Windows Support Forum

Friend needs to upgrade GPU

Q: Friend needs to upgrade GPU

A friend of mine can't run Skyrim on minimum settings, but doesn't have a lot of income right now. (low hours)
Unfortunately, I'm not sure she'll be able to support an updated GPU.

Her motherboard is a Pegatron Benecia with a Core 2 Quad Q8300 and an GeForce 7600 GS.

Before jumping to a new card, I was wondering if this motherboard would support one, or if she'd need to update the motherboard, and CPU with the GPU.

Sorry if this is the wrong spot to post, and thanks for any help!

Relevancy 100%
Preferred Solution: Friend needs to upgrade GPU

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Friend needs to upgrade GPU

http://www.findlaptopdriver.com/pegatron-corporation-1-01-benicia-motherboard-specs/

I would say yes it will support any PCIe x16 graphics card. Just make sure the power supply is large enough to support your purchase. I personally wouldn't spend over $150, on a graphics card for a Intel Core2 (LGA775) machine.

Fortunately I think the Core2 8300 still has a little life left. Especially for those that are on a tight budget.

Here is a site that will help you compare graphics cards if you need it. As you can see the GT 640 would be a worthy upgrade.
http://www.hwcompare.com/12973/geforce-8600-gt-512mb-ddr2-vs-geforce-gt-640-ddr3/

http://www.tomshardware.com/reviews/geforce-gt-640-review,3214-4.html

http://www.techspot.com/community/topics/friend-needs-to-upgrade-gpu.206829/
Relevancy 50.74%

hey all, so my friend bought himself a custom built computer around 4 years ago, and back then it was like a supercomputer (i7 860, HD5800, etc.) but now he wants to upgrade, and he asked me to help him.
His budget is $1500 but he'd like to spend as little as possible.
I have already recommended a new CPU, Motherboard, RAM, and optionally a case.
parts I recommended:

CPU: intel i5 3570K ($239)
CPU watercooling: Corsair H100 ($149)
Fans: Noctua 120mm 1300RPM P-fan ($25) (for the corsair H100)
Motherboard: ASUS P8Z77-V LK ($169)
RAM: Corsair Vengeance CMZ8GX3M2A1600C9 8GB (2x4GB) ($65)
Case (optional but recommended): Corsair Obsidian 650D ($203)

TOTAL (without case): $627
TOTAL (with case): $875

He is getting a GTX 680 or a 670 in a few months, so thats why its not on the list right now.

would appreciate anybody's opinion.
 

A:Crazy upgrade for a friend. Opinions?

Depends what your friend is doing but if it's just gaming then the 3570K won't be a significant upgrade over an overclocked i7 860. I'd definitely recommend getting the GTX 670/680 first. But if your friend is running CPU intensive tasks (video encoding) then the 3570K will be a nice upgrade.

What case and PSU does he have currently?
 

http://www.techspot.com/community/topics/crazy-upgrade-for-a-friend-opinions.183241/
Relevancy 50.74%

Hello I have a friend who needs a PSU upgrade because he has a w and he doesn't have enough watts to upgrade his computer to a powerful LGA gaming computer He wants to upgrade his CPU because Power Supply upgrade for friend my his CPU is less powerful than the G and install a new GPU which I found him a GTX TI by GIGABYTE so he can improve graphics in gaming I found him the Intel Core i - which is good for gaming because that is a cheaper i CPU in the Ivy Bridge family and a GTX Ti since I couldn't find any low profile GPUs that are newer than the Ti He needs like a w PSU that will fit in his computer and I tried finding one that will fit but people are complaning about compatibility issues with the size of the PSU based off of reviews and comments in reviews Is there any better CPU that can play games for his computer when he has Ws in his computer than the i - or is there any power supply with greater watts than the ones that I found on Amazon Please let me know if you found a compatible power supply that will actually fit in his computer nbsp Thanks-Brian

http://h30434.www3.hp.com/t5/Desktop-Hardware-and-Upgrade-Questions/Power-Supply-upgrade-for-my-friend/td-p/5830104
Relevancy 50.74%

A friend of mine an older man just wants a simple computer to use and was given a very old gateway computer. It has windows 98 installed on it. It only has 98mb of ram, and not sure about what CPU is installed havent had much time to check it out except its an intel pentium 2.

What Im wondering if its worth getting a wireless network usb card for internet and upgrade the ram to lets say 512mb will I be able to install windows xp and run programs such as office?

THe computer is a Gateway 2000 GW2K-HAMPTON LP MINI-TOWER E143540 __________________

A:Computer upgrade for friend (simple)

I honestly think you'd be much better off finding something basic on craigslist or maybe an old PC someone is getting rid of. There are much more modern machines available for $100 or less on craigslist.

http://www.techsupportforum.com/forums/f10/computer-upgrade-for-friend-simple-602582.html
Relevancy 50.31%

Well my friend has been wanting to play a game with us for a while but she can not play it since her current video card's shader models are 1.0 and the game she wants to play is 2.0. I believe she has an agp slot, not sure if its 4x or 8x. I was looking on Newegg for a card but couldn't really decide what to get her. She usually plays Maplestory, Gunz or League of Legends. What would be the best mid-range card I could get in terms of balanced performance and price?
Thanks!
 

A:Wanting to upgrade friend's video hardware

i would get her one of these.

SPARKLE GeForce 6200 for $39.99
or
VisionTek Radeon HD 3450 for $64.99
or
HIS Radeon HD 4350 for $74.99.

Of course theRadeon HD 3450 and Radeon HD 4350 are way faster than the GeForce 6200.
 

http://www.techspot.com/community/topics/wanting-to-upgrade-friends-video-hardware.171887/
Relevancy 49.88%

My friend illegally upgraded me to windows 7 ultimate as a prank, he said its "funny".
My laptop came with Windows 7 Home Premium 64 bit preinstalled and I do not have an install disc for this reason, but I do have the product key which I found on a sticker under neath my laptop battery. Any help on how to revert to Home Premium 64 bit will be greatly appreciated, thanks!

A:My dumb friend thought it would be funny to illegally upgrade me.

Most OEM computers have a recovery partition that should do the trick. Unfortunately this will return the computer to the exact state it was in when you purchased it. Meaning that ALL changes you have made will have to be done over again. Naturally, I recommend backing up any files you want to keep. You might want to make a list of all the programs you currently have installed so that you can easily remember what you have to reinstall.

http://www.sevenforums.com/installation-setup/206196-my-dumb-friend-thought-would-funny-illegally-upgrade-me.html
Relevancy 45.58%

Gettin tons of pop ups and have seen this before but I m unsure how to read the HiJack This file Any help Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS Friend HiJacked! Pop Friend, Black Worm, Adult etc. Up system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system HPConfig exe C Program Files HPQ Notebook Utilities HPWirelessMgr exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS system carpserv exe C Program Files Pop Up HiJacked! Adult Friend Friend, Black Worm, etc. Synaptics SynTP SynTPLpr exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS system spool drivers w x hpztsb exe C Program Files QuickTime qttask exe C Program Files iTunes iTunesHelper exe C Program Files Citrix ICA Client pnagent exe C WINDOWS System svchost exe C Program Files iPod bin iPodService exe C Program Files Internet Explorer iexplore exe C WINDOWS system wscntfy exe C Program Files Adobe Adobe Acrobat Acrobat Acrobat exe C PROGRA MICROS Office Pop Up HiJacked! Adult Friend Friend, Black Worm, etc. OUTLOOK EXE C Documents and Settings BECK Desktop Spyware HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www charter net R - HKLM Software Microsoft Internet Explorer Main Default Page URL http rd yahoo com customize sbcydsl defaults http Pop Up HiJacked! Adult Friend Friend, Black Worm, etc. yahoo sbc com dsl R - HKLM Software Microsoft Internet Explorer Main Default Search URL http rd yahoo com customize sbcydsl defaults su http www yahoo com R - HKCU Software Microsoft Internet Explorer SearchURL Default http search yahoo com search p s R - URLSearchHook B AB F-D C- B-A F -F CEAC - - no file O - BHO InfoDocReader Object - BA - - D -B DD- BDC - C WINDOWS system vtsro dll O - BHO Google Web Accelerator Helper - A B D-DE - - - BA C C - C Program Files Google Web Accelerator GoogleWebAccToolbar dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar Google Web Accelerator - DB BFA -A E - E- E A-C D CBF - C Program Files Google Web Accelerator GoogleWebAccToolbar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run srmclean C Cpqs Scom srmclean exe O - HKLM Run CARPService carpserv exe O - HKLM Run SynTPLpr C Program Files Synaptics SynTP SynTPLpr exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run HPDJ Taskbar Utility C WINDOWS system spool drivers w x hpztsb exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run MSConfig C WINDOWS PCHealth HelpCtr Binaries MSConfig exe auto O - Global Startup Program Neighborhood Agent lnk C Program Files Citrix ICA Client pnagent exe O - Extra context menu item amp Google Search - res c program files google GoogleToolbar dll cmsearch html O - Extra context menu item amp Translate English Word - res c program files google GoogleToolbar dll cmwordtrans html O - Extra context menu item Backward Links - res c program files google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res c program files google GoogleToolbar dll cmcache html O - Extra context menu item Similar Pages - res c program files google GoogleToolbar dll cmsimilar html O - Extra context menu item Translate Page into English - res c program files google Goog... Read more

Relevancy 43%

A friend ROM having friend's friend A problems with of his CD Drive a of mine sent me an Email RE a problem with a CDROM he s got in someone elses PC here that Email Hi Jay I m working on a friends OLD PC and he wants me to do a fresh install of A friend of a friend's having problems with his CD ROM Drive XP Problem is that his CD-ROM will not boot on start-up I have changed BIOS to boot the CDROM first No good Changed to a new CDROM drive wont boot from a the CDROM I can start Win and then run XP legit copy setup from there but it A friend of a friend's having problems with his CD ROM Drive will only allow me to do a fresh install but will not allow me to remove the previous Win partition The only way to install XP is to install it on the same partition as Win partition is NTFS BTW Just installed a new GB HDD only way I was able to install any OS onto this HDD was to run the boot disk and install SE first I tried to install XP directly from the Drompt using the command quot setup quot but I get quot cannot run in DOS mode quot Please help I am stumped as to what to do to fix this problem I have installed Windows O S on several machines and this is the first one I have had this cdrom problem I have probably confused you by now so please email me and hopefully we can figure out a solution together Thanks in advance for you help I asked him if it worked when he got on to XP and if Device manager said it was working his reply Hi Jaime First thanks for helping with my problem Yes the CDROM is not able to function when the PC is turned on the tray will not auto-close and even if I close tray manually I will get one flash from the CDROM activity light and then nothing But I am able to get it to run after Windows has booted Once I am up and running XP I can do anything I wish with the CDROM drive Remember this is an old IBM Aptiva desktop Thanks for any help you can send my way Cheers Larry nbsp

