Windows Support Forum

Need an activity tracker

Q: Need an activity tracker

Need a software which can record files and folders accessed recently....
(other than the windows recently accessed programs/documents)..

Relevancy 100%
Preferred Solution: Need an activity tracker

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Need an activity tracker

This might work:

Recent Files Shell Extension

A Guy

http://www.sevenforums.com/software/147383-need-activity-tracker.html
Relevancy 30.53%

Hello there all this is my first time trying to troubleshoot my own computer so I figure that lights activity? no up, LED other in front I would try to head to this forum for some assistance The other day there was what I think was a power surge through the lines which fried my router which now just turns on but cant transmit the internet signals through it because my computer shows a connection but just sits at limited connectivity and destroyed something with my desktop I am much more concerned with my desktop currently and I am wondering what the problem might be When the power is turned on to the computer the LED in the front lights up on the power button but there is absolutely no activity for the computer what so ever This leads me to believe that the motherboard is fried Am I correct in this assumption The motherboard is a Foxconn M PMV if that helps anyone Thanks so much if you can help with this Nix nbsp

A:LED in front lights up, no other activity?

Swap out the power supply first, before the motherboard. Open the computer case and check and smell for burned components. If you don't see or smell anything, hopefully its only the power supply. Just because you have a power light, this doesn't mean that the power supply is putting out all the necessary voltages that a computer needs
 

http://www.techspot.com/community/topics/led-in-front-lights-up-no-other-activity.157280/
Relevancy 29.24%

Could somebody help me with a quick batch program to remove, network addresses, gateway, broadcast, etc.? Also include cookies, browser history and that sort of thing but really I want the network code if you could help out with that.

I know I could just use ccleaner but this is something that will be constantly worked on until all the functions I want will be in this one batch file instead of possibly running a couple programs.

Used these two but need to know from the experts!!

ipconfig /release
ipconfig /flushdns

Also when the the wireless card is pulled from the pcmcia slot, like to know what wipes any trace of the hard coded ip, mac ip.
 

A:Create a batch file to remove network activity

any help putting this code together for me. windows 7
 

http://www.techspot.com/community/topics/create-a-batch-file-to-remove-network-activity.154433/
Relevancy 30.53%

Ok I recently Installed everything fresh and a posibility of a virus or spyware is minimal, I have Kaspersky installed and a few applications I need, such as clone dvd, any dvd, Nero, Office 2007, all drivers and a few more small programs.

I have Windows Vista Home Premium 64 bit and I'm concerned my Hard drive is always on activity, I can hear it spinning and the led is blinking all the time.

What could be the causes of this? if it's a software program reding/writing on HDD, how can I spot it? Thanks!
 

A:Always Activity on Hard Drive, Why?

Likely Vista Defrag
It's running as a task in the background

By the way, you can turn off many not required startups with this tool: http://www.mlin.net/StartupCPL.shtml

Kaspersky is also high on resource so there's nothing you can do about that except replace it (I use free Avira Antivirus)
 

http://www.techspot.com/community/topics/always-activity-on-hard-drive-why.126824/
Relevancy 29.67%

When I shut down my system there is audible disc activity and a flickering HD LED at, and immediately after, the point at which the machine turns off. This is scary because I have always understood that turning off power while a HD is active is more than likely to kill it, and I haven't noticed this on other machines. The mainboard is a QDI Advance 5-133E and the O/S Windows 2000 Pro.

Is this dangerous? Is there any way I can get back the good old "It is now safe to turn off your computer" message?

I would like to get the message back anyway, because I always turn off at the mains socket immediately I shut down, but all I can find online is questions from people trying to get rid of the message!
 

A:Hard Drive activity AFTER machine shuts down

That's a Power Management issue
The computer should really just fully shutdown (unless really old)

Try running Bios setup defaults (usually press DEL or F2 or some other key to get into bios setup screen, when the computer first turns on)
 

http://www.techspot.com/community/topics/hard-drive-activity-after-machine-shuts-down.117741/
Relevancy 29.24%

i have a home built computer that is about yrs old now but never given me any problems i just recently bought a gig of ram and after i installed it i tried to turn on the pc and nothing happened i took out the new gig to see if that was it but it wasnt still nothing the mobo light is on and ive checked all cables and tried swapping out the power supply or wont light any on, no other but power PC beeps, fans, activity mobo up, and still nothing i have no idea what to do and complettely stumped i did smell smoke but i thott it might have just been dust lol its been a few weeks since it happened but i work a lot and havent had the time PC wont power up, mobo light on, but no fans, beeps, or any other activity im running a socket soyo MoBo an OC d intel p processor a watt PS gigs of ddr ram stick pc and the other pc a geforce gt or gs forgot and windows HDD s a normal and a slave and another external nbsp

A:PC wont power up, mobo light on, but no fans, beeps, or any other activity

what brand of psu? on a 5 year old computer that is always a question, and because the mobo light is on does not mean the power is good.
 

http://www.techspot.com/community/topics/pc-wont-power-up-mobo-light-on-but-no-fans-beeps-or-any-other-activity.113389/
Relevancy 26.23%

I have a network problem and it may be a bit hard to explain my situation fully but I ll try to cover the pertinent information Basically when I do anything network intensive like a file transfer the file transfer will work but it will kill all other network activities I can t browse the web or IM during this time as Firefox will say that it s timed out and IM will drop off and disconnect The network setup I m using is hard to explain fully but the basic core of it is a router with an access point linked via WDS The router provides wifi through the house and also connects to the AP with WDS full g signal The AP basically just gives me hardwired Ethernet ports for my equipment which is in a location where it would be very difficult to hardwire Both the router and AP are running the latest quot tomato quot aftermarket firmware FWIW Almost all of my transfers involve going from wired to wireless I tested my transfer network stops other network Wireless activity? file all transfer speed during several file transfers and got just a tad over MB s mbit s which seems ok to me since it s going from wired Wireless network file transfer stops all other network activity? to wireless g If I do a transfer over Wireless network file transfer stops all other network activity? ethernet to ethernet no wireless it does not seem to cause the problem Basically it seems like the router is not dividing up wireless bandwidth as it should It seems to be only allowing the one transfer to use the wireless at any given time Is there a setting that might help me I was thinking maybe a QOS setting might help but I m not really sure what I m doing in that respect This is what my QOS menus look like if that helps Any help is appreciated I m no network whiz so take it easy on me Thanks nbsp

A:Wireless network file transfer stops all other network activity?

Have you tried another router or changed the routers location?
 

http://www.techspot.com/community/topics/wireless-network-file-transfer-stops-all-other-network-activity.111523/
Relevancy 30.96%

Hello everyone, does anybody know how many volts or watts does the hdd activity led needs? I need to connect it to the smallest battery which has enough power & its needs to be on a bicycle pedal. I have no clue about electrical,circuitry stuff. thanks.
 

A:HDD activity led

Although this circuit states 9V it's more likely 3.5Volts

I found this really easy page to understand here: http://www.kpsec.freeuk.com/components/led.htm

Have fun making your circuit
 

http://www.techspot.com/community/topics/hdd-activity-led.111418/
Relevancy 30.53%

Apologies if this is in the wrong forum, but it seemed most relevant here.

I had an old Dell Optiplex 150 donated to a student organization. It was stripped down to the motherboard, power supply, and video card. I connected a hard drive and threw in some RAM and am trying to get it to start (unsuccessfully).

When plugged in, there is a yellow light on the motherboard. When the power button is depressed, nothing happens. No lights, no wirs, no fans, no hard drive, nothing. I just got the skeleton two days ago, and the department that gave it left it outside the office. It is an upgrade from the board we had, despite my lack of details of model numbers.

Any ideas as to what I should try to get it running?
 

A:Computer Power and Activity

Replace the power supply. About $35... or lower if you go to www.pcsurplusonline.com
They deal in Dell Optiplex units and often have power supplies for sale cheap.

Better yet, buy a new ATX for about $34. If you don't put a power hungry video graphics card, you may have a winner.

Or you can buy a power supply tester for $10 to $30 which will tell you what you want to know... one of the three rails has gone bad.

Other than the power supply, it is a pretty rugged unit.
 

http://www.techspot.com/community/topics/computer-power-and-activity.108065/
Relevancy 29.24%

K another broken comp thing, but found excellent help here before so thought id try before buying replacement parts

Got a 8800gt 512 "GS" and a 400w PSU to replace a 7600gt and 300w PSU.
after replacing both the monitors fail to get a signal and drives dont boot.
the mouse and keyboard also only light for about a sec.
The 8800 needs 450w min though..*****ic me. so replaced again with originals,
but the problem remains,HDDs,monitors and keyboard all work fine on other machines.
tried both cards,both PSUs,both pci-e ports,both pci-e power connections,different monitor and hdd.totally stuck right now and desperately need it working at the moment.

any help or advice from the superior knowledge here would be extremely appreciated, thanks

PSUs are Fortron 300W +12v=16a / NorthQ 400W +12v=18a ..i think
 

A:Desperately needing help, possible psu/mobo issue disabling all gpu activity

Neither of your power supplies have enough amperage to feed the 8800 GT. You need at 450 watts with at least 30 amps combined in the 12 volt section. Go a little over that if you can to be sure other devices have enough. This will fix this issue.
 

http://www.techspot.com/community/topics/desperately-needing-help-possible-psu-mobo-issue-disabling-all-gpu-activity.95456/
Relevancy 29.67%

Hello,
I have a BIOSTAR U8668-D Mobo and is not working at all... now.
I turn it on, and nothing hapens but the power is OK, the procesor's fan cooler turn on and the Harddrives feels like is doing something for one moment... but then nothing...

After this I turned off the power and installed a POST Card on the MOBO and saw that the LED for BIOS was not on.. like it hasn't a BIOS at all thi mobo...

what to do?
 

A:Mobo with no POST test (No BIOS activity)

I guess it is the BIOS ... try the process where you remove the BIOS chip and fix it with another similar motherboard (while turned on).

I am not sure though, and am a starter just .... sorry couldn't find the links for you at the moment.

I hope others will have a better reply for you.
 

http://www.techspot.com/community/topics/mobo-with-no-post-test-no-bios-activity.89729/
Relevancy 30.53%

Hello:

I just bought a new ASUS M2N-LR motherboard. It works fine except for one item: The Hard Drive LED doesn't flash or blink hard drive activity.
The HD LED is always off.

This seems trivial but at the same time I would like to fix it. Maybe I'm being too much of a geek.

The LED on the computer case works fine. I stretched the cable and connected it to another computer and it worked like it's suppose too.

I already talked with ASUS tech support, and the motherboard was replaced
,but I still have the same issue.

Here is the model of my hard drive:
Western Digital Caviar SE WD2500JS 250GB 7200 RPM 8MB Cache SATA 3.0Gb/s Hard Drive - OEM

Any recommendations would be greatly appreciated. Thank You all.
RomeroRS
 

A:ASUS motherboard - no HD LED activity

Switch pins on the LED header, because you have the light plugged-in backwards. Current flows in only one direction with an LED.
 

http://www.techspot.com/community/topics/asus-motherboard-no-hd-led-activity.83194/
Relevancy 30.53%

I have been looking for a monitor to show my GPU temp at all times. I use "PC Wizard" for temp checks. I found that if I choose the temp tab on PC Wizard then minimize the display into your taskbar, everything that I want appears on the desktop. Both cores of the cpu are monitored, GPU temp in realtime with CPU temp and voltage. I hope this helps someone running an Nvidia 8800GTS SC like I am. pdyckman
 

http://www.techspot.com/community/topics/gpu-cpu-desktop-activity-monitor.80926/
Relevancy 30.1%

Replaced Screen, Windows Xp Logo briefly appears then nothing?

Hi.

We have had a compaq r4000, where we have replaced the screen, cable and inverter.

When we power on the PC, we see no bios/starup text only the windows xp logo for a short period (looks in limited colours also) then all goes black.

If we connect a monitor to the vga port the PC seems to work okay, with all bios screens and windows loading properly.

I have tried updating the bios (just to rule it out), resetting the bios etc. But am now stuck on what else we can do.

Tried putting in the old cable, screen and inverter in different combinations and still no luck.

I would think it was the graphics card if, but then I cant understand how the external screen would then work.

Now banging head against hard door

Stef
 

A:strange activity with new laptop screen

The video drivers are set to a resolution/refresh that the internal screen cannot handle (while the external one can)? Or, the video drivers are set to disable the internal display? Or, the video drivers are FUBAR and you should reinstall them?
 

http://www.techspot.com/community/topics/strange-activity-with-new-laptop-screen.77812/
Relevancy 30.53%

I dont know if this is normal or not but I noticed it a couple of weeks ago and it is bugging me...When i am not using my pc, even while sitting here looking at this web page, the hd sounds like it is doing something (few clicks every couple seconds), it does this but the hd indicator light does not blink. There is no antivirus running, so no scanning, only yahoo widgets and zonealarm. I am worried it is a virus or some other unwanted problem. Should I be concerned about this?
 

A:HD Activity When Idle

I fully understand -- this is my reaction too.

First, set your VM size to a FIXED value; eg 2x your real RAM. This will
stop XP from expanding it and make your system more responsive too.

Second, make user you have the default setting for Prefetch; if you've never
heard of this -- GOOD, just leave it alone.

Try using the Taskmgr, Processes tab and click on the CPU usage heading twice
to show System Idle Process at the top. Now you can monitor which process
is active when you observe the symptom. If there's nothing obvious,
click on the Networking tab and monitor for internet access; someone
may be 'calling home' for updates.
 

http://www.techspot.com/community/topics/hd-activity-when-idle.72891/
Relevancy 30.53%

Hi all Basically my computer has started acting very strangly over the last couple of days Boots up as normal and even works fine for varying amounts of time anything from mins to a few hours But all of a sudden the HDD will start going mental and the whole ststem will slow to a crawl with the only way of correcting the problem being a going Whats on activity?! HDD with my reset I have checked all the classic things such as task man and there does not seem to be any programs running that shouldnt be and the CPU usage is low also only a few I have also run a spyware sweep Spybot S amp Whats going on with my HDD activity?! D said everyting was fine and even disconnected from the network when Whats going on with my HDD activity?! the problem occured was worried someone was having a look around my computer but none of this seems to help Was wondering if anyone had any other ideas of what it could be or a way of finding out as it is really starting to annoy me Thanks for your time amp any comments u might have btw its a Whats going on with my HDD activity?! partitioned Gb maxator HDD and is only about a year old it is quite full only about Gig free but i dont see why it would suddenly start behaving like it is Cheers ash nbsp

A:Whats going on with my HDD activity?!

How about memory usage? Bad sectors can cause this too, you should scan the drive with the Maxblast utility.
 

http://www.techspot.com/community/topics/whats-going-on-with-my-hdd-activity.38256/
Relevancy 30.53%

I have an Asus motherboard with a Western Digital harddrive (all listed in my profile) that apparently doesn't get past the POST. The monitor never flickers on and there are no beeps from the board. I have even removed the RAM and the exact same thing happened. It apparently didn't even notice the RAM missing. I tried known working RAM in it and same effect. I even unplugged the graphics card and the same thing; its like it doesn't even get to the stage of checking the video or RAM. The keyboard never initializes either. The harddrive is okay, I checked it in another computer. I have also reset the BIOS both by removing the battery and the jumper settings. Any help would be greatly appreciated! :grinthumb
 

A:No POST or other motherboard activity

hate to say it but it is sounding like a mobo/PSU/processor problem
 

http://www.techspot.com/community/topics/no-post-or-other-motherboard-activity.32124/
Relevancy 30.1%

Howdie I hope that one of you more-tech-savy-than-I people can help me out When I power on my computer lights flash and the drives HDDs fans spin However that s as far as it goes Neither of my monitors displays an image nor do I get any of the normal problem activity no Computer on, Turns but - beeps or other sounds associated with a normal startup After a few minutes of just nothing the system turns off and cannot be turned on again unless I unplug the cord for a few Computer problem - Turns on, but no activity minutes Computer problem - Turns on, but no activity In the very recent past the system has randomly powered itself off a few times I assume it was because there s a lot of heat It s been over for the past weeks and my room doubles as a brick oven in the sun I ve been meaning to get a new case with a better cooling system never trust CompUSA to build your computer but money seems to be going to other less important things like food and clothing I think the motherboard maybe fried but I d like your opinion nbsp

A:Computer problem - Turns on, but no activity

Most likely it's something related to heat. Bring it to a PC repair shop and get them to look at it
 

http://www.techspot.com/community/topics/computer-problem-turns-on-but-no-activity.26657/
Relevancy 29.67%

I have an ECS N2U400A-Ultra mobo and a BUSlink Seria ATA Controller card controlling a Raptor. What I cant figure out is how to make the Hard Drive activity led work.
 

A:Motherboard Hard Drive Activity Led problem

As that is a PCI card, it does not have a connection to the control-light that connects to the motherboard's IDE controller.
Unless there is a LED-connector on that BUSlink card, you'll have to live without it.
 

http://www.techspot.com/community/topics/motherboard-hard-drive-activity-led-problem.24894/
Relevancy 30.53%
A:This forum needs more activity...

