Windows Support Forum

Hijack this thread. Att.MFDnNC

Q: Hijack this thread. Att.MFDnNC

Sorry about the previous thread The problems this thread. Att.MFDnNC Hijack I am experiencing is an inability to play a movie file downloaded from TVNZ with windows mediaplayer A security message keeps popping up saying I need a security update but I have all the updates I went to IE and Hijack this thread. Att.MFDnNC windows mwdiaplayer but still no luck Matters were made worse because of those two moves my computer almost slowed to a standstill and I couldnt even play music on mediaplatey from my music files I ve gone back to IE and mediaplayer and things have speeded up back to normal I have run the superantisptware and here is the log SUPERAntiSpyware Scan Log http www superantispyware com Generated at AM Application Version Core Rules Database Version Trace Rules Database Version Scan type Quick Scan Total Scan Time Memory items scanned Memory threats detected Registry items scanned Registry threats detected File items scanned File threats detected Adware MyWebSearch C PROGRA MYWEBS BAR BIN MWSOEMON EXE C PROGRA MYWEBS BAR BIN MWSOEMON EXE MyWebSearch Email Plugin C PROGRA MYWEBS BAR BIN MWSOEMON EXE MyWebSearch Email Plugin C PROGRA MYWEBS BAR BIN MWSOEMON EXE HKLM Software Microsoft Windows CurrentVersion Explorer Browser Helper Objects A FAF - E- cf- - F A D HKCR CLSID A FAF - E- CF- - F A D HKCR CLSID A FAF - E- CF- - F A D HKCR CLSID A FAF - E- CF- - F A D InprocServer HKCR CLSID A FAF - E- CF- - F A D InprocServer ThreadingModel HKCR CLSID A FAF - E- CF- - F A D Programmable C PROGRAM FILES MYWEBSEARCH SRCHASTT BIN MWSSRCAS DLL HKU DEFAULT Software Microsoft Internet Explorer URLSearchHooks A FAF - E- cf- - F A D HKCR CLSID A FAF - E- CF- - F A D HKCR CLSID A FAF - E- cf- - F A D HKCR CLSID A FAF - E- cf- - F A D InprocServer HKCR CLSID A FAF - E- cf- - F A D InprocServer ThreadingModel HKCR CLSID A FAF - E- cf- - F A D Programmable HKU S- - - - - - - Software Microsoft Internet Explorer URLSearchHooks A FAF - E- cf- - F A D HKU S- - - Software Microsoft Internet Explorer URLSearchHooks A FAF - E- cf- - F A D HKCR CLSID B EA -A - -B BB- DE CCA HKCR CLSID B EA -A - -B BB- DE CCA InprocServer HKCR CLSID B EA -A - -B BB- DE CCA InprocServer ThreadingModel HKCR CLSID B EA -A - -B BB- DE CCA Programmable HKCR CLSID B EA -A - -B BB- DE CCA TypeLib HKCR CLSID B EA -A - -B BB- DE CCA HKCR CLSID B EA -A - -B BB- DE CCA InprocServer HKCR CLSID B EA -A - -B BB- DE CCA InprocServer ThreadingModel HKCR CLSID B EA -A - -B BB- DE CCA Programmable HKCR CLSID B EA -A - -B BB- DE CCA TypeLib C PROGRAM FILES MYWEBSEARCH BAR BIN MWSOEMON EXE C DOCUMENTS AND SETTINGS PENE QUIN START MENU PROGRAMS STARTUP MYWEBSEARCH EMAIL PLUGIN LNK C WINDOWS Prefetch MWSOEMON EXE- AD pf Adware HotBar Low Risk HKU S- - - - - - - Software Microsoft Internet Explorer Explorer Bars FF B FD - C- D F-BB - A DE HKCR CLSID FF B FD - C- D F-BB - A DE HKCR CLSID FF B FD - C- D F-BB - A DE HKCR CLSID FF B FD - C- D F-BB - A DE AppID HKCR CLSID FF B FD - C- D F-BB - A DE Implemented Categories HKCR CLSID FF B FD - C- D F-BB - A DE Implemented Categories - - -C - HKCR CLSID FF B FD - C- D F-BB - A DE InprocServer HKCR CLSID FF B FD - C- D F-BB - A DE InprocServer ThreadingModel HKCR CLSID FF B FD - C- D F-BB - A DE Instance HKCR CLSID FF B FD - C- D F-BB - A DE Instance CLSID HKCR CLSID FF B FD - C- D F-BB - A DE Instance InitPropertyBag HKCR CLSID FF B FD - C- D F-BB - A DE Instance InitPropertyBag Url HKCR CLSID FF B FD - C- D F-BB - A DE ProgID HKCR CLSID FF B FD - C- D F-BB - A DE TypeLib HKCR CLSID FF B FD - C- D F-BB - A DE VersionIndependentProgID C PROGRAM FILES HOTBAR BIN HBHOSTIE DLL Adware Tracking Cookie C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies pene email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies pene email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies pene email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Cookies pene email protected txt C Documents and Settings Pene Quin Cookies pene email protected txt C Documents and Settings Pene Quin Cookies email protected txt C Documents and Settings Pene Quin Local Settings Temp Cookies pene email protected txt C Documents and Settings Pene Quin Local Settings Temp Cookies pene email protected txt C Documents and Settings Pene Quin Local Settings Temp Cookies pene email protected txt C Documents and Settings Pene Quin Local Settings Temp Cookies pene email protected txt C Documents and Settings Pene Quin Local Settings Temp Cookies pene email protected txt C Documents and Settings Pene Quin Local Settings Temp Cookies pene email protected txt C Documents and Settings Pene Quin Local Settings Temp Cookies pene email protected txt C Documents and Settings Ric Quin Cookies ric email protected txt C Documents and Settings Ric Quin Cookies ric email protected txt C Documents and Settings Ric Quin Cookies ric email protected txt C WINDOWS system config systemprofile Cookies email protected txt nbsp

Relevancy 100%
Preferred Solution: Hijack this thread. Att.MFDnNC

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Hijack this thread. Att.MFDnNC

Do not start new threads for the same problem

post here

http://forums.techguy.org/security/583372-hijack.html

https://forums.techguy.org/threads/hijack-this-thread-att-mfdnnc.584951/
Relevancy 50.31%

Seems when i am on my computer my ie browser opens randomly by itself I use Firefox as my browser do not even use ie so this is troubling I did a hijack this to see if anyone can see a problem and here it is Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system LEXPPS EXE C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Common Files AOL TopSpeed aoltsmon exe C WINDOWS system CTsvcCDA exe C WINDOWS System svchost exe C WINDOWS system nvsvc exe C Program Files PC Tools Another hijack this thread AntiVirus PCTAVSvc exe C WINDOWS system svchost exe C WINDOWS Another hijack this thread system MsPMSPSv exe C Program Files ASUSTeK ASUSDVD PDVDServ exe C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C Program Files Creative SBAudigy ZS Surround Mixer CTSysVol exe C Program Files Creative SBAudigy ZS DVDAudio CTDVDDet EXE C Program Files Java jre bin jusched exe C Program Files Lexmark X Series lxbabmgr exe C WINDOWS Logi MwX Another hijack this thread Exe C WINDOWS CTHELPER EXE C Program Files PC Tools AntiVirus PCTAV exe C Program Files Creative MediaSource RemoteControl RCMan EXE C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C WINDOWS system ctfmon exe C Program Files Lexmark X Series lxbabmon exe F Program Files DAEMON Tools daemon exe C Program Files DNA btdna exe C Program Files BOINC boincmgr exe C Program Files FinePixViewer QuickDCF exe C WINDOWS Twain CA A SnapDetect exe C Program Files Common Files Microsoft Shared Works Shared wkcalrem exe C Program Files BOINC boinc exe C Program Files BOINC projects setiathome berkeley edu setiathome windows intelx exe C Program Files BitTorrent bittorrent exe C Program Files Yahoo Messenger YahooMessenger exe C Documents and Settings Gary My Documents Downloads HiJackThis exe C WINDOWS system NOTEPAD EXE R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKCU Software Microsoft Internet Explorer Main Start Page http wwwyahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http wwwyahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http wwwyahoo com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie www yahoo com O - BHO DAPHelper Class - CC -ACF - cac-A A -DD E - C Program Files DAP DAPBHO DLL O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO XTTBPos - FD D- A - e - D-DC B D - F Program Files ICQToolbar toolbaru dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO - B E - B - B- B A- A ED C - C Program Files Messenger quha dll file missing O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - Toolbar ICQ Toolbar - F B - D - fe - A -BBB - F Program Files ICQToolbar toolbaru dll O - HKLM Run UpdReg C WINDOWS UpdReg EXE O - HKLM Run SBDrvDet C Program Files Creative SB Drive Det SBDrvDet exe r O - HKLM Run RemoteControl quot C Program Fi... Read more

A:Another hijack this thread

Anyone able to give me a hint where to start ??

http://www.techsupportforum.com/forums/f284/another-hijack-this-thread-207198.html
Relevancy 50.31%

Logfile of HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes C WINNT System smss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system Ati evxx exe C WINNT system svchost exe C Program Files with Thread HELP Hijack This Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files HELP with Hijack This Thread Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINNT system spoolsv exe C winnt system spool printers FireDaemon exe C winnt system spool printers FireDaemon exe C WINNT system spool PRINTERS svchelp exe c WINNT system spool printers winmgnt exe C PROGRA NORTON NORTON GHOSTS EXE C WINNT System svchost exe C Program Files Norton AntiVirus navapsvc exe C Program Files Norton AntiVirus IWP NPFMntor exe C PROGRA NORTON NORTON NPROTECT EXE C WINNT system regsvc exe C WINNT system MSTask exe C PROGRA NORTON NORTON SPEEDD NOPDB EXE C WINNT system stisvc exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINNT System WBEM WinMgmt HELP with Hijack This Thread exe C WINNT system inetsrv inetinfo exe C WINNT system Ati evxx exe C Program Files Common Files Symantec Shared SymTray exe C WINNT system msole exe C WINNT system shnlog exe C WINNT popuper exe C WINNT system intmonp exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Norton SystemWorks HELP with Hijack This Thread Norton Ghost GhostStartTrayApp exe C Program Files Norton SystemWorks Password Manager AcctMgr exe C WINNT system intmon exe C Program Files Java jre bin jusched exe C Program Files ATI Multimedia RemCtrl ATIX exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files Logitech MouseWare system em exec exe C Program Files iolo System Mechanic Professional StartupGuard exe C WINNT system rundll exe C WINNT system NOTEPAD EXE C WINNT explorer exe C Program Files Yahoo Messenger YPager exe C PROGRA MOZILL FIREFOX EXE C Documents and Settings ebonis Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL about blank R - HKCU Software Microsoft Internet Explorer Main Default Search URL http www oneclicksearches com search php qq R - HKCU Software Microsoft Internet Explorer Main Search Bar http www oneclicksearches com bar html R - HKCU Software Microsoft Internet Explorer Main Search Page http www oneclicksearches com search php qq R - HKCU Software Microsoft Internet Explorer Main Start Page about blank R - HKCU Software Microsoft Internet Explorer Search SearchAssistant http www oneclicksearches com search php qq R - HKCU Software Microsoft Internet Explorer Search CustomizeSearch http www oneclicksearches com search php qq R - HKCU Software Microsoft Internet Explorer SearchURL Default http www oneclicksearches com search php qq R - HKCU Software Microsoft Internet Explorer Main Local Page http www oneclicksearches com R - Default URLSearchHook is missing O - BHO no name - FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA - C WINNT system hp tmp O - Toolbar amp Radio - E - F- D - E- A C - C WINNT system msdxm ocx O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run Synchronization Manager mobsync exe logon O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run SymTray - Norton SystemWorks C Program Files Common Files Symantec Shared Symtray exe SetReg O - HKLM Run GhostStartTrayApp C Program Files Norton SystemWorks Norton Ghost GhostStartTrayApp exe O - HKLM Run AcctMgr C Program Files Norton SystemWorks Password Manager AcctMgr exe startup O - HKLM Run zBrowser Launcher C Program Files Logitech iTouch iTouch exe O - HKLM Run ATIPTA atiptaxx exe O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run NeroFilterCheck C WINNT system NeroCheck exe O - H... Read more

A:HELP with Hijack This Thread

* Click here to download smitRem.zip.
Save the file to your desktop.
Unzip smitRem.zip to extract the two files it contains.
Do not do anything with it yet. You will run the RunThis.bat file later in safe mode.
* Go here to download CCleaner.
Install CCleaner
Launch CCleaner and look in the upper right corner and click on the "Options" button.
Click "Advanced" and remove the check by "Only delete files in Windows temp folders older than 48 hours".
Click OK
Do not run CCleaner yet. You will run it later in safe mode.
* Download the trial version of Ewido Security Suite here.
Install ewido.
During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido
It will prompt you to update click the OK button and it will go to the main screen
On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe mode.

Download pocket killbox from http://www.thespykiller.co.uk/files/killbox.exe & put it on the desktop where you can find it easily

* Click here for info on how to boot to safe mode if you don't already know how.
* Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.
* Restart your computer into safe mode now. Perform the following steps in safe mode:
* Run Hijack This again and put a check by these. Close ALL windows except HijackThis and click "Fix checked"

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oneclicksearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.oneclicksearches.com/bar.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oneclicksearches.com/search.php?qq=%1

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oneclicksearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oneclicksearches.com/search.php?qq=%1

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.oneclicksearches.com/search.php?qq=%1

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.oneclicksearches.com/

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA}
C:\WINNT\system32\hp4577.tmp

O4 - Startup: PowerReg Scheduler V3.exe

O13 - WWW. Prefix: http://ehttp.cc/?

* Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

now Start killbox paste the first file listed below into the full pathname and file to delete box

C:\WINNT\system32\hp4577.tmp
The file name will appear in the window and if the file exists it will appear in blue under that window then select standard file kill, press the red X button, say yes to the prompt and once the file deleted message comes up then repeat for each file in turn
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop

Then on killbox top bar press tools/delete temp files and follow those prompts and say yes to everything
* Run Ewido:
Click on scanner
Click the [b Complete System Scan [/b] button to start the scan.
During the scan it will prompt you to clean files, click OK
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop
* Start ... Read more

https://forums.techguy.org/threads/help-with-hijack-this-thread.379431/
Relevancy 50.31%

I have Spyware guard running adaware spybot S amp G etc but i got this when I installed emule i think and it was before i got spyware gaurd anyway removed emule in add remove programs but it is still there how do i get this thing off my comp and what else do i need to do here is my log Logfile of HijackThis v Scan do do Here's what my do? and hijack what new.net, have? i i else have thread..I saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS Here's my hijack thread..I have new.net, what do i do? and what else do i have? System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Kerio Personal Firewall persfw exe C WINDOWS System tcpsvcs exe C WINDOWS Explorer EXE C Program Files Java j re bin jusched exe C WINDOWS System rundll exe C Program Files iTunes iTunesHelper exe C Program Files iPod bin iPodService exe C Program Files SpywareGuard sgmain exe C Program Files SpywareGuard sgbhp exe C WINDOWS System devldr exe C WINDOWS System wuauclt exe C Program Files Yahoo Messenger YPager exe C Program Files Internet Explorer iexplore exe C Documents and Settings Cliff Local Settings Temporary Internet Files Content IE DYB AN HijackThis exe O - BHO no name - - - dea- C- ECD AA - C Program Files MyWay SrchAstt bin MYSRCHAS DLL file missing O - BHO no name - D D -F E - ad- A - ECE AC - C Program Files MyWay myBar bin MYBAR DLL file missing O - BHO no name - A AACF -ADF - D - A - E B E - C Program Files NewDotNet newdotnet dll O - BHO SpywareGuard Download Protection - A E - F- - B - B DDD DB - C Program Files SpywareGuard dlprotect dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - Toolbar amp SearchBar - D D -F E - ad- A - ECE AC - C Program Files MyWay myBar bin MYBAR DLL file missing O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKLM Run New net Startup rundll C PROGRA NEWDOT NEWDOT DLL NewDotNetStartup -s O - HKLM Run iTunesHelper C Program Files iTunes iTunesHelper exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run NeroCheck C WINDOWS system NeroCheck exe O - Startup SpywareGuard lnk C Program Files SpywareGuard sgmain exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra Tools menuitem Sun Java Console HKLM O - Hijacked Internet access by New Net O - Hijacked Internet access by New Net O - Hijacked Internet access by New Net O - Hijacked Internet access by New Net O - Hijacked Internet access by New Net O - DPF - F - BB - D -FA D F A AB YInstStarter Class - http download yahoo com dl yinst yinst current cab O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net housecall trendmicro com housecall xscan cab O - DPF B F - - C -AA A- BB YAddBook Class - http us dl yimg com download yahoo com dl installs suite yautocomplete cab O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http download macromedia com pub shockwave cabs flash swflash cab nbsp

A:Here's my hijack thread..I have new.net, what do i do? and what else do i have?

https://forums.techguy.org/threads/heres-my-hijack-thread-i-have-new-net-what-do-i-do-and-what-else-do-i-have.273012/
Relevancy 50.31%

Hello all thanks for the help already I have read several of the HiJack threads and have already fixed a couple of items however would like HiJack thread This to post my HiJack Log and see if anyone has any additional comments Thanks Logfile of HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes C WINNT System smss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system svchost exe C WINNT system spoolsv exe C WINNT System svchost exe C WINNT system regsvc exe C WINNT System wins DLLHOST EXE C WINNT system MSTask exe C WINNT System tcpsvcs exe C WINNT System snmp exe C WINNT System WBEM WinMgmt exe C WINNT system svchost exe C WINNT System svchost HiJack This thread exe C WINNT Explorer EXE C WINNT System spool drivers w x hpztsb exe C WINNT system msmsgri exe HiJack This thread C WINNT SYSTEM svrmsg exe C WINNT Fonts rundll exe C WINNT Fonts explorer exe E Program HiJack This thread Files EarthLink Accelerator propelac exe C WINNT System windowsntdebug task exe E Program Files Norton CleanSweep csinsmnt exe E QUICKENW QWDLLS EXE C WINNT system ntvdm exe C Program Files Internet Explorer IEXPLORE EXE C WINNT System wins svchost exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Internet Explorer IEXPLORE EXE E Program Files Yahoo Messenger YPager exe C unzipped hijackthis HijackThis exe R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer http localhost R - HKCU Software Microsoft Internet Explorer Main Local Page O - BHO no name - E F-C D - D -B D- B D BE B - e Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - Toolbar amp Radio - E - F- D - E- A C - C WINNT System msdxm ocx O - HKLM Run Synchronization Manager mobsync exe logon O - HKLM Run HPDJ Taskbar Utility C WINNT System spool drivers w x hpztsb exe O - HKLM Run System Initialization C WINNT system msmsgri exe O - HKLM Run Services C WINNT SYSTEM svrmsg exe O - HKLM Run helpmanager spoler exe O - HKLM Run TaskMan C WINNT Fonts rundll exe O - HKLM Run Explorer C WINNT Fonts explorer exe O - HKLM RunServices helpmanager spoler exe O - Startup Billminder lnk E QUICKENW BILLMIND EXE O - Startup CleanSweep Smart Sweep-Internet Sweep LNK E Program Files Norton CleanSweep csinsmnt exe O - Startup Quicken Startup lnk E QUICKENW QWDLLS EXE O - Global Startup Microsoft Office lnk E Program Files Microsoft Office Office OSA EXE O - Extra context menu item Refresh Pa amp ge with Full Quality - e Program Files EarthLink Accelerator pac-page html O - Extra context menu item Refresh Pi amp cture with Full Quality - e Program Files EarthLink Accelerator pac-image html O - Extra button Yahoo Messenger HKLM O - Extra Tools menuitem Yahoo Messenger HKLM O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - HKLM System CCS Services Tcpip FDB A-F B - C -B -E AFF FF NameServer nbsp

Relevancy 50.31%

I hope I m posting this in the right spot I m new to the forum and to the hijack program but I think from what I ve seen it s great If I needed to post this somewhere else please let me know Here s what I ve got TIA for looking Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss hijack this thread ??? exe C hijack this thread ??? WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C WINDOWS System CTsvcCDA exe C Program Files Ahead InCD InCDsrv exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C Program Files Norton SystemWorks Norton AntiVirus navapsvc exe C Program Files Norton SystemWorks Norton Utilities NPROTECT EXE C WINDOWS System nvsvc exe C PROGRA NORTON SPEEDD nopdb exe C WINDOWS System svchost exe C WINDOWS hijack this thread ??? Explorer EXE C WINDOWS System spool drivers hijack this thread ??? w x hpztsb exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS System CTHELPER EXE C Program Files Microsoft Hardware Keyboard type exe C Program Files Microsoft Hardware Mouse point exe C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C Program Files Ahead InCD InCD exe C WINDOWS System ctfmon exe C Program Files Qualcomm Eudora Eudora exe C Documents and Settings Bill Desktop hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www google com ie R - HKCU Software Microsoft Internet Explorer Main Search Page http www google com R - HKCU Software Microsoft Internet Explorer Main Start Page http www google com R - HKLM Software Microsoft Internet Explorer Main Start Page http www microsoft com isapi redir dll prd SUB PRD amp clcid SUB CLSID amp pver SUB PVER amp ar home R - HKLM Software Microsoft Internet Explorer Main Search Page http www microsoft com isapi redir dll prd ie amp ar iesearch R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www microsoft com isapi redir dll prd ie amp pver amp ar msnhome R - HKLM Software Microsoft Internet Explorer Main Default Search URL http www microsoft com isapi redir dll prd ie amp ar iesearch R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www google com ie R - HKCU Software Microsoft Internet Explorer SearchURL Default http www google com keyword s O - BHO no name - AA ED - DD- d - -CF F - c windows googletoolbar dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton SystemWorks Norton AntiVirus NavShExt dll O - Toolbar amp Google - C B - - d - B - A CD F - c windows googletoolbar dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run HPDJ Taskbar Utility C WINDOWS System spool drivers w x hpztsb exe O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot C Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run WINDVDPatch CTHELPER EXE O - HKLM Run UpdReg C WINDOWS UpdReg EXE O - HKLM Run Jet Detection quot C Program Files Creative SBLive PROGRAM ADGJDet exe quot O - HKLM Run IntelliType quot C Program Files Microsoft Hardware Keyboard type exe quot O - HKLM Run POINTER C Program Files Microsoft Hardware Mouse point exe O - HKLM Run Microsoft Works Update Detection C Program Files Common Files Microsoft Shared Works Shared WkUFind exe O - HKLM Run NeroCheck C WINDOWS system NeroCheck exe O - HKLM Run InCD C Program Files Ahead InCD InCD exe O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - Extra context menu item amp Google Search - ... Read more

A:hijack this thread ???

Clean log.
 

https://forums.techguy.org/threads/hijack-this-thread.158168/
Relevancy 50.31%

Hey All My computer is suffering from spyware issues out the Hijack Thread This wazoo Hijack This Thread I ran Spybot S amp S and Adaware I am posting a HJT log just to make sure there is nothing left Also i have a quick question If spyware effects a computer with Windows XP SP with diffrent user accounts does every account get infected or just the account that the innitial infection happened Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS System hkcmd exe C WINDOWS System igfxtray exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C WINDOWS system temp mll exe C WINDOWS System svchost exe C WINDOWS system wscntfy exe C Documents and Settings Alex My Documents My Downloads HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www advntr com R - HKLM Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cus http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com customize ie defaults su ymsgr http www yahoo com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run Zone Labs Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run ViewMgr C Program Files Viewpoint Viewpoint Manager ViewMgr exe O - HKLM Run checkrun C windows system elitebof exe O - HKLM RunServices stratas xmconfig exe O - HKCU Run Instant Access rundll exe EGDACCESS dll InstantAccess O - Extra context menu item amp AIM Search - res C Program Files AIM Toolbar AIMBar dll aimsearch htm O - Extra context menu item amp Yahoo Search - file C Program Files Yahoo Common ycsrch htm O - Extra context menu item Yahoo amp Dictionary - file C Program Files Yahoo Common ycdict htm O - Extra context menu item Yahoo amp Maps - file C Program Files Yahoo Common ycmap htm O - Extra button no name - B E C - FCB- CF-AAA - C - C WINDOWS system msjava dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C WINDOWS system msjava dll O - Extra button Messenger - BBE - E - D -AD - D AD - C Program Files Yahoo Messenger yhexbmes dll O - Extra Tools menuitem Yahoo Messenger - BBE - E - D -AD - D AD - C Program Files Yahoo Messenger yhexbmes dll O - Extra button AIM - AC E - - d -BC D- B D A DE - C Program Files AIM aim exe O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra button WeatherBug - AF CABAB- F - f -A -B D EF CB - C PROGRA AWS WEATHE Weather exe file missing HKCU O - DPF Yahoo Chat - http us chat yimg com us yimg com i chat applet c chat cab O - DPF Yahoo Fleet - http download games yahoo com games clients y fltt x cab O - DPF - f - bb - d -fa d f a ab YInstStarter Class - C Program Files Yahoo Common yinsthelper dll O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http v windowsupdate microsoft c ls en x client wuweb site cab O - DPF A D- F - D-B - B BDE FA MSN File Upload Control - http sc groups msn com controls FileUC MsnUpld cab O - DPF B E - ECB- DA- C A- F A FF MsnMessengerSetupDownloadControl Class - http messenger msn com download MsnMessengerSetupDownloader cab O - DPF F E CEF-A - C -BA E- CAF EE C MSN Chat Control - http fdl msn com public chat msnchat cab O - Winlogon Notify igfxcui - C WINDOWS SYSTEM igfxsrv... Read more

A:Hijack This Thread

O4 - HKLM\..\RunServices: [stratas] xmconfig.exeClick to expand...

