help. A:closing "my computer" or "Control Panel" open internet explorer window Possibly malware - anything openning ie on its own raises an alarm in my books. Post a HJT log to the malware removal section of the forum and let the experts take a look at it https://forums.techguy.org/threads/closing-my-computer-or-control-panel-open-internet-explorer-window.658783/ Relevancy 106.33% Hello everyone how are you! I have a question, actually I'm development a application for sharing internet connection. I'm using "Wireless Hosted Network and Internet Connection Sharing" that it's in https://msdn.microsoft.com/en-us/library/windows/desktop/dd815252%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396 I want change default IP Address range and I have read that these settings it's in next address: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters. My question is, How I can restart or update the "Internet Connection Shraring" or "Wireless Hosted Network" after I change the IP Address range for that assign IP Address different to default. Thank you! https://social.technet.microsoft.com/Forums/en-US/9cad8769-ac99-4437-8b52-752a0cf85da9/restart-or-update-the-quotinternet-connection-shraringquot-or-quotwireless-hosted?forum=netmon Relevancy 106.33% Hello I have an Asus Netbook P running Windows SP get - Network wifi get a also "connected" I connecting to - Access" "Unidentified café Internet Although I When No at with Internet Explorer I am often but not always experiencing the When connecting to wifi at a café - Although I get "connected" I also get - "Unidentified Network No Internet Access" following issue When I attempt to connect to Wifi at a caf the quot Wireless Network Connection quot for the Network shows quot Connected quot yet there When connecting to wifi at a café - Although I get "connected" I also get - "Unidentified Network No Internet Access" is no Internet access Placing the nbsp pointer over the Connection icon in the Notification Area displays quot Unidentified Network No Internet Access quot The network in question always has an SSID shown in the Wireless Network Connection list This issue occurs whether I am running only the Windows firewall or am only running the firewall that I prefer which is Comodo For antivirus I have Avast Pro with its quot web shield quot currently disabled and so far as this issue is concerned it makes no difference whether this Avast component is enabled or disabled or whether I disable all Avast Shields When this issue occurs there are often other customers in the caf nbsp connected to the caf wifi and also using the Internet I have to ask the caf to reset or turn off and then turn back on their router nbsp yet other customers do not have to do this to get Internet connection This is the issue at whatever caf to whose Wifi I attempt to connect Please help with a solution to this issue Regards Robert https://social.technet.microsoft.com/Forums/en-US/0d18050f-7c31-4f0f-92d1-8039e0225061/when-connecting-to-wifi-at-a-caf-although-i-get-quotconnectedquot-i-also-get-?forum=w7itprogeneral Relevancy 106.33% Hello I have an Asus Netbook P running Windows SP with Internet Explorer I am often but not always experiencing the following issue When I attempt to connect to Wifi at a caf the quot Wireless Network Connection quot for the Network shows quot Connected quot yet there is no café a Network although also - get No I When "connected" - Access" connecting at Internet "Unidentified to wifi Internet access Placing the nbsp pointer over the Connection icon in When connecting to wifi at a café - although "connected" I also get - "Unidentified Network No Internet Access" the Notification Area displays quot Unidentified Network No Internet Access quot The network in question always has an SSID shown in the Wireless Network Connection list This issue occurs whether I am running only the Windows firewall or am only running the firewall that I prefer which is Comodo For antivirus I have Avast Pro with its quot web shield quot currently disabled and so far as this issue When connecting to wifi at a café - although "connected" I also get - "Unidentified Network No Internet Access" is concerned it makes no difference whether this Avast component is enabled or disabled or When connecting to wifi at a café - although "connected" I also get - "Unidentified Network No Internet Access" whether I disable all Avast Shields When this issue occurs there are often other customers in the caf nbsp connected to the caf wifi and also using the Internet I have to ask the caf to reset or turn off and then turn back on their router nbsp yet other customers do not have to do this to get Internet connection This is the issue at whatever caf to whose Wifi I attempt to connect Please help with a solution to this issue Regards Robert https://social.technet.microsoft.com/Forums/en-US/0d18050f-7c31-4f0f-92d1-8039e0225061/when-connecting-to-wifi-at-a-caf-although-quotconnectedquot-i-also-get-quotunidentified?forum=w7itprogeneral