Windows Support Forum

BSOD Suspecting SSD Kingston HyperX

Q: BSOD Suspecting SSD Kingston HyperX

Is Windows 7 . . . - x64 - the original installed OS on the system? Win7 - an OEM or full retail version? OEM - OEM = came pre-installed on system - Full Retail = you purchased it from retailer - What is the age of system (hardware)? different parts from 1 to 2 - What is the age of OS installation (have you re-installed the OS?) NO

System Spec
Core i7 930
ASUS P6X58D-E LGA
NVIDIA GeForce GTX 570
Kingston HyperX SH100S3B/120G 2.5" 120GB SATA III MLC
^-- I think is the culprit cause it disconects after BSOD, I have to completely shut down computer for it to
be seen by the bios again

Relevancy 100%
Preferred Solution: BSOD Suspecting SSD Kingston HyperX

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: BSOD Suspecting SSD Kingston HyperX

Try doing a power cycle of the SSD. The following steps should be carried out and take ~1 hour to complete.Power off the system.
Remove all power supplies (ac adapter then battery for laptop, ac adapter for desktop)
Hold down the power button for 30 seconds to close the circuit and drain all components of power.
Reconnect all power supplies (battery then ac adapter for laptop, ac adapter for desktop)
Turn on the system and enter the BIOS (see your manual for the steps to enter the BIOS)
Let the computer remain in the BIOS for 20 minutes.
Follow steps 1-3 and physically remove the SSD from the system by disconnecting the cables for a desktop or disconnecting the drive from the junction for a laptop.
Leave the drive disconnected for 30 seconds to let all power drain from it.
Repeat step 4.
Replace the drive connection(s) and do steps 5-8 again.
Repeat step 4.
Start your computer normally and run Windows.

The above steps were a result of: Why did my SSD "disappear" from my system? - Crucial Community

While that may not be your drive, a power cycle should be the same on all SSD drives. See how the system responds after the SSD power cycle.

http://www.sevenforums.com/bsod-help-support/225877-bsod-suspecting-ssd-kingston-hyperx.html
Relevancy 86.43%

Hello all I have sticks of mb pc hyper x ram in my system and would like to know what people have there timings at I do not know much about timings all i really know is the lower the Ram Hyperx Kingston better and how to change them I also know hyperx are suppost to be gamers overclockers ram so id like to take advantage Currently after a little tweaking i have it on CAS - Hyperx Kingston Ram RAS to CAS delay - RAS precharge - TRAS - TRC - Command Rate - T DRAM Idle timer - clocks Or so it tells me in CPUZ i believe at the start of the computer is says its on - - - T and in the SPD tab on CPUZ it says i have - - - why is Hyperx Kingston Ram this I have a MSI Neo motherboard with a AMD processor What should i be aiming for in timings is the timing that i have now good for the ram is it good overall Im sorry if this question has been asked before and thanks in advance for any replies Moka nbsp

A:Hyperx Kingston Ram

For timings, basically, the lower the better, and the smaller the numbers that come up first, the better (as in, the first number is more important than the second, which is more important than the third, etc).

I've got no idea why CPUz reports a different set of timings. I don't use CPUz (which I should).

One more thing you can do is actually increase the speed of the RAM, which should give you a better result. It is also known as overclocking, which is part of what you were doing when you're messing around with the timings, which is done after increasing the speed of the RAM.

Usually you'll increase the speed of the processor with it, for obvious reasons. But of course, it is possible to increase the speed of the RAM without increasing the speed of the processor via changing RAM:CPU ratio. You might want to mess around with that a little, as it would generally make your computer faster than just messing with timings.
 

http://www.techspot.com/community/topics/hyperx-kingston-ram.76391/
Relevancy 85.57%

I am thinking to upgrade my ram from 4GB (4x1024MB Corsair XMS3 DDR3) to Kingston HyperX Blu DDR3 1333MHz CL9 8GB DIMM.

In near future, I might upgrade to i5/i7 depending on budget along with motherboard. Rest of the hardware will be carried forward to new machine and hoping this RAM will be alright as well (if not, it can be upgraded at later stage).

What do you guys think or recommend I should go for. My system specs are mentioned under menu if that will help in suggestions.

Thanks

A:Kingston HyperX DDR3

I suggest getting the 1600mhz ram if you want to upgrade to i5/i7 later.

I would actually suggest going even higher if overclocking was a possibility for you, but the ram starts jumping in price when you hit 2000+ mhz.

http://www.sevenforums.com/hardware-devices/199981-kingston-hyperx-ddr3.html
Relevancy 85.57%

Which one of these is "better"? I know theyre both ment for high perfoamance, but what are the differences in actual performance and OCing?

Also.. can someone explain to me what these numbers stand for: 3-8-8-4. I know they have to do with RAM performance but I don't know specifiaclly what each number does or means..

Thanks!
 

A:Kingston HyperX VS Corsair XMS

Pretty much both companies go neck n' neck. I prefere Corsair, but in some intel mobo Kingston seems to be just a tad faster.
Intead of stuffing this post with explanation of RAS, CAS, timmings, keep in mind this. The lower the numbers the better.. So a 2-5-5-4 will be faster then a 3-8-8-4
HTH
 

https://forums.techguy.org/threads/kingston-hyperx-vs-corsair-xms.214731/
Relevancy 85.57%

What dang in tarnation is HyperX memory? Can it be mixed with the regular memory stick?
 

A:Kingston HyperX Memory

It's a brand, or series, like Chevy. It's one of Kingston's higher performance series of products.

You generally shouldn't mix memory unless it's a perfect match. Do the speeds, voltages, and timings match up? Is the capacity correct for your system?

You can choose approved memory from here: http://www.ec.kingston.com/ecom/configurator_new/mfrmod.asp

Or let this scan your system and suggest their RAM: http://www.crucial.com/systemscanner/

You'll still want to check it against what you have installed now though.
 

https://forums.techguy.org/threads/kingston-hyperx-memory.1082388/
Relevancy 85.57%

Hello I recently had another thread about DIMM and GB but I chose to buy one GB spec Kingston run Cannot HyperX at module and changed over to Windows -bit So I mixed the memory a little hoping it wouldn t be a problem but it seems to be My DIMMs are populated as follows in Dual-Channel interleaved mode GB GSkill GB GSkill GB Kingston HyperX Empty They are all rated at Cannot run Kingston HyperX at spec DDR - - - However the GSkill is - V Cannot run Kingston HyperX at spec the Kingston HyperX is - V I cannot run them at full speed my PC won t even post even at V -I tried - - - at V BIOS locks up -Mobo is Gigabyte GA-EP -UD L P Chipset BIOS is d unreleased specially for SSDs I have a core quad Q overclocked to MHz and my FSB is thus MHz quad-pumped Currently I have the divider at B which is running them at MHz - - - and it is stable V I had the divider at MHz - - - while I was configuring my -bit OS Through the course of it hours Windows crashed times In event viewer they were all critical kernal-power crashes There wasn t any BSOD Yet I performed passes of Memtest x with no errors Is this the fault of my PSU or what Rosewill W Plus It isn t the best but I ve had NO problems prior to messing with the RAM Sorry for the wall of text I like to provide as much information as possible Thanks TheHighRoad nbsp

A:Cannot run Kingston HyperX at spec

You're pretty lucky you got them working all together at anything over JEDEC spec (DDR2-800 @ 5-5-5-15 and 1.8v). Pushing the bandwidth harder will likely result in you finding out why the Kingston RAM is only rated 5-5-5-15 when you max out the JEDEC spec (2.3v) for DDR2-1066, while lower operating voltage are more in line with 5-5-5-18 timing.

Memtest is more a test for inherent errors within the IC's. The modules can test good (no faults), but can still fail in "real world" use due to differences in the advanced timings (especially if you have mismatched "Static Read Level" as they are called in the Gigabyte BIOS -also known as "Performance level" or more universally, tRD).
Could pay to download Memset and check that all the advanced values are equal across channel A and B. (Here is an old screenshot of my secondary system from an older thread- post #2)
Memset and the Phoenix-Award BIOS differ in how they report timings
Whatever tWTR and tWR is in the BIOS, add 7 if using 2.00 divider, or 8 is using the 2.40 divider to get Memset value.
Whatever tRTP is in the BIOS, add 2 to get the Memset value.


I doubt you'll get much better than you already have to be honest. Having said that DDR2-960 is pretty good going under the circumstances. You would also get comparable performance (to DDR2-1066 CAS5) using the 2.00 divider (synchonous with core frequency) for DDR2-800 at 4-4-4-12 -assuming you could get the timings that tight- not a given with either of the RAM modules you're using.

Kingston HyperX data sheet (.pdf)
 

http://www.techspot.com/community/topics/cannot-run-kingston-hyperx-at-spec.161404/
Relevancy 85.57%

Hello,

i recently added another kingston hyperx 512mb memory module to my original one and found out (using cpuz) they are running at different CAS timings? one is apparently at 2.0 at 200mhz and the other is apparently 2.5 at 200mhz? is this right? if its not what do you recommend i change?

Specs

AMD Athlon 3400+ Newcastle core
1gb Hyper X
80gb Sata
9700pro 128mb
MSI Neo3 Gold (nforce4)
 

A:Kingston HyperX ram timings.

Change the slowest module to the faster one, unless the board is specifically requiring the slower one.
But if you are having no problems otherwise, do not change a thing. This sort of a latency problem is not really a problem on most boards.
Some games and graphics programs will require memory in matched sets to be fully utilized, but if you don't get error messages, do not worry about it.
 

http://www.techspot.com/community/topics/kingston-hyperx-ram-timings.69209/
Relevancy 84.71%

I bought 2x 4gb Kingston HyperX Savage 1600Mhz, on the website where I bought the memory modules it says that the timing is "9-9-9-35" but when I look HWINFO it says that it is running at 11-11-11-28, I am doing something wrong that it doesn't run like it is given at the website?

This is the datasheet of kingston itself and it doesn't say anywhere 28 too: http://www.kingston.com/datasheets/HX316C9SRK2_8.pdf

I hope someone can help me.

Thanks,
Chris

A:Kingston HyperX Savage question

Often with a motherboard, when the RAM timings are set at AUTO, the board uses a conservative set of timings to ensure compatibility and operation on first bootup. It's a fail safe thing.

All you have to do is go into BIOS and manually set the timings to the advertised specs (9-9-9-35) and reboot. Or else, enable your XMP profile, if your BIOS has that feature. That should be all it takes to get you going.

While we're at it, is your memory running at 1600? Most of the time AUTO will default it to 1333, so you may want to check that as well. You can also adjust that manually.

http://www.sevenforums.com/hardware-devices/372406-kingston-hyperx-savage-question.html
Relevancy 83.42%

hi everyone!
are there reports about the performance of w7 64 bit with 4x2gb kingston 1066 hyperx rams? (DIMM DDR2 4096MB PC-1066 CL5)
with the rams installed the install sequence is extremely slow. by this i mean, that after the "loading files" process it takes another 5 minutes until the language selection screen shows up. then another 5 to 10 for the actual install option. i have not gone further yet because i inititally tried to repair my old w7 64bit system and there i saw that the repair function took at least 1 hour to show up ...
any ideas/experiences?
going back to my old kingston rams (4x1gig) made everything load like a breeze.

mainboards
gigabyte p35 dq6
cpu
q6600

A:w7 64bit slow with kingston hyperx 1066 ?

Which version of win7 are you using?
I had a similar problem but not in that scale of delay.

A faulty ram might cause that, but did you do any other tests?

Did you try to install windows xp on it again?

http://www.sevenforums.com/performance-maintenance/21330-w7-64bit-slow-kingston-hyperx-1066-a.html
Relevancy 83.42%

Currently a have a single 8gb hyperx fury installed on my CPU, i am planning to install an additional 8gb hyperx fury on a MSI A68HM-E33 V2. will the additional ram will perfectly fit on my mother board?because the board only have 2 slot of memory compare to a gaming board which have 4 slot of memory,

thanks and more power..

A:will it fit a 2 x 8gb 1866 kingston hyperx fury on MSI A68HM-E33 V2?

According to the specs, your board can handle 32 GB, so yes the board will support 16 GB DDR3

https://us.msi.com/Motherboard/A68HM...-specification

http://www.sevenforums.com/hardware-devices/393724-will-fit-2-x-8gb-1866-kingston-hyperx-fury-msi-a68hm-e33-v2.html
Relevancy 82.56%

 I have Lenovo ideapad z510 with Intel Core i7 4702MQ I'm planing to replace  my original lenovo Shipped RAMRAMAXEL 8GB (2 x 4GB) PC3-12800S SODIMM DDR3 1600 03T7117  Laptop Memory Kit With  Kingston HyperX Impact Black 16GB Kit (2x8GB) 1600MHz DDR3L CL9 SODIMM 1.35V Laptop Memory (HX316LS9IBK2/16) My question: is my laptop (ideapad Z510) compatible with the mentioned kingston RAM I apricate your response ASAP

A:Lenovo ideapad Z510 RAM upgrade to Kingston HyperX...

Hi Islam,
 
Welcome to Lenovo Forums.
 
Of course yes. Your machine is very much compactible with desired ram. Z510 laptop can support up to 16GB Dual Channel DDR3L-1333 / 1600 MHz
 
Please go through below links for better understanding.
Link1
Link2
 
Let us know how you get on.
Regards,
Shashi
 
Tap that Kudos button if I helped  If you find a post helpful and it answers your question, please mark it as an "Accepted Solution"! 

https://forums.lenovo.com/t5/Lenovo-P-Y-and-Z-series/Lenovo-ideapad-Z510-RAM-upgrade-to-Kingston-HyperX-Impact-Black/td-p/3308885
Relevancy 82.56%

I recently was experiencing BSODs constantly and decided to re-install windows again but now the boot is about 35 seconds compared to the 10 before the re-install

A:Kingston HyperX 3k SSD slow boot after windows reinstall

Hey don't slip did you just reinstall? personally I would done this before doing that.

SSD Alignment

http://www.sevenforums.com/performance-maintenance/293392-kingston-hyperx-3k-ssd-slow-boot-after-windows-reinstall.html
Relevancy 82.56%

Im planning to buy 2x 4gb memory modules but im doubting between the Kingston HyperX Savage ddr3 1600mhz or the Kingston HyperX Fury ddr3 1866mhz, which one is better to take? my cpu is Intel i5 4460 and my motherboard: MSI H97 Gaming 3, maybe this helps in the decision too, I hope someone can help me.

Thanks,
Chris

A:Kingston HyperX Savage 1600 vs Fury 1866

  
Quote: Originally Posted by chris0


Im planning to buy 2x 4gb memory modules but im doubting between the Kingston HyperX Savage ddr3 1600mhz or the Kingston HyperX Fury ddr3 1866mhz, which one is better to take? my cpu is Intel i5 4460 and my motherboard: MSI H97 Gaming 3, maybe this helps in the decision too, I hope someone can help me.

Thanks,
Chris


Here you can find a quick review for those Kingston HyperX Savage 1866MHz & Kingston HyperX Savage 1600MHz

Source

But i quickly looked at your MSI H97 Gaming 3 motherboard specs and i didn't saw support for 1866MHz, looks max is 1600 MHz

You can find the list of supported memory for your motherboard, here:
Support For H97 GAMING 3

http://www.sevenforums.com/hardware-devices/371968-kingston-hyperx-savage-1600-vs-fury-1866-a.html
Relevancy 82.56%

Dear all please help me. I bought a nice view notebook - Hp pavlion x360 k000ur with 4 Gb OM and disapointed it is so slow! even after windows and peremeters optimization. (open - mozila, skype, excel, word - system damping) I decid - to get more operational memory i hope it will help. I found good one - Kingstone Hyper X DDR3 SODIMM 8Gb  is it ok for my notebook?

http://h30434.www3.hp.com/t5/Notebook-Operating-System-and-Recovery/%D0%A1ompatibility-Kingston-HyperX-DDR3-SODIMM-8Gb-and-HP-pavlion/td-p/5663111
Relevancy 82.56%

I used Kingston HyperX blu 4GB memory (4x = 16GB total) for my desktop upgrade 6 months ago.

I am curious if there is superior RAM out there. I don't refer to a 0-5% improvement. Is there significantly better RAM available for my setup? (lets say 15%+ faster than what I use)

I am constantly in Adobe After Effects eating up all of my memory. I also multi-task frequently switching between memory intense programs. I will squeeze every bit of performance out of faster memory.

Here is my configuration:

i7 2600K @ 4.4Ghz
ASRock extreme4 Motherboard
16GB RAM (4x 4GB HyperX blu DDR3 1333MHz)
2x Gigabyte 560ti SLI
Crucial M4 128GB SSD
Windows 7 64bit

When I upgraded I was advised to go with 1333MHz. Is there significant performance to be had beyond this? It is an inexpensive area to upgrade so I am very curious.
 

A:Kingston HyperX Blu DDR3 1333MHz -- worth upgrading?

Not at all worth upgrading IMO.
 

http://www.techspot.com/community/topics/kingston-hyperx-blu-ddr3-1333mhz-worth-upgrading.175525/
Relevancy 74.39%

Is this considered value RAM? I bought 2gigs of it for $50, installed it and it is defaulting to DDR-667. Seemed like a steal at the time

http://www.newegg.com/product/product.asp?item=N82E16820134583

I had to manually go into BIOS and up the voltage and increase the clock - It is now at DDR-800
---------------------------------------------------------------------------------------------------------------
And while were at it, newegg.com advertises this http://www.newegg.com/product/product.asp?item=N82E16820134583
as SLI ready, but I do NOT see where you would hook up the SLI cable. Anybody?
Just a few kinks with the new build
 

A:Kingston HyperX 2GB (2 x 1GB) 240-Pin DDR2 SDRAM DDR2 800 (PC2 6400) Dual Channel De

From the newegg comments:




I feel as like I should clear up the confusion about this memory. This ram is programed to default to DDR2-667 at 1.8volts instead of the DDR2-800 at 2volts. This is because most motherboards default to 1.8v, and it would suck if you were trying to build a new computer and you couldn't boot because your memory only ran at 2v. That's why kingston made it so you can run it at 1.8v(although at a slower speed) and change it to 2v later. YOU NEED TO MANUALLY SET THE VOLTAGE TO 2VOLTS AND SPEED TO DDR2 800 @ 4-4-4-12 IN THE BIOS. If you don't do this then you are wasting good memory. If you don't believe me then read the data sheet here: http://www.valueram.com/datasheets/KHX6400D2LLK2_2G.pdfClick to expand...

So that makes sense...


Also I think your 2nd link is the same as your first
 

http://www.techspot.com/community/topics/kingston-hyperx-2gb-2-x-1gb-240-pin-ddr2-sdram-ddr2-800-pc2-6400-dual-channel-de.97219/
Relevancy 57.19%

Hey guys Im having some BSOD problems with my computer It has always been doing it but it never really bothered me cause it only happened about once a day But recently I started streaming online a lot and Im starting to get a following which as you can imagine is a problem when my stream cuts off an hour suspecting motherboard PSU the the or BSOD Im into the stream I looked through the event viewer and the computer was BSOD because of a WMI error which I fixed and because of the postreSQL which I didnt understand why but I uninstalled it and that stopped as well Now the computer is still blue screening but there are no errors that show up in the Event Viewer Im dual booting so I have memtest I had it last night and it came back with no errors Mind you i have x gb sticks and I did not run them individually Here are the specs OS Windows Ultimate -bit SP CPU AMD Phenom II X T C Thuban nm Technology RAM GB Dual-Channel DDR MHz - - - Motherboard ASUSTeK Computer INC M A TD-V EVO AM C Graphics VW x Hz FP W x Hz MB ATI AMD Radeon R Series Gigabyte C MB ATI AMD Radeon R Series Gigabyte CrossFire Disabled Storage GB M -CT M SSD ATA Device SSD GB Western Digital WDC WD AALS- E A ATA Device SATA C Audio AMD High Definition Audio Device Please help me out I have speccy and will try my best to provide any additional information that's necessary to figure out the problem Regards Tod

A:BSOD Im suspecting the motherboard or the PSU

The PSU is LSP ultra 750W. Is it possible that Im not getting enough power? I am running two R9 200s.

http://www.techsupportforum.com/forums/f299/bsod-im-suspecting-the-motherboard-or-the-psu-1047186.html
Relevancy 56.76%

Just built a system around an AMD X2 3800+, DFI Lan-Party Ultra-D, and 2x1GB Crucial Ballistix. Suffered a BSOD while playing World of Warcraft. I think it's the video card (that's what it seems like in the debug log) but I looped 3DMark 2001SE overnight and it went fine. During the time of BSOD my mainboard auto set the RAM to 3-3-3-8 timings but I found out the spec was wrong so I manually changed it to manufacturer recommended specs of 3-4-4-8. Testing has gone well but I attached the debug log hoping someone can make out the rest of the information. Many thanks!
 

A:BSOD, suspecting GeForce 6800 GS

Hi,

It crashes at video processing. Probably it is the hardware problem at the video card. May be the video card is overheat or bad contact. Reseat the video card and open the computer case to improve the circulation. If your windows does not within two days, the problem is related to overheat. You can also run rumtest to stress test the ram.
 

http://www.techspot.com/community/topics/bsod-suspecting-geforce-6800-gs.37184/
Relevancy 55.47%

Well a few days back I had an unexpected BSOD crash When the system rebooted there were uninstalled updates which I then installed No crashes after that for some time days ago I notice my C drive memory depleting showing just GB free of GB Now because of this my system performance slowed down and there were a few more crashes I suspected a malware in some file so I researched a bit for memory scan softwares and found out about SpaceSniffer which I then downloaded and ran to scan the C drive It accounted for GB used and there was a log generated which I shall post in a reply as there isnit enough space on this message Anyways now my disk space is down to just MB free of GB and because of this I am not able to run a suspecting drive after crash, on Low malware. BSOD C: memory lot of programs Would appreciate any immediate help And I also want to let it Low memory on C: drive after BSOD crash, suspecting malware. known that Formatting and doing Low memory on C: drive after BSOD crash, suspecting malware. a clean install of Windows is gonna be my last resort as I do not have a Windows installation disc EDITED Apparently the log is too big to be posted in one single reply And also I've analyzsed the C drive with Advanced SystemCare and it showed that the path quot C gt Windows quot was occupying about GB while it just showed as GB on the SpaceSniffer scan The log in the SpaceSniffer scan showed that access is denied into one folder with path quot C gt Windows gt system gt config gt systemprofile quot I suspect that's the problem folder but as i said access to that is denied even though I have administrative rights

A:Low memory on C: drive after BSOD crash, suspecting malware.

What anti-malware and anti-virus scans have you done?

Download and run Treesize Free and post a screen shot of it.

TreeSize Free - Verzeichnisgren und Speicherfresser schnell erfassen

It will show all your directory trees and you can expand down to see every folder.