This is a worm: http://www.sophos.com/virusinfo/analyses/w32rbotahr.html

This is EliteBar: O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitebof32.exe

This is Instant Access: O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1055.dll,InstantAccess

Let's start with a remote on-line anti-virus scan from your choice of any of these:

Panda Active Scan: http://www.pandasoftware.com/activescan/

RAV Antivirus: http://www.ravantivirus.com/scan

HouseCall/Trend Micro: http://housecall.trendmicro.com/

Auto clean anything that is found ...

Then close all open windows, and run HJT again. Put a checkmark next to the following items, and press "Fix Checked":

O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitebof32.exe
O4 - HKLM\..\RunServices: [stratas] xmconfig.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1055.dll,InstantAccess

Reboot your computer, and post a fresh HJT log.
 

https://forums.techguy.org/threads/hijack-this-thread.382614/
Relevancy 49.88%

Hi Everyone Picked up the downloader MisleadApp virus and although Norton is showing as OK there is still the message on the desktop complete with crawling black beatles if left untouched Here is my Hijack This log - Logfile of Trend Micro HijackThis v Hijack Thread! Yet This another App. Mislead Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSvcHst exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Symantec LiveUpdate AluSchedulerSvc exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C Program Files Messenger msmsgs Yet another Mislead App. Hijack This Thread! exe C Program Files Microsoft Money System mnyexpr exe C PROGRA HELPAN Pavilion XPHWWBF plugin bin pchbutton exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C Program Files HP Digital Imaging bin hpqtra exe C PROGRA COMMON SYMANT CCPD-LC symlcsvc exe C WINDOWS system HPZipm exe C Documents and Settings HP Owner Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN GB amp c Q amp bd pavilion amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN GB amp c Q amp bd pavilion amp pf desktop Yet another Mislead App. Hijack This Thread! R Yet another Mislead App. Hijack This Thread! - HKCU Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN GB amp c Q amp bd pavilion amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Start Page http www ntlworld com R - HKLM Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN GB amp c Q amp bd pavilion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN GB amp c Q amp bd pavilion amp pf desktop R - HKCU Software Microsoft Internet Connection Wizard ShellNext http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN GB amp c Q amp bd pavilion amp pf desktop O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO RealPlayer Download and Record Plugin for Internet Explorer - C E -B - BC - - C CA - C Program Files Real RealPlayer rpbrowserrecordplugin dll O - BHO NCO IE BHO - ADB E- AFF- - AA - DAC DFA - C Program Files Common Files Symantec Shared coShared Browser coIEPlg dll O - BHO Symantec Intrusion Prevention - D EC - AAE- -AEEE-F F C - C PROGRA COMMON SYMANT IDS IPSBHO dll O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - Toolbar HP view - B E - D D- DEB- B - D BCF F - c Program Files HP Digital Imaging bin HPDTLK dll O - Toolbar Show Norton Toolbar - FEBEFE - B - - D -FFB D B CA - C Program Files Common Files Symantec Shared coShared Browser CoIEPlg dll O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run MoneyAgent quot C Program Files Microsoft Money System mnyexpr exe quot O - HKCU Run Acme PCHButton C PROGRA HELPAN Pavilion XPHWWBF plugin bin pchbutton exe O - HKCU Run SUPERAntiSpyware C Program Files SUPERAntiSpyware SUPERAntiSpyware exe O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User LOCAL SERVICE O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User NETWORK SERVICE O - Global Startup HP Digital Imaging Monitor lnk C Program Files HP Digital Imaging bin hpqtra exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Offi... Read more

https://forums.techguy.org/threads/yet-another-mislead-app-hijack-this-thread.713904/
Relevancy 49.88%

Please check this log also if possible Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS your trying review not hijack I'm to i thread also... need but a system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C PROGRA SHAWSE backweb Program SERVIC EXE C Program Files Shaw Secure Anti-Virus fsgk st exe C Program Files Shaw Secure backweb program fsbwsys exe C Program Files Shaw Secure Anti-Virus FSGK EXE C Program Files Shaw Secure Anti-Virus fssm exe C Program I'm not trying to hijack your thread but i need a review also... Files Shaw Secure Common FSMA EXE C WINDOWS system drivers KodakCCS exe C Program Files Shaw Secure Common FSMB EXE C Program Files Common Files LightScribe LSSrvc exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system nvsvc exe C Program Files Hewlett-Packard Shared hpqwmiex exe C Program Files Shaw Secure Common FCH EXE C Program Files Shaw Secure Anti-Virus fsqh exe C Program Files Shaw Secure Common FAMEH EXE C Program Files Shaw Secure Anti-Virus fsrw exe C Program Files Shaw Secure Anti-Virus fsav exe C Program Files hpq HP Wireless Assistant HP Wireless Assistant exe C Program Files Java jre bin jusched exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files HP QuickPlay QPService exe C Program Files HP HP Software Update HPWuSchd exe C Program Files Hewlett-Packard HP Quick Launch Buttons QlbCtrl exe C Program Files Shaw Secure Common FSM EXE C Program Files Shaw Secure FSGUI ispnews exe C Program Files HP hpcoretech hpcmpmgr exe C WINDOWS system hphmon exe C Program Files QuickTime qttask exe C Program Files iTunes iTunesHelper exe C PROGRA Ahead Ahead data Xtras mssysmgr exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files Shaw Secure backweb Program fspex exe C Program Files HP Digital Imaging bin hpqimzone exe C Program Files HP Digital Imaging bin hpqnrs exe C Program Files HP Digital Imaging bin hpqSTE exe C Program Files Shaw Secure FWES Program fsdfwd exe C Program Files iPod bin iPodService exe C PROGRA SHAWSE ANTI-S fsaw exe C Program Files Shaw Secure FSGUI fsguidll exe C Program Files Microsoft Office OFFICE OUTLOOK EXE C Program Files Microsoft Office OFFICE WINWORD EXE C WINDOWS system HPZinw exe C WINDOWS system HPZipm exe C Program Files Mozilla Firefox firefox exe C WINDOWS explorer exe C WINDOWS System spool DRIVERS W X HPBOID EXE C WINDOWS System spool DRIVERS W X HPBPRO EXE C WINDOWS System spool DRIVERS W X HPBOID EXE C WINDOWS System spool DRIVERS W X HPBPRO EXE C WINDOWS System spool DRIVERS W X HPBOID EXE C WINDOWS System spool DRIVERS W X HPBOID EXE C WINDOWS System spool DRIVERS W X HPBOID EXE C WINDOWS System spool DRIVERS W X HPBPRO EXE C WINDOWS system mmc exe C Program Files Adobe Photoshop Photoshop exe C WINDOWS PCHealth HelpCtr Binaries MSConfig exe C Documents and Settings Shane Ewert Desktop hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN CA amp c amp bd presario amp pf laptop R - HKCU Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN CA amp c amp bd presario amp pf laptop R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN CA amp c amp bd presario amp pf laptop R - HKCU Software Microsoft Internet Connection Wizard ShellNext http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN CA amp c amp bd presario amp pf laptop R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - ... Read more

A:I'm not trying to hijack your thread but i need a review also...

I noticed this last post got moved so here's an update of why I need this reviewed...

http://forums.techguy.org/windows-nt-2000-xp/526570-why-does-take-so-long.html
 

https://forums.techguy.org/threads/im-not-trying-to-hijack-your-thread-but-i-need-a-review-also.526596/
Relevancy 49.88%

Website help posted, thread log hijack please keeps popping up as my homepage Can t seem to make it go away the website is res wexsw dll index html reposted an earlier thread sorry about that Thanks for you help Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe hijack thread log posted, please help C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system logonui exe C WINDOWS system spoolsv exe C WINDOWS System svchost exe C WINDOWS netfw exe C WINDOWS System tp mon exe C Program Files MusicMatch MusicMatch Jukebox mm tray exe C Program Files Common Files Real Update OB realsched exe C windows system winexplor exe hijack thread log posted, please help C WINDOWS atlrq exe C Program Files D-Link AirPlus hijack thread log posted, please help G AirPlus exe C Palm HOTSYNC EXE C WINDOWS System msiexec exe C WINDOWS explorer exe C Documents and Settings Stephen Yoo Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer SearchURL http sbms R - HKCU Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com customize ycomp defaults sb http www yahoo com search ie html R - HKCU Software Microsoft Internet Explorer Main Search Page res C WINDOWS wexsw dll sp html R - HKCU Software Microsoft Internet Explorer Main Start Page res wexsw dll index html R - HKCU Software Microsoft Internet Explorer Search SearchAssistant http sbms R - HKLM Software Microsoft Internet Explorer Main Start Page res wexsw dll index html R - HKLM Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cus http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page res C WINDOWS wexsw dll sp html R - HKLM Software Microsoft Internet Explorer Main Default Page URL res wexsw dll index html R - HKLM Software Microsoft Internet Explorer Main Default Search URL res C WINDOWS wexsw dll sp html R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by AT amp T WorldNet Service R - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com customize ycomp defaults su http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Local Page C WINDOWS SYSTEM blank htm O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - C - F A- -F EA-C DEFC - C WINDOWS system atlpp dll O - HKLM Run TrackPointSrv tp mon exe O - HKLM Run SystemTray SysTray Exe O - HKLM Run MMTray C Program Files MusicMatch MusicMatch Jukebox mm tray exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run mysoft C windows system winexplor exe O - HKLM Run atlrq exe C WINDOWS atlrq exe O - HKCU Run Yahoo Pager C Program Files Yahoo Messenger ypager exe -quiet O - HKCU Run X-Cleaner Freeware quot C PROGRA X-CLEA XCleaner free exe quot -turbo -autostart -NOREBOOT O - HKLM RunOnce netfw exe C WINDOWS netfw exe O - Startup HotSync Manager lnk C Palm HOTSYNC EXE O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Global Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Global Startup D-Link AirPlus G Configuration Utility lnk O - Extra context menu item amp Download with amp DAP - C PROGRA DAP dapextie htm O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Messenger HKLM O - Extra Tools menuitem Yahoo Messenger HKLM O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - DefaultPrefix http www microsoit com direct php url O - WWW Prefix http www microsoit com direct php url O - DPF DDE -E - D -A - - http www xblock com dow... Read more

A:hijack thread log posted, please help

Being helped here:

http://forums.techguy.org/showthread.php?t=254431

(please don't double post for the same problem)
 

https://forums.techguy.org/threads/hijack-thread-log-posted-please-help.254446/
Relevancy 49.88%

Trying to cut down on malware spyware and other threats to the pc Feel this Thanks Hijack . in thread advance Another free to make suggestions Thank you Logfile of Advanced SystemCare Security Analyzer Scan saved Another Hijack this thread . Thanks in advance at AM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode Another Hijack this thread . Thanks in advance Normal Running processes C Program Files x Norton Internet Security Engine ccSvcHst exe C Program Files x Dell Remote Access ezi ra exe C Users E AppData Local Google Update GoogleCrashHandler exe C Program Files x OpenOffice org program soffice exe C Program Files x OpenOffice org program soffice bin C Program Files x Dell DataSafe Online DataSafeOnline exe C Program Files CyberLink PowerDVD DX PDVDDXSrv exe C Program Files x Dell Support Center bin sprtcmd exe C Program Files x Common Files Adobe ARM AdobeARM exe C Program Files x Java jre bin jusched exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Users E AppData Local Google Chrome Application chrome exe C Program Files x Internet Explorer IELowutil exe C Program Files x Mozilla Firefox firefox exe C Users E AppData Local Google Chrome Application chrome exe C Program Files x IObit Advanced SystemCare AWC exe O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO no name - C C A-E - b - D - CECB - no file O - BHO Symantec NCO BHO - ADB E- AFF- - AA -... Read more

A:Another Hijack this thread . Thanks in advance

So everything looks good?
 

https://forums.techguy.org/threads/another-hijack-this-thread-thanks-in-advance.943698/
Relevancy 49.88%

Hey Guys First of all I Another Browser Yet Hijack Thread want to thank you for all the work you do This is a fantastic website and you help a lot of people Now on to my problem It sounds pretty similar to the countless other browser hijack threads This problem started just in Firefox and then graduated on to Yahoo and others Basically when I click on a link it redirects the link to some spammy ad websites It's worth mentioning that it doesn't always happen but it's nearly always Yet Another Browser Hijack Thread Additionally seemingly at random I will get the same type of sites that open up while my browser is open I got one while typing this post but no link is clicked This seems Yet Another Browser Hijack Thread like a vicious Malware Furthermore I don't know if it is related but recently I've had to start my computer twice to get it to get to the Windows screen The first time the cursor in the upper left corner blinks for a while then stops after going through the initial boot sequence with the blue HP screen and the drive configuration page Just some more info for you guys Here is my DDS txt file DDS Ver - - - NTFSx Run by HP Administrator at on Sat Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Norton Internet Security On-access scanning enabled Updated E A - - -B - C C F AV Webroot AntiVirus with Spy Sweeper On-access scanning disabled Updated E C F- CCA- - -BDBC AD FW Norton Internet Worm Protection disabled F - CEE- EA-A A-D ADD EA E FW Norton Internet Security enabled C A C -F F- AC -B -A E C F Running Processes C Program Files Webroot Spy Sweeper WRConsumerService exe C WINDOWS system Ati evxx exe C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system Ati evxx exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C Program Files Google Update GoogleCrashHandler exe C WINDOWS Explorer EXE C WINDOWS ehome ehtray exe C Program Files Intel Intel Matrix Storage Manager Iaanotif exe C Program Files Creative SBAudigy DVDAudio CTDVDDET EXE C Program Files Creative SBAudigy Surround Mixer CTSysVol exe C Program Files Creative Shared Files Module Loader DLLML exe C Program Files HP DigitalMedia Archive DMAScheduler exe C Program Files Hewlett-Packard HP Boot Optimizer HPBootOp exe C Program Files Common Files Real Update OB realsched exe C WINDOWS CTHELPER EXE C Program Files ATI Technologies ATI ACE Core-Static MOM exe C Program Files Hp HP Software Update HPWuSchd exe C Program Files iTunes iTunesHelper exe C Program Files Java jre bin jusched exe C Program Files Webroot Spy Sweeper SpySweeperUI exe C PROGRA PANICW POP-UP POPUPS EXE C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system ctfmon exe C Program Files Adobe Acrobat Reader reader sl exe C Program Files ATI Technologies ATI ACE Core-Static ccc exe C WINDOWS ehome RMSysTry exe C Program Files McAfee Security Scan SSScheduler exe C Program Files Updates from HP Program Updates from HP exe C Program Files APC APC PowerChute Personal Edition apcsystray exe svchost exe C Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exe C Program Files APC APC PowerChute Personal Edition mainserv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C WINDOWS arservice exe C Program Files Bonjour mDNSResponder exe C WINDOWS system CTsvcCDA EXE C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Intel Intel Matrix Storage Manager Iaantmon exe C Program Files Java jre bin jqs exe C Program Files Common Files LightScribe LSSrvc exe C Program Files McAfee SiteAdvisor McSACore exe C WINDOWS ehome RMSvc exe C Program Files Mozilla Firefox firefox exe svchost exe C WINDOWS system svchost exe -k imgsvc C Program Files Western Digital WD Drive Manager WDBtnMgrSvc exe C Program Files ... Read more

A:Yet Another Browser Hijack Thread

Hello, and Welcome to TSF.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper at this forum.

---------------------------------------------------------------------------------------------

Let's try this version of gmer. We're going to try running it in a different fashion, also.


Download GMER Rootkit Scanner from here to your desktop. It will be a randomly named executable.Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.
Double click the exe file.
The program will begin to run, and perform an initial scan. If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click No.
In any case, after the initial scan is complete, click on the Save button, and save the log file somewhere you can easily find it, such as your desktop, and attach it in reply

---------------------------------------------------------------------------------------------


If still no joy, do this:

Please download mbr.exe from here to your desktop.

Open NOTEPAD and copy/paste the text in the quotebox below into it:


Code:
@echo off
mbr.exe -t
start mbr.log
del %0
Save this as fix.bat Choose to "Save type as - All Files"
It should look like this:
Place fix.bat next to mbr.exe & then double click to run it. A log file should open.

Post the contents in your next reply.

http://www.techsupportforum.com/forums/f100/yet-another-browser-hijack-thread-454792.html
Relevancy 49.88%

Hello all I am writing in the hope someone can help me with my hijack this log Just discovered the software and this forum on a friends recommendation Ta TripleX Here Goes Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Thread....Heeelp!!! Hijack This svchost exe C WINDOWS System Hijack This Thread....Heeelp!!! svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS System drivers CDAC BA EXE C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Norton AntiVirus navapsvc exe C Program Files Norton AntiVirus AdvTools NPROTECT EXE C WINDOWS System nvsvc exe C WINDOWS System svchost exe C Program Hijack This Thread....Heeelp!!! Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files Common Files Symantec Shared Hijack This Thread....Heeelp!!! ccEvtMgr exe C Program Files Microsoft Hardware Keyboard type exe C Program Files Microsoft Hardware Mouse point exe C WINDOWS system DeltTray exe C Program Files Common Files Logitech QCDriver LVCOMS EXE C Program Files Logitech ImageStudio LogiTray exe C Program Files Common Files Real Update OB realsched exe C Program Files QuickTime qttask exe C Program Files Messenger Plus MsgPlus exe C Program Files Windows AdControl WinAdCtl exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Windows AdControl WinAdAlt exe C Program Files BroadJump Client Foundation CFD exe C PROGRA ntl BROADB SMARTB MotiveSB exe C WINDOWS system ctfmon exe C Program Files Internet Explorer iexplore exe C Program Files MSN Messenger msnmsgr exe c progra intern iexplore exe C Program Files Logitech ImageStudio LowLight exe C Program Files ntl broadband medic bin mpbtn exe C Program Files Norton AntiVirus SAVScan exe C WINDOWS System svchost exe C WINDOWS system spool drivers w x hpztsb exe C WINDOWS System msiexec exe C Program Files Messenger msmsgs exe C hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www vzaitersyrcfb uk xEPnKXuU e Gml e M php R - HKCU Software Microsoft Internet Explorer Main Start Page http www zputevxhygboiejutxwvxynv nkgUBDyzo html O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO REALBAR - E BD F- B D- E-C FF-FD B A D - C PROGRA COMMON Real Toolbar realbar dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO no name - - DCD-FD E-D E- AB F F - C DOCUME Steve APPLIC OBJBIR comp dumb exe O - BHO no name - AA C - - -F BF-C FC DA FB - C WINDOWS system config SYSTEM APPLIC POKEOK plus hole exe O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - BHO no name - C -B FA- DD-AE -D - C WINDOWS system config SYSTEM APPLIC POKEOK boob list exe file missing O - Toolbar Search - A ED-FC - C - C - A AB F - C Program Files FerretSoft WebFerret FerretBand dll O - Toolbar no name - E F - A - FF-BA -FE C D - no file O - Toolbar REALBAR - E BD F- B D- E-C FF-FD B A D - C PROGRA COMMON Real Toolbar realbar dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NeroCheck C WINDOWS system NeroCheck exe O - HKLM Run IntelliType quot C Program Files Microsoft Hardware Keyboard type exe quot O - HKLM Run POINTER point exe O - HKLM Run DeltTray DeltTray exe O - HKLM Run LVCOMS C Program Files Common Files Logitech QCDriver LVCOMS EXE O - HKLM Run LogitechGalleryRepair C Program Files Logitech ImageStudio IS... Read more

A:Hijack This Thread....Heeelp!!!

Welcome to TSF.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

Please download Ad-aware SE and install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. Also go here to get the plug-in for fixing VX2 variants. To run this tool, go into Ad-aware->Add-ons and select VX2 Cleaner. Then click Run Tool and OK to start it. If it's clean, it will say Status System Clean. Otherwise, you will have to click on the Clean button to remove the VX2 infection. Also make sure to customize the settings in Ad-aware for better scan results. Run the scan and fix everything that it finds.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn't be - but double check it):

C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Windows AdControl\WinAdCtl.exe
C:\Program Files\Windows AdControl\WinAdAlt.exe

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

Messenger Plus - spyware
Windows ControlAd

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.vzaitersyrcfb.uk/xEPnKXu...ke71Gml4e8M.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zputevxhygboiejutxwvxynv...vnkgUBDyzo.html
O2 - BHO: (no name) - {65519110-4DCD-FD4E-D31E-179326AB8F5F} - C:\DOCUME~1\Steve\APPLIC~1\OBJBIR~1\comp dumb.exe
O2 - BHO: (no name) - {9AA560C4-2424-2385-F8BF-C882FC9DA8FB} - C:\WINDOWS\system32\config\SYSTEM~1\APPLIC~1\POKEO K~1\plus hole.exe
O2 - BHO: (no name) - {C1669562-B9FA-27DD-AE86-D36438483037} - C:\WINDOWS\system32\config\SYSTEM~1\APPLIC~1\POKEO K~1\boob list.exe (file missing)
O3 - Toolbar: (no name) - {E196F733-57A7-47FF-BA72-FE1C81D46016} - (no file)
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Thunk Meet Cake Four] C:\Documents and Settings\All Users\Application Data\64waythunkmeet\WAIT MANAGER.exe
O4 - HKLM\..\Run: [Windows AdControl] C:\Program Files\Windows AdControl\WinAdCtl.exe
O4 - HKLM\..\Run: [Up ball byte dumb] C:\Documents and Settings\All Users\Application Data\Meta amen up ball\plus new.exe
O4 - HKLM\..\Run: [Free default ... Read more

http://www.techsupportforum.com/forums/f100/hijack-this-thread-heeelp-31439.html
Relevancy 49.88%

Hi there I m having some issues with spyware and appreciated any another hijack help thread, this popups on another hijack this thread, any help appreciated my laptop I was wondering if any of you could help my to remove these from my laptop Thanks in advance for any help Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP another hijack this thread, any help appreciated Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system LEXPPS EXE C WINDOWS system spoolsv exe C PROGRA Grisoft another hijack this thread, any help appreciated AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C Program Files ewido security suite ewidoctrl exe C WINDOWS system slserv exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS System igfxtray exe C WINDOWS System hkcmd exe C Program Files Lexmark X Series lxbkbmgr exe C Program Files Java jre bin jusched exe C PROGRA Grisoft AVGFRE avgcc exe C PROGRA Grisoft AVGFRE avgemc exe C Program Files Microsoft AntiSpyware gcasServ exe C Program Files Messenger msmsgs exe C Program Files Lexmark X Series lxbkbmon exe C Program Files RALINK RT USB Wireless LAN Card Installer WINXP RaConfig USB exe C Program Files Microsoft AntiSpyware gcasDtServ exe C PROGRA Grisoft AVGFRE avgwb dat C Program Files Internet Explorer IEXPLORE EXE C WINDOWS System wuauclt exe C Anti-Virus Software HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Search URL http www google co uk R - HKCU Software Microsoft Internet Explorer Main Start Page http mutualpoints com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www google co uk R - HKLM Software Microsoft Internet Explorer Main Default Search URL http www google co uk R - HKLM Software Microsoft Internet Explorer Main Search Page http www google co uk R - HKLM Software Microsoft Internet Explorer Main Start Page http www google co uk O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run Lexmark X Series quot C Program Files Lexmark X Series lxbkbmgr exe quot O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run AVG EMC C PROGRA Grisoft AVGFRE avgemc exe O - HKLM Run gcasServ quot C Program Files Microsoft AntiSpyware gcasServ exe quot O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Global Startup RaConfig USB lnk C Program Files RALINK RT USB Wireless LAN Card Installer WINXP RaConfig USB exe O - Extra context menu item amp Google Search - res c program files google GoogleToolbar dll cmsearch html O - Extra context menu item amp Translate English Word - res c program files google GoogleToolbar dll cmwordtrans html O - Extra context menu item Backward Links - res c program files google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res c program files google GoogleToolbar dll cmcache html O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra context menu item Similar Pages - res c program files google GoogleToolbar dll cmsimilar html O - Extra context menu item Translate Page into English - res c program files google GoogleToo... Read more

Relevancy 49.88%

could someone please tell me what i'm doing wrong? can't copy hijackthis log into a thread, my computers a mess
 