Relevancy 106.33% I need help. A worm/virus/malware has invaded my Dell E520 Windows XP OS computer. It appears on the monitor as a small 2" X 3" popup which miniaturizes randomly on the page after logging in to the net. When I try to hit delete prompt the malware shuts off my internet connection, then the image re-appears, hopping all over the desktop in replicating multiples. It's proved impossible to identify their web address. I've run AVG, SuperAntiSpyware and MalwareBytes versions to rid the virus, but this has not been effective. Can someone help or suggest a cure? Appreciatively, Hiram A:"Mama Crack" or "Mama Casper" malware/virus invasion Hiya and welcome to Tech Support Guy. As you've run MalwareBytes already, can you post the log of what was found, if anything? Also, can you do the following: Download TFC by OldTimer to your desktop Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). It will close all programs when run, so make sure you have saved all your work before you begin. Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion. Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean. Download RootRepeal from one of the following locations and save it to your desktop: Link 1 Link 2 Link 3 Double click to start the program Click on the Report tab at the bottom of the program window Click the button In the Select Scan dialog, check: [*]Drivers [*]Files [*]Processes [*]SSDT [*]Stealth Objects [*]Hidden Services [*]Shadow SSDT Click the OK button In the next dialog, select all drives showing Click OK to start the scan Note: The scan can take some time. DO NOT run any other programs while the scan is running​ When the scan is complete, click the button and save the report to your Desktop as RootRepeal.txt Go to File, then Exit to close the program If the report is not too long, post the contents of RootRepeal.txt in your next reply. If the report is very long, it will not be complete if you post it, so please attach it to your reply instead. Click on the Go Advanced button for the uploading options at the bottom of this page (in the picture below ) [/list] In there, at the bottom, click on the button Manage Attachments (in the picture below . A window will appear, and then Browse to RootRepeal.txt on your Desktop. Click Upload, and when uploaded click Close this Window Then, in the previous window, click on Add Reply =============== Click here to download HJTInstall.exe Save HJTInstall.exe to your desktop. Doubleclick on the HJTInstall.exe icon on your desktop. By default it will install to C:\Program Files\Trend Micro\HijackThis . Click on Install. It will create a HijackThis icon on the desktop. Once installed, it will launch Hijackthis. Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log. Come back here to this thread and Paste the log in your next reply. DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required. ============= Please include the MBAM log, RootRepeal.txt and a fresh HijackThis log in your next reply Regards eddie https://forums.techguy.org/threads/mama-crack-or-mama-casper-malware-virus-invasion.926805/ Relevancy 106.33% Ive been getting random popups and my homepage has been reset to http www securitynetpage com I also had two programs installed onto my desktop Online Security Guide quot and quot Security Troubleshooting quot I also have a yellow triangle sign in the lower right hand portion of my screen that says something about a system alert popups Help would be greatly appreciated Thank You Logfile of HijackThis v Scan saved at AM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS System ishost exe C Program Files QuickTime qttask exe C Program Files Java jre bin jusched Random Security "Security Guide" Troubleshooting" popups, and "Online exe Random popups, "Online Security Guide" and "Security Troubleshooting" C Program Files Messenger msmsgs exe C WINDOWS System regscan exe C Program Files Kodak Kodak EasyShare Software bin EasyShare exe C Program Files Kodak KODAK Software Updater Program Kodak Software Updater exe C WINDOWS System ismon exe C Program Files Java jre bin jucheck exe C WINDOWS system drivers KodakCCS exe C WINDOWS system pctspk exe C WINDOWS System issearch exe C WINDOWS System wuauclt exe C Program Files Internet Explorer iexplore exe C WINDOWS System isnotify exe C Program Files Internet Explorer iexplore exe C HJT HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Random popups, "Online Security Guide" and "Security Troubleshooting" Start Page http www yahoo com O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO no name - eb d-ae a- - bd- a f be - C WINDOWS System ixt dll O - BHO Random popups, "Online Security Guide" and "Security Troubleshooting" Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM RunOnce Panda cleaner C WINDOWS System ActiveScan pavdr exe xPanda ActiveScan O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run Regscan C WINDOWS System regscan exe O - Global Startup Kodak EasyShare software lnk C Program Files Kodak Kodak EasyShare Software bin EasyShare exe O - Global Startup Kodak software updater lnk C Program Files Kodak KODAK Software Updater Program Kodak Software Updater exe O - Extra context menu item amp Google Search - res C Program Files Google GoogleToolbar dll cmsearch html O - Extra context menu item amp Translate English Word - res C Program Files Google GoogleToolbar dll cmwordtrans html O - Extra context menu item Backward Links - res C Program Files Google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res C Program Files Google GoogleToolbar dll cmcache html O - Extra context menu item Similar Pages - res C Program Files Google GoogleToolbar dll cmsimilar html O - Extra context menu item Translate Page into English - res C Program Files Google GoogleToolbar dll cmtrans html O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http update microsoft com microsof O - DPF E A- D- EE - C-DC FA D FC MUWebControl Class - http update microsoft com microsof O - DPF B BFD- E - -B AF- A B EA WScanCtl Class - http www ca com securityadvisor v fo webscan cab O - DPF A A - DA - DAF-B - F E E ActiveScan Installer Class - http acs pandasoftware com actives ree asinst cab O - HKLM System CCS Services Tcpip D A A - DC- D -A DD-A F A C NameServer O - Service Kodak Camera... Read more A:Random popups, "Online Security Guide" and "Security Troubleshooting" Hi and welcome to TSF. I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem a.s.a.p In the meantime, make sure you subscribe to this thread so that you will receive an instant email when I have replied with a fix to your problem. You may do this by clicking the Thread Tools option at the top of your post and then clicking Subscribe to this thread. Then, make sure Instant Notification by email is selected and click Add Subscription Please be patient with me during this time. http://www.techsupportforum.com/forums/f284/random-popups-online-security-guide-and-security-troubleshooting-112647.html Relevancy 106.02% i have a dell inspiron 6400 with the built in restore option (Ctrl +F11... or something) i split my hard drive manual with partition magic. i wanted to know, if i will restor my system will the hard disk goes back to one, or will it stay split? A:install <span id="EBSpanHighlighter" style="background-color: Fuchsia; color: black;" it'll stay split unless you actually delete the 2nd partition. Just reinstall on c: & you'll be fine https://forums.techguy.org/threads/install-span-id-ebspanhighlighter-style-background-color-fuchsia-color-black.612210/ Relevancy 105.71% When I am on the pc and even when I am not but haven t actually logged off I keep randomly getting the quot Run as quot box popping up asking me quot Which user account do you want to run this program quot with my account Current User as the first choice and a box to check that says quot Protect I As" virus/malware? - keeps up with "Run am popping a infected box Weird my computer and data from unauthorized program activity Weird "Run As" box keeps popping up - am I infected with a virus/malware? quot or the second selection which is quot The following user quot and a space for a user name and password I m concerned that some program s are attempting to run without my knowledge I did inadvertantly load myfreeze com on my pc a couple of weeks ago and then unistalled it including removal of registry keys etc per a website that gave instructions on how to do so It is around this time that this unusual quot Run as quot behavior started but I m not sure if the two are related I have run Malwarebytes and SuperAntiSpyware in the past hours as I tried to follow instructions from another post to quot completely remove all malware quot from my pc and have had Spyware detector and Max s Registry cleaner on my PC for awhile I m not sure what I have let slip through but the run-as boxes have me a bit concerned I did a HiJack this log a little bit ago and am attaching it I m new to this and am not sure if I m giving you everything you need but appreciate the help Thanks Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Roxio BackOnTrack Disaster Recovery SaibSVC exe C Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files Bonjour mDNSResponder exe C WINDOWS system CTsvcCDA EXE C Program Files McAfee SiteAdvisor McSACore exe C PROGRA McAfee MSC mcmscsvc exe c PROGRA COMMON mcafee mna mcnasvc exe c PROGRA COMMON mcafee mcproxy mcproxy exe C Program Files McAfee VirusScan McShield exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files McAfee MPF MPFSrv exe C Program Files McAfee MSK MskSrver exe C Program Files Norton Ghost Agent VProSvc exe C WINDOWS system HPZipm exe C WINDOWS Explorer EXE C Program Files SpywareDetector SDMainService exe C Program Files Roxio Creator Ultimate CPMonitor exe C Program Files Norton Ghost Agent VProTray exe C Program Files McAfee com Agent mcagent exe C Program Files iTunes iTunesHelper exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files HP HP Software Update HPWuSchd exe C WINDOWS system dla tfswctrl exe C Program Files Creative Sound Blaster Live -bit Surround Mixer CTSysVol exe C WINDOWS system ctfmon exe C Program Files Linksys EasyLink Advisor LinksysAgent exe C Program Files SpywareDetector SDService exe C WINDOWS system svchost exe C Program Files Common Files Ulead Systems DVD ULCDRSvr exe C WINDOWS system MsPMSPSv exe C Program Files Canon CAL CALMAIN exe C Program Files iPod bin iPodService exe C WINDOWS System svchost exe C WINDOWS system wuauclt exe C PROGRA McAfee VIRUSS mcsysmon exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Micr... Read more A:Weird "Run As" box keeps popping up - am I infected with a virus/malware? Hi everyone. I know all have been busy and we have had holidays, but this is still happening and it doesn't matter what user ID I use or anything. I'm really concerned that someone els is trying to access and run progrms on my PC. Since it has been over 4 days since I first posted, I just wondered if anyone has had any ideas? Thanks so much. https://forums.techguy.org/threads/weird-run-as-box-keeps-popping-up-am-i-infected-with-a-virus-malware.784374/ Relevancy 105.71% My desktop TOOL" bad help serious malware/virus a need "SECURITY has been taken over by a serious malware called "SECURITY TOOL" a serious malware/virus need help bad quot Security Tool quot I suspect it came when "SECURITY TOOL" a serious malware/virus need help bad my eldest son went onto a Nissan Forum which he said has a bad name currently for passing PC infections What happens is this A false security system called quot Security Tool quot downloads itself and installs an icon in the bottom right hand corner of my screen actually two icons It continually takes over my screen with messages saying that there are serious viruses "SECURITY TOOL" a serious malware/virus need help bad and malware infecting my PC I quot X quot them out but they keep coming back insisting I activate the illegal security ststem quot Security Tool quot and run it It brings up another screen showing that I have serious viruses and malware I tried uninstalling this crap in Start gt All programs but it deletes its new program listing but the program remains I think it actually re-installs back in All programs I have the latest updated Zone Alarm Security Suite installed and set to max but it did not stop this malware I notice though that every time I turn on anti-phising it tyrns itself off I tried a ZA quot deep scan quot but it timed out I tried a quot normal scan but it timed out I tried a quick scan but it didn t find anything By timed out I mean this maleware causes my PC to turn itself off after about - minutes A strange screen pops up taking over whole page and says something like for security of your PC your PC is being turned off Something comes up saying FILE SPCMDCOM SYS PAGE-FAULT-IN-NONPAGED-AREA STOP x x x FD C x etc etc I tried to access my Malware Bytes Malware Removal icon but it now does nothing Note it does allow me to access the internet via internet Explorer amp Firefox So why is this URGENT for me Because I have a data base of investor members and we are going through a legal class action and this of a malware the worst I ve ever had is actually stopping my Outlook Express icons from working thus not allowing me to access my data based stored in drafts and stopping me from accessing the group emails I need to send regularily I do have a back up on my other PC laptop but its out of date But I do not have mail groups on my laptop Operating System Windows XP Home Have you heard of this virus Thanks nbsp Relevancy 105.71% G day all I am hoping someone may be able to tell me why my local folders appear under quot The Internet quot Local Places" Solved: opening Network appear "My Folders "The as Internet"when on one of our work computers rather than under quot Local Network quot We have four machines running XP Home and one running XP Pro The front machine has XP Home on it and I cannot open any Solved: Local Folders appear as "The Internet"when opening "My Network Places" of the shared folders for this machine on any of the other three machines even though they all have the same workgroup name Solved: Local Folders appear as "The Internet"when opening "My Network Places" They are all connected via CAT cable and we have a Netcomm NB ADSL modem router a Netcomm V Telephone Adapter VOIP modem and an port switch in the boss s office And the front computer s folder s and drives that I have chosen to be shared are listed under quot The Internet quot Does anyone know why this is and how I would go about correcting it Thankyou for your help and time Aaron nbsp A:Solved: Local Folders appear as "The Internet"when opening "My Network Places" https://forums.techguy.org/threads/solved-local-folders-appear-as-the-internet-when-opening-my-network-places.578697/ Relevancy 105.4% The quot