My System Profile folder is very small and is shown in Treesize Free.

Here's the screenshot:

http://www.sevenforums.com/performance-maintenance/326194-low-memory-c-drive-after-bsod-crash-suspecting-malware.html
Relevancy 55.47%

Hey this is my first time posting here but I'm familiar with BSOD's fault. hardware during Windows bootup, suspecting forums and such Well I might as well describe my problem I have a HP Pavilion dv ca laptop running Windows Vista Home Premium CPU AMD Turion X GHz Graphics Card NVIDIA GeForce Go M RAM Gb DDR Well Windows BSOD's during bootup, suspecting hardware fault. this all started out a few weeks ago I was busy doing my normal stuff browsing the web talking to my friends on Skype and listening to music in iTunes when I get a notification for an update to bring iTunes up to I did the update and the process went smoothly But then things started to go horribly wrong for me During the reboot sequence Vista blue screened and went into autorestart Unfortunately I was unable to make out what the message said During POST everything was fine but when Vista tried to boot up I chose start Windows Normally when it gave me the option to it blue screened yet again during this bootup and restarted So in a rut I quickly hit f and managed to get into boot options Naturally I tried to get into safe mode BUT that's when things started to get weird It tried to boot but I got absolutely no GUI at all Explorer exe somehow didn't load up properly or anything My mouse was working as the pointer was up and I could move it around and everything but behind it was just a black screen Nothing else at all Frustrated I hard rebooted and did a system restore BUT during the restore I chose a restore point that was set the day before it gave me a message saying that the restore point could not be used please use another one That was an odd one So I fiddled around with the different restore points until I found a good one that was set before the iTunes install But then this is when things got really weird Windows finally managed to boot properly and I could get into my desktop But then I noticed that the internet wasn't connecting I tried to connect manually but Windows kept saying that the dependency group service could not be started This was getting a little odd So I tried to start it manually by going into My Computer BUT when I tried to do that Windows told me that it couldn't start it up at all and then afterwards I got BSOD' yet again Frustrated and going through a horrible anxiety attack my schoolwork and personal files are on this laptop here and I'm not one for backing up on a regular basis I tried doing another system restore THIS time it seemed to have worked out ok cause now the services had managed to get working again I'm typing this up right now on said laptop because everything's stable at the moment However I'm suspecting that Windows won't boot up right if I do a restart and go through the whole cycle yet again leaving me in an anxious mess Since I have no idea where the BSOD report dump is I checked the reliability monitor and it gave me this http i photobucket com albums a ityReport jpg - Part http i photobucket com albums a ityReport jpg - Part http i photobucket com albums a ityReport jpg - Part http i photobucket com albums a ityReport jpg - Part So finally my question is what just happened How did iTunes do this DID iTunes do this Is my computer still properly stable Is a Vista reinstall in my future I need some help making sense out of my situation I appreciate you guys taking the time to read this

A:Windows BSOD's during bootup, suspecting hardware fault.

UPDATE: A friend of mine that's CompTIA A+ Certified took a look at the computer finally and ran some memtests; turns out that there was a bad stick of RAM that was doing this. I'm grabbing another 1 gig stick during the weekend, so that'll be fine now.

This topic can now be closed. :)

http://www.techsupportforum.com/forums/f299/windows-bsods-during-bootup-suspecting-hardware-fault-309627.html
Relevancy 55.47%

Hi everyone I suspecting BSOD also and watching HDD while movies overheat randomly, have a Gateway AIO computer running Windows Home Pre x In the past few months it has been BSOD occasionally while I was watching movie and browsing the web Also lately it has been BSOD while watching movies and also randomly, suspecting HDD overheat BSOD when there is no heavy activity at all on the computer When it tried to re-boot it gave me this error message quot PXE-E Media test failure BSOD while watching movies and also randomly, suspecting HDD overheat check cable quot and would not boot to windows I tried to go into the BIOS and check and I see that the BIOS did not recognize my HDD on the SATA port So I suspect something is wrong with the HDD It is a Seagate GB RPM After I let the computer cool down for a while then it can boot to windows again After a few hours or a fews days the problem come back again So I opened up the computer and take out the HDD and it feels kinda hot to my touch not burning hot but above warm level although I really don't know how hot can a HDD get and still function normally I have collected the dump files by SF Diagnostic tools and attached it here Please help me find out what's wrong Thank you very much

A:BSOD while watching movies and also randomly, suspecting HDD overheat

You're probably right. Dumps show possible problems with HDD.

7A and F4/ Storage/Hard Drive related. Be sure to keep a back up of all your stuff.

Upload a screenshot of your hard disk using CrystalDiskInfo:CrystalDiskInfo Standard Edition
How to Upload and Post a Screenshot and File in Seven Forums
Make a hard drive test from the hard drive manufacturers website:Hard Drive Diagnostic Procedure
Take memtest. Run for 8 passes and test each stick in a know good slot for an additional 6 passes.
RAM - Test with Memtest86+



   Note
Pay close attention to part 3 of the tutorial in order to rule out the faulty stick.



   Information
Errors are sometimes found after 8 passes.



   Tip
Do this test overnight, before going to bed.

http://www.sevenforums.com/bsod-help-support/284610-bsod-while-watching-movies-also-randomly-suspecting-hdd-overheat.html
Relevancy 55.47%

BSOD message indicates CDD.dll error. The error pops up generally when I'm playing online games, but not always. I do have 8Gb of RAM and suspect that the problem is 32bit version of Win 7 only seems to recognize 4Gb.

A:BSOD occurring randomly, suspecting memory error

Hi Indigo99.

Install Service pack 1 and all other windows updates. Otherwise the system will remain vulnerable to threats including BSODs.

Code:
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.17273.x86fre.win7_gdr.130318-1532
Learn how to install Windows 7 Service Pack 1 (SP1)
Service Pack and Update Center - Microsoft Windows
Report us for any further BSOD after installing Service Pack 1.

http://www.sevenforums.com/bsod-help-support/349536-bsod-occurring-randomly-suspecting-memory-error.html
Relevancy 55.47%

I've been getting some BSOD's playing Warframe intermittently, and today got one playing Trove.
Tried doing sfc scan, memory diagnostics and checkdisk and updating outdated drivers with some exceptions I was unsafe about messing with (DriverEasy said processor drivers were heavily outdated, and suggested intel xeon drivers).
Also tried Verifier.exe, resulting in bluescreens as soon as I got to the desktop, mentioning something about I/O problems.

DM Logs are attached

Hope you can help with this.

-Christian.

A:BSOD playing some games, suspecting driver conflicts

LGVirHid.sys Logitech Gamepanel Virtual HID Device Driver

Remove, uninstall this see if you get BSOD

http://www.sevenforums.com/bsod-help-support/351439-bsod-playing-some-games-suspecting-driver-conflicts.html
Relevancy 54.18%

I just installed a Kingston GB VNow SSD in my brand new Thinkpad Edge nbsp I found that I cannot do /R BSOD CHKDSK on Causes SSD Kingston a image backup of my C Drive with any backup program nbsp Some programs give me an I O CHKDSK /R on Kingston SSD Causes BSOD error like Windows Backup others get a Blue Screen of Death about halfway through I scheduled a CHKDSK C R so CHKDSK is run on the C drive before Windows comes up nbsp It gets through all the files test no CHKDSK /R on Kingston SSD Causes BSOD issues but on the last test the sector test I presume it crashed with BSOD about halfway through I'm trying to determine if the SSD could be corrupt and a reformat and re-install will fix it bummer I can't even make an image copy so it will take hours to reinstall my dozens of apps OR could it be some sort of hardware compatibility issue or configuration problem I saw a post somewhere referencing an SSD and BSOD and the recommendation was to change the SATA setting in the BIOS for ACHI to COMPATIBILITY nbsp I tried that but then Windows won't load it crashes right after you see the Starting Windows part so I had to set it back to ACHI nbsp I did see some reference to changing the mode BEFORE installing Windows nbsp Could this be the issue nbsp The machine runs great otherwise nbsp I have the SSD partitioned into a C and D drive and I can backup all my data file backup not image copy on D no problems Any suggestions are greatly appreciated nbsp Maybe Kingston is crap and I need to just go back to Corsair Xtreme like I used before on my other laptop nbsp

https://social.technet.microsoft.com/Forums/en-US/b17fbb52-7a5a-4e6f-9f6a-e2b2d1af2753/chkdsk-r-on-kingston-ssd-causes-bsod?forum=w7itprohardware
Relevancy 53.75%

Hello y'all,

I recently changed to an SSD from my laptop that was running for about 2 years, and whenever I play video games or do anything intensive that requires reading drive I get a blue screen. I also get various game error messages that abruptly quit Starcraft 2. Anyways, I suspect it's the solid state drive.

I'm running on:

windows 7 x64 Retail
Comp is about 2-3 years old .
OS is freshly installed again, just formatted with SSD.

CPU is nvidia gtx 460
Motherboard is: gigabyte MA785GMT-UD2H
power supply is a corsair vx450 watt
Hard drive is kingston SSD snv425-S2 V series

Any help would be much appreciated. If it's the hard drive, i suspect I have to get a new one since this is disocntinued and they won't release any more drivers.

Any help would be very much appreciated.

Tai

A:BSOD-- Kingston V series SSD problem?

edit: my video card is gtx 460,
My CPU is an AMD phenom II x4 955

http://www.techsupportforum.com/forums/f299/bsod-kingston-v-series-ssd-problem-635354.html
Relevancy 53.75%

Hi,

I installed a Kingston SSD V+200 in my Asus N56VM and since then I always get a BSOD after waking up the computer from standby. I tried with Asus Instant On and without. I installed newest firmware from Kingston and newest Intel Storage Driver today as I found some threads with that suggestion but it still keeps crashing. Just have to send it in standby and wakup then I click my useraccount and voila:

STOP: 0x000000F4

I just did a sleep -> wakup -> BSOD -> reboot -> collect dump data:

I really dunno what more to do, also deactivated virtual memory on this drive, still same behaviour.

A:BSOD after standby after installation of Kingston SSD

OMFG!
I just found the solution. I removed the HDD password and no bluescreen anymore.

Too bad I specifically bought the V+200 because of the hardware password encryption of the harddisk....

Ok so if anybody else has the same problem. Remove the HDD password ... maybe Kingston could fix it in a firmware upgrade?

http://www.sevenforums.com/bsod-help-support/308451-bsod-after-standby-after-installation-kingston-ssd.html
Relevancy 52.89%

Dear All,

When I try to connect my USB 3.0 Kingston DataTraveler 16 GB pen drive to my HP ProBook 4530s laptop it says device driver is installing but then BSOD happens before completion of driver installation. I tried it in another laptop and the pen drive works fine. I have Renesas USB 3.0 utility in my laptop and I've installed latest version from HP site but BSOD still happens. As I can see from the blue screen the cause maybe due to "partmgr.sys". Can somebody help me with this please? Thanks in advance. Logs are attached.

A:BSOD when connecting USB 3.0 Kingston DataTraveler 16 GB pen drive

Welcome to the forum.


Code:
Microsoft (R) Windows Debugger Version 6.2.9200.20512 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\admin\Downloads\Naveen87\SF_28-10-2014\102814-70340-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18409.amd64fre.win7sp1_gdr.140303-2144
Machine Name:
Kernel base = 0xfffff800`03655000 PsLoadedModuleList = 0xfffff800`03898890
Debug session time: Tue Oct 28 22:46:11.754 2014 (UTC + 6:00)
System Uptime: 0 days 0:06:53.769
Loading Kernel Symbols
...............................................................
................................................................
.................................................
Loading User Symbols
Loading unloaded module list
........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {ffffffffc0000005, fffff88000e54079, fffff880033a08a8, fffff880033a0100}

*** WARNING: Unable to verify timestamp for MfeEpePc.sys
*** ERROR: Module load completed but symbols could not be loaded for MfeEpePc.sys
Probably caused by : partmgr.sys ( partmgr!PmGlobalDispatch+69 )

Followup: MachineOwner
---------
McAfee is known to cause BSOD's. Uninstall McAfee and other antivirus software that you have fora test. Replace with MSE.

Microsoft Security Essentials is recommended from a strict BSOD perspective, compatibility & stability compared to other internet security software. Malwarebytes is a great combo to MSE. They are free and lightweight.

Also uninstall your existing Antivirus software before you install MSE.

Good and Free system security combination.



   Warning
Do not start the free trial of Malware Bytes; remember to deselect that option when prompted.



Perform a Clean boot:Troubleshoot Application Conflicts by Performing a Clean Startup
Reduce items at start-up. No software except anti-virus is required plus doing this improves the time for logging into windows:How to Change, Add, or Remove Startup Programs in Windows 7
Run the System File Checker that scans the of all protected Windows 7 system files and replaces incorrect corrupted, changed/modified, or damaged versions with the correct versions if possible:Click on the
Type CMD on Search
Left click and Run as Administrator
Type SFC /scannow
Full tutorial here:SFC /SCANNOW Command - System File Checker
Run Disk Check on your Hard Drive for file system errors and bad sectors on it.

Upload a screenshot of your hard disk using Crystal Disk Info.

http://www.sevenforums.com/bsod-help-support/350429-bsod-when-connecting-usb-3-0-kingston-datatraveler-16-gb-pen-drive.html
Relevancy 52.89%

Hi there,

My computer has been stable with no BSODS previously but since installing a new Kingston SSDNOW V300 as my boot up device I have been getting random BSODs, specifically while browsing with Firefox.
This is already the second Kingston ssdnow V300 as I suspected it might have been a bad SSD.

I have attached the BSOD logs.

My mobo doesn't seem to support AHCI and I am also using a SATA2 connection.

Thanks for the help!

A:BSOD after installing new Kingston SSDNOW V300

Hello and welcome nesteaplunger now according to this mate the board does support ACHI P5G41T-M - Motherboards - ASUS
Now I stand to be corrected mate but I think that you will have go back set the ACHI and reinstall.
As you can see from the link it could be due to a power problem too.

http://www.sevenforums.com/bsod-help-support/306631-bsod-after-installing-new-kingston-ssdnow-v300.html
Relevancy 52.89%

Hi first I would like to apologize for not writing this thread according to BSOD post instructions but my problem is so specific that I am not able to comply with them My problem follow thread I have posted here a week ago http www sevenforums com crashes-d ml post I have purchased new SSD from Kingston SSDNow V GB a few weeks BSOD after installation on SSD Kingston new Win7 clean ago But I was not able to install win on it BSOD all the time I thought that I have got damaged SSD so I claimed it in my vendor The claim was solved in the way that I BSOD after clean Win7 installation on new SSD Kingston have got new same SSD only exchange for new one was BSOD after clean Win7 installation on new SSD Kingston performed So i tried to perform clean install of Win bit CZ Pro SP on it but again during installation process I have got a lot of BSODs So I changed mode from AHCI to ATA in BIOS After that I successfully performed installation and booted into win I changed back mode to AHCI according to this tutorial Improve SATA hard disk performance Convert from IDE to AHCI and everything was ok I started to install updates via windows update but after BSOD after clean Win7 installation on new SSD Kingston installation and reboot I got BSOD again Unfortunately OS did not generate any minidump I checked it in system properties if generate dump file is checked and it is but no minidump I searched it almost everywhere So I installed all latest drivers from dell especially SATA and chipset and it seemed to get OK But during work with computer sometimes response is getting worse sometimes computer suddenly freeze My computer spec Windows Pro bit installed from MSDNAA program SP Age of HW is years age of OS installation about hour More details in my profile I suspect something is wrong with drivers or motherboard because I have got totally new SSD so I think that probability of wrong ssd is very small I am getting pretty agonized with that Have anybody ever noticed these kind of problem Thanks everybody for any help

A:BSOD after clean Win7 installation on new SSD Kingston

Sorry to see you are still having problems. Hopefully we can track them down. I'll call in other people to help this time if needed.

Dell's updates do not seem recent enough to support SSDs, in my opinion. Try updating drivers through the Intel? Driver Update Utility and see if it provides better support.

http://www.sevenforums.com/bsod-help-support/215967-bsod-after-clean-win7-installation-new-ssd-kingston.html
Relevancy 50.74%

Hi guys,

I build my computer some days ago and I was with no problems.
But after I tried to play GTA 3 and FIFA 2006, for example, it beggins crashing.
I can't play more than 2 minutes in a game and my computer gets frozen or crashed.
After this, it starts giving me BSOD errors even in Windows XP (not in a game).
Like I said, my system is:

Windows XP SP2
A8V / AMD64 3000+ / 2x512 Kingston DDR400 / nVidia AGP FX 5500

Here are the minidumps... all them...

http://seringueira.din.uem.br/~gilcio/minidump.zip

I hope someone can analyze this minidumps and tell me what I have to do.
I'm testing memories, but I think that aren't them.
It isn't really getting hot. About 37 Celsius CPU, 30 Celsius Motherboard and 39 Celsius VGA.

What should I do?
I've already tried update some drivers, but it didn't work too.

Help me, please!!!

Thanks,

Cheers,

Gilcio Grella
 

A:BSOD and Rebooting => A8V / AMD64 3000+ / 2x512 Kingston DDR400 / nVidia AGP FX 5500

Hi HacKiller,

I've investigated your minidumps and the culprit is faulty ram.

Suggestion
1. Reseat the memory stick to another memory slot
2. Downclock the ram
3. Clean the dust inside the computer case
4. Make sure that the ram is compatible to the motherboard

If it still crashes, diagnostic which memory stick is faulty
1. Take out one memory stick. If windows does not crash, the removed memory stick is faulty.
2. If you have only one memory stick, replace the ram
 

http://www.techspot.com/community/topics/bsod-and-rebooting-a8v-amd64-3000-2x512-kingston-ddr400-nvidia-agp-fx-5500.34422/
Relevancy 46.01%

I recently got the quot Hyperx Cloud II quot headset and as soon as I got it and started using the mic people were telling me that it was very quiet to the point that they didn t even know I was talking The mic volume is SUPER low and Problems 2 Mic Cloud Hyperx I cant adjust the volume I can only hear myself Using quot Hyperx Cloud 2 Mic Problems Listen to this device quot in the Hyperx Cloud 2 Mic Problems listen tab if I m literally eating the mic Hyperx Cloud 2 Mic Problems Does anyone know how to fix this Ill provide screenshots of my mics tabs the the properties page I ve also updated the driver using the provided steps and software at http support kingston com us supp duct khx-hscp amp filename CloudII FW Update Screenshots https gyazo com eef de f f a ddcfedbe d d https gyazo com e e f b ffaa b a af https gyazo com ac aa a e c c ff c https gyazo com ac f afd f cffed d nbsp

https://forums.techguy.org/threads/hyperx-cloud-2-mic-problems.1168805/
Relevancy 46.01%

I have 1 Kingston KHX3200 AK2/2GR . I don't really know where to get another one. It's a discontinue from Newegg! Can anyone help me find 1. I'm just trying to keep it matching. It's a decent memory! Here's a link of the actual module. http://www.newegg.com/Product/Product.aspx?Item=N82E16820104011 tyvm..

 

Relevancy 46.01%

I Hyperx Problems Mic 2 Cloud recently got the Hyperx Cloud II headset and as soon as I got Hyperx Cloud 2 Mic Problems it and started using the mic people were telling me that it was very quiet to the point that they didn't even know I was talking The mic volume is SUPER low and I cant adjust the volume I can only hear myself Using Listen to this Hyperx Cloud 2 Mic Problems device in the listen tab if I'm literally eating the mic Does anyone know how to fix this Ill provide screenshots of my mics tabs the the properties page I've also updated the driver using the provided steps and software at http support kingston com us support technical downloads product khx-hscp amp filename CloudII FW Update Screenshots https gyazo com eef de f f a ddcfedbe d d https gyazo com e e f b ffaa b a af https gyazo com ac aa a e c c ff c I cannot adjust the volume in the levels tab it wont let me move it https gyazo com ac f afd f cffed d

http://www.bleepingcomputer.com/forums/t/609308/hyperx-cloud-2-mic-problems/
Relevancy 45.58%

just want to make sure, will this ram work with my laptop(g50-80)? HyperX Impact DDR3 RAM specs:Capacities 4GB, 8GB (single) and 8GB, 16GB (kits)Speeds 1600MHz?2400MHzLatency CL9-CL12Voltage 1.35Vthe laptop only support DDR3L which has working voltage of 1.35V, the hyperx working voltage however is the same but it is DDR3, so will it work? thanks in advance

https://forums.lenovo.com/t5/Lenovo-B-and-G-Series-Notebooks/G50-80-and-HyperX-impact-DDR3-4GB-compatible/td-p/3310392
Relevancy 45.58%
Relevancy 45.58%

So, I've been using this headset for a while and it has been perfectly fine. Then today, after leaving a skype call, it just doesnt want to work. It has buttons to turn up mic, and headset volume, I can hear the sounds they play when you click one of them, but going into Playback devices, Testing doesnt work, and wont let me stop testing. When I try to go into my headsets properties, it just stops responding. I've tried everything. Reinstalling the device, its drivers, etc. Please help!

http://www.eightforums.com/sound-audio/75368-headset-not-working-suddenly-hyperx-7-1-a.html
Relevancy 45.58%

I have used a Turtle Beach X headset for the past several years and I have grown accustomed to the built-in direct monitoring hear yourself Cloud How monitoring direct to Hyperx for up set II talking feature I recently switched over the the Hyperx Cloud II which does not have built-in direct monitoring and it is driving me insane My OS is Windows and yes I know how to turn on quot listen to this device quot in the recording device properties but this does not produce the desired effect This plays back the sound with significant latency to the point where I could practically carry a conversation with myself I have tried using the latest version of FL Studio to achieve direct monitoring as directed by this guy but with no success this suggested solution produces the same latency as the Windows quot listen to this device quot function The Hyperx Cloud II is a connects via a USB and has its own built-in sound card which if I am understanding correctly may be part of the problem At this point I am almost convinced that what I aim to achieve is not possible but if anyone has this same setup and already figured it out then I would greatly appreciate your insight If you feel this thread would be better suited in a different category please let me know nbsp

https://forums.techguy.org/threads/how-to-set-up-direct-monitoring-for-hyperx-cloud-ii.1166954/
Relevancy 45.58%

I'm having problems running my 4gb kit (2 Rams of 2gb) Hyperx ddr2 1066 to advertised speed and timings 5-5-5-15.

This is my Hyperx version KHX8500D2K2/4G.

Before I was able to run it with no problems but now my PC restart itself 3 times and after that it automatically change it to 800 speed with standard timings.

The only way my PC let's me run it on 1066speed and 5-5-5-15 timings all day with no problems is if I let it first run to Window with the 800 speed an then restart it and change the speed and timing in the Bios.

But if I let the PC turned off for 1 hour or more it starts making the same restarting problem as before.
 