A:A friend of a friend's having problems with his CD ROM Drive

theres an update

Reset BIOS to default which is Floppy,HDD,CDROM. If I try to change the boot order to CDROM first, all entries change to "not installed" I can set HDD to first boot but I cannot set floppy or CD to boot sequence. It is like I have no other drives installed I have to default BIOS again to re-set boot order to the above factory settings of Floppy.HDD then CDROM.
Did not try another IDE cable. Dont have an extra one and this is not my PC. I am working on it for a friend.
Really frustrating not being able to boot from CDROM. Cannot do a fresh install of XP or even boot a CD of Linux Ubuntu or Mandriva. Have only been able to install Windows 98se which only uses FAT32 and will only recognize 8GB of my HDD space If I try to install 2000 or XP it will not allow me to delete that partition and install 2000 or XP onto the 8GB partition leaving the rest of the HDD unused. If I could boot from CDROM I should be able to format and partition entire HDD to NTFS. Then I could continue the install and all would be fine.
Note: I have NEVER had this much problem before and I have installed 98se,2000, XP , Vista,and several Linux distros on quite a few systems in the past.
Any other workarounds or suggestions?
Thanks for all your help
 

http://www.techspot.com/community/topics/a-friend-of-a-friends-having-problems-with-his-cd-rom-drive.103804/
Relevancy 39.99%

my fiancee's stepdad's computer may have a hijack a a great friend for of would little a help be friend on it i am not sure usually hijacks will take you to a specific a little help for a friend of a friend would be great site but when he clicks on a link or at times types in an address it will take him to a completely a little help for a friend of a friend would be great different page and most the time its stuff in his favorites i just find this really odd as this dont a little help for a friend of a friend would be great sound like normal hijack behavior anyways heres the log and a little help would be great thank you in advance for your excellent aid in fixing my gf's pop's computer Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Zone Labs ZoneAlarm zlclient exe C Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exe C WINDOWS system ZoneLabs isafe exe C Program Files Adobe Photoshop Elements PhotoshopElementsDeviceConnect exe C WINDOWS system ZoneLabs vsmon exe C Program Files Internet Explorer iexplore exe C WINDOWS system svchost exe C WINDOWS system wscntfy exe C PROGRA ZONELA ZONEAL MAILFR mantispm exe C WINDOWS system wuauclt exe C WINDOWS system lxbscoms exe C WINDOWS system wpabaln exe C DOCUME RANDYB LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yadtel net yadtel shtml O - HKLM Run Zone Labs Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - Global Startup Adobe Gamma Loader lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Service Adobe Active File Monitor AdobeActiveFileMonitor - Unknown owner - C Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exe O - Service CA ISafe CAISafe - Computer Associates International Inc - C WINDOWS system ZoneLabs isafe exe O - Service lxbs device - Lexmark International Inc - C WINDOWS system lxbscoms exe O - Service Photoshop Elements Device Connect PhotoshopElementsDeviceConnect - Unknown owner - C Program Files Adobe Photoshop Elements PhotoshopElementsDeviceConnect exe O - Service TrueVector Internet Monitor vsmon - Zone Labs Inc - C WINDOWS system ZoneLabs vsmon exe

A:a little help for a friend of a friend would be great

i forgot to mention he's redone his computer a couple times and its still happening. any info would be great

http://www.techsupportforum.com/forums/f284/a-little-help-for-a-friend-of-a-friend-would-be-great-95932.html
Relevancy 32.25%

Ok today i go to turn my ltoshiba aptop on and it makes this wierd clicking noise and laser type sound Im like so i restaryt it and it does the same thing I took out the battery and put it back in does the same thing I tried to go into safe mode Friend help... needs n all those things Friend needs help... does the same thing sometimes on the black screen it tells me that the file C windows system ntoskrnl exe is missing or damaged or suttin and it says to re install the file How can I fix this without getting on to the desktop technically and not having a setup XP disk that came with it I got the display model at office depot a few weeks ago and i got no disk But i dont have time to go way over there to argue with them I need to fix this NOW I cant explain the situation but I really need the laptop fixed ASAP if you help me out ill give mad pts but no bogus answers here ppl dont say like 'call the toshiba place' cuz i tried it and its not really a lot of help to me

A:Friend needs help...

You sure there isn't a recovery partition on the hard drive? What model Toshiba do you have?

http://www.techsupportforum.com/forums/f10/friend-needs-help-96047.html
Relevancy 32.25%

My friend's computer was running just fine and fast when a message about a trojan popped up He thought his best option was to reformat his comp which is what he did However after doing so his comp ended up running a lot Needs Friend Help slower Anyways I sent him Friend Needs Help HiJackThis Friend Needs Help and this is his log Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS system pctspk exe C WINDOWS Explorer EXE C Program Files Internet Explorer IEXPLORE EXE C WINDOWS System dllhost exe C WINDOWS System msdtc exe C Program Files AIM aim exe C Program Files AIM aolsoftware exe C Program Files iTunesSetup exe c program files aim anotify exe C WINDOWS System msiexec exe C WINDOWS System msiexec exe C WINDOWS System MsiExec exe C WINDOWS System rundll exe C DOCUME Devin LOCALS Temp IXP TMP iTunesSetupAdmin exe C WINDOWS System MsiExec exe C WINDOWS SEMBLY nopdb exe c windows system dwdsregt exe C WINDOWS System qwinlodv exe C WINDOWS System wbem wmiapsrv exe C Documents and Settings Devin Application Data dobe rvices exe C WINDOWS System SBO SB exe C WINDOWS system smpi lb exe C DOCUME Devin LOCALS Temp GLB C tmp C WINDOWS retadpu exe C Program Files Web Buying v webbuying exe C Documents and Settings Devin Desktop HijackThis exe O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar UCmore XP - The Search Accelerator - BE - - f - BB- FFD E - C Program Files TheSearchAccelerator UCMTSAIE dll O - HKLM Run setup rundll exe quot C WINDOWS System duvpkltn dll quot realset O - HKLM Run AB-B - - -ZN c windows system dwdsregt exe CHD O - HKLM Run runner C WINDOWS retadpu exe A B BBF B FF F B E B F AA EBD D C B F O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - HKCU Run Aim quot C Program Files AIM aim exe quot d locale en-US ee aol imApp O - HKCU Run Traa quot C WINDOWS SEMBLY nopdb exe quot -vt yazb O - HKCU Run Tqc quot C Documents and Settings Devin Application Data dobe rvices exe quot O - HKCU Run WebBuying C Program Files Web Buying v webbuying exe O - Startup TA Start lnk C Documents and Settings Devin Local Settings Temp TICHD exe O - Extra button Related - c fe - f d- d -a b- aa c a - C WINDOWS web related htm O - Extra 'Tools' menuitem Show amp Related Links - c fe - f d- d -a b- aa c a - C WINDOWS web related htm O - Service PCTEL Speaker Phone Pctspk - PCtel Inc - C WINDOWS system pctspk exe

A:Friend Needs Help

Welcome to the BleepingComputer HijackThis Logs and Analysis forum Sparda You're friend is extremely badly infected due to the fact that he/she has no virus protection or a firewall installed.Download\install one of the following freeware options from the choice below.Once installed update its definitions and then run a full system virus scan.AVG7 Free Edition Antivirus:http://free.grisoft.com/softw/70free/setup...ree_446a965.exeAvast! 4 Home Edition: http://files.avast.com/iavs4pro/setupeng.exeActive Virus Shield There's a nice setup tutorial Here:http://www.activevirusshield.com/antivirus/freeav/*************************Download\install one of the following freeware firewall options from the choice below.Sygate Personal Firewall Free Edition:http://www.filehippo.com/download_sygate_personal_firewall/Zone Alarm Free:http://download.zonelabs.com/bin/free/1001..._737_000_en.exeComodo Personal Firewall:http://www.personalfirewall.comodo.com/Once you've finished,restart your pc and post a new Hijackthis log please.

http://www.bleepingcomputer.com/forums/t/92797/friend-needs-help/
Relevancy 32.25%