Sorry if our computer's are not breaking at a fast enough rate for you cryo.
 

http://www.techspot.com/community/topics/this-forum-needs-more-activity.2282/
Relevancy 41.28%

I've used Excite.com for years but with in the last few days I have noticed that a feature of theirs Stock Tracked is missing! Anyone happen to know if this is permanent?
 

http://www.techspot.com/community/topics/excite-com-stock-tracker-missing.147085/
Relevancy 29.24%

Hey guys I ve had a look around the forums and haven t seen anything activity graphic randomly with and intensive restarts freezes Desktop like Desktop freezes and randomly restarts with graphic intensive activity my issue so I hope it s okay to post this I build a custom computer about a year ago and everything has years warranty About a month ago my computer started blue screening when I tried to play any games and if I accidentally knocked the desk it would freeze It then completely stopped turning on even though the actual computer was running nothing was showing on the monitor However when the graphics card was taken out it started up fine So my mate put it down to a faulty graphics card and we got it replaced I got said graphics card back yesterday put it back in and re installed the necessary driver and hey presto it worked for a while I started playing assassins creed and min into the game my computer crashed I decided to reformat my computer to ensure there isn t any undetected virus or software faults but the freezes and random restarts continue to happen afterwards So I ve used my computer today for about an hour just browsing the internet and no problems As soon as I run skype it randomly restarts again I checked the hardware with HWMonitor and everything is running fine This is my build Corsair Vengeance CMZ GX M A C GB x GB DDR BitFenix Spectre mm Black Tinted Blue LED Fan Arctic Cooling MX- Thermal Compound g BitFenix Sleeved Molex to x pin V Power Cable Black Corsair GS- V Power Supply BitFenix Spectre mm Black Tinted Green LED Fan ASUS P H -M Motherboard Intel Core i BitFenix Shinobi Black Case with Window Gigabyte GeForce GTX OC with METRO Not sure what else you guys need info wise im not very tech savvy But anyone got any ideas From what I ve read it could be a faulty power supply or issues with the RAM but I have no way of testing that without spending for some quot pro quot to diagnose it for me nbsp

A:Desktop freezes and randomly restarts with graphic intensive activity

Update:
fresh reformat complete - all ok
hw monitor test complete - all ok
chkdsk complete - no errors
memtest complete - no errors

Issues:
Takes forever to load on start up now
Random restarts
Random freezes
** CD rom drive now stutters/makes clicking noises when CD inserted
** Games no longer start, I.e LoL/steam
 

http://www.techspot.com/community/topics/desktop-freezes-and-randomly-restarts-with-graphic-intensive-activity.206513/
Relevancy 41.28%

Need help! I have a advantage database program called Manheim tracker 3.097..been working fine until restart on 1/27. Program wouldn"t start up . A ( COMPANY ADT) file error.What is this?Where did it go? Any one fimiliar with this program.?
 

A:Manheim tracker data problem

Does this link help?
Recovery Toolbox
 

http://www.techspot.com/community/topics/manheim-tracker-data-problem.142147/
Relevancy 30.53%

Is there a way to examine what has happened during a boot of a computer? Does XP keep a "boot log" ?

I know my CPU is looking for some sort of driver or trying to start a service because all of a sudden boots take forever, and in the middle of them the floppy and CD-ROM drives come on as if WinXP Pro ( 32 bit) is looking for a driver or can't start a service correctly, but I can't figure out what the problem is.

Thanks for any help.
 

A:Is There A Way To Trace Activity During Boot Up?

This may be the log you're looking for?
Follow these steps
Type MSINFO32.EXE in Start, Run dialog
Click the (+) sign in Software Environment category
Select Startup Programs. System Information will now generate the list of startup entries.
Once the right-pane is populated, click the File menu and choose Export
Type-in a file name (example: startuplog.txt) and choose a location to save the file.
Close MSINFO32 utility.
 

http://www.techspot.com/community/topics/is-there-a-way-to-trace-activity-during-boot-up.132746/
Relevancy 29.67%

Hi guys,

i'm looking for advice on appropriate software that will effectively spy on a users terminal services account on win server 2003). I need to track how often, what sites and how long he spends on the internet per working day.
Our HR has sanctioned this.
Could it be done via group policy or does it need specific software?
I found win-spy which seemed really good and do what i want, but whilst running it, i found i could no longer log into the server by RDP, so that was uninstalled, shame!

Any advice please?

Cheers
 

A:Internet activity monitoring in terminal services

You're talking some pretty serious 'stuff' here. IF this is a work environment, the IT in charge should handle this. I don't know what an 'HR' is, but even it that person 'sanctioned' it, the "spying" should be in the hands of someone who both knows how and is authorized to carry it out.

I don't want to get up on a soap box here, but this is holding an employee's job and future in jeopardy. It shouldn't be in the hands of someone who has to 'ask' how to do it!
 

http://www.techspot.com/community/topics/internet-activity-monitoring-in-terminal-services.97481/
Relevancy 30.1%

I ve been noticing some strange behavior lately which I think may be tied to low performing files and or disk clutter Sometimes when I open up a new folder with many items inside I see that the icons on the desktop refresh Icons with HDD Desktop Activity Refreshing slowly and the hard drive is constantly accessed until it s done This keeps happening on a regular basis so I m trying to figure out what exactly is causing it I ve defragmented my system drive and Desktop Icons Refreshing with HDD Activity secondary drive which sped things up a bit but that didn t really fix the problem I also ran a disk cleanup and I m wondering if I should do a registry scan or something I also have a similar problem with a folder full of application files The system seems to quot struggle quot when trying to fetch the icons for there are a lot of them in there I ve had Windows XP installed on this computer for Desktop Icons Refreshing with HDD Activity over a year so perhaps it needs a tuneup The problem isn t so severe that it renders the machine useless or anything it s more of an annoyance Anyways I d appreciate anyone s input on this Thanks in advance nbsp

A:Desktop Icons Refreshing with HDD Activity

Run CCleaner fully
Then Disable icon refresh

Disable icon refresh: http://www.kellys-korner-xp.com/regs_edits/disablerefresh.reg
Re-Enable icon refresh (if you want it back): http://www.kellys-korner-xp.com/regs_edits/enableiconrefresh.reg
This information was found here: http://www.kellys-korner-xp.com/xp_tweaks.htm (No. 157)

Then restart
 

http://www.techspot.com/community/topics/desktop-icons-refreshing-with-hdd-activity.114067/
Relevancy 30.53%

Hi My PC seems be slowing down a lot lately Like after I finish playing a game the computer will be slow in responding to usual stuff like bringing up the menu on right clicking on the desktop Once or twice Windows has even told me that the computer is performing slowly and that I should disable Aero and this was while I was in the middle of a game which I know a activity down Computer after of while slows is a bad sign The mouse will also start skipping from one point to another for a second or two sometimes when I move it e g when I try to open something while files are being transferred Games also seem to stutter quite a lot in the beginning when I load up a level though the stuttering lag stops after a while All Computer slows down after a while of activity this has just started happening over the last weeks or so wasn t the case before that One thing I ve noticed is that RAM slot temperature is around C which I m guessing is due Computer slows down after a while of activity to the proximity of either the RAM slot or the RAM temp sensor to the CPU not sure though This usually happens after a while of using the computer and mostly after I close a game after playing it for a while Restarting the PC makes it normal again for a while Also when the PC boots up it shows a black screen with the mouse first then the blue Welcome screen comes up Here I first get Please Wait for a second then it seems to hang stutter for a second as it changes to Welcome I m pretty sure this hang isn t supposed to happen Actually I don t think even the Please Wait message should come up in normal operation Here s what I ve done till now to try and solve it Formatted and re-installed Windows on multiple HDDs Defragmented regularly Updated drivers updated Windows to SP Checked the temperatures everything is normal HDD goes up to - C CPU goes to a max of C while gaming hangs around - C in general usage GPU temperatures are extremely normal as well except the RAM temp mentioned above Reconnected all components etc Installed a new GPU as well so that rules out the possibility of a bad GPU though i m not sure if GPU was ever responsible for all this So what can the problem be Hardware or software Help me out here guys I m really going nuts not being able to pinpoint the problem Update I ran Memtest for passes no errors found My specs Core i - GHz GB MHz RAM DDR Asus P H -M LX Motherboard GB MB Cache WDC Caviar Green HDD Geforce GTX Ti W PSU W total output Windows SP -bit nbsp

A:Computer slows down after a while of activity

What program are you using to monitor the temps? Have you run diagnostics or run a disk check on the C drive? Defragging a hard drive often is not a good practice and it is not a substitute for running chkdsk or health diagnostics
 

http://www.techspot.com/community/topics/computer-slows-down-after-a-while-of-activity.174317/
Relevancy 30.53%

Does anybody here know any program thrt can track system events, for example i want to run a virus on my test system and see what the virus does (track its activity). Thanks
 

http://www.techspot.com/community/topics/activity-tracking-software.37958/
Relevancy 26.23%

Setup We have a server running Win server and each user has an account so they can log into their account using any computer I installed reinstalled Windows XP pro on a computer and installed all the drivers Everything looks okay in device manager but when I connect an ethernet cable I have no internet and it says quot limited address" valid and doesn't Network IP Limited/No "Local a activity Area have no activity quot and I can't access the internet I tried to have windows repair it but then it says quot local area network doesn't have a valid IP address Do I need to be part of the domain and logged in to use the internet Limited/No activity and "Local Area Network doesn't have a valid IP address" Anyways I went into ethernet properties and IPv is not checked V is checked and in the properties for it its set to obtain the IP and DNS server address automatically All the computers are set the same I tried entering the domain information and all that but it doesn't work I took pics of the settings before and it doesn't work when I put it in So I have a couple questions Do I need to be logged in or any computer I plug in should be able to access the internet How do I fix it so I can enter the domain information so I can set it up where I can log into any user from this computer

A:Limited/No activity and "Local Area Network doesn't have a valid IP address"

I want to apologize in advance that I can't get the ipconfig /all information for you right now, since I am away from work for the weekend. Anyway to troubleshoot or give me some ideas to try before I go back into work?

http://www.techsupportforum.com/forums/f10/limited-no-activity-and-local-area-network-doesnt-have-a-valid-ip-address-959801.html
Relevancy 30.1%

My grandfather recently purchased a used PC from someone It's running Windows Professional SP I think he clicked something he shouldnt have because he is getting alot of ads in new tabs pertaining to whatever the website he is currently on is about for example going to techsupportforum brought ads for computer help It has changed his home page to Yahoo search and there was an extension on his Chrome called PulseBuy I believe Or something similar I've installed avast comod and malwarebytes and ran scans on each Avast detected a PUP and Malwarebytes detected over entries Since running all the scans he was still getting these pop ups and avast was displaying a threat detected pop-up about every seconds After turning off Java in the browser I've had no more warnings from avast but I haven't done much browsing outside of coming here to post this Required logs below and attached DDS Ver - - - NTFS AMD adware malware / Typical activity Internet Explorer Run by Home at on - - Microsoft Windows Professional GMT - AV avast Antivirus Enabled Updated AD D -BA - C - - A AD B SP Comodo Defense Enabled Updated CE -EB -BC D- -B ACF SP Windows Defender Enabled Updated D DDC A- F- fae- E -DA C ACF SP avast Antivirus Enabled Updated ACCC CA - C - C - B -AFE D E FW COMODO Firewall Enabled CA B - D -B B- E - EB D B E Running Processes C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k RPCSS C Program Files COMODO COMODO Internet Security cmdagent exe C Windows system svchost exe -k NetworkService C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system Typical adware / malware activity svchost exe -k LocalService C Windows system svchost exe -k netsvcs C Program Files AVAST Software Avast AvastSvc exe C Windows system Dwm exe C Windows Explorer EXE C Program Files COMODO COMODO Internet Security CisTray exe C Windows System spoolsv exe C Windows system taskhost exe C Windows system svchost exe -k LocalServiceNoNetwork C Program Files x DELL Dell Laser MFP LocalSM jbDetect exe C Program Files x DELL Dell Laser MFP PSU Scan pc exe C Typical adware / malware activity Program Files x DELL Dell Laser MFP PaperPort pptd nt exe C Program Files x Browny Brother BrStMonW exe C Windows System svchost exe -k utcsvc C Windows system taskeng exe C Windows system svchost exe -k LocalServiceAndNoImpersonation c Program Files Microsoft Mouse and Keyboard Center ipoint exe c Program Files Microsoft Mouse and Keyboard Center itype exe C Windows system svchost exe -k imgsvc C Windows system wbem wmiprvse exe C Program Files x Browny BrYNSvc exe C Windows System svchost exe -k secsvcs C Program Files AVAST Software Avast avastui exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Program Files COMODO COMODO Internet Security cavwp exe C Windows system SearchIndexer exe C Program Files Windows Media Player wmpnetwk exe C Windows System svchost exe -k LocalServicePeerNet C Windows system GWX GWX exe C Windows system wbem unsecapp exe C Program Files COMODO COMODO Internet Security cis exe C Program Files x Google Chrome Application chrome exe C Program Files x Google Chrome Application chrome exe C Program Files x Google Chrome Application chrome exe C Program Files x Google Chrome Application chrome exe C Windows system taskeng exe C Windows System cscript exe Pseudo HJT Report uStart Page Google mWinlogon Userinit userinit exe BHO avast Online Security E E -AD D- bf-AC D-D F D - C Program Files AVAST Software Avast aswWebRepIE dll mRun Dell Laser MFP SM JB C Program Files x DELL Dell Laser MFP LocalSM jbDetect exe mRun MFP S P C PROGRAM FILES X DELL DELL LASER MFP PSU Scan Pc exe mRun SSBkgdUpdate quot C Program Files x Common Files Scansoft Shared SSBkgdUpdate SSBkgdupdate exe quot -Embedding -boot mRun PaperPort PTD quot C Program Files x DELL Dell Laser MFP PaperPort pptd nt exe quot mRun IndexSearch quot C Program F... Read more

A:Typical adware / malware activity

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

If there are any personal files, pics, etc. on your computer you cannot live without, back them up now just as a precaution.

Emergency Backup Procedure - Tech Support Forum

Also, if you haven't done so already, create a system repair disc. It's really easy and quick.

How To Create a Windows 7 System Repair Disc [Easy]

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.Do NOT click the green 'Download' button(if visible).
Click the blue 'Download now @bleepingcomputer' button.
Run AdwCleaner and select Scan
Once the Scan is done, select Cleaning
Once done it will ask to reboot, please allow the reboot.
On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[S#].txt
Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download ComboFix and Save it to your Desktop.

**Note: It is important that it is saved directly to your desktop**

* Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix.

Get help here

Double-click ComboFix.exe and follow the prompts to run it.

Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.

When finished, it shall produce a log for you. Please post that log, C:\ComboFix.txt, in your next reply.

Please re-enable your antivirus before posting the ComboFix.txt log.

Note: If you get an 'Illegal operation attempted on a Registry key which has been marked for deletion' error message, please open Task Manager and 'End Process' on explorer.exe

Next, go File > New Task(Run...) and type explorer then press 'Enter'.

------------------------------------------------------

http://www.techsupportforum.com/forums/f50/typical-adware-malware-activity-1016602.html
Relevancy 30.1%

Hey there I Suspicious /: activity. bandwidth exlporer.exe m in a hurry right now so I wanna keep it kinda brief while covering all the bases I can to hopefully get this solved First off I don t use an anti virus nada not even a free one why No reason for me in my opinion don t feel the need yes I know ironically here I am Anyway I never run into viruses but about a week ago I noticed Suspicious exlporer.exe bandwidth activity. /: some laggy performance in games so did some digging found out multiple instances of explorer exe and iexplorer were running and slowing hogging more and more of my memory and cpu usage After some digging and some cleaning Safe mode ran several anti viruses from a flash drive all updated databases Malwarebytes Adwcleaner RKill TDSSKiller Combofix etc I caught several bugs got rid of it all Which fixed my problems now all thats left is my explorer randomly uses bandwidth it starts out with just a little and slowly builds up until my latency for everything is Suspicious exlporer.exe bandwidth activity. /: ridiculous and bandwidth is completely hogged I can stop explorer exe and just not have it open and everything is fine but when I start explorer back up it will eventually come back It doesn t always come back right away Sometimes it won t show Suspicious exlporer.exe bandwidth activity. /: up for like an hour or two after restarting explorer I ve used ProcessExplorer to try and find out if something is using explorer exe directly but I got nothing Anyway I d appreciate any help you guys could offer I m gonna leave a couple more details below that might help PC Specs Built - years ago I think AMD Phenom II X Stock ghz Radeon HD gb RAM tb HDD MSI Mobo Or something like that Windows I don t have the CD anymore Asus AC PCI-E wifi adapter Asus RT-AC U Router I ve uploaded http I imgur com uVa Bn png a picture of my Task Manager and Resource Monitor that shows the explorer using bandwidth explorer was probably open for a couple minutes before taking this shot Thanks in advance nbsp

A:Suspicious exlporer.exe bandwidth activity. /:

Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================

NOTE. I'll not continue unless you install one of AV programs recommended in step 1 of our preliminaries.
 

http://www.techspot.com/community/topics/suspicious-exlporer-exe-bandwidth-activity.206587/
Relevancy 30.1%

May sound like i'm looking for a keylogger.. Well why not, since i'm for myself xD I do too many things at a time and often my computer will crash when going to sleep.

When i reboot it i have no traces of what i was doing and i can't recall all.. Sometimes i totally forget important things, which leads to trouble!

Windows doesn't have the MAC features to reopen everything in the exact state it was when you closed it sadly. Any free app to recommend? Thanks.

A:Monitor computer activity in details..

You would be better off spending your labor on stopping the computer crashes.

You should also complete your system specs in the forum:
System Info - See Your System Specs
See step 5.

http://www.sevenforums.com/software/376633-monitor-computer-activity-details.html
Relevancy 29.67%

I should begin this by stating that I know I've got security issues For instance My BIOS password was changed and even Dell Tech Support couldn't reset it the user-side password to access the browser-based settings console to my Linksys router was changed locking me out I've quit using the router for now the built-in Administrator account has been logged into and a password set and many other events but right now I just have a specific question I'm on a home PC Dell L X running Windows SP and am not knowingly connected to any network though various monitoring apps on my system are telling me otherwise I use Firefox never IE but just on a hunch I thought I'd take a look at IE's history It showed the browser as having visited certain security-related sites which I'd been to it had been to the IP address of my router console specifically the wireless security page where I'd disabled the device's wireless capability and has also accessed certain documents on log it system activity/contents? Is for normal IE history to my Is it normal for IE history to log system activity/contents? system typically saved logs and other files related to my attempts at security forensics The day after I found this suspicious activity in the IE history I noticed that IE had switched to private browsing Some people with whom I've shared this are speculating that this is probably just one way Windows natively logs certain types of activity but given what's shown up there I find this suggestion less than tenable Is this likely to be the case or not Thank you

A:Is it normal for IE history to log system activity/contents?

Who else shares this particular computer with you?