A:Can't run HyperX 1066 RAM at advertised speed

Hello. Make sure that you have the latest version of your BIOS. Also try setting your BIOS settings to default. I'm not sure that it will help, but you should try.
 

http://www.techspot.com/community/topics/cant-run-hyperx-1066-ram-at-advertised-speed.162178/
Relevancy 45.15%

Hello I just buy the y700 15ISK with the 16GB Ram and the 1TB HHD with 8 SSD and i want to upgrade i buy at the same tim the HyperX predator 240GBhttp://www.newegg.com/Product/Product.aspx?Item=N82E16820104542&cm_re=hyperx_m.2-_-20-104-542-_-Prod... but it not recognize, the Disk Management did reconognize but it not show up in windows was reading the only drive its going to recognize its the samsung but im not sure wich one buyhttp://www.newegg.com/Product/Product.aspx?Item=9SIA12K3UA7510http://www.newegg.com/Product/Product.aspx?Item=9SIA12K3G96790http://www.newegg.com/Product/Product.aspx?Item=9SIA24G3WK9980 and if i buy either of those drivers its going to work properly?i'll boot from the m.2 SSD? please help meAdrian

https://forums.lenovo.com/t5/Lenovo-P-Y-and-Z-series/Y700-15ISK-M-2-question-HyperX-Predator/td-p/3334236
Relevancy 45.15%

Merry Christmas all I have been having some stabilty problems lately and was wondering if anybody could help me out or offer any insight I have a Gigabyte EP -UD L and one stick GB Kingston HyperX DDR - PC - When i first got the mobo and RAM i never overclocked or changed any of the BIOS settings cause frankly i don t know too much about overclocking and what all those memory specifications mean and i didn t want to break it doing something stupid I never had a problem until i installed Windows and i kept getting blue screens of death with MEMORY MANAGEMENT at random times I tried installing Windows RC a few months ago and i couldn t even get thru the install without a BSOD I thought it was maybe compatibility issues that would be fixed up when retail was released but when i recently tried installing Window retail it BSOD again during install saying MEMORY MANAGEMENT I moved RAM to rd memory slot and it got thru install maybe just coincidence and with problems 7 PC2-8500 Stability HyperX Windows but then i started looking online and tried changing RAM settings with varying results I had been running Windows XP and Vista at - - - at V thats just default board settings and never had a problem but Kingston lists - - - at V - - - at V If i run it at - - - at V it will blue screen of death two or three times a day and thats the most stable i have found At V it will probably BSOD six or more All at random times and never for any particular reason I think its odd that it runs smooth on XP and Vista with whatever voltage i try but win is picky I was wondering if anybody could offer any suggestions to get the system to run more stable Maybe i just need to dial Stability problems with HyperX PC2-8500 and Windows 7 it in more precisely In the meantime i have just been running good ole XP cuz i couldn t take it anymore with the restarts Ryan nbsp

A:Stability problems with HyperX PC2-8500 and Windows 7

Your system likely wants to identical memory modules installed, rather than one module. One that is not identical to the first will work, but perhaps not as fast.
 

http://www.techspot.com/community/topics/stability-problems-with-hyperx-pc2-8500-and-windows-7.140211/
Relevancy 44.72%

I wanted to get more RAM for my older PC (CPU Q8400 on Asus P5P43TD PRO). The motherboards' specs say it works with 1600Mhz RAM so I bought 8GB of Kingston HyperX Blu (Kit 2x4GB), code KHX1600C9D3B1K2/8GX.

I already have the latest version of BIOS but it doesn't POST for the life of me (fans are working, black screen, no beeps). I tried inserting only one stick (tried all 4 slots). I tried both sticks in slots 1 and 3, both sticks in slots 2 and 4, still no luck.

When I put back my old RAM (2x2048 Kingston Value RAM) it works just fine. Everything in BIOS is set to AUTO. I tried increasing the RAM voltage to 1.65v as specified on the new sticks without success.

I'm sure the memory is fine but I just can't get it to work. Any suggestions are greatly appreciated!
 

A:Asus P5P43TD PRO doesn't POST with new HyperX 1600 RAM

You may need a BIOS update. CPU and Memory compatibility updates are common BIOS updates. Before you give up on the RAM modules, try updating your BIOS.

ASUS Support For P5P43TD PRO

Caution though, follow the instruction carefully. The updating can not be interrupted once started. It only takes a few minutes to complete, but any interruption can brick the motherboard if it is not equipped with a backup BIOS.

I just recently bought a motherboard I thought was completely dead (same symptoms as your board, no post). I never suspected the motherboard wouldn't recognize my i7 CPU. The tech guy had me use an i3 to flash the BIOS. Low and behold the BIOS update worked.
 

http://www.techspot.com/community/topics/asus-p5p43td-pro-doesnt-post-with-new-hyperx-1600-ram.197939/
Relevancy 44.72%

Re HyperX Cloud II Gaming HeadsetThere have been a few issues with the 7.1 surround not behaving properly for this headset

There is an update that hopefully should resolve these issues

ShareFile

there are full instructions in the zip file

http://www.tenforums.com/drivers-hardware/37003-firmware-update-hyperx-cloud-ii-gaming-headset.html
Relevancy 44.29%

hi guys,  recently bought this kit of RAM to upgrade my computer, will it work with my notebook? -16GB DDR3L-2133MHZ NON-ECC CL11 SODIMM (KIT OF 2) 1.35V IMPACT SODIMM this is what ram im using at the moment 8 GB DDR3L 1600MHZ SDRAM SODIMM ---- Also wonder if a GTX980M Upgrade Kit will work with my notebook, would be very interested in buying one http://www.pcworld.com/article/2882701/these-upgrade-kits-swap-out-your-laptops-old-graphics-with-a-...   




Driver Booster 2 Beta - Best Tool For Updating All Your Hardware Drivershttp://www.iobit.com/products.php

http://h30434.www3.hp.com/t5/Notebook-Hardware-and-Upgrade-Questions/HP-Envy-17-J110EA-Ram-Upgrade-Hyperx-Impact-16GB-amp-GTX980M/td-p/5648064
Relevancy 43%

Hello I a Suspecting key-logger have suspicion of a key-logger on my computer since my gaming accounts have been compromised at more then one occation like i try to log into the game one day and i cant and not even able to recover password since the e-mail registerd to the account has been changed So i humbly ask for your aid in this matter Pasted the hijackthis log below Please do tell if you see anything that shouldnt be there I have gone through with searching the comp Suspecting a key-logger for malware spybots and viruses and the like Afrom Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Delade filer Symantec Shared ccSvcHst exe C Program Delade filer Symantec Shared AppCore AppSvc exe C Program Symantec LiveUpdate ALUSchedulerSvc exe C Program Delade filer Symantec Shared ccSvcHst exe C WINDOWS system WgaTray exe C WINDOWS Explorer EXE C Program Seagate SeagateManager FreeAgent Status StxMenuMgr exe C Program Delade filer Symantec Shared ccApp exe C Program Windows Live Messenger msnmsgr exe C Program Skype Phone Skype exe C Program Messenger msmsgs exe C Program Windows Live Contacts wlcomm exe C Program Delade filer Symantec Shared CCPD-LC symlcsvc exe C Program Mozilla Firefox firefox exe C WINDOWS system spoolsv exe C Program Azureus Azureus exe C Program Sony Station Station Launcher LaunchPad StationLauncher exe C Program Flying Lab Software Pirates of the Burning Sea potbs exe C Program Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google se R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName L nkar O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Delade filer Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO no name - E A - - D F-BEAE-D A C - C Program Delade filer Symantec Shared coShared Browser NppBho dll O - BHO Java tm Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Java jre bin ssv dll O - BHO Windows Live inloggningshj lpen - D - C - ABF- ECC- C - C Program Delade filer Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Java jre bin jp ssv dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Java jre lib deploy jqs ie jqs plugin dll O - Toolbar Veoh Web Player Video Finder - FBB -D D - f a-A E - B BFC - C Program Veoh Networks VeohWebPlayer VeohIEToolbar dll O - Toolbar Show Norton Toolbar - -F - -B -FBEE C B DF - C Program Delade filer Symantec Shared coShared Browser UIBHO dll O - HKLM Run MaxMenuMgr quot C Program Seagate SeagateManager FreeAgent Status StxMenuMgr exe quot O - HKLM Run ccApp quot C Program Delade filer Symantec Shared ccApp exe quot O - HKLM Run osCheck quot C Program Norton Internet Security osCheck exe quot O - HKLM Run Symantec PIF AlertEng quot C Program Delade filer Symantec Shared PIF B E DD - - c -B F- F FCA A PIFSvc exe quot a m quot C Program Delade filer Symantec Shared PIF B E DD - - c -B F- F FCA A AlertEng dll quot O - HKCU Run msnmsgr quot C Program Windows Live Messenger msnmsgr exe quot background O - HKCU Run Skype quot C Program Skype Phone Skype exe quot nosplash minimized O - HKCU Run MSMSGS quot C Program Messenger msmsgs exe quot background O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User LOKAL TJ NST O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User NETWORK SERVICE O - HKUS S- - - Run CTFMON EXE C WINDOWS... Read more

A:Suspecting a key-logger

bumping thread... a little more then 24 hours have passed so heres a bump.
/Afrom1
 

https://forums.techguy.org/threads/suspecting-a-key-logger.826770/
Relevancy 43%

here's my hijackthis log and MBAM logfile can anyone help Logfile of Trend Micro HijackThis v BETA Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon suspecting keylogger exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system nvsvc exe C suspecting keylogger WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Lavasoft Ad-Aware AAWService exe C Program Files Alwil Software Avast ashServ exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS arservice exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C WINDOWS System svchost exe C WINDOWS ehome ehtray exe C Program Files Java jre bin jqs exe C Program Files Common Files LightScribe LSSrvc exe C WINDOWS System spool DRIVERS W X HPZIPM EXE C windows system hpsysdrv exe C Program Files Microsoft Search Enhancement Pack SeaPort SeaPort exe C WINDOWS ARPWRMSG EXE C Program Files HP HP Software Update HPWuSchd exe C HP KBD KBD suspecting keylogger EXE C Program Files Microsoft IntelliType Pro type exe C Program Files Common Files Logitech G-series Software LGDCore exe C WINDOWS system SearchIndexer exe C WINDOWS eHome ehmsas exe C WINDOWS RTHDCPL EXE C PROGRA ALWILS Avast ashDisp exe C WINDOWS system RUNDLL EXE C Program Files Java jre bin jusched exe C Program Files XoftSpySE XoftSpySE exe C Program Files Windows Live Messenger msnmsgr exe C Program Files Alwil Software Avast ashMaiSv exe C WINDOWS system ctfmon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files Windows Media Player WMPNSCFG exe C Program Files Microsoft ActiveSync wcescomm exe C Program Files Windows Desktop Search WindowsSearch exe C Program Files OpenOffice org program soffice exe C Program Files Alwil Software Avast ashWebSv exe C WINDOWS system dllhost exe C Program Files OpenOffice org program soffice bin C PROGRA MI AA rapimgr exe C Program Files Common Files XoftSpySE xoftspyservice exe C Program Files Alwil Software Avast ashMaiSv exe C Program Files Windows Live Contacts wlcomm exe C Program Files Ventrilo Ventrilo exe C WINDOWS system SearchProtocolHost exe C Program Files Mozilla Firefox firefox exe C Program Files Lavasoft Ad-Aware AAWTray exe C WINDOWS system msiexec exe C Program Files TrendMicro HiJackThis HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google dk R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKCU Software Microsoft Internet Explorer SearchURL Default http g msn dk SEDADK SAOS FORM TOOLBR O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - C C A-E - b - D - CECB - no file O - BHO Search Helper - EBF - F- bff-A F-B E AAC B - C Program Files Microsoft Search Enhancement Pack Search Helper SEPsearchhelperie dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files Google Google Toolbar GoogleToolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - BHO Google Dictionary Compression sdch - C D FE-E D- -BB - C E E C E - C Program Files Google Google Toolbar Component fastsearch B C AC BB E dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C ... Read more

A:suspecting keylogger

bumped.

I discovered I couldn't edit the post after typing it, so here's some more info to my problem:

I got hacked in world of warcraft, thus suspecting a keylogger. I have scanned my computer with the following programmes one by one:
Avast! (my ordinary antivirus - only one I kept afterwards)
Panda
Ccleaner
registryfix
xoftspySE
Kaspersky
MBAM
Ad-aware
ATF cleaner
Bitdefender
Spybot search and destroy

the MBAM programme found the rogue.multiple, but I don't know if this was the keylogger or "just" some malware.
The rest did not find anything.

Can you see if there's still a keylogger hiding in there somewhere?

http://www.techsupportforum.com/forums/f50/suspecting-keylogger-452379.html
Relevancy 43%

hey im sure im infected with something plz help i tryed the panda scan but i dont know it wasent working here is my hjt log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode Normal Running processes suspecting infectionsss... C Windows system taskeng exe C Windows system Dwm exe C Windows Explorer EXE C Program Files Dell MediaDirect PCMService exe C Program Files Trend Micro Internet Security pccguide exe C Windows OEM Mon exe C Windows system wbem unsecapp exe C Program Files Dell Dell Webcam Manager DellWMgr exe C Windows System WLTRAY EXE C Program Files Alwil Software Avast ashDisp suspecting infectionsss... exe C Windows System rundll exe C Windows System rundll exe C Program Files iTunes iTunesHelper exe C Program Files DellSupport DSAgnt exe C Program Files Dell Support Center bin sprtcmd exe C Program Files Gadwin Systems PrintScreen PrintScreen exe C Program Files Windows Media Player wmpnscfg exe C Program Files Digital Line Detect DLG exe C Program Files Dell QuickSet quickset exe C Windows System rundll exe C Program Files Common Files AOL Loader aolload exe C Windows system wuauclt exe C Program Files Windows Live Messenger msnmsgr exe C Program Files Creative Live Cam VideoFX StartFX exe C Program Files Internet Explorer ieuser exe C Program Files Internet Explorer iexplore exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Windows system Macromed Flash FlashUtil e exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO no name - D -C F suspecting infectionsss... - efb- B - ECA - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - c Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Browser Address Error Redirector - CA C - B - E-A -A C DB F - C Program Files Dell BAE BAE dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hide O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run SigmatelSysTrayApp ProgramFiles SigmaTel C-Major Audio WDM sttray exe O - HKLM Run PCMService quot C Program Files Dell MediaDirect PCMService exe quot O - HKLM Run pccguide exe quot C Program Files Trend Micro Internet Security pccguide exe quot O - HKLM Run OEM Mon exe C Windows OEM Mon exe O - HKLM Run ISUSScheduler quot C Program Files Common Files InstallShield UpdateService issch exe quot -start O - HKLM Run ECenter C Dell E-Center EULALauncher exe O - HKLM Run dscactivate quot C Program Files Dell Support Center gs agent custom dsca exe quot O - HKLM Run DELL Webcam Manager quot C Program Files Dell Dell Webcam Manager DellWMgr exe quot s O - HKLM Run Broadcom Wireless Manager UI C Windows system WLTRAY exe O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run PrevxCSI quot C Program Files PrevxCSI prevxcsi exe quot -boot O -... Read more

http://www.techsupportforum.com/forums/f284/suspecting-infectionsss-254294.html
Relevancy 43%

Hello two days after installing World of Warcraft my gmail-account and WoW-account was accessed by keylogger a Suspecting such or someone Suspecting a keylogger or such else both services notified me gmail was Suspecting a keylogger or such suddenly accessed from China WoW was suspended for spamming online Both accounts use the same email-address as username but have different passwords Luckily for some reason they didn t change my passwords I have now changed all my passwords and haven t accessed these accounts from the infected computer For browser I use Firefox I have ran the following anti-virus removal programs on my infected computer A F-Secure based antivirus found and removed trackers CCleaner SUPERAntiSpyware Spybot Search amp Destroy MalwareBytes Anti-Malware F-Secure antivirus and CCleaner again HijackThisAfter point none of the programs found any infections Registry was cleaned a bit Here s the HijackThis log Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS system spoolsv exeC WINDOWS Explorer EXEC Program Files Elisa Tietoturvapalvelu Common FSM EXEC Program Files Logitech iTouch iTouch exeC WINDOWS system RUNDLL EXEC Program Files dcmsvc dcmsvc exeC Program Files Common Files Java Java Update jusched exeC Program Files DAEMON Tools Lite DTLite exeC Documents and Settings Pete Local Settings Application Data Google Update GoogleCrashHandler exeC WINDOWS system ctfmon exeC Program Files Windows Media Player WMPNSCFG exeC Program Files SUPERAntiSpyware SUPERAntiSpyware exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Elisa Tietoturvapalvelu Anti-Virus fsgk st exeC Program Files Elisa Tietoturvapalvelu Common FSMA EXEC Program Files Elisa Tietoturvapalvelu Anti-Virus FSGK EXEC Program Files Elisa Tietoturvapalvelu Common FSHDLL EXEC WINDOWS System svchost exeC Program Files Java jre bin jqs exeC WINDOWS system nvsvc exeC Program Files IDT IntelXPV v WDM STacSV exeC WINDOWS system svchost exeC Program Files Elisa Tietoturvapalvelu FWES Program fsdfwd exeC Program Files Elisa Tietoturvapalvelu Anti-Virus fssm exeC Program Files Elisa Tietoturvapalvelu Anti-Virus fsav exeC WINDOWS system NOTEPAD EXEC Program Files Mozilla Firefox firefox exeC WINDOWS system NOTEPAD EXEC WINDOWS system notepad exeC WINDOWS system wuauclt exeC Documents and Settings Pete Desktop Down HijackThis exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Connection Wizard ShellNext http windowsupdate microsoft com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer O - Hosts localhostO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocxO - BHO LitmusBHO - C EB - - - F- CF AE DC C - C Program Files Elisa Tietoturvapalvelu NRS iescript baselitmus dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - Toolbar Browsing Protection Toolbar - EEE E- - D -AEA -F FDF - C Program Files Elisa Tietoturvapalvelu NRS iescript baselitmus dllO - HKLM Run F-Secure Manager quot C Program Files Elisa Tietoturvapalvelu Common FSM EXE quot splashO - HKLM Run F-Secure TNB... Read more

A:Suspecting a keylogger or such

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREAndPlease download DeFogger to your desktop.Double click DeFogger to run the tool. The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OK DeFogger will now ask to reboot the machine - click OKIMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.ThenPlease download GMER from one of the following locations and save it to your desktop:Main Mirror
This version will download a randomly named file (Recommended)Zipped Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and re-enable all active protection when done.-- If you encounter any problems, try running GMER in Safe Mode.

http://www.bleepingcomputer.com/forums/t/353270/suspecting-a-keylogger-or-such/
Relevancy 43%

Hello I cant I virus a suspecting am reach the Firefox s website ID info and couldn t change the FasterFox options firefox extension I uninstall the firefox but the same problem is still ongoing and sometimes firefox freezes I ran killswitch Comodo Cleaning Essentials and i saw windows service with a funny name Also i ran ccleaner with these I am suspecting a virus options and anything happen window size location cache tray notifications cache Also some programs installed in different language even though i choose anything about language sorry for my bad english DDS Ver - - - NTFSx Internet Explorer BrowserJavaVersion Run by hp at on - - Microsoft Windows Starter GMT AV Avira Desktop Enabled Updated F B DE -C B - C F- EFF- C BD D C C SP Avira Desktop Enabled Updated D AAC -E E- B - F- F C DA SP Windows Defender Disabled Updated D DDC A- F- fae- E -DA C ACF FW FireWall Enabled CE CCC - ADB- D - A -C B E B Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Program Files IObit Advanced SystemCare ASCService exe C Windows system svchost exe -k RPCSS C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows system WLANExt exe C Windows system conhost exe C Windows System spoolsv exe C Program Files Avira AntiVir Desktop sched exe C Windows system svchost exe -k LocalServiceNoNetwork C Program Files Common Files Adobe ARM armsvc exe C Program Files Avira AntiVir Desktop avfwsvc exe C Windows system taskhost exe C Program Files Avira AntiVir Desktop avguard exe C Windows system Dwm exe C Program Files Hewlett-Packard Shared HPDrvMntSvc exe C Windows Explorer EXE C Program Files Microsoft Application Virtualization Client sftvsa exe C Windows system svchost exe -k imgsvc C Program Files Common Files Microsoft Shared Windows Live WLIDSVC EXE C Program Files Microsoft Application Virtualization Client sftlist exe C Program Files Common Files Microsoft Shared Windows Live WLIDSvcM exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files AmIcoSingLun AmIcoSinglun exe C Program Files IDT WDM sttray exe C Program Files Intel Intel reg Rapid Storage Technology IAStorIcon exe C Windows System igfxpers exe C Windows System hkcmd exe C Windows system igfxsrvc exe C Program Files Avira AntiVir Desktop avgnt exe C Program Files Common Files Java Java Update jusched exe C PROGRAM FILES SYNAPTICS SYNTP SYNTPHELPER EXE C Program Files Common Files Microsoft Shared Virtualization Handler CVHSVC EXE C Program Files Avira AntiVir Desktop avshadow exe C Windows system conhost exe C Program Files Avira AntiVir Desktop avmailc exe C Program Files Avira AntiVir Desktop AVWEBGRD EXE C Windows system SearchIndexer exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Windows system svchost exe -k LocalServiceAndNoImpersonation C Program Files Mozilla Firefox firefox exe C Program Files Mozilla Firefox plugin-container exe C Windows system Macromed Flash FlashPlayerPlugin exe C Windows system Macromed Flash FlashPlayerPlugin exe C Program Files Hewlett-Packard HP Support Framework hpsa service exe C Program Files Intel Intel reg Rapid Storage Technology IAStorDataMgrSvc exe C Program Files IObit Advanced SystemCare ASC exe C Program Files IObit Advanced SystemCare ASCTray exe c program files avira antivir desktop avscan exe C Windows System svchost exe -k swprv C Windows system DllHost exe C Windows system conhost exe C Windows system wbem wmiprvse exe Pseudo HJT Report uStart Page hxxp isearch avg com cid F EDA - B - E -A E- B CB C amp mid e a d bbd ed d f-b edd aa d cd d be c cefee f amp lang tr amp ds avgab amp pr sa amp d - - amp v amp sap hp uURLSearchHooks H - No File BHO AutorunsDisabled - No File BHO Java Plug-In SSV Helper bb-d f - c-b eb-d daf d d - c progra... Read more