You guys really helped me out weeks ago and LOG friend HJT for my since then ive been working wonderfully Now its my friend's computer that wont go online andf reezes every seconds Its a shame and his log looks bad He sent me a copy of his log Please help ThanksLogfile of HijackThis v Scan HJT LOG for my friend saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Common Files Symantec HJT LOG for my friend Shared ccEvtMgr exeC WINDOWS system spoolsv exeC PROGRA HJT LOG for my friend COMMON AOL ACS acsd exeC WINDOWS System Ati evxx exeC WINDOWS system cisvc exeC WINDOWS System CTSvcCDA EXEC Program Files Norton SystemWorks Norton AntiVirus navapsvc exeC Program Files Norton SystemWorks Norton Utilities NPROTECT EXEC PROGRA NORTON SPEEDD nopdb exeC WINDOWS SYSTEM ZoneLabs vsmon exeC WINDOWS wanmpsvc exeC WINDOWS System MsPMSPSv exeC WINDOWS Explorer EXEC Program Files Common Files Microsoft Shared Works Shared WkUFind exeC WINDOWS System DSentry exeC Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exeC Program Files Roxio Easy CD Creator DirectCD DirectCD exeC Program Files Common Files Dell EUSW Support exeC Program Files DownloadWare dw exeC PROGRA Save Save exeC Program Files Common Files Symantec Shared ccApp exeC WINDOWS System P P Networking P P Networking exeC Program Files ISTsvc istsvc exeC Program Files Internet Optimizer optimize exeC Program Files Bargain Buddy bin bargains exeC Program Files Media Media UpdateStats exeC WINDOWS System IEDriver IEDriver exeC WINDOWS System dafrgfat exeC WINDOWS System rundll exeC WINDOWS uptodate exeC Program Files Common files updater wupdater exeC Program Files Common Files Dpi dpi exeC WINDOWS System wjview exeC PROGRA AIM AIMWDI EXEC WINDOWS system pcs pcsvc exeC Program Files Viewpoint Viewpoint Manager ViewMgr exeC WINDOWS System rundll exeC Program Files HomelandNetwork HomelandNetwork exeC Program Files iTunes iTunesHelper exeC Program Files QuickTime qttask exeC Program Files AIM aim exeC Program Files iPod bin iPodService exeC Program Files America Online aoltray exeC Program Files Digital Line Detect DLG exeC Program Files Common Files Microsoft Shared Works Shared wkcalrem exeC WINDOWS System Doz U exeC WINDOWS System Vre S exeC WINDOWS system cidaemon exeC WINDOWS system cidaemon exeC Program Files Internet Explorer iexplore exeC PROGRA RECOMM v rh exeC Program Files America Online aol exeC Program Files America Online waol exeC Documents and Settings P Diamond Local Settings Temp Temporary Directory for hijackthis zip HijackThis exeC Program Files EbatesMoeMoneyMaker EbatesMoeMoneyMaker exeC Program Files Messenger msmsgs exeR - HKCU Software Microsoft Internet Explorer Search http in webcounter cc -- ydtfs obfuscated R - HKCU Software Microsoft Internet Explorer SearchURL http in webcounter cc -- ydtfs obfuscated R - HKLM Software Microsoft Internet Explorer Search http in webcounter cc -- ydtfs obfuscated R - HKCU Software Microsoft Internet Explorer Main Default Page URL http in webcounter cc - ydtfs obfuscated R - HKCU Software Microsoft Internet Explorer Main Default Search URL http in webcounter cc -- ydtfs obfuscated R - HKCU Software Microsoft Internet Explorer Main Search Bar file C DOCUME PF A DIA LOCALS Temp sp htmlR - HKCU Software Microsoft Internet Explorer Main Search Page file C DOCUME PF A DIA LOCALS Temp sp htmlR - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dellnet comR - HKLM Software Microsoft Internet Explorer Main Default Search URL http search media-search net nph-search ok stmpl find R - HKLM Software Microsoft Internet Explorer Main Search Bar file C DOCUME PF A DIA LOCALS Temp sp htmlR - HKLM Software Microsoft Internet Explorer Main Search Page file C DOCUME PF A DIA LOCALS Temp sp htmlR - HKCU S... Read more

A:HJT LOG for my friend

Hi speedy0587This log sure is a mess,,,,Need you to do a number of things, In fact might be better to have him register at the site as we will need him to post back logs a number of times,He can get started with the following,FirstYou have a Peper TrojanGo here and run the The Removal Tool. You must be connected to the internet for it to work.Close all open windows then run it. It will run in a flash so don't think it hasn't worked!RebootNext,First download this LSPFix unzip it to your Desktop, Don't do anything with it.If you can not connect to the Internet after removing New.net, Please run the LSP-Fix program I had you download earlier, and click on the finish button. Reboot and you should be able to get back on.Next,Click here New.Net removal tool. Run the tool and reboot,Next,Download the Hoster from Here . Press "Restore Original Hosts" and press "OK". Exit Program. This will restore the original Hosts file.Download CWShredder from the below link and unzip it into a directory. Start CWShredder and click on the FIx button to have it remove all CWS infections it finds.Download CWShredder from one of the following sites:CWShredder Download SiteAfter you download the program, unzip it into a directory. Make sure all browser windows are closed and double click on the cwshredder.exe to start the program. When the program is loaded click on the "Check for Update" button, and if it finds an new version it will download it. You should then double click on cwshredder.exe again and click on the "FIX" button (not the "Scan only" button) and let it scan your computer.To get the best results it is recommended that you run it in safe mode. Reboot windows and press F8 at boot/windows startup, usually right after the beep. Then select safe mode.A tutorial that goes over this process step by step can be found here:How to remove CoolWebSearch with CWShredderOnce that is completed you should follow these steps in order to clean your computer of Malware which can include Viruses, Trojans, Worms, Spyware, Hijackers and DialersStep 1:Download Spybot and Adaware from the following locations and install them. You should run both programs and clean up what it finds. This is to gaurantee that you find the most malware you can installed on your computer.Before running the scans on both programs, it is mandatory that you update the programs. There are update options in each program when you run them.SpybotAd-awareIf you would like to learn more about how to use these two programs with the proper settings you can read the tutorials below:Using Ad-aware to remove Spyware & Hijackers from Your Computer. Using Spybot - Search & Destroy to remove Spyware from Your Computer. Post back a fresh log after you have completed the above please

http://www.bleepingcomputer.com/forums/t/10637/hjt-log-for-my-friend/
Relevancy 32.25%

So my friends call me to help them with their computer I'm a designer But I've had computer problems in the My Help Friend... Me Please Help past I ran a bunch of clean up apps and now am at this point Here is a copy of their log Please can someone take a look for me and help me get their system cleaned Thanks Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exeC Program Files Windows Defender MsMpEng exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC Program Files Analog Devices SoundMAX SMAgent exeC WINDOWS system svchost exeC WINDOWS system Ati evxx exeC WINDOWS Explorer EXEC WINDOWS system wscntfy exeC Program Files QualityCodec isamonitor exeC Program Files Apoint K Apoint exeC WINDOWS AGRSMMSG exeC Program Files ATI Technologies ATI Control Panel atiptaxx exeC Program Files Java jre bin jusched exeC Program Files Apoint K Apntex exeC Program Files HP hpcoretech hpcmpmgr exeC WINDOWS system hphmon exeC Program Files HPQ Quick Launch Buttons EabServr exeC Program Files QualityCodec isamini exeC Program Files HP HP Software Update HPWuSchd exeC Program Files Viewpoint Viewpoint Manager ViewMgr exeC WINDOWS system wuauclt exeC Program Files iTunes iTunesHelper exeC Program Files Windows Defender MSASCui exeC Program Files iPod bin iPodService exeC Program Files Kodak KODAK Software Updater Program Kodak Software Updater exeC WINDOWS system ctfmon exeC Program Files VirusBursters virusbursters exeC Program Files HijackThis HijackThis exeR - HKLM Software Please Help Me Help My Friend... Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no name - c -ebe - f d-b -edd aa b dd - C Program Files QualityCodec isaddon dllO - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - Toolbar Protection Bar - a a a-b c - a -bedf- fadde cf f - C Program Files QualityCodec iesplugin dllO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run Apoint C Program Files Apoint K Apoint exeO - HKLM Run AGRSMMSG AGRSMMSG exeO - HKLM Run ATIModeChange Ati mdxx exeO - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exeO - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exeO - HKLM Run UpdateManager quot C Program Files Common Files Sonic Update Manager sgtray exe quot rO - HKLM Run HP Component Manager quot C Program Files HP hpcoretech hpcmpmgr exe quot O - HKLM Run DXDllRegExe dxdllreg exeO - HKLM Run HPHUPD c Program Files HP B B-DCAB- - EE - F hphupd exeO - HKLM Run HPHmon C WINDOWS system hphmon exeO - HKLM Run eabconfg cpl C Program Files HPQ Quick Launch Buttons EabServr exe StartO - HKLM Run HP Software Update C Program Files HP HP Software Update HPWuSchd exeO - HKLM Run ViewMgr C Program Files Viewpoint Viewpoint Manager ViewMgr exeO - HKLM Run Adobe Photo Downloader quot C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe quot O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottimeO - HKLM Run Windows Defender q... Read more

A:Please Help Me Help My Friend...

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.Please download SmitfraudFix (by S!Ri)Extract the content (a folder named SmitfraudFix) to your Desktop.Next, please reboot your computer in Safe Mode by doing the following :Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;Instead of Windows loading as normal, a menu with options should appear;Select the first option, to run Windows in Safe Mode, then press "Enter".Choose your usual account.Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmdSelect option #2 - Clean by typing 2 and press "Enter" to delete infected files.You will be prompted: "Registry cleaning - Do you want to clean the registry?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply along with a new hijack log.The report can also be found at the root of the system drive, usually at C:\rapport.txtWarning: running option #2 on a non infected computer will remove your Desktop background.

http://www.bleepingcomputer.com/forums/t/71789/please-help-me-help-my-friend/
Relevancy 32.25%

My friend is having serious trouble with his computer and I got him to send me a hijack this log I can already tell he has alot to fix Logfile of HijackThis v Scan saved at PM friend my help plz out on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS system userinit exe C WINDOWS Explorer EXE C Documents and Settings Owner Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer SearchURL http searchmiracle com sp php R - HKCU Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKCU Software Microsoft Internet help my friend out plz Explorer Main Search Bar http www websearch com ie aspx tb id R - help my friend out plz HKCU Software Microsoft Internet Explorer Main Search Page http searchmiracle com sp php R - HKCU help my friend out plz Software Microsoft Internet Explorer Main Start Page http msn com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main SearchAssistant http www websearch com ie aspx tb id R - HKLM Software Microsoft Internet Explorer Main CustomizeSearch res C PROGRA Toolbar toolbar dll sa R - HKLM Software Microsoft Internet Explorer Main Search Bar http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Page http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Start Page http us hpwis com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www websearch com ie aspx tb id R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch res C PROGRA Toolbar toolbar dll sa R - URLSearchHook no name - CA E FA- AFD- C -A DC- EB BE F - C Program Files SurfSideKick SskBho dll O - BHO amp EliteBar - CAEFF - F - -B - D BD ABC - C WINDOWS EliteToolBar EliteToolBar version dll O - BHO no name - - C- B - - D FEC A - C PROGRA COMMON WinTools WToolsB dll O - BHO amp EliteSideBar - ED D F- - -AB E-E C C AE - C WINDOWS EliteSideBar EliteSideBar dll O - Toolbar amp EliteBar - CF BD- - -B - C C CA DEF - C WINDOWS EliteToolBar EliteToolBar version dll O - HKLM Run hpsysdrv c windows system hpsysdrv exe O - HKLM Run KBD C HP KBD KBD EXE O - HKLM Run DDCM quot C Program Files WildTangent DDC DDCManager DDCMan exe quot -Background O - HKLM Run DDCActiveMenu quot C Program Files WildTangent DDC ActiveMenu DDCActiveMenu exe quot -boot O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run NvCplDaemon RUNDLL EXE NvQTwk NvCplDaemon initialize O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run S TRAY S tray exe O - HKLM Run PS C WINDOWS system ps exe O - HKLM Run VirusScan Online quot c PROGRA mcafee com vso mcvsshld exe quot O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe files mcafee com agent mcagent exe O - HKLM Run MCUpdateExe C PROGRA mcafee com agent McUpdate exe O - HKLM Run Zero Knowledge Freedom C Program Files Zero Knowledge Freedom AutoStarterR exe O - HKLM Run HPDJ Taskbar Utility C WINDOWS System spool drivers w x hpztsb exe O - HKLM Run VSOCheckTask quot c PROGRA mcafee com vso mcmnhdlr exe quot checktask O - HKLM Run Service Drivers msnpg exe O - HKLM Run etbrun C windows system eliteabh exe O - HKLM Run BullsEye Network C Program Files BullsEye Network bin bargains exe O - HKLM Run WinTools C PROGRA COMMON WinTools WToolsA exe O - HKLM Run SurfSideKick C Program Files SurfSideKick Ssk exe O - HKLM Run TBPS C PROGRA Toolbar TBPS exe O - HKLM Run gah on C WINDOWS System gah on exe O - HKLM Run Windows Service Drivers mswin exe O - HKLM Run AVGCtrl quot C Pr... Read more