Who else shares your Internet connection in your home? (other computers?)

http://www.sevenforums.com/system-security/379017-normal-ie-history-log-system-activity-contents.html
Relevancy 29.67%

Hello First I'm afraid that Norton deleted Farbar Recovery Scan Tool as soon as it was saved to the desktop Suggestions for workaround I should begin this by stating that I know I've got security issues For instance My BIOS password was changed and even Dell Tech Support couldn't reset it the user-side password to access the browser-based settings console to my Linksys router was changed locking me out I've quit using the router for now the built-in Administrator account has been logged into and a password set and many other events but right now I just have a specific question I'm on a home PC Dell L X running Windows SP and am not knowingly connected to any network though various monitoring apps on my system are telling me otherwise Nobody else uses my computer nor has physical access to it I use Firefox never IE but just on a hunch I thought I'd take a look at IE's history It showed the browser as having visited IE for Is history normal to log it system activity/contents? certain security-related sites which I'd been to it had been to the IP address of my router console specifically the wireless security page where I'd disabled the device's wireless capability and has also accessed certain documents on my system Is it normal for IE history to log system activity/contents? typically saved logs and other files related to my attempts at security forensics The day after I found this suspicious activity in the IE history I noticed that Is it normal for IE history to log system activity/contents? IE had switched to private browsing Some people with whom I've shared this including a retired computer programmer are speculating that this is probably just one way Windows natively logs certain types of activity but given what's shown up there I find this suggestion less than tenable Is this likely to be the case or not Thank you

A:Is it normal for IE history to log system activity/contents?

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===First, I'm afraid that Norton deleted Farbar Recovery Scan Tool as soon as it was saved to the desktop. Suggestions for workaround?I do experience this.The file is in Norton Quarantine folder.Download the version of this tool for your operating system from this site.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)Wait awhile after the download is finished.Norton will give you a message on the bottom right of the page.Select the Details link and then select the link to accept the download. (I forgot the exact words).Place the file on your Desktop and run it.Post both logs for my review.

http://www.bleepingcomputer.com/forums/t/587093/is-it-normal-for-ie-history-to-log-system-activitycontents/
Relevancy 29.67%

Suspicious activity detected. Your account is locked.
This will not allow me to access my Hotmail or live accounts.
It ask me to change my password, then ask for credit card information.
I did not do that. I can access these accounts on any other device with no problems.
I have having the same problem in Internet Explorer, Google Chrome, and Firefox.
 
I am running windows7 64bit on an HP Pavilion desktop.
I cannot run McAfee, Rkill, or Malwarebytes, even in safemode.
I ran FRST but it will not allow me to copy and paste into my browser so I attached the FRST and Addition files.
 
My internet explorer only seems to work in safemode.
Thnak you.

A:Suspicious activity is detected. Your Account is locked

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.   Scan with aswMBRPlease download aswMBR ( 4.5MB ) to your desktop.Double click the aswMBR.exe icon, and click Run.There will be a short delay before the next dialog box comes up. Please just wait a minute or two.When asked if you'd like to "download the latest Avast! virus definitions", click Yes.Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.Click the Scan button to start the scan once the update has finished downloadingOn completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

http://www.bleepingcomputer.com/forums/t/582423/suspicious-activity-is-detected-your-account-is-locked/
Relevancy 29.24%

I am pretty sure something nasty is Google says rendering my Browser unusual from not activity IP. correctly living in my computer What I'm seeing Firefox started showing random black rectangles and bars Google says unusual activity from my IP. Browser not rendering correctly when displaying pages like parts just would not render the W C Link checker refused me saying I'd made over requests in minutes there is a general slowdown - pages take a long time to load friefox chrome IE and now programs on the computer outlook notepad are taking longer to start up The firefox favicon disappeared from my system tray Google says they are seeing unusual behavior from my IP address and made me put in a captcha before allowing a search Our systems have detected unusual traffic from your network This page checkes to see if it's really you sending the requests and not a robot - I got this after performing two searches I'm having to click twice instead of once on website links I didn't change any settings possibly irrelevent but maybe related to and I'm seeing new kinds of spam more porn instead of ads What I've done ran a malwarebytes free version fullscan found nothing ran a housecall free version full scan found nothing but never closed either running avast as my regular on-all-the-time protection nothing reported just in case the firefox slowdown was not a virus I also ran disk cleanup and defragmented the hard drive ran super anti spyware free edition which found only tracking cookies I'm running windows vista home premium with sp Can anyone help

A:Google says unusual activity from my IP. Browser not rendering correctly

Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scroll down.Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:

Launch Malwarebytes Anti-MalwareA 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.On the Dashboard, click the 'Update Now >>' linkAfter the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.If an update is available, click the Update Now button.
A Threat Scan will begin.When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.In most cases, a restart will be required.Wait for the prompt to restart the computer to appear, then click on Yes.If you already have MBAM 2.0 installed:On the Dashboard, click the 'Update Now >>' linkAfter the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.If an update is available, click the Update Now button.
A Threat Scan will begin.When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.In most cases, a restart will be required.Wait for the prompt to restart the computer to appear, then click on Yes.How to get logs:(Export log to save as txt)After the restart once you are back at your desktop, open MBAM once more.Click on the History tab > Application Logs.Double click on the Scan Log which shows the Date and time of the scan just performed.Click 'Export'.Click 'Text file (*.txt)'In the Save File dialog box which appears, click on Desktop.In the File name: box type a name for your scan log.A message box named 'File Saved' should appear stating "Your file has been successfully exported".Click OkAttach that saved log to your next reply.(Copy to clipboard for pasting into forum replies or tickets)After the restart once you are back at your desktop, open MBAM once more.Click on the History tab > Application Logs.Double click on the Scan Log which shows the Date and time of the scan just performed.Click 'Copy to Clipboard'Paste the contents of the clipboard into your reply.Download Malwarebytes Anti-Rootkit (MBAR) to your desktop.Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.Double click on downloaded file. OK self extracting prompt.MBAR will start. Cli... Read more

http://www.bleepingcomputer.com/forums/t/586925/google-says-unusual-activity-from-my-ip-browser-not-rendering-correctly/
Relevancy 28.81%

Mod Edit: Moved to proper forum ~~ boopme
Hi, I have a yahoo email acount, and every time I try to reply to someone or send out an email I get the following message: "Error code 475: Suspicious activity was detected on your account".
 
I have not sent out any bulk emails at all. I have not done anything different than what I have been doing for several years of having the account. At times the email will close out on it's own, and I keep getting a request from yahoo to change my email address.
 
The google chrome browsing experiences has been much slower as well. I get a stall often time when I am trying to go to a website online from search and from the address bar.
 
Does anyone have a solution to this problem?

A:Yahoo Email Account Error Message 475: Suspicious activity detected

It appears if you have web links to other sites in your email signature, Yahoo Mail will flag it.
 
https://answers.yahoo.com/question/index?qid=20131105093109AAR5Kbv
 
 
Also, if you log in from a location different from the one you normally use, especially if it's outside your home country, or if you recently changed ISP providers, that can trigger it as well.
 
https://answers.yahoo.com/question/index?qid=20130803075759AAlzX7O
 
 
A third possibility is that your username and password have been compromised, and someone else is logging in and using the account to send spam.

http://www.bleepingcomputer.com/forums/t/580752/yahoo-email-account-error-message-475-suspicious-activity-detected/
Relevancy 30.53%

Hey New Boy be gentle

I have a client who wants me to record an on screen tutorial as part of a training DVD. Is there an easy way of doing this apart from just setting up the camera on a tripod? Or do I have buy special software? I use Premier Pro to edit video but I don't know if it has the capability to record on screen stuff.

Can anyone help please?

Thanx

A:Record Screen Activity

I think Windows Media Encoder has an option for screen capture.

http://www.bleepingcomputer.com/forums/t/10405/record-screen-activity/
Relevancy 29.67%

I can't find my last post regarding this, so apologies if this is a double up...
 
Other than disliking the OS 8.1 with its  OVERLY ANNOYING start screen/"charms" appearing whenever THEY wish, this appears to be a great little Laptop!
 
Reasonable specs for my needs, not unlike my 'Vista girl', but with a 750Gb hdd....
 
but.......... other than the A/C and WiFi lights at the front right, I don't see any others?
 
CPU activity in particular... so how do I know when it's running/struggling/etc???

A:CPU activity light on Toshiba Satellite C50-B series....?????

Hi OliviaITlover Depending on the laptop/computer brand and model you have, you won't have the same lights as others. Some offers light for the A/C, network (WiFi), network (Ethernet), disk usage, etc. while others only offers light for the A/C. Personally, I've never seen a light for the CPU usage. If you want to know your CPU usage (and if it's struggling), right-click on the taskbar and select Open Task Manager. From there, you'll see your CPU usage and if it's struggling or not.

http://www.bleepingcomputer.com/forums/t/581254/cpu-activity-light-on-toshiba-satellite-c50-b-series/
Relevancy 29.24%

Hello I'm having an issue with my Windows that the computer always Computer activity. suspended crashing 8.1 resuming after (64-bits): Windows crash after I want to resume to my suspended activity I've read in other places that the issue was the Hybrid Shutdown Well for some reason my computer does not have this option but I was able to disable it via regedit exe and cmd exe By other people complaints this issue happened just after they upgraded to Windows Windows 8.1 (64-bits): Computer crashing after resuming suspended activity. when for me it happened in the last update I was already using Windows and my computer was suspending it just fine I use suspend on my computer for fast loading time instead of powering on and off I was doing this for forty days before I decided to restart to make some updates The Windows Update was realized between and The latest updates were KB Optional update http support microsoft com kb en-us KB Optional update http support microsoft com kb en-us KB Optional update http support microsoft com kb en-us KB Not shown on the Update History table http support microsoft com kb en-us This link redirects to the KB support link There was also a Intel update my Graphics Card is Intel-based which I haven't found on the list of the updates possibly this update is only shown on the Intel graphics program As mentioned above I edited some values on regedit exe and cmd exe On the regedit I did this - I went to HKEY LOCAL MACHINE SYSTEM CurrentControlSet Control Session Manager Power - Right-clicked on HiberbootEnabled - Changed value to And on cmd I did this Run as administrator powercfg -h off These two didn't affected anything Thank you If I forgot something else to include here on this post please ask me and I'll try to reply it for you EDIT The Intel updates were - Intel - Other hardware - Intel reg Management Engine Interface Intel Other hardware software update released in September - Intel Corporation - Graphics Adapter WDDM Graphics Adapter WDDM Graphics Adapter WDDM - Intel reg HD Graphics Family Intel Corporation Graphics Adapter WDDM Graphics Adapter WDDM Graphics Adapter WDDM software update released in September

http://www.bleepingcomputer.com/forums/t/561819/windows-81-64-bits-computer-crashing-after-resuming-suspended-activity/
Relevancy 29.67%

Hello My Toshiba laptop with has been having a number of problems The most noticeable 100% 0x9F + activity disk code: Bugcheck on a regular basis that the computer will 'freeze' for - minutes If I can get in to the task manager I can see that the DISK Active time will be at the entire time when the computer is exhibiting this 'freeze' behavior The mouse moves during this time and the computer does respond occasionally but for all intents and purposes Bugcheck code: 0x9F + 100% disk activity the computer is not usable during this time There is no relation I can see to what task I'm doing when this 'freeze' happens No task shows being at more than - So I can't tell what process or service that might be incurring this problem It may or may not be related but the Bugcheck code: 0x9F + 100% disk activity computer is crashing occasionally It seems like this happens when the computer is idling or possibly sleeping Here are the last crash dumps On Sun PM GMT your computer crashed crash dump file C windows Minidump - - dmp This was probably caused by the following module ntoskrnl exe nt x A Bugcheck code x F x xFFFFFA F xFFFFF F A xFFFFFA B B A Error DRIVER POWER STATE FAILURE file path C windows system ntoskrnl exe product Microsoft Windows Operating System company Microsoft Corporation description NT Kernel amp System Bug check description This bug check indicates that the driver is in an inconsistent or invalid power state This appears to be a typical software driver bug and is not likely to be caused by a hardware problem The crash took place in the Windows kernel Possibly this problem is caused by another driver that cannot be identified at this time On Sun PM GMT your computer crashed crash dump file C windows memory dmp This was probably caused by the following module ntkrnlmp exe nt KeBugCheckEx x Bugcheck code x F x xFFFFFA F xFFFFF F A xFFFFFA B B A Error DRIVER POWER STATE FAILURE Bug check description This bug check indicates that the driver is in an inconsistent or invalid power state This appears to be a typical software driver bug and is not likely to be caused by a hardware problem The crash took place in the Windows kernel Possibly this problem is caused by another driver that cannot be identified at this time On Fri AM GMT your computer crashed crash dump file C windows Minidump - - dmp This was probably caused by the following module hal dll hal x B Bugcheck code x F x xFFFFFA F xFFFFF B C xFFFFFA F EBD Error DRIVER POWER STATE FAILURE file path C windows system hal dll product Microsoft Windows Operating System company Microsoft Corporation description Hardware Abstraction Layer DLL Bug check description This bug check indicates that the driver is in an inconsistent or invalid power state This appears to be a typical software driver bug and is not likely to be caused by a hardware problem The crash took place in a standard Microsoft module Your system configuration may be incorrect Possibly this problem is caused by another driver on your system that cannot be identified at this time On Sun PM GMT your computer crashed crash dump file C windows Minidump - - dmp This was probably caused by the following module hal dll hal x B Bugcheck code x F x xFFFFFA BF xFFFFF DE xFFFFFA A F Error DRIVER POWER STATE FAILURE file path C windows system hal dll product Microsoft Windows Operating System company Microsoft Corporation description Hardware Abstraction Layer DLL Bug check description This bug check indicates that the driver is in an inconsistent or invalid power state This appears to be a typical software driver bug and is not likely to be caused by a hardware problem The crash took place in a standard Microsoft module Your system configuration may be incorrect Possibly this problem is caused by another driver on your system that cannot be identified at this time On Wed PM GMT your computer crashed crash dump file C windows Minidump - - dmp This was probably caused by the following module hal dll hal x B Bugcheck code... Read more

A:Bugcheck code: 0x9F + 100% disk activity

Hi, your issue is similar to another users that I am currently helping :http://www.bleepingcomputer.com/forums/t/532429/ntkmlpaexekidispatchinterrupt0x5a4-is-using-too-much-cpu/#entry3372944
 
Note the similarity in the active processes: ntkrnlmp.exe/ ntoskrnl.exe
 
I strongly suggest you take a backup of all your data before proceeding with any of the following steps:
Most likely the above error is caused by outdated drives, try updating your drivers especially the Realtek drivers.
Also, make sure your BIOS is updated (ensure you do this step by step as per instructions from the manufacturers website)
 
Let me know if you need detailed instructions on any of the above. Let me know how it goes.

http://www.bleepingcomputer.com/forums/t/534776/bugcheck-code-0x9f-100-disk-activity/
Relevancy 29.67%

Hi I use an Asus N V laptop with Windows that I bought last September and only recently in the last weeks have I been having this problem After having the laptop open for a while or after having played a large game such as Starcraft or Age of Empires my browsers are either unresponsive or simply don't open at all I have no idea what to do so I simply restart prolonged crashing files, after activity browers Exe the laptop and right before it does I notice that an error sign appears saying Google chrome exe was unable to open I will get Exe files, browers crashing after prolonged activity a proper screenshot next time it occurs Also many exe files fail to launch as well coming up with a very similar error However as soon as I restart everthing works fine and I am able to operate everything without a hitch It is only after about hour of gaming or something that doesn't require the browser that it stops working I noticed a very Exe files, browers crashing after prolonged activity similar thread which I tried looking at but the person who made it never continued it on to a solution http www bleepingcomputer com forums t internet-browsers-keep-crashing I was planning on downloading ComboFix to search for Malware but decided to see your opinion first As for any further information this Exe files, browers crashing after prolonged activity did start to occur after downloading several games and at first used to be only google chrome that stopped working while internet explorer still worked but now it seems to be both I did preform a security scan with Windows Defender and found a Trojandownloader win clikug B which I removed but the problem persisted and even occurred today This has also made me wonder if the problem is due to malware or a BIOS problem not updated maybe Please try and help and I thank you for taking the time to do so

A:Exe files, browers crashing after prolonged activity

Hi Ratheyan, and welcome to Bleeping Computer
 
You cannot post a Combofix log in this forum.  The only forum you can post one in is the Virus, Trojan, Spyware, and Malware Removal Logs forum.
 
 
Please run the ESET OnlineScan
Hold down Control and click on this link to open ESET OnlineScan in a new window.
Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.

Check "YES, I accept the Terms of Use."
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.
 
 
 
Please download Malwarebytes Anti-Malware.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 

 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 

 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 
 
3)  The scan will automatically run now.
 

 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 

 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.

http://www.bleepingcomputer.com/forums/t/533806/exe-files-browers-crashing-after-prolonged-activity/
Relevancy 29.67%

Currently running Windows 7 Professional 64 bit on an HP computer purchased several months ago.
 
The Wireless Network Connection Status popup window Activity shows the following:
Bytes Sent:        28,853,819
Bytes Received:  8,155,502
 
What is causing the high number of bytes being sent, and where are they going?
 
Thanks in advance for any assistance in resolving this issue.
 
JohnPaulHelp
2015-08-28

A:Wireless Network or Internet Activity Issue

Is this soon after you turn on the machine? If not, this is perfectly normal behaviour.

http://www.bleepingcomputer.com/forums/t/584386/wireless-network-or-internet-activity-issue/
Relevancy 29.24%

Hello
 
I have noticed a strange behavior in my computer since the last few days
 
When i start the computer the 1st time in the morning, the HDD activity light keeps running continuously and does not even blink for a second non stop
 
However, if shutdown and restart, the HDD activity stops after a couple of minutes as it should be !
 
Can i just  ignore  the HDD activity light and go on with my normal work ?
 
I am worried that in case the computer is going in some loop and accessing the HDD endlessly, it will reduce the life of the HDD and may cause early failure of the same .
 
Am I paranoid for nothing ?
Any recommendations on the same ?
 
My configuration is as follows:
 
AMD 1090T 
Crosshair IV Formula
2X4 GB Corsair RAM 1600 Mhz
Corsair HX 620 SMPS
WD500 Blue HDD
250GB Seagate HDD
Windows 7 ultimate 64 bit updated everyday
Microsoft security essential
MBAM paid version
 
 
Thanks for advising
 
 

A:HDD activity Light runs continuously after starting computer

Hi,
Have you checked both of your security programs to see when they run their scans and if they have found anything?
Just before the change you report did you download anything or install any updates?
 