Idle-time Full System Scan quot in Norton v is bogging down my computer constantly and there is no option to turn it off in quot Automatic Tasks quot I contacted Norton and after several attempts to find someone at Norton who could understand what I just said above and getting quot hung-up quot on over Norton chat Inexcusable I was able to get a hold of a technician who told me that Norton intentionally removed this option quot for security reasons because they didn t want people turning it off quot The problem is people will then be forced to turn it off by turning off ALL scheduled tasks under quot Settings Norton option Tasks" available under "Virus Scan" No v4: 360 "Settings/Automatic Scheduling Schedule Manual Schedule quot and that is an even worse security problem than the relatively small one that would be created by turning off idle-time full system scanning Once the system has completed a full system scan all files are on-access scanned anyway so running a full system scan every - days is rather silly and extremely annoying--especially because it will continue to try to run every time the system Norton 360 v4: No "Virus Scan" option available under "Settings/Automatic Tasks" is idle if you cancel it A warning urging the user to not turn off idle-time full system scans without fully understanding the risks and after explaining the risks would be VERY preferable Or at least the option to run the full system scans when the system is idle on a certain day of the month week The schedule for idle-time full system scans really needs to be separate from other tasks In fact the BEST solution would be the option to change the scheduling options for EACH automatic task INDIVIDUALLY--with the option to change EACH one to quot Automatic Weekly Monthly Manual quot By forcing people to turn off ALL automatic tasks in order to control that ONE idle-time virus scan option ALL or NONE Norton has made the security problem they are trying to avoid much worse So in the mean time does anyone know a registry setting that will turn off quot Idle-time full system scans quot un-check the invisible box without turning off the other automatic tasks nbsp https://forums.techguy.org/threads/norton-360-v4-no-virus-scan-option-available-under-settings-automatic-tasks.948984/ Relevancy 105.4% my computer was hijacked by "support tool" a so called virus protection hijacker. i'm in safe mode with networking now & attached you see my hjt log file. help please. THanks! actually, i'm on a different computer. it has windows xp home ed. & its a dell inspiron 530S also, in trying to fix the problem initially, my wife deleted the file "rundll32" beacause the virus stated that had a virus error. so this file may be missing as well & we may need to replace it. A:Computer Hijacked by "Support Tool" "Virus Protection" Prog I posted this yesterday to get help for a "Support Tool" hijack on a computer. Please help. Log file attached. Thanks. https://forums.techguy.org/threads/computer-hijacked-by-support-tool-virus-protection-prog.905556/ Relevancy 105.4% Hello All I started a few weeks ago on the PowerShell programing and I got my answer from here only So am putting up the error that I am getting now to issue "System.Int32") PowerShell value convert "and" type ('Cannot to get some help again Scenario I wrote a script that checks a Folder on a server and counts the number of files in it Then when it finds the resulting number to be more then a specific value threshold it sends up a mail to the required alias To break it all along the portion to PowerShell issue ('Cannot convert value "and" to type "System.Int32") send a mail is generated through DBmail using another PS file In the PS file containing the main checking of number of files I am trying to pass parameters Folder path on the server the Threshold value of number of files Now when I created a job to run this powershell script as amp quot C PowerShell Power PS quot XXXX c Documents and Settings ABC Local Settings Temp IT fails with the error A job step received an error at line in a PowerShell script The corresponding line is ' amp quot C PowerShell Power ps quot XXXX c Documents and Settings ABC Local Settings Temp ' Correct the script and reschedule the job The error information returned by PowerShell is 'Cannot convert value quot and quot to type quot System Int quot Error quot Input string was not in a correct format PowerShell issue ('Cannot convert value "and" to type "System.Int32") quot ' Process Exit Code - The step failed I really can not move forward on this Please help A:PowerShell issue ('Cannot convert value "and" to type "System.Int32") Just to add for reference Below is the code for the Power.Ps1 file that I have used : param ( [string]$directory_string,
[int] $benchmark )$date=get-date
[int]$directory_file_count = 0 # check that the directory exists.$does_directory_exist = (Test-Path $directory_string) # if it does, then continue if ($does_directory_exist)
{