Relevancy 32.25%

Hello my friend wanted me to check his log but I'm not so experienced with that So I thought you guys could give me a hand Thanks Logfile of HijackThis v Scan saved at on Hjt Log... Friend's Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS Friend's Hjt Log... System svchost exeC Program Files Common Files Symantec Friend's Hjt Log... Shared ccSetMgr exeC Program Files Common Files Symantec Shared ccEvtMgr exeC WINDOWS Explorer EXEC Program Files Common Files Symantec Shared ccProxy exeC Program Files Symantec Client Security Symantec Friend's Hjt Log... Client Firewall ISSVC exeC WINDOWS system spoolsv exeC Program Files Symantec LiveUpdate ALUSchedulerSvc exeC Program Files Symantec Client Security Symantec AntiVirus DefWatch exeC Program Files Diskeeper Corporation Diskeeper DkService exeC WINDOWS system nvsvc exeC Program Files Alcohol Soft Alcohol StarWind StarWindService exeC WINDOWS system svchost exeC Program Files Symantec Client Security Symantec AntiVirus Rtvscan exeC Program Files Symantec Client Security Symantec Client Firewall SymSPort exeC Program Files Common Files Symantec Shared SNDSrvc exeC Program Files MessengerPlus MsgPlus exeC WINDOWS system taskswitch exeC Program Files Logitech MouseWare system em exec exeC Program Files Common Files Symantec Shared ccApp exeC PROGRA SYMANT SYMANT VPTray exeC WINDOWS SOUNDMAN EXEC WINDOWS system ctfmon exeC Program Files MSN Messenger msnmsgr exeC Program Files ICQ Icq exeC WINDOWS system LVComsX exeC Program Files Winamp winamp exeC PROGRA MOZILL FIREFOX EXEC DOCUME ran LOCALS Temp Rar EX HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL about blankR - HKLM Software Microsoft Internet Explorer Main Default Page URL about blankR - HKLM Software Microsoft Internet Explorer Main Start Page http securityresponse symantec com avcenter fix homepage R - HKCU Software Microsoft Internet Explorer Main Local Page about blankR - HKLM Software Microsoft Internet Explorer Main Local Page about blankR - HKCU Software Microsoft Internet Explorer Main Window Title Aivas OwnzO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO IeCatch Class - A -E CA- D - CD - D B - C PROGRA FlashGet jccatch dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - BHO Trixie Bho - B - E - - ED - BC CE CCD - mscoree dll file missing O - Toolbar FlashGet Bar - E E AB-F - D - D - BA E - C PROGRA FlashGet fgiebar dllO - Toolbar no name - D F - C - A - E - AF F - no file O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run Logitech Utility Logi MwX ExeO - HKLM Run MessengerPlus quot C Program Files MessengerPlus MsgPlus exe quot O - HKLM Run CoolSwitch C WINDOWS system taskswitch exeO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartupO - HKLM Run nwiz nwiz exe installO - HKLM Run KernelFaultCheck systemroot system dumprep -kO - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInitO - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run vptray C PROGRA SYMANT SYMANT VPTray exeO - HKLM Run SoundMan SOUNDMAN EXEO - HKLM Run NeroFilterCheck C Program Files Common Files Ahead Lib NeroCheck exeO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Software Policies Microsoft Internet Explorer Control Panel presentO - Extra context menu item amp Google Search - res c program files google GoogleToolbar dll cmsearch htmlO - Extra context menu item amp Translate English Word - res c program files goo... Read more

A:Friend's Hjt Log...

Hello and welcome to the forum. Sorry for the wait, volunteers are extremely outnumbered by the logs. If you still need help and are not receiving it elsewhere, do this.1) You are running HJT from a TEMP folder and that is not safe as we will not have backups if needed. Move it here: I prefer it here: C:\HJT\HijackThis.exe. If you need more instructions use these: http://russelltexas.com/malware/createhjtfolder.htm2) I see a little clutter we can remove but not much else, if your friend has a malware problem please descript it and include any error messages being received "word for word".3) Post a new HJT log positioned properly with this information and I will respond as soon as possible after you post.Thanks...pskelleyBleepingComputer

http://www.bleepingcomputer.com/forums/t/51033/friends-hjt-log/
Relevancy 32.25%

Hi for Log- friend a Another Need help with this log file have a friend who is challenged by a bunch of stuff Another Log- for a friend running on his PC he cannot even identify I find the whole lot baffling But I've used HijackThis before and you guys Another Log- for a friend were a big help Log is pasted below Cheers Logfile of Trend Micro HijackThis v BETA Scan saved at PM on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services Another Log- for a friend exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system netdde exe C Program Files Common Files AOL ACS AOLAcsd exe C Program Files Common Files AOL TopSpeed aoltsmon exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C WINDOWS system cisvc exe C WINDOWS system clipsrv exe C WINDOWS System dllhost exe C PROGRA COMMON McAfee EmProxy emproxy exe C WINDOWS System svchost exe C Program Files CA PPRT bin ITMRTSVC exe C WINDOWS System tcpsvcs exe C Program Files Common Files McAfee HackerWatch HWAPI exe C PROGRA McAfee MSC mcmscsvc exe c program files common files mcafee mna mcnasvc exe C PROGRA McAfee VIRUSS mcods exe C PROGRA McAfee MSC mcpromgr exe c PROGRA COMMON mcafee mcproxy mcproxy exe c PROGRA COMMON mcafee redirsvc redirsvc exe C PROGRA McAfee VIRUSS mcshield exe C PROGRA McAfee VIRUSS mcsysmon exe C Program Files McAfee MPF MPFSrv exe C PROGRA McAfee MPS mps exe C WINDOWS System snmp exe C WINDOWS System svchost exe C WINDOWS System dllhost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files MSN Messenger usnsvc exe C WINDOWS wanmpsvc exe C WINDOWS System MsPMSPSv exe C WINDOWS System wbem wmiapsrv exe C WINDOWS System dmadmin exe C WINDOWS system cidaemon exe C WINDOWS Explorer EXE C WINDOWS system ctfmon exe C Program Files Common Files AOL ee AOLSoftware exe C Program Files Java jre bin jusched exe C Updater exe C PROGRA Verizon SMARTB MotiveSB exe C Program Files Lexmark X Series lxbfbmgr exe C Program Files Verizon McciTrayApp exe C Program Files FinePixViewer QuickDCF exe C Program Files Lexmark X Series lxbfbmon exe c PROGRA mcafee com agent mcagent exe C Program Files McAfee MPS mpsevh exe C Program Files Common Files AOL ee aolsoftware exe c program files common files aol ee services antiSpywareApp ver AOLSP Scheduler exe c program files common files aol ee aolsoftware exe C WINDOWS system winlogon exe C Program Files Internet Explorer iexplore exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Program Files America Online a waol exe C Program Files America Online a shellmon exe C Documents and Settings TONY My Documents HiJackThis v exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http g msn com SEENUS SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Explorer Main Search Page http g msn com SEENUS SAOS FORM TOOLBR R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer SearchURL Default http g msn com SEENUS SAOS FORM TOOLBR R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - BHO no name - Cs B CA - A - D -A DF- BB - no file O - BHO no name - hCs BB-D F - C-B EB-D DAF D D - no file O - BHO no name - rsion - no file O - BHO amp Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Fil... Read more

A:Another Log- for a friend

Bumping- please help!
Uh, anyone?
Hello?

(Cue Crickets)

http://www.techsupportforum.com/forums/f284/another-log-for-a-friend-180338.html
Relevancy 32.25%

Hi, My friend is currently trying to find parts for a gaming computer so can anyone tell me a processor that is a Core 2 Duo that is really good on preformance for the money. Thanks In Advance =D
 

A:Help for a friend

http://www.tomshardware.com/2007/05/04/which_is_the_best_mainstream_cpu/
 

http://www.techspot.com/community/topics/help-for-a-friend.80346/
Relevancy 32.25%

hi as im new i did not know where to go... my friend dropped his laptop and SOME of his drivers have been corrupted from the hard drive. its only his wireless and some other ones which dont affect the computer. he has lost his vista install cd and has no recovery partition... what should he/me do??? i really want to help him cuz i am a nerd on pcs... just not for this... what to do...

Relevancy 32.25%

A friend got the dreaded blue screen, she didn't copy down any error message. Error log says, " The COM+ Event System detected an inconsistency in its internal state. The assertion "GetLastError() == 122L" failed at line 162 of d:\comxp_sp3\com\com1x\src\eve nts\shared\sectools.cpp. Please contact Microsoft Product Support Services to report this error. " I am fairly computer literate but I don't know anything about this. She did find some spyware which has been resolved but says she has made no changes. She is a casual user but follows directions well and can probably do whatever she needs to and we are able to use Remote Assistance. (she is in Canada, I am in Arizona) Can you tell me anything about this? Let me know what other information you need and I will get it from her. Thanks!
 