Relevancy 49.02%

You guys were such a great help with my last problem I thought I might get your help with my grandmother s computer I ve run Spybot S amp D and Ad-Aware Here s the logfile my main problem is I m not sure how to tell the difference between quot good quot and quot bad quot - is there a database somewhere or are you all just familiar enough with thread) (yet YAHTT this hijack anjother all the names to know what s what Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss YAHTT (yet anjother hijack this thread) exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS Explorer EXE C Program Files Common Files Symantec Shared ccApp exe C Program Files Lexmark X Series lxbkbmgr exe C Program Files BroadJump Client Foundation CFD exe C Program Files Lexmark X Series lxbkbmon exe C Program Files Java j re bin jusched exe C WINDOWS SOUNDMAN EXE C Program Files Messenger MSMSGS EXE C WINDOWS System RUNDLL EXE C Program Files Norton AntiVirus navapsvc exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C WINDOWS System wuauclt exe C Program Files Internet Explorer IEXPLORE EXE C WINDOWS SoftwareDistribution Download S- - - b e cdb dddbb fbdc fe e update update exe C Documents and Settings Customer Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer proxy R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - Default URLSearchHook is missing O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot C Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run Lexmark X Series quot C Program Files Lexmark X Series lxbkbmgr exe quot O - HKLM Run BJCFD C Program Files BroadJump Client Foundation CFD exe O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run nwiz nwiz exe install O - HKLM Run NeroCheck C WINDOWS System NeroCheck exe O - HKCU Run MSMSGS quot C Program Files Messenger MSMSGS EXE quot background O - HKCU Run Microsoft Update Client svsclient exe O - HKCU Run NvMediaCenter RUNDLL EXE C WINDOWS System NVMCTRAY DLL NvTaskbarInit O - Global Startup Event Reminder lnk O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - DPF ppctlcab - http www pestscan com scanner ppctlcab cab O - DPF FC A E- - E - - DB PPSDKActiveXScanner MainScreen - http www pestscan com scanner axscanner cab O - Service Symantec Event Manager - Symantec Corporation - C Program Files Common Files Symantec Shared ccEvtMgr exe O - Service Symantec Password Validation Service - Symantec Corporation - C Program Files Common Files Symantec Shared ccPwdSvc exe O - Service Le... Read more

A:YAHTT (yet anjother hijack this thread)

Boot to safe mode and fix these and then reboot and post a new log

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing

O4 - HKCU\..\Run: [Microsoft Update Client] svsclient.exe
 

https://forums.techguy.org/threads/yahtt-yet-anjother-hijack-this-thread.322361/
Relevancy 49.02%

Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS System hkcmd exe C PROGRA Grisoft AVGFRE avgcc exe C PROGRA Grisoft AVGFRE avgemc exe C Program Files Dell AIO Printer A dlbkbmgr exe C Program Files Messenger MSMSGS EXE C Program Files Dell AIO Printer A dlbkbmon exe C WINDOWS System ctfmon exe C Program Files Outlook Express msimn exe C Program Files my in below it post this also other thread log---I My posted in hijack Internet Explorer iexplore exe C WINDOWS system winlogon exe C WINDOWS System wuauclt exe C WINDOWS System dno exe C Documents and Settings Jim and Rhonda Local Settings Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Connection Wizard ShellNext quot C Program Files Outlook Express msimn exe quot R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride http localhost O - BHO AcroIEHlprObj Class My hijack this log---I also posted it in post below in my other thread - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO no name - A C -EE A- DF-A F-E E D E B - C WINDOWS system gz nlvi dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run AVG EMC C PROGRA Grisoft AVGFRE avgemc exe O - HKLM Run Dell AIO Printer A quot C Program Files Dell AIO Printer A dlbkbmgr exe quot O - HKLM RunOnce imdaw exe C WINDOWS System imdaw exe k O - HKCU Run kbdaze C WINDOWS System kbdaze exe O - HKCU Run MSMSGS quot C Program Files Messenger MSMSGS EXE quot background O - Global Startup QuickBooks Update Agent lnk C Program Files Common Files Intuit QuickBooks QBUpdate qbupdate exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS OFFICE REFIEBAR DLL O - Extra button AIM - AC E - - d -BC D- B D A DE - C Program Files AIM aim exe O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - Extra Tools menuitem Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - Plugin for mid C Program Files Internet Explorer PLUGINS npqtplugin dll O - Plugin for mov C Program Files Internet Explorer PLUGINS npqtplugin dll O - DPF D D - - BB- - D D - file c counter cab O - DPF F E B A- A - CA- - D CB MSN Photo Upload Tool - http by fd bay hotmail msn com resources MsnPUpld cab O - DPF BCB- D A- D -A B- DA DE RdxIE Class - http software-dl real com bdb ea b dccd netzip RdxIE cab O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net housecall trendmicro com housecall xscan cab O - DPF E D DE - - -A - DFAD A D MessengerStatsClient Class - http messenger zone msn com binary MessengerStatsClient cab cab O - DPF B E - ECB- DA- C A- F A FF MsnMessengerSetupDownloadControl Class - http messenger msn com download MsnMessengerSetupDownloader cab O - DPF DF F -FF B- DF - D - DB A A PopCapLoader Object - http www popcap com games popcaploader v cab O - DPF EF A B-FC - C - EF-FB E A E McFreeScan Class - http download mcafee com molbin iss-loc vso en-us tools mcfscan mcfscan cab O - HKLM System CCS Services Tcpip BC -E E - B - - D C A FC NameServer O - ... Read more

https://forums.techguy.org/threads/my-hijack-this-log-i-also-posted-it-in-post-below-in-my-other-thread.357178/
Relevancy 49.02%

xxxLogfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe c Program Files Common Files Symantec Shared ccEvtMgr exe C PROGRA Grisoft AVG avgserv exe C WINDOWS system cisvc exe C WINDOWS System CTsvcCDA exe C WINDOWS ehome ehSched exe c Program Files Norton AntiVirus navapsvc exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C WINDOWS System MsPMSPSv exe C WINDOWS system fxssvc exe C WINDOWS Explorer EXE C WINDOWS ehome ehtray exe C windows system hpsysdrv exe C WINDOWS ehome ehmsas exe C Program Files USB Storage RW shwicon exe C Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe C Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe C HP KBD KBD EXE C thread think and more i psw.sclog.c is this virus this 1 hijack Program psw.sclog.c virus and i think 1 more this is hijack this thread Files Common Files Symantec Shared ccApp exe C WINDOWS System CTHELPER psw.sclog.c virus and i think 1 more this is hijack this thread EXE c Program Files Hewlett-Packard HP Share-to-Web hpgs wnf exe C WINDOWS System spool drivers w x hpztsb exe C Program Files ISP bin bartshel exe C PROGRA Grisoft AVG avgcc exe C WINDOWS System ctfmon exe C Program Files MSN Messenger MsnMsgr Exe C WINDOWS System rundll exe C PROGRA ISP bin ppshared exe C Program Files StarOffice program soffice exe C Program Files ISP bin bartshel exe C PROGRA ISP dialer DIALER EXE C Program Files Messenger msmsgs exe C WINDOWS system cidaemon exe C Documents and Settings Administrator Desktop hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http g msn com SEENUS SAOS R - HKCU Software Microsoft Internet Explorer Main Start Page http home peoplepc com homepage R - HKCU Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Start Page http us hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Bar http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http us hpwis com O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - DE - E - D -BEB -CBE C DD - C Program Files ISP bin BandObject dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - c Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar hp toolkit - B E - D D- DEB- B - D BCF F - C HP EXPLOREBAR HPTOOLKT DLL O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - c Program Files Norton AntiVirus NavShExt dll O - Toolbar MSN Toolbar - BDAD DAD-C - A -ADC - B B FF D - C Program Files MSN Toolbar en-us msntb dll O - HKLM Run ehTray C WINDOWS ehome ehtray exe O - HKLM Run hpsysdrv c windows system hpsysdrv exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run KYE Showicon quot C Program Files USB Storage RW shwicon exe quot -t quot KYE USB Storage RW quot O - HKLM Run Share-to-Web Namespace Daemon c Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe O - HKLM Run CamMonitor c Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe O - HKLM Run KBD C HP KBD KBD EXE O - HKLM Run StorageGuard quot C Program Files VERITAS Software Update Manager sgtray exe quot r O - HKLM Run AutoTBar C hp bin autotbar exe O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run ccApp quot c Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot c Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz... Read more

A:psw.sclog.c virus and i think 1 more this is hijack this thread

*bump*
 

https://forums.techguy.org/threads/psw-sclog-c-virus-and-i-think-1-more-this-is-hijack-this-thread.242252/
Relevancy 49.02%

Hi everyone Hijack main suggested This by my log, thread as I posted the following thread after experiencing major computer slowdown the last week or so http forums techguy org windows-n roblems-may-hardware-windows html post And it was suggested to me that I post a log from hijackthis to this forum in case I might be having malware issues I really hope that s all it is to be honest Hoping someone could take a look Logfile of Trend Hijack This log, as suggested by my main thread Micro HijackThis v BETA Scan saved at PM on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Microsoft IntelliType Pro itype exe C Program Files AntiVir PersonalEdition Classic sched exe C Program Files YourWare Solutions FreeRAM XP Pro FreeRAM XP Pro exe C Program Files AntiVir PersonalEdition Classic avguard exe C WINDOWS system cisvc exe C Program Files Eastlink Internet Security Anti-Virus fsgk st exe C Program Files Eastlink Internet Security Anti-Virus FSGK EXE C Program Files Eastlink Internet Security Common FSMA EXE C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Eastlink Internet Security Common FSMB EXE C WINDOWS system PSIService exe C Program Files Eastlink Internet Security Common FCH EXE C Program Files CyberLink Shared files RichVideo exe C WINDOWS system tcpsvcs exe C WINDOWS system svchost exe C WINDOWS System vssvc exe C Program Files Eastlink Internet Security Common FAMEH EXE C Program Files Eastlink Internet Security Anti-Virus fssm exe C Program Files Eastlink Internet Security FSAUA program fsaua exe C Program Files Eastlink Internet Security FWES Program fsdfwd exe C WINDOWS system ctfmon exe C Program Files Eastlink Internet Security FSAUA program fsus exe C WINDOWS System svchost exe C Program Files Eastlink Internet Security Anti-Virus fsav exe C Program Files Internet Explorer iexplore exe C WINDOWS system cidaemon exe C Program Files Mozilla Firefox firefox exe C Program Files MSN Messenger msnmsgr exe C Program Files uTorrent utorrent exe C Documents and Settings Amanda Desktop HiJackThis v exe R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost R - URLSearchHook no name - A B - - e -AB -E E AA B - C Program Files AskPBar SrchAstt bin A SRCHAS DLL O - BHO Ask Search Assistant BHO - A B - - e -AB -E E AA B - C Program Files AskPBar SrchAstt bin A SRCHAS DLL O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO FlashFXP Helper for Internet Explorer - E A B-D - -AD - B EE - C PROGRA FlashFXP IEFlash dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run itype quot C Program Files Microsoft IntelliType Pro itype exe quot O - HKCU Run FreeRAM XP quot C Program Files YourWare Solutions FreeRAM XP Pro FreeRAM XP Pro exe quot -win O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run msnmsgr quot C Program Files MSN Messenger msnmsgr exe quot background O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button no name - d f - f - d - - c a - windir bdoscandel exe file missing O - Extra Tools menuitem Uninstall BitDefender Online Scanner v - d f - f - d - - c a - windir bdoscandel exe file missing O - Extra button PartyPoker com - B FE D - AA - F - C B- A F E - C Program Files PartyGaming PartyPoker RunApp exe file missing O - Extra Tools menuitem PartyPoker com - B FE D - AA - F - C B- A F E - C Program... Read more

A:Hijack This log, as suggested by my main thread

Run ActiveScan online virus scan:
http://www.pandasoftware.com/products/activescan.htm

Once you are on the Panda site click the Scan your PC button.
A new window will open...click the Check Now button.
Enter your Country.
Enter your State/Province.
Enter your e-mail address and click send.
Select either Home User or Company.
Click the big Scan Now button.
If it wants to install an ActiveX component allow it.
It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
When download is complete, click on My Computer to start the scan.
When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Post the contents of the ActiveScan report.
 

https://forums.techguy.org/threads/hijack-this-log-as-suggested-by-my-main-thread.650997/
Relevancy 49.02%

MFDnNC, please help:

Previously you had helped someone else with the exact same problem as myself. I tried the fix however only got so far with the NoLop. please see my thread...

http://forums.techguy.org/windows-nt-2000-xp/628776-help-ayb-netbios-com-trinitysolutions.html#post5148615

thank you,
JoJa
 

A:please help... MFDnNC

Try posting another post in the Malware Removal Forum.

Heres the link:

http://forums.techguy.org/54-malware-removal-hijackthis-logs/
 

https://forums.techguy.org/threads/please-help-mfdnnc.630237/
Relevancy 49.02%

I joined this forum primarily to say THANK YOU for the help in ridding my computer of the false security alerts that were coming up every two minutes and making my computing life a living hell! I did a google search, which led me to a Live Journal, which had a post that shared MFDnNC's advice on how to get rid of these. I followed it to the letter, and the damned thing's GONE. THANK YOU SO, SO, SO much. It said to post my report somewhere, but I'm not sure where, so if you still want it, someone, please let me know.

S
 

https://forums.techguy.org/threads/thank-you-mfdnnc.682412/
Relevancy 49.02%

I have a friend who is having problems pc is slow and getting lots of spam emails and when he tries to d l a spam filter the next time he starts it the filter is not working Also cannot scan disk as it restarts after a few seconds Running Windows ME Model No WV - Series Compaq Presario Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows ME Win x MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS SYSTEM KERNEL MFDnNC please me! help DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C PROGRAM FILES CA ETRUST EZ ARMOR ETRUST EZ ANTIVIRUS MFDnNC please help me! ISAFE EXE C WINDOWS SYSTEM STIMON EXE C WINDOWS SYSTEM ZONELABS VSMON EXE C WINDOWS SYSTEM KB KB EXE C WINDOWS SYSTEM KB KB EXE C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS SYSTEM HIDSERV EXE C PROGRAM FILES COMPAQ EASY ACCESS BUTTON SUPPORT CPQEADM EXE C WINDOWS SYSTEM WMIEXE EXE C COMPAQ CPQINET CPQINET EXE C PROGRAM FILES COMPAQ DIGITAL DASHBOARD DEVGULP EXE C CPQS BWTOOLS SCCENTER EXE C WINDOWS PCTVOICE EXE C PROGRAM FILES COMPAQ EASY ACCESS BUTTON SUPPORT BTTNSERV EXE C PROGRAM FILES CA ETRUST EZ ARMOR ETRUST EZ ANTIVIRUS CAVTRAY EXE C PROGRAM FILES CA ETRUST EZ ARMOR ETRUST EZ ANTIVIRUS CAVRID EXE C PROGRAM FILES GENERIC USB CARD READER DRIVER V B DISK MONITOR EXE C PROGRAM FILES CA ETRUST EZ ARMOR ETRUST ANTI-SPAM QSP- QOELOADER EXE C PROGRAM FILES CA ETRUST EZ ARMOR ETRUST EZ FIREWALL CA EXE C PROGRAM FILES COMPAQ EASY ACCESS BUTTON SUPPORT EAUSBKBD EXE C PROGRAM FILES COMMON FILES MICROSOFT SHARED WORKS SHARED WKCALREM EXE C PROGRAM FILES HEWLETT-PACKARD DIGITAL IMAGING BIN HPOTDD EXE C PROGRAM FILES HEWLETT-PACKARD DIGITAL IMAGING BIN HPOHMR EXE C WINDOWS SYSTEM SPOOL EXE C PROGRAM FILES HEWLETT-PACKARD DIGITAL IMAGING BIN HPOEVM EXE C PROGRAM FILES CA ETRUST EZ ARMOR ETRUST EZ ANTIVIRUS VETMSG EXE C WINDOWS SYSTEM DDHELP EXE C PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE C WINDOWS SYSTEM PSTORES EXE C PROGRAM FILES TREND MICRO HIJACKTHIS HIJACKTHIS EXE C WINDOWS SYSTEM WBEM WINMGMT EXE R - HKCU Software Microsoft Internet Explorer Main Default Page URL http desktop presario net scripts redirectors presario deskredir dll c c amp s consumer amp LC R - HKCU Software Microsoft Internet Explorer Main Search Page http search presario net scripts redirectors presario srchredir dll c c amp s search amp LC R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http search presario net scripts redirectors presario srchredir dll c c amp s searchbar amp LC R - HKLM Software Microsoft Internet Explorer Main Search Page http search presario net scripts redirectors presario srchredir dll c c amp s search amp LC R - HKCU Software Microsoft Internet Explorer Search SearchAssistant http search presario net scripts redirectors presario srchredir dll c c amp s searchbar amp LC R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer http proxy-server https proxy-server R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride ams-server R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YT DLL O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER DLL O - BHO amp Yahoo Toolbar Helper - D -C F - efb- B - ECA - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YT DLL O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - Toolbar msdxmLC dll email protected amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YT DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O ... Read more

A:MFDnNC please help me!

Hi and welcome. Please post only once.

http://forums.techguy.org/malware-removal-hijackthis-logs/608132-please-help-malware-suspect.html
While you are waiting for a reply in your other thread, you might think about removing ares...it's a program that is mostly used for downloading copyrighted material illegally and more than likely is responsible for the problems you are experiencing, as much of the content is virus and malware infected.
Also, you don't have service pack 2 installed and your sun java is out of date, but, I'm sure that will be addressed in your other thread.
 

https://forums.techguy.org/threads/mfdnnc-please-help-me.608325/
Relevancy 49.02%

OK Im not going to lie I was at work last Friday and before I MFDnNC...=( left I had a MFDnNC...=( few hours to spare Sooooooo I was looking at a website I shouldnt of been looking at and when I closed all the windows to shut my comp down a box in the upper left corner appeared saying something about a trojan virus Please remember this is a work computer and I have many files I need in there and my microsoft outlook I use that has my work email account set up I read over about all of the previous virus that other users have but since this is a work computer I would like step by step instructions to hopefully fix this problem Before I do any cleaning of the comp I have a few questions Will any file need to be saved to a disk to upload after the cleaning process Will anything on my comp besides the virus be lost after the cleaning process Will my email account still be there Since I have a network at work will my cleaning process hurt any other computer I dont know if I need administrators access to even download anything like this because I had windows defender before and it recently expired and I tried to reinstall it and my comp said I need adminstrators access to reinstall it BUT I installed Fulltilt Poker yesterday and it uploaded just fine with no problems Also at work we have shared files through our network that we can look at from any computer WILL THIS DAMAGE THIS IN ANY WAY Obviously I would like to do this myself but if there are any if s about messing my comp up more or the network at work I will just go to my boss and take it like a man The following are the specs for my comp Dell Computer Windows XP Network through work about computer total share the network PLEASE HELP nbsp

Relevancy 49.02%

To MFDnNC for suggesting and providing a link to Combofix for another member. I had fought my XPpro OS all weekend after contracting a show stopping virus and after using everything else I could download - ComboFix cleared it up in 2 sweeps. Thank-you so much for doing what you can to offset the scum that write and distribute these Virii.
 

https://forums.techguy.org/threads/many-thanks-to-mfdnnc.599551/
Relevancy 48.59%

Good afternoon Originally I posted this Hello all I wish I were making my first post here under better circumstances but any help I can get would be appreciated I am currently using AVG Free AVG Anti-Spyare Adaware Spybot S amp D Spyware Blaster amp SpywareGuard I have something I had Nero on my computer deleted it realized I needed it to use DVD Shrink tried scamming a Hijack This Don't 2nd Know - Thread Virus Attempt, Type free copy and the keygen downloader I found screwed me up something royally I have learned my lesson Here is what my vault currently looks like And here is my HijackThis log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system LEXBCES EXEC WINDOWS system spoolsv exeC WINDOWS system LEXPPS EXEC Documents and Settings Administrator Desktop SECURITY AVG Anti-Spyware guard exeC PROGRA Grisoft AVGFRE avgamsvr exeC PROGRA Grisoft AVGFRE Hijack This Thread - 2nd Attempt, Don't Know Virus Type avgupsvc exeC Program Files CDBurnerXP NMSAccessU exeC WINDOWS system svchost exeC WINDOWS Explorer EXEC WINDOWS system hkcmd exeC PROGRA Grisoft AVGFRE avgcc exeC Program Files Java jre bin jusched exeC Program Files QuickTime qttask exeC Program Files CyberLink PowerDVD PDVDServ exeC Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exeC Documents and Settings Administrator Desktop SECURITY AVG Anti-Spyware avgas exeC WINDOWS system ctfmon exeC Program Files Spybot - Search amp Destroy TeaTimer exeC Program Files SpywareGuard sgmain exeC Program Files SpywareGuard sgbhp exeC WINDOWS system rundll exeC Program Files Mozilla Firefox firefox exeC Documents and Settings Administrator Desktop HiJackThis exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run IgfxTray C WINDOWS system igfxtray exeO - HKLM Run HotKeysCmds C WINDOWS system hkcmd exeO - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUPO - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run QuickTime Task C Program Files QuickTime qttask exe -atboottimeO - HKLM Run RemoteControl C Program Files CyberLink PowerDVD PDVDServ exe O - HKLM Run Adobe Photo Downloader C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe O - HKLM Run AVG Anti-Spyware C Documents and Settings Administrator Desktop SECURITY AVG Anti-Spyware avgas exe minimizedO - HKLM Run Adobe Reader Speed Launcher C Program Files Adobe Reader Reader Reader sl exe O - HKLM Run NBKeyScan C Program Files Nero Nero Nero BackItUp NBKeyScan exe O - HKLM Run BM fbba e Rundll exe C WINDOWS system ogewbbhi dll sO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run BgMonitor E - C C- d f- C - D A B AA C Program Files Common Files Ahead Lib NMBgMonitor exe O - HKCU Run SpybotSD TeaTimer C Program Files Spybot - Search amp Destroy TeaTimer exeO - HKUS S- - - Run AVG Run C PROGRA Grisoft AVGFRE avgw exe RUNONCE User 'LOCAL SERVICE' O - HKUS S- - - Run AVG Run C PROGRA Grisoft AVGFRE avgw exe RUNONCE User 'NETWORK SERVICE' O - HKUS S- - - Run AVG Run C PROGRA Grisoft AVGFRE avgw exe RUNONCE User 'SYSTEM' O - HKUS DEFAULT Run AVG Run C PROGRA Grisoft AVGFRE avgw exe RUNONCE User 'Default user' O - Startup SpywareGuard lnk C Program Files Spyw... Read more

A:Hijack This Thread - 2nd Attempt, Don't Know Virus Type

Hello and welcome to BleepingComputer. I apologize for the long delay. Forums are extremely busy.Please disable SpywareGuard for it may prevent the fixes we are about to do.Double-click the red SG icon in your system tray.Click Options.Under General, uncheck all 3 options, then click "Save Settings"Close SpywareGuard.We will re-enable it once your system is clean.Then....Please download Combofix to your desktop:Double-click combofix.exe & follow the prompts.When finished, it shall produce a log for you. Post that log in your next reply.Note:Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

http://www.bleepingcomputer.com/forums/t/137652/hijack-this-thread-2nd-attempt-dont-know-virus-type/
Relevancy 48.59%

I just wanted to extend my gratitude to this forum and especially to MFDnNC I registered here just to do that I was having MFDnNC Just say to thanks wanted to major problems with one of my PCs I found this site thru a web search and followed some steps that MFDnNC provided to another user and I think my system is cleaned now At least it seems to be running back to normal At first I was getting random IE windows opening I rarely use IE I ve been using Firefox for the past year or so So it was odd that I was getting IE Windows opening then Just wanted to say thanks to MFDnNC my AV program kept catching threats such as Adware Maxsearch Trojan Vundo Downloader etc I kept running various anti-spy programs to try to keep my system clean but they kept coming back It was annoying but my computer was still at least functioning Then all of a sudden some of my programs stopped running like WinRar After a few reboots my computer was basically crippled Luckily I have a second computer that isn t infected and was able to find this site and follow MFDnNC s post and now my computer is running smoothly again and I will probably post my hijackthis log to see if I could use further cleaning I saved my SDFix log VundoFix log ComboFix log SuperAntiSpyware log and latest hijackthis log nbsp

Relevancy 48.59%

Can you please help me. The search I conducted led me right to you on this forum. I have gone as far as the Hijak log. I am completely at a loss of what to do. Any help would be greatful.
 

A:MFDnNC Can you help me? I would be greatful

Explain your problem and post the hijack log
 

https://forums.techguy.org/threads/mfdnnc-can-you-help-me-i-would-be-greatful.616465/
Relevancy 48.59%

MFDnNC, please help:

Previously you had helped someone else with the exact same problem as myself. I tried the fix however only got so far with the NoLop. please see my thread...

http://forums.techguy.org/windows-nt...ml#post5148615

thank you,
JoJa
 

Relevancy 48.59%

I followed the instructions from another user that had "INFECTED: VBS:Malware [Gen] and Win32:Small-GWM [Trj] " And it worked beautifully!!