Dick

http://www.bleepingcomputer.com/forums/t/565246/hdd-activity-light-runs-continuously-after-starting-computer/
Relevancy 29.67%

Hello All Let me first say that I do not think that the issue I'm about to describe is the result of any virus malware etc I've got my computer about as protected as it can be and Panda Cloud Antivirus Spybot S amp D amp Malwarebytes have been regularly updated run and have been returning clean results for several years My laptop an ASUS K ij is far from new It runs Win Home Premium -bit SP has a Pentium T dual-core GHz and the maximum GB of RAM When this issue continuous of responding)" disc . "(not and Lots . activity . occurs I've looked at Windows Task Manager the CPU is nowhere near to maxed-out and I've generally got at least somewhere around Mb usually closer to Gb RAM still available The behavior is not immediate nor even generally shortly after booting Lots of "(not responding)" and continuous disc activity . . . up It can take anywhere from several hours to a couple of days before it rears its ugly head again but it always occurs Out of the blue the system slows to a crawl the disc activity light goes on solid no Lots of "(not responding)" and continuous disc activity . . . perceptible blinking at all and many of the programs running will go in to not responding mode for a period of time or just stay stuck in this mode I can sometimes not always get the problem to stop by slowly exiting out of programs when I can but that doesn't always work nor does there seem to be a single program e g Chrome Firefox Thunderbird Search Everything or others that is either causing this issue or fixing it when I can exit it gracefully Most often once it starts the machine becomes so unmanageable that I tend to shut it down gracefully if possible but with the power button if a graceful shutdown gets stuck for more than minutes the latter seldom happens most times it will power down reasonably quickly It did seem to happen much more rapidly when I was using Opera as a web browser but I have stopped using Opera and it still happens The following are the programs that are commonly always up when I'm using my laptop along with the extensions add-ons for each In web browsers it is my habit to have multiple tabs open within a single window as opposed to multiple windows for the same browser open at once Firefox Add-Ons Extensions Adblock Plus Classic Theme Restorer Colorful Tabs Ghostery HTTPS-Everywhere Lightbeam selectivecookiedelete shootthecookies Appearance Nuvola Plug-Ins Always Activate ActiveTouch General Plugin Container OpenH Video Codec provided by Cisco Systems Inc Shockwave Flash Ask to Activate Adobe Acrobat Google Earth Plugin Google Talk Plugin Google Talk Plugin Video Renderer Google Update Java Deployment Toolkit Java Platform SE U Microsoft Office Microsoft Office PDF-XChange Viewer Photo Gallery Picasa QuickTime Plug-in Silverlight Plug-In VLC Web Plugin Never Activate Canon iMAGE GATEWAY Album Plugin Utility for IM Services NoneThunderbird Add-Ons Google Contacts Lightning Provider for Google Calendar Google Chrome m Extensions Adblock Plus Cisco WebEx Extension Ghostery HTTPS-Everywhere Google Cast SHOOT THE COOKIES by McVitie's all but Cisco WebEx are enabled in incognito I have tried every trick I know of in an attempt to figure out what it is that puts the machine into this state but have done months of research and some tweaking e g turning off indexing and untweaking when a given possible proposed solution had no effect Now I'm hoping that someone else in the cohort has experienced this same behavior and may be able to give me the guidance necessary to get this to stop happening Thank you in advance for any help you can offer Brian

A:Lots of "(not responding)" and continuous disc activity . . .

Please download MiniToolBox  , save it to your desktop and run it.
 Checkmark the following checkboxes:  List last 10 Event Viewer log  List Installed Programs  List Users, Partitions and Memory size.
 Click Go and paste the content into your next post.
 Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis

http://www.bleepingcomputer.com/forums/t/560805/lots-of-not-responding-and-continuous-disc-activity/
Relevancy 30.53%

My experience level with computers is Disk Time the Almost All Activity 100% pretty high I can fix just about any that comes my way I can remove just about any virus that comes my way but for the past days I've been working with a computer that has completely stumped me to the point where I've lost several hours of sleep because I can't figure out WTF is causing it To start off I had an ASUS G VX laptop dropped off for wifi issues After a quick fix to the wifi I notice immediately after opening a browser they had spyware and adware issues So I started my thing Malwarebytes adwcleaner JRT Combofix Auslogics Boost Speed After a clean state I started windows update and this is where I started to notice something was really wrong This laptop has Ultimate -bit and the language Disk Activity Almost 100% All the Time packs were in the first set of updates It took hours Disk Activity Almost 100% All the Time to install all of the language packs After a restart from that set of updates another round of updates I can't recall the amount but I let it run through the night and when I woke up still installing After suspecting that something else was wrong I took a look at the HDD SMART errors The owner of the laptop agreed to a new HDD I upgraded them to WD Black GB RPM from a Seagate I assumed after I cloned the old drive to the new one everything would be hunky dory WRONG It got worse Windows update would no longer work saying that the update service wasn't running Long story short on that one I had to update the Intel Rapid Storage drivers to get that to work But I didn't discover that one till I broke windows and had to re-clone the drive again Now on to the current issue I've defragged and optimized the HDD using the defrag tool in Auslogics Boost Speed and removed startup items but the startup is ungodly slow minutes to go from login screen to usable desktop After I can open taskmanger to open the resource monitor it takes another minutes to open But once I finally got it open svchost exe netsvcs was taking up about of the entries under disk activity This is after the OS has been booted for an hour and a half I haven't see the HDD activity light turn off once What can I do at this point I'm at a loss as to what this is and I would love any help I can get to make it work without having to reload windows Please let me know what I need to provide thank you

A:Disk Activity Almost 100% All the Time

Well...sounds to me as whatever you are using to install Win 7...may be the problem.
 
Or...some other hardware item other than the replaced hard drive.
 
IMO, cloning a problematical hard drive...to a good hard drive...is likely not to produce a relieable, useful Windows install.  Garbage in, garbage out.
 
I don't know much about a damaged NTFS, other than to say that cloning it does not make it a better file system.
 
You have a number of possibilities...including the unspoken one, malware...a clean install is the way that I would narrow the suspects.
 
Louis

http://www.bleepingcomputer.com/forums/t/559699/disk-activity-almost-100-all-the-time/
Relevancy 30.53%

Hi I am troubleshooting something Vista Activity HDD that has me stumped Windows Vista Vista HDD Activity Home Premium SP Bit on a Toshiba A The HDD light seems to be flashing more than I think it should be while the PC is idle The original symptom was intermittent performance issues I have used Process Monitor and Activity Indicator to see what is reading writing to from the HDD To be honest I don't see anything really odd When the led is flashing the virtual LED in Activity Indicator is not in synch which makes me wonder what's going on I have scanned for Malware with a litany of tools and found very little and cleaned what they did find Malwarebytes MSE Super Anti SpyWare ADWCleaner TDSS Killer etc I have defragged the HDD and PST files from Outlook when loading web pages from MSN it seems slow in both Chrome and IE This occurs while the HDD LED is indicating disk activity Again ProcMon and AI don't show any significant utilization disk or CPU while the LED is blinking What the heck could be causing the disk to be accessed but not show in these tools OR is there a better tool to use to find out what is chugging away on the disk I also disabled all of the Toshiba bloat utilities and am running with minimal startup items and services Thanks in advance Kurt

A:Vista HDD Activity

have you checked out windows Task manager processes  cpu and performance issues.
 
may lead to an indication of hdd activity

http://www.bleepingcomputer.com/forums/t/534696/vista-hdd-activity/
Relevancy 30.53%

Windows XP home SP3, the hard drive activity indicator light stays on constantly, the computer runs and I can access all programs but I had trouble booting it yesterday so I'm afraid to shut it down,would appreciate some ideas on what would have caused this.
Thank you.
 

A:HD activity indicator

Hard disk activity occurs for various reasons.
 
I would run the chkdsk /r command...then follow that with a defrag of the Windows partition. 
 
Louis

http://www.bleepingcomputer.com/forums/t/535090/hd-activity-indicator/
Relevancy 29.67%

Hi I have a serious problem with all internet acivity blocked and the ethernet adapter not showing in task manager When booting up a brief message appears to say ad-aware firewall is not turned on I had been using ad-aware but uninstalled it Network adapters in Device all blocks bitdefender activity firewall ethernet manager shows sis based pci fast ethernet adapter sis based pci fast ethernet adapter bitdefender firewall ndis firewall miniport wan miniport bitdefender firewall ndis filter miniport I have disabled the two bitdefender items At present I have the machine in a working state when I switched off the firewall via internet security I've made a restore point which means I can for the time being get to an ethernet working point What seems to happen is that there is a sudden change and the firewalls become active again If I remove the bitdefender items using device remover the sis adapter shows as 'working correctly' but there is no ethernet access Trying to use 'repair' fails What do you suggest please G

A:bitdefender firewall blocks all ethernet activity

Well...it's possible that you only have 1 problem...the fact that the adapter doesn't appear in Device Manager has nothing to do with the firewall. 
Ad-aware firewall...is not the same as the bitdefender firewall.  Two different products/developers.
 
Please download MiniToolBox  , save it to your desktop and run it.
 Checkmark the following checkboxes:  List last 10 Event Viewer log  List Installed Programs  List Users, Partitions and Memory size.
 Click Go and paste the content into your next post.
 Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis

http://www.bleepingcomputer.com/forums/t/520423/bitdefender-firewall-blocks-all-ethernet-activity/
Relevancy 30.53%

Hi,
I am running win xp pro sp3 and have noticed of late that lsass.exe is beating quite a lot on the hdd.  Is is normal for it to to make about 350 I/O reads and 320 writes in one minute?  They are reported by task manager in high update rate in increments of three usually.  At times it appears to prevent sleep mode.  csrss.exe is equally or more active but only with reads.
 
Advice appreciated,
 
Thanks, John.
 
 

A:lsass.exe activity

Well...I don't monitor or concern myself with input/ouput reads and writes...I only become conerned with CPU usage or memory usage seems out of line.
 
But, for comparative purposes only...my lsass reflects I/O reads of over 1.5 million, while my writes are over 700,000.
 
I have no concerns, no system problems at all.
 
Louis

http://www.bleepingcomputer.com/forums/t/500173/lsassexe-activity/
Relevancy 30.53%

why flashing a lot

A:Activity light

It indicates that something is accessing your hard drive(s). This could be the operating system, applications you are running, your wi-fi connection doing some hand-shaking, or even malware.
 
It normally flickers fairly regularly if you are not doing very much, but if you are concerned, download a copy of Malwarebytes from here :
 

Malwarebytes Anti-Malware
 
install it, follow the on screen instructions, run a quick scan and see what it says. Should it show up any problems you can't solve yourself, post back here in the 'Am I infected' section of the site.
 
Chris Cosgrove

http://www.bleepingcomputer.com/forums/t/497399/activity-light/
Relevancy 29.67%

So i formatted not to long ago then upgraded to windows ten however something seems amis Random things are happening when im not on my computer such as netflix just popped up and started playing also random search query i don't remember typeing My email has login attempts from quite far away thank go for double verification I'm afraid i may have been hacked Im usually fairly security conscious so i want to be sure here is my FRST log as requested by the forums Thanks in advance Scan result of Farbar Recovery Scan Tool FRST Attempts Login Activity, Strange Computer x Version - - Ran by Cameron administrator on CAMERON-PC - - Running from C Users Cameron Downloads Loaded Profiles Cameron Available Profiles Cameron amp DefaultAppPool Platform Microsoft Windows Home X Language English United States Internet Explorer Version Default browser FF Boot Mode Normal Tutorial for Farbar Recovery Scan Tool http www geekstogo com forum topic -frst-tutorial-how-to-use-farbar-recovery-scan-tool Processes Whitelisted If an entry is included in the fixlist the process Strange Computer Activity, Login Attempts will be closed The file will not be moved NVIDIA Corporation C Windows System nvvsvc exe NVIDIA Corporation C Program Files NVIDIA Corporation D Vision nvSCPAPISvr exe Creative Technology Ltd C Program Files Creative Shared Files CTAudSvc exe NVIDIA Corporation C Program Files NVIDIA Corporation GeForce Experience Service GfExperienceService exe Creative Technology Ltd C Windows System CtHdaSvc exe NVIDIA Corporation Strange Computer Activity, Login Attempts C Program Files NVIDIA Corporation NvStreamSrv nvstreamsvc exe C Program Files Razer Razer Services GSS GameScannerService exe NVIDIA Corporation C Program Files NVIDIA Corporation NetService NvNetworkService exe Microsoft Corporation C Windows System mqsvc exe Microsoft Corporation C Windows Microsoft NET Framework v SMSvcHost exe Microsoft Corporation C Windows Microsoft NET Framework v SMSvcHost exe Microsoft Corporation C Windows System dllhost exe Microsoft Corporation C Windows System dllhost exe Microsoft Corporation C Windows Microsoft NET Framework v WPF PresentationFontCache exe NVIDIA Corporation C Program Files NVIDIA Corporation Display nvxdsync exe NVIDIA Corporation C Windows System nvvsvc exe NVIDIA Corporation C Program Files NVIDIA Corporation Update Core NvBackend exe Microsoft Corporation C Windows SystemApps ShellExperienceHost cw n h txyewy ShellExperienceHost exe Microsoft Corporation C Windows System SettingSyncHost exe NVIDIA Corporation C Program Files NVIDIA Corporation NvStreamSrv NvStreamNetworkService exe NVIDIA Corporation C Program Files Strange Computer Activity, Login Attempts NVIDIA Corporation NvStreamSrv nvstreamsvc exe Oracle Corporation C Program Files Common Files Java Java Update jusched exe Microsoft Corporation C Windows System rundll exe Microsoft Corporation C Windows System rundll exe Microsoft Corporation C Windows System rundll exe Adobe Systems Incorporated C Program Files Common Files Adobe OOBE PDApp IPC AdobeIPCBroker exe Adobe Systems Incorporated C Program Files Common Files Adobe Adobe Desktop Common ADS Adobe Desktop Service exe C Program Files Adobe Adobe Creative Cloud CoreSync CoreSync exe Adobe Systems Incorporated C Program Files Adobe Adobe Creative Cloud CCLibrary CCLibrary exe Joyent Inc C Program Files Adobe Adobe Creative Cloud CCLibrary libs node exe McAfee Inc C Program Files McAfee SiteAdvisor McSACore exe McAfee Inc C Program Files Common Files McAfee CSP McCSPServiceHost exe McAfee Inc C Program Files Common Files McAfee SystemCore mfemms exe McAfee Inc C Windows System mfevtps exe McAfee Inc C Windows System mfevtps exe McAfee Inc C Program Files Common Files McAfee AMCore mcshield exe McAfee Inc C Program Files Common Files McAfee SystemCore mfefire exe McAfee Inc C Program Files McAfee MSC McAPExe exe McAfee Inc C Program Files Common Files McAfee Platform McUICnt exe McAfee Inc C Program Files Common Files McAfe... Read more

A:Strange Computer Activity, Login Attempts

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Press the windows key + r on your keyboard at the same time. This will open the RUN BOX.Type Notepad and and click the OK key.Please copy the entire contents of the code box below to the a new file.

start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

() C:\Users\Cameron\Desktop\05gcgizk.exe
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
U0 pkkycy; C:\WINDOWS\System32\drivers\mwntpmtn.sys [52440 2015-08-14] (Malwarebytes Corporation)
U3 kxddafog; C:\Users\Cameron\AppData\Local\Temp\kxddafog.sys [104960 2015-08-14] (GMER) [File not signed]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath[/B]
C:\Users\Cameron\Desktop\05gcgizk.exe
C:\WINDOWS\System32\drivers\mwntpmtn.sys

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.The location is listed in the 3rd line of the Farbar log you have submitted.Run FRST and click Fix only once and wait.Restart the computer normally to reset the registry.The tool will create a log (Fixlog.txt) please post it to your reply.===Also post the Addition.txt file that was created when your have run the Farbar tool.How is the computer running now?

http://www.bleepingcomputer.com/forums/t/586531/strange-computer-activity-login-attempts/
Relevancy 30.53%

Hello, I believe I have this on my computer and not sure how to remove.  I am running Windows 8.1 64 and using Norton 360.   Any help in getting this removed would be awesome.  For some reason unable to download the FRST.  Tells me that my security will not allow me to download

A:Trojan Zbot activity 15

Hi & to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.
Before we move on, please read the following points carefully:
My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
If I don't reply within 24 hours please PM me!
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Temporary disable your AntiVirus and Windows Smart Screen - instructions here and here.Step 1
Please run a FRST scan. This will help us diagnose your problem.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
Start FRST with administator privileges.
Make sure the option Addition.txt is checked and press the Scan button.
When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
Please copy and paste these logs in your next reply.

http://www.bleepingcomputer.com/forums/t/584004/trojan-zbot-activity-15/
Relevancy 29.24%

Hi guys I would really appreciate your help with this My antivirus notified of malware yesterday I failed to take note of malware name Also scanned with WIN defender at the time and noticed BrowserModifier Win DefaultTab in history but I think my antivirus found something else too I proceeded with cleaning quarantining etc but I lost internet connection afterwards displays as connected HDD / Internet WIN10 100% Possibly No Connection Activity / Malware to wifi router but internet connection not available I followed multiple online guides to fix it but no luck I also performed system restore I know I probably shouldn't have done that but again no luck Also the fan is constantly very loud HDD activity No Internet Connection / HDD 100% Activity / Possibly Malware WIN10 is at and it takes a good while to boot up and when it does it is terribly slow mins to open ccleaner for example Attached is FRST log amp additon Hope you don't mind that I'm attaching both as it's huge Laptop details Make Acer V - g i GB RAM - shouldn't be slow at all OS WIN Thank you in advance

A:No Internet Connection / HDD 100% Activity / Possibly Malware WIN10

UPDATE: I could not afford to wait long so after multiple unsuccessful attempts decided to reset windows which did the trick and all seems to be working perfectly. Please close the topic. Thank you.