A:Trying to Help a Friend

Is she still getting this error or was it a one time thing?
 

https://forums.techguy.org/threads/trying-to-help-a-friend.905629/
Relevancy 32.25%

Hiya My mtes kids were on the pc and installed all sorts friend for Log another Anyway he s run Spybot AddAware and here s his log Logfile of HijackThis v Scan saved at on Platform Windows ME Win x MSIE Internet Explorer v SP Log for another friend Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM SSDPSRV EXE C WINDOWS SYSTEM ZONELABS VSMON EXE C PROGRAM FILES NET NANNY NNSVC EXE C PROGRAM FILES MCAFEE COM VSO MCVSRTE EXE C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS SYSTEM WMIEXE EXE C IBMTOOLS APTEZBTN APTEZBP EXE C PROGRAM FILES NET NANNY NNTRAY EXE C PROGRAM FILES INKLINE GLOBAL PC BOOSTER PCBOOSTER EXE C WINDOWS LOADQM EXE C PROGRAM FILES MCAFEE COM PERSONAL FIREWALL MPFTRAY EXE C PROGRAM FILES MCAFEE COM AGENT MCAGENT EXE C WINDOWS SYSTEM QTTASK EXE C WINDOWS SYSTEM MSTASK EXE C PROGRAM FILES MCAFEE COM VSO MCVSSHLD EXE C PROGRAM FILES MCAFEE COM VSO MCVSESCN EXE C PROGRAM FILES MCAFEE SPAMKILLER MSKSRVR EXE C WINDOWS SYSTEM DDHELP EXE C PROGRAM FILES MCAFEE SPAMKILLER MSKAGENT EXE C PROGRAM FILES ZONE LABS ZONEALARM ZONEALARM EXE C PROGRAM FILES MCAFEE COM PERSONAL FIREWALL MPFAGENT EXE C PROGRAM FILES SPYWAREGUARD SGMAIN EXE C PROGRAM FILES SPYWAREGUARD SGBHP EXE C WINDOWS WUAUCLT EXE C WINDOWS SYSTEM SPOOL EXE C PROGRAM FILES MCAFEE COM VSO MCMNHDLR EXE C PROGRAM FILES MCAFEE COM SHARED MGHTML EXE C WINDOWS SYSTEM STIMON EXE C PROGRAM FILES WINZIP WINZIP EXE C WINDOWS TEMP HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www blueyonder co uk R - HKCU Software Microsoft Internet Explorer Main Default Search URL http www blueyonder co uk R - HKCU Software Microsoft Internet Explorer Main Search Bar http www blueyonder co uk R - HKCU Software Microsoft Internet Explorer Main Search Page http www blueyonder co uk R - HKCU Software Microsoft Internet Explorer Main Start Page http www blueyonder co uk blueyonder index jsp R - Default URLSearchHook is missing O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - BHO CCHelper - CF B EE- - D -A E- BB E - C PROGRAM FILES PANICWARE POP-UP STOPPER CCHELPER DLL O - BHO SpywareGuard Download Protection - A E - F- - B - B DDD DB - C PROGRAM FILES SPYWAREGUARD DLPROTECT DLL O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - Toolbar msdxmLC dll email protected amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar Pa amp nicware Pop-Up Stopper - E C-F E- CB-AF F- ADD C FF - C PROGRAM FILES PANICWARE POP-UP STOPPER PSTOPPER DLL O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - C PROGRAM FILES MCAFEE COM VSO MCVSSHL DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run AEZBProc c ibmtools aptezbtn aptezbp exe O - HKLM Run NNTray C Program Files Net Nanny NNTray exe autorun O - HKLM Run PC Booster C Program Files inKline Global PC Booster pcbooster exe O - HKLM Run LoadQM loadqm exe O - HKLM Run MPFExe C PROGRA MCAFEE COM PERSON MPFTRAY EXE O - HKLM Run MSKExe c PROGRA MCAFEE SPAMKI spamkiller exe O - HKLM Run MCAgentExe C PROGRA MCAFEE COM AGENT mcagent exe O - HKLM Run MCUpdateExe C PROGRA MCAFEE COM AGENT MCUPDATE EXE O - HKLM Run QuickTime Task quot C WINDOWS SYSTEM QTTASK EXE quot -atboottime O - HKLM Run VSOCheckTask quot C PROGRA MCAFEE COM VSO MCMNHDLR EXE quot checktask O - HKLM Run VirusScan Online quot C PROGRA MCAFEE COM VSO mcvsshld exe quot O - HKLM Run MSKServerExe C Program Files McAfee SpamKiller MSKSrvr exe O - HKLM Run MSKAGENTEXE C PROGRA MCAFEE SPAMKI MSKAGENT EXE O - HKLM Run MSKDetectorExe C PROGRA MCAFEE SPAMKI MSKDETCT EXE startup O - HKLM Run DXDllRegExe C WINDOWS SYSTEM dxdllreg exe O - HKLM RunServices LoadPowerPr... Read more

A:Log for another friend

Hiya eddie!

Well there's this one little minor entry you can Fix:

R3 - Default URLSearchHook is missing

Then there's a bunch of 04 entries that I never seen before. Maybe you can check them out further:

O4 - HKLM\..\RunOnce: [%SP_SHORT_TITLE%] "C:\WINDOWS\INF\unregmp2.exe" /UpdateWMP
O4 - HKLM\..\RunOnce: [MPE0] rundll32.exe streamci,StreamingDeviceSetup {8E60217D-A2EE-47f8-B0C5-0F44C55F66DC},GLOBAL,{FD0A5AF4-B41D-11d2-9C95-00C04F7971E0},C:\WINDOWS\INF\mpe.inf,BDAcodec
O4 - HKLM\..\RunOnce: [STREAMIP0] rundll32.exe streamci,StreamingDeviceSetup {D84D449B-62FB-4ebb-B969-5183ED3DFB51},GLOBAL,{71985F4A-1CA1-11d3-9CC8-00C04F7971E0},C:\WINDOWS\INF\streamip.inf,BDAcodec
O4 - HKLM\..\RunOnce: [SLIP0] rundll32.exe streamci,StreamingDeviceSetup {03884CB6-E89A-4deb-B69E-8DC621686E6A},GLOBAL,{FD0A5AF4-B41D-11d2-9C95-00C04F7971E0},C:\WINDOWS\INF\slip.inf,VBIcodec
O4 - HKLM\..\RunOnce: [CCDECODE0] rundll32.exe streamci,StreamingDeviceSetup {562370a8-f8dd-11d2-bc64-00a0c95ec22e},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINDOWS\INF\CCDECODE.inf,CCDECODE.Interface.Install
O4 - HKLM\..\RunOnce: [NABTSFEC0] rundll32.exe streamci,StreamingDeviceSetup {07DAD662-22F1-11d1-A9F4-00C04FBBDE8F},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINDOWS\INF\NABTSFEC.inf,NABTSFEC.Interface.Install
O4 - HKLM\..\RunOnce: [WSTCODEC0] rundll32.exe streamci,StreamingDeviceSetup {70BC06E0-5666-11d3-A184-00105AEF9F33},GLOBAL,{07DAD660-22F1-11d1-A9F4-00C04FBBDE8F},C:\WINDOWS\INF\WSTCODEC.inf,WSTCODEC.Interface.Install
O4 - HKLM\..\RunOnce: [DXDLLREG_0] rundll32.exe C:\WINDOWS\SYSTEM\advpack.dll,LaunchINFSection C:\WINDOWS\inf\dxdllreg.inf,DXRenFiles,1,N
 

https://forums.techguy.org/threads/log-for-another-friend.319960/
Relevancy 32.25%

Thank you Logfile of Trend Micro HijackThis v Scan saved at Hjt Friend's Log PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot Friend's Hjt Log mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system csrss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS system svchost exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system spoolsv exeC WINDOWS eHome ehRecvr exeC WINDOWS eHome ehSched exeC Program Files Intel Intel Matrix Storage Manager Iaantmon exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC PROGRA TRENDM INTERN PcCtlCom exeC WINDOWS system svchost exeC PROGRA TRENDM INTERN Tmntsrv exeC PROGRA TRENDM INTERN TmPfw exeC PROGRA TRENDM INTERN tmproxy exeC WINDOWS system wdfmgr exeC WINDOWS ehome mcrdsvc exeC WINDOWS Explorer EXEC Program Files Canon CAL CALMAIN exeC WINDOWS ehome ehtray exeC WINDOWS stsystra exeC Program Files Dell Support DSAgnt exeC WINDOWS system dllhost exeC WINDOWS System alg exeC WINDOWS system ctfmon exeC Program Files Digital Line Detect DLG exeC WINDOWS system wscntfy exeC WINDOWS system wuauclt exeC Program Files Trend Micro Internet Security pccmain exeC WINDOWS system wuauclt exeC Program Files hijackthis HiJackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www myownstartpage net cm amp ww hotmail com R - HKLM Software Microsoft Internet Explorer Search Default Page URL www google com ig dell hl en amp client dell-usuk-rel amp channel us amp ibd R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by ComcastR - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO e helper - B B - B - - - C A D - C Program Files Helper dllO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no name - B C EC-D A - - C-DD F B - C WINDOWS system byxxvuv dllO - BHO e helper - C C - D - DC - BBE- A F - C Program Files Helper dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS System DLA DLASHX W DLLO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO no name - C A C CB-C EF- - -F CCA C - C Program Files NetProject sbmdl dll file missing O - BHO CBrowserHelperObject Object - CA C - B - E-A -A C DB F - C Program Files BAE BAE dllO - HKLM Run ehTray C WINDOWS ehome ehtray exeO - HKLM Run ISUSPM Startup C PROGRA COMMON INSTAL UPDATE ISUSPM exe -startupO - HKLM Run RealTray C Program Files Real RealPlayer RealPlay exe SYSTEMBOOTHIDEPLAYERO - HKLM Run SigmatelSysTrayApp stsystra exeO - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottimeO - HKLM Run IAAnotif C Program Files Intel Intel Matrix Storage Manager Iaanotif exeO - HKLM Run DMXLauncher C Program Files Dell Media Experience DMXLauncher exeO - HKLM Run pccguide exe quot C Program Files Trend Micro Internet Security pccguide exe quot O - HKLM Run DLA C WINDOWS System DLA DLACTRLW EXEO - HKLM Run ISUSScheduler quot C Program Files Common Files InstallShield UpdateService issch exe quot -startO - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run IgfxTray C WINDOWS system igfxtray exeO - HKLM Run HotKeysCmds C WINDOWS system hkcmd exeO - HKLM Run Persistence C WINDOWS system igfxpers exeO - HKCU Run OE OEM quot C Program Files Trend Micro Internet Security TMAS OE TMAS OEMon exe quot O - HKCU Run DellSupport quot C Program Files Dell Support DSAgnt exe quot startupO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - H... Read more

A:Friend's Hjt Log

Alright, I may have found one problem but I wasn't able to find how to remove it. It's called joke problem. Among the other various problems, internet explorer is trying to open a second window whenever you type in an address. When trying to open trend housecall and doing a scan or an update it says "the feature is still loading. please wait a moment, and then try again. Also there is an windows update available that says it needs to install "microsoft windows installer 3.1" and that one can't be unchecked. When clicking install it comes up with everything saying some updates failed to install. When trying to do things in safe mode with networking, trend housecall is pretty much worthless because it says "no network device was found, or there is a conflict with existing antivirus security software....blah blah blah." I hit ok, and then another screen pops up saying "unable to read the configuration etc etc."