Just want to say thanks!
http://forums.techguy.org/malware-removal-hijackthis-logs/624922-infected-vbs-malware-gen-win32.html
 

https://forums.techguy.org/threads/mfdnnc-is-awesome.723731/
Relevancy 48.16%

Logfile of Trend Micro HijackThis previous hijack/popup HIJACKTHIS LOG for thread-possible problems v Scan saved at AM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system taskeng exe C Windows System MPK MPK exe C Windows system Dwm exe C Windows Explorer EXE C Program Files Windows Defender MSASCui exe C Windows sttray exe C Program HIJACKTHIS LOG for previous thread-possible hijack/popup problems Files CyberLink PowerDVD DX PDVDDXSrv exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files Lexmark Series lxcymon exe C Program Files Lexmark Series ezprint exe C Program Files Java jre bin jusched exe C Program Files Common Files Symantec Shared PIF B E HIJACKTHIS LOG for previous thread-possible hijack/popup problems DD - - c -B F- F FCA A PIFSvc exe C Program Files Yahoo Search Protection SearchProtection exe C ProgramData Dell TransferAgent TransferAgent exe C Program Files Digital Line Detect DLG exe C Windows system wuauclt exe C Windows System rundll exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files Yahoo Messenger ymsgr tray exe C Windows System mobsync exe C ProgramData exe c PROGRA mcafee com agent mcagent exe C Program Files Internet Explorer ieuser exe C Program Files Internet Explorer iexplore exe C Windows system Macromed Flash FlashUtil d exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Main Window Title Internet Explorer provided by Dell R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName F - REG system ini UserInit c windows system userinit exe C Windows System MPK MPK exe O - Hosts localhost O - BHO amp Yahoo Toolbar Helper - D -C F - efb- B - ECA - C PROGRA Yahoo Companion Installs cpn yt dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Yahoo IE Suggest - A CF - A - D -A CF- BE BC - C Program Files Yahoo Search YSearchSuggest dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO scriptproxy - DB D A - - E -B D- F C - C Program Files McAfee VirusScan scriptsn dll O - BHO McAfee SiteAdvisor BHO - B E -A B - A -B - CD E A FF - c PROGRA mcafee SITEAD mcieplg dll O - BHO Browser Address Error Redirector - CA C - B - E-A -A C DB F - C Program Files BAE BAE dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRA Yahoo Companion Installs cpn yt dll O - Toolbar McAfee SiteAdvisor Toolbar - EBBBE -BAD - B C- E A- ABECAE - c PROGRA mcafee SITEAD mcieplg dll O - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hide O - HKLM Run NvSvc RUNDLL EXE C Windows system nvsvc dll nvsvcStart O - HKLM Run NvCplDaemon RUNDLL EXE C Windows system NvCpl dll NvStartup O - HKLM Run NvMediaCenter RUNDLL EXE C Windows system NvMcTray dll NvTaskbarInit O - HKLM Run SigmatelSysTrayApp sttray exe O - HKLM Run Corel Photo Downloader C Program Files Corel Cor... Read more

A:HIJACKTHIS LOG for previous thread-possible hijack/popup problems

Please do not create multiple threads for the same problem.
Continue here: http://forums.techguy.org/malware-r...76-hijackthis-log-previous-post-possible.html
 

https://forums.techguy.org/threads/hijackthis-log-for-previous-thread-possible-hijack-popup-problems.815079/
Relevancy 48.16%

I am Save in girlfriend's computer Hijack my results thread:/ coming back to this great forum because some awesome people were able to fix my computer Fortunately my computer had minor issues Actually only one real issue However this hijackthis is gonna be a killer Ironically you would think the boyfriend would have all the adware from the quot pr n quot but she Save my girlfriend's computer Hijack results in thread:/ actually got this stuff from regular browing and going to certain quot deal quot forums and taking online surveys etc So here goes Thanks in advance this is gonna be a bad one Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS Save my girlfriend's computer Hijack results in thread:/ system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C PROGRA COMMON AOL ACS AOLacsd exe C WINDOWS Explorer EXE c progra mcafee MCAFEE MssSrv exe c program files mcafee com agent mcdetect exe c PROGRA mcafee com agent mctskshd exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Norton AntiVirus navapsvc exe C Program Files Norton AntiVirus IWP NPFMntor exe C WINDOWS system HPZipm exe C Program Files Common Files New Boundary PrismXL PRISMXL SYS C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system ctfmon exe C Program Files iPod bin iPodService exe C Program Files Kodak Kodak EasyShare software bin EasyShare exe C Program Files Common Files Real Update OB realsched exe C Program Files Common Files Real Update OB RealOneMessageCenter exe C Program Files eBay Turbo Lister Tl exe C DOCUME Owner LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www emachines com O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - B CA - A - D -A DF- BB - no file O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar AOL Toolbar - D A-C B- -B B-B B E D C - C Program Files AOL Toolbar toolbar dll file missing O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run MSConfig C WINDOWS PCHealth HelpCtr Binaries MSConfig exe auto O - HKLM Run MCUpdateExe c PROGRA mcafee com agent mcupdate exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - Extra context menu item amp Google Search - res c program files google GoogleToolbar dll cmsearch html O - Extra context menu item amp Translate English Word - res c program files google GoogleToolbar dll cmwordtrans html O - Extra context menu item Backward Links - res c program files google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res c program files google GoogleToolbar dll cmcache html O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra context menu item Similar Pages - res c program files google GoogleToolbar dll cmsimilar html O - Extra context menu item Translate Page into English - res c program files google GoogleToo... Read more

A:Save my girlfriend's computer Hijack results in thread:/

Errr....ummmm....what seems to be happening?

Before you do anything else, create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.

There's nothing showing in that log, but it may be due this:

I see you have msconfig enabled. This may prevent us from seeing everything running on your system. Please re-enable all startup items.

Go to Start>Run type msconfig and press Enter.

Select Normal Startup - Load all Device Drivers and Services

Reboot and post a new log.

http://www.techsupportforum.com/forums/f284/save-my-girlfriends-computer-hijack-results-in-thread-95796.html
Relevancy 48.16%

This is a repost requested by MFDnNC to obtain a new helper for my issue I posted my initial HJT log here- gt http forums techguy org malware-removal-hijackthis-logs -virtumonde-mgrs-exe-hjtreport html posted post and respost by HJT MFDnNC request log then ran ComboFix and SUPERAntiSpyware as reccomended This is my current HJT log HJT log respost request by MFDnNC and although the initial mgrs exe file has seemed to been removed or blocked my system seems to still be infected Thanks again HJT log respost request by MFDnNC to Tech Support Guy forum for any and all help Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Unable to get Internet Explorer version Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services HJT log respost request by MFDnNC exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system svchost exe C WINDOWS system svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS system RUNDLL EXE C WINDOWS RTHDCPL EXE C Program Files Lavasoft Ad-Aware AAWTray exe C WINDOWS system spool drivers w x hpztsb exe C Program Files Visioneer OneTouch OneTouchMon exe C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C Program Files Spyware Doctor SDTrayApp exe C Program Files BitTorrent DNA dna exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C Program Files Wireless LAN WlanUtil exe C Program Files Stardock ObjectDock ObjectDock exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C WINDOWS system nvsvc exe C Program Files Spyware Doctor svcntaux exe C Program Files Spyware Doctor swdsvc exe C WINDOWS system svchost exe C Program Files iPod bin iPodService exe C WINDOWS System alg exe C Program Files Mozilla Firefox firefox exe C Program Files Hijackthis HijackThis exe O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - AD EBA -B BF- F -B E -A DCE - C WINDOWS system ddaby dll file missing O - BHO no name - F B F - B - - FC -A F D C - C WINDOWS system mljkllk dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run SkyTel SkyTel EXE O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run AAWTray C Program Files Lavasoft Ad-Aware AAWTray exe O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run HPDJ Taskbar Utility C WINDOWS system spool drivers w x hpztsb exe O - HKLM Run OneTouch Monitor C Program Files Visioneer OneTouch OneTouchMon exe O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run SDTray C Program Files Spyware Doctor SDTrayApp exe O - HKCU Run BitTorrent DNA quot C Program Files BitTorrent DNA dna exe quot O - HKCU Run Teoe quot C WINDOWS MCROSO chkntfs exe quot -vt yazb O - HKCU Run SUPERAntiSpyware C Program Files SUPERAntiSpyware SUPERAntiSpyware exe O - Startup Stardock ObjectDock lnk C Program Files Stardock ObjectDock ObjectDock exe O - Global Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Global Startup IEEE g USB Wireless LAN Utility lnk C Program Files Wireless LAN WlanUtil exe O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra Tools menuite... Read more

A:HJT log respost request by MFDnNC

Can you rerun ComboFix and post the results please
 

https://forums.techguy.org/threads/hjt-log-respost-request-by-mfdnnc.643568/
Relevancy 48.16%

I need help with Zlob videoactivexaccess my log superantispyware SUPERAntiSpyware Scan Log http www superantispyware com Generated at AM Application Version Core Rules Database Version Trace Rules Database Version Scan type Quick Scan Total Scan Time Memory items scanned Memory threats detected Registry items scanned Registry threats detected check me MFDnNC, Helpe log my please File items scanned File threats detected Trojan Smitfraud Variant C WINDOWS SYSTEM KHTBPDL DLL C WINDOWS SYSTEM KHTBPDL DLL HKLM Software Microsoft Windows CurrentVersion Explorer SharedTaskScheduler c e - a- b a- f- b dfac a HKCR CLSID C E - A- B A- F- B DFAC A HKCR CLSID c e - a- b a- f- b dfac a InProcServer HKCR CLSID c e - a- b a- f- b dfac a InProcServer ThreadingModel Trojan Media-Codec V HKLM Software Microsoft Windows CurrentVersion Explorer Browser Helper Objects E F C- E - CE -B B-F Helpe me MFDnNC, check my log please BEDC HKCR CLSID E F C- E - CE -B B-F BEDC HKCR CLSID E F C- E - CE -B B-F BEDC xxx HKCR Helpe me MFDnNC, check my log please CLSID E F C- E - CE -B B-F BEDC InprocServer HKCR CLSID E F C- E - CE -B B-F BEDC InprocServer ThreadingModel C ARQUIVOS DE PROGRAMAS VIDEO ACTIVEX ACCESS IESPLG DLL HKLM SOFTWARE Microsoft Windows CurrentVersion Uninstall IExplorer Security Plug-in HKLM SOFTWARE Microsoft Windows CurrentVersion Uninstall IExplorer Security Plug-in DisplayName HKLM SOFTWARE Microsoft Windows CurrentVersion Uninstall IExplorer Security Plug-in UninstallString HKLM SOFTWARE Microsoft Windows CurrentVersion Uninstall Internet Explorer Secure Bar HKLM SOFTWARE Microsoft Windows CurrentVersion Uninstall Internet Explorer Secure Bar DisplayName HKLM SOFTWARE Microsoft Windows CurrentVersion Uninstall Internet Explorer Secure Bar UninstallString C Arquivos de programas Video ActiveX Access iesbunst exe C Arquivos de programas Video ActiveX Access iesunst exe C Arquivos de programas Video ActiveX Access imsunst exe C Arquivos de programas Video ActiveX Access C WINDOWS Prefetch IMSUNST EXE- A B B pf Adware Tracking Cookie C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt C Documents and Settings Usuario Cookies email protected txt Adware WhenU HKCR WUSN HKCR WUSN WUSN Id Trojan Security Toolbar C Documents and Settings All Users Menu Iniciar Online Security Guide url C Documents and Settings All Users Menu Iniciar Security Troubleshooting url Trojan Media-Codec HKLM SOFTWARE Microsoft Windows CurrentVersion policies explorer run user dll C Arquivos de programas Video ActiveX Access iesmn exe nbsp

A:Helpe me MFDnNC, check my log please

Click here to download HJTInstall.exe

Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

 

https://forums.techguy.org/threads/helpe-me-mfdnnc-check-my-log-please.604978/
Relevancy 48.16%

Mr MFDnNC was googling all of the stop codes and found techguy com joined because you seem to be a quot real-time quot user helper i m trying to use my family s computer but the following has happened help! please STOP MFDnNC 0x00000050 over the past week quot ActiveShield quot is not enabled MFDnNC please help! STOP 0x00000050 McAfee of course outdated is therefore disabled Blue Screen when trying to shut down and or log MFDnNC please help! STOP 0x00000050 off user gave STOP x C Called Dell they said for a year contract including remote assistance sessions amp year security software probably mcafee again Bought Kaspersky and it never finished installation Called Kaspersky and followed their email ran diagnostic and reported that i need to remove spyware blaster and spyware doctor from computer before uninstalling and MFDnNC please help! STOP 0x00000050 reinstalling kaspersky Between the time that I ran the Kaspersky diagnostic and received the instructions to remove the aforementioned programs another blue screen showed up problem blue screen STOP x due to quot spooldr sys quot this comes up EVERY time i try to log onto ANY user i e i can t even log on to the computer to remove anything etc i figure i have to work in safe mode i used to be comfortable with this but i haven t used it in awhile how to i run diagnostics in safe mode to find bugs and remove them etc THANK YOU nbsp

A:MFDnNC please help! STOP 0x00000050

http://forums.techguy.org/windows-nt-2000-xp/611297-bsod-cant-log-use-computer.html#post5024915

Please review the forum rules regarding multiple postings.
 

https://forums.techguy.org/threads/mfdnnc-please-help-stop-0x00000050.611258/
Relevancy 48.16%

Hi there MFDnNC I saw one of your previous post regarding the removal of HTTP LOP Toolbar Activity and thought i would ask you to help me as you seemed Very Knowledgeable I hoping you can pls help me remove this too I really didnt understand your previous post where you MFDnNC me Removal Solved: ) Pls Mr Help (Re: Lop asked the guy to provide activity logs etc so im hoping you can go through it step by step with me in a more basic way Pls Basically im getting the same message as the previous guy you help Norton keeps popping up every seconds with a message saying a recent Solved: Pls Help me Mr MFDnNC (Re: Lop Removal ) attempt to attack your computer was blocked Norton Internet Worm Protection has detected and blocked an intrusion attempt Intrusion HTTP LOP Toolbar Activity Intruder localhost Risk Level High Protocol TCP Attacked IP ads dns-look-up com Attacked Port http This started after downloading a p p torrent program I ve also run spybot and scanned with norton but they both say there is NO infection Pls help me id be sooooooooooo grateful Thanks Jason nbsp

Relevancy 47.3%

Mabuhay, sir MFDnNc!

Belated happy birthday...

My concern now is about some portable applications you can recommend that I should have on my 2GB USB flashdrive so that I could help some friends having trouble with viruses, malwares, spywares or trojans on their PCs...

Anyway, since I discovered this site I always spend some time reading articles topics and threads because I am really concerned about Internet Security and System Dependability...

Thanks, I wish I could be knowledgeable as you are to help others....Mabuhay!
 

https://forums.techguy.org/threads/mfdnnc-portable-applications-for-usb-flashdrive.638862/
Relevancy 47.3%

Thanks for taking a look at this I have posted for all Solved: computer) MFDnNC....... (different you my more One logs of regarding my laptopearlier but this is my desktops logs ComboFix - - - quot Owner quot - - - NTFSx Microsoft Windows XP Professional GMT - Created a new restore point Other Deletions C DOCUME ALLUSE Solved: One more for you MFDnNC....... all of my logs (different computer) APPLIC WinAntiVirus Pro C DOCUME Owner err log C DOCUME Owner ResErrors log C Solved: One more for you MFDnNC....... all of my logs (different computer) DOCUME Ryan APPLIC DriveCleaner Free C DOCUME Ryan APPLIC WinAntiVirus Pro C DOCUME Ryan Desktop internet lnk C DOCUME Ryan err log C DOCUME Ryan ResErrors log C Program Files Common Files Companion Wizard C Program Files Common Files companion wizard CompWiz xml C Program Files Common Files companion wizard WapCHK dll C UWA Solved: One more for you MFDnNC....... all of my logs (different computer) P C WA P C WA P Quar ADgnloyd C WA P Quar ADncqret C WA P Quar Index dat C WA P Quar INenujvo C WA P Quar N vstumn C WA P Quar NDeauveo C WA P Quar NPzvzlwh C WA P Quar PLbetwvb C WA P Quar PLggwict C WA P Quar PLizgkwz C WA P Quar RXhxqovp C WA P Quar RYbovdab C WA P Quar RYcnjvwj C WA P Quar RYfrdpxq C WA P Quar RYircuur C WA P Quar RYlmrvyy C WA P Quar RYlzupua C WA P Quar RYosqrve C WA P Quar RYrbwqnl C WA P Quar RYsucdrs C WA P Quar RYweirlp C WA P Quar SMqhhuuc C WINDOWS system stera job C WINDOWS system stera log Files Created from - - to - - - - --a------ C WINDOWS nircmd exe - - lt DIR gt d--h----- C WINDOWS system GroupPolicy - - lt DIR gt d-------- C DOCUME ALLUSE APPLIC Lavasoft - - lt DIR gt d-------- C Program Files Common Files Wise Installation Wizard - - --a------ C WINDOWS system drivers AWRTRD sys - - --a------ C WINDOWS system drivers NSDriver sys - - --a------ C WINDOWS system drivers AWRTPD sys Find M Report - - --------- d-------- C DOCUME LOCALS APPLIC SiteAdvisor - - --------- d-------- C Program Files Google - - --------- d-------- C Program Files Lavasoft - - --------- d-------- C Program Files MSN Games - - --------- d-------- C DOCUME ALLUSE APPLIC Google - - --------- dr-h----- C DOCUME Owner APPLIC yahoo - - --------- d-------- C DOCUME ALLUSE APPLIC yahoo - - --------- d-------- C Program Files Yahoo - - --------- d-------- C DOCUME Owner APPLIC SiteAdvisor - - --------- d-------- C Program Files Dl cats - - --------- d-------- C DOCUME Ryan APPLIC SiteAdvisor Reg Loading Points Note empty entries amp legit default entries are not shown HKEY LOCAL MACHINE SOFTWARE Microsoft Windows CurrentVersion Run quot ehTray quot quot C WINDOWS ehome ehtray exe quot - - quot ATIPTA quot quot C Program Files ATI Technologies ATI Control Panel atiptaxx exe quot - - quot RemoteControl quot quot C Program Files CyberLink PowerDVD PDVDServ exe quot - - quot Dell Photo AIO Printer quot quot C Program Files Dell Photo AIO Printer dlbubmgr exe quot - - quot DellMCM quot quot C Program Files Dell Photo AIO Printer memcard exe quot - - quot DLBUCATS quot quot C WINDOWS System spool DRIVERS W X DLBUtime dll quot - - quot HostManager quot quot C Program Files Common Files AOL ee AOLSoftware exe quot - - quot AOLDialer quot quot C Program Files Common Files AOL ACS AOLDial exe quot - - quot QuickTime Task quot quot C Program Files QuickTime qttask exe quot - - quot MimBoot quot quot C PROGRA MUSICM MUSICM mimboot exe quot - - quot MMTray quot quot C Program Files Musicmatch Musicmatch Jukebox mm tray exe quot - - quot IPHSend quot quot C Program Files Common Files AOL IPHSend IPHSend exe quot - - quot CTHelper quot quot CTHELPER EXE quot - - C WINDOWS CTHELPER EXE quot CTxfiHlp quot quot CTXFIHLP EXE quot - - C WINDOWS system CTXFIHLP EXE quot SiteAdvisor quot quot C Program Files SiteAdvisor SiteAdv exe quot - - quot MskAgentexe quot quot C Program Files McAfee MSK MskAgent exe quot - - quot McAfee Backup quot quot C Program Files McAfee MBK McAfeeDataBackup exe quot - - quot MBkLogOnHoo... Read more

A:Solved: One more for you MFDnNC....... all of my logs (different computer)

Fix this

O16 - DPF: {2D2BEE6E-3C9A-4D58-B9EC-458EDB28D0F6} - http://cdn.drivecleaner.com/installd...eanerstart.cab

Log looks fine
 

https://forums.techguy.org/threads/solved-one-more-for-you-mfdnnc-all-of-my-logs-different-computer.617651/
Relevancy 47.3%

Hello I have been cursed by the WinAntiVirus ghost I have posted my HJThis log below I also have SuperAntiSpyware and ComboFix ready at the go if need be Any help at all would Help WinAntiVirus (Attention:MFDnNC) Please Solved: be wonderful Thank Solved: WinAntiVirus Please Help (Attention:MFDnNC) you in advance A side note I cannot reboot my computer in safe mode at work for the programs that need it such as SDFix If there is a way that I don t need that program and I ve seen fixes which didn t use SDFix that would be my preferred method Thanks again Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS system rundll exe C PROGRA Symantec LIVEUP LUCOMS EXE C WINDOWS system regsvr exe C Program Files SecCenter scprot exe C WINDOWS mgrs exe C WINDOWS system ctfmon exe C WINDOWS system rundll exe C Program Files Adobe Acrobat Distillr acrotray exe C DOCUME cchance LOCALS Temp qveqiwqk exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C PROGRA MICROS OFFICE OUTLOOK EXE C Program Files Microsoft Office OFFICE WINWORD EXE C WINDOWS explorer exe C Program Files Internet Explorer iexplore exe C Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Connection Wizard ShellNext http go microsoft com fwlink LinkId O - HKLM Run igfxtray C WINDOWS system igfxtray exe O - HKLM Run igfxhkcmd C WINDOWS system hkcmd exe O - HKLM Run igfxpers C WINDOWS system igfxpers exe O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run mfsbybqz rundll exe quot C Program Files hafszupg xozmpafm dll quot Init O - HKLM Run grozmhyj regsvr u quot C Documents and Settings All Users Application Data grozmhyj dll quot O - HKLM Run SC C Program Files SecCenter scprot exe O - HKLM Run smgr mgrs exe O - HKCU Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run DDC C DOCUME cchance LOCALS Temp umwbblrq exe O - HKCU Run Windows update loader C Windows xpupdate exe O - HKCU Run cmds rundll exe C DOCUME cchance LOCALS Temp awtqp dll CreateProtectProc O - HKCU Run SystemOptimizer rundll exe quot C DOCUME cchance LOCALS Temp vxsxevpn dll quot forkonce O - Global Startup Acrobat Assistant lnk C Program Files Adobe Acrobat Distillr acrotray exe O - Global Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Extra context menu item amp Google Search - res C Program Files Google GoogleToolbar dll cmsearch html O - Extra context menu item amp Translate English Word - res C Program Files Google GoogleToolbar dll cmwordtrans html O - Extra context menu item Backward Links - res C Program Files Google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res C Program Files Google GoogleToolbar dll cmcache html O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra context menu item Similar ... Read more

Relevancy 46.87%

Hi I have CID this) 3wPlayer - read spyware MFDnNC (user pls help an issue with the above spyware and followed the steps given in a similar thread from a few months ago username wabawaba post on -Aug- AM I am also running on Windows XP Basically it was advised to download NoLop http www thespykiller 3wPlayer - CID spyware help (user MFDnNC pls read this) co uk index tpmod dl get and Superantispyware SAS free home version http www superantispyware com supe 3wPlayer - CID spyware help (user MFDnNC pls read this) freevspro html I performed both actions and this is what I got NoLop tells me that No infection files have been found SUPERAntiSpyware Scan 3wPlayer - CID spyware help (user MFDnNC pls read this) Log http www superantispyware com Generated at AM Application Version Core Rules Database Version Trace Rules Database Version Scan type Complete Scan Total Scan Time Memory items scanned Memory threats detected Registry items scanned Registry threats detected File items scanned File threats detected Adware Tracking Cookie C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Cookies email protected txt C Documents and Settings Alinita Local Settings Temp Cookies email protected txt C Documents and Settings Alinita Local Settings Temp Cookies email protected txt C Documents and Settings Alinita Local Settings Temp Cookies email protected txt C Documents and Settings Alinita Local Settings Temp Cookies email protected txt C Documents and Settings Alinita Local Settings Temp Cookies email protected ... Read more

Relevancy 46.44%

Background Infected w WinAntivirusPro Virtumonde Adware Downloader tiny id various MFDnNC!) Virtumonde (Thanks, Confirm Cleaned Solved: WinAntivirusPro, trojans Followed instructions from MFDnNC in this thread to clean my own system Posted a thank you and MFDnNC suggested I post my log files just to be safe Good idea Here are my log files Hijack This Logfile of Trend Micro HijackThis v BETA Scan saved at AM on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Solved: Confirm Cleaned WinAntivirusPro, Virtumonde (Thanks, MFDnNC!) svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files AVG Anti-Spyware guard exe C Program Files Canon CAL CALMAIN exe C WINDOWS Explorer EXE C WINDOWS system hkcmd exe C WINDOWS BCMSMMSG exe C Program Files AVG Anti-Spyware avgas exe C Program Files Java jre bin Solved: Confirm Cleaned WinAntivirusPro, Virtumonde (Thanks, MFDnNC!) jusched exe C WINDOWS system ctfmon exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C WINDOWS System svchost exe D FILES NAS Archive Software HijackThis HiJackThis v exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - A A ACA- - C - B- E D C - no file O - BHO no name - - F - D - - D F - C PROGRA Spybot SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - A - D A- AB- B- B E C - C WINDOWS system urqnlkk dll file missing O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run BCMSMMSG BCMSMMSG exe O - HKLM Run AVG Anti-Spyware quot C Program Files AVG Anti-Spyware avgas exe quot minimized O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run icq com rundll exe quot C WINDOWS system qmhygelv dll quot forkonce O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run SpybotSD TeaTimer C Program Files Spybot TeaTimer exe O - HKCU Run WinPop C Program Files WinPop winpop exe O - Global Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - HKCU Software Policies Microsoft Internet Explorer Restrictions present O - HKCU Software Policies Microsoft Internet Explorer Control Panel present O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dll O - DPF Photobucket Publisher - http smg photobucket com csve ie plugin php O - DPF A BB - - EC-ACCB- EAE B SysProWmi Class - http support dell com systemprofiler SysPro CAB O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http update microsoft com windowsupdate v V Controls en x client wuweb site cab O - DPF E A- D- EE - C-DC FA D FC MUWebControl Class - http update microsoft com microsoftupdate v V Controls en x client muweb site cab O - Winlogon Notify urqnlkk - urqnlkk dll file missing O - Winlogon Notify winbjv - winbjv dll file missing O - SharedTaskScheduler Browseui preloader - C -A BA- D -B B- A C E - C WINDOWS System browseui dll O - SharedTaskScheduler Component... Read more

A:Solved: Confirm Cleaned WinAntivirusPro, Virtumonde (Thanks, MFDnNC!)

https://forums.techguy.org/threads/solved-confirm-cleaned-winantiviruspro-virtumonde-thanks-mfdnnc.592395/
Relevancy 46.01%

Dai:

How can I Download this program when I cannot start my laptop?