http://www.bleepingcomputer.com/forums/t/584599/no-internet-connection-hdd-100-activity-possibly-malware-win10/
Relevancy 29.67%

My Norton keeps blocking Adware Installer Activity I'm getting Page cannot be displayed errors from my browser Additionally I found that my browser proxy setting was also changed I changed my proxy setting to none and have been able to get online that way Thanks in advance or any help Here is the FRST log Scan result of Farbar Recovery Scan Tool FRST x Version - - Ran by tytruax administrator on TYTRUAX-PC on - - Running from C Users tytruax AppData Local Temp WPDNSE E- - - - Loaded Profiles tytruax Available Profiles tytruax Platform Microsoft Windows Vista Home Premium Service Pack X OS Language English United States Internet Explorer Version Default browser Chrome Boot Mode Normal Tutorial for Farbar Recovery Scan Tool http www geekstogo com forum topic -frst-tutorial-how-to-use-farbar-recovery-scan-tool Processes Whitelisted If an entry is included in the fixlist the process will be closed The file will not be moved AuthenTec Inc C Program Files Fingerprint Sensor AtService exe IDT Inc C Windows System DriverStore FileRepository stwrt inf f ef stacsv exe Microsoft Corporation C Windows System SLsvc exe Stardock Corporation C Program Files Dell DellDock DockLogin exe C Windows System WLTRYSVC EXE Microsoft Corporation C Windows System wlanext exe Dell Inc C Windows System BCMWLTRY EXE DigitalPersona Inc C Program Files DigitalPersona Bin DpHostW exe Andrea Electronics Corporation C Windows System DriverStore FileRepository stwrt inf f ef AEstSrv exe Affinegy Inc C Program Files Belkin Installer Blocks Activity Norton Adware 7 Router Setup and Monitor BelkinService exe Symantec Corporation C Program Files Norton AntiVirus Engine ccsvchst exe Symantec Corporation C Program Files Norton AntiVirus Engine ccsvchst exe Dell Inc C Program Files Dell SupportAssistAgent bin SupportAssistAgent exe Alps Electric Co Ltd C Program Files DellTPad Apoint exe Dell Inc C Windows System WLTRAY EXE DigitalPersona Inc C Program Norton Blocks Adware Installer Activity 7 Files DigitalPersona Bin DpAgent exe C Windows Samsung PanelMgr SSMMgr exe Intel Corporation C Program Files Intel Intel reg Rapid Storage Technology IAStorIcon exe Affinegy Inc C Program Files Belkin Router Setup and Monitor BelkinRouterMonitor exe Intel Corporation C Windows System igfxtray exe Intel Corporation C Windows System hkcmd exe Intel Corporation C Windows System igfxpers exe IDT Inc C Program Files IDT WDM sttray exe Hewlett-Packard C Program Files HP HP Software Update hpwuschd exe Microsoft Corp C Program Files Common Files microsoft shared Windows Live WLIDSVC EXE Norton Blocks Adware Installer Activity 7 Intel Corporation C Windows System igfxsrvc exe Microsoft Corporation C Windows ehome ehtray exe Garmin Ltd or its subsidiaries C Program Files Garmin Express Tray ExpressTray exe PC Drivers Headquarters C Program Files Driver Manager Driver Manager DriverManager Norton Blocks Adware Installer Activity 7 exe Macrovision Corporation C ProgramData Macrovision FLEXnet Connect ISUSPM exe Hewlett-Packard Co C Program Files HP Digital Imaging bin hpqtra exe Dell Inc C Program Files Dell QuickSet quickset exe Microsoft Corporation C Program Files Microsoft Office Office ONENOTEM EXE Microsoft Corp C Program Files Common Files microsoft shared Windows Live WLIDSVCM EXE Microsoft Corporation C Windows ehome ehmsas exe Piriform Ltd C Program Files CCleaner CCleaner exe Microsoft Corporation C Windows Microsoft NET Framework v WPF WPFFontCache v exe Alps Electric Co Ltd C Program Files DellTPad ApMsgFwd exe Alps Electric Co Ltd C Program Files DellTPad hidfind exe Alps Electric Co Ltd C Program Files DellTPad ApntEx exe Microsoft Corporation C Windows System wbem unsecapp exe Hewlett-Packard Co C Program Files HP Digital Imaging bin hpqste exe Hewlett-Packard Co C Program Files HP Digital Imaging bin hpqbam exe Hewlett-Packard C Program Files HP Digital Imaging bin hpqgpc exe Microsoft Corporation C Windows System dllhost exe Dell Inc C Program Files Dell DellDataVault Del... Read more

A:Norton Blocks Adware Installer Activity 7

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM\...\Run: [hpqSRMon] => [X]
HKLM\...\Run: [SearchProtection] => C:\ProgramData\Search Protection\_run.bat
HKU\S-1-5-21-2268045312-3402110376-3729890785-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION
ShortcutTarget: Monitor Ink Alerts - HP Photosmart C7200 series.lnk -> (No File)
ProxyEnable: [S-1-5-21-2268045312-3402110376-3729890785-1000] => Internet Explorer proxy is enabled
ProxyServer: [S-1-5-21-2268045312-3402110376-3729890785-1000] => http=127.0.0.1:51040;https=127.0.0.1:51040
cmd: ipconfig /flushdns
URLSearchHook: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 - (No Name) - {339a0dff-d9af-439b-92bc-636220fb3dae} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll No File
SearchScopes: HKLM -> {8b0d31e7-0331-43cc-87cd-a472317f1305} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNzfb010YYus_ZJxdm128YYus&ptb=6F2193AA-F0B5-4502-8CD7-19FDAD23B357&psa=&ind=2011011522&ptnrS=ZNzfb010YYus_ZJxdm128YYus&si=&st=sb&n=77dd99c2&searchfor={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=B4C9CBA96011EDD10DECC650B054A157&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {6A6C0E2C-87D0-47F2-B2FA-5C8FED4C9CB6} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=6898F57F-98DC-41E4-ACAD-79AD172E2B8A&apn_sauid=E85AFB85-BE8A-425C-996C-8ECA2DC8BC6A
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=LdXP06obeAcVcbIdveDe_C7viK0?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {8b0d31e7-0331-43cc-87cd-a472317f1305} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNzfb010YYus_ZJxdm128YYus&ptb=6F2193AA-F0B5-4502-8CD7-19FDAD23B357&psa=&ind=2011011522&ptnrS=ZNzfb010YYus_ZJxdm128YYus&si=&st=sb&n=77dd99c2&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-2268045312-3402110376-3729890785-1000 -> {D002E040-8BCB-42B2-8BC2-BE924ACBA8CB} URL = https://duckduckgo.com/?q={searchTerms}
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: mefeediaTest -> {154d932f-dc51-4a4f-9d52-b78b1419d3b4} -> C:\Program Files\mefeediatest\w3itemplateX.dll [2011-05-04] ()
BHO: Search Assistant BHO -> {5ed22e89-62fa-47ec-bd8d-374d849d436c} -> C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll No File
Toolbar: HKLM - mefeediaTest - {154d932f-dc51-4a4f-9d52-b78b1419d3b4} - C:\Program Files\mefeediatest\w3itemplateX.dll [2011-05-04] ()
FF Plugin: @DailyBibleGuide.com/Plugin -> C:\Program Files\DailyBibleGuide\bar\1.bin\NP2vStub.dll No File
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DailyBibleGuide\bar\1.bin
FF Extension: DailyBibleGuide - C:\Program Files\DailyBibleGuide\bar\1.bin [2011-10-22]
CHR Extension: (MySearchDial) - C:\Users\tytruax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflpha... Read more

http://www.bleepingcomputer.com/forums/t/582115/norton-blocks-adware-installer-activity-7/
Relevancy 29.67%

Running W7 SP1 64-bit.  Norton 360 v 22.5.0.124 (recently auto-updated) has started reporting multiple intrusion preventions, citing Trojan Zbot Activity 15.  We've not used your website before but Norton Community thread 6145291 recommended this site, among others.  We are retired software engineers, so we've been out of the loop for awhile, but we can follow technical directions and report back with great detail!
 
Can you help us getting this malware removed?

A:W7 SP1 64-bit Trojan.Zbot Activity 15 reported by Norton 360

Greetings and to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:
Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
Make sure to read my instructions fully before attempting a step.
If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
Important information in my posts will often be in bold, make sure to take note of these.
I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
Let's get going now
==========================
 
Hi MountainDogs,
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
When the tool opens, click Yes to disclaimer.
Press the Scan button.
When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:
FRST.txt
Addition.txt
xXToffeeXx~

http://www.bleepingcomputer.com/forums/t/582319/w7-sp1-64-bit-trojanzbot-activity-15-reported-by-norton-360/
Relevancy 30.53%

Hello all i am running windows 7 and norton keeps popping up blocking trojan.zbot activity 15. I was directed to you guys from the norton forums. I am hoping that someone is able to help me get rid of this.

A:W 7 Trojan.zbot activity 15

Hi rgxrant,
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
When the tool opens, click Yes to disclaimer.
Press the Scan button.
When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
Please copy and paste the log in your next reply.
Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:
FRST.txt
Addition.txt
xXToffeeXx~

http://www.bleepingcomputer.com/forums/t/582092/w-7-trojanzbot-activity-15/
Relevancy 29.24%

Hello I've tried all the methods I am aware of to remove the bad guys from my system but I suspect detected constant, HDD removal of but activity guys unsure bad there are some remaining rootkits that are causing the HDD to have constant activity No errors reported by the OS win sp The HDD can be seen heard doing its thing constantly and the system is quite slow I would give more info on the bad guys that were detected by MBAM MSE HitmanPro et al but I deleted the logs when cleaning up the system Every tool I've used has detected something but the system still spins up the HDD to constant activity about minutes after booting up Thanks in advance for the help Scan result of Farbar Recovery Scan Tool FRST x Version - - Ran by SKYLINE administrator on SKYLINE-PC on - - Running from C Users SKYLINE Downloads Loaded Profiles SKYLINE Available Profiles SKYLINE Platform Windows Home Premium Service Pack X OS Language English United States Internet Explorer Version Default browser FF Boot Mode Normal Tutorial for Farbar Recovery Scan Tool http www geekstogo com forum topic -frst-tutorial-how-to-use-farbar-recovery-scan-tool Processes Whitelisted If an entry is included in the fixlist the process will be closed The file will not be moved Microsoft Corporation C Program Files Microsoft Security Client MsMpEng exe Andrea Electronics Corporation C Program Files Realtek Audio HDA AERTSr exe Infowatch C HDD activity constant, bad guys detected but unsure of removal Program Files x Common Files InfoWatch CryptoStorage ProtectedObjectsSrv exe C Windows System dleacoms exe Microsoft Corp C Program Files x Common Files microsoft shared Windows Live WLIDSVC EXE Realtek Semiconductor C Program Files Realtek Audio HDA RAVCpl exe Microsoft Corp C Program Files x Common Files microsoft shared Windows Live WLIDSVCM EXE C Program Files x Dell V -V Series dleamon exe C Program Files x Dell V -V Series ezprint exe Microsoft Corporation C Program Files Microsoft Security Client msseces exe Intel Corporation C Windows System hkcmd exe Intel Corporation C Windows System igfxpers exe Acresso Corporation C ProgramData Macrovision FLEXnet Connect ISUSPM exe CyberLink Corp C Program Files x CyberLink PowerDVD DX PDVDDXSrv exe C Program Files x Roxio Roxio Burn RoxioBurnLauncher exe Piriform Ltd C Program Files CCleaner CCleaner exe Mozilla Corporation C Program Files x Mozilla Firefox firefox exe Microsoft Corporation C Program Files Microsoft Security Client NisSrv exe Microsoft Corporation C Windows System rundll exe Registry Whitelisted If an entry is included in the fixlist the registry item will be restored to default or removed The file will not be moved HKLM Run RtHDVCpl gt C Program Files Realtek Audio HDA RAVCpl exe - - Realtek Semiconductor HKLM Run dleamon exe gt C Program Files x Dell V -V Series dleamon exe - - HKLM Run EzPrint gt C Program Files x Dell V -V Series ezprint exe - - HKLM Run MSC gt c Program Files Microsoft Security Client msseces exe - - Microsoft Corporation HKLM-x Run PDVDDXSrv gt C Program Files x CyberLink PowerDVD DX PDVDDXSrv exe - - CyberLink Corp HKLM-x Run Desktop Disc Tool gt C Program Files x Roxio Roxio Burn RoxioBurnLauncher exe - - HKLM-x Run APSDaemon gt C Program Files x Common Files Apple Apple Application Support APSDaemon exe - - Apple Inc HKLM-x Run QuickTime Task gt C Program Files x QuickTime QTTask exe - - Apple Inc Winlogon Notify igfxcui C Windows system igfxdev dll Intel Corporation Winlogon Notify klogon C Windows System klogon dll Kaspersky Lab ZAO HKU S- - - - - - - Run ISUSPM gt C ProgramData Macrovision FLEXnet Connect ISUSPM exe - - Acresso Corporation HKU S- - - - - - - Run CCleaner Monitoring gt C Program Files CCleaner CCleaner exe - - Piriform Ltd HKU S- - - - - - - MountPoints fdb c - c- e - b - f f - F LaunchU exe -a CHR HKLM SOFTWARE Policies Google Policy restriction lt ATTENTION CHR HKU S- - - - - - - SOFTWARE Policies Google Policy restriction lt ATTENTION Internet Whitelisted If an item is... Read more

A:HDD activity constant, bad guys detected but unsure of removal

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-14775525-2439065268-141108290-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-14775525-2439065268-141108290-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:51185;https=127.0.0.1:51185
cmd: ipconfig /flushdns
URLSearchHook: HKLM-x32 - (No Name) - {9dbb9aeb-5a16-4989-a66f-c0f1c909d647} - No File
URLSearchHook: HKLM-x32 - (No Name) - {54d0da58-64e7-4408-be1f-72659f70fcbe} - No File
URLSearchHook: HKLM-x32 - (No Name) - {f7e4b48a-9940-48d8-a732-246a2fdb7b40} - No File
URLSearchHook: HKLM-x32 - (No Name) - {9427041a-a8dc-4d06-9a68-93873486e957} - No File
SearchScopes: HKU\S-1-5-21-14775525-2439065268-141108290-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Toolbar: HKU\S-1-5-21-14775525-2439065268-141108290-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found]
S0 hitmanpro37duringboot; system32\drivers\hitmanpro37.sys [X]

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.The location is listed in the 3rd line of the Farbar log you have submitted.Run FRST and click Fix only once and wait.Restart the computer normally to reset the registry.The tool will create a log (Fixlog.txt) please post it to your reply.===How is the computer running now?

http://www.bleepingcomputer.com/forums/t/581652/hdd-activity-constant-bad-guys-detected-but-unsure-of-removal/
Relevancy 28.38%

Hey guys this is my first post here I hope some of the malware removal Runner HDD Suspected constant Crawler normal infection, mode & Idle in activity Gods on this forum can help me out Disclaimer please forgive me if any of the description below is complete BS I'm have some experience with removing malware and PUP's in the past but none that have resisted to this extent Problem Started Sunday May st My laptop was working Suspected Idle Crawler & Runner infection, constant HDD activity in normal mode fine all day Suspected Idle Crawler & Runner infection, constant HDD activity in normal mode I put it in sleep mode and went home When I came home the problems started I can best describe it as the computer takes ages to start up and load the windows explorer When that finally happens Everything is very slow Programs like Word and Google Chrome do not open My Activity beforehand Before this date I did little out of the ordinary except for download Icecream Ebook Reader for reading epub files It seemed legit and worked fine Security Before this problem I had no anti-virus My Northon Internet Security had run out a few days ago I was planning on switching to Kaspersky at the end of the month I do have Malware Bytes PRO installed and activated Also CCcleaner Why I think it's malware PC works pretty well in safe mode almost none of the issues described above Something seems to be actively trying to prevent me from downloading any programs even in Safe Mode It has blocked correct installation of antivirus programs tried installing Panda Free Antivirus and afterwards Bitfender Free Antivirus Malware seemed to change language of antiviruses I was trying to install Panda Antivirus turned German Bitdefender turned Romanian I suspect it something like Idle Crawler as the description for this PUP very closely describes what might be wrong with my PC What I've done up to now I've tried a lot of things up to now all of them in safe mode because that the only time when it seems the processes that seem to cause problems are disabled allowing me to actually launch programs and scans In hindsight I wish I had found bleepingcomputer earlier because after some reading on this website there are certain actions I probably shouldn't have taken I just hope I haven't significantly messed anything up beyond repair List of things tried no particular order all in Safe Mode Back up important documents pictures and music onto external HDD Run Malware Bytes has found nothing Run Hitman Pro found a few things removed them but problem is not fixed Installed Panda Free Antivirus installation failed to finish incorrectly Couldn't uninstall until I used GeekUnistaller to force uninstall Bitdefender wouldn't start installing because of unclear error Run RKill didn't find any malicious processes to stop Run Adwarecleaner didn't find anything Run Combofix finished succesfully didn't fix problem probably shouldn't have done this one with my experience level Run CCcleaner Run cmd - gt DSKCHK F didn't find any problem Run cmd scannow - gt failed at Installed and Run Total Security gets stuck at windows processes left it for more than hours overnight was still stuck Run FRST see log below I hope I've provided adequate info and that some of you can help me Thank you in advanced Scan result of Farbar Recovery Scan Tool FRST x Version - - Ran by Owner administrator on OWNER-PC on - - Running from H Loaded Profiles Owner Available Profiles Owner Platform Windows Home Premium Service Pack X OS Language English United States Internet Explorer Version Default browser Chrome Boot Mode Safe Mode with Networking Tutorial for Farbar Recovery Scan Tool http www geekstogo com forum topic -frst-tutorial-how-to-use-farbar-recovery-scan-tool Processes Whitelisted If an entry is included in the fixlist the process will be closed The file will not be moved Microsoft Corporation C Windows System dllhost exe Piriform Ltd C Program Files CCleaner CCleaner exe QIHU SOFTWARE CO LIMI... Read more

A:Suspected Idle Crawler & Runner infection, constant HDD activity in normal mode