I'm out of ideas!!!!!!!! Please help!

http://www.bleepingcomputer.com/forums/t/133834/friends-hjt-log/
Relevancy 32.25%

here is his hijackthis log Logfile of HijackThis v Scan saved at on Platform Windows XP WinNT MSIE Internet Explorer v Running help, needs friend help...!!!!!! my processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Programfiler D-Link AirPlus G AirGCFG exe C WINDOWS TMTMTSR exe C Programfiler Microsoft IntelliPoint point exe C Programfiler Messageshield messageshield exe C WINDOWS System wmpa exe C WINDOWS jgkdy exe C Program Files Windows TaskAd WinTaskAd exe C Programfiler ISTsvc istsvc exe C temp salm exe C Program Files Windows TaskAd WinSched exe C WINDOWS System ctfmon exe C WINDOWS System Winlogin exe C PROGRA PANICW POP-UP PSFree exe C Programfiler Spybot - Search amp Destroy TeaTimer help, my friend needs help...!!!!!! exe C PROGRA COMMON tsa tsm exe C PROGRA COMMON tsa ts exe C WINDOWS System svchost exe C WINDOWS System ups exe C WINDOWS System wuauclt exe C Programfiler Mozilla Firefox firefox exe C WINDOWS System msiexec exe C HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http db no R - HKCU Software Microsoft Internet Explorer Search SearchAssistant http www couldnotfind com search p ount id R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName Koblinger R - Default URLSearchHook is missing O - BHO no name - - F - D - - D F - C help, my friend needs help...!!!!!! PROGRA SPYBOT SDHelper dll O - HKLM help, my friend needs help...!!!!!! Run nForce Tray Options sstray exe r O - HKLM Run AtiPTA atiptaxx exe O - HKLM Run D-Link AirPlus G C Programfiler D-Link AirPlus G AirGCFG exe O - HKLM Run ThrustTSR C WINDOWS TMTMTSR exe O - HKLM Run Microsoft WinUpdate Winlogin exe O - HKLM Run IntelliPoint quot C Programfiler Microsoft IntelliPoint point exe quot O - HKLM Run messageshield C Programfiler Messageshield messageshield exe O - HKLM Run Windows Media Player wmpa exe O - HKLM Run uAmUDRGi C WINDOWS jgkdy exe O - HKLM Run uAm quot ig Y vG C Programfiler ISTsvc istsvc exe C WINDOWS jgkdy exe O - HKLM Run Windows TaskAd C Program Files Windows TaskAd WinTaskAd exe O - HKLM Run IST Service C Programfiler ISTsvc istsvc exe O - HKLM Run salm c temp salm exe O - HKLM Run sjsd c windows sjsd exe O - HKLM Run SunJavaUpdateSched C Programfiler Java jre bin jusched exe O - HKLM RunServices Windows Media Player msa exe O - HKLM RunServices Microsoft WinUpdate Winlogin exe O - HKLM RunServices Windows Media Player wmpa exe O - HKLM RunOnce InnoSetupRegFile C WINDOWS is-OKDQH exe REG O - HKCU Run CTFMON EXE C WINDOWS System ctfmon exe O - HKCU Run Microsoft WinUpdate Winlogin exe O - HKCU Run PopUpStopperFreeEdition quot C PROGRA PANICW POP-UP PSFree exe quot O - HKCU Run SpybotSD TeaTimer C Programfiler Spybot - Search amp Destroy TeaTimer exe O - HKCU Run Tsa C PROGRA COMMON tsa tsm exe O - Extra button no name - B E C - FCB- CF-AAA - C - C Programfiler Java jre bin npjpi dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Programfiler Java jre bin npjpi dll O - Extra button SideFind - E -DEB - -A -B F EC B - C Programfiler SideFind sidefind dll O - Extra button AIM - AC E - - d -BC D- B D A DE - C Programfiler AIM aim exe O - DPF B - E - EA - B - F A BC MessengerStatsClient Class - http messenger zone msn com binary t cab cab O - DPF B BCA- F C- CF- - Shockwave ActiveX Control - https download macromedia com pub irector sw cab O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http v windowsupdate microsoft co O - DPF E D DE - - -A - DFAD A D MessengerStatsClient Class - http messenger zone msn com binary t cab cab O - DPF B E - ECB- DA- C A- F A FF MsnMessengerSetupDownloadControl Class - http messenger msn com download Ms Downloader cab O - DPF B BE E -A C- D -A DC- ZoneIntro Class - http messenger zone msn com binar... Read more

A:help, my friend needs help...!!!!!!

Hello and welcome to TSF-

I am reviewing your log. I will have some instructions for you shortly.

http://www.techsupportforum.com/forums/f284/help-my-friend-needs-help-31389.html
Relevancy 32.25%

HiMy friend is having pop-up re-direct issues I installed Ad-Aware Spybot AVG Anti-Spyware CCleaner and used them all They all found stuff here and there mostly cookies His Norton according to an earlier scan that I didn't do found some stuff but they can't remember what it was Spybot found 'virtumonde' which after reading a description of what it does sounds like the problem It supposedly deleted it but still getting random pop-ups and re-directs albeit not Friend Help My Me Help as often Anyway I ran hijack this and here is Help Me Help My Friend the log file Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Common Files Symantec Shared ccSvcHst exeC WINDOWS system Ati evxx exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system spoolsv exeC Program Files Symantec LiveUpdate ALUSchedulerSvc exeC Program Files Grisoft AVG Anti-Spyware guard exeC WINDOWS ehome ehSched exeC WINDOWS ehome ehtray exeC windows system hpsysdrv exeC Program Files HP Digital Imaging Unload hpqcmon exeC WINDOWS System hphmon exeC HP KBD KBD EXEC WINDOWS LTMSG exeC Program Files ATI Technologies ATI Control Panel atiptaxx exeC Program Files Multimedia Card Reader shwicon k exec Program Files Microsoft SQL Server Shared sqlwriter exeC Program Files support com bin tgcmd exeC WINDOWS System svchost exeC WINDOWS ALCXMNTR EXEC Program Files Common Files Symantec Shared ccApp exeC WINDOWS system ctfmon exeC Program Files Canon CAL CALMAIN exeC Program Files HP Digital Imaging bin hpqtra exeC WINDOWS ehome ehmsas exeC Program Files Updates from HP Program BackWeb- exeC Program Files HP Digital Imaging bin hpqgalry exeC WINDOWS System HPZipm exeC Program Files Grisoft AVG Anti-Spyware avgas exeC Program Files Internet Explorer iexplore exeC WINDOWS explorer exeC Program Files Common Files Symantec Shared VAScanner comHost exeC Program Files Common Files Symantec Shared CCPD-LC symlcsvc exeC Program Files QuickTime qttask exeC Program Files Common Files Real Update OB realsched exeC Program Files Internet Explorer iexplore exeC Documents and Settings Administrator Local Settings Temporary Internet Files Content IE GL B BE HiJackThis exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKCU Software Microsoft Internet Explorer Main Start Page http yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Bar http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Page http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKCU Software Microsoft Internet Explorer Main Window Title Windows Internet Explorer provided by Yahoo R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhostR - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dllO - BHO amp Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dllO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dllO - BHO no name - E A - - D F-BEAE-D A C - C Program Files Common Files Symantec Shared coShared Browser NppBho dllO - BHO no name - E-E A - -B -AA A BD - C WINDOWS system vtsqq dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO ed ec -d f- a-ae -f cb b - b -bc f- ea-a... Read more

A:Help Me Help My Friend

Please download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it.Click the Scan for Vundo button.Once it's done scanning, click the Remove Vundo button.You will receive a prompt asking if you want to remove the files, click YESOnce you click yes, your desktop will go blank as it starts removing Vundo.When completed, it will prompt that it will reboot your computer, click OK.Please post the contents of C:\vundofix.txt and a new HiJackThis log.Note: It is possible that VundoFix encountered a file it could not remove.In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.Please download show-vundo.vbs to your desktopDouble-click show-vundo.vbs to run it.When completed, it will open a notepad windowCopy and paste the contents of that window as a reply to this topic

http://www.bleepingcomputer.com/forums/t/120253/help-me-help-my-friend/
Relevancy 32.25%

I m trying to help a friend out with his computer My first Ad Aware scan found objects This is my second step LOG HJT Friend's to getting this thing cleaned up Could someone look at this log and let me know if there s anything that needs to be fixed Thanks -------------------------------------------------------------------------- Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System Friend's HJT LOG smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS Explorer EXE C Program Files Norton SystemWorks Password Manager AcctMgr exe C Documents and Settings Administrator Local Settings Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar file C DOCUME ADMINI LOCALS Temp sp html R - HKCU Software Microsoft Internet Explorer Main Search Page file C DOCUME ADMINI LOCALS Temp sp html R - HKLM Software Microsoft Internet Explorer Main Default Search URL http my netzero net s search r minisearch R - Friend's HJT LOG HKLM Software Microsoft Internet Explorer Main Search Bar file C DOCUME ADMINI LOCALS Temp sp html R - HKLM Software Microsoft Internet Explorer Main Search Page file C DOCUME ADMINI LOCALS Temp sp html R - HKCU Software Microsoft Internet Explorer Search SearchAssistant file C DOCUME ADMINI LOCALS Temp sp html R - HKLM Software Microsoft Internet Explorer Search SearchAssistant file C DOCUME ADMINI LOCALS Temp sp html R - HKCU Software Microsoft Internet Explorer Main Local Page C WINDOWS SYSTEM blank htm R - HKCU Software Microsoft Internet Explorer Main HomeOldSP about blank R - HKLM Software Microsoft Internet Explorer Main Local Page C WINDOWS SYSTEM blank htm R - HKLM Software Microsoft Internet Explorer Main HomeOldSP about blank F - system ini Shell F - REG system ini UserInit C WINDOWS system userinit exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - BHO no name - B DE- C - BF-B B- B F A E - C Program Files Microsoft Money System mnyside dll O - BHO no name - - F - D - - D F - no file O - BHO no name - C C -BD E- BCF- -C B F - no file O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton SystemWorks Norton Antivirus NavShExt dll O - BHO no name - C A A - E- BE -A BB-F DDD DA - c windows system makfbfa dll file missing O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton SystemWorks Norton Antivirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run SystemTray SysTray Exe O - HKLM Run Microsoft Works Portfolio C Program Files Microsoft Works WksSb exe AllUsers O - HKLM Run AdaptecDirectCD quot C Program Files Adaptec Easy CD Creator DirectCD DirectCD exe quot O - HKLM Run ccApp C Program Files Common Files Symantec Shared ccApp exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run PD StatusMonitor C WINDOWS System PD SM EXE O - HKLM Run AOL Spyware Protection quot C PROGRA COMMON AOL AOLSPY AOLSP Scheduler exe quot O - HKLM Run AcctMgr C Program Files Norton SystemWorks Password Manager AcctMgr exe startup O - HKLM Run RealTray C Program Files Real RealPlayer RealPlay exe SYSTEMBOOTHIDEPLAYER O - HKLM Run ccRegVfy C Program Files Common Files Symantec Shared ccRegVfy exe O - HKCU Run Microsoft Works Update Detection C Program Files Microsoft Works WkDetect exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Global Startup Microsoft Works Calendar Reminders lnk C Program Files Common Files Microsoft Shared Works Shared wkcalrem exe O - Global Startup Camio Viewer lnk C Program Files Sierra Imaging Image Expert IXApplet exe O - Global Startup Kodak Easy... Read more