I can get to the BIOS page only?? Attempting to start ALWAYS returns to BSOD with "STOP: C0000218 {Registry File Failure

Thanks ...... Bob

A:moved from thread hijack] BSOD STOP: c0000218 \systemroot\system32\config\software

tap f8 when booting and try
last known good configuration

http://www.techsupportforum.com/forums/f10/moved-from-thread-hijack-bsod-stop-c0000218-systemroot-system32-config-software-249743.html
Relevancy 46.01%

I've followed your running thread and run combo.exe and Antispyware. I'd be very grateful if you could also help me

many thanks Sheep
 

A:Solved: Dear MFDnNC need the same help with Winantispyeware pro 2007 that you are giving TimH

https://forums.techguy.org/threads/solved-dear-mfdnnc-need-the-same-help-with-winantispyeware-pro-2007-that-you-are-giving-timh.613340/
Relevancy 45.15%

Note from Moderator Hi Rams you tacked your post onto an active thread thread {Moved Album to new Photo thread} MSN from active Virus though marked Solved these threads can become active sometimes and it is always your best move to start your own thread when dealing with Hijackthis logs malware etc as it becomes way too confusing for all of us MSN Photo Album Virus {Moved to new thread from active thread} when more than one computer is being worked on in a thread gt so I have moved your post into a thread for you Thanks Some one will help you soon By Byteman Hey I m suffering from MSN Photo Album Virus {Moved to new thread from active thread} the same problem too I ve read and followed the steps in your post so this is a copy from the notepad Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Symantec Shared ccSetMgr exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system Ati evxx exe C WINDOWS system wscntfy exe C WINDOWS MSN Photo Album Virus {Moved to new thread from active thread} Explorer EXE C Program Files Microsoft Encarta Encarta Premium DVD EDICT EXE C Program Files MSN Messenger msnmsgr exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C WINDOWS system devldr exe C WINDOWS System svchost exe C Program Files Internet Explorer iexplore exe C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http english aljazeera net NR exeres ABE -AC - D -BDC - BBE A htm R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO PaltalkWebLogin - C BA - C E- -BC -C E B F - C Program Files Common Files Paltalk PaltalkWebLogin dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO Encarta Web Companion Helper Object - BE B -BC - CAF- E- E D B - C Program Files Common Files Microsoft Shared Encarta Web Companion ENCWCBAR DLL O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO no name - B A -EFA -A D - CB -BA EC E F - C DOCUME Abid APPLIC SCRMIX baitburn exe file missing O - BHO MSN Search Toolbar Helper - BDBD DAD-C - A -ADC - B B FF D - C Program Files MSN Toolbar Suite TB en-us msntb dll O - Toolbar Encarta Web Companion - D - - - B - F B C - C Program Files Common Files Microsoft Shared Encarta Web Companion ENCWCBAR DLL O - Toolbar MSN Search Toolbar - BDAD DAD-C - A -ADC - B B FF D - C Program Files MSN Toolbar Suite TB en-us msntb dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM RunServices virtual winit exe O - HKCU Run E AXLRD quot C Program Files Microsoft Encarta Encarta Premium DVD EDICT EXE quot -m O - HKCU Run msnmsgr quot C Program Files MSN Messenger msnmsgr exe quot background O - HKCU Run swg C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Extra context menu item amp MSN Search - res C Program Files MSN Toolbar Suite TB en-us msntb dll search htm O - Extra context menu item Download Using amp BitSpirit - C Program Files BitSpirit bsurl htm O - Extra context menu item Open in new background tab - res C Program Files MSN Toolbar Suite TAB en-us msntabres dll cf fb e e a a b db b f f fd O - Extra context menu item Open in new... Read more

A:MSN Photo Album Virus {Moved to new thread from active thread}

Download this tool to your desktop:
http://www.uploads.ejvindh.net/rootchk.exe
Run the program. After a short time a logfile will turn up. Copy the contents of the log into the thread.

Notice: Some security-programs prevent the creation of dummy drivers with certain names. This may cause false positives. If the log of rootchk contains a lot of hidden drivers, you may want to turn of your security programs while rootchk is scanning (you should then unhook your network connection as well)

Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, the Advanced Options Menu should appear;
Select the first option, to run Windows in Safe Mode, then press Enter.
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
Press any Key and it will restart the PC.
When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum).
Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

 

https://forums.techguy.org/threads/msn-photo-album-virus-moved-to-new-thread-from-active-thread.565568/
Relevancy 43.86%

I could only thread with problem and thread New to a original link operate in New thread with a link to original thread and problem safe mode with numerous other problems as stated in the original thread here -My linkHere is the New thread with a link to original thread and problem requested dds log file DDS Ver - - - NTFSAMD Internet Explorer Run by maria at on - - Microsoft Windows Home Premium GMT - AV Norton Internet Security Disabled Outdated C A - C B- F C- B B- FCCFDC SP Windows Defender Enabled Updated D DDC A- F- fae- E -DA C ACF SP Norton Internet Security Disabled Updated A BBD -AA - A - B- B EB B E FW Norton Internet Security Disabled B F DB -C - E - D - C F F E Running Processes C Windows system wininit exeC Windows system lsm exeC Windows system svchost exe -k DcomLaunchC Windows system svchost exe -k RPCSSC Windows System svchost exe -k LocalServiceNetworkRestrictedC Windows System svchost exe -k LocalSystemNetworkRestrictedC Windows system svchost exe -k netsvcsC Windows servicing TrustedInstaller exeC Windows system svchost exe -k LocalServiceC Windows system svchost exe -k NetworkServiceC Windows System spoolsv exeC Windows system svchost exe -k LocalServiceNoNetworkC Program Files x Norton Internet Security Engine ccSvcHst exeC Windows system svchost exe -k imgsvcC Windows Microsoft NET Framework v mscorsvw exeC Windows system taskhost exeC Windows system Dwm exeC Windows Explorer EXEC Windows system svchost exe -k LocalServiceAndNoImpersonationC Windows system SearchIndexer exeC Windows System svchost exe -k secsvcsC Program Files Windows Media Player wmpnetwk exeC Program Files x Hewlett-Packard HP Advisor HPAdvisor exeC Windows Microsoft Net Framework v WPF PresentationFontCache exeC Program Files x Internet Explorer iexplore exeC Program Files x Internet Explorer iexplore exeC Program Files x HP Digital Imaging Smart Web Printing hpswp clipbook exeC Windows SysWow Macromed Flash FlashUtil c exeC Windows SysWOW ping exeC Windows system conhost exeC Windows system SearchFilterHost exeC Windows system SearchProtocolHost exeC Windows system DllHost exeC Windows system DllHost exeC Windows SysWOW cmd exeC Windows system conhost exeC Windows SysWOW cscript exeC Windows system wbem wmiprvse exe Pseudo HJT Report uStart Page hxxp www comcast net uInternet Settings ProxyOverride localmWinlogon Userinit userinit exe BHO HP Print Enhancer c e- - -bf - c - C Program Files x HP Digital Imaging Smart Web Printing hpswp printenhancer dllBHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dllBHO Symantec NCO BHO adb e- aff- - aa - dac dfa - C Program Files x Norton Internet Security Engine coIEPlg dllBHO Symantec Intrusion Prevention d ec - aae- -aeee-f f c - C Program Files x Norton Internet Security Engine IPSBHO DLLBHO Windows Live Sign-in Helper d - c - abf- ecc- c - C Program Files x Common Files Microsoft Shared Windows Live WindowsLiveLogin dllBHO D -D - -BAB -AB A - No FileBHO Microsoft Live Search Toolbar Helper d ce e -f a- - e- dc f c f - c Program Files x MSN Toolbar msneshellx dllBHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - C Program Files x Java jre bin jp ssv dllBHO Yontoo Layers fd e- fde- d-a a- bab cad - C Program Files x Drop Down Deals YontooIEClient dllBHO HP Smart BHO Class ffffffff-cf e- f b-bdc - e e a - C Program Files x HP Digital Imaging Smart Web Printing hpswp BHO dllTB Microsoft Live Search Toolbar e ed c- cb - d -b e -ab c c - c Program Files x MSN Toolbar msneshellx dllTB Norton Toolbar febefe - b - - d -ffb d b ca - C Program Files x Norton Internet Security Engine coIEPlg dllTB D -D - -BAB -AB A - No FileEB HP Smart Web Printing d d - bd - -a -cfc a - C Program Files x HP Digital Imaging Smart Web Printing hpswp bho dlluRun msnmsgr quot C Program Files x Windows Live Messenger msnmsgr exe quot backgroundmRun lt NO NAME gt mRun WirelessAssistant C Program Files x Hewlett-Packard HP Wireless Assistant HPWAMain... Read more

A:New thread with a link to original thread and problem

I am sending the mini tool box through Email to my other laptop and posting it here now thanks:
MiniToolBox by Farbar
Ran by maria (administrator) on 10-01-2012 at 21:12:34
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================
Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

Windows IP Configuration
Host Name . . . . . . . . . . . . : maria-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.nj.comcast.net.
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : hsd1.nj.comcast.net.
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 90-4C-E5-B5-53-72
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::65e2:c9d3:b96b:676%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, January 10, 2012 7:12:31 PM
Lease Expires . . . . . . . . . . : Wednesday, January 11, 2012 7:12:30 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 328223973
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-E0-8E-57-00-26-9E-E0-05-C9
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-26-9E-E0-05-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.hsd1.nj.comcast.net.:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.nj.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:344a:d72:3f57:f... Read more

http://www.bleepingcomputer.com/forums/t/437413/new-thread-with-a-link-to-original-thread-and-problem/
Relevancy 43.86%

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 3890 Mb
Graphics Card: Intel(R) HD Graphics, 1721 Mb
Hard Drives: C: Total - 464557 MB, Free - 295104 MB;
Motherboard: TOSHIBA, NWQAA
Antivirus: COMODO Antivirus, Updated and Enabled
 

A:I was told to move my thread here, attatched is the thread

I'm not sure why you were told to post here in General Security. If malware is suspected, please start a new thread in the Virus & Other Malware Removal forum.

I'll close this one.
 

https://forums.techguy.org/threads/i-was-told-to-move-my-thread-here-attatched-is-the-thread.1134197/
Relevancy 39.13%

I went to the following link from the quot Please read here first quot thread http thespykiller co uk index php action tpmod dl item but was unable to find a download for quot hijack this quot Does anyone have an from "Please thread. link in get "hijack Help read program Can't this" here.." please alternative link to find Hijack this Can't get "hijack this" program from link in "Please read here.." thread. Help please Thank you EDITED A message appeared saying this website wants to run ietag dll from Microsoft Corp Is that ok P S The problem is an increadibly SLOW start up time and quot fairly quot frequent freezing of the screen enough to be very frustrating The computer never goes into hibernate either and I ve set it up to do so numerous times Sometimes after Can't get "hijack this" program from link in "Please read here.." thread. Help please clicking the IE icon nothing happens until I click it again a few minutes later However it then opens up - IE windows instead of the original one that I wanted I can t get a hijack this log because I can t find the hijack this download Does the download via the described link show up for other people Dell Dimension DV Intel P GHz GHz MB RAM Windows XP Media Center SP nbsp

A:Can't get "hijack this" program from link in "Please read here.." thread. Help please

Found & ran the program with the following results: (P.S. I realize you're all busy so please don't take this the wrong way --> It looks like the "Please read here first..." thread needs updating).

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:34:57 PM, on 6/2/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Companion\Installs\cpn4\ytbb.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hackerwatch.org/library/app/feedback/?Md5=DDBC1018C33436A2E1CF15635B3185E5
R1 - HKCU\Software\Microsoft\Internet Expl... Read more

https://forums.techguy.org/threads/cant-get-hijack-this-program-from-link-in-please-read-here-thread-help-please.926806/
Relevancy 31.39%

i am interested in buying a new laptop. I am not looking for anything fancy, just something that will last and be used primarly for word documents, email, and instant message. any recomendations? also, someone had mentioned that the mac's are converting to windows? is that true? will those be good? would a mac or pc be better for what i want to use it for? thanks!
 

A:not sure where this thread should go..but XP vs MAC

I'd get a laptop with XP. If you're not looking for all the bells and whistles and are not using it for any intensive gaming, then I'm sure you could find a good quality one for pretty cheap.

And Mac is not converting to Windows as far as I know, they are just going to use Intel processors.
 

https://forums.techguy.org/threads/not-sure-where-this-thread-should-go-but-xp-vs-mac.443257/
Relevancy 31.39%

This ones a little different the reason this whole thing started before was because of Interest On to the differences now it s actually needed for something useful I got another Friend since I told him what I did for my other buddy I built him a computer he went out And got all the parts himself since he knew what he wanted like jimmy did when I built His for him but he wants me to assemble it for VS. AGP PCI another Thread. Yet him like I did jimmy here s the thing I just Got all the stuff today case motherboard etc he s got a AGP x slot Yet another PCI VS. AGP Thread. and that s it and four PCI slots just normal PCI not PCI-E here s the deal he still hasn t got the video card he Wanted yet but he said which should he get a PCI card or an APG card so I told him I Would ask here and see what you people have to say what would be faster an AGP Card That s x AGP or a PCI card And he s getting a newer card he s willing to spend around bucks for one so recommendation of good video cards to recommend to him would Be nice too since I m still new to this kind of thing even thing I now know enough to get by Thanks again everyone Note I ve been told AGP xs is faster then PCI because it s GB and PCI is megs But what about APG x and PCI nbsp

Relevancy 31.39%

My computer encounters a problem. Everytime i log in to my computer, there is always a pop out message saying that my vtspn.dll from my temporary file is missing. Besides that, when i am surfing internet with my Mozilla Firefox, my Internet Explorer keep on pop out some advertisements or others. I had viewed the forum just now, i followed the link to download the VundoFix.exe as well as dss.exe. I had run both the program. what should i do next?
 

A:I don't know what thread is this?

Can anyone help me with this, please...thanks.
 

https://forums.techguy.org/threads/i-dont-know-what-thread-is-this.700931/
Relevancy 31.39%

I posted a question with my text log, got a response, and then responded back....now I cant find my log....please advise....thank you in advance....

Cooz_jr

A:Thread gone?

Since your posts in your other topic are after this one, I'll assume you've found it.

Here's the link....place it in your bookmarks.

http://www.techsupportforum.com/secu...ey-logger.html

You can also use the forum's search function to search for your own topics.

http://www.techsupportforum.com/forums/f100/thread-gone-321797.html
Relevancy 31.39%

Hey I am currently trying to sort out my sister in laws laptop right now but i need help with a HJT log that i really have no experience with Here's the log hope someone can point out what shouldn't be there Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C temp HijackThis exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE thread! Yet HJT another B - C Yet another HJT thread! Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll Yet another HJT thread! O - BHO Norton Internet Security - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - Toolbar Easy-WebPrint - C -E D- c -AA D- AC BABA C - C Program Files Canon Easy-WebPrint Toolband dll O - Toolbar Norton Internet Security - B EAC - D - b e- B -A C A A - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - HKLM Run AGRSMMSG AGRSMMSG exe O - HKLM Run LtMoh C Program Files ltmoh Ltmoh exe O - HKLM Run SENS Keyboard V Launcher quot C Program Files SAMSUNG SENS Keyboard V Launcher SENSKBD EXE quot O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run Microsoft Works Update Detection C Program Files Common Files Microsoft Shared Works Shared WkUFind exe O - HKLM Run DSLSTATEXE C Program Files BT Voyager ADSL Modem dslstat exe icon O - HKLM Run DSLAGENTEXE C Program Files BT Voyager ADSL Modem dslagent exe O - HKLM Run Windows Processe Manager mspn exe O - HKLM Run Windows Protectot boxide exe O - HKLM Run SDKcore Update Components SDKC R exe O - HKLM Run Microsoft Windows Update winsupdate exe O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run IS CfgWiz C Program Files Norton Internet Security cfgwiz exe GUID BBC - B - e- F - DD MODE CfgWiz CMDLINE quot REBOOT quot O - HKLM Run SSC UserPrompt C Program Files Common Files Symantec Shared Security Center UsrPrmpt exe O - HKLM Run MISSetup D Mis eng setup exe O - HKLM Run McAfeeUpdaterUI quot C Program Files Network Associates Common Framework UpdaterUI exe quot StartedFromRunKey O - HKLM RunServices Windows Processe Manager mspn exe O - HKLM RunServices Windows Protectot boxide exe O - HKLM RunServices SDKcore Update Components SDKC R exe O - HKLM RunServices Microsoft Windows Update winsupdate exe O - HKLM RunOnce Windows Protectot boxide exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http v windowsupdate microsoft co O - DPF E F- D - A - DD -E EEEC Symantec RuFSI Utility Class - http security symantec com sscv S bin cabsa cab O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net ll xscan cab O - DPF A A - DA - DAF-B - F E E ActiveScan Installer Class - http www pandasoftware com activescan as asinst cab O - DPF AE DCB -F - D -A A- C IntraLaunch MainControl - file D SuperCD IntraLaunch CAB O - Winlogon Notify igfxcui - C WINDOWS SYSTEM igfxsrvc dll O - Service Symantec E... Read more

A:Yet another HJT thread!

Hello and welcome to TSF

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem a.s.a.p

You may wish to Subscribe to this thread (Thread Tools) so that you are notified when a reply has been made.

Please be patient with me during this

http://www.techsupportforum.com/forums/f284/yet-another-hjt-thread-47444.html
Relevancy 31.39%

My sister posted this thread on the 29th and last bump was on the 13 could someone please check this thread out
Thanx

http://www.techsupportforum.com/foru...-n-621105.html

A:Can some please look at this thread

Hello qtpiesmom,

Sorry for the delayed response, but your sister has just received a reply in her thread. This forum is very busy and it takes a while to receive help. Not providing the required logs, and bumping her topic multiple times did not work on her favor either as it made it appear as if it was being handled.

Now that she has received a reply, this thread will be closed.

http://www.techsupportforum.com/forums/f100/can-some-please-look-at-this-thread-625035.html
Relevancy 31.39%

I just updated my computer from 512 mb of ram to 2 gigs of Corsair. My computer seems to be running faster, but I ran 3DMark05 and my scores were actually worse than before.

My mobo, a Biostar P4TSV, has 4 slots. Originally, it came with two 256's in slots 1 and 3, so to upgrade my memory, I just took those out and replaced them with 1 gig's. The slot colors matched up, so i figured I was alright :stickout: Guess I was wrong.

Did I do anything wrong? Is there something I don't know about?

And, while I have a thread going, once I get this worked out would it be possible to put my 256's in slots 2 and 4 to further increase the memory?
 

http://www.techspot.com/community/topics/another-ram-thread.40433/
Relevancy 31.39%

PLEASE HELP MY COMPUTER HAS PROBLEMS SHUTTING DOWN THE IS 2nd new thread STUFF ATTACHED TO MY FAVOURITES MY HOME PAGE HAS CHANGED AND SOME PROGAMMES DO NOT RUN Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer 2nd new thread v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C Program Files Norton AntiVirus navapsvc exe C Program Files Norton AntiVirus AdvTools NPROTECT EXE C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Adaptec Easy CD Creator DirectCD DirectCD exe C WINDOWS System ctfmon exe C Program Files Messenger msmsgs exe C Program Files Internet Explorer IEeng exe C windows dllhlp exe C Program Files Windows Media Player wmplayer exe C Program Files Internet Explorer iexplore exe C WINDOWS System wuauclt exe C WINDOWS System wuauclt exe C HJT HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http your-searcher com sp htm R - HKCU Software Microsoft Internet Explorer Main Search Page http your-searcher com index htm R - HKCU Software Microsoft Internet Explorer Main Start Page http your-searcher com index htm R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http your-searcher com sp htm R - HKCU Software Microsoft Internet Explorer SearchURL Default http your-searcher com index htm O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run ccApp C Program Files Common Files Symantec Shared ccApp exe O - HKLM Run ccRegVfy C Program Files Common Files Symantec Shared ccRegVfy exe O - HKLM Run Advanced Tools Check C PROGRA NORTON AdvTools ADVCHK EXE O - HKLM Run NeroCheck C WINDOWS System NeroCheck exe O - HKLM Run AdaptecDirectCD quot C Program Files Adaptec Easy CD Creator DirectCD DirectCD exe quot O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run IEengine C Program Files Internet Explorer IEeng exe O - HKCU Run dllhelp c windows dllhlp exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - Extra 'Tools' menuitem Messenger - FB F -F - d -BB E- C F - C Program Files Messenger MSMSGS EXE O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - HKLM System CCS Services Tcpip EECC - B- AE - CB- C B C NameServer O - HKLM System CS Services Tcpip EECC - B- AE - CB- C B C NameServer

A:2nd new thread

This is a popular one i've noticed. Even had this Win Min error myself. HJT does fix it. Along with Ad-Aware.

Read up in the Solved HJT forum (a sub forum to this one) while somebody tells you to delete

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://your-searcher.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://your-searcher.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://your-searcher.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://your-searcher.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://your-searcher.com/index.htm

and the exe files causing the to reappear.