Hi S-Works,
Welcome to BleepingComputer. My name is dbrisendine and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:
Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
All of the assistants and staff at BleepingComputer are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date.
Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.- Save ALL Tools to your Desktop-
All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and ... Read more

http://www.bleepingcomputer.com/forums/t/578362/suspected-idle-crawler-runner-infection-constant-hdd-activity-in-normal-mode/
Relevancy 29.24%

Scan result of Farbar Recovery Scan Tool FRST x Version - - Ran by Office Manager Suspicious MBAM am activity 49 on cleaned probs. checking pc...so administrator on PC-OFFICEMANAGE on - - Running from C Users Office Manager Downloads Loaded Profiles Office Manager Available Profiles Office Manager amp HomeGroupUser amp Staff amp Guest Platform Windows Professional Service Pack X OS Language English United States Internet Explorer Version Default browser FF Boot Mode Normal Tutorial for Farbar Recovery Scan Tool http www geekstogo com forum topic -frst-tutorial-how-to-use-farbar-recovery-scan-tool Processes Whitelisted If an entry is included in the fixlist the process will be closed The file will not be moved Wave Systems Corp C Program Files Wave Systems Corp Trusted Drive Manager TdmService exe Trend Micro Inc C Program Files Trend Micro AMSP coreServiceShell exe Trend Micro Inc C Program Files Trend Micro UniClient UiFrmwrk uiWatchDog exe Anvisoft C Program Files x Anvisoft StartupBooster StartupTimeSrv exe Trend Micro Inc C Program Files Trend Micro MBAM cleaned 49 probs. Suspicious activity on pc...so am checking AMSP coreFrameworkHost MBAM cleaned 49 probs. Suspicious activity on pc...so am checking exe Adobe Systems Incorporated C Program Files x Adobe MBAM cleaned 49 probs. Suspicious activity on pc...so am checking Elements Organizer PhotoshopElementsFileAgent exe Anvisoft C Program Files x Anvisoft StartupBooster StartupTimeSrv exe Apple Inc C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe Microsoft Corporation C Program Files x Microsoft BingBar BBSvc EXE Apple Inc C Program Files Bonjour mDNSResponder exe Carbonite Inc www carbonite com C Program Files Carbonite Carbonite Backup CarboniteService exe Microsoft Corporation C Program Files Microsoft Office ClientX officeclicktorun exe Dell Inc C Program Files Dell Printers Additional Color Laser Software Status Monitor dlsdbnt exe NovaStor Corporation C Program Files x NovaStor NovaStor NovaBACKUP nsService exe Trend Micro Inc C Program Files Trend Micro Titanium plugin Pt PtSvcHost exe Trend Micro Inc C Program Files Trend Micro Titanium plugin Pt PtWatchDog exe Trend Micro Inc C Program Files Trend Micro TMIDS PwmSvc exe TeamViewer GmbH C Program Files x TeamViewer Version TeamViewer Service exe Microsoft Corporation C Windows System vds exe Microsoft Corp C Program Files Common Files Microsoft Shared Windows Live WLIDSVC EXE NovaStor Corporation C Program Files x NovaStor NovaStor NovaBACKUP DR x drdiag exe Microsoft Corp C Program Files Common Files Microsoft Shared Windows Live WLIDSVCM EXE Microsoft Corporation C Windows System vdsldr exe Dell Inc C Program Files Dell Printers Additional Color Laser Software Status Monitor dlpwdnt exe Microsoft Corporation C Windows System FXSSVC exe Logitech Inc C Program Files Logitech SetPointP SetPoint exe Dell Inc C Program Files Dell Printers Additional Color Laser Software Status Monitor dlpsp exe Dell Inc C Program Files Dell Printers Additional Color Laser Software Updater dlupdr exe Dell Inc C Program Files Dell Printers Additional Color Laser Software Launcher DLQLU EXE Intel Corporation C Windows System igfxtray exe Intel Corporation C Windows System hkcmd exe Intel Corporation C Windows System igfxpers exe Trend Micro Inc C Program Files Trend Micro UniClient UiFrmwrk uiSeAgnt exe Trend Micro Inc C Program Files Trend Micro Titanium plugin Pt PtSessionAgent exe Trend Micro Inc C Program Files Trend Micro Titanium plugin TMAS TMAS WLM TMAS WLMMon exe KYOCERA MITA Corporation C Program Files x Kyocera Address Book AddrBook exe NovaStor Corporation C Program Files x NovaStor NovaStor NovaBACKUP nsCtrl exe Softerware Inc C Y SOFTER ezcare EZBkTray exe Analog Devices Inc C Program Files x Analog Devices Core smax pnp exe KYOCERA MITA Corporation C Program Files x Kyocera FileUtility NsCatCom exe Carbonite Inc C Program Files x Carbonite Carbonite Backup CarboniteUI exe Microsoft Corpo... Read more

A:MBAM cleaned 49 probs. Suspicious activity on pc...so am checking

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. 
start

CreateRestorePoint:
CloseProcesses:

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-3319947538-3514491334-2625519159-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-3319947538-3514491334-2625519159-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-3319947538-3514491334-2625519159-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-3319947538-3514491334-2625519159-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
FF SearchEngineOrder.1: Ask.com
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF SearchPlugin: C:\Users\Office Manager 2\AppData\Roaming\Mozilla\Firefox\Profiles\jezwolep.default\searchplugins\askcom.xml [2013-02-08]
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3319947538-3514491334-2625519159-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [X]
U2 TMAgent; No ImagePath
C:\Users\Office Manager 2\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Staff\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.The location is listed in the 3rd line of the Farbar log you have submitted.Run FRST and click Fix only once and wait.Restart the computer normally to reset the registry.The tool will create a log (Fixlog.txt) please post it to your reply.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find th... Read more

http://www.bleepingcomputer.com/forums/t/577738/mbam-cleaned-49-probs-suspicious-activity-on-pcso-am-checking/
Relevancy 30.1%

Don't know how to remove it.  Have run Norton Power Eraser as well as scans.  It continues to try to attack but is (so far) always blocked by Norton.  Box says system is infected but I need to do nothing.  Thanks

A:Adware Installer Activity 7 infection

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===These proxy settings are suspicious. If you did not set them I suggest you remove the lines in bold from the fix below before saving the Fixlist.txt file.ProxyEnable: [S-1-5-21-2926960347-1281131932-2454002305-1001] => Internet Explorer proxy is enabled.ProxyServer: [S-1-5-21-2926960347-1281131932-2454002305-1001] => http=127.0.0.1:49212;https=127.0.0.1:49212Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

CreateRestorePoint:
CloseProcesses:

() C:\Program Files (x86)\user extensions\Client.exe
() C:\Program Files (x86)\user extensions\Client.exe
HKLM-x32\...\Run: [] => [X]
AppInit_DLLs-x32: C:\PROGRA~3\{C6D52~1\1170~1.1\loli.dll => "C:\PROGRA~3\{C6D52~1\1170~1.1\loli.dll" File Not Found
ProxyEnable: [S-1-5-21-2926960347-1281131932-2454002305-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-2926960347-1281131932-2454002305-1001] => http=127.0.0.1:49212;https=127.0.0.1:49212
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_tight25&cd=2XzuyEtN2Y1L1QzuyByE0EyDtD0ByDyDtDtDyBtCyByE0CyCtN0D0Tzu0StCtBtByEtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0A0ByEzy0A0BtAtGyDyD0DyBtGzztC0A0EtGtD0ByD0EtGtC0DyEtBtC0D0CtCyE0FyCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByDzy0AtBzz0DtGyEyEzztAtGyE0F0F0EtG0ByD0CzytGtA0EtAtA0ByEtD0FyCyCzz0D2QtN0A0LzuyE&cr=1258636553&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_tight25&cd=2XzuyEtN2Y1L1QzuyByE0EyDtD0ByDyDtDtDyBtCyByE0CyCtN0D0Tzu0StCtBtByEtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0A0ByEzy0A0BtAtGyDyD0DyBtGzztC0A0EtGtD0ByD0EtGtC0DyEtBtC0D0CtCyE0FyCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByDzy0AtBzz0DtGyEyEzztAtGyE0F0F0EtG0ByD0CzytGtA0EtAtA0ByEtD0FyCyCzz0D2QtN0A0LzuyE&cr=1258636553&ir=
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2926960347-1281131932-2454002305-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_tight25&cd=2XzuyEtN2Y1L1QzuyByE0EyDtD0ByDyDtDtDyBtCyByE0CyCtN0D0Tzu0StCtBtByEtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0A0ByEzy0A0BtAtGyDyD0DyBtGzztC0A0EtGtD0ByD0EtGtC0DyEtBtC0D0CtCyE0FyCyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByDzy0AtBzz0DtGyEyEzztAtGyE0F0F0EtG0ByD0CzytGtA0EtAtA0ByEtD0FyCyCzz0D2QtN0A0LzuyE&cr=1258636553&ir=
SearchScopes: HKU\S-1-5-21-2926960347-1281131932-2454002305-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://taplika.com/results.php?f=4&q={searchTerms}&a=tpl_tight25&cd=2XzuyEtN2Y1L1QzuyByE0EyDtD0ByDyDtDtDyBtCyByE0CyCtN0D0Tzu0StCtBtByEtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutN1L1... Read more

http://www.bleepingcomputer.com/forums/t/576042/adware-installer-activity-7-infection/
Relevancy 29.24%

Since yesterday I keep receiving this message in a popup from norton Norton blocked an some Plugin virus: system have I infected: Fake Activity kind 2 of attack by system infected Fake Plugin Activity It pops up every time you open any browser firefox IE Chrome and keeps popping up a few times a minute while browsing online or even as I am typing now Norton up to date Norton Security says that it blocked the attack and that no further action is needed but my online searches seem to say that I am already infected and Norton is fighting it on the inside whatever that means I also downloaded Norton Power Eraser and I still continued to receive this message after it was complete and my system rebooted As I have some kind of virus: system infected: Fake Plugin Activity 2 I am using the computer all kinds of pop up ads are appearing Some for fixing computer problems and other random ads Even as I have typed this some other Norton windows popped up one with fake plugin activity and a completely different one that didn't last long enough for me to see So I I have some kind of virus: system infected: Fake Plugin Activity 2 don't know if I have a bunch of viruses or just one Each time it says that norton blocked it I am using Norton Security and used Power eraser I have no other malware programs I have Windows -bit aircap

A:I have some kind of virus: system infected: Fake Plugin Activity 2

Hi aircap63,
Your report analysis  on other Forum  continues.
Therefore this topic is closed. Sorry.

http://www.bleepingcomputer.com/forums/t/576873/i-have-some-kind-of-virus-system-infected-fake-plugin-activity-2/
Relevancy 30.53%

My Win 7 computer is just frustrating me.  It was one of my zippiest machines but now it just seems to be constantly hitting the disk.  I've tried everything I know but I've failed to figure it out. Any help would be appreciated.

A:Disk activity overload

Hello chettt,my name is Jo and I will help you with your computer problems.Please follow these guidelines:Logs can take a while to research, so please be patient.Read and follow the instructions in the sequence they are posted.print or copy & save instructions.back up all your private data / important files on another (external) drive before using our tools.Do not install / uninstall any applications, unless otherwise instructed.Use only that tools you have been instructed to use.Copy and Paste the log files inside your post, unless otherwise instructed.Ask for clarification, if you have any questions. Stay with this topic til you get the all clean post.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.***Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.Vista / Windows 7/8 users right-click and select Run As Administrator.A Notepad document should open automatically called checkup.txt; please post the contents of that document.***Please download Malwarebytes Anti-Rootkit and save it to your desktop.Be sure to print out and follow the instructions provided on that same page.Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.Scan your system for malwareWith some infections, you may see two messages boxes.'Could not load protection driver'. Click 'OK'.'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.If there is no malware found, please let me know as well.***Please download AdwCleaner by Xplode and save to your Desktop.Double-click AdwCleaner.exeVista / Windows 7/8 users right-click and select Run As Administrator.Click on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.If you see an entry you want to keep, let me know about it.Copy and paste the contents of that logfile in your next reply.A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.***

http://www.bleepingcomputer.com/forums/t/575693/disk-activity-overload/
Relevancy 30.53%

how I delete this Fake Plugin activity 2 ?????

A:Fake Plugin activity 2

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.POST THE LOG FOR MY REVIEW.Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.Click OK to either and let MBAM proceed with the disinfection process.If asked to restart the computer, please do so immediately.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Post the FRST log that was created when you have executed this tool.Download the version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.===How is the computer running?Wait for further instructions.

http://www.bleepingcomputer.com/forums/t/573817/fake-plugin-activity-2/
Relevancy 29.67%

So I Hosts network activity running my Multiple DLL on am quite new today Sorry if this is sudden I got this laptop not too long ago I was browsing through the internet to figure out what this could be and it may be possible that my computer is infected I have not had a chance to reinstall norton since it had caused some lag issue Multiple DLL Hosts running on my network activity with my laptop which was resolved when it was uninstalled Since I've been very busy I'm rarely on my computer However I noticed that when I got on my internet got slower I figured it may have been windows update but decided to look Multiple DLL Hosts running on my network activity through the network stuff on task manager which led to looking at resource manager and I saw a lot of dll hosts possibly Multiple DLL Hosts running on my network activity or more running on the background I think this may be the cause of my internet issues I am running on Window's and using a Sony VAIO E Series I have attached the FRST logs as well

Relevancy 29.67%

Computer runs normally after boot up until accessing the Internet in IE or Chrome Normally I an IE user I installed Chrome today just to see or Continuous Run Slowly HDD; Hang in Activity Applications if the problems persisted they did Once the Internet has been accessed there is continuous activity in the HDD and Continuous Activity in HDD; Applications Hang or Run Slowly all operations with the computer become very Continuous Activity in HDD; Applications Hang or Run Slowly slow For example right clicking on a file folder or a shortcut takes approximately seconds before a pulldown appears Attempting to re-access the Internet with IE when there is continuous activity in the HDD results in a white screen with a blank address bar and the browser hangs If a shutdown is done while the computer is in this state a message is received that a program needs to close even when it appears that no programs are open and a brief message goes by with verbiage having to do with Task Host Window When there is continuous activity in the HDD disconnecting from the network results in the HDD activity ending and a return to normal HDD activity If I reconnect to the network after a few moments the continuous activity resumes on its own There has been no obvious malware activity on this computer The symptoms I describe above began on February I have run the following tools before making this post FRST MBAM no malicious items found ADWCleaner a few malicious items were found and removed JRT a few malicious items were found and removed but most items had to do with the junk that Best Buy installed on the computer four years ago TDSSKiller no malicious items found RogueKiller several PUP's found and deleted Another FRST Scan for which I created and ran a fix Eset Online Scanner found items but most were false positives removed items I have not run ComboFix on this machine though it was run on this computer several years ago at the direction of a BC helper I see that there are remnants The only software installed on this computer recently is an update to Abobe Flash Attempting to run the above tools while there was continuous activity in the HDD sometimes resulted in a hung app for that tool Successful runs for those tools were made after rebooting the computer and running the tool before accessing the Internet excluding Eset After running all the above tools the problem persists Problem does not seem to show itself in Safe Mode w Networking though I haven't thoroughly tested it Task Manager does not show any processes taking up a lot of CPU or Memory even when there is continuous activity in the HDD Note that the FRST scan included with this post was run after the tools in the list above were run Additionally the FRSTscan included in this post was run when the computer was experiencing high HDD activity Thank you in advance for your help Scan result of Farbar Recovery Scan Tool FRST txt x Version - - Ran by Admin administrator on TRISTAR on - - Running from C Users Ben Desktop Loaded Profiles Ben amp Admin Available profiles Ben amp Admin Platform Windows Home Premium Service Pack X OS Language English United States Internet Explorer Version Default browser IE Boot Mode Normal Tutorial for Farbar Recovery Scan Tool http www geekstogo com forum topic -frst-tutorial-how-to-use-farbar-recovery-scan-tool Processes Whitelisted If an entry is included in the fixlist the process will be closed The file will not be moved IDT Inc C Program Files IDT WDM stacsv exe Stardock Corporation C Program Files Dell DellDock DockLogin exe Microsoft Corporation C WINDOWS System wlanext exe Andrea Electronics Corporation C Program Files IDT WDM AESTSr exe Apple Inc C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe Apple Inc C Program Files Bonjour mDNSResponder exe Broadcom Corporation C Program Files WIDCOMM Bluetooth Software btwdins exe Garmin Ltd or its subsidiaries C Program Files x Garmin Core Update Service Garmin Cartography MapU... Read more

A:Continuous Activity in HDD; Applications Hang or Run Slowly

Update
Since no one has had the chance to respond to my topic, let me post this update.
 
I belive the problem has been found:  In recent days, upon launching Microsoft Outlook (my e-mail client), the loading of the Norton Anti-Spam Outlook Plugin has taken an unusually long time.  Today, upon launching Outlook an error message was received regarding the plugin and I was offered the opportunity to disable it, which I did.  The high HDD activity stopped and the computer has been running normally ever since.
 
I ask that a helper comment on my FRST log if there are things that need to be addressed and I will follow the helper's instructions.  Otherwise, please feel free to close the topic as the problem does not appear to be malware related.
 
Thank you.

http://www.bleepingcomputer.com/forums/t/566111/continuous-activity-in-hdd;-applications-hang-or-run-slowly/
Relevancy 30.1%

I believe I have Trojan.Zbot 15 on my notebook computer and would appreciate help removing it.  Norton Antivirus repeatedly gives the warning: “An intrusion attempt was blocked.  System Infected: Trojan.Zbot Activity 15”.  Norton forums referred me here for help with removal.  The infected computer is a Dell notebook running Windows 7 Home Premium, 64-bit, Service Pack 1.
 
I have not yet attempted any scans or removal other than Norton Antivirus.  Thank you for any help you can provide!