A:Friend's HJT LOG

Hi, and welcome to tsg - please post a "bump" here if you still have a problem with your PC
 

https://forums.techguy.org/threads/friends-hjt-log.245560/
Relevancy 32.25%

i dont have the specs on anything she has but she did send me the hijack this log thingy so any help would be lovely Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C WINDOWS System cisvc exe C WINDOWS system drivers KodakCCS exe c program files netscape online ncupdatesvc exe C Program Files Alwil Software Avast ashMaiSv exe C Program Files help need a for friend Alwil Software Avast ashWebSv exe C WINDOWS System cidaemon exe C WINDOWS Explorer EXE C WINDOWS System hkcmd exe C WINDOWS System DSentry exe need help for a friend C Program Files Roxio Easy CD Creator DirectCD DirectCD exe C WINDOWS szekyb exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C Program Files WildTangent Apps CDA GameDrvr exe C WINDOWS svchost exe C Program Files QuickTime qttask exe C WINDOWS System DFD need help for a friend DBDCE DEE E exe C windows system rndsregp exe C WINDOWS SYSTEM swinosag exe C Program Files Common Files ISPCOMP InstallService exe C PROGRA ALWILS Avast ashDisp exe C WINDOWS System lexpps exe C Program Files AIM aim exe C Program Files Dell Support DSAgnt exe C PROGRA WNSXS msconfig exe C WINDOWS System wuauclt exe C WINDOWS System rvices exe C Program Files Digital Line Detect DLG exe C Program Files Kodak Kodak EasyShare Software bin EasyShare exe C Program Files Kodak KODAK Software Updater Program Kodak Software Updater exe C Program Files Internet Explorer iexplore exe C Program Files Netscape Internet Service NSClient exe C Program Files Netscape Internet Service NSWatchman exe C PROGRA MOZILL FIREFOX EXE C WINDOWS System wbem wmiapsrv exe C Documents and Settings Carol Pitcairn Local Settings Temp hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Internet Explorer Main Start Page http hpu bluezipper com home http amp siteid unknown amp install date - - R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKLM Software Microsoft Internet Explorer Main Start Page http popnav com R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Connection Wizard ShellNext http media R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file R - URLSearchHook no name - EE B -F - BB- FB-A BD B A - C Program Files SurfSideKick SskBho dll O - BHO no name - C-FED - -ED D-EBB DFFC - C WINDOWS System ucr dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - A EB- F A-F BE- - EE D C AE - C WINDOWS System bhhy dll file missing O - BHO no name - CA A- A - -C AC- DC A AC - C WINDOWS System sbguin dll file missing O - BHO no name - B A - AD- D - - D E FDB FE - C WINDOWS System hfvu dll file missing O - BHO no name - C-D E -AC -C D-DB B F CC - C WINDOWS System ucr dll O - BHO PBlockHelper Class - B- FF- DD - -F BEDE EB - C Program Files Netscape Internet Service Netscape Web Accelerator pbhelper dll O - BHO no name - B C-D -B C-B -C A E D FE - C WINDOWS System ogy dll O - BHO no name - E B C-FDB - - A -F AD A F CE - C WINDOWS System ogy dll O - BHO no name - DE F - E -EA -F F- E FF AA - C WINDOWS System obkwsfp dll file missing O - BHO no name - C-FEA - AC-ADBC-DE DD F - no file O - BHO no name - D B E - BEF-BF E-D E-C C F C F - C WINDOWS System wqtir dll file missing O - BHO BigMeanGorilla MadAsHell - FBD EBD -E DF- E-B -A D A ... Read more

A:need help for a friend

looks like a few things there. if nobody gives advice then type bump

and that will put this back at the top of the queue
 

https://forums.techguy.org/threads/need-help-for-a-friend.447184/
Relevancy 32.25%

View attachment hijackthis log My friend is running XP professional SP She is a.s.a.p. help to a Trying friend experiencing some Malware problems and her Xsoft won t clean it out I am also including her hjt log Here is the Malware file C Windows System dsdp s exe I had deleted this file using HJT and the Xsoft found it again SpyBot S amp D- found problems and cleaned them out I had to run it several times before it would actually fully complete a scan but it did finally When I try to run Ad-Aware it hangs up as it trys Trying to help a friend a.s.a.p. to scan this file and will not finish scanning I am not talking about her PC locking up It s acting like this folder is missing and is trying to find it so it can scan it C Documents and Settings Nick Local Settings Temp Temporary Internet Files Content IE JK CNQQ I will have to bounce back and forth to her house to fix it but she s in walking distance Thanks a bunch Here s the HJT log nbsp

Relevancy 32.25%

Here s the log Logfile of HijackThis v Scan a HJT friend for log saved at PM on Platform Windows XP SP WinNT HJT log for a friend MSIE Internet Explorer v Running processes C WINDOWS HJT log for a friend System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C Program Files Google Common Google Updater GoogleUpdaterService exe C WINDOWS system drivers KodakCCS exe C WINDOWS system nvsvc exe C WINDOWS system PSIService exe C Program Files Spyware Doctor svcntaux exe C Program Files Spyware Doctor swdsvc exe C WINDOWS system svchost exe C WINDOWS system wscntfy exe C WINDOWS AGRSMMSG exe C Program Files Java j re bin jusched exe C Program Files Sony VAIO Update VAIOUpdt exe C Program Files QuickTime qttask exe C Program Files Logitech iTouch iTouch exe C Program Files Lexmark X Series lxbkbmgr exe C Program Files Fisher-Price FP Player sspnotifier exe C Program Files TraySoft PhoneTray PhoneTray exe C PROGRA MYWEBS bar bin m SrchMn exe C Program Files Lexmark X Series lxbkbmon exe C PROGRA MYWEBS bar bin mwsoemon exe C Program Files Picasa PicasaMediaDetector exe C Program Files Spyware Doctor SDTrayApp exe C WINDOWS system ctfmon exe C Program Files MSN Messenger MsnMsgr Exe C Program Files M t oM dia M t oIM dia WeatherEye exe C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe C Program Files Yahoo Messenger YahooMessenger exe C Documents and Settings Chantale Application Data Smilebox SmileboxTray exe C Program Files Siber Systems AI RoboForm RoboTaskBarIcon exe C Program Files Google Google Updater GoogleUpdater exe C Program Files Kodak Kodak EasyShare software bin EasyShare exe C Program Files Kodak KODAK Software Updater Program backWeb- exe C Program Files QUICKENW QWDLLS EXE C Program Files MSN Messenger usnsvc exe C WINDOWS system linkprd exe C WINDOWS explorer exe C Program Files Internet Explorer iexplore exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Documents and Settings Chantale Desktop HijackThis exe C Program Files Internet Explorer iexplore exe R - HKCU Software Microsoft Internet Explorer Main Start Page Google R - HKLM Software Microsoft Internet Explorer Main Default Page URL MSN com R - HKLM Software Microsoft Internet Explorer Main Default Search URL Live Search R - HKLM Software Microsoft Internet Explorer Main Search Page Live Search R - HKLM Software Microsoft Internet Explorer Main Start Page MSN com R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll R - URLSearchHook no name - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL O - BHO MyWebSearch Search Assistant BHO - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO mwsBar BHO - B EA -A - -B BB- DE CCA - C Program Files MyWebSearch bar bin MWSBAR DLL O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO no name - d a - d - d - - e a - C Program Files Siber Systems AI RoboForm roboform dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier sw g dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - Toolbar My Web Search - B EA -A - -B BB- DE CCA - C Program Files MyWebSearch bar bin... Read more

A:HJT log for a friend

Run Hijack This and click Open the Misc Tools section.
Click Open Uninstall Manager > Save list and save the log to your Desktop.
A list of programs will open in Notepad. Post the contents of this log.
 