IEengine.exe i think one... but it appears you may have 2 or 3, maybe more living in there.. But i'll let someone experienced advice you properly.

http://www.techsupportforum.com/forums/f284/2nd-new-thread-26751.html
Relevancy 31.39%

the specific problem the reason for this log is msmngrs exe but considering my mom has let security holes go unplugged for so long there's probably some other HJT thread. stuff to take care of too time IS of the essence as i'd like to get this fixed because mom is insisting that she take the computer to compUSA- which i'd rather not do because HJT thread. why pay for tech support when i can get it for free i told her the problem can be ignored long enough for her to get some work done but HJT thread. she's not having it Logfile of HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes C WINNT System smss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system svchost exe C WINNT System svchost exe C WINNT system spoolsv exe C WINNT System Ati evxx exe C Program Files NavNT defwatch exe C Program Files Eset nod krn exe C Program Files NavNT rtvscan exe C WINNT system MSTask exe C WINNT system stisvc exe C WINNT System WBEM WinMgmt exe C WINNT system svchost exe C WINNT system MsgSys EXE C WINNT Explorer EXE C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C WINNT GWMDMMSG exe C WINNT GWHotKey exe C WINNT system PRPCUI exe C Program Files Adaptec Easy CD Creator DirectCD DirectCD exe C Program Files Common Files Adaptec Shared CreateCD CreateCD exe C WINNT system NWTRAY EXE C Program Files NavNT vptray exe C WINNT System spool drivers w x hpztsb exe C WINNT system dpmw exe C WINNT system spool DRIVERS W X E S I L EXE C Program Files QuickTime qttask exe C Program Files Eset nod kui exe C Program Files Microsoft Office Office OLFSNT EXE C Program Files EPSON EPSON CardMonitor EPSON CardMonitor exe C Program Files Remote Desktop Control apc host exe C Program Files Mozilla Firefox firefox exe C PROGRA WinZip winzip exe C HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www srsdeaf org O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - Toolbar amp Radio - E - F- D - E- A C - C WINNT system msdxm ocx O - HKLM Run Synchronization Manager mobsync exe logon O - HKLM Run ATIModeChange Ati mdxx exe O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run GWMDMMSG GWMDMMSG exe O - HKLM Run GWMDMpi C WINNT GWMDMpi exe O - HKLM Run Multi-function Keyboard GWHotKey exe O - HKLM Run PRPCMonitor PRPCUI exe O - HKLM Run AdaptecDirectCD quot C Program Files Adaptec Easy CD Creator DirectCD DirectCD exe quot O - HKLM Run CreateCD quot C Program Files Common Files Adaptec Shared CreateCD CreateCD exe quot -r O - HKLM Run NWTRAY NWTRAY EXE O - HKLM Run vptray C Program Files NavNT vptray exe O - HKLM Run HPDJ Taskbar Utility C WINNT System spool drivers w x hpztsb exe O - HKLM Run NDPS C WINNT system dpmw exe O - HKLM Run EPSON Stylus CX C WINNT system spool DRIVERS W X E S I L EXE P quot EPSON Stylus CX quot O quot USB quot M quot Stylus CX quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run nod kui quot C Program Files Eset nod kui exe quot WAITSERVICE O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Global Startup Symantec Fax Starter Edition Port lnk C Program Files Microsoft Office Office OLFSNT EXE O - Global Startup Adobe Gamma Loader exe lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Global Startup EPSON CardMonitor lnk C Program Files EPSON EPSON CardMonitor EPSON CardMonitor exe O - Extra button Real com - CD F -D E - d - FE- C F AFE - C WINNT System Shdocvw dll O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - Winlogon Notify NavLogon - C WINNT System NavLogon dll O - Service Ati HotKey Poller - Unknown owner - C WINNT System Ati evxx exe O - Service DefWatch... Read more

A:HJT thread.

I see you have more than one Anti-Virus program installed, NOD32 and Norton. While this may seem like greater protection, it can cause problems including slowdowns and system hangs. Choose one to keep and uninstall the other.

Any antivirus program must be removed via add/remove program.
For any program that doesn't have an add/remove entry, you will have to do this:re-install the program -> reboot -> uninstall-----------------------------------------------------------------------

Please go to: VirusTotalAt the top of the page you'll find a "Browse" button. Click the "Browse" button and browse to this file in BOLD:

C:\WINNT\msmngrs.exe

Click "Open".
Then click the "Send" button at the top of the VirusTotal page.
This will scan the file. Please be patient.
Once scanned, copy and paste the results in your next reply along with a new HijackThis log.


---------------------------------------------------------------------------------------------

http://www.techsupportforum.com/forums/f284/hjt-thread-132407.html
Relevancy 31.39%

Hi,

I received a MSN pop up message which says "Heeey! I saw a picture online and im definately sure its you , the one on the left rite?? ". I accidently clicked on it and was led to a website. I closed it immediately.

Now, my MSN contacts kept receiving similar pop up messages even though i was not log in. I run Norton and confirmed there was no virus. But my contacts kept receiving it. I went to the extend of closing my MSN account, including Windows Live, but my contacts still receive it.

I suspect my account as well as my contacts' account have been captured by the website which auto generate such messages.

Anybody here knows how to solve this problem?

Thanks
 

https://forums.techguy.org/threads/msn-thread.816620/
Relevancy 31.39%

Hi previously i posted a HJT log but i failed to recieve any help regarding it i am thread! with HJT Help posting a HJT log Help with HJT thread! again what happen actually was that whenever i am surfing just the net a blue screen appears with quot dump of physical memory quot i suspect this is a virus here s the HJT log pls advise Logfile of HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes C WINNT System smss exe C WINNT SYSTEM winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system Ati evxx exe C WINNT system svchost exe C WINNT system spoolsv exe C WINNT System svchost exe C WINNT system LckFldService exe C Program Files Common Files Panda Software PavShld pavprsrv exe C Program Files Panda Software Panda Titanium Antivirus Pavsrv exe C WINNT system regsvc exe C WINNT system MSTask exe C Program Files Panda Software Panda Titanium Antivirus AVENGINE EXE C WINNT system stisvc exe C WINNT system ZONELABS vsmon exe C WINNT System WBEM WinMgmt exe C WINNT system svchost exe C WINNT SYSTEM Ati evxx exe C WINNT Explorer EXE C Program Files ATI Technologies ATI Control Panel atiptaxx exe C Program Files Panda Software Panda Titanium Antivirus APVXDWIN EXE C WINNT system msgfix exe C PROGRA ZONELA ZONEAL zlclient exe C Program Files Meaya Popup Ad Filter PopFilter exe C WINNT system internat exe C Program Files Nikon NkView NkvMon exe C Program Files Panda Software Panda Titanium Antivirus WebProxy exe C WINNT system svchost exe C Program Files HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http g msn com SEENUS SAOS R - HKCU Software Microsoft Internet Explorer Main Start Page http www soccernet com R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www soccernet com O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - Toolbar msdxmLC dll email protected amp Radio - E - F- D - E- A C - C WINNT System msdxm ocx O - HKLM Run Synchronization Manager mobsync exe logon O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run APVXDWIN quot C Program Files Panda Software Panda Titanium Antivirus APVXDWIN EXE quot s O - HKLM Run Configuration Loader msgfix exe O - HKLM Run Auto Start svhost exe O - HKLM Run Zone Labs Client C PROGRA ZONELA ZONEAL zlclient exe O - HKLM RunServices Configuration Loader msgfix exe O - HKLM RunServices Auto Start svhost exe O - HKCU Run Popup Ad Filter C Program Files Meaya Popup Ad Filter PopFilter exe O - HKCU Run internat exe internat exe O - HKCU Run SetDefaultMIDI MIDIDef exe O - HKCU Run Auto Start svhost exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Global Startup NkvMon exe lnk C Program Files Nikon NkView NkvMon exe O - Global Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Extra button ICQ Pro HKLM O - Extra Tools menuitem ICQ HKLM O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - DPF Yahoo Graffiti - http download games yahoo com games clients y grt x cab O - DPF Yahoo Literati - http download games yahoo com games clients y tt x cab O - DPF Yahoo Pool - http download games yahoo com games clients y potc x cab O - DPF B BCA- F C- CF- - Shockwave ActiveX Control - http download macromedia com pub shockwave cabs director sw cab O - DPF F-F B- B D- DF- B B Minesweeper Flags Class - http messenger zone msn com binary MineSweeper cab O - DPF FC A E- - E - - DB PPSDKActiveXScanner MainScreen - http www pestscan com scanner axscanner cab O - DPF D - - - - AA B - http download microsoft com download F E F E A - E - E - F F- C wmv VCM CAB O - DPF CEC E - - C -A E- F DCD F DDSC Class - http inet rgs edu sg rgsstudent Portal resources msddsc cab O... Read more

A:Help with HJT thread!

Hi

Run hijackthis again and put a checkmark against these entries....double check
in case you miss anything....
.....then,close all browser and outlook windows including this one and "fix checked"

O4 - HKLM\..\Run: [Configuration Loader] msgfix.exe
O4 - HKLM\..\Run: [Auto Start] svhost.exe
O4 - HKLM\..\RunServices: [Configuration Loader] msgfix.exe
O4 - HKLM\..\RunServices: [Auto Start] svhost.exe
O4 - HKCU\..\Run: [Auto Start] svhost.exe

Reboot into safe mode by following instructions here: http://helpdesk.its.bethel.edu/resnet/Documents/Antivirus/Safemode.html
then as some of the files or folders you need to delete may be hidden do this:
Open Windows Explorer & Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and untick "hide extensions for known file types" . Now click "Apply to all folders"
Click "Apply" then "OK"

Locate and delete:
C:\WINNT\system32\msgfix.exe
C:\WINNT\system32\svhost.exe
NOTE: The spelling "SVHOST"......The legitimate file is"SVCHOST"!!!

Boot back into normal mode and see if things are ok.
 

https://forums.techguy.org/threads/help-with-hjt-thread.234898/
Relevancy 31.39%

Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss Please See This Thread exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS Explorer EXEC WINDOWS system spoolsv exeC Program Files Java jre bin jusched exeC Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exeC WINDOWS system ctfmon exeC Program Files Messenger msmsgs exeC Program Files Logitech SetPoint SetPoint exeC Program Files Common Files Logitech KHAL KHALMNPR EXEC PROGRA Grisoft AVGFRE avgamsvr exeC PROGRA Grisoft AVGFRE avgupsvc exeC PROGRA Grisoft AVGFRE avgemc exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC WINDOWS Please See This Thread system svchost exeC Program Files TuneUp Utilities Integrator exeC Program Files TuneUp Utilities MemOptimizer exeC Program Files Internet Explorer iexplore exeC Program Files Internet Explorer iexplore exeC Please See This Thread Program Files Internet Explorer iexplore exeC Program Files Adobe Acrobat Reader AcroRd exeC Program Files MSN Messenger msnmsgr exeC Program Files Internet Explorer iexplore exeC Documents and Settings Sean Desktop Anti-virus HijackThis exeR - HKLM Software Microsoft Internet Explorer Search SearchAssistant O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no Please See This Thread name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exeO - HKLM Run Logitech Hardware Abstraction Layer KHALMNPR EXEO - HKLM Run Adobe Photo Downloader quot C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe quot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run msnmsgr quot C Program Files MSN Messenger msnmsgr exe quot backgroundO - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot backgroundO - Global Startup Logitech SetPoint lnk C Program Files Logitech SetPoint SetPoint exeO - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dllO - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dllO - Extra button no name - d f - f - d - - c a - windir bdoscandel exe file missing O - Extra 'Tools' menuitem Uninstall BitDefender Online Scanner v - d f - f - d - - c a - windir bdoscandel exe file missing O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS OFFICE REFIEBAR DLLO - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - DPF D DDB -BDF - B- E E-D F EE BDSCANONLINE Control - http download bitdefender com resources scan oscan cabO - DPF E D DE - - -A - DFAD A D MessengerStatsClient Class - http messenger zone msn com binary Messe nt cab cabO - DPF A A - DA - DAF-B - F E E ActiveScan Installer Class - http acs pandasoftware com activescan as free asinst cabO - Protocol msnim - A - C - - F- E F - quot C PROGRA MSNMES msgrapp dll quot file missing O - Winlogon Notify WgaLogon - C WINDOWS SYSTEM WgaLogon dllO - Service AVG Alert Manager Server Avg Alrt - GRISOFT s r o - C PROGRA Grisoft AVGFRE avgamsvr exeO - Service AVG Update Service Avg UpdSvc - GRISOFT s r o - C PROGRA Grisoft AVGFRE avgupsvc exeO - Service AVG E-mail Scanner AVGEMS - GRISOFT s r o - C PROGRA Grisoft AVGFRE avgemc exeO - Service TuneUp WinStyler Theme Service TUWinStylerThemeSvc - TuneUp Software GmbH - C Program Files TuneUp Utilities WinStylerThemeSvc exe

A:Please See This Thread

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:Preparation Guide For Use Before Posting A Hijackthis LogPlease also post the problems you are having.

http://www.bleepingcomputer.com/forums/t/67047/please-see-this-thread/
Relevancy 31.39%

Thanks for closing the thread....if you looked ahead you would have seen that I did post to my original thread numerous times to no avail....sorry I bothered you...
 

https://forums.techguy.org/threads/new-thread.379986/
Relevancy 31.39%

Recently my roommates computer started acting up with spyware this and that not really too sure on those Another thread help details But it seems like whatever he had jumped through the Another help thread network and is now messing with Another help thread my computer A lot of the time when I leave my computer for a minute and come back to it there s an AVG pop up saying quot threat detected quot So I choose the quot heal quot option and it either A closes and does nothing or B tells me it can t find the files which leads me to believe its from my roommates computer but what do i know In avg not sure right now because it hasn t popped in a while it generally says something about trojans and svchost exe Again I could be wrong if I am I ll update you Here s my hijackthis log after a fresh restart Seems like a ton of crap I don t use any of those things whatsoever School me Oh mid post I just got a sweet pop up for quot antivirus quot hey buy me no thanks Pleeease help me stop this Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes I WINDOWS System smss exe I WINDOWS system winlogon exe I WINDOWS system services exe I WINDOWS system savedump exe I WINDOWS system lsass exe I WINDOWS system Ati evxx exe I WINDOWS system svchost exe I WINDOWS System svchost exe I WINDOWS system Ati evxx exe I WINDOWS system spoolsv exe I WINDOWS Explorer EXE I Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe I PROGRA AVG AVG avgwdsvc exe I Program Files Adobe Reader Reader Reader sl exe I PROGRA AVG AVG avgtray exe I WINDOWS System svchost exe I WINDOWS system rundll exe I PROGRA AVG AVG avgrsx exe I WINDOWS system svchost exe I PROGRA AVG AVG avgemc exe I Program Files Trend Micro HijackThis HijackThis exe O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - I Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO RealPlayer Download and Record Plugin for Internet Explorer - C E -B - BC - - C CA - C Program Files Real RealPlayer rpbrowserrecordplugin dll O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - I Program Files AVG AVG avgssie dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - I Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO no name - c e - ea - a - e - e a d - I WINDOWS system notugogi dll O - HKLM Run Adobe Reader Speed Launcher quot I Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run AVG TRAY I PROGRA AVG AVG avgtray exe O - HKLM Run MSConfig I WINDOWS PCHealth HelpCtr Binaries MSConfig exe auto O - HKLM Run gokirunoya Rundll exe quot I WINDOWS system yehanibi dll quot s O - HKLM Run a f rundll exe quot I WINDOWS system fobineru dll quot b O - HKLM Run CPMfb b Rundll exe quot i windows system mikusedi dll quot a O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKUS S- - - Run gokirunoya Rundll exe quot I WINDOWS system yehanibi dll quot s User LOCAL SERVICE O - HKUS S- - - Run gokirunoya Rundll exe quot I WINDOWS system yehanibi dll quot s User NETWORK SERVICE O - Extra button no name - B E C - FCB- CF-AAA - C - I Program Files Java jre bin ssv dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - I Program Files Java jre bin ssv dll O - Extra button AIM - AC E - - d -BC D- B D A DE - I Program Files AIM aim exe O - Extra button Messenger - FB F -F - d -BB E- C F - I Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - I Program Files Messenger msmsgs exe O - Protocol linkscanner - F C- F - D -A D -FBDDE F D - I Program Files AVG AVG avgpp dll O - AppInit DLLs avgrsstx dll I WINDOWS system pukibobu dll i windows system mikusedi dll O - SSODL SSODL - EC E FD- C - a - D -E B DBDD C - i windows system mikusedi dll O - SharedTaskScheduler STS - EC E FD- C - a - D -E B DBDD C - i windows syste... Read more

https://forums.techguy.org/threads/another-help-thread.780462/
Relevancy 31.39%

Hi guys well had heaps of trouble with this particular variant of CWS that s infected in my machine at the moment CWShredder doesn t detect anything when I run HJT I get the following log F - win ini run CWS HJT Thread Please Log Help Another C WINDOWS SYSTEM cmmpu exe O - BHO no name - FAEB - F B- c -BAE - A CA F E - C WINDOWS SYSTEM POMBLZ DLL O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar DAP Bar - - FC- baf- C C-BCE BD F - C PROGRAM FILES DAP DAPIEBAR DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - Another CWS Thread HJT Log Help Please HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run Mirabilis ICQ C Program Files ICQ ICQNet exe O - HKLM Run LoadQM loadqm exe O - HKLM Run vptray C Another CWS Thread HJT Log Help Please PROGRA SYMANT SYMANT vptray exe O - HKLM Run Control handler C WINDOWS SYSTEM VFOXF T ZTHD EXE O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices rtvscn C PROGRA SYMANT SYMANT rtvscn exe O - HKLM RunServices defwatch C PROGRA SYMANT SYMANT defwatch exe O - HKLM RunServices WinTools C PROGRA COMMON WINTOOLS WTOOLSA EXE O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - HKCU Run romahere C WINDOWS SYSTEM NK I UDHZ E EXE O - HKCU RunOnce ICQ C PROGRAM FILES ICQ ICQ EXE -trayboot O - Extra context menu item amp Download with amp DAP - C PROGRA DAP dapextie htm O - Extra context menu item Download amp all with DAP - C PROGRA DAP dapextie htm O - Extra button ICQ Pro - f -cba - -b - cb cd - C Program Files ICQ ICQ exe O - Extra Tools menuitem ICQ - f -cba - -b - cb cd - C Program Files ICQ ICQ exe O - Extra button Messenger - BBE - E - D -AD - D AD - C PROGRAM FILES YAHOO MESSENGER YHEXBMES DLL O - Extra Tools menuitem Yahoo Messenger - BBE - E - D -AD - D AD - C PROGRAM FILES YAHOO MESSENGER YHEXBMES DLL O - Extra button Run DAP - BC-A - A D- CDF-BA C F C - C PROGRA DAP DAP EXE O - DPF D F C -CB - EA - D - F EACC F B InstallShield Setup Player K - http www ipswitch com installs wsftp le setup exe O - DPF B F - - C -AA A- BB YAddBook Class - http us dl yimg com download yahoo com dl installs suite autocomplete cab O - DPF E D DE - - -A - DFAD A D MessengerStatsClient Class - http messenger zone msn com binary MessengerStatsClient cab cab O - DPF F BF D - B A- A -BF B-F AF Solitaire Showdown Class - http messenger zone msn com binary SolitaireShowdown cab cab O - DPF B CFB- - -A -C A C Checkers Class - http messenger zone msn com binary msgrchkr cab cab O - DPF F-F B- B D- DF- B B Minesweeper Flags Class - http messenger zone msn com binary MineSweeper cab cab O - DPF F E B A- A - CA- - D CB MSN Photo Upload Tool - http by fd bay hotmail msn com resources MsnPUpld cab Ok so I know that the following items are suspect O - BHO no name - FAEB - F B- c -BAE - A CA F E - C WINDOWS SYSTEM POMBLZ DLL O - HKLM Run Control handler C WINDOWS SYSTEM VFOXF T ZTHD EXE O - HKCU Run romahere C WINDOWS SYSTEM NK I UDHZ E EXE I have deleted these items and they are back before you know it when running ad-aware it picks up a few registry entries related to CWS also So need help guys have defeated this nightmare malware many times before but it seems to have beaten me this time any help would be much appreciated Thanks nbsp

A:Another CWS Thread HJT Log Help Please

Hi cybaturtle

Welcome to TSG!

Please repost your Hijack This log. You didn't post all of it. We need to see the whole thing. Open the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply.
 

https://forums.techguy.org/threads/another-cws-thread-hjt-log-help-please.310683/
Relevancy 31.39%

Hello again I ve been getting help in the HJT forum and was just finishing up on the last (see Did Really Hjt I Me) Help Thread By Now of SifuMike s advice when I tried to run something by Kaspersky I suspect I followed his directions wrong but whatever I ran from Kaspersky crashed my computer to where I couldn t even reboot except in safe mode I tried to do a System Restore and was given some error message - the gist of which was that it Now I Really Did Help (see Hjt Thread By Me) was not possible to restore the computer to an earlier date yes restore was enabled I couldn t even open the add remove programs in the Now I Really Did Help (see Hjt Thread By Me) control panel I am now on an old laptop that hasn t been updated since and am being flooded with popups and messages from an old version of Norton s firewall that tell me Microsoft s Logon Utility wants to access the internet Since I m already on the amp internet I told the firewall to block all these attempts so I could have peace long enough to type this Please help Is my real computer even fixable Why did it crash NOW after all this time and effort I have probably spent about hours on this OK done whining I m going to see if turning off the power on my other computer fixed anything but I doubt it aelfgifa

A:Now I Really Did Help (see Hjt Thread By Me)

Have you posted back to let SifuMike know about this? If not, you should.

http://www.bleepingcomputer.com/forums/t/52087/now-i-really-did-help-see-hjt-thread-by-me/
Relevancy 31.39%

Hello First off I have done hours of searching for the past days and every attempt failed My story I bought an external Seagate FreeAgent Pro HDD and ran it in Firewire Took it out of the box connected started the computer up and everything was dandy So I changed My Documents target Another thread. Hal.dll location and started Moving everything over from My Documents Well moving process got stuck multiple times so Another Hal.dll thread. I though quot Let Another Hal.dll thread. me boot Another Hal.dll thread. up in Safe Mode so nothing is running and the process should be seamless quot I restart and on restart the message quot of missing or corrupt hal dll in the windows root system So first off I tried every option from F but nothing worked Then Recovery Console which cannot see my internal HDD at all even though it shows up in BIOS The external is read fine when I want to install Windows but it seems I cannot install Windows or make a new partition on the external I can t gain access to any command except CHKDisk when I type in DOS and now in the Windows Setup window it shows my FreeAgent as drive C instead of Drive J Well I found out a final solution to hook up my internal HDD to another computer and edit Boot ini so I opened my friends Dell but damn it s IDE and I have SATA so I m out of luck there Seagate has nothing more to say then link me to Microsoft Help that doesn t solve anything I have ran all of Western Digitals nd Gen Caviar SE utilities for my internal and it passes with Flying Colors Why when booting up from Windows CD the drive is invisible but shows in BIOS and Diagnosis just fine Formatting can t be an option gigs of Photos and gigs of music It seems my last solution would be to buy another internal and hope that the computer recognizes the nd internal What can I do Thank you in advance I m willing to go far to get my internal HDD working again and how can Seagate get away with this nbsp

Relevancy 31.39%
Q: thread

ndt2.sys stop working
windows explorer stoping working and will restart this happen after you exit or close ,my computer program.

A:thread

Hi gsequeira,

Welcome to Vista Forums.

Bad news, this is a Trojan virus.

See this thread link for how to try and get rid of it.

Problems with virus, please help.. - TechSpot OpenBoards


If you do not care about losing anything, then I would format the hard drive and do a clean install, then do a very thorough antivirus scan to make sure that it is gone.

Sorry,
Shawn

http://www.vistax64.com/general-discussion/130860-thread.html
Relevancy 31.39%

Hi name is Jake Anyway let me take it from the top My computer runs on Win XP Home And it is a generic put together ghz megs of ram I know from this day this maybe old but she is still new to me Basically need thread to help New when I got XP a year or two ago it froze up New to thread need help Anyway I am in the process of reformatting the hard drive I am on my wife s PC this thing is old Anyway let me add I DLed alot of porn in my day I was running a horribly bad win on it first and during a DL gone wrong it froze and when I got it back running it had an New to thread need help unremovalbe icon on the desktop Well I installed THE FULL version on it and was happy go lucky until I went back to DLing porn Anyway I learned my lesson I enjoyed the free music but I want my computer back Are server is SBC yahoo and I am having a really tough time installing THAT and I have no means on getting her online but that way I followed a few instructions to get into BIOUSE program but can t get back into it to check out the PC health Don t know what that may do but who knows Feedback more then welcomed nbsp

Relevancy 31.39%

Many thanks to members who helped me earlier with a cheap build rig. I now have more money to spend and would like others to help with my build. This will be my first build. I have replaced parts but never built a pc from scratch. the parts I am considering are:

Mobo: http://www.newegg.com/Product/Product.aspx?Item=N82E16813121338
CPU: http://www.newegg.com/Product/Product.aspx?Item=N82E16819115036
CPU cooling: http://www.newegg.com/product/product.aspx?item=N82E16835186134
Memory: http://www.newegg.com/Product/Product.aspx?Item=N82E16820227297
GPU: http://www.newegg.com/Product/Product.aspx?Item=N82E16814121247
PSU: http://www.newegg.com/Product/Product.aspx?Item=N82E16817171023
HD: http://www.newegg.com/Product/Product.aspx?Item=N82E16822136012
Case: http://www.xoxide.com/cooler-master-centurion5.html

Total: $1585.91

Looking for comments/suggestions/criticisms/parts that would be better. Thanks in advance guys.
 