Relevancy 43%

One of my Pc has become very slow and it restarts during work without any notice showing a blue please SUSPECTING MALWARE help me screen full of writing but could not be read because it restarts within seconds My McAfee antivirus was last updated on and after that it's not updating though it does not show any infection but i am suspecting somthing unusual with my pc following my HijackThis log file Please help me - Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS SUSPECTING MALWARE please help me System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system SUSPECTING MALWARE please help me svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Lavasoft Ad-Aware aawservice exe C Program Files Common Files EPSON eEBAPI SAgent exe c PROGRA SUSPECTING MALWARE please help me mcafee com vso mcshield exe C WINDOWS Explorer EXE C PROGRA McAfee com Agent mcupdmgr exe c PROGRA mcafee com vso OasClnt exe c program files mcafee com vso mcvsshld exe c program files mcafee com agent mcagent exe C PROGRA mcafee com vso mcvsescn exe c PROGRA mcafee com agent mctskshd exe C PROGRA McAfee com Agent mcupdui exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C PROGRA MCAFEE COM PERSON MPFTRAY EXE C Program Files LOGTIME Logtimew exe C Program Files QuickTime qttask exe C WINDOWS System spool DRIVERS W X E S IC EXE C Program Files Messenger msmsgs exe C PROGRA MCAFEE COM PERSON MPFAGENT EXE C PROGRA MCAFEE COM PERSON MPFSERVICE exe c progra mcafee com vso mcvsftsn exe C Program Files Yahoo Messenger ymsgr tray exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Internet Explorer IEXPLORE EXE C Program Files Internet Explorer IEXPLORE EXE C Program Files Internet Explorer IEXPLORE EXE C WINDOWS system svchost exe C PROGRA DAP DAP EXE C Program Files McAfee com VSO mcmnhdlr exe C Documents and Settings Lalit chhalani Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co in F - REG system ini UserInit userinit exe O - BHO no name - - - F - D - - D F - no file O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - HKLM Run igfxtray C WINDOWS system igfxtray exe O - HKLM Run igfxhkcmd C WINDOWS system hkcmd exe O - HKLM Run igfxpers C WINDOWS system igfxpers exe O - HKLM Run VSOCheckTask quot C PROGRA McAfee com VSO mcmnhdlr exe quot checktask O - HKLM Run VirusScan Online C Program Files McAfee com VSO mcvsshld exe O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe c PROGRA mcafee com agent mcupdate exe O - HKLM Run MPFExe C PROGRA MCAFEE COM PERSON MPFTRAY EXE O - HKLM Run OASClnt C Program Files McAfee com VSO oasclnt exe O - HKLM Run Logtime quot C Program Files LOGTIME Logtimew exe quot -m O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run EPSON Stylus C Series C WINDOWS System spool DRIVERS W X E S IC EXE P quot EPSON Stylus C Series quot O quot LPT quot M quot Stylus C quot O - HKCU Run Yahoo Pager quot C Program Files Yahoo Messenger YahooMessenger exe quot -quiet O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - Extra context menu item amp Download with amp DAP - C PROGRA DAP dapextie htm O - HKLM System CCS Services Tcpip B F AC-B D - E -B C- C C E NameServer O - Protocol skype com - FFC B - B - DFF- - C DD F D - C PROGRA COMMON Skype SKYPE DLL O - Service Ad-Aware Service aawservice - Lavasoft AB - C Program Files Lavasoft Ad-Aware aawservice exe O - Service EPSON Printer Status Agent EPSONStatusAgent - SEIKO EPSON CORPORATION - C Program Files Common Files EPSON eEBAPI SAgent exe O - Service Google Updater Service gusvc - Google - C Program Files Google Common Google Updater GoogleUpdaterService exe O - Service Install... Read more

http://www.techsupportforum.com/forums/f284/suspecting-malware-please-help-me-207631.html
Relevancy 43%

Suspecting keylogger or something similar because my world of warcraft account have been stolen hacked and password and mail changed so this means that they had access to my hotmail account too somehow according to hxxp www hijackthis de en it show thats HJT log entries are safe sLogfile of Trend Micro HijackThisLogfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP Suspecting keylogger WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost Suspecting keylogger exeC WINDOWS System svchost exeC WINDOWS system svchost exeC Program Files Lavasoft Ad-Aware AAWService exeC WINDOWS system spoolsv exeC Program Files Bonjour mDNSResponder exeC Program Files Common Files LightScribe LSSrvc exeC Program Files McAfee SiteAdvisor McSACore exeC WINDOWS system ctfmon exeC PROGRA McAfee MSC mcmscsvc exec program files common files mcafee mna mcnasvc exec PROGRA COMMON mcafee mcproxy mcproxy exeC PROGRA McAfee VIRUSS mcshield exeC Program Files McAfee MPF MPFSrv exeC Program Files McAfee MSK MskSrver exeC WINDOWS system nvsvc exeC WINDOWS system PnkBstrA exec Program Files Common Files Protexis License Service PsiService exeC WINDOWS System TUProgSt exec PROGRA mcafee com agent mcagent exeC WINDOWS RTHDCPL EXEC Program Files Lavasoft Ad-Aware AAWTray exeC Program Files Spybot - Search amp Destroy TeaTimer exeC Program Files Windows Live Messenger MsnMsgr ExeC Program Files DAEMON Tools Lite daemon exeC Program Files RivaTuner v RivaTuner exeC Program Files Windows Live Contacts wlcomm exeC PROGRA McAfee VIRUSS mcsysmon exeC WINDOWS explorer exeC WINDOWS system notepad exeC Program Files Mozilla Firefox firefox exeC Program Files Trend Micro HijackThis HijackThis exeC WINDOWS system NOTEPAD EXEC Program Files Internet Explorer IEXPLORE EXER - HKCU Software Microsoft Internet Explorer Main Start Page hxxp www neti ee R - HKLM Software Microsoft Internet Explorer Main Default Page URL hxxp go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL hxxp go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page hxxp go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page hxxp go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO McAfee Phishing Filter - B A- - A -B -BE AFE AB - c PROGRA mcafee msk mskapbho dllO - BHO flashget urlcatch - F -AA - B - F D- A B E EF - C Program Files FlashGet jccatch dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO scriptproxy - DB D A - - E -B D- F C - c PROGRA mcafee VIRUSS scriptsn dllO - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO McAfee SiteAdvisor BHO - B E -A B - A -B - CD E A FF - c PROGRA mcafee SITEAD mcieplg dllO - BHO FlashGet GetFlash Class - F E- EF- C- - BA DBA - C Program Files FlashGet getflash dllO - Toolbar McAfee SiteAdvisor Toolbar - EBBBE -BAD - B C- E A- ABECAE - c PROGRA mcafee SITEAD mcieplg dllO - HKLM Run PHIME ASync C WINDOWS system IME TINTLGNT TINTSETP EXE SYNCO - HKLM Run PHIME A C WINDOWS system IME TINTLGNT TINTSETP EXE IMENameO - HKLM Run SkyTel SkyTel EXEO - HKLM Run McENUI C PROGRA McAfee MHN McENUI exe hideO - HKLM Run mcagent exe quot C Program Files McAfee com Agent mcagent exe quot runkeyO - HKLM Run EstEID AIP switch quot C Program Files IT Arendus ID-kaart aipswitch exe quot O - HKLM Run RTHDCPL RTHDCPL EXEO - HKLM Run Ad-Watch C Program Files Lavasoft Ad-Aware AAWTray exeO - HKLM Run Riv... Read more

A:Suspecting keylogger

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERER,K

http://www.bleepingcomputer.com/forums/t/219866/suspecting-keylogger/
Relevancy 43%

It all started a few days ago I was doing my work when suddenly I was attacked by a wave of virus called W spyrat I ran Suspecting virus... a full scan with my symantec antivirus and found nothing I then downloaded ad-aware and did found the virus tried to clean it Suspecting virus... but with no results The Suspecting virus... protection log still shows the virus is attacking every secs It continued still a few hours ago it abrutly stopped After some time my interent is down Im using a wireless network and it shows an unidentify network I am not able to go on the interent im now using my other comp THings got worse when I tried to get the required data to post on this forum when im running GMER I got a blue screen So should I continuing to get all those logs or wait I had run a scan using malwarebytes and got infected file Do u want to know the log too Thx a million nbsp

Relevancy 43%

I just suspecting malware deleted some malware from my computer Can someone please check my log to make sure suspecting malware I dont have any left Thanks Logfile of Trend Micro HijackThis v suspecting malware Scan saved at PM on Platform Windows XP SP WinNT MSIE suspecting malware Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files Windows Defender MsMpEng exe C WINDOWS System svchost exe C WINDOWS system svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS Explorer EXE C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C WINDOWS system spoolsv exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files Symantec AntiVirus DefWatch exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C Program Files Symantec AntiVirus Rtvscan exe C WINDOWS System wltrysvc exe C WINDOWS System bcmwltry exe C WINDOWS system rundll exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS BCMSMMSG exe C WINDOWS system dla tfswctrl exe C Program Files Java jre bin jusched exe C Program Files Common Files Real Update OB realsched exe C Program Files Common Files Symantec Shared ccApp exe C PROGRA SYMANT VPTray exe C Program Files Windows Defender MSASCui exe C Program Files iTunes iTunesHelper exe C Program Files Messenger msmsgs exe C WINDOWS system ctfmon exe C Program Files Symantec AntiVirus DoScan exe C Program Files BitTorrent DNA dna exe C Program Files Microsoft Office Office msoffice exe C Program Files iPod bin iPodService exe C Program Files Mozilla Firefox firefox exe C Program Files Java jre bin jucheck exe C Program Files Symantec AntiVirus DWHWIZRD EXE C Documents and Settings RAHUL IS AWESOME Desktop HiJackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page about blank R - HKCU Software Microsoft Internet Connection Wizard ShellNext http trafc- rfe php cm amp lid as R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe installquiet O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run BCMSMMSG BCMSMMSG exe O - HKLM Run dla C WINDOWS system dla tfswctrl exe O - HKLM Run UpdateManager quot C Program Files Common Files Sonic Update Manager sgtray exe quot r O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run UserFaultCheck systemroot system dumprep -u O - HKLM Run TkBellExe q... Read more

A:suspecting malware

legolas192

Are you noticing any problems ?

Please follow as many of the 5 steps as possible and then post the required logs in this thread.
http://www.techsupportforum.com/secu...sting-log.html
Also in your next post please let us know of any problems you may have following the 5 steps and an update on system behaviour

You may wish to subscribe to this thread (thread tools > subscribe to this thread) so you are informed as soon as you receive a reply.

http://www.techsupportforum.com/forums/f284/suspecting-malware-197116.html
Relevancy 43%

facing auto shutdown problem everytime i try to strt the comp plz help i suspect a virus following is my log Logfile of virus suspecting HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS suspecting virus system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS BCMSMMSG exe C WINDOWS System hkcmd exe C Program Files McAfee Managed VirusScan Agent myagttry exe C Program Files Java jre bin jusched exe C Program Files Microsoft AntiSpyware gcasServ exe C Program Files Messenger msmsgs exe C Program Files Sify Broadband BBImpSec exe C WINDOWS System DRIVERS CDANTSRV EXE C Program Files McAfee Managed VirusScan Agent myAgtSvc Exe C Program Files Microsoft AntiSpyware gcasDtServ exe D yahoomsgn Messenger ymsgr tray exe C PROGRA McAfee MANAGE VScan McShield exe C Program Files Sify Broadband BBClient exe C WINDOWS system wuauclt exe C Program Files Internet Explorer iexplore exe D hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www sifymax com R - HKCU Software Microsoft Internet Explorer Main Local Page R - Default URLSearchHook is missing O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run BCMSMMSG BCMSMMSG exe O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run RevertSettings o O - HKLM Run McAfee Managed Services Tray quot C Program Files McAfee Managed VirusScan Agent myagttry exe quot O - HKLM Run MVS Splash C PROGRA McAfee MANAGE VScan Splash exe O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run gcasServ quot C Program Files Microsoft AntiSpyware gcasServ exe quot O - HKLM Run sfbkwimx c windows system sfbkwimx exe -start O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run iolo System Mechanic Utility Bar quot D sysmech SMUtilityBar exe quot O - HKCU Run Yahoo Pager quot D yahoomsgn Messenger ypager exe quot -quiet O - HKCU Run SifyBB C Program Files Sify Broadband BBImpSec exe O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Extra context menu item amp Google Search - res c program files google GoogleToolbar dll cmsearch html O - Extra context menu item amp Translate English Word - res c program files google GoogleToolbar dll cmwordtrans html O - Extra context menu item Backward Links - res c program files google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res c program files google GoogleToolbar dll cmcache html O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra context menu item Similar Pages - res c program files google GoogleToolbar dll cmsimilar html O - Extra context menu item Translate Page into English - res c program files google GoogleToolbar dll cmtrans html O - Extra button Yahoo Messenger - E D C E- B F- D -B C - C C - D YAHOOM MESSEN YPAGER EXE O - Extra Tools menuitem Yahoo Messenger - E D C E- B F- D -B C - C C - D YAHOOM MESSEN YPAGER EXE O - Plugin for spop C Program Files Internet Explorer Plugins NPDocBox dll O - HKLM System CCS Services Tcpip Parameters Domain dmde com O - HKLM Software Telephony DomainName dmde com O - HKLM System CCS Services Tcpip E B - B- CD - F- F E B NameServer O - HKLM System CS Services Tcpip Parameters Domain dmde com O - HKLM System CS Services Tcpip E B - B- CD - ... Read more

Relevancy 42.57%

Hi I posted recently Boaxxe my system on Suspecting here about a weird problem with my USB ports that problem is solved but I believe I might still have malware A few weeks ago I was infected and Avast found Boaxxe-S Drp and Trojan-gen Her is my HijackThis log Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Suspecting Boaxxe on my system Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program WIDCOMM Bluetooth Software bin btwdins exe C Program Alwil Software Avast AvastSvc exe C Program ALWILS Avast avastUI exe C Program Java jre bin jusched exe C WINDOWS Suspecting Boaxxe on my system RTHDCPL EXE C WINDOWS system igfxtray exe C WINDOWS system hkcmd exe C Program Elantech ETDCtrl exe C Program EeePC ACPI AsTray exe C Program EeePC ACPI AsEPCMon exe C Program EeePC ACPI AsAcpiSvr exe C WINDOWS system igfxsrvc exe C WINDOWS system igfxext exe C Program WIDCOMM Bluetooth Software BTTray exe C Program Asus EeePC Super Hybrid Engine SuperHybridEngine exe C WINDOWS system spoolsv exe C Program Java jre bin jqs exe C WINDOWS system svchost exe C WINDOWS system wscntfy exe C WINDOWS explorer exe C WINDOWS system msiexec exe C Program Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName L nkar O - BHO L nkhj lp till Adobe PDF Reader - E F-C D - D -B D- B D BE B - C Program Delade filer Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Windows Live inloggningshj lpen - D - C - ABF- ECC- C - C Program Delade filer Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Java jre bin jp ssv dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Java jre lib deploy jqs ie jqs plugin dll O - HKLM Run avast C Program ALWILS Avast avastUI exe nogui O - HKLM Run MSConfig C WINDOWS PCHealth HelpCtr Binaries MSConfig exe auto O - HKLM Run SunJavaUpdateSched quot C Program Java jre bin jusched exe quot O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run QuickTime Task quot C Program QuickTime QTTask exe quot -atboottime O - HKLM Run Persistence C WINDOWS system igfxpers exe O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run ETDWare C Program Elantech ETDCtrl exe O - HKLM Run AsusTray C Program EeePC ACPI AsTray exe O - HKLM Run AsusEPCMonitor C Program EeePC ACPI AsEPCMon exe O - HKLM Run AsusACPIServer C Program EeePC ACPI AsAcpiSvr exe O - HKLM Run Alcmtr ALCMTR EXE O - HKLM Run Adobe Reader Speed Launcher quot D Program Adobe Reader Reader Reader sl exe quot O - HKLM RunOnce Malwarebytes Anti-Malware C Program Malwarebytes Anti-Malware mbamgui exe install silent O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User LOKAL TJ NST O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User NETWORK SERVICE O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User SYSTEM O - HKUS DEFAULT Run CTFMON EXE C WINDOWS system CTFMON EXE User Default user O - Global Startup AutoRun OSCleaner lnk O - Global Startup BankID s kerhetsprogram lnk C Program Personal bin Personal exe O - Global Startup BTTray lnk O - Global Startup SuperHybridEngine lnk O - Extra context menu item Skicka till amp Bluetooth-enhet - C Program WIDCOMM Bluetooth Software btsendto ie ctx htm O - Extra context menu item Skicka till Bluetooth - C Program WIDCOMM Bluetooth Software btsendto ie htm O - Extra button btrez dll - - CCA CA-C - ef- - C D F - C Program WIDCOMM Bluetooth Software btsendto ie htm O - Extra Tools menuitem btrez dll - - CCA CA-C - ef- - C D F - C Program WIDCOMM Bluetooth Software btsendto ie htm O - Extra button no name - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exe O - Extra Tools menuitem xpsp res dl... Read more

A:Suspecting Boaxxe on my system

I ran a Malwarebytes scan but it did not find anything, neither did Avast.
I still have two problems though.
It seems the virus created a new profile, called Admin I am sure this profile was not there before.
My second "problem" is that every time I start the computer msconfig comes up...
In the config under autostart there is still one program which avast previously detected wnia1lp1.exe, it is however diabled.

How do I proceed? Am I Cured?
 

https://forums.techguy.org/threads/suspecting-boaxxe-on-my-system.915956/
Relevancy 42.57%

When i search things in any browsers Firefox IE or Chrome I get normal results but when i click on them i often get redirected to websites that are not what i clicked usually websites selling products Recently ive been getting this pop up everytime i open my browser SECURITY INTERNET WINDOWS quot Your navigator is under danger to be infected Windows asks your permission to install protection tool Your navigator function in Insecure Regime Operating in Abrite Regime will help you to keep your computer running smoothly For your navigator to fonction in Abrite Regime Windows needs to install Certified Antivirus Software Scan and Online Protection Tool quot I thought it was in my browsers malware Suspecting suspect so i never dowloaded it or installed it My computer uses Windows Vista Premium Thank you for your time Here is my most recent HJT log Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes Suspecting malware in my browsers C Windows system taskeng exe C Windows system Dwm exe C Windows Explorer EXE C Program Files Suspecting malware in my browsers Synaptics SynTP SynTPEnh exe C Program Files Intel Intel Matrix Storage Manager IAAnotif exe C Windows system wuauclt exe C Program Files Java jre bin jusched exe C Windows System igfxpers exe C Windows System igfxtray exe C Windows System hkcmd exe C Program Files HP HP Software Update hpwuschd exe C Program Files HP Digital Imaging bin HpqSRmon exe C Program Files Hewlett-Packard HP Wireless Assistant HPWAMain exe C Program Files Hewlett-Packard HP QuickTouch HPKBDAPP exe C Program Files Hewlett-Packard HP Quick Launch Buttons QLBCTRL exe C Program Files IDT WDM sttray exe C Program Files iTunes iTunesHelper exe C Windows system igfxsrvc exe C Program Files Kaspersky Lab Kaspersky Internet Security avp exe C Program Files Windows Sidebar sidebar exe C Windows ehome ehtray exe C Program Files Common Files LightScribe LightScribeControlPanel exe C Users Vincent Program Files DNA btdna exe C Windows ehome ehmsas exe C Windows system wbem unsecapp exe C Program Files Hewlett-Packard HP wireless Assistant WiFiMsg EXE C Program Files Hewlett-Packard Shared HpqToaster exe C Program Files MioNet jvm bin MioNet exe C Program Files Synaptics SynTP SynTPHelper exe C Program Files Java jre bin jucheck exe C Program Files Windows Live Messenger msnmsgr exe C Program Files Windows Live Contacts wlcomm exe C Program Files Microsoft Office Office WINWORD EXE C Program Files Microsoft Office Live OfficeLiveSignIn exe C Users Vincent AppData Local Google Chrome Application chrome exe C Users Vincent AppData Local Google Chrome Application chrome exe C Windows system SearchFilterHost exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale fr ca amp c amp bd Pavilion amp pf cnnb R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http www google ca R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale fr ca amp c amp bd Pavilion amp pf cnnb R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TYPE amp tp iehome amp locale fr ca amp c amp bd Pavilion amp pf cnnb R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderNa... Read more

A:Suspecting malware in my browsers

Hi And Welcome to TSG!
Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Please download ComboFix from
Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

If you are using Firefox, make sure that your download settings are as follows:
Tools->Options->Main tab
Set to Always ask me where to Save the files.