# Check for the number of files on the directory
$directory_file_count = (get-childitem$directory_string -name -recurse).count

# If number of files exceeds the limit, send mail to notify

if($directory_file_count -gt$benchmark)
{
& "C:\Powershell\DB_mail.ps1"
$subject= "XXXX"$body= "XXXX"

}

else

{
& "C:\Powershell\DB_mail.ps1"
$subject= "XXXX"$body= "XXXX "
}

}
else
{
& "C:\Powershell\DB_mail.ps1"
$subject = "XXXX"$body = " XXXX"
}

http://www.vistax64.com/general-discussion/286369-powershell-issue-cannot-convert-value-type-system-int32.html
Relevancy 105.4%

With EaseUS Backup Tool, I've cloned these two partitions ("System Reserved" and "C") to same-sized partitions on a external HDD ("X" and "Y"). Picture tells it concisely:
How to make drives "X" and "Y" boot-able?

In "Disk Management", I've noticed these partition labels missing:"X" (or "System Reserved") is missing System label,
"Y" (or "OS") is missing Boot, Page File and Crash Dump labels

Thank you!

A:Both "System reserved" and "C" partition cloned to external HDD: boot?

You cannot boot Win7 on external HD, unless it is connected via eSATA.

http://www.sevenforums.com/installation-setup/220584-both-system-reserved-c-partition-cloned-external-hdd-boot.html
Relevancy 105.4%

Hi

New installation of windows 7 ultimate 32bit and on trying to copy a 38gb folder from c drive to d drive, pc gives bsod.
Lately playing world of tanks is resulting in system lock ups,please can anyone help

Frosty

A:bsod copying files from "c" to "d" drive and system lock ups

Post it following the Blue Screen of Death (BSOD) Posting Instructions.

http://www.sevenforums.com/bsod-help-support/309096-bsod-copying-files-c-d-drive-system-lock-ups.html
Relevancy 105.4%

There are 2 devices in the "Device Manager" that do not have drivers installed.

I just did a clean install of Window 7 SP1 32-bit to a Dell Latitude E6500. I have uploaded all the Windows updates and all seems to be performing well. However, there are two devices in the "device manager" that do not have drivers installed, and I can't determine what the devices are nor how/where to find the drivers for them online or elsewhere. The driverless devices are "Base System Device" and "Broadcom USH". When I look at the properties page of both devices, it says that the Base System Devices location is "PCI bus 3, device 1, function 3", and the Boradcom USH's location as "0000.001a.0002.001.000.000.000.000.000".

The laptop did NOT come with a drivers installation disk.

QUESTION: How can I identify what these devices actually are and, more importantly, how can I obtain the driver for them?

A:Can't ID driverless devices "Base System Device" and "Broadcom USH"

Well, as for the second part of your question......... have you tried using windows own driver update utility? Right click on the yellow exclamation point in Device Manager, choose update.

I'm thinking your "boradcom ush" is this, drivers for it are here too, :Broadcom USH - USB\VID_0A5C&PID_5800 - awdit - The driver, software, & hardware database

Relevancy 105.09%

I currently use Norton Internet Security Suite 2006. I just purchased a new Think Pad and was wondering what the difference is between an "Anti Virus" utility and a "Internet Suite" which includes anti virus, firewall, spam filters, ect...................................
Thanks, John

A:Anti Virus utility "vs" Internet Security Suite

You pretty much named the difference in your post. A "system security suite" is one which bundles all the required tools for complete system protection, like anti-virus, firewall, anti-spyware, file cleaners, registry cleaners, etc.

Relevancy 105.09%

A:Internet redirects me to "microsoft security center" saying i have a virus.

If you have problems with that link, you can also download it from Here or HereMake sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
and just double-click on mbam-rules.exe to install.
On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.

If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process.
Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

http://www.techsupportforum.com/forums/f284/internet-redirects-me-to-microsoft-security-center-saying-i-have-a-virus-305573.html
Relevancy 105.09%

Hey folks My first post on here but I problem card failure a sound "meddling"... boot just "beep" tone. after Desktop m in serious trouble Desktop boot problem after sound card "meddling"... just a "beep" failure tone. I got a quot new quot to me anyway desktop running XP today and found the audio hardware wasn t working So I pillaged an old machine for its sound card and inserted that onto the motherboard Also connected the Aux and CD lines to the top of the daughterboard Since then to my horror the machine has failed to boot All plugged in keyboard working screen on and being used on another box for this very post All I get now is the usual chirps from the internal soundcard followed by a few very low notes definitely depressing so I guess they re suggesting something s failed There s no further action from the CPU the fan still works but there is no screen output whatever Have I fried the motherboard without realising Also ironically the last failure tone was delivered by my speakers through the originally non-responsive audio hardware I d love a bit of help on this one because my knowledge of computers insidey bits is pretty poor Many thanks Joe nbsp

A:Desktop boot problem after sound card "meddling"... just a "beep" failure tone.