A:Trojan.Zbot Activity 15, Need Help Removing

Hi & to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.
Before we move on, please read the following points carefully:
My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
If I don't reply within 24 hours please PM me!
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1
Please download Powelikscleaner (by ESET) and save it to your Desktop.
Double-click the to start the tool.
Read the terms of the End-user license agreement and click Agree if you agree to them.
The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
The tool will produce a log in the same directory the tool was run from.
Please copy and paste the log in your next reply.
Step 2
Please run a FRST scan. This will help us diagnose your problem.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
Start FRST with administator privileges.
Make sure the option Addition.txt is checked and press the Scan button.
When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
Please copy and paste these logs in your next reply.

http://www.bleepingcomputer.com/forums/t/565564/trojanzbot-activity-15-need-help-removing/
Relevancy 30.53%

I need help removing this virus from my computer. I have Norton & it  blocks it, but when I run scans doesn't remove it. Any help would be appreciated.

A:Trojan.Zbot Activity 15

Hi & to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.
Before we move on, please read the following points carefully:
My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
If I don't reply within 24 hours please PM me!
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1
Please download Powelikscleaner (by ESET) and save it to your Desktop.
Double-click the to start the tool.
Read the terms of the End-user license agreement and click Agree if you agree to them.
The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
The tool will produce a log in the same directory the tool was run from.
Please copy and paste the log in your next reply.
Step 2
Please run a FRST scan. This will help us diagnose your problem.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
Start FRST with administator privileges.
Make sure the option Addition.txt is checked and press the Scan button.
When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
Please copy and paste these logs in your next reply.
Step 3
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
 

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
 
Right-click on icon and select Run as Administrator to start the tool.
Wait patiently until the main console will appear, it may take a minute or two.
In the main box please paste in the following script:
process;
services-list;
systemspecs;
startupall;
filesrcm;
Make sure that Scan All Users option is checked.
Push Run Script and wait patiently. The scan may take a couple of minutes.
When the scan completes, a zoek-results logfile should open in notepad.
If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.

http://www.bleepingcomputer.com/forums/t/564910/trojanzbot-activity-15/
Relevancy 30.1%

Mod Edit Moved to appropriate forum boopmeHello My hard drive activity go from near to with no reason at random moments I search google for this issue and many people seems to have the same problem and none of them seems to find a solution I known you forum because HiJackThis is currently making an update and temporarily closed the support section The owner said you could help me with the verification so I'm giving you the log the HiJackThis made and if one of you can analyse it and tell me if there's something wrong in it 100% go to activity drive randomly My hard Also if anyone ever find a solution for this problem PLEASE TELL ME This is totally driving me nuts Thanks Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Unknown Windows WinNT MSIE Internet Explorer v Boot mode Normal Running processes C ProgramData DatacardService DCSHelper exeC Program Files x CyberLink Power Go CLMLSvc P G exeC Program Files x CyberLink PowerDVD PDVD Serv exeC Program Files x Common Files Adobe ARM AdobeARM My hard drive randomly go to 100% activity exeC Program Files x Spybot - Search amp Destroy SDTray exeC Program Files x AVG AVG My hard drive randomly go to 100% activity avgui exeC My hard drive randomly go to 100% activity Program Files x DivX DivX Update DivXUpdate exeC Program Files x iTunes iTunesHelper exeC Program Files x AVG Web TuneUp vprot exeC Program Files x Common Files Java Java Update jusched exeC WINDOWS SysWOW ctfmon exeC Program Files Intel Intel reg Rapid Storage Technology IAStorIcon exeC Program Files x Common Files Java Java Update jucheck exeC Users Mike jagexcache jagexlauncher bin JagexLauncher exeC Users Mike Documents HijackThis exeC Program Files x Google Chrome Application chrome exeC Program Files x Google Chrome Application chrome exeC Program Files x Google Chrome Application chrome exeC Program Files x Google Chrome Application chrome exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http samsung msn comR - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http google ca R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink p LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink p LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htmR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localR - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName F - REG system ini UserInit userinit exe O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dllO - BHO Java Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files x Java jre bin ssv dllO - BHO AVG Web TuneUp - B C- C F- BF -B - A - C Program Files x AVG Web TuneUp AVG Web TuneUp dllO - BHO URLRedirectionBHO - B F A - E - -BA - B E FF - C PROGRA Microsoft Office Office URLREDIR DLLO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dllO - HKLM Run CLMLServer For P G C Program Files x CyberLink Power Go CLMLSvc P G exe O - HKLM Run CLVirtualDrive C Program Files x CyberLink Power Go VirtualDrive exe RO - HKLM Run RemoteControl C Program Files x CyberLink PowerDVD PDVD Serv exe O - HKLM Run Adobe Reader Speed Launcher C Program Files x Adobe Reader Reader Reader sl exe O - HKLM Run Adobe ARM C Program Files x Common Files Adobe ARM AdobeARM exe O - HKLM Run Intel AppUp SM center C Program Files x... Read more

A:My hard drive randomly go to 100% activity

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===HijackThis is not ready for you 64 bit operating system. Please run these tools and post the logs for my review.Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.POST THE LOG FOR MY REVIEW.Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.Click OK to either and let MBAM proceed with the disinfection process.If asked to restart the computer, please do so immediately.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Download the version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.===Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.To attach a file select the "More Reply Option" and follow the instructions.How is the computer running?Wait for further instructions.

http://www.bleepingcomputer.com/forums/t/564076/my-hard-drive-randomly-go-to-100-activity/
Relevancy 30.53%

Hi, I for the last several weeks I have been getting repeated blocks by my Norton antivirus for Trojan.zbot activity 15.  This is happening many times a day.  I have googled this topic and it seems a lot of people are having this issue.  On several sites it says to contact you guys for help, so here I am.  My computer is acting a little funny but isn't particularly slow.  I hope that I have become aware of this infection in time to get rid of it.  Any help would be greatly appreciated!  Thank you!

A:Trojan.zbot activity 15

Hi & to Bleeping Computer Forums!My name is Jürgen and I will be assisting you with your Malware related problems. Before we move on, please read the following points carefully: My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.If I don't reply within 24 hours please PM me!Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.Step 1Please run a FRST scan. This will help us diagnose your problem.Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)Start FRST with administator privileges.Make sure the option Addition.txt is checked and press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply.

http://www.bleepingcomputer.com/forums/t/564494/trojanzbot-activity-15/
Relevancy 29.67%

Hello I'm new to this forum and was hoping to get some help regarding my problem.
 
So for about two weeks now I've been getting constant notifications from Norton Security Suite that it has blocked System Infected: Trojan.Zbot Activity 15, saying on the Alert Summary that an intrusion attempt by C71585.com was blocked. I've tried using a few programs making sure they're all up to date to stop the constant notifications but none of them get the job done. I'd estimate that it would tell me at least 5 times a day that it has blocked Trojan.Zbot Activity 15. 
 
Here's a list of the programs I used: 
Norton Power Eraser
Norton FixNecurs64bit.exe removal tool
Malwarebytes Anti-Malware
adwarecleaner
SUPERAntispyware 
 
I appreciate any help, thank you. 
 
 

A:System Infected: Trojan.Zbot Activity 15

Hi & to Bleeping Computer Forums!My name is Jürgen and I will be assisting you with your Malware related problems.Before we move on, please read the following points carefully: My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.If I don't reply within 24 hours please PM me!Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.Step 1Please run a FRST scan. This will help us diagnose your problem.Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)Start FRST with administator privileges.Make sure the option Addition.txt is checked and press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply.Temporary disable your AntiVirus and AntiSpyware protection - instructions here.Step 2 Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)Right-click on icon and select Run as Administrator to start the tool.Wait patiently until the main console will appear, it may take a minute or two.In the main box please paste in the following script:process;
services-list;
systemspecs;
startupall;
filesrcm;
Make sure that Scan All Users option is checked.Push Run Script and wait patiently. The scan may take a couple of minutes.When the scan completes, a zoek-results logfile should open in notepad.If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)Post its content into your next reply.

http://www.bleepingcomputer.com/forums/t/563862/system-infected-trojanzbot-activity-15/
Relevancy 30.1%

For over a week I keep getting a Norton notice that An intrusion attempt by C com was blocked and when I click on details it reads IPS Alert Name System Infected Trojan Zbot Activity When I look at the Norton history log it's happening over plus times each day Have tried everything to remove it multiple times Norton full system scan Norton Utilities registry scan and drive cleanup Norton FixNecurs bit exe removal tool Norton Power Eraser SUPERAntiSpyware exe Version Malwarebytes mbam-setup- exe I've also run the FRST exe Farbar Recovery Scanner Tool I'm running Windows Home Premium with Service Pack on a HP laptop Intel Core i CPU GB RAM and bit operating system Firewall and virus protection by Norton I make frequent updates to all Windows and Norton software I've ran DDS and FRST and have the logs for each Below is the DDS txt log Attached is DDS attach txt log FRST txt FRST addition txt Thanks for any help I'm new to this forum and have exhausted the little tech knowledge I might have to resolve this nightmare DS Ver - - - NTFS AMD Internet Explorer BrowserJavaVersion Run by Sal at on - - Microsoft Windows Home Premium GMT - AV Norton Premier Edition Enabled Updated D FA C -F - B -D EC- EDF CEDB SP Norton Premier Edition Enabled Updated E -D C- F-EC C- AD B SP Windows Defender Disabled Updated D with 15 Trojan.Zbot Activity Infected DDC A- F- fae- E -DA C ACF FW Norton Premier Edition Enabled E E -BF - E -FDB -A EAC E A Running Processes C Windows system lsm exe C Windows system svchost Infected with Trojan.Zbot Activity 15 exe -k DcomLaunch C Windows system svchost exe -k RPCSS C Windows System svchost exe -k LocalServiceNetworkRestricted Infected with Trojan.Zbot Activity 15 C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k LocalService C Windows system svchost exe -k netsvcs C Program Files IDT WDM STacSV exe C Windows system Hpservice exe C Program Files DisplayLink Core Software DisplayLinkManager exe C Windows system vcsFPService exe C Program Files DisplayLink Core Software DisplayLinkUserAgent exe C Program Files x Hewlett-Packard HP SimplePass Identity Protection EgisService exe C Windows Infected with Trojan.Zbot Activity 15 system svchost exe -k NetworkService C Windows system WLANExt exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceAndNoImpersonation C Windows system svchost exe -k LocalServiceNoNetwork C Program Files IDT WDM AESTSr exe C Program Files x Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files x Microsoft Small Business Business Contact Manager BcmSqlStartupSvc exe C Program Files Bonjour mDNSResponder exe C Program Files WIDCOMM Bluetooth Software btwdins exe C Program Files x CinemaNow CinemaNow Media Manager CinemanowSvc exe C Windows system CISVC EXE C SwSetup QuickWeb QW SYS config DVMExportService exe C Program Files x FileZilla Server FileZilla Server exe C Program Files x Hewlett-Packard Shared HPDrvMntSvc exe C Windows SysWOW svchost exe -k hpdevmgmt C Program Files Hewlett-Packard HP Quick Launch HPWMISVC exe C Program Files x Intel Intel reg Management Engine Components LMS LMS exe C Program Files x Motorola Mobility Motorola Device Manager MotoHelperService exe C Program Files x Norton Engine N exe C Windows System svchost exe -k HPZ C Windows System svchost exe -k HPZ C Program Files x Motorola MotForwardDaemon ForwardDaemon exe C Program Files x Common Files Intuit QuickBooks QBCFMonitorService exe C Program Files x Common Files Intuit DataProtect QBIDPService exe C Windows SysWOW RegAss exe C Program Files Microsoft SQL Server Shared sqlwriter exe C Windows system svchost exe -k imgsvc C Program Files Common Files Microsoft Shared Windows Live WLIDSVC EXE C Program Files Common Files Microsoft Shared Windows Live WLIDSvcM exe C Program Files x Microsoft SQL Server MSSQL MSSMLBIZ MSSQL Binn sqlservr exe C Windows system svchost exe -k HPService C Windows system svchost exe -k Network... Read more

A:Infected with Trojan.Zbot Activity 15

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully.First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.   Scan with Gmer rootkit scannerPlease download Gmer from here by clicking on the "Download EXE" Button.Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.In the right panel, you will see several boxes that have been checked. Uncheck the following ...
SectionsIAT/EATShow All ( should be unchecked by default )Leave everything else as it is.Close all other running programs as well as your Browser.Click the Scan button & wait for it to finish.Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.Save it where you can easily find it, such as your desktop.Please post the content of the ark.txt here.**Caution**Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries Scan with TDSS-KillerPlease read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.Download TDSSKiller.zip and extract to your desktopExecute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txtPlease attach this file to your next reply.

http://www.bleepingcomputer.com/forums/t/562197/infected-with-trojanzbot-activity-15/
Relevancy 29.67%

I suspected a rootkit issue, but scans with tdsskiller and spybot s&d av and McAfee show nothing. I am having to leave internet disconnected as it generates 10 of thousands of temp files in just a short period of time. Also I have lost all admin rights to uninstall applications. Not sure if its related to the same issue or not. Any help would be appreciated.

A:Av automatically being disabled and hyper network activity

Merged topics.  Title was: Something running in the background using up cpu/bandwidth. ~ OB I am running windows 7 Ultimate 64 bit and recently became infected by a rootkit virus. I used tdsskiller and spybot S&D AV software and it showed to be removed.  However something is still not right.  The hard drive is chattering non stop anytime there is an internet connection and tens of thousands of temp files are generated in just a few minutes.  It seems that I have been stripped of all admin rights as well.  I am no longer able to uninstall anything and can only run av software if logged in safe mode networking or by enabling the hidden admin account and can run it from there.  I also verified that my main account has admin rights, they just don't work.  Any help would be greatly appreciated.  I attempted to download DDS, but it just redirects me back to the downloads home page. :-/ Thanks,Kjem

http://www.bleepingcomputer.com/forums/t/559094/av-automatically-being-disabled-and-hyper-network-activity/
Relevancy 29.67%

I am fighting this Blocks Installer Activity Norton 7 Adware same problem I am getting the same Norton Blocks Adware Installer Activity 7 Norton message I started to follow Preparation Guide step by downloading the FRST program and after it downloaded Norton popped up and said is was a malicious program and automatically deleted it My instinct is to shut off Norton and download it again but I fear with all the problems I'm having that running without some kind of protection is not a good idea Another issue I'm experiencing is that my internet will not work as when this Adware problem occurred I am also getting a proxy server error message Sometimes after waiting a while the page eventually loads I am running Chrome Firefox and IE Explorer browsers I usually use Chrome and sometimes Firefox Rarely IE Explorer None of these are working right Firefox is also fiving me a dangerous site message when I go to places I normally go to in my Favorites list Any help would be greatly appreciated Thanks Ty

A:Norton Blocks Adware Installer Activity 7

Shut off Norton. Download and run FRST. Start the new topic .. Add the FRST log.Turn On Norton.Let me know if that went well.

http://www.bleepingcomputer.com/forums/t/581985/norton-blocks-adware-installer-activity-7/
Relevancy 30.1%

Hi
 
My Norton 360 keeps blocking "Adware Installer Activity 7."  Additionally, I found that my IE browser now has a proxy setting tied to my localhost IP of 127.0.0.1 and whenever I uncheck the proxy, it comes back on browser restart.  Naturally, I'm getting "Page cannot be displayed" errors from my browser.  How do I get rid of this pesky thing?  I've tried Malwarebytes, Superantispyware as well as Norton.  Nothing is working.
 
Thanks
Daryl

A:"Adware Installer Activity 7" infection

Hello DarylThis attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.We should get a deeper look. Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.Let me know if all went well.

http://www.bleepingcomputer.com/forums/t/564812/adware-installer-activity-7-infection/
Relevancy 30.53%

Lately I have found that my computer has been running slower and random audio of Advertisements have been playing however not till today I have discovered that Inter Explorer was open in task manager but not on my desktop. Task manager was showing Internet Explorer opening multiple websites such as "whatismyIp" as soon as I saw this I panicked and am now wondering how may I stop/Solve this from continuing

A:IE Open with Suspicious activity

FWIW:  One instance of iexplore.exe is displayed in Task Manager as a process...always.  For every window/tab opened, 1 additional process appears in Task Manager.
 
Louis

http://www.bleepingcomputer.com/forums/t/578027/ie-open-with-suspicious-activity/
Relevancy 30.1%

over the last week or so, the activity lights on our modem are almost always flashing and the microsoft resource monitor definitely indicates some kind of network/internet activity is occurring and that's the case even when no one is using the laptop; I'm not entirely sure what to make of it, though. I think it started after I downloaded and installed the latest windows updates; uninstalling the ones that could be uninstalled hasn't helped. and I've done full scans with both windows defender and malwarebytes and they did not find anything
any help provided will be totally appreciated
thanks

A:there's almost constant internet/network activity

You may have a fair number of programs constantly checking for updates, "phoning" home, etc.  I think System Internals and Windows OS has a utility that can give you an idea of what is running; can't remember the name.

http://www.bleepingcomputer.com/forums/t/576279/theres-almost-constant-internetnetwork-activity/
Relevancy 30.1%

OS: windows 8.1
Laptop: Lenovo G40-70
 
Can you please check if my laptop is compromised. Because these past weeks, I have a very bad feeling that acertain hacker knows all my google searches/yahoo searches. I only use google chrome for my researching/searching. Possibly a keylogger or some spyware might be installed on my system.