A:Yet another new rig thread

With the motherboard you've chosen two of the SATA connectors will be covered and unusable by the graphics card.
 

http://www.techspot.com/community/topics/yet-another-new-rig-thread.105638/
Relevancy 31.39%

i downloaded a real media file and when i played it i started to get some pop-ups and different IE windows opening what is the problem and how can first thread, need help i fix it thanks to anyone in advance Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS Explorer EXE C WINDOWS first thread, need help system spoolsv exe C WINDOWS system first thread, need help LEXPPS EXE C Program Files Java jre bin jusched exe C Program Files Zone Labs ZoneAlarm zlclient exe C PROGRA Grisoft AVGFRE avgcc exe C WINDOWS first thread, need help System alg exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C PROGRA Grisoft AVGFRE avgemc exe C Program Files Spyware Doctor sdhelp exe C WINDOWS System svchost exe C WINDOWS system ZoneLabs vsmon exe C Program Files Spyware Doctor swdoctor exe C Program Files Mozilla Firefox firefox exe C Program Files MSN Messenger msnmsgr exe C Documents and Settings JL Desktop hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO PCTools Site Guard - C B A - DB - A -A CB-D BBFEB - C PROGRA SPYWAR tools iesdsg dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO PCTools Browser Monitor - B A D D- - C -A - DF C AC - C PROGRA SPYWAR tools iesdpb dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run Lexmark X Series quot C Program Files Lexmark X Series lxbabmgr exe quot O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run Zone Labs Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Spyware Doctor - D D A- - D -A A - C B E E - C PROGRA SPYWAR tools iesdpb dll O - DPF B -A CF- C - F- CFC A Trend Micro ActiveX Scan Agent - http housecall trendmicro com housecall applet html native x win activex hcImpl cab O - DPF B A F- AA - -BA - E E B B - http www trendmicro com spyware-scan as web cab O - DPF B E - ECB- DA- C A- F A FF MsnMessengerSetupDownloadControl Class - http messenger msn com download MsnMessengerSetupDownloader cab O - Protocol msnim - A - C - - F- E F - quot C PROGRA MSNMES msgrapp dll quot file missing O - Service AVG Alert Manager Server Avg Alrt - GRISOFT s r o - C PROGRA Grisoft AVGFRE avgamsvr exe O - Service AVG Update Service Avg UpdSvc - GRISOFT s r o - C PROGRA Grisoft AVGFRE avgupsvc exe O - Service AVG E-mail Scanner AVGEMS - GRISOFT s r o - C PROGRA Grisoft AVGFRE avgemc exe O - Service LexBce Server LexBceS - Lexmark International Inc - C WINDOWS system LEXBCES EXE O - Service host Service For Windows mshosts - Unknown owner - C WINDOWS mshosts exe O - Service PC Tools Spyware Doctor SDhelper - PC Tools Research Pty Ltd - C Program Files Spyware Doctor sdhelp exe O - Service TrueVector Internet Monitor vsmon - Zone Labs LLC - C WINDOWS system ZoneLabs vsm... Read more

Relevancy 31.39%

guys i seem to have a virus or something first time ive ever had this so i am not sure what to do ive read the forum and tried the steps but nothing had happened here is my hijack log i dont know if it helps but i have downloaded Mcafee from comcast Yes :>(.. another help thread but i have it turned off because i read on the forum that i should Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP Yes another help thread :>(.. WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS Yes another help thread :>(.. system svchost exe C WINDOWS System svchost exe C PROGRA McAfee MSC mcmscsvc exe c PROGRA COMMON mcafee mna mcnasvc exe c PROGRA COMMON mcafee mcproxy mcproxy exe Yes another help thread :>(.. C PROGRA McAfee VIRUSS mcshield exe C Program Files McAfee MPF MPFSrv exe C Program Files Comcast Desktop Doctor bin sprtsvc exe C WINDOWS system svchost exe C WINDOWS Explorer EXE c PROGRA mcafee com agent mcagent exe C Program Files Web Technologies wcs exe C WINDOWS system devldr exe C PROGRA McAfee VIRUSS mcsysmon exe C WINDOWS system ctfmon exe C Program Files Comcast Desktop Doctor bin sprtcmd exe C Program Files Internet Explorer iexplore exe C Program Files Windows Defender MsMpEng exe c PROGRA mcafee VIRUSS mcvsshld exe C Program Files Web Technologies wcm exe C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www comcast net toolbar search R - HKCU Software Microsoft Internet Explorer Main Start Page about blank R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www comcast net toolbar search O - BHO Comcast Toolbar - E BD F- B D- E- BE-BE DF D AE - C PROGRA COMCAS COMCAS DLL O - BHO no name - B AF -D E- EA - C - FF FBBA - C Program Files Web Technologies iebt dll O - Toolbar Comcast Toolbar - E BD F- B D- E- BE-BE DF D AE - C PROGRA COMCAS COMCAS DLL O - HKLM Run Windows Defender quot C Program Files Windows Defender MSASCui exe quot -hide O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKLM Policies Explorer Run some C Program Files Web Technologies wcs exe O - Extra button no name - A -D - BE -A - DF BE E - http www iexplorergate com redirect php file missing O - Extra 'Tools' menuitem IE Anti-Spyware - A -D - BE -A - DF BE E - http www iexplorergate com redirect php file missing O - DPF EF A B-FC - C - EF-FB E A E McFreeScan Class - http download mcafee com molbin is mcfscan cab O - Service McAfee Services mcmscsvc - McAfee Inc - C PROGRA McAfee MSC mcmscsvc exe O - Service McAfee Network Agent McNASvc - McAfee Inc - c PROGRA COMMON mcafee mna mcnasvc exe O - Service McAfee Scanner McODS - McAfee Inc - C PROGRA McAfee VIRUSS mcods exe O - Service McAfee Proxy Service McProxy - McAfee Inc - c PROGRA COMMON mcafee mcproxy mcproxy exe O - Service McAfee Real-time Scanner McShield - McAfee Inc - C PROGRA McAfee VIRUSS mcshield exe O - Service McAfee SystemGuards McSysmon - McAfee Inc - C PROGRA McAfee VIRUSS mcsysmon exe O - Service McAfee Personal Firewall Service MpfService - McAfee Inc - C Program Files McAfee MPF MPFSrv exe O - Service SupportSoft Sprocket Service ddoctorv sprtsvc ddoctorv - SupportSoft Inc - C Program Files Comcast Desktop Doctor bin sprtsvc exe -- End of file - bytes bump here is the result of a dss scan Deckard's System Scanner v Extra logfile - please post this as an attachment with your post -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional build SP Architecture X Language English CPU Intel R Pentium R CPU GHz Percentage of Memory in Use Physical Memory total avail MiB MiB Pagefile Memory total avail MiB MiB Virtual Memory total avail MiB M... Read more

A:Yes another help thread :>(..

ive upgraded to sp3 but i am still getting alerts and the computer is so slow i only turn it on to check this site.. if i leave it on for more than 5mins screens pop up everywhere..thanks

http://www.techsupportforum.com/forums/f100/yes-another-help-thread-264117.html
Relevancy 31.39%

Xp to vista ultimate
Hello I am planning to upgrade from my XP Pro SP3 to Vista Ultimate SP1?
Is that alright? Will it be compatible with gaming?

I have an [email protected]
2GB of RAM
NVIDIA GeForce 9500 GT

Is it alright to upgrade? PLease comment.. Thanks..

A:Please help in my thread

Its ok, but make sure your motherboard's chipset will support vista.
I would do a clean install, ie wipe the harddrive first. You may find
you dont like vista. I dont care for it much. Just my personal opinion.

http://www.techsupportforum.com/forums/f10/please-help-in-my-thread-398848.html
Relevancy 31.39%

Hi I have got a new PC from a friend and I think its running slower than Thread HJK expected when online could you have a look at this HJK log and tell me what is wrong if there is anything wrong Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss HJK Thread exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Belkin Belkin Wireless Network Utility WLService exe C Program Files Norton SystemWorks Norton Ghost GhostStartService exe C Program Files Belkin Belkin Wireless Network Utility WLanCfgG exe C Program Files Norton SystemWorks Norton AntiVirus navapsvc exe C Program Files Java jre bin jusched exe C Program Files Norton SystemWorks Norton Utilities NPROTECT EXE C PROGRA NORTON SPEEDD nopdb exe C WINDOWS system msiexec exe C Program Files Mozilla Firefox firefox exe C WINDOWS system wuauclt exe C Documents and Settings Rob Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www hotmail com O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton SystemWorks Norton AntiVirus NavShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton SystemWorks Norton AntiVirus NavShExt dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dll O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS OFFICE REFIEBAR DLL O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Winlogon Notify WgaLogon - C WINDOWS O - Service Belkin Wireless USB Network Adapter Belkin Wireless USB Network Adapter Service - Unknown owner - C Program Files Belkin Belkin Wireless Network Utility WLService exe O - Service Symantec Event Manager ccEvtMgr - Symantec Corporation - C Program Files Common Files Symantec Shared ccEvtMgr exe O - Service Symantec Password Validation Service ccPwdSvc - Symantec Corporation - C Program Files Common Files Symantec Shared ccPwdSvc exe O - Service GhostStartService - Symantec Corporation - C Program Files Norton SystemWorks Norton Ghost GhostStartService exe O - Service Google Updater Service gusvc - Google - C Program Files Google Common Google Updater GoogleUpdaterService exe O - Service iPod Service - Apple Inc - C Program Files iPod bin iPodService exe O - Service Norton AntiVirus Auto Protect Service navapsvc - Symantec Corporation - C Program Files Norton SystemWorks Norton AntiVirus navapsvc exe O - Service Norton Unerase Protection NProtectService - Symantec Corporation - C Program Files Norton SystemWorks Norton Utilities NPROTECT EXE O - Service ScriptBlocking Service SBService - Symantec Corporation - C PROGRA COMMON SYMANT SCRIPT SBServ exe O - Service Speed Disk service - Symantec Corporation - C PROGRA NORTON SPEEDD nopdb exe Thanks in advance James nbsp

A:HJK Thread

What are the specs of the PC ....memory, CPU (processor) etc

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:

Download the latest version of Runtime Environment (JRE) 6 Update
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.

Reboot your computer once all Java components are removed.

Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.
Re-Start your Computer
 

https://forums.techguy.org/threads/hjk-thread.588367/
Relevancy 31.39%

OK guys here we go I had a friend reformat my PC a few weeks 1st thread ago and it seems that there is no DVD software to be found Does this mean that 1st thread it was a p rated copy I have tried to watch a few DVD s and nothing pops 1st thread up on auto-run My Media Player has an error code quot Error ID xC D A Condition ID x quot I dod not want to have to download a whole new software packet ie InterVideo Gold or Plat b c simply as a GI I cant afford such things Any help would be great helpful info below OS Name Microsoft Windows XP Professional Version Service 1st thread Pack Build OS Manufacturer Microsoft Corporation System Name THUNDAR-L AL T System Manufacturer INTEL System Model D PESV System Type X -based PC Processor x Family Model Stepping GenuineIntel Mhz BIOS Version Date Intel Corp SV A A P SMBIOS Version Windows Directory C WINDOWS System Directory C WINDOWS system Boot Device Device HarddiskVolume Locale United States Hardware Abstraction Layer Version quot xpsp sp rtm - quot User Name THUNDAR-L AL T marGabriel Bleuwater Time Zone W Europe Daylight Time Total Physical Memory MB Available Physical Memory MB Total Virtual Memory GB Available Virtual Memory GB Page File Space GB Page File C pagefile sys oh and how do i update my profile thanks all who view and help Gabriel nbsp

A:1st thread

oh and i did updats alll codecs.
me
 

https://forums.techguy.org/threads/1st-thread.384652/
Relevancy 31.39%

I haven't done a WHOLE bunch of research into the SSD market and it's offerings.
My understanding is Intel has the best SSD out there to hold your Operating System and programs.

That being said...what is different about these drives from MicroCenter and Intel?

The MicroCenter drives have NAND and Intel chipsets in them.
If the name on the drive and/or the box is the only difference, suddenly...I see myself getting an SSD soon.

Take a look:

Micro Center - Internal Drives > Private Label Internal SSD/Solid State Drives

A:Another SSD Thread

  
Quote: Originally Posted by dajogejr


I haven't done a WHOLE bunch of research into the SSD market and it's offerings.
My understanding is Intel has the best SSD out there to hold your Operating System and programs.

That being said...what is different about these drives from MicroCenter and Intel?

The MicroCenter drives have NAND and Intel chipsets in them.
If the name on the drive and/or the box is the only difference, suddenly...I see myself getting an SSD soon.

Take a look:

Micro Center - Internal Drives > Private Label Internal SSD/Solid State Drives


I don't know about these "microcenter" drives, but be careful. The controller and the grade of NAND id the difference between most SSDs. Look into what type of controller the drive has and read some reviews before you buy. If you're spending that kind of money....why not get an OCZ, Intel, Patriot, etc. Something with a good warranty and that has been tested. My Patriot Torqx has lasted about a year now and is still going strong. Intel and OZC (and many others) are good too. This brand MAY be good, but be careful. All the best.

http://www.sevenforums.com/hardware-devices/72647-another-ssd-thread.html
Relevancy 31.39%

I had posted a thread earlier today and it appears to be gone. Any suggestions for how to get it back, or should I start a new post?

http://www.bleepingcomputer.com/forums/topic471240.html

A:My thread is gone?

My error ,I fixed it. It is here

http://www.bleepingcomputer.com/forums/topic471240.html

http://www.bleepingcomputer.com/forums/t/471279/my-thread-is-gone/
Relevancy 31.39%

hello out their

i have been trying to get my C++ code onto this site i have tried copy and pasting the code into here, tried attatching the code as txt files, but i still cannot post the code.

any ideas as i realy need youre help with the code

thanks
bingobongo
 

A:how do i get thread onto here

[code]
code goes here
[/code]
 

https://forums.techguy.org/threads/how-do-i-get-thread-onto-here.354033/
Relevancy 31.39%

OK Pissin me off gt lt The virus won't let me see that previous thread now so if possible e-mail me all the things you want me to do caged macbeth at gmail com and if possible try to not use the words formatsys exe formatsys msmbw exe msmbw serbw exe and serb it seems to crash the window that has let me now... that It see thread won't those words int it or something I'm not really sure Also I'll be on AOL all night so talk to me on there if you can cagedmacbeth and Yahoo Cage Macbeth my ICQ is also - - anyhelp is appreceiated thanks -caged macbeth- --UPDATE--- I think it's letting me view this thread so post the help here if you want hopefully it'll work but i'd prefere to be e-mailed or talked to on one of the messengers i have above also I really want to say sorry It won't let me see that thread now... for the hassle this may have been on you guys I really really appreciate the help

A:It won't let me see that thread now...

Try AVG

ht t p://g ri soft.com (I've taken apart the link in case your infection picks it up)

This is a great program; hopefully it can remove whatever's on there.

http://www.techsupportforum.com/forums/f10/it-wont-let-me-see-that-thread-now-43021.html
Relevancy 31.39%

can anyone analyze this HJT log and let me know what I need to do Also I have this URL Im about to paste that pops up like - times a day at random times anyone know anything about it or how to remove Ive run adaware peperfix cwshredder and spybot search and destroy Here it is thanks http x cb kount com pop ad noadware Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running thread HJT URL and processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program HJT thread and URL Files Cisco Systems VPN Client cvpnd exe C WINDOWS system spoolsv exe C PROGRA COMMON AOL ACS AOLacsd exe C WINDOWS wanmpsvc exe C WINDOWS System MsPMSPSv exe C WINDOWS Explorer EXE C PROGRA NORTON navapw exe C Program Files Common Files Real Update OB realsched exe C WINDOWS System RUNDLL EXE C Program Files Common Files AOL ACS AOLDial exe C PROGRA COMMON AOL AOLSPY AOLSP Scheduler exe C Program Files Logitech MouseWare system em exec exe C Program Files Java j re bin jusched exe C WINDOWS System devldr exe C Program Files The All-Seeing Eye eye exe C Program Files Internet Explorer iexplore exe C Documents and Settings Jeff Spence Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www azcentral com R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com HJT thread and URL R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost R - HKCU Software Microsoft Internet Explorer Main Start Page bak http www usatoday com O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run NAV Agent C PROGRA NORTON navapw exe O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run Logitech Utility Logi MwX Exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS System NvMcTray dll NvTaskbarInit O - HKLM Run AOLDialer C Program Files Common Files AOL ACS AOLDial exe O - HKLM Run AOL Spyware Protection quot C PROGRA COMMON AOL AOLSPY AOLSP Scheduler exe quot O - HKLM Run AceGain LiveUpdate C Program Files AceGain LiveUpdate LiveUpdate exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKCU Run MoneyAgent quot C Program Files Microsoft Money System Money Express exe quot O - HKCU Run Microsoft Works Update Detection C Program Files Microsoft Works WkDetect exe O - HKCU Run MProcessor quot C Program Files MProcessor mprocessor exe quot O - HKCU Run NvMediaCenter RUNDLL EXE C WINDOWS System NVMCTRAY DLL NvTaskbarInit O - HKCU Run dgnet b exe quot C WINDOWS System dgnet b exe quot O - HKCU Run kbdusl l exe quot C WINDOWS System kbdusl l exe quot O - HKCU Run olecnv o exe quot C WINDOWS System olecnv o exe quot O - HKCU Run ares quot C Program Files Ares Ares exe quot -h O - Global Startup America Online Tray Icon lnk C Program Files America Online a aoltray exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra context menu item amp AOL Toolbar search - res C Program Files AOL Toolbar toolbar dll SEARCH HTML O - Extra context menu item amp Google Search - res C Program Files Google GoogleToolbar dll cmsearch html O - Extra context menu item Backward amp Links - res C Program Files Google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cac... Read more

A:HJT thread and URL

Run hijackthis again and put a checkmark against these entries....double check
in case you miss anything....
.....then,close all browser and outlook windows including this one and "fix checked"

O4 - HKCU\..\Run: [MProcessor] "C:\Program Files\\MProcessor\mprocessor.exe"
O4 - HKCU\..\Run: [dgnet1090b.exe] "C:\WINDOWS\System32\dgnet1090b.exe"
O4 - HKCU\..\Run: [kbdusl455l.exe] "C:\WINDOWS\System32\kbdusl455l.exe"
O4 - HKCU\..\Run: [olecnv321001o.exe] "C:\WINDOWS\System32\olecnv321001o.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O16 - DPF: {C8BAC37C-A8D2-425E-B7FC-80B9537FB14A} - http://www.spyblast.com/download/SBFullSInst.cab
O16 - DPF: {CA8A9780-280D-11CF-A24D-444553540000} (Adobe Acrobat Control for ActiveX) - http://jaxv1503.modispro.com/ebusin...at/ar505enu.exe

Reboot into safe mode by following instructions here: http://helpdesk.its.bethel.edu/resnet/Documents/Antivirus/Safemode.html
then as some of the files or folders you need to delete may be hidden do this:
Open Windows Explorer & Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files" and untick "hide extensions for known file types" . Now click "Apply to all folders"
Click "Apply" then "OK"

Locate and delete:
C:\Program Files\\MProcessor\mprocessor.exe"
C:\WINDOWS\System32\dgnet1090b.exe"
C:\WINDOWS\System32\kbdusl455l.exe"
C:\WINDOWS\System32\olecnv321001o.exe"
C:\Program Files\Ares
==============================
Empty the Recycle Bin.

Open internet Explorer Click on "Tools">"Internet Options">And delete temp internet files.
And clean out your %Userprofile%\Local Settings\Temp
folder. [It's a good idea to do that regularly.]
==============================
Go to Internet Options>Programs
Click the "Reset Web Settings" Button to reset your prefered home and search pages.
==============================
Turn off System Restore:

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
Restart your computer.

When you are sure you are clean turn it back on and create a restore point.
 

https://forums.techguy.org/threads/hjt-thread-and-url.253857/
Relevancy 31.39%

win pro kaspersky anti virus not sure where this goes thread installed new and everything updated drivers blah blah blah login to Fb and get this Ji h q lt not sure where this goes thread OSa J k P t HBb t m U ZO RQ D UI H T a AG S Y u un u gt Q nx jf MJIg fW-H Rh chy M quot d L Z ir Q amp B BhZ amp hu Ph O s o quot - Fb -q amp b X quot z G quot p U n quot vq a k l Va m D M B Q -y M quot n w amp aY V lt L F L vH D amp e Qv k i K E r amp M QQ R g Y gt S QJ H etKy x lt c J E quot yg amp Sy n G pJ H n EF O n e Ip aqh U j A i Z Y lv I r l A H j po - M iXc V n K Di r YI G K bE K O X O w T k v R va X K k SW l s G kV m y vj f RH G L tW W p e aE K UX N x SV C w gt PL rH t lK e G t VWiv - gt X Wg z z gt Nc X z t e o a c u U j f d e ij UK E h KF u R L s F nb XB Z G B Jf f q q q SZ Y K c B H t J l r W i lt d g N j J K UU R T P F S Kd lt s B X Y a W r R a l lt I j p r lt q sl X N t p a n c l amp X Y a w f e Vc u O K J v E lt K M lt UI n V Z f Pj Nw l ak Sg o po bA w x f lt gt Ku b L amp Yn WNk m ykM m b W B N t x Q mk r V z t z p tny UI quot L amp l quot U I U C e O VN uz d Q G r V B l f lt g T P r SK quot g y r - K r a gFN B VU vh M nw B v V RC U TNv tV N b t x z Utk lI G eL ci K V a gt quot f PU f iFM ei D fCl X Kg V oZB W sp quot lA -zs gt Ed VdP ur K r Q A l T J X S j d n OY q N e x gt V Px E C l c quot G u- I tb Uu q V a r h p U- Z amp Q f H r V D u amp x v C V O X- u F f rh BU- UG R r c Xo - r BL D b TSz c v aJ b R M WD X qX D Y a w c J pp f K U dTO F fcZ amp Odw gt quot i G W O zH amp E E - Ml h gx b DC w l quot Hi lt R OU u S r BH T J Q dTTM a u S M Z F e h iO S h amp Ds iVP G D Hk p q Z W J D H i quot x V c T x l EL gt S d V gt K Q q p l F amp t v yKS M O u sX W S w Z jI v p V amp b l t v x o i B l N hQ I P amp Z Ef w PGV M bW l q quot g A K Z gz Rh f quot y-N z YW d q z u O FM s L amp - n KN amp Y l gt l gt ZGR FE T PId x -cQ e F HUC C x j Q amp O R lm gt b gt U R O r K -LV - J - V a x X x Ye F iS D lt q IL d L U r gt n v Z PwO j aa eX Q r g S n ZKo y H Cz H M amp Z a L D Cl Z R R R R R R R R R R Z O Br k n - VbdR gt R O l b- V PX E s V m a L Y AeU quot M Z Xk b-X L Y amp k dM a amp L Xk Xk gu tV Y Cgu V j X Ac h TV PY BeU U TV PX a U V PX E b X quot E Y Cfe yO l xR R u Q nO x X- Q a F g O u vq X z P p oU C P A N Mv m v C BV x fX e quot m rGU N LC Nw tV n G quot I b Bu k- l A Q T Fq e S s Y Q lt L J l Ci U Wo P z u px GTl x Y g wx T R OCN U C g M k lt D o YI t quot s d a S kA L K L BE IB a Ro O EY Zln v qz eam t x rV x amp k e gt i m w yo k N V WS w uF quot lt r mM W - gt YZ QU bd o lt b l dwO m N W l l v v M v o C S v I rt D L S gt AN D BNO U Pe r b N h sl c B lx D y S ZQ o Oo j k gt KvW xJ Z E O x E F I B G qU M b qjb vlvH M v nY R be G e - Gf V ivS quot N a o Z Ho lrW E gt h A m lt N y amp W q Zj S I n l lt V quot N Z V s sX J U QW L gt M amp S H -i Z oG G l H F E V N n c U w U L lKkG E d amp x y lt VO N C A quot amp B F Gc h W gt twv sp Y f amp - d v q zx qY amp C G D C Q j ac T O c j e F amp U lt lt S oN hDc x yT D dNM v hDc - y LJ Ds lt lt hDc c O gt Fc u amp f quot C Y g I I lt D c M tm c KE d L v lYIB r M IS z quot G l D e S L - kV O q j n i p q T R D q Eu z ii zm XO i r X l SG i Vg k S qV vG MVd Jt s i C N Nm Q gt JW k RY r m M v H A QxXA fEb Ch x f n v k aZt U M F - j w z w k v O H S p vvM O Y lE P C J x D A lt f n D - c B d D p j JW z X E IE EB Q O Sqq Td lt o W S n i I nZ Z Td O z EU i d E U Ty FfL Y n T O u c quot as jg q u s B Z d Z r K o C MXy y lt P h Y L H i iJ O y F c o q R S amp m lk amp p M oz y r T x S i t A y S u t t M G R K U lf f R q r ZG S mO f lym X b K ws Rq lu amp q s J U f i k y Mr J c R dW Jn J amp F RA h K zoa v R Zw Z K BQ L R N M e f z u w lt v n quot JVf Z q E- X P rM B n D ep M KG quot W gt Q M A SJ O J v a d Hv c Kw t w E amp d W x O rki o q i f Y Z Wm n r Rf lt u p fkm KS Z s l Kg i I w CY Yk fl o r N qRI f e G -M Ic y f o Mo e x a t Z g R O H b amp a f Uz amp A Z j M Y xc h x N bh quot - i C U q U g s f cF xO F J vX fQjK Z T d Q r XE amp v gt u o p v p W H e YM Uy D k gt F B quot yO A N D r ... Read more

A:not sure where this goes thread

Uhmmm... and?
 

https://hardforum.com/threads/not-sure-where-this-goes-thread.1901884/
Relevancy 31.39%

Pls see my thread in gadget section & give me a solution.