Relevancy 104.78%

A:"System Tool Virus" Malware Removal

Hello, Welcome to TSF.
I'm nasdaq and will be helping you.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Please do not install or uninstall any programs, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into the thread, rather than add them as attachments.
===

A number of steps are required to remove this infection.

You will find the instructions here:

Remove System Tool and SystemTool (Uninstall Guide)

p.s.
The <random>.exe file mentioned in the article is this one.
uRunOnce: [jNnOkKb06310] c:\programdata\jnnokkb06310\jNnOkKb06310.exe

At any time when you can disable the process via the Task Manager.

CTRL+ALT+DEL KEY should give you the way to the Task Manager.
===

When you can please post a fresh DDS log and let me know what problem persists.

http://www.techsupportforum.com/forums/f284/system-tool-virus-malware-removal-555956.html
Relevancy 104.78%

A:"INTERNET SECURITY designed to protect" VIRUS

Hello and welcome to TSF.

Please note that more than one round may be needed to properly eradicate malware. In co-operation with the cleaning process, please: do not uninstall/install any programs unless asked to do so, to make it easier on us as it is more difficult when files/programs are appearing in/disappearing from the logs;
do not run any tools or scans other than those requested;
follow all instructions in the order they are presented;
if you have problems with or do not understand the instructions, ask before continuing;
stay with this thread until given the All Clear, as absence of symptoms does not always mean the machine is clean;
do not attach any logs/reports, etc.. unless specifically requested to do so.
All logs/reports, etc.. must be posted in Notepad making sure the word wrap is unchecked. (In notepad click format, uncheck word wrap if it is checked.)
Also note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

====================

One or more of the identified infections is a backdoor trojan.

This type of infection allows hackers to remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Do not change passwords or do any transactions from the infected computer until it has been cleaned.

Please read this: How Do I Handle Possible Identity Theft, Internet Fraud, and CC Fraud?

==========================

**Note: It is important that it is saved directly to your desktop**

Disable all antivirus and antispyware programs. If you don't know how, you can get help here

Double-click ComboFix.exe and follow the prompts to run it.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.
It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

ComboFix will now automatically install the Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Windows Recovery Console option when you start your computer unless requested to by a helper.

Once the Recovery Console is installed, this blue window will appear:

Please click Yes to continue scanning for malware.
Your desktop may go blank. This is normal. It will return when ComboFix is done.
ComboFix may reboot your machine. This is normal. For some infections, it may do this multiple times.
When the tool is finished, it will produce a log for you.

http://www.techsupportforum.com/forums/f50/internet-security-designed-to-protect-virus-704827.html
Relevancy 104.47%

A:I cannot open "my computer" "control panel" "recycle bin", etc...

You may want to reinstall the operating system.

Backupthe files that are importantto you before you reinstall.

The "New" installation will overwrite the current one

If you do not format your hard drive before the reinstall the installation should not harm your files (That's why I suggest backingup your files) and will speed up the installation process.

Relevancy 104.47%

hi,

OK, this is a weird one.

I wanted to move the "My Music", "My Pictures", "My Videos" folders to another HDD. I moved the "My Documents" Folder to this HDD without a problem but the others I accidentally set the whole HDD as the folder (if that makes sense). So now the music, videos and pictures folders are set to this HDD and dont have an actual folder to change the properties of. Therein lies my dilema.

If anyone can offer any advice on this curly issue it would be greatly appreciated.

Shane

A:Remaking "My Music", "My Pictures", "My Videos" folders

Quote: Originally Posted by Legume

hi,

OK, this is a weird one.

I wanted to move the "My Music", "My Pictures", "My Videos" folders to another HDD. I moved the "My Documents" Folder to this HDD without a problem but the others I accidentally set the whole HDD as the folder (if that makes sense). So now the music, videos and pictures folders are set to this HDD and dont have an actual folder to change the properties of. Therein lies my dilema.

If anyone can offer any advice on this curly issue it would be greatly appreciated.

Shane

You have a backup from before the problem started? a win 7 dvd to do a repair install?
ken

http://www.sevenforums.com/customization/109624-remaking-my-music-my-pictures-my-videos-folders.html