A:A hacker might be monitoring my internet activity

Hi there,This issue sounds like something more serious than what we can do here.Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Regards,Alex

http://www.bleepingcomputer.com/forums/t/575283/a-hacker-might-be-monitoring-my-internet-activity/
Relevancy 28.81%

As well as displaying unusual and slow activity Gmer reports rootkit activity even after a fresh reinstall After flashing the bios and restarting the computer displays only a black screen for approx minutes when turned on then boots as normal This only happens directly after a bios flash and it seems suspicious At this point I am beginning to format, and a activity flash, mbr despite a clean complete bios Apparent rootkit doubt the results and am suspicious of a hardware issue but gmer has never failed me before and the computer was definitely Apparent rootkit activity despite a complete format, bios flash, and a clean mbr infected when I started working on it Malwarebytes removed trojans but the infection persisted when I first received it so I wiped the hard drive On reinstall Gmer reported suspected rootkit activity so I booted up on a linux Apparent rootkit activity despite a complete format, bios flash, and a clean mbr cd and wiped the mbr and the whole drive then reinstalled with the same results in gmer I then flashed the mouse bios and cd drive firmware wiped the mbr Apparent rootkit activity despite a complete format, bios flash, and a clean mbr and the drive and reinstalled again The PC bluescreened when i ran gmer again and displayed warnings about hard disk integrity I shut off the computer then entered dell's diagnostic tool from the f boot menu but the built in hard drive diagnostic tool never advanced past despite running it times for an hour each PC is a dell studio hybrid g running windows vista I have formatted the hard drive and wiped the mbr times now trying different things An issue is that the bios updates can only be run in a windows environment so I can't be certain they are actually working since I am running it in a possibly infected environment It's my mothers computer and I'd really appreciate assistance in figuring out what to do next I am completely lost at this point Thank you

A:Apparent rootkit activity despite a complete format, bios flash, and a clean mbr

to Bleeping Computer.This issue will require further investigation and a more comprehensive look at your system. Many of the scanning tools we use in this forum are not capable of detecting (removing) all malware variants so more advanced tools are needed to investigate. Before that can be done you will need to create and post a FRST log for further investigation.Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.If you cannot complete a step, then skip it and continue with the next.In Step 6 there are instructions for downloading and running FRST which will create two logs.When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.After doing this, please reply back in this thread with a link to the new topic so we can close this one.

http://www.bleepingcomputer.com/forums/t/572553/apparent-rootkit-activity-despite-a-complete-format-bios-flash-and-a-clean-mbr/
Relevancy 30.53%

I've been getting a message from norton that it has blocked trojan.zbot activity 15. but after checking their forums norton doesn't see it when you scan and it may be on my computer. I have had a problem twice now with windows not booting on start up since I've been getting the message from norton. I'm a beginer at this never had one hit me before. How can I find out if I'm infected and if so how do I safely remove it. 
 
Thanks.

A:Help with trojan.zbot activity 15.

Hello and Welcome.
If you are sure the problem is due to trojan.zbot activity, please follow these instructions so that the Malware Removal team ONLY will help you.
 
If you are not sure, Please download RKill by Grinler to your desktop
If you have an old version, please delete it first
Right click on the new Red icon and select Run as Administrator
A black DOS box will appear for a short time and then disappear.
This is normal and indicates the tool ran successfully.
At most the tool will usually run for about 2 minutes
Please Copy and Paste the small log back here.
 
Depending on your reply .............
Please follow the instructions in the Malware Removal and Log Section Preparation Guide .
If you cannot complete a step, then skip it and continue with the next.
In Step 6 there are instructions for downloading and running "FRST" which will create two logs.
When you have done that, Post your logs (as directed) in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs , then still start the new topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them.
A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.
After doing this, please reply back in this thread with a link to the new topic so we can close this one, to prevent others answering incorrectly.

http://www.bleepingcomputer.com/forums/t/569070/help-with-trojanzbot-activity-15/
Relevancy 29.24%

Hello,

After reading the original post on this subject, I ran the antivirus programs recommended to no avail.

Your help is greatly appreciated.

Attaching the log from Malwarebytes:

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.24.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18975
German Delgado :: LUCY [administrator]

Protection: Enabled

10/24/2012 5:14:04 PM
mbam-log-2012-10-24 (17-14-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 286326
Time elapsed: 13 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\German Delgado\Local Settings\Temporary Internet Files\Content.IE5\8GJ83O0Q\freeeditor_1787[1].exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.

(end)

A:Ebay: Detected Suspicious Activity. Your account has been blocked

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here.If you get crashes in normal mode,run it in safemode with networkingDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

http://www.bleepingcomputer.com/forums/t/472939/ebay-detected-suspicious-activity-your-account-has-been-blocked/
Relevancy 30.1%

We started getting messages from our Norton software telling us "system infected: Trojan.Zbot Activity 15" a few weeks ago.  Unlike a recent Trojan Poweliks infection we have not noticed a significant slow up in our computer with this one.  Our operating system is Windows 7 Pro.  I have seen instructions for manual removal but do not have the kind of knowledge necessary to be comfortable with pulling that off on my own.  Any guidance we could receive on how to rid our computer of this Trojan would be greatly appreciated.  Since this is the second Trojan we have been hit with in the last couple of months, is there a way to try to protect us from future attacks?  Thank you.

A:Trojan.Zbot Activity 15 infection

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scroll down.Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:

Launch Malwarebytes Anti-MalwareA 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.On the Dashboard, click the 'Update Now >>' linkAfter the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.If an update is available, click the Update Now button.
A Threat Scan will begin.When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.In most cases, a restart will be required.Wait for the prompt to restart the computer to appear, then click on Yes.If you already have MBAM 2.0 installed:On the Dashboard, click the 'Update Now >>' linkAfter the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.If an update is available, click the Update Now button.
A Threat Scan will begin.When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.In most cases, a restart will be required.Wait for the prompt to restart the computer to appear, then click on Yes.How to get logs:(Export log to save as txt)After the restart once you are back at your desktop, open MBAM once more.Click on the History tab > Application Logs.Double click on the Scan Log which shows the Date and time of the scan just performed.Click 'Export'.Click 'Text file (*.txt)'In the Save File dialog box which appears, click on Desktop.In the File name: box type a name for your scan log.A message box named 'File Saved' should appear stating "Your file has been successfully exported".Click OkAttach that saved log to your next reply.(Copy to clipboard for pasting into forum replies or tickets)After the restart once you are back at your desktop, open MBAM once more.Click on the History tab > Application Logs.Double click on the Scan Log which shows the Date and time of the scan just performed.Click 'Copy to Clipboard'Paste the contents of the clipboard into your reply.Download Malwarebytes Anti-Rootkit (MBAR) to your desktop.Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.Double click on downloaded file. OK self extracting promp... Read more

http://www.bleepingcomputer.com/forums/t/564338/trojanzbot-activity-15-infection/
Relevancy 29.67%

I have gotten this message several times in the past few days from my Norton Internet Security An instrusion attempt by c com was blocked IPS Alert Name Sysem Infected Trojan Zbot Activity Default Action No Action Required Action Taken No Action Required Attacking Computer c com Attacker URL c com z Destination Address Becky-PC Source Address Traffic Description TCP www-http Network traffic from c com z matches the signature of a known attack The attack was resulted from Device Harddiskvolume Windows Syswow dllhost exe Also I've noticed in Task Manager that an instance of a process called dllhost exe using K - of memory that when I right-click I can't open properties or open file location Also instance of csrss exe that Sysem 15 Zbot Trojan. Infected: Activity I can't open any right-click Sysem Infected: Trojan. Zbot Activity 15 options Also instance of winlogon exe that I can't open any right-click options I'm not sure if that's normal or not - I can access all the right click options on all other processes that are running I run Windows Home Premium on a HP s AMD Sempron Processor GHz on a -bit operating system I'd love to get rid of this if my system is truly infected Many thanks

A:Sysem Infected: Trojan. Zbot Activity 15

Use the programs below to find and remove adware and malware.
 
Download Malwarebytes' Anti-Malware from Here
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
The scan may take some time to finish,so please be patient.
If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE MBAM LOG FOR REVIEW.
 
Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the
Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.
After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.
CCleaner - PC Optimization and Cleaning - Free Download
download AdwCleaner by Xplode and save to your Desktop.
Double-click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
After reviewing the log, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
Download Junkware Removal Tool to your desktop.
Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
Hold down Control and click on this link to open ESET OnlineScan in a new window. (Eset can take more than an hour to run so plan accordingly)
Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.
Check "YES, I accept the Terms of Use."
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
Scan potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth technology
ESET will then download updates for ... Read more

http://www.bleepingcomputer.com/forums/t/563505/sysem-infected-trojan-zbot-activity-15/
Relevancy 29.24%

Windows Home Premium x Firefox Desktop wired connection Issue summary I am IP sites from Network Manager; but activity some not Task blocked Rainmeter in suddenly blocked from both a site I visit frequently craigslist and a site I've never been to previously apparently for too many hits from my IP address I see network traffic that I did not initiate and do not expect Details Issue noticed Started when I Network activity in Rainmeter but not Task Manager; IP blocked from some sites went to browse craigslist and got a notification that my IP had been automatically blocked I have contacted them as directed but have not heard back yet This IP has been automatically blocked If you have questions please email blocks-b craigslist org The same message is returned when I go to other craigslist cities eg newyork craigslist com I went to this site I'm researching a video card upgrade and it also returned a message indicating I've been blocked http graphics-cards electronicsnif com compare - ATI-AMD-Radeon-HD- -vs-XFX-Radeon-HD- -FX- A-TDFC Woah You're being rate-limited Our servers have seen too many requests from you recently Please enter the code below to continue browsing I had never been to that particular site before and have now been twice the second time to get the URL and paste the error message I can access both sites fine using Hola Unblocker and setting it to report that I'm browsing from the UK I ran my IP address through a couple blacklist checks and it doesn't appear to be blacklisted so I wouldn't think I've inherited a blacklisted IP address from some spammer I run Rainmeter desktop customization program and it has been showing upload activity as well as some download activity Task Manager does not show any network use I exited my browser Dropbox Onedrive Copy com Steam killed my Amazon music download helper - anything with the remote possibility of generating network traffic No change A side note This particular measurement in Rainmeter is in Bytes per second and it has reported up to - kB s I'd expect to see up to maybe half a kB as various services ping for updates but this seems excessive to me I honestly can't say I've noted what it was in the past but I believe it was significantly lower and less constant I rebooted into Safe Mode with Networking I can start Rainmeter manually in safe mode and it does not show the network activity in Safe Mode I updated my Malwarebytes installation and ran a scan it came up with three PUPs Conduit and something else but the issue returned when I booted into Windows normally I've downloaded and run CurrPorts to try and see what's transmitting and ProcessExplorer to try and see what process might be causing this Nothing jumps out as obviously suspicious and I'm not sure how to read all the information available in CurrPorts There are a lot of unknowns in that application The router only shows two wireless connections which I believe are the two smartphones in the house I just updated Avast Free to the latest version and will run a full scan after the requested reboot Ran half a full scan last night it did not complete before I needed to go to bed so that's one thing that still needs to be completed Thanks for your time

A:Network activity in Rainmeter but not Task Manager; IP blocked from some sites

Step 1: Minitoolbox. Please download MINITOOLBOX and run it.Checkmark following boxes:Flush DNSReset FF proxy SettingsReset Ie Proxy SettingsReport IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeList Devices (problems only)Click Go and post the result. Step 2: Junkware Removal Tool. Please download Junkware Removal Tool and save it on your desktop.Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log is saved to your desktop and will automatically open.Please post the JRT log.Step 3: Adware Cleaner. Please download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on adwcleaner.exe to run the tool.Click on Scan button.When the scan has finished click on Clean button.Your computer will be rebooted automatically. A text file will open after the restart.Please post the contents of that logfile with your next reply.You can find the logfile at C:\AdwCleaner[S1].txt as well.Step 4: Adware Removal Tool. Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.Hit Ok.Hit next make sure to leave all items checked, for removal.The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool. Step 5: Malwarebytes AntiRootkit  Download Malwarebytes Anti-Rootkit to your desktop.Double-click the icon to start the tool.It will ask you where to extract make sure it is on the desktop.Malwarebytes Anti-Rootkit needs to be run from an account with admin rights.Click next to continue.Then Click UpdateOnce the update is Finished select Next then Scan.If no malware has been found, at the end of scan select ExitIf an infection was found, make sure to select all items and click Cleanup.Reboot your machine.Open the MBAR folder and paste the content of the following into your next reply:
mbar-log-{date} (xx-xx-xx).txtsystem-log.txt[/*]Step 6: Security Check Log. Download Security Check from here or here and save it to your Desktop.Double-click SecurityCheck.exeFollow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document Step 7: Report Tell me how the machine is performing, and if you need help performing any steps. Also post all requested logs.

http://www.bleepingcomputer.com/forums/t/563533/network-activity-in-rainmeter-but-not-task-manager;-ip-blocked-from-some-sites/
Relevancy 30.53%

I have just setup ATA on a 5 node hyper-v cluster...
The DC and ATA VMs are spread across nodes.
I have configured all the mirroring etc... however when I open ATA Center and search for user, the user appears but there is no activity for logon etc...

https://social.technet.microsoft.com/Forums/en-US/d89b715f-5f78-48ac-a545-05ec241e5ec3/ata-user-activity?forum=mata
Relevancy 30.53%

Hi, I have an Acer Aspire, model #AXC-703G-UW51 running windows 8.1, 4 gig memory, 500 gig HD and there does not appear to be a hard drive activity light, just wondering if this is normal with a sata drive.

Thank you

Moe
 

https://forums.techguy.org/threads/activity-light.1156494/
Relevancy 28.81%

Note Originally posted in the General section - reposted here by suggestion Every time I restart Windows and after logging in the hard drive light comes on Constant Hard - Respond Windows Slow Activity to Computer 7 Drive indicating continuing constant disk Windows 7 Constant Hard Drive Activity - Computer Slow to Respond activity The hard drive light is on solidly no blinking This condition persists for - minutes during which time all applications are extremely slow to respond I have tried pausing the search indexer and have also tried pausing my anti-virus software Kaspersky Internet Security Neither of these appear to have any effect Once the constant hard drive activity has completed the system operates normally however I would much prefer to begin using the system soon after startup without having to wait for whatever is causing the hard drive activity to complete I have looked at Windows Task Manager Windows 7 Constant Hard Drive Activity - Computer Slow to Respond and find no applications running other than THX True Studio PC by Creative Systems Under task Manager processes quot System Idle Process quot is shown with - CPU Windows 7 Constant Hard Drive Activity - Computer Slow to Respond usage Many thanks in advance for any suggestions about how to track down what is happening and potentiall fix Quote If nothing there can seem to help then you could post in the Performance amp Maintenance thread Also use this tool and post your results SF Diag Tool Diagnostic file clw zip attached Thx C

A:Windows 7 Constant Hard Drive Activity - Computer Slow to Respond

Task Manager > Performance tab > Resource Monitor > Disk tab

You should be able to press the READ and WRITE columns to see which process / app is using the disk the most at the time of slowdown

Also running a disk check would be advised, right click HDD icon > properties > tools > error checking > check now > agree to schedule a disk check at next boot

Also things like this disk check software can show any faults with the drive
CrystalDiskInfo - Software - Crystal Dew World

Check Event Log too to see if there is a problem with windows

http://www.sevenforums.com/performance-maintenance/287073-windows-7-constant-hard-drive-activity-computer-slow-respond.html
Relevancy 30.53%

Having somewhat random issues where the PC blue screens or complete freezes up and requires a hard reboot when I step away from the PC for a few hours or overnight.

Ive tried to upgrade the video drivers, this has only delayed the BS for some time.

Looking at the dump files is not telling me anything but that seems to be a little beyond my expertise.

I can see that the BS seem to have been a different cause each time for the 9 dumps that have been captured.

Anyway I ran the tool as instructed and hope that someone can help me pinpoint the issues with this PC.

PS BS means bluescreen not the other BS

http://www.sevenforums.com/bsod-help-support/383093-bsod-no-activity-few-hours.html
Relevancy 29.24%

Hello --
We got the following ATA alert on a Windows 10 Enterprise Direct Access Enabled laptop which was doing a FAST ring build over build upgrade to Windows 10 Enterprise 10122 this morning:
X.X.X.X (ATA Management Server IP)/suspiciousActivity/376844bd2334dcaab3034733
W10LAPTOP (X.X.X.X)'s Kerberos tickets were stolen from DASERVER (X.X.X.X) to W10LAPTOP (X.X.X.X) and used to access ldap/DC.domain.local/domain.local.

Laptop is: W10LAPTOP. Windows 2012 R2 Domain Controller is DC.domain.local. Windows 2012 R2 Direct Access Server is DASERVER.
We guess this may be a false positive and want to confirm if we need to add ATA exceptions in a Windows 2012 R2 Environment with a Direct Access Server? If so, please explain exactly the exceptions needed. If not, we can provide all requested log files
as needed.
Thank You

https://social.technet.microsoft.com/Forums/en-US/7d7a9b63-1750-4206-890c-4bdaa4fcc23d/ata-suspicious-activity-alert-is-it-real-or-a-false-positive?forum=mata
Relevancy 28.81%

Hey, I'm looking for a software that does what the task manager in Windows 8 and 10 does for monitoring disk activity which is basically just to break down disk read\write or i\o usage down by the individual hard drives.

I spent a while searching for such a software on google and downloaded and installed over 10 applications including Microsoft's Sysinternals Suite, Crystal disk info, IOmeter, OpenHardwareMonitor, Process Explorer, and several more, and none of them seem to have this function. I was surprised that I wasn't able to find any such function over many google searches but it's possible I was just using poor search terms.

Does anyone know such a software\program\utility that will monitor my disk read\write usage and break it down per drive so I can monitor it during backups, transfers and other disk operations?

Thanks

http://www.sevenforums.com/software/384252-software-monitors-disk-read-write-activity-sorted-drive.html
Relevancy 30.53%

Ok my st time here seemed like a good place for some advice My basic problem i m connected to a network and it seems to be changing its security type jumping from WPA -PSK to WEP I m using this same wifi Activity Weird Wifi antenna What s weird is no other detectable network does this my pc s network access menu only rarely shows the change from wpa -psk to wep but I did get inSSIDer for checking this thing and it does show its changing security types about every minute or so The other strange thing it would never let me Weird Wifi Activity connect at all with just entering the key only by manually making a network sometimes it shows full bars others like now when i m typing it shows a red X over the icon I went and checked for any strangeness but can t find anything in there but it is broadcasting separate frequencies and GHz at the same time I can see that both frequencies are set to use WPA -PSK with the same password but different SSIDs The noticeable thing is when it has the red X the internet seems slower and tends to just not let anything after the st few minutes of using the net Any ideas what s going on with this stuff i ve never seen any network do this And yes i m on neighbors wifi and they do know i m poking around any help would be appreciated P S I can do screenshots if needed appropriate nbsp

A:Weird Wifi Activity

howdy and welcome. Whether or not the neighbor knows about your using their wifi is immaterial, as it's the ISP that makes the call as to whether or not it's legal. And ISP's do not allow that, unfortunately, so I'm going to have to close this one up.

thanks for understanding,

v
 

https://forums.techguy.org/threads/weird-wifi-activity.1158866/