https://forums.techguy.org/threads/hjt-log-for-a-friend.595302/
Relevancy 32.25%

I hope I am doing this right Thank you all so much for being here Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Program Files x Google Chrome Application chrome exe C Program Files x HP Digital Imaging bin hpqtra exe C Program Files x Common Files got here. me! me Something sent Friend Intuit QuickBooks QBUpdate qbupdate exe C Program Files x AVG AVG avgui exe C Program Files x HP HP Software Update hpwuschd exe C Program Files x HP Digital Imaging bin hpqSTE exe C Program Files x HP Digital Imaging bin hpqbam exe C Program Files x HP Digital Imaging bin hpqgpc exe C Program Files x AVG SafeGuard toolbar vprot exe C Users Christine Downloads HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http feed snapdo com publisher SnapdoGOblidooYB amp dpid SnapdoGOblidooYB amp co US amp userid ab -ae - Something got me! Friend sent me here. aa -b c-a e b bfc amp searchtype ds amp q searchTerms amp installDate R - HKCU Software Microsoft Internet Explorer Main Search Page http feed snapdo com publisher SnapdoGOblidooYB amp dpid SnapdoGOblidooYB amp co US amp userid ab -ae - aa -b c-a e b bfc amp searchtype ds amp q searchTerms amp installDate R - HKCU Software Microsoft Internet Explorer Main Start Page http search conduit com SearchSource amp CUI UN amp UM amp ctid CT R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink p LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http start mysearchdial com f amp BtAtCtN L Czu L C H B QyCyE amp cr amp ir R - HKCU Software Microsoft Internet Explorer Search Default Search URL http feed snapdo com publisher SnapdoGOblidooYB amp dpid SnapdoGOblidooYB amp co US amp userid ab -ae - aa -b c-a e b bfc amp searchtype ds amp q searchTerms amp installDate R - HKCU Software Microsoft Internet Explorer Search SearchAssistant http feed snapdo com publisher SnapdoGOblidooYB amp dpid SnapdoGOblidooYB amp co US amp userid ab -ae - aa -b c-a e b bfc amp searchtype ds amp q searchTerms amp installDate R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName F - REG system ini UserInit userinit exe O - BHO ScorpionSaver - AD C - - - - A F AC - C Program Files x ScorpionSaver IECore dll O - BHO Java tm Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files x Java jre bin ssv dll O - BHO no name - B C- C F- BF -B - A - no file O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll O - Toolbar no name - ae b- d - a -af - ea e - no file O - Toolbar no name - B C- C F- BF -B - A - no file O - HKLM Run AVG UI quot C Program Files x AVG AVG avgui exe quot TRAYONLY O - HKLM Run Adobe ARM quot C Program Files x Common Files Adobe ARM AdobeARM exe quot O - HKLM Run Intuit SyncManager C Program Files x Common Files Intuit Sync IntuitSyncManager exe startup O - HKLM Run HP Software Update C Program Files x HP HP Software Update HPWuSchd exe O - HKLM Run vProt quot C Program Files x AVG SafeGuard toolbar vprot exe quot O - HKLM Run SunJavaUpdateSched quot C Program Files x Common Files Java Java Update jusched exe quot O - HKCU Run D E CA C D DEA FAE DDF F C service run quot C Program Files x Google Chrome Application chrome exe quot --type service O - HKUS S- - - RunOnce SPReview quot C Windows System SPReview SPReview exe quot sp errorfwlink quot http go microsoft com fwlink LinkID quot build User SYSTEM O - HKUS DEFAULT RunOnce SPReview quot C ... Read more

A:Something got me! Friend sent me here.

Bump. These ads around my browser popping up constantly on screen are driving me nutzzzzz.
 

https://forums.techguy.org/threads/something-got-me-friend-sent-me-here.1113604/
Relevancy 32.25%

Hi all My friends laptop has started to run very slow and is getting popups all over the place Can anybody spot anything in this log All help will be much appreciated Cheers Jon Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS for Need a friend help System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system Ati evxx Need help for a friend exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C Program Files Alwil Software Avast Need help for a friend aswUpdSv exe C Program Files Alwil Software Need help for a friend Avast ashServ exe C WINDOWS Explorer EXE C WINDOWS ATK HControl exe C WINDOWS ehome ehtray exe C WINDOWS eHome ehmsas exe C Program Files Wireless Console wcourier exe C Program Files ASUS ATK Media DMEDIA EXE C Program Files Synaptics SynTP SynTPEnh exe C Program Files ASUS Power Gear BatteryLife exe C Program Files ASUS PowerForPhone PowerForPhone exe C Program Files ASUS Splendid ACMON exe C Program Files Intel Wireless bin ZCfgSvc exe C Program Files Intel Wireless Bin ifrmewrk exe C Program Files Network Associates VirusScan SHSTAT EXE C Program Files Network Associates Common Framework UpdaterUI exe C Program Files Common Files Network Associates TalkBack TBMon exe C Program Files ASUS Mobile Theater PCMService exe C WINDOWS RTHDCPL EXE C Program Files Grisoft AVG Anti-Spyware avgas exe C PROGRA ALWILS Avast ashDisp exe C Program Files ASUS Asus MultiFrame MultiFrame exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtMng exe C WINDOWS system ACEngSvr exe C Program Files Sony Sony Picture Utility VolumeWatcher SPUVolumeWatcher exe C Program Files Toshiba Bluetooth Toshiba Stack TosA dp exe C WINDOWS system spoolsv exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtHid exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtHsp exe C Program Files Grisoft AVG Anti-Spyware guard exe C Program Files ASUS Mobile Theater Kernel TV CLCapSvc exe C Program Files ASUS Mobile Theater Kernel CLML NTService CLMLServer exe C Program Files ASUS Mobile Theater Kernel CLML NTService CLMLService exe C WINDOWS eHome ehRecvr exe C WINDOWS ATK ATKOSD exe C WINDOWS system inetsrv inetinfo exe C WINDOWS system RemoteControlService exe c Program Files Common Files LightScribe LSSrvc exe C Program Files Network Associates Common Framework FrameworkService exe C Program Files Network Associates VirusScan VsTskMgr exe C Program Files Intel Wireless Bin RegSrvc exe C WINDOWS system svchost exe C Program Files ASUS Mobile Theater Kernel TV CLSched exe C WINDOWS eHome ehSched exe C Program Files Alwil Software Avast ashMaiSv exe C Program Files Alwil Software Avast ashWebSv exe C WINDOWS system dllhost exe C WINDOWS System svchost exe C Program Files Intel Wireless Bin Dot XCfg exe C Program Files Internet Explorer iexplore exe C Program Files Common Files Microsoft Shared Windows Live WLLoginProxy exe C Documents and Settings Stu Desktop HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http softwarereferral com jump php MjI Ojg amp lid R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www asus com R - URLSearchHook amp Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO MSVPS System - C F - B - F -AE -B CDFB E - C WINDOWS duocore dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Com... Read more

A:Need help for a friend

1. Download & Save this file to Desktop -> http://download.bleepingcomputer.com...a/ComboFix.exe

2. Double click on combofix.exe & follow the prompts.

3. When finished, it shall produce a log for you. Post that & a fresh Hijackthis log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

http://www.techsupportforum.com/forums/f284/need-help-for-a-friend-174189.html
Relevancy 32.25%

Clean or infected with something I don't see Her computer has slowed to a crawl Logfile of HijackThis v Scan saved at PM on Platform Windows SE Win x A MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM MPREXE EXE a Friend friend log of HJT C WINDOWS SYSTEM MSTASK EXE C OFFICE SOINTGR EXE C WINDOWS SYSTEM ZONELABS VSMON EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS EXPLORER EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C PROGRAM FILES ICHOOSE NAG EXE C PROGRAM FILES ESOFT EBOARD EBOARD EXE C PROGRAM FILES DIRECTCD DIRECTCD EXE C PROGRAM FILES CA ETRUST EZ ARMOR ETRUST EZ ANTIVIRUS VETMSG EXE C PROGRAM FILES CA ETRUST EZ ARMOR ETRUST EZ ANTIVIRUS VETTRAY EXE C PROGRAM FILES ZONE LABS ZONEALARM ZLCLIENT EXE C PROGRAM FILES HEWLETT-PACKARD DIGITAL IMAGING BIN HPOTDD EXE C PROGRAM FILES HEWLETT-PACKARD DIGITAL IMAGING BIN HPOHMR EXE C WINDOWS SYSTEM WMIEXE EXE C PROGRAM FILES EWARE IWARE EXE C WINDOWS SYSTEM SPOOL EXE C PROGRAM FILES HEWLETT-PACKARD DIGITAL IMAGING BIN HPOEVM EXE C WINDOWS SYSTEM HPZIPM EXE C PROGRAM FILES HEWLETT-PACKARD DIGITAL IMAGING BIN HPOSTS EXE C PROGRAM FILES YAHOO MESSENGER YMSGR TRAY EXE C Friend of a friend HJT log PROGRAM FILES OUTLOOK EXPRESS MSIMN EXE C WINDOWS SYSTEM PSTORES EXE C WINDOWS SYSTEM TAPISRV EXE C WINDOWS SYSTEM DDHELP EXE C PROGRAM FILES INTERNET EXPLORER IEXPLORE EXE C UNZIPPED HIJACKTHIS HIJACKTHIS EXE R - HKCU Software Friend of a friend HJT log Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com customize rch search html R - HKCU Software Microsoft Internet Explorer Main Search Page http red clientapps yahoo com customize www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com customize rch search html R - HKCU Software Friend of a friend HJT log Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com customize www yahoo com O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLL O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHELPER DLL O - Toolbar amp Yahoo Companion - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YCOMP DLL O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - HKLM Run ScanRegistry c windows scanregw exe autorun O - HKLM Run TaskMonitor c windows taskmon exe O - HKLM Run SystemTray systray exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run SO Integrator Pass Two C OFFICE SOINTGR EXE O - HKLM Run iCn C PROGRAM FILES ICHOOSE NAG EXE O - HKLM Run eMachine eBoard C PROGRA ESOFT EBOARD eBoard exe O - HKLM Run Adaptec DirectCD C Program Files DirectCD DIRECTCD EXE O - HKLM Run StillImageMonitor C WINDOWS SYSTEM STIMON EXE O - HKLM Run Vet Alert C PROGRA CA ETRUST ETRUST VETMSG EXE O - HKLM Run VetTray C PROGRA CA ETRUST ETRUST VETTRAY EXE O - HKLM Run Zone Labs Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices SO Integrator Pass One C OFFICE SOINTGR EXE O - HKLM RunServices TrueVector C WINDOWS SYSTEM ZONELABS VSMON EXE -service O - HKCU Run Yahoo Pager C Program Files Yahoo Messenger ypager exe -quiet O - Startup eWare Startup lnk C Program Files eWare iWareStart exe O - Startup hpoddt exe lnk C Program Files Hewlett-Packard Digital Imaging bin hpotdd exe O - Startup hp instant support lnk C Program Files Hewlett-Packard hpis bin matcli exe O - Startup hp psc series lnk C Program Files Hewlett-Packard Digital Imaging bin hpohmr exe O - Startup WinZip Quick Pick lnk C Program Files WinZip WZQKPICK EXE O - Extra context menu item amp Yahoo Search - file C Program Files Yahoo Common ycsrch htm O - Extra context menu item ... Read more

Relevancy 32.25%

This is a friend's log I appreciate the help Deckard's System Scanner v Run by Matthew Flores on - - Computer is in Normal Mode -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- System Restore is disabled attempting to re-enable success -- Last Restore Point s -- - - UTC - RP - System Checkpoint Backed up registry hives Performed disk cleanup Total Physical Memory MiB MiB recommended -- HijackThis run as Matthew Flores exe -------------------------------------- Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System A Help Little Friend For My Please. svchost exe C