http://www.techsupportforum.com/forums/f100/pls-see-my-thread-457250.html
Relevancy 31.39%

I have a lenovo All in one. It lost sound so I tried the lenovo help forum. It had a lot of stuff about checkboxes etc. which didn't seem to relate to my problem. The chap trying to help, gave a download driver, which when I installed it did the trick. I expect you tech guy experts know this problem well, but in case you don't, http://support.lenovo.com/en_US/downloads/default.page?selector=expand, this is the download. If this is teaching my grandmother to suck eggs I apologise.
 

https://forums.techguy.org/threads/which-thread.1163124/
Relevancy 31.39%

Hey all I would appreciate any help you can provide me here is my HJT Another HJT thread log this log Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Another HJT log thread Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files NVIDIA Corporation NetworkAccessManager Apache Group Apache bin apache exe C WINDOWS Explorer EXE C Another HJT log thread Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Norton AntiVirus navapsvc exe C Program Files Norton AntiVirus IWP NPFMntor exe C Program Files NVIDIA Corporation NetworkAccessManager bin Another HJT log thread nSvcIp exe C Program Files NVIDIA Corporation NetworkAccessManager bin nSvcLog exe C WINDOWS system nvsvc exe C Program Files Spyware Doctor sdhelp exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files NVIDIA Corporation NetworkAccessManager bin nSvcAppFlt exe C WINDOWS system dcomcfg exe C Program Files NVIDIA Corporation NetworkAccessManager bin nTrayFw exe C Program Files WinFast WFTVFM WFWIZ exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS SOUNDMAN EXE C Program Files NVIDIA Corporation NetworkAccessManager Apache Group Apache bin apache exe C Program Files iTunes iTunesHelper exe C Program Files QuickTime qttask exe C Program Files Java jre bin jusched exe C WINDOWS system ctfmon exe C WINDOWS system wuauclt exe C Program Files iPod bin iPodService exe C WINDOWS system atmclk exe C Program Files Mozilla Firefox firefox exe C Program Files Messenger msmsgs exe C HJT HijackThis exe R - URLSearchHook no name - B A -A C-ACBF- - C A DFD E - C WINDOWS system ltth dll file missing R - URLSearchHook no name - F B-F -FC A- FA - CA D B B - C WINDOWS system fednp dll file missing O - BHO Nothing - f fd e- ee- -aa - dd e a fa - C WINDOWS system hp tmp O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run nTrayFw C Program Files NVIDIA Corporation NetworkAccessManager bin nTrayFw exe O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run WinFast Schedule C Program Files WinFast WFTVFM WFWIZ exe O - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run Symantec NetDriver Monitor C PROGRA SYMNET SNDMon exe Consumer O - HKLM Run defender C defender a exe O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKCU Run CTFMON EXE C WINDOWS system ctfmon exe O - HKCU Run Meru quot C WINDOWS system SSTEM winword exe quot -vt mt O - HKCU Run Oyu C Documents and Settings Dan Application Data dobe w nword exe O - Startup WASTE lnk E WASTE WASTE exe O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup AutoCAD Startup Accelerator lnk C Program Files Common Files Autodesk Shared acstart exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EX... Read more

Relevancy 31.39%

Ok someone told me to post this here from this thread http www techsupportforum com show post I was folowing these steps http www techsupportforum com showthread php t And on step the line that says quot Also make sure you are using the latest version of HijackThis and it's installed in it's own folder on the root drive C HJT quot i downloaded it and scaned on normal mode cause some one said to so heres from cmd thread log HJT the log Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe HJT log from cmd thread C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C HJT log from cmd thread WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files McAfee McAfee Privacy Service GUARDDOG EXE C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C Program Files McAfee McAfee Privacy Service GUARDDOG EXE C Program Files ATI Technologies ATI Control Panel atiptaxx exe C WINDOWS System ezSP Px exe C WINDOWS Sonysys VAIO Recovery reminder exe C PROGRA mcafee com agent mcagent exe C PROGRA mcafee com agent mcupdate exe C WINDOWS AGRSMMSG exe C WINDOWS System spool drivers w x hpztsb exe C Program Files Hewlett-Packard HP Software Update HPWuSchd exe D PROGRA AVGFRE avgamsvr exe C program files support com client bin tgcmd exe C Program Files McAfee McAfee Shared Components Guardian CMGrdian exe C Program Files Logitech iTouch iTouch exe D PROGRA AVGFRE avgupsvc exe D PROGRA AVGFRE avgemc exe D program files qttask exe c program files mcafee com agent mcdetect exe C Program Files ATI Technologies ATI ACE cli exe c PROGRA mcafee com agent mctskshd exe D PROGRA AVGFRE avgcc exe C WINDOWS System svchost exe C Program Files Netscape Netscape Netscp exe C Program Files Webroot Spy Sweeper SpySweeper exe C Program Files MSN Messenger msnmsgr exe C Program Files Messenger msmsgs exe D Program Files AIM aim exe C WINDOWS Twain CA A SnapDetect exe C WINDOWS System alg exe C WINDOWS System wbem wmiprvse exe C Program Files ATI Technologies ATI ACE cli exe C Program Files ATI Technologies ATI ACE cli exe C WINDOWS system wuauclt exe D Program Files X fire Xfire Xfire exe C Program Files Mozilla Firefox firefox exe C HJT HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www sfitbmggkkdpdunohylic com dDBAoKbVHq jsp R - HKCU Software Microsoft Internet Explorer Main Start Page http xmhrqifnnhuzj com CnQgk ig rHQhnj qY html R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www sony com vaiopeople R - HKLM Software Microsoft Internet Explorer Main Start Page http www rr com flash R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer N - Netscape user pref quot browser startup homepage quot quot http www pragsvaoci uk CnQgk ig vy VanHJEYnBPXUgvFbY SrHQhnj qY html quot nuser pref quot browser startup page quot C Documents and Settings Owner Application Data Mozilla Profiles default rzihjmcz slt prefs js O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - B DE- C - BF-B B- B F A E - C Program Files Microsoft Money System mnyside dll O - BHO no name - ACF - E -A E - F - EBCC BE - C DOCUME Owner APPLIC INTER CLOCK RULE exe file missing O - BHO AOL Toolbar Launcher - C - CB - A -B F - EA C F - C Program Files AOL Toolbar aoltb dll file missing O - BHO McAfee Privacy Service - cc b ee - - d - a - b d c b - C Program Files McAfee McAfee Privacy Service GDIEHELP DLL O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - Toolbar AIM Search - D A B-D B- d - A - EE F C - C Program Files AIM Toolbar AIMBar dll O - Toolbar no name - BA B -B - c -B - F F - no file O - Toolbar AOLToolBand Clas... Read more

A:HJT log from cmd thread

Thank you for linking to your other thread. This should help get your issue resolved faster as the symptoms you've mentioned are symptoms of an infection not showing in your HJT log.

I recommend you Subscribe to this thread so you are notified of any replies via email. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions.

Downloads(make sure to save these in a permanent location)
Cleanup!- Install it. You will use this later.
*NOTE* Cleanup deletes EVERYTHING out of temporary folders and does not make backups.
Ewido Anti-SpywareInstall Ewido Anti-Spyware
Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.On the top of the main screen click Shield
Click the word active to change it to inactive
On the top of the main screen click Update.
Then click on Start Update. The update will start and a progress bar will show the updates being installed.
I also recommend changing the "Update interval" to something more reasonable like 12 hours.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.
Brute Force Uninstaller to your desktop.Right click the BFU folder on your desktop, and choose Extract All
Click "Next"
In the box to choose where to extract the files to,
Click "Browse"
Click on the + sign next to "My Computer"
Click on "Local Disk (C:) or whatever your primary drive is
Click "Make New Folder"
Type in BFU
Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
RIGHT-CLICK HERE and choose "Save As" (in IE it's "Save Target As") in order to download Alcra PLUS Remover.
Save it in the same folder you made earlier (c:\BFU).
NoLop-Download it to your desktop

Next, please reboot your computer in Safe Mode by doing the following:Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear
Select the first option, to run Windows in Safe Mode.

Tools
Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:Empty Recycle Bins
Delete Cookies
Delete Prefetch files
Cleanup! All Users
Click on the "Temporary Files" and uncheck the box for "Scan drives for file matching" if it?s checked.
Click OK
Press the CleanUp! button to start the program. If prompted to reboot, click No.

Please go to Start > My Computer and navigate to the C:\BFU folder. Start the Brute Force Uninstaller by doubleclicking BFU.exe
Behind the scriptline to execute field click the folder icon and select alcanshorty.bfu
Press Execute and let the program do it?s job. (You ought to see a progress bar if you did this correctly.)
Wait for the complete script execution box to pop up and press OK.
Press exit to terminate the BFU program.

Run Ewido with it's updated definitions:(...it's important that all windows must be closed) Click Scanner
Click on the Scan tab
Click Complete System Scan to begin scanning.
When the scan is complete click Recommended Action and change it to Quarantine
Then click Apply all actions
Once finished, click the Save report button, then click Save Report As and save it to your desktop.

Double click NoLop.exe to run itNow click the button labelled "Search and Destroy"
<<your computer will now be scanned for infected files>>
When scanning is finished you will be prompted to reboot only if infected, Cl... Read more

http://www.techsupportforum.com/forums/f100/hjt-log-from-cmd-thread-112017.html
Relevancy 31.39%

So I had the XP SP2 installed on my computer...it slowed my computer way down and caused all kind of other problems (blank webpages, programs wouldn't start up, etc.)...So I uninstalled it. My computer is working better, but it still has some issues with slow down that were not happening before I installed sp2. So I noticed there were SP2 hotfixes--a bunch of them--still in the add/remove programs dealie. So I figured, I have it off anyway, these must be the problem. So I started getting rid of them; however, after a few of them I got to one uninstalled it and my computer shut down and came up with a blue screen of death with some kind of mrxsml.sys error. Needless to say I got my computer back to normal with the system restore, but it made me wonder if I should be uninstalling these sp2 hotfixes...any advice?
 

Relevancy 31.39%

I too have been affected by Spy Axe here is another Yet Axe Spy Thread....Sorry the hijack Yet another Spy Axe Thread....Sorry this summary PLEEEEEEEEEEAAASSSSSEEEEEE Help Logfile of HijackThis v Scan saved at Yet another Spy Axe Thread....Sorry PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared Security Center SymWSC exe C WINDOWS system Yet another Spy Axe Thread....Sorry Ati evxx exe C WINDOWS Explorer EXE C WINDOWS system mssearchnet exe C WINDOWS system nvctrl exe C WINDOWS system ezSP Px exe C Program Files Microsoft AntiSpyware gcasServ exe C Program Files Microsoft AntiSpyware gcasDtServ exe C Program Files Common Files Symantec Shared NMain exe C PROGRA NORTON navw exe C Program Files Internet Explorer iexplore exe C Documents and Settings Johnny Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page www yahoo com O - BHO no name - c -f c - fb - a-d f a f - C WINDOWS system hp B tmp O - HKLM Run gcasServ quot C Program Files Microsoft AntiSpyware gcasServ exe quot O - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com fwlink linkid nbsp

Relevancy 30.96%

Hi there I know this is a problem a lot of people are having with Vista and nvidia cards but hear me out This is my system spec EVGA i Another nvlddmkm about .... Sorry!! thread A Motherboard Q Quad core ghz x GTX running in SLI gb x gb Another thread about nvlddmkm .... Sorry!! OCZ memory Another thread about nvlddmkm .... Sorry!! mhz also runs at Standard sata gb HDD w Coolermaster PSU Vista -bit Here s the problem it seems a little weird I can play games run dmark run photoshop you name it pretty much anything BUT when I start to watch a video avi mpeg divx etc resize a video skip through a video it freezes sometimes the sound stops for a few seconds the cursor freezes then the sound starts again the cursor becomes unmoveable for a few seconds Then everything on the screen freezes but the sound will carry on forever of the time after a freeze like this it may bluescreen with the nvlddmkm error Very occasionally I get intermittent blank screens with the quot nvlddmkm driver has succesfully recovered quot error I m aloss for what to do from what I ve read on forums this seems to be a software issue for me anyway to only do it on video is strange as if it was a hardware issue it would do it during games and benchmarks surely Can anyone give me an insight do you think its hardware Software Bill gates and nvidias incompetent programming I appreciate any help Thanks a lot guys Nick nbsp

A:Another thread about nvlddmkm .... Sorry!!

I really would get ahold of a copy of XP and see if you have the same issues with it. IT sounds like a software/driver issue. Which is quite common with Vista 64 still, since there aren't a huge amount of users (It's funny that the 32bit vista is used more than 64, when it was designed to be 64bit originally eh?)

As far as Bill Gates being the problem, unless you're using a Mac that's not the case. Bill Gates was "retired" from microsoft. He now sits on a majority share holder board for Apple in his free time. Remember that the next time your IPod crashes.
 

https://forums.techguy.org/threads/another-thread-about-nvlddmkm-sorry.673600/
Relevancy 30.96%

titled "Could a Trojan, or Worm be causing this?"

Its mine regarding problem with unexplained Updates to files notice at bootup even tho' I hadn't updated any files before turning comp off? Plue a Outlook Express problem I'm wondering if the unexplained updates is causing.

I ALSO HAVE the HijackThis & StartUp List in the other thread.
http://forums.techguy.org/t245778.html
Know re posting about a thread is frowned on a bit, but didn't put the HJT & StartUp List in until someone suggested I do so.
 

https://forums.techguy.org/threads/could-someone-take-a-look-at-my-earlier-thread-please.246588/
Relevancy 30.96%

I found the thread , have questions now, thanks

What happened to the thread-- free Spywarebegone site -- I had it on my watch list I cant imagine why it keeps disappearing.. I used search feature trying to find it but I cant seem to find it.
Please help find Thread : < /

I need to post there that though some items are fixed-- I still cant run my -disk clean-up- on my main Admin account.
Hope I can get some help there.
 

Relevancy 30.96%

Hi I posted earlier to of Continuation Old Thread this forum Here is a link to the thread Online accounts compromised Strongly Suspect Malware Rootkit I'm sorry but I've been on Continuation of Old Thread a trip and unable to interact since I posted the first thread I read the reply and followed all the steps outlined Here is the adw text AdwCleaner v - Logfile created at Updated by Xplode Database - - Server Operating Continuation of Old Thread system Windows Home Premium Service Pack x Username Larry - LARRY-HP Running from C Users Larry Desktop AdwCleaner exe Option Cleaning Support Forum - ToolsLib Services Folders - Folder Deleted C Program Files x predm - Folder Deleted C ProgramData ff e c fff c d e - Folder Deleted C Users Larry AppData Local Installer Install - Folder Deleted C Users Larry AppData Local Installer Install - Folder Deleted C Users Larry AppData LocalLow D D - D- E -B D - C F C E A Files - File Deleted C END - File Deleted C Users Larry AppData Roaming Mozilla Firefox Profiles sxyg r e default invalidprefs js - File Deleted C Users Larry AppData Roaming Mozilla Firefox Profiles sxyg r e default user js - File Deleted C Users Larry Desktop Continue Live Installation lnk DLLs Shortcuts Scheduled tasks - Task Deleted HHMKRLNAIC - Task Deleted NCWNPLPMGXMOLKBI - Task Deleted HHMKRLNAIC - Task Deleted NCWNPLPMGXMOLKBI Registry - Key Deleted HKLM SOFTWARE Classes AppID C AD A-C F- B-B DB- E D B - Key Deleted HKLM SOFTWARE Classes AppID F ABF-B E - D- E - E EB DBF - Key Deleted HKLM SOFTWARE Classes CLSID AA - D - F - A -D FBFBE ECD - Key Deleted HKLM SOFTWARE Classes CLSID A E A -FA - BDA-AED -CEBE E BCB - Key Deleted HKLM SOFTWARE Classes CLSID D DAE -BC - - C -E FFBA - Key Deleted HKLM SOFTWARE Classes Interface E DE- - AEE-BD -C C E A DB - Key Deleted HKLM SOFTWARE Classes Interface FC BDA-C - A D- DF - B C E - Key Deleted HKLM SOFTWARE Classes Interface A D B-F A- D- D - D F CD - Key Deleted HKLM SOFTWARE Classes Interface EE D - ED - B D- - B AFD Key Not Deleted HKLM SOFTWARE Classes Interface A D B-F A- D- D - D F CD - Key Deleted HKLM SOFTWARE Classes Interface B BD - B - F - A- F FC D - Key Deleted HKLM SOFTWARE Classes Interface B ECE - - B - -BFFFB F BD - Key Deleted HKLM SOFTWARE Classes TypeLib EF E- EE - AE- - AC F B Key Not Deleted HKLM SOFTWARE Classes TypeLib EF E- EE - AE- - AC F B - Key Deleted HKLM SOFTWARE Classes TypeLib F E- FEF- EA - - E A B D - Key Deleted HKLM SOFTWARE Microsoft Windows CurrentVersion Ext PreApproved A - B - B -B A-EC A A - Key Deleted x HKLM SOFTWARE Classes Interface AD E-E - - - E ACB - Key Deleted x HKLM SOFTWARE Classes Interface D F D - FAB- E- D- F E ED - Key Deleted x HKLM SOFTWARE Classes Interface E DE- - AEE-BD -C C E A DB - Key Deleted x HKLM SOFTWARE Classes Interface FC BDA-C - A D- DF - B C E - Key Deleted x HKLM SOFTWARE Classes Interface A D B-F A- D- D - D F CD - Key Deleted x HKLM SOFTWARE Classes Interface EE D - ED - B D- - B AFD - Key Deleted x HKLM SOFTWARE Classes Interface D -FE - A -B -EB E EB - Key Deleted x HKLM SOFTWARE Classes Interface C -C E - - -B BCB D Key Not Deleted x HKLM SOFTWARE Classes Interface A D B-F A- D- D - D F CD - Key Deleted x HKLM SOFTWARE Classes Interface B BD - B - F - A- F FC D - Key Deleted x HKLM SOFTWARE Classes Interface B ECE - - B - -BFFFB F BD - Key Deleted HKCU Software Tutorials - Key Deleted HKCU Software BDFD D - A B- D - B -D E E - Key Deleted HKCU Software DAILYPCCLEAN - Key Deleted HKCU Software Microsoft Tinstalls - Key Deleted HKCU Software AppDataLow Software SmartWeb - Key Deleted HKCU Software Microsoft Windows CurrentVersion Uninstall BrowserAir - Key Deleted HKLM SOFTWARE Microsoft Windows CurrentVersion Uninstall ASPackage - Key Deleted HKLM SOFTWARE Microsoft Windows CurrentVersion Uninstall ADF E-E D- D C- C-B F D BC - Key Deleted HKCU Software Microsoft Internet Explorer SearchScopes fa -de - -af -b e b f - Key Deleted HKLM SOFTWARE Microsoft Internet Explorer SearchScopes fa -de - -af -b e ... Read more

http://www.techsupportforum.com/forums/f50/continuation-of-old-thread-1080497.html
Relevancy 30.96%

http://www.techsupportforum.com/secu...ml#post2008653

My appologies, been working a lot!
I tried running the gmer and the fix, but it said there was no tmer.exe and could not run.

A:Had to open new thread

Hi,

Let's try it again with a new version of GMER. Delete the present copy of GMER from your desktop, if you still have it.

Download GMER Rootkit Scanner from here to your desktop. Double click the exe file. If asked to allow gmer.sys driver to load, please consent .
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.


Click the image to enlarge it
In the right panel, you will see several boxes that have been checked. Uncheck the following ... Sections
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and post it in reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

===============================

Also, please post a fresh DDS.txt along with the GMER.txt as it has been a while since you posted.

Please note that the forum is very busy and if I don?t hear from you in three days this thread will be closed.

http://www.techsupportforum.com/forums/f284/had-to-open-new-thread-355500.html
Relevancy 30.96%

everyone elses thread posted after mine has lots of visits and responses still none on mine please help
 

A:why is no1 responding to my thread??please help

This is not real time support - you've waited a whole 20 minutes!!!!!!!!!!!!!!!!
 

https://forums.techguy.org/threads/why-is-no1-responding-to-my-thread-please-help.615269/
Relevancy 30.96%

Hello I recently got a new cable responding' thread not another 'DNS Yet modem when my Comcast Yet another 'DNS not responding' thread cable service was upgraded to HD and ever since I haven't been able to get my Dynex WG-RTR wireless router to connect to the internet The way I had it set up and it worked fine until today when the modem was replaced was as follows Cable Modem -------- Switch ------ Wireless Router IE I had my wireless router plugged into the switch along with my desktop and Xbox But now it doesn't work I've tried resetting the modem and router my PC and the switch as well It seems I can only get the router Yet another 'DNS not responding' thread to work if I take everything out of the switch plug the router directly into the cable modem and plug the other devices into the router I'm at a loss what to do now But here is my ipconfig info Quote Windows IP Configuration Host Name J-Lappy Primary Dns Suffix Node Type Hybrid IP Routing Enabled No WINS Proxy Enabled No DNS Suffix Search List Dynex Wireless LAN adapter Wireless Network Connection Connection-specific DNS Suffix Dynex Description Broadcom n Network Adapter Physical Address C-E -D - E- -B DHCP Enabled Yes Autoconfiguration Enabled Yes Link-local IPv Address fe b ae af a bf b Preferred IPv Address Preferred Subnet Mask Lease Obtained Tuesday September AM Lease Expires Friday October AM Default Gateway DHCP Server DHCPv IAID DHCPv Client DUID - - - - -D - F-B -F -DE-F -CD- F-C DNS Servers NetBIOS over Tcpip Enabled Tunnel adapter isatap Dynex Media State Media disconnected Connection-specific DNS Suffix Description Microsoft ISATAP Adapter Physical Address - - - - - - -E DHCP Enabled No Autoconfiguration Enabled Yes Tunnel adapter Local Area Connection Media State Media disconnected Connection-specific DNS Suffix Description Microsoft to Adapter Physical Address - - - - - - -E DHCP Enabled No Autoconfiguration Enabled Yes Tunnel adapter Teredo Tunneling Pseudo-Interface Media State Media disconnected Connection-specific DNS Suffix Description Teredo Tunneling Pseudo-Interface Physical Address - - - - - - -E DHCP Enabled No Autoconfiguration Enabled Yes Thanks in advance for any help

A:Yet another 'DNS not responding' thread

Your set up was incorrect and as you found out it works when you put the switch AFTER the router which is how it should be.

It goes cable modem>router> switch, you plug the cable modem's WAN port into the WAN port on the router then plug the switch into one of the LAN ports on the router.

http://www.sevenforums.com/network-sharing/253511-yet-another-dns-not-responding-thread.html
Relevancy 30.96%

Taskmanager Registry Editor Msconfig Not Working and system getting slowed Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss Major : Thread exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS Major Thread : System svchost exe C WINDOWS system spoolsv exe C Program Files Microsoft Firewall Client FwcAgent exe C WINDOWS system nvsvc exe C WINDOWS system HPZipm exe C WINDOWS Explorer exe C WINDOWS system RVHOST exe C WINDOWS system RUNDLL EXE C WINDOWS system RVHOST exe C WINDOWS system devldr exe C Program Files Opera Opera exe C Program Files CCleaner ccleaner exe C WINDOWS system wuauclt exe C Documents and Settings hassanmunir Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http g msn com SEENUS SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Explorer Main Search Page http g msn com SEENUS SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Explorer Main Start Page http softwarereferral com jump php MjI Ojg amp lid R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer SearchURL Default http g msn com SEENUS SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Connection Wizard ShellNext http windowsupdate microsoft com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer F - REG system ini Shell Explorer exe RVHOST exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO IeCatch Class - A -E CA- D - CD - D B - C PROGRA FlashGet jccatch dll O - BHO Windows Live Toolbar Helper - BDBD DAD-C - A -ADC - B B FF D - C Program Files Windows Live Toolbar msntb dll O - BHO FlashFXP Helper for Internet Explorer - E A B-D - -AD - B EE - C PROGRA FlashFXP IEFlash dll O - Toolbar no name - E E AB-F - D - D - BA E - no file O - Toolbar Windows Live Toolbar - BDAD DAD-C - A -ADC - B B FF D - C Program Files Windows Live Toolbar msntb dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKCU Run msnmsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - HKCU Run Yahoo Messengger C WINDOWS system RVHOST exe O - Global Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - HKCU Software Microsoft Windows CurrentVersion Policies System DisableRegedit O - Extra context menu item amp Windows Live Search - res C Program Files Windows Live Toolbar msntb dll search htm O - Extra context menu item Add to Windows amp Live Favorites - http favorites live com quickadd aspx O - Extra context menu item Download All by FlashGet - C Program Files FlashGet jc all htm O - Extra context menu item Download using FlashGet - C Program Files FlashGet jc link htm O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MI OFFICE EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O... Read more

A:Major Thread :

Please Close My Thread as i m bieng helped by another forum thanx .

http://www.techsupportforum.com/forums/f284/major-thread-182228.html