During the download, rename Combofix to Combo-Fix as follows:


It is important you rename Combofix during the download, but not after.
Please do not rename Combofix to other names, but only to the one indicated.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
-----------------------------------------------------------​
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
-----------------------------------------------------------​

Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
-----------------------------------------------------------​
Double click on combo-Fix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the C:\Combo-Fix.txt for further review.
**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**
 

https://forums.techguy.org/threads/suspecting-malware-in-my-browsers.913788/
Relevancy 42.57%

Hi all I m new here Hope you can give me a hand Turns out my sister has tainted and endangered the family computer with an illegal program to download music Ares Well I m going to delete this illegal rubbish of course but I am afraid HJT log infection, Suspecting included the damage might already have been done This thing apparently works with P P so I m concerned I may have been severely infected by now I used Hijack This to get a log that you could analyse if you like to help me out Logfile of HijackThis v Scan saved at PM on Platform Suspecting infection, HJT log included Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss Suspecting infection, HJT log included exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS Explorer EXE C WINDOWS System svchost exe C WINDOWS System MsPMSPSv exe C Program Files Common Files Symantec Shared Security Center SymWSC exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C Program Files QuickTime qttask exe C WINDOWS system ctfmon exe C Program Files Ares Ares exe C Program Files iPod bin iPodService exe C Program Files MSN Messenger msnmsgr exe C Program Files Internet Explorer iexplore exe C WINDOWS system wuauclt exe C Program Files Messenger msmsgs exe C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www xljazerscrwamcxagai com Ti NZ AL sEhK miJORzdltTNlwpo yMFev SUAzQ jsp R - HKCU Software Microsoft Internet Explorer Main Start Page http home onvol net O - BHO no name - B - F-A F-B CC- D E CC - C DOCUME slix APPLIC MEDIAS acid seek exe file missing O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot C Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run Symantec NetDriver Monitor C PROGRA SYMNET SNDMon exe Consumer O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run twobyterule C Documents and Settings All Users Application Data dumbdoestwobyte WEB WAVE exe O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run typefilm C DOCUME slix APPLIC CASHPI chinrect exe O - HKCU Run ares quot C Program Files Ares Ares exe quot -h O - Trusted Zone www blizzard com O - Trusted Zone http www neopets com O - Trusted Zone http www enigma site vu O - Trusted Zone http uk tickle com O - DPF B CFB- - -A -C A C Checkers Class - http messenger zone msn com binary msgrchkr cab cab O - DPF B - E - EA - B - F A BC MessengerStatsClient Class - http messenger zone msn com binary MessengerStatsPAClient cab cab O - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com fwlink linkid O - DPF C A- BE- B -A BB- B FE A ewidoOnlineScan Control - http download ewido net ewidoOnlineScan cab O - DPF F-F B- B D- DF- B B Minesweeper Flags Class - http messenger zone msn com binary MineSweeper cab cab O - DPF B F-D BF- -B -FDC F F E B FilePlanet Download Control Class - http www fileplanet com fpdlmgr cabs FPDC cab O - DPF F E B A- A - CA- - D CB MSN Photo Upload Tool - http stuffandspongebob spaces msn com PhotoUpload MsnPUpld cab O - DPF FD- - C E-A D - AC ECD FileSharingCtrl Class - http appdirectory messenger msn com AppDirectory P Apps FileSharing en filesharingctrl cab ... Read more

Relevancy 42.57%

Recently my world of warcraft account was hacked and I am suspecting that a person has a keylogger on my computer Here is the hijack this log Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Program Files x ASUS ASUS Live Update ALU exe C Program Files x ASUS SmartLogon sensorsrv exe C Program Files x ASUS Direct Console DCHelper exe C Program Files x AIM aim exe C Program Files x CyberLink Power Go CLMLSvc exe C Program Files x ASUS ATKOSD ATKOSD exe C Program Files ASUS ASUS Data Security Manager ADSMTray exe C Program Files x ASUS ATK Media DMedia exe C Program Files x ASUS Direct Console Direct Console exe C Program Files x Java jre bin jusched exe C Program Files x Common Files Symantec Shared ccSvcHst exe C Program Files x iTunes iTunesHelper exe C Program Files x AIM aolsoftware exe C Windows SysWOW conime exe C Program Files x CoreCodec The Core Media Player CorePlayer exe C Windows SysWOW divxsm exe C Users Michael AppData hjt suspecting attacked log malware, Local Google Chrome Application chrome exe C Users Michael AppData Local Google Chrome Application chrome exe C Users suspecting malware, hjt log attacked Michael AppData Local Google Chrome Application chrome exe C Users Michael AppData Local Google Chrome Application chrome exe D Downloads spybotsd exe C Users Michael AppData Local Temp is-COTEL tmp spybotsd tmp D Downloads spybotsd exe C Users Michael AppData Local Temp is- IC tmp spybotsd tmp C Program Files x Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http www mystart com pr oovoo R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName F - REG system ini UserInit userinit exe O - Hosts localhost O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO AskBar BHO - f d - - d - c -aa e ed - C Program Files x AskBarDis bar bin askBar dll O - BHO no name - C C A-E - b - D - CECB - no file O - BHO NCO IE BHO - ADB E- AFF- - AA - DAC DFA - C Program Files x Common Files Symantec Shared coShared Browser coIEPlg dll O - BHO Symantec Intrusion Prevention - D EC - AAE- -AEEE-F F C - C PROGRA COMMON SYMANT IDS IPSBHO dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files x Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO ooVoo Toolbar - A FB F A-D E- DD- -E A D - C Program Files x oovootb oovoodx dll O - BHO MegaIEMn - bf e - a - fd -b - b e c - C Program Files x Megaupload Mega Manager MegaIEMn dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll O - Toolbar Ask Toolbar - d e-fd b- e -b - d b f - C Program Files x AskBarDis bar bin askBar dll O - Toolbar Show Norton Toolbar - FEBEFE - B - - D -FFB D B CA - C Program Files x Common Files Symantec Shared coShared Browser CoIEPlg dll O - Toolbar ooVoo Toolbar - A FB F A-D E- DD- -E A D - C Program Files x oovootb oovoodx dll O - HKLM Run CLMLServer quot C Program Files x CyberLink Power Go CLMLSvc exe quot O - HKLM Run P Go Menu quot C Program Files x CyberLink Power Go MUITransfer MUIStartMenu exe quot quot C Program Files x CyberLink Power Go quot UpdateWithCreateOnce quot SOFTWA... Read more

https://forums.techguy.org/threads/suspecting-malware-hjt-log-attacked.918250/
Relevancy 42.57%

I am suspecting I have a key logger or a trojan virus which takes all of my passwords because my world of warcraft account has been hacked times in less than hours After the first time i changed my password but then hour later it was hacked again so it must be something on my computer which takes my passwords or something Have followed Blizzard s guide on how to get rid of these things and here is now my hijackthis notes Logfile of Trend computer on keylogger my i Suspecting have a Micro HijackThis v Scan saved at on - - Platform Unknown Windows WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Program Files x Norton Engine ccSvcHst exe C Program Files x Common Files Java Java Update jusched exe C Program Files x iTunes iTunesHelper exe C Program Files x Voddler service VNetManager exe C Program Files x iTunes iTunes exe C Program Files x Mozilla Firefox firefox exe C Program Files x Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Suspecting i have a keylogger on my computer Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - Suspecting i have a keylogger on my computer HKCU Software Microsoft Suspecting i have a keylogger on my computer Internet Explorer Toolbar LinksFolderName R - URLSearchHook Vuze Remote Toolbar - ba e- - -b f - e d cc - C Program Files x Vuze Remote tbVuze dll F - REG system ini UserInit userinit exe O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO Symantec NCO BHO - ADB E- AFF- - AA - DAC DFA - C Program Files x Norton Engine coIEPlg dll O - BHO Symantec Intrusion Prevention - D EC - AAE- -AEEE-F F C - C Program Files x Norton Engine IPSBHO DLL O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C Program Files x Microsoft Office Office GrooveShellExtensions dll O - BHO Windows Live inloggningshj lpen - D - C - ABF- ECC- C - C Program Files x Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Vuze Remote Toolbar - ba e- - -b f - e d cc - C Program Files x Vuze Remote tbVuze dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll O - Toolbar Norton Toolbar - FEBEFE - B - - D -FFB D B CA - C Program Files x Norton Engine coIEPlg dll O - Toolbar Vuze Remote Toolbar - ba e- - -b f - e d cc - C Program Files x Vuze Remote tbVuze dll O - HKLM Run ATICustomerCare quot C Program Files x ATI ATICustomerCare ATICustomerCare exe quot O - HKLM Run SunJavaUpdateSched quot C Program Files x Common Files Java Java Update jusched exe quot O - HKLM Run GrooveMonitor quot C Program Files x Microsoft Office Office GrooveMonitor exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files x Adobe Reader Reader Reader sl exe quot O - HKLM Run Adobe ARM quot C Program Files x Common Files Adobe ARM AdobeARM exe quot O - HKLM Run QuickTime Task quot C Program Files x QuickTime QTTask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files x iTunes iTunesHelper exe quot O - HKLM Run VoddlerNet Manager C Program Files x Voddler service VNetManager exe O - HKLM Run StartCCC quot C Program Files x ATI Technologies ATI ACE Core-Static CLIStart exe quot MSRun O - HKL... Read more

https://forums.techguy.org/threads/suspecting-i-have-a-keylogger-on-my-computer.925295/
Relevancy 42.57%

Hello i m suspecting of having a backdoor and or trojan in my system Could anyone pls help Tks in advance The following is my HJT log Logfile of HijackThis v Scan saved backdoor and/or Suspecting of trojan.....HELP! at AM on Platform Windows Suspecting of backdoor and/or trojan.....HELP! XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Autodesk Shared Service AdskScSrv exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files Grisoft AVG Anti-Spyware guard exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C Program Files TOSHIBA ConfigFree CFSvcs exe C WINDOWS system DVDRAMSV exe C WINDOWS Explorer EXE C WINDOWS system nvsvc exe C WINDOWS system svchost exe C WINDOWS system THotkey exe C Program Files Common Files Symantec Shared Security Center SymWSC exe C WINDOWS system TFNF exe C Program Files TOSHIBA TOSHIBA Zooming Utility SmoothView exe C Program Files SigmaTel SigmaTel AC Audio Drivers stacmon exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files TOSHIBA Touch and Launch PadExe exe C Program Files TOSHIBA TouchED TouchED Exe C WINDOWS AGRSMMSG exe C Program Files TOSHIBA ConfigFree NDSTray exe C WINDOWS system TPSBattM exe C Program Files TOSHIBA TOSHIBA Controls TFncKy exe C Program Files ltmoh Ltmoh exe C Program Files Common Files Symantec Shared ccApp exe C Program Files D-Tools daemon exe C WINDOWS system LVCOMSX EXE C Program Files Logitech Video LogiTray exe C Program Files Logitech MouseWare system em exec exe C Program Files iTunes iTunesHelper exe C Program Files Adobe Acrobat Distillr Acrotray exe C PROGRA Grisoft AVGFRE avgcc exe C WINDOWS system RUNDLL EXE C Program Files iPod bin iPodService exe C Program Files TOSHIBA TOSCDSPD toscdspd exe C Program Files Logitech Video FxSvr exe C Program Files UniKey UniKeyNT exe C Program Files Google Google Talk googletalk exe C Program Files Skype Phone Skype exe C WINDOWS system RAMASST exe C Program Files Mozilla Firefox firefox exe C Program Files Adobe Acrobat Acrobat Acrobat exe C DOCUME LEMINH LOCALS Temp Adobelm Cleanup C Program Files Common Files Adobe Systems Shared Service Adobelmsvc exe C DOCUME LEMINH LOCALS Temp Adobelm Cleanup C Program Files Yahoo Messenger YahooMessenger exe C Program Files Norton AntiVirus navapsvc exe C Program Files Norton AntiVirus SAVScan exe C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www avsnonline net R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO IeCatch Class - A -E CA- D - CD - D B - C PROGRA FlashGet jccatch dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO CNavExtBho Class - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC... Read more

https://forums.techguy.org/threads/suspecting-of-backdoor-and-or-trojan-help.533321/
Relevancy 42.57%

Hey everyone when y'all get a moment could you please analyze my HijackThis log The other day my World of Warcraft account and hotmail email Suspecting keyloggers/trojans were compromised by chinese secret agents I suppose DLogfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista SP WinNT MSIE Internet Suspecting keyloggers/trojans Explorer v Boot mode NormalRunning processes C Suspecting keyloggers/trojans Windows system taskeng exeC Windows system Dwm exeC Windows Explorer EXEC Program Files Dell DellDock DellDock exeC Program Files Windows Defender MSASCui exeC Program Files DellTPad Apoint exeC Program Files IDT WDM sttray exeC Program Files Intel Intel Matrix Storage Manager IAAnotif exeC Windows System WLTRAY EXEC Program Files DigitalPersona Bin DpAgent exeC Program Files ATI Technologies ATI ACE Core-Static MOM exeC Windows system conime exeC Program Files Dell Webcam Dell Webcam Central WebcamDell exeC Program Files Winamp winampa exeC Program Files QuickTime QTTask exeC Program Files Java jre bin jusched exeC Program Files Windows Sidebar sidebar exeC Program Files Dell Video Chat DellVideoChat exeC ProgramData Macrovision FLEXnet Connect ISUSPM exeC Program Files DAEMON Tools Lite daemon exeC Program Files Windows Media Player wmpnscfg exeC Program Files WIDCOMM Bluetooth Software BTTray exeC Program Files Dell QuickSet quickset exeC Program Files SetPoint SetPoint exeC Program Files WIDCOMM Bluetooth Software BtStackServer exeC Program Files DellTPad HidFind exeC Program Files ATI Technologies ATI ACE Core-Static CCC exeC Program Files DellTPad Apntex exeC Program Files Common Files Logitech khalshared KHALMNPR EXEC Program Files Common Files LogiShrd LVCOMSER LVComSer exeC Program Files Common Files LogiShrd LComMgr Communications Helper exeC Program Files Windows Live Messenger msnmsgr exeC Program Files Avira AntiVir PersonalEdition Classic avgnt exeC Program Files Mozilla Firefox firefox exeC Program Files Trend Micro HijackThis HijackThis exeC PROGRA Java jre bin jp launcher exeC Program Files Java jre bin java exeC Users Keaton Desktop stinger exeC Program Files Windows Media Player wmplayer exeR - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Main Window Title Internet Explorer provided by DellR - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhostO - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - c Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dllO - BHO Java Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Browser Address Error Redirector - CA C - B - E-A -A C DB F - C Program Files Dell BAE BAE dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hideO - HKLM Run ECenter C Dell E-Center EULALauncher exeO - HKLM Run Apoint C Program Files DellTPad Apoint exeO - HKLM Run SysTrayApp ProgramFiles IDT WDM sttray exeO - HKLM Run Logitech Hardware Abstraction Layer quot C Program Files Common Files Logitech khalshared KHALMNPR EXE quot O - HKLM Run StartCCC quot C Program Files ATI Technologies ATI ACE Core-Static CLIStart exe quot O - HKLM Run IAAnotif quot C Program Files Intel Intel Matrix Storage Manager Iaanotif exe quot O - HKLM Run Broadcom Wireless Manager UI C Windows system WLTRAY exeO... Read more

A:Suspecting keyloggers/trojans

Hello Keaton421Welcome to BleepingComputer ========================Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

http://www.bleepingcomputer.com/forums/t/180738/suspecting-keyloggerstrojans/
Relevancy 42.57%

I already Suspecting Virus? or Spyware posted this in Windows Xp support but I decided to post it again but this time in the right place I'm sorry but I am still kind of new to this forum I think my computer caught something very bad Whenever I go to a different website I would get a pop up and the quot Internet explorer has encountered a problem quot message It is taking longer than usual to load pages as well I ran spybot and ad-aware scans and got some stuff out of the way but even after the scans and a reboot the problems continue to persist I do have a pop-up blocker so I am not sure how a pop-up comes every time I go to a different page It has never happened before So can anyone please help me fix this problem Thanks in advance I did read the quot First Steps quot post but somehow Gmer exe won't run for Suspecting Spyware or Virus? me So here is the DDS scan and attached attach txt file Sorry if I don't respond It is really late and I am tired from trying to fix this thing I will try to stay up for this as long as possible DDS Ver - - - NTFSx Run by Kevin's Domain at on Sun Internet Explorer BrowserJavaVersion Microsoft Windows XP Home Edition GMT - AV Lavasoft Ad-Watch Live Anti-Virus On-access scanning disabled Updated AV ESET NOD Antivirus On-access scanning enabled Updated Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C WINDOWS system Suspecting Spyware or Virus? svchost exe -k WudfServiceGroup svchost exe svchost exe C WINDOWS System WLTRYSVC EXE C WINDOWS System bcmwltry exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C Program Files Bonjour mDNSResponder exe C Program Files ESET ESET NOD Antivirus ekrn exe C Program Files Java jre bin Suspecting Spyware or Virus? jqs exe C Program Files Common Files Roxio Shared SharedCOM RoxWatch exe C Program Files Viewpoint Common ViewpointService exe C WINDOWS Explorer EXE C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS system igfxpers exe C WINDOWS system WLTRAY exe C WINDOWS system igfxsrvc exe C WINDOWS stsystra exe C WINDOWS system KADxMain exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Dell MediaDirect PCMService exe C Program Files ESET ESET NOD Antivirus egui exe C Program Files Microsoft Office Office GrooveMonitor exe C Program Files Lavasoft Ad-Aware AAWTray exe C PROGRA Yahoo browser ybrwicon exe C Program Files Java jre bin jusched exe C Program Files Tweak-XP Pro AdBlocker exe C WINDOWS system ctfmon exe C PROGRA Yahoo browser ycommon exe C Program Files Digital Line Detect DLG exe C Program Files AIM aolsoftware exe C Program Files Spybot - Search amp Destroy TeaTimer exe c program files aim toolbar aimtbServer exe C Program Files Internet Explorer IEXPLORE EXE C Documents and Settings Kevin's Domain Desktop dds scr Pseudo HJT Report uInternet Connection Wizard ShellNext hxxp www google com ig dell hl en amp client dell-usuk amp channel us amp ibd mURLSearchHooks AIM Toolbar Search Class f - dc - -bc - e fefafe - c program files aim toolbar aimtb dll BHO amp Yahoo Toolbar Helper d -c f - efb- b - eca - c progra yahoo companion installs cpn yt dll BHO NoExplorer - No File BHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files common files adobe acrobat activex AcroIEHelper dll BHO ContributeBHO Class c dc - - a a- d-c c - c program files adobe Adobe Contribute CS contributeieplugin dll BHO ae - f- ae -a - c b b e - c windows system nidozopi dll BHO c - e-ac a- f -cc c b b c - cc- f -a ca-e c - c windows system gghjiy dll BHO Spybot-S amp D IE Protection - f - d - - d f - c progra spybot SDHelper dll BHO Yahoo IE Services Button bab b b- bc- b - d - fc de a - c progra yahoo common yiesrvc dll BHO Groove GFS Browser Helper - c - d -b f - bbc d a e - c program files microsoft office office GrooveShellExtensions dll BHO Java tm Plug-In SSV Helper bb-d f - c-b eb-d daf d d - c program files java jre bin s... Read more

A:Suspecting Spyware or Virus?

Hi and welcome to TSF.

My name is Iain and I will be helping you clean your system.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Please do not install or uninstall any programmes, or run any other scanners or software, unless I specifically ask you to do so.


Combofix
We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/comb...o-use-combofix

Please read all the information carefully!

You MUST disable your AntiVirus and AntiSpyware applications - please read this thread as a guide. They may otherwise interfere with our tools and interrupt the cleansing process.

Please include the log C:\ComboFix.txt in your next reply for further review.

http://www.techsupportforum.com/forums/f284/suspecting-spyware-or-virus-348812.html
Relevancy 42.57%

Computer gave me BSOD 3 times today. I am suspecting a virus cause i installed a pirated game with a crack recently. Whenever the computer reboots, it reboots twice and then starts windows normally. RAM is 6GB but it says only 1.99 is usable which is a new thing. I attached the scan logs and i really appreciate your kind help. Thanks in advance...

A:Suspecting a Virus; RAM is 6GB (Only 1.99 usable)

Hello  Welcome to Bleeping Computer.  My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:  Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.  If you do not understand any step(s) provided, please do not hesitate to ask before continuing.  Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".  In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.  Finally, please reply using the Post button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.  I will be analyzing your log. I will get back to you with instructions.  1.Please download AdwCleaner by Xplode and save to your Desktop.Double-click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.The tool will start to update its database...please wait until complete.Click on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.After the scan has finished, click on the Logfile button...a report (AdwCleaner[SX].txt) will open in Notepad (where the largest value of X represents the most recent report).After reviewing the log, click on the Clean button.Press OK when asked to close all programs and follow the onscreen prompts.Press OK again to allow AdwCleaner to restart the computer and complete the removal process.After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).Copy and paste the contents of AdwCleaner[CX].txt in your next reply.A copy of all logfiles are saved to C:\AdwCleaner. 2.Download MalwareBytes Anti-Malware to your desktop. Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware. Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here. Click the Scan Now button, a threat scan will start automatically. MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available. Your computer is now being scanned, please do not use your computer during the scan. If no threats were found, click View detailed log.
Click Export and save the log as a .txt file on your Desktop or another location. If the scan detected any threats, click Apply Actions.
To complete any actions taken you will be prompted to restart your computer...click on Yes. After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs. Check the box next to Scan Log. Choose the most current scan and click View. Click Export and save the log as a .txt file on your Desktop or another location.Providing the MalwareBytes' Anti-Malware log file Attach the log file you just saved to your next reply for further review.

http://www.bleepingcomputer.com/forums/t/611878/suspecting-a-virus;-ram-is-6gb-only-199-usable/
Relevancy 42.57%

Hi forum, this would be my first post and the first time I have problems with my laptop. I am really bad with computers and I am assuming that something might have happened to it. Whenever I go to a different website I would get a pop up and the "Internet explorer has encountered a problem" message. It is taking longer than usual to load pages as well. I ran spybot and ad-aware scans and got some stuff out of the way but even after the scans and a reboot, the problems continue to persist. I do have a pop-up blocker so I am not sure how a pop-up comes every time I go to a different page. It has never happened before. So can anyone please help me fix this problem? Thanks in advance.

Edit: I think I posted in the wrong place... sorry... I am new.

A:Suspecting Spyware or Virus?

Hello Monkeyszeto

That`s OK, you should have posted in the Virus Removal Forum

Please read ?Virus/Trojan/Spyware Removal Help ? and follow the instructions very carefully; then, post all the requested logs and information in the Virus Help Forum
Please ensure that you create a new thread in the Virus Help Forum; not back here in this one.

Please be patient, as the Security Team Analysts are usually very busy; one of them will answer your request as soon as they can.
.

http://www.techsupportforum.com/forums/f10/suspecting-spyware-or-virus-348809.html
Relevancy 42.57%

hi everyone, i suspect that a family member has planted a monitoring program on my pc and i have no idea what to do,
i have malwarebytes and an anti virus but i think they might not detect some subtle softwares
i have installed TCPview and did a couple of scans but i dont know what to do with the results as my knowledge is very limited
can you please help
 
http://i66.tinypic.com/25uqvys.jpg
http://i68.tinypic.com/apgq39.png

A:suspecting of a monitoring software

Good job the urls you posted gave me a popup for a fake repair program saying my computer is broken and now i probably have adware (AGAIN).
 
Anyway antiviruses are meant to detect malware so you will probably need to use process explorer or task manager to see if you are being watched and see for anything that seems out of place or look at programs and features.

http://www.bleepingcomputer.com/forums/t/625347/suspecting-of-a-monitoring-software/
Relevancy 42.57%

I started noticing suspecting processes running on the nd cmd exe was starting without me opening the command prompt various other processes with (or virus of it) Suspecting remnants weird names were running On the rd it had obviously got into my browser and I was being redirected to google Suspecting virus (or remnants of it) com or a google when trying to enter any sites related to anti-virus programs I ran ad-aware which did not find anything then superantispyware which did find something and I ran a freshly installed malwarebytes chameleon and it found lots apparently the zbot zeus trojan which it attempted to remove I don t know the risks involved in this virus and don t know how difficult it might be to remove I did change all passwords to paypal ebay my bank email etc from another computer just to be sure even though Suspecting virus (or remnants of it) I have not been logged in to any of them on this computer since the th I was considering a reformat and reinstall of windows running bit win at the moment but I thought I would ask here first to see if there is a way to avoid that These are the logs from hijackthis and dds Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Program Files x Common Files Microsoft Shared Ink TabTip exe C Program Files x Lavasoft Ad-Aware AAWTray exe C Users Thorstein Local Settings Apps F lux flux exe C Program Files x Spotify Data SpotifyWebHelper exe C Program Files x Malwareby mbamgui exe C Program Files x Opera opera exe C Program Files x Opera pluginwrapper opera plugin wrapper exe C Program Files x Opera pluginwrapper opera plugin wrapper exe C Program Files x Spotify spotify exe C Program Files x Trend Micro HiJackThis HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEFavClient dll O - BHO SkypeIEPluginBHO - AE - E C- ED - F B-F F A - C Program Files x Skype Toolbars Internet Explorer skypeieplugin dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll O - BHO SmartSelect - F EE -DAA - - - D EE A - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEFavClient dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEFavClient dll O - HKLM Run Malwarebytes Anti-Malware quot C Program Files x Malwareby mbamgui exe quot starttray O - HKCU Run F lux quot C Users Thorstein Local Settings Apps F lux flux exe quot noshow O - HKCU Run Spotify Web Helper quot C Program Files x Spotify Data SpotifyWebHelper exe quot O - HKCU Run SUPERAntiSpyware C Program Files SUPERAntiSpyware SUPERAntiSpyware exe O - HKLM Policies Explorer Run C PROGRA LOCALS Temp msvvutwmi pif O - Extra button Click to call with Skype - EA C -E FF- B- -AEC B E - C Program Files x Skype Toolbars Internet Explorer skypeieplugin dll O - Extra Tools menuitem Click to call with Skype - EA C -E FF- B- -AEC B E - C Program Files x Skype Toolbars Internet Explorer skypeieplugin dll O - DPF Garmin Communicator Plug-In - https static garmincdn com gcp ie GarminAxContro... Read more

Relevancy 42.57%

Hi I am writing today to ask for help on what could be a threat on my laptop I own a Windows Laptop computer and Laptop Suspecting Spyware on I encountered an issue that lead me to believe that my computer may contain a variant of spyware on it A little background of what I do Suspecting Spyware on Laptop with my online use is that I am a YouTube content creator that makes music Last night I was on YouTube replying to a comment that discussed the use of my tag Suspecting Spyware on Laptop In music a tag is used to prevent the theft of a song Back to the story I replied to the comment stating that I was changing my tag to make it more professional Here s where the issue begins Suddenly minutes later I get a strange text on my phone from a number I do not recognize The first text read quot BALLS quot which at first lead me to believe that the person had the wrong number but the second text is what raises my concern to full alert The second text read quot Super excited about the future of this tag quot I have never given my number to anyone on the internet nor to a stranger My number is connected to my Youtube account but I do not know how this person was able to claim my number and I really don t know how the person was able to know I was talking about my tag I was then lead to believe that some form of spyware was involved I am not sure or not I panicked and did a full scan with AVG and Malwarebytes but neither found anything so I decided to do more research on spyware on my own From that moment I decided to stop using my laptop in fear that the potential spyware is a keylogger This morning I received an email from Twitch stating that someone attempted to hack my account but Twitch stopped them and reset my password automatically This rose my concern even further thinking that my accounts were in danger but fortunately a few friends and reliable people told me that several people got that email from Twitch because they had issues with their servers I took the precaution of resetting the passwords of all of my accounts on a different computer All of my passwords are reset and all of my accounts are safe and functional and my anti virus says my laptop is clean but the question still remains on how I got that suspicious text that quot coincidentally quot knew I was talking about my tag with another person Could there be spyware on my laptop that allowed the person to know what I was talking about Maybe its a glitch with Google accounts Hopefully I know for sure nbsp

Relevancy 42.57%

EDIT: Accidental double post.
 

A:Suspecting infection, HJT log included

dupicated

http://forums.techguy.org/security/494032-suspecting-infection-hjt-log-included.html
 

https://forums.techguy.org/threads/suspecting-infection-hjt-log-included.494033/
Relevancy 42.57%

Hello I'm of Rootkit Suspecting ZeroAccess encountering a big problem on my Windows x PC operating system I suspect that somehow I got Suspecting of ZeroAccess Rootkit this zeroacces rootkit in my PC The issues are the following Cannot Suspecting of ZeroAccess Rootkit turn on my windows firewall Cannot find Windows Firewall in Services Cannot run Chrome Cannot go on any website that relates to virus cures I'm posting this from my Android device I also followed advices from another posts Combofix I know I should have not done it without expert advice but I thought it will be a walk in the park Anyway Combofix didn't seem to cause any damage but nothing positive either It doesn't even seem to work properly it stalls at your computer will be scanned it will take about mins etc I've also run Sirefix and ServicesRepair few days ago no improvement but this a new proccess revealrd in taskmanager catchme xe but it dissapeared at the next reboot but now I have this process rmbr XE So I really need aome help since I have a lot of important data on my PC and erasing everything is not an option Thank you very much hope to hear from anyone soon

A:Suspecting of ZeroAccess Rootkit

ZEROACCESS rootkit is a serious malware infection. Disinfection will probably require the use of more powerful tools than we can recommend in this forum. Before that can be done you will need to create and post a DDS log for further investigation.Further, since you already ran Combofix due to possible malware infection, its log should be thoroughly reviewed by trained experts in order to ascertain what was detected/removed and what malware you're dealing with. A log should have been created and saved to the root directory, usually C:\ComboFix.txt.Please follow the instructions in the Preparation Guide For Requesting Help starting at Step 6.If you cannot complete a step, then skip it and continue with the next.In Step 6 there are instructions for downloading and running DDS which will create two logs. (Note: Windows 8.1 Users will not be able run DDS and create a log)When you have done that, start a new topic and post the required logs to include your ComboFix log in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts.-- ComboFix logs are not permitted in this forum.After doing this, please reply back in this thread with a link to the new topic so we can closed this one.

http://www.bleepingcomputer.com/forums/t/529118/suspecting-of-zeroaccess-rootkit/
Relevancy 42.14%

My son downloaded Limewire arg he hasn t done anything on it yet cause Problem-Please Check! log HJT Suspecting inside I said I needed it check first so I ran all tests got Suspecting Problem-Please Check! HJT log inside rid of junk and created a Hijack This log Can you please check it to see if there are any problems Thanks Here s my hijack this log Logfile of HijackThis v Scan saved at PM on Platform Windows SE Win x A MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MSTASK EXE C OFFICE SOINTGR EXE C PROGRAM FILES GRISOFT AVG AVGSERV EXE C WINDOWS SYSTEM ZONELABS VSMON EXE C WINDOWS EXPLORER EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY Suspecting Problem-Please Check! HJT log inside EXE C PROGRAM FILES EASY KEYBOARD EASYKEY EXE C WINDOWS SYSTEM ATIPTAXX EXE C PROGRAM FILES GRISOFT AVG AVGCC EXE C PROGRAM FILES VIEWPOINT VIEWPOINT MANAGER VIEWMGR EXE C PROGRAM FILES ZONE LABS ZONEALARM ZLCLIENT EXE C PROGRAM FILES AIM AIM EXE C PROGRAM FILES NETZERO EXEC EXE C PROGRAM FILES LIMEWIRE LIMEWIRE LIMEWIRE EXE C WINDOWS SYSTEM WMIEXE EXE C WINDOWS SYSTEM DDHELP EXE C PROGRAM FILES COMMON FILES REAL UPDATE OB REALSCHED EXE C PROGRAM FILES NZSEARCH HCM EXE C PROGRAM FILES HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Search Bar http my netzero net s search r minisearch R - HKCU Software Microsoft Internet Explorer Main Search Page http my netzero net s search r minisearch R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http my Suspecting Problem-Please Check! HJT log inside netzero net s search r minisearch R - HKLM Software Microsoft Internet Explorer Main Search Page http my netzero net s search r minisearch R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http my netzero net s search r minisearch R - HKCU Software Microsoft Internet Explorer SearchURL Default http my netzero net s search r minisearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride searchap untd com localhost windowsupdate microsoft com windowsupdate com wustat windows com pogo com test-speed com jetblue com lt local gt R - URLSearchHook URLSearchHook Class - D CDBF- AF - AA- -BD D DA C B - C PROGRAM FILES NZSEARCH SEARCHENH DLL O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHELPER DLL O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - BHO X IEHook Class - EF -D A - AD-A -E CF - C PROGRAM FILES NETZERO QSACC X IEBHO DLL O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar ZeroBar - F C - FB - FE-BA - E DDE - C PROGRAM FILES NETZERO TOOLBAR DLL O - Toolbar ZeroBar - F F ECBE-D - B -B - A E F A - C PROGRAM FILES NETZERO TOOLBAR DLL O - HKLM Run ScanRegistry c windows scanregw exe autorun O - HKLM Run TaskMonitor c windows taskmon exe O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run Easykey C Program Files Easy Keyboard Easykey exe O - HKLM Run SoundFusion RunDll cwcprops cpl CrystalControlWnd O - HKLM Run ATIGART c ati gart atigart exe O - HKLM Run AtiCwd Aticwd exe O - HKLM Run AtiQiPcl AtiQiPcl exe O - HKLM Run SO Integrator Pass Two C OFFICE SOINTGR EXE O - HKLM Run AtiPTA Atiptaxx exe O - HKLM Run AVG CC C PROGRAM FILES GRISOFT AVG avgcc exe startup O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run ViewMgr C Program Files Viewpoint Viewpoint Manager ViewMgr exe O - HKLM Run Zone Labs Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices SO Integrator Pass... Read more

A:Suspecting Problem-Please Check! HJT log inside

hi welcome to tsg.

have hijack this fix these entries

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.net/s/search?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.nezero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 64.136.29.30;64.136.21.30;64.136.29.34;searchap.untd.com;127.0.0.1;localhos t;*windowsupdate.microsoft.com;*windowsupdate.com;*wustat.windows.com;*.pog o.com;*test-speed.com;*jetblue.com;<local>
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\PROGRAM FILES\NZSEARCH\SEARCHENH1.DLL
O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\PROGRAM FILES\NETZERO\QSACC\X1IEBHO.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\PROGRAM FILES\NETZERO\TOOLBAR.DLL
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\PROGRAM FILES\NETZERO\TOOLBAR.DLL
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\hcm.exe" -w
O4 - HKCU\..\Run: [NetZero_uoltray] C:\PROGRAM FILES\NETZERO\EXEC.EXE regrun
O4 - Startup: LimeWire 4.2.3.lnk = C:\Program Files\LimeWire\LimeWire 4.2.3\LimeWire.exe
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\PROGRAM FILES\NETZERO\QSACC\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\PROGRAM FILES\NETZERO\QSACC\appres.dll/227
O16 - DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} (ACNPlayer2 Class) - http://198.99.241.129/ePlayer/V3_2_0_0/ACNePlayer.cab

go to this site and download these tools and once you get both
adaware and spybot, update both of them.Set adaware to deep scan and
Delete everything adaware finds and delete what spybot finds marked in red.
With cwshredder close all browsers and programmes and select the fix button.

Save hijack this to it's own folder, and click scan then save the log
and post it here so we can take a look at it for you.

make sure spybot is up to date, also clean out your temp files. post another log after finishing cleaning

. cwshredder
. SpyBot search and destroy
. AdAware

http://www.majorgeeks.com/downloads31.html

khaz
 

https://forums.techguy.org/threads/suspecting-problem-please-check-hjt-log-inside.304463/
Relevancy 42.14%

Hi Slow internet, suspecting Vundo Could some one look at ny log I think I have a Vundo problem Logfile of Trend Micro HijackThis v Scan saved at on - - Slow internet, suspecting Vundo Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C Slow internet, suspecting Vundo WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system ibmpmsvc exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files ThinkPad Bluetooth Software bin btwdins exe C Program Files CheckPoint SecuRemote bin SR Service exe C Program Files CheckPoint SecuRemote bin SR WatchDog exe C WINDOWS system spoolsv exe C Program Files McAfee Common Framework FrameworkService exe C Program Files McAfee VirusScan Enterprise Mcshield exe C Program Files McAfee VirusScan Enterprise VsTskMgr exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Utimaco SafeGuard Easy SgeCtl exe C WINDOWS system SgLogPlayer exe C WINDOWS system CCM CcmExec exe C WINDOWS system msiexec exe C Program Files Citrix ICA Client ssonsvr exe C WINDOWS Explorer EXE C Program Files CheckPoint SecuRemote bin SR GUI Exe C WINDOWS system igfxtray exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files Analog Devices Core smax pnp exe C Program Files McAfee Common Framework UdaterUI exe C Program Files McAfee Common Framework McTray exe C WINDOWS system RunDll exe C WINDOWS system rundll exe C Program Files Utimaco SafeGuard Easy Ecview exe C Program Files Utimaco SafeGuard Easy WKSCFGSRV EXE C Program Files Common Files Real Update OB realsched exe C Program Files Lenovo HOTKEY TPOSDSVC exe C WINDOWS system rundll exe C WINDOWS system ctfmon exe C Program Files Lenovo HOTKEY TPONSCR exe C Program Files Mobile Master MMAgent exe C Program Files Lenovo Zoom TpScrex exe C PROGRA Autonomy ENTERP AWE exe C Program Files ThinkPad Bluetooth Software BTTray exe C WINDOWS System WScript exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Mobile Master MMScan exe C PROGRA ThinkPad BLUETO BTSTAC EXE C Program Files WinZip WZQKPICK EXE C Documents and Settings ds Local Settings Application Data Autonomy Enterprise AWE PDRE pdre exe C PROGRA Autonomy ENTERP SmartFolders smartfolders exe C Program Files SmartSync Pro SmartSync exe C PROGRA Autonomy ENTERP filescan filescan exe C PROGRA lotus notes NLNOTES EXE C PROGRA lotus notes nfileret EXE C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http home coromant sandvik com sa intranet abc se nsf Banner html OpenPage R - HKLM Software Microsoft Internet Explorer Main Default Page URL http home sandvik com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http home sandvik com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer www-proxy sandvik com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride sandvik com goranssonskaskolan com dormertools com prototyp com titex com valenite com walter-ag de sandvik ad lt local gt O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO RealPlayer Download and Record Plugin for Internet Explorer - C E -B - BC - - C CA - C Program Files Real RealPlayer rpbrowserrecordplugin dll O - BHO e af bb -afbd- b- ab - b cfc c - c cf-c b - ba -b -dbfa bb fa e - C WINDOWS system batyoj dll O - BHO no name - ae addaa-e b- a -b d -b e dfbf d - C WINDOWS system yatevipi dll O - HKLM Run IMJPMIG quot C WINDOWS IME imjp IMJPMIG EXE quot Spoil RemAdvDef Migration O - HKLM Run PHIME ASync C WINDOWS system IME TINTLGNT TINTSETP EXE SYNC O - ... Read more

https://forums.techguy.org/threads/slow-internet-suspecting-vundo.812532/
Relevancy 42.14%

Ahhh my first fix up here brought me from 30gb to 190 and now I'm back at 40. I need to move a few video files over to my external hard drive, but I just need some help checking stuff out.

A few problems I've been facing is a bit of slowness, nothing out of the ordinary though. I've been having issues with my tablet driver (I may have found a solution for that already).

Lastly, there's been a high pitched beeping hum and I'm not sure what's that about, but it sure is annoying. 
 
 

A:Running low on space, suspecting the worst

to BleepingComputer.Hi there,my name is Jo and I will help you with your computer problems.Please follow these guidelines:Read and follow the instructions in the sequence they are posted.print or copy & save instructions.back up all your private data / music / important files on another (external) drive before using our tools.Do not install / uninstall any applications, unless otherwise instructed.Use only that tools you have been instructed to use.Copy and Paste the log files inside your post, unless otherwise instructed.Ask for clarification, if you have any questions. Stay with this topic til you get the all clean post.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.*** Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.Vista / Windows 7/8 users right-click and select Run As Administrator.A Notepad document should open automatically called checkup.txt; please post the contents of that document.*** Please download Malwarebytes Anti-Rootkit and save it to your desktop.Be sure to print out and follow the instructions provided on that same page.Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.Double click on downloaded file. OK self extracting prompt.MBAR will start. Click in the introduction screen "next" to continue.Click in the following screen "Update" to obtain the latest malware definitions.Once the update is complete select "Next" and click "Scan".With some infections, you may see two messages boxes.'Could not load protection driver'. Click 'OK'.'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.If there is no malware found, please let me know as well.*** Please download AdwCleaner by Xplode and save to your Desktop.Double-click AdwCleaner.exeVista / Windows 7/8 users right-click and select Run As Administrator.Click on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.If you see an entry you want to keep, let me know about it.Copy and paste the contents of that logfile in your next reply.A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.*** MiniToolbox by FarbarDisable your antivirus if it does not allow you to download the tool!Please download MiniToolBox, save it to your desktop and run it.Place a checkmark in Select all, then click Go and post the result (MTB.txt). A copy of Result.txt will be saved in the same directory the tool is run.Copy and paste the contents of that logfile in your next reply.

http://www.bleepingcomputer.com/forums/t/606751/running-low-on-space-suspecting-the-worst/
Relevancy 42.14%

Hello First of all I want to tell that I tried using your instructions but when I try to load the DDS it says my OS is not supported So I guess the GMER won't be required either Over to my problem I suspect I've got a keylogger hidden somewhere but I don't know where I've tried several antivirusprograms Avira Avast TrendMicro livescanner Bitdefender Kaspersky none of them detected anything I Also tried Malwarebytes which detected a file registry error Other than that no results I am worried the keylogger is hidden somewhere but don't know where and I got told that a HJT-logfile would be able to help me find it and that this was one of the recommended forums to do so Here is my HJT-log IF you need additional information please let me know Logfile of Trend Micro HijackThis v Scan saved at on Platform help Suspecting 64bit with HJT. Vista a Need keylogger. Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Program Files x Common Files Microsoft Shared Ink TabTip exe C Program Files x Windows Live Messenger msnmsgr exe Suspecting a keylogger. Need help with HJT. 64bit Vista C Program Files x Hewlett-Packard HP Wireless Assistant HPWAMain exe C Program Files x Hewlett-Packard HP Suspecting a keylogger. Need help with HJT. 64bit Vista Quick Launch Buttons QLBCTRL exe C Program Files x DigitalPersona Bin DpAgent exe C Program Files x Hewlett-Packard HP wireless Assistant WiFiMsg EXE C Program Files x Hewlett-Packard Shared HpqToaster exe C Program Files x Mozilla Firefox firefox exe C Program Files WIDCOMM Suspecting a keylogger. Need help with HJT. 64bit Vista Bluetooth Software BluetoothHeadsetProxy exe C Users Martin Desktop HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - no file O - BHO IEVkbdBHO - AB -E D - F -A A - FA CCA C - C Program Files x Kaspersky Lab Kaspersky Anti-Virus ievkbd dll O - BHO P loggingshjelp for Windows Live - D - C - ABF- ECC- C - C Program Files x Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll O - BHO link filter bho - E CF -D - A- F - F A F - C Program Files x Kaspersky Lab Kaspersky Anti-Virus klwtbbho dll O - HKLM Run hpWirelessAssistant C Program Files x Hewlett-Packard HP Wireless Assistant HPWAMain exe O - HKLM Run QlbCtrl exe quot C Program Files x Hewlett-Packard HP Quick Launch Buttons QlbCtrl exe quot Start O - HKLM Run DpAgent C Program Files x DigitalPersona Bin dpagent exe O - HKLM Run AVP quot C Program Files x Kaspersky Lab Kaspersky Anti-Virus avp exe quot O - HKCU Run msnmsgr quot C Program Files x Windows Live Messenger msnmsgr exe quot background O - HKCU Run ehTray exe C Windows ehome ehTray exe O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe detectMem User 'LOCAL SERVICE' O - HKUS S- - - Run WindowsWelcomeCenter rundll exe oobefldr dll ShowWelcomeCenter User 'LOCAL SERVICE' O ... Read more

http://www.techsupportforum.com/forums/f284/suspecting-a-keylogger-need-help-with-hjt-64bit-vista-396543.html
Relevancy 42.14%

I had a game account hacked so it's is possible i have a Attach DDS, and Suspecting log attached. ARK keylogger. keylogger on my PC I have used this programs for clearing my computer from virus etc Ad-Aware ATF-Cleaner Malewarebytes' Anti-Malware Spybot and F-secure anti-virus DDS Ver - - - NTFSx Run by garen at on - - Internet Explorer BrowserJavaVersion Microsoft Windows XP Home Edition GMT AV Telia S ker Suspecting keylogger. DDS, Attach and ARK log attached. Surf On-access scanning enabled Updated E ED - - B D-AF A- D F F FW Telia S ker Surf enabled D - - EB- - F BF Suspecting keylogger. DDS, Attach and ARK log attached. Running Processes C WINDOWS system Ati evxx exe C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs svchost exe svchost exe C WINDOWS system Ati evxx exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Creative SBAudigy Surround Mixer CTSysVol exe C Program Razer Diamondback G razerhid exe C Program ATI Technologies ATI ACE Core-Static MOM exe C Program Telia Telias sakerhetstjanster Common FSM EXE C Program Java jre bin jusched exe C WINDOWS system ctfmon exe C Program ATI Technologies ATI ACE Core-Static ccc exe svchost exe C Program ANI ANIWZCS Service ANIWZCSdS exe C Program Delade filer Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Bonjour mDNSResponder exe C WINDOWS system CTsvcCDA exe C Program Telia Telias sakerhetstjanster Anti-Virus fsgk st exe C Program Telia Telias sakerhetstjanster Common FSMA EXE C Program Java jre bin jqs exe C Program Telia Telias sakerhetstjanster Common FSMB EXE C Program Delade filer Microsoft Shared VS DEBUG mdm exe C WINDOWS system PnkBstrA exe C Program Telia Telias sakerhetstjanster Common FCH EXE C WINDOWS System svchost exe -k netsvcs C Program Telia Telias sakerhetstjanster Common FAMEH EXE C Program Telia Telias sakerhetstjanster Anti-Virus fsqh exe C Program Telia Telias sakerhetstjanster FSGUI fsguidll exe C Program Telia Telias sakerhetstjanster FSAUA program fsaua exe C Program Telia Telias sakerhetstjanster FWES Program fsdfwd exe C Program Telia Telias sakerhetstjanster FSAUA program fsus exe C Program Razer Diamondback G razertra exe C WINDOWS System svchost exe -k HTTPFilter C Program Razer Diamondback G razerofa exe C Program Telia Telias sakerhetstjanster Anti-Virus fsav exe C Program Telia Telias sakerhetstjanster Anti-Virus FSGK EXE C Program Telia Telias sakerhetstjanster Anti-Virus fssm exe C Program MSN Messenger usnsvc exe C Program Telia Telias sakerhetstjanster FSGUI scanwizard exe C Program iTunes iTunes exe C Program iPod bin iPodService exe C Program Delade filer Apple Mobile Device Support bin AppleMobileDeviceHelper exe C Program Delade filer Apple Mobile Device Support bin distnoted exe C Program Mozilla Firefox firefox exe C WINDOWS system wuauclt exe C Documents and Settings garen Mina dokument H mtade filer dds scr Pseudo HJT Report uInternet Settings ProxyOverride local BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc - c program delade filer adobe acrobat activex AcroIEHelperShim dll BHO Groove GFS Browser Helper - c - d -b f - bbc d a e - c program micros office GRA E DLL BHO E D - A- EC-A -BA D E E - No File BHO Windows Live Sign-in Helper d - c - abf- ecc- c - c program delade filer microsoft shared windows live WindowsLiveLogin dll BHO Java tm Plug-In SSV Helper dbc -a - b-bc - c c c a - c program java jre bin jp ssv dll BHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program java jre lib deploy jqs ie jqs plugin dll uRun CTFMON EXE c windows system ctfmon exe uRun MsnMsgr quot c program msn messenger MsnMsgr Exe quot background uRun Skype quot c program skype phone Skype exe quot nosplash minimized mRun StartCCC quot c program ati technologies ati ace core-static CLIStart exe quot MSRun mRun CTSysVol c program creative sbaudigy surround mixer CTSysVol exe r mRun UpdReg c windows UpdReg EXE mRun Diamondback c program razer diamondback... Read more

A:Suspecting keylogger. DDS, Attach and ARK log attached.

BUMP please check the logs for keyloggers!

http://www.techsupportforum.com/forums/f284/suspecting-keylogger-dds-attach-and-ark-log-attached-404464.html
Relevancy 42.14%

Hi,
 
I've been experiencing some strange difficulties with my Win7 laptop lately. Sometimes the system slows down dramatically, other times there are pop-up ads or unwanted images displaying when surfing the web. In addition, there are unrecognized applications trying to gain access through my firewall. Could you please help me diagnose the severity of the problem and help to solve it? 
 
Thanks,
JinKazama23

A:Suspecting Malware/Trojan Infection

Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.* If an update is found, it will download and install the latest version.* Once the program has loaded, select Perform quick scan, then click Scan.* When the scan is complete, click OK, then Show Results to view the results.* Be sure that everything is checked, and click Remove Selected.* When completed, a log will open in Notepad.* Post the log back here.Be sure to restart the computer.The log can also be found here:C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txtOr at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txtDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.Unzip downloaded file.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.DO NOT click on the Cleanup button. Simply exit the program.When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt Please download Rkill (courtesy of BleepingComputer.com) to your desktop.There are 2 different versions. If one of them won't run then download and try to run the other one.You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/Double-click on the Rkill desktop icon to run the tool.If using Vista or Windows 7 right-click on it and choose Run As Administrator.A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.If not, delete the file, then download and use the one provided in Link 2.Do not reboot until instructed.If the tool does not run from any of the links provided, please let me know.If normal mode still doesn't work, run the tool from safe mode.When the scan is done Notepad will open with rKill log.Post it in your next reply.NOTE. rKill.txt log will also be present on your desktop.NOTE Do NOT wrap your logs in "quote" or "code" brackets.

http://www.bleepingcomputer.com/forums/t/515272/suspecting-malwaretrojan-infection/
Relevancy 42.14%

A few days ago I started to notice that I couldn t do anything with my windows firewall I tried to change it that's many causing virus is Suspecting problems. that some firewall settings but what ended up happening was receiving a error saying Firewall can t change some of your settings Error code x c I searched the problems Suspecting that it is virus that's causing many problems. up and went to services msc but found that firewall was set to automatic but it was not started I tried to start it but an error popped up and said Windows could not start the Windows Firewall services on Local Computer Error The dependency services or group failed to start I checked and BFE was on but a trip to Device Manager and I found that there was an exclamation mark next to the Windows Firewall Authorization Driver Also I tried to start Windows Defender in services but another error Windows could not start the Windows Defender service on Local Computer Error The specified module could not be found I searched up and tried to fix the problem according to posts with other people having a similar problems But none worked Some said it could be virus causing these problems and I thought it could be possible because lately google s been redirecting me to other random sites unrelated to what I searched for and clicked on and random ads have been appearing in the corners of firefox when I m browsing I scanned the computer with MBAM and it found nothing so I used SuperAntiSpyware instead The first time I used it it found around items I don t really remember and it told me to reboot the computer after I did but after the computer shut down and restarted a screen telling me that windows was unable to boot appeared instead of the log in screen The recovery service made me use system restore and got my computer back to a restore point a couple days ago I don t know why SAS caused windows to be unable to start I used SAS again a couple days later and it found another like or so items but the same problems occurred again I had to use system restore again The firewall problem remained unfixed and my computer feels a little weird to me I don t know what to do now I am not great with computers and I use it daily only for entertainment purposes Help would be appreciated

A:Suspecting that it is virus that's causing many problems.

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer. NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.I need to get some reports to get a base to start from so I need you to run these programs first.-DeFogger-Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.-Security Check-Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.-Download DDS-Please download DDS from one of the links below and save it to your desktop:
Download DDS and save it to your desktop

Link1
Link2
Link3
Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear:
DDS.txt Attach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyinformation and logsIn your next post I need the following

both reports from DDS report from security checklet me know of any problems you may have hadGringo

http://www.bleepingcomputer.com/forums/t/482826/suspecting-that-it-is-virus-thats-causing-many-problems/
Relevancy 42.14%

I've had a major problem with my laptop for quite a while now When I launch system in deep Suspecting infection the certain programs I get the following error - gt X exe - Application Error The application failed to initialize properly xc b Click OK Suspecting infection deep in the system to terminate the application This error comes up if I try to start my video card control program Catalys Control Center It also comes up if I try to launch my mouse control program Steelseries Engine Also with many other exe files programs Even certain online games that use security software such as X-Trap won't run properly as they get shutdown following with an error quot Abnormal client detected - system might be infected quot Now I've done loads of searching and researching and come up with answers Microsoft NET framework is somehow corrupted deep in the system Microsoft Visual C is somehow corrupted deep in the system There is some sort of malware or or worse hidden deep in the system and just jacking off the computer My hard disk is damaged scratched I'm getting really desperate here and I'm tired of just accepting that certain programs won't work for me I use this laptop for school work and home entertainment and I'd like to be completely sure that the fault lies with the hard disk before I replace Suspecting infection deep in the system it I've done deep scans with my Malwarebytes anti-malware program only to find some small time adwares but I'm sure there is some abomination in there laughing at my face every time I get an error I don't have a recovery cd-disk but I have a recovery hard disk in my computer I ran the gmer rootkit scanner and followed the instructions but it resulted with BSOD with error quot xdva sys quot So I followed the second option as instructed DDS DDS Ver - - - NTFS x Internet Explorer BrowserJavaVersion Run by Akom at on - - Microsoft Windows Vista Home Premium GMT SP Windows Defender Disabled Updated D DDC A- F- fae- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Program Files IObit Advanced SystemCare ASCService exe C Windows system atiesrxx exe C Windows System DriverStore FileRepository stwrt inf c b STacSV exe C Windows system SLsvc exe C Windows system atieclxx exe C Windows System spoolsv exe C Windows System DriverStore FileRepository stwrt inf c b aestsrv exe C Program Files ATI Technologies ATI ACE Fuel Fuel Service exe C Windows system FsUsbExService Exe c Windows Microsoft NET Framework v SMSvcHost exe C Program Files SMINST BLService exe C Program Files Hewlett-Packard Media TV Kernel TV TVCapSvc exe C Program Files Hewlett-Packard Media TV Kernel TV TVSched exe C Windows system SearchIndexer exe C Windows system taskeng exe C Windows system Dwm exe C Windows Explorer EXE C Windows system taskeng exe C Program Files Hewlett-Packard HP Quick Launch Buttons QLBCTRL exe C Program Files IDT WDM sttray exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Hewlett-Packard HP Quick Launch Buttons Com QLBEx exe C PROGRAM FILES SYNAPTICS SYNTP SYNTPHELPER EXE C Windows system conime exe C Program Files Mozilla Firefox firefox exe C Program Files Mozilla Firefox plugin-container exe C Program Files Windows Media Player wmpnscfg exe C Windows system NOTEPAD EXE C Windows system SearchProtocolHost exe C Windows system SearchFilterHost exe C Windows system DllHost exe C Windows system wbem wmiprvse exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k rpcss C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k GPSvcGroup C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows system svchost exe -k LocalServiceNoNetwork C Windows system svchost exe -k bthsvcs C Windows system svchost exe -k NetworkServiceNetworkRestricted C Windows system svchost exe -k ... Read more

A:Suspecting infection deep in the system

Hello, and welcome to TSF.

I am currently reviewing your log. I will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.

http://www.techsupportforum.com/forums/f100/suspecting-infection-deep-in-the-system-693527.html
Relevancy 42.14%

I am doing this first time so I'm not sure if this Vundo still or suspecting infection other lurking is done correct way please correct me The real Motherboard is ECS L VXA but shows here as Motherboard P X - after HD was cloned Please check and tell me what boxes to check mark after I run HiJackThis next time Please tell me if HiJackThis suspecting Vundo or other infection still lurking should be run in safe mode or in normal mode Should Avast be Terminated or Paused before running HiJackThis Which file I should not have send Does Upload mean Send ----------------------------------------------------------------Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC suspecting Vundo or other infection still lurking WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Lavasoft Ad-Aware aawservice exeC Program Files Alwil Software Avast aswUpdSv exeC Program Files Alwil Software Avast ashServ exeC WINDOWS Explorer EXEC PROGRA ALWILS Avast ashDisp exeC WINDOWS system ctfmon exeC suspecting Vundo or other infection still lurking Program Files Microsoft Office Office OSA EXEC WINDOWS system spoolsv exeC Program Files Netropa Multimedia Keyboard nhksrv exeC WINDOWS System svchost exeC Program Files Alwil Software Avast ashMaiSv exeC Program Files Alwil Software Avast ashWebSv exeC Documents and Settings USER Desktop HiJackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Bar http home peoplepc com searchR - HKCU Software Microsoft Internet Explorer Main Search Page http red clientapps yahoo com customize www yahoo comR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com customize search ie htmlR - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http home peoplepc com searchR - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com customize www yahoo comO - Hosts browser-security microsoft comO - BHO EarthLink BHO Guard - - - - - - C Program Files PeoplePC Toolbar ScamGrd dllO - BHO EarthLink ScamBlocker V - F D - BAA- - -EECB CD E - C Program Files PeoplePC Toolbar ScamGrd dllO - BHO PeoplePC ScamGuard - E A - BC - d -B FD- B ACC FEDED - C Program Files PeoplePC Toolbar ScamGrd dllO - BHO no name - FF D- D B- - C - D D ECC - no file O - BHO no name - DC - F - AB -ADB -E F - no file O - HKLM Run avast C PROGRA ALWILS Avast ashDisp exeO - HKLM RunServices mysvcig mysvcc exeO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - Global Startup Office Startup lnk C Program Files Microsoft Office Office OSA EXEO - Extra context menu item amp AOL Toolbar search - res C Program Files AOL Toolbar toolbar dll SEARCH HTMLO - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra context menu item Yahoo Dictionary - file C Program Files Yahoo Common ycdict htmO - Extra context menu item Yahoo Search - file C Program Files Yahoo Common ycsrch htmO - Extra button Real com - CD F -D E - d - FE- C F AFE - C WINDOWS System Shdocvw dllO - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - DPF Win Classes - O - Protocol skype com - FFC B - B - DFF- - C DD F D - C PROGRA COMMON Skype SKYPE DLLO - Winlogon Notify rqromll - rqromll dll file missi... Read more

A:suspecting Vundo or other infection still lurking

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.regards myrti

http://www.bleepingcomputer.com/forums/t/284262/suspecting-vundo-or-other-infection-still-lurking/
Relevancy 42.14%

I had a game account hacked so it's is included. Keylogger, log HijackThis Suspecting possible i have a keylogger on my PC I have used this programs for clearing my computer from virus etc Ad-Aware ATF-Cleaner Malewarebytes' Anti-Malware Spybot and F-secure anti-virus Suspecting Keylogger, HijackThis log included. Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C Suspecting Keylogger, HijackThis log included. WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Lavasoft Ad-Aware AAWService exe C WINDOWS system Ati evxx exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Creative SBAudigy Surround Mixer CTSysVol exe C Program Razer Diamondback G razerhid exe C Program Telia Telias sakerhetstjanster Common FSM EXE C WINDOWS system ctfmon exe C Program ATI Technologies ATI ACE Core-Static MOM exe C Program MSN Messenger MsnMsgr Exe C Program Skype Phone Skype exe C Program ATI Technologies ATI ACE Core-Static ccc exe C Program Skype Plugin Manager skypePM exe C Program ANI ANIWZCS Service ANIWZCSdS exe C Program Delade filer Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Bonjour mDNSResponder exe C WINDOWS system CTsvcCDA exe C Program Telia Telias sakerhetstjanster Anti-Virus fsgk st exe C Program Telia Telias sakerhetstjanster Common FSMA EXE C Program Telia Telias sakerhetstjanster Anti-Virus FSGK EXE C Program Delade filer Microsoft Shared VS DEBUG mdm exe C Program Telia Telias sakerhetstjanster Common FSMB EXE C WINDOWS system PnkBstrA exe C Program Telia Telias sakerhetstjanster Common FCH EXE C WINDOWS System svchost exe C Program Telia Telias sakerhetstjanster Common FAMEH EXE C Program Telia Telias sakerhetstjanster Anti-Virus fsqh exe C Program Telia Telias sakerhetstjanster FSGUI fsguidll exe C Program Telia Telias sakerhetstjanster FSAUA program fsaua exe C Program Telia Telias sakerhetstjanster Anti-Virus fssm exe C Program Telia Telias sakerhetstjanster FWES Program fsdfwd exe C Program Telia Telias sakerhetstjanster FSAUA program fsus exe C Program Razer Diamondback G razertra exe C WINDOWS System svchost exe C Program Razer Diamondback G razerofa exe C Program MSN Messenger usnsvc exe C Program Telia Telias sakerhetstjanster Anti-Virus fsav exe C Program Lavasoft Ad-Aware AAWTray exe C Program Spotify spotify exe C Program Java jre bin jqs exe C Program Telia Telias sakerhetstjanster FSGUI scanwizard exe C Program Mozilla Firefox firefox exe C Program Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName L nkar O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Delade filer Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C Program MICROS Office GRA E DLL O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Delade filer Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Java jre bin jp ssv dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Java jre lib deploy jqs ie jqs plugin dll O - HKLM Run StartCCC quot C Program ATI Technologies ATI ACE Core-Static CLIStart exe quot MSRun O - HKLM Run CTSysVol C Program Creative SBAudigy Surround Mixer CTSysVol exe r O - HKLM Run UpdReg C WINDOWS UpdReg EXE O - HKLM Run Diamondback C Program Razer Diamondback G razerhid exe O - HKLM Run F-Secure Manager quot C Program Telia Telias sakerhetstjanster Common FSM EXE quot splash O - HKLM Run F-Secure TNB quot C Program Telia Telias sakerhetstjanster FSGUI TNBUtil e... Read more

A:Suspecting Keylogger, HijackThis log included.

Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f100/suspecting-keylogger-hijackthis-log-included-403303.html
Relevancy 42.14%

Hey!

So I have a PC with 8GB of RAM. When I sit at the desktop the PC uses about 50% of RAM. The problem that I can't find the source of this in the process manager. I have downloaded poolmon and I do see something taking up alot of space(250MB) but I can't locate the source of this as I have never experienced this before.

I have tried to search on google but I have been unable to find a guide that explains how to solve this issue in a clear manner.

Here is an image of my poolmon results.

http://i.imgur.com/nSE6mhg.jpg

Thanks for any hep provided!

A:Suspecting memory leak in driver.

A screenshot of Task Manager - Performance tab would be useful. 250 MB usage in the kernel is quite small compared to 8 GB total memory.

http://www.sevenforums.com/hardware-devices/345484-suspecting-memory-leak-driver.html
Relevancy 41.71%

Hi, I noticed that in-game my coumputer uses up to 99-100% of CPU, and when idling up to 60%.
I tried sniffing around and checking processes and usages, and stumbled upon this piece of work: https://i.imgur.com/hLCpw4W.png
( from right to left: process, PID, description, status ( all ON ), sub-processes, CPU and avarage CPU ). A friend 
told me I should run a malware scan and I did, and found plenty of mostly hramless ( ? ) things, which I've removed. I'm adding the scan report in the file section.
Could this bottleneck be anything else that any of you might know of?
 
my specs are:
 
CPU - i5 4690
RAM - 8GB
GPU - R9 390
MoBo - Gigabyte H97-HD3
 
Thanks.
 

 malware results.txt   4.68KB
  5 downloads

A:Comupter being slower and uses more resources, suspecting virus(es)

Hello RoiMan and welcome to Bleeping Computer.
My name is Satchfan and I would be glad to help you with your computer problem.Please read the following guidelines which will help to make cleaning your machine easier:
please follow all instructions in the order posted
please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
if you don't understand something, please don't hesitate to ask for clarification before proceeding
the fixes are specific to your problem and should only be used for this issue on this machine.
please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!
IMPORTANT:
Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested
===================================================
Malwarebytes got rid of a lot of junk but I suspect there's more on your computer so let's have a look.
===================================================Note: Please follow these instructions in the order given.
===================================================Download and run AdwCleaner
Download AdwCleaner from here and save it to your desktop.
run AdwCleaner by clicking on Scan
when it has finished, leave everything that was found checked, (ticked), then click on Clean
if it asks to reboot, allow the reboot
on reboot a log will be produced; please attach the content of the log to your next reply.
===================================================Download and run Junkware Removal Tool
Please download Junkware Removal Tool to your desktop.
shut down your protection software now to avoid potential conflicts.
run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
the tool will open and start scanning your system
please be patient as this can take a while to complete depending on your system's specifications
on completion, a log (JRT.txt) is saved to your desktop and will automatically open
post the contents of JRT.txt into your next message.
===================================================Run Farbar Recovery Scan Tool
Please download Farbar Recovery Scan Tool and save it to your Desktop.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
press Scan button
it will produce a log called Frst.txt in the same directory the tool is run from
please copy and paste log back here.
the first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the Frst.txt into your reply.
================================================Logs to include with next post:AdwCleaner log
JRT.txt
Frst.txt
Addition.txt
Thanks
Satchfan
 
 

http://www.bleepingcomputer.com/forums/t/612271/comupter-being-slower-and-uses-more-resources-suspecting-viruses/
Relevancy 41.71%

I have a computer here that has a HDD that has constant activity The user got taken HDD suspecting is runs problem iyogi the constantly, in by iyogi and I removed HDD runs constantly, suspecting iyogi is the problem what I could find using the usual tools MBAM Adw JRT etc Can you have a look at the FRST reports and let me know if there's some more clean up I can perform HDD runs constantly, suspecting iyogi is the problem Thanks Scan result of Farbar Recovery Scan Tool FRST x Version - - Ran by Bo administrator on BO-PC - - Running from C Users Bo Downloads Loaded Profiles Bo Available Profiles Bo Platform Windows Home X Language English United States Internet Explorer Version Default browser FF Boot Mode Normal Tutorial for Farbar Recovery Scan Tool http www geekstogo com forum topic -frst-tutorial-how-to-use-farbar-recovery-scan-tool Processes Whitelisted If an entry is included in the fixlist the process will be closed The file will not be moved Dell C Program Files Dell Tech Concierge srvc exe Adobe Systems Incorporated C Program Files x Adobe Elements Organizer PhotoshopElementsFileAgent exe Dell Inc C Program Files Dell Tech Concierge Backup Dell-Backup-Svc exe Nuance Communications Inc C Program Files x Common Files Nuance dgnsvc exe Malwarebytes C Program Files x Malwarebytes Anti-Malware mbamscheduler exe Malwarebytes C Program Files x Malwarebytes Anti-Malware mbamservice exe Dell C Program Files Dell Tech Concierge cust exe Microsoft Corporation C Windows System mqsvc exe C Program Files x SDC SDiManage IYogiMonitoringSvc exe WDC C Program Files Western Digital WD SmartWare WD Drive Manager WDDMService exe Microsoft Corporation C Program Files Windows Defender MsMpEng exe Microsoft Corporation C Windows Microsoft NET Framework v SMSvcHost exe Microsoft Corporation C Windows Microsoft NET Framework v SMSvcHost exe Microsoft Corporation C Program Files Windows Defender NisSrv exe C Program Files x SDC SDiManage Monitor Event Agent exe Dell C Program Files Dell Tech Concierge capp exe Dell Inc C Program Files x Dell Customer Connect DCCService exe Dell Inc C Program Files Dell DellDataVault DellDataVaultWiz exe Dell Inc C Program Files x Dell Update DellUpService exe Microsoft Corporation C Windows SysWOW wbem WmiPrvSE exe Dell Inc C Program Files x Dell SupportAssistAgent bin SupportAssistAgent exe Microsoft Corporation C Windows SysWOW wbem WmiPrvSE exe Dell Inc C Program Files Dell DellDataVault DellDataVault exe Malwarebytes C Program Files x Malwarebytes Anti-Malware mbam exe Intel Corporation C Windows System hkcmd exe Intel Corporation C Windows System igfxpers exe Dell Inc C Program Files Dell Tech Concierge Backup DashUI exe Flexera Software LLC C ProgramData FLEXnet Connect agent exe Flexera Software LLC C ProgramData FLEXnet Connect ISUSPM exe WDC C Program Files Western Digital WD SmartWare WD Drive Manager WDDMStatus exe C Program Files x Dell Stage Dell Stage AccuWeather accuweather exe Oracle Corporation C Program Files x Common Files Java Java Update jusched exe Western Digital C Program Files x Western Digital WD SmartWare Front Parlor WDSmartWare exe Microsoft Corporation C Windows System rundll exe Microsoft Corporation C Windows System InstallAgent exe Mozilla Corporation C Program Files x Mozilla Firefox firefox exe Dell Inc C Program Files x Dell Update DellUpTray exe Microsoft Corporation C Windows System CompatTelRunner exe Microsoft Corporation C Program Files Windows Defender MpCmdRun exe Microsoft Corporation C Program Files Windows Defender MpCmdRun exe Registry Whitelisted If an entry is included in the fixlist the registry item will be restored to default or removed The file will not be moved HKLM Run Dell Backup Dashboard gt C Program Files Dell Tech Concierge Backup DashUI exe - - Dell Inc HKLM-x Run AccuWeatherWidget gt C Program Files x Dell Stage Dell Stage AccuWeather accuweather exe - - HKLM-x Run ISUSPM gt C ProgramData FLEXnet Connect isuspm exe - - Flexera Software LLC HKLM-x Run... Read more

A:HDD runs constantly, suspecting iyogi is the problem

Hello Montana Mad Dog,my name is Jo and I will help you with your computer problems.Please follow these guidelines:Logs can take a while to research, so please be patient.Read and follow the instructions in the sequence they are posted.print or copy & save instructions.back up all your private data / important files on another (external) drive before using our tools.Do not install / uninstall any applications, unless otherwise instructed.Use only that tools you have been instructed to use.Copy and Paste the log files inside your post, unless otherwise instructed.Ask for clarification, if you have any questions. Stay with this topic til you get the all clean post.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.***Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.Vista / Windows 7/8 users right-click and select Run As Administrator.A Notepad document should open automatically called checkup.txt; please post the contents of that document.***

http://www.bleepingcomputer.com/forums/t/598661/hdd-runs-constantly-suspecting-iyogi-is-the-problem/
Relevancy 41.71%

Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system Ati evxx exe C Program Lavasoft Ad-Aware AAWService exe C WINDOWS system hijackthis.log + MBAM suspecting log keylogger/Trojan. HELP spoolsv exe C WINDOWS Explorer EXE C Program AskBarDis bar bin AskService exe C Program AVG AVG avgtray exe C Program AskBarDis bar bin ASKUpgrade exe C Program ESET ESET NOD Antivirus egui hijackthis.log + MBAM log suspecting keylogger/Trojan. HELP exe C Program Analog Devices SoundMAX Smax exe C WINDOWS system ctfmon exe C Program AVG AVG avgwdsvc exe C program steam steam exe C Program Windows Live Messenger MsnMsgr Exe C Program ESET ESET NOD Antivirus ekrn exe C Program Messenger msmsgs exe C Program Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program DAEMON Tools Lite daemon exe C Program Spybot - Search amp Destroy TeaTimer exe C Program DNA btdna exe C WINDOWS system PnkBstrA exe C WINDOWS System TUProgSt exe C Program AVG AVG avgrsx exe C Program AVG AVG avgemc exe C WINDOWS system wscntfy exe C WINDOWS System svchost exe C Program Windows Live Messenger usnsvc exe C Program Lavasoft Ad-Aware AAWTray exe C Program Internet Explorer iexplore exe C Program Files VentriloMIX Ventrilo exe C Program Trend Micro HijackThis HijackThis exe O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Google GoogleToolbarNotifier swg dll O - HKLM Run AVG TRAY C Program AVG AVG avgtray exe O - HKLM Run egui quot C Program ESET ESET NOD Antivirus egui exe quot hide waitservice O - HKLM Run SoundMax quot C Program Analog Devices SoundMAX Smax exe quot tray O - HKCU Run CTFMON EXE C WINDOWS system ctfmon exe O - HKCU Run Steam quot c program steam steam exe quot -silent O - HKCU Run MsnMsgr quot C Program Windows Live Messenger MsnMsgr Exe quot background O - HKCU Run MSMSGS quot C Program Messenger msmsgs exe quot background O - HKCU Run swg C Program Google GoogleToolbarNotifier GoogleToolbarNotifier exe O - HKCU Run DAEMON Tools Lite quot C Program DAEMON Tools Lite daemon exe quot -autorun O - HKCU Run SpybotSD TeaTimer C Program Spybot - Search amp Destroy TeaTimer exe O - HKCU Run BitTorrent DNA quot C Program DNA btdna exe quot O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'LOKAL TJ NST' O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'NETWORK SERVICE' O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'SYSTEM' O - HKUS DEFAULT Run CTFMON EXE C WINDOWS system CTFMON EXE User 'Default user' O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Java jre bin ssv dll O - Extra 'Tools' menuitem Sun Java-konsol - B E C - FCB- CF-AAA - C - C Program Java jre bin ssv dll O - Extra button no name - DFB A - F - C -A - CAB FD A - C WINDOWS system shdocvw dll O - Extra 'Tools' menuitem Spybot - Search amp Destroy Configuration - DFB A - F - C -A - CAB FD A - C WINDOWS system shdocvw dll O - Extra button no name - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exe O - Extra 'Tools' menuitem xpsp res dll - - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exe O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Messenger msmsgs exe O - DPF D ED D- C - B- AE- D FDC FB ActiveScan Installer Class - http acs pandasoftware com actives as stubie cab O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http www update microsoft com wind O - DPF A - D- - - C D F F A Battlefield Heroes Updater - https www battlefieldheroes com st r cab O - DPF AD C - E- D -B E - F D Java Runtime Environment - http javadl sun com webapps downlo BundleI... Read more

A:hijackthis.log + MBAM log suspecting keylogger/Trojan. HELP

Hello Binty and welcome,

HijackThis is no longer the preferred initial scanning tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f100/hijackthis-log-mbam-log-suspecting-keylogger-trojan-help-407884.html
Relevancy 41.71%

Hello,

Been receiving random bluescreens on this makeshift desktop for a while now.
Reports are attached. Reinstalled OS yesterday. Received a bluescreen again this morning.

SPEC:
Microsoft Windows 7 Enterprise
6.1.7601 Service Pack 1 Build 7601
AMD Athlon(tm) II X2 B24 Processor, 3000 Mhz, 2 Core(s), 2 Logical Processor(s)
Installed Physical Memory (RAM) 8,00 GB
ATI Radeon HD 4200 // 368,00 MB (Intergrated)

Thanks in advance!

A:Pretty random BSODs // Suspecting GPU fail

1. Please remove any CD visualization programs such as Daemon Tools and Alcohol 120%.

They use a driver, found in your dmp, called sptd.sys, that is notorious for causing BSODs.

Use this SPTD uninstaller DuplexSecure - Downloads DuplexSecure - FAQ

when you're done you can use this Freeware:

MagicISO Virtual CD/DVD-ROM (MagicDisc) in its place

Using MagicISO to create ISO image files
2.




Quote:
"It's not a true crash, in the sense that the bluescreen was initiated only because the combination of video driver and video hardware was being unresponsive, and not because of any synchronous processing exception".

Since Vista, the "Timeout Detection and Recovery" (TDR) components of the OS video subsystem have been capable of doing some truly impressive things to try to recover from issues which would have caused earlier OSs like XP to crash.

As a last resort, the TDR subsystem sends the video driver a "please restart yourself now!" command and waits a few seconds.

If there's no response, the OS concludes that the video driver/hardware combo has truly collapsed in a heap, and it fires off that stop 0x116 BSOD.

If playing with video driver versions hasn't helped, make sure the box is not overheating.

Try removing a side panel and aiming a big mains fan straight at the motherboard and GPU.

Run it like that for a few hours or days - long enough to ascertain whether cooler temperatures make a difference.

If so, it might be as simple as dust buildup and subsequently inadequate cooling.

I would download cpu-z and gpu-z (both free) and keep an eye on the video temps


STOP 0x116: VIDEO_TDR_ERROR troubleshooting

http://www.sevenforums.com/bsod-help-support/222568-pretty-random-bsods-suspecting-gpu-fail.html
Relevancy 41.71%

First I m not completely sure this is a hardware problem but it is what I m suspecting and also thank you for your time I posted a similar problem in the multimedia category because I thought it was a problem with a multimedia editing software TMPGEnc Xpress but apparently my computer continues to shutdown when encoding only I don t think it s my program causing the shutdown of my computer rather I think it s my hard drive getting hot I touched the hard drive section and it was really hot and then shutting down but this problem is even more problematic because it occurred not too long ago while I was doing normal computing instant messaging music and internet browsing and it also shutdown and I also noticed it was fairly hot which really worries me because when it shutdown almost instantly as if turning off an old television because it even make a quot pop quot noise it also failed to turned back on until I left it alone for a little while Why Because when it began turning on it would shutdown in the middle of the startup again as if turning off a television with that quot pop quot noise Is my hard drive compromised Should I just get some cooling pads - Those are the two things I m considering would help or be the problem Unexpected shutdowns, my suspecting hard drive. I'm but I really don t know I m not really hardware savvy so I m afraid of even opening and or touching any electronics because I think they ll explode from some wrong movement on my behalf since I ve already opened other Unexpected shutdowns, I'm suspecting my hard drive. electronic devices and all I ve done is render the semi-working device completely useless Thank you for your time and patience and I would greatly appreciate any help and suggestions anyone is willing to offer nbsp

Relevancy 41.71%

Hello System Windows XP Home Genuine with MSE installed From last few days I am getting rahndom pop up windows when I start my computer or leave my computer idle for long It suspecting Chrome at startup, popup adware just opens a chrome popup window with some kinds of ads with different URL's each time The ProcessExplorer path for popup is given below Path C WINDOWS system cmd exe Command Line d c dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS Chrome popup at startup, suspecting adware TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system Chrome popup at startup, suspecting adware gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp dir C WINDOWS system gt gt C WINDOWS TEMP amp del C WINDOWS TEMP amp C WINDOWS system cmd exe d c C WINDOWS system cmd exe d c C PROGRA Google Chrome APPLIC chrome exe http static shinyinnovation com bg z amp ilmernzkvtaztusntu FB F A EB B amp pu amp s amp nm ilmernzkvtaztusntu amp t Current Directory C WINDOWS system I have run FRST and logs are attached Please help Thanks Vivek

A:Chrome popup at startup, suspecting adware

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
Please download AdwCleaner by Xplode onto your Desktop.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the  Scan  button and wait for the process to complete.
Click the Report button and the report will open in Notepad.
 
IMPORTANT
 
If you click the Clean button all items listed in the report will be removed.
 
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
 
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the  Scan  button and wait for the process to complete.
Check off the element(s) you wish to keep.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished.
Please post the content of that log file with your next answer.
You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===
 
Run the Farbar tool one more time and post a fresh FRST log for my review.
===
 
Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.
 
How is the computer running?
Wait for further instructions.

http://www.bleepingcomputer.com/forums/t/544589/chrome-popup-at-startup-suspecting-adware/
Relevancy 41.71%

Hi my first time here I have a new Dell Aurora in Page bad nonpaged Suspecting HDD fault area, R only a month old with GB of RAM and a TB harddrive for gaming though it isn't exclusively all I use it for Technically Page fault in nonpaged area, Suspecting bad HDD two months old since they delayed delivery by a whole month I apologize for not providing more detailed specifications as I am at work now will update with the relevant information when I get home In any case my problems started a little over a week ago Boot-up was normal logging in took a few minutes longer than it previously did Immediately evident was that my network refused to initialize reporting quot No Internet access quot The second issue that manifested was that everything but core Windows functions took at least or more minutes execute About an hour after logging in the network connector reports internet access minutes after that once Firefox has booted up I can confirm that I do not actually have internet access Or even access to any other devices attached to the LAN On a hunch I ran chkdsk with the R option Unfortunately underestimated the time that would take When it ended hours later I checked the log in the Event Viewer There were so many bad clusters that it scrolled off the log so I could not tell how many there actually were This should have been the end of it unfortunately it had no impact on my system I decided to run it a second time and this time it reported no errors Page fault in nonpaged area, Suspecting bad HDD with a count of KB Bad Clusters It was about this point that I decided to call Dell Support After talking me through running their own support tools which naturally reported all systems green they then talked me through a factory reset with the pre-loaded image file Immediately after I ran chkdsk R again which came up clean so I thought that was over I then uninstalled the bundled McAfee and replace it with Avast Free which I have been using for years now Everything was running smoothly until a few minutes after when I queued Windows Update to begin downloading the patches that were reset The system grounded back to the previous crawl so suddenly I could almost hear the squealing tires It was on the next boot-up that I received my first Win BSOD before the login screen could appear Page Fault In A Nonpaged Area Immediately after the memory dump it restarted and presented me with the login screen as if nothing had happened Logging in showed that my condition had not changed Dell Support is now recommending I perform a clean re-install of Windows which I will be performing tomorrow as the weekend begins for me then though I am not optimistic I highly suspect that my HDD is faulty despite Dell's support tools saying otherwise I would like a second opinion I will post more detailed specifications as well as the dump file when I get home though I am not sure how useful it will be since it was made immediately after a reset Apologies for the long ramble-y post with the missing information but I'm at my wit's end here For the record I do not install hardware drivers offered through Windows Update A couple of past incidents cured me of that compulsion

A:Page fault in nonpaged area, Suspecting bad HDD

Is that drive one gigantic partition or is it broken up?

How is it broken up?

Can you send us a screen cap of your disk management?

http://www.eightforums.com/bsod-crashes-debugging/26236-page-fault-nonpaged-area-suspecting-bad-hdd.html
Relevancy 41.71%

And I do not know what made them able to hack me I have Zone Alarm and AVG Free they got my pass even though I did not tell anyone about it OS Windows Vista - Home Premium Service Pack ActiveScan - Panda ANALYSIS - - PROTECTIONS MALWARE SUSPECTS PROTECTIONS Description Version Active Updated Windows Defender No Yes MALWARE Id Description Type Active Severity Disinfectable Disinfected Location Cookie Casalemedia TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows hacked. got recently Suspecting Trojan/Malware, Cookies elexyr casalemedia txt Cookie Doubleclick TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr doubleclick txt Cookie Atlas DMT TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr atdmt txt Cookie Tradedoubler TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr tradedoubler txt Cookie FastClick TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr fastclick txt Cookie Tribalfusion TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr tribalfusion txt Cookie Mediaplex TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr mediaplex txt Cookie YieldManager TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr ad yieldmanager txt Cookie Apmebf TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr apmebf txt Cookie BurstNet TrackingCookie No Yes No C Suspecting Trojan/Malware, recently got hacked. Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr burstnet txt Cookie Serving-sys TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr serving-sys txt Cookie Serving-sys TrackingCookie Suspecting Trojan/Malware, recently got hacked. No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr bs serving-sys txt Suspecting Trojan/Malware, recently got hacked. Cookie Adtech TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr adtech txt Cookie Advertising TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr advertising txt Cookie Adrevolver TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr media adrevolver txt Cookie PointRoll TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr ads pointroll txt Cookie RealMedia TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr realmedia txt Cookie Zedo TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr zedo txt Cookie Adrevolver TrackingCookie No Yes No C Users Elexyr AppData Roaming Microsoft Windows Cookies elexyr adrevolver txt SUSPECTS Sent Location s VULNERABILITIES Id Severity Description s HJT log Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system Dwm exe C Windows system taskeng exe C Windows Explorer EXE C Program Files Windows Defender MSASCui exe C Windows RtHDVCpl exe C Program Files AVG AVG avgtray exe C Program Files Zone Labs ZoneAlarm zlclient exe C Windows System rundll exe C Windows System rundll exe C Program Files Java jre bin jusched exe C Program Files Common Files Real Update OB realsched exe C Program Files HP HP Software Update hpwuSchd exe C Program Files Windows Live Messenger msnmsgr exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files DAEMON Tools Lite daemon exe C Program Files Windows Media Player wmpnscfg exe C Program Files HP Digital Imaging bin hpqtra exe C Windows System mobsync exe C Program Files HP Digital Imaging bin hpqSTE exe C Program Files Mozilla Firefox firefox exe C Windows system SearchFilterHost exe C Windows system N... Read more

Relevancy 41.71%

Hello I m looking for help with a strange problem that started occuring recently on my computer When I m connected to the Internet - Data stops downloading malware suspecting during downloads my data transfer Data downloading stops - suspecting malware suddenly stops for a few seconds all transfers are cancelled It isn t visible when I m browsing through the websites but when I m downloading files from the Internet or movies on YouTube it gets worse after a minute of downloading the transfer stops and never resumes I have to do it manually but then after minute everything repeats First I thought that my ISP was Data downloading stops - suspecting malware to blame But a week later I moved to a different location and used a connection provided by a completely different company - nothing has changed So now I suspect that something is wrong with my computer software Maybe some kind of malware I scanned and cleaned my PC with Avast AVG Anti-spyware SS amp D ANG Anti-Rootkit and Ad-Aware Also I launched ComboFix Nothing helped I m attaching two log files ComboFix and HijackThis Thanks in advance for all the help and advice nbsp

A:Data downloading stops - suspecting malware

Help, somebody? Anyone?

Maybe somebody could only check my HijackThis log, because it looks like there are a lot of bad things there.

Please?

Here it is:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:30:33, on 2007-10-06
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Loop\Pulpit\DeVir\Ad-Aware SE 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Documents and Settings\Loop\Pulpit\DeVir\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Diskeeper\DkService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\runservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\Loop\Pulpit\DeVir\hijack.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = &#321;&#261;cza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\DOCUME~1\Loop\Pulpit\DeVir\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'US&#321;UGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'US&#321;UGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &&#346;ci&#261;gnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &&#346;ci&#261;gnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0... Read more

https://forums.techguy.org/threads/data-downloading-stops-suspecting-malware.633421/
Relevancy 41.71%

Hi as you can see in my title I got a keylogger a few days ago and my world of warcraft was hacked I got it back and I made virus is several keylogger, yet? it a gone scans made, Suspecting a lot of scans and stuff and I thought I were safe but got hacked once more I ve done even more scans and removed trojans and stuff Now I just want to know if it s gone yet I don t feel safe before it s gone cant login anywhere HJ Log Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program AVG AVG avgrsx exe C Program Delade filer Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Bonjour mDNSResponder exe C WINDOWS Explorer EXE C Program NetLimiter Pro nlsvc exe C Program Google Update GoogleUpdate exe C Program Google Update GoogleCrashHandler exe C WINDOWS System nvsvc exe C WINDOWS system ctfmon exe C Program Wireless-N PCI Adapter WLService exe C Program Wireless-N PCI Adapter WMP N exe C Documents and Suspecting a keylogger, several virus scans made, is it gone yet? Settings Daniel Lokala inst llningar Application Data Google Chrome Application chrome exe C Program Windows Live Messenger msnmsgr exe C Program MessengerDiscovery MessengerDiscovery Live exe C WINDOWS system wuauclt exe C Program Windows Live Messenger usnsvc exe C Program Spotify spotify exe C Program SpeedFan speedfan exe C Documents and Settings Daniel Lokala inst llningar Application Data Google Chrome Application chrome exe C Program Lavasoft Ad-Aware AAWService exe C WINDOWS system rundll exe C Documents and Settings Daniel Lokala inst llningar Application Data Google Chrome Application chrome exe C Program Trend Micro Suspecting a keylogger, several virus scans made, is it gone yet? HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google se R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName L nkar O - BHO WormRadar com IESiteBlocker Suspecting a keylogger, several virus scans made, is it gone yet? NavFilter - CA F - F E- B -A E- E E C C - C Program AVG AVG avgssie dll O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C Program Microsoft Office Office GrooveShellExtensions dll O - BHO Java tm Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Google GoogleToolbarNotifier swg dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Java jre bin jp ssv dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Java jre lib deploy jqs ie jqs plugin dll O - Toolbar DAEMON Tools Toolbar - AAC-C - - E A- E A E - C Program DAEMON Tools Toolbar DTToolbar dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run msnmsgr quot C Program Windows Live Messenger msnmsgr exe quot background O - HKUS S- - - Run CTFMON EXE C WINDOWS System CTFMON EXE User LOKAL TJ NST O - HKUS S- - - Run CTFMON EXE C WINDOWS System CTFMON EXE User NETWORK SERVICE O - HKUS S- - - Run CTFMON EXE C WINDOWS System CTFMON EXE User SYSTEM O - HKUS DEFAULT Run CTFMON EXE C WINDOWS System CTFMON EXE User Default user O - Extra context menu item E amp xportera till Microsoft Excel - res C Program MI Office EXCEL EXE O - Extra button Skicka till OneNote - A- - f c- - EE C C - C Program MI Office ONBttnIE dll O - Extra Tools menuitem Ski amp cka till OneNote - A- - f c- - EE C C - C Program MI Office ONBttnIE dll O - Extra button Research - B - CC- C -B BE- C C A - C Program MI ... Read more

https://forums.techguy.org/threads/suspecting-a-keylogger-several-virus-scans-made-is-it-gone-yet.855681/
Relevancy 41.71%

Hey my name s nikhil For the past week or so i have noticed my computer computer... malware suspecting an Slow unidentified running a lil slow both on win xp and on win Here Slow computer... suspecting an unidentified malware are the specs of my system Windows- Tech Support Guy System Info Utility version OS Version Microsoft Windows Ultimate bit Processor AMD Sempron tm Processor AMD Family Model Stepping Processor Count RAM Mb Graphics Card NVIDIA GeForce nForce Microsoft Corporation - WDDM Mb Hard Drives C Total - MB Free - MB D Total - MB Free - MB E Total - MB Free - MB F Total - MB Free - MB Motherboard MSI MS- Antivirus Sunbelt VIPRE Updated Slow computer... suspecting an unidentified malware and Enabled Here s a log of Hijackthis Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows WinNT MSIE Internet Explorer v Boot mode Normal Running processes E Program Files x Sunbelt Software VIPRE SBAMTray exe E Program Files x Malwarebytes Anti-Malware mbamgui exe E Program Files x Trend Micro HiJackThis HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co in R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page E Windows SysWOW blank htm R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName F - REG system ini UserInit userinit exe O - HKLM Run SBAMTray quot E Program Files x Sunbelt Software VIPRE SBAMTray exe quot O - HKLM Run Malwarebytes Anti-Malware quot E Program Files x Malwarebytes Anti-Malware mbamgui exe quot starttray O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe autoRun User LOCAL SERVICE O - HKUS S- - - RunOnce mctadmin E Windows System mctadmin exe User LOCAL SERVICE O - HKUS S- - - Run Sidebar ProgramFiles Windows Sidebar Sidebar exe autoRun User NETWORK SERVICE O - HKUS S- - - RunOnce mctadmin E Windows System mctadmin exe User NETWORK SERVICE O - Options group ACCELERATED GRAPHICS Accelerated graphics O - Service SystemRoot system Alg exe - ALG - Unknown owner - E Windows System alg exe file missing O - Service SystemRoot system efssvc dll - EFS - Unknown owner - E Windows System lsass exe file missing O - Service systemroot system fxsresm dll - Fax - Unknown owner - E Windows system fxssvc exe file missing O - Service keyiso dll - KeyIso - Unknown owner - E Windows system lsass exe file missing O - Service MBAMService - Malwarebytes Corporation - E Program Files x Malwarebytes Anti-Malware mbamservice exe O - Service comres dll - MSDTC - Unknown owner - E Windows System msdtc exe file missing O - Service SystemRoot System netlogon dll - Netlogon - Unknown owner - E Windows system lsass exe file missing O - Service systemroot system psbase dll - ProtectedStorage - Unknown owner - E Windows system lsass exe file missing O - Service systemroot system Locator exe - RpcLocator - Unknown owner - E Windows system locator exe file missing O - Service SystemRoot system samsrv dll - SamSs - Unknown owner - E Windows system lsass exe file missing O - Service VIPRE Antivirus Premium SBAMSvc - Sunbelt Software - E Program Files x Sunbelt Software VIPRE SBAMSvc exe O - Service SB Recovery Service SBPIMSvc - Sunbelt Software - E Program Files x Sunbelt Software VIPRE SBPIMSvc exe O - Service SystemRoot system snmptrap exe - SNMPTRAP - Unknown owner - E Windows System snmptrap exe file ... Read more

https://forums.techguy.org/threads/slow-computer-suspecting-an-unidentified-malware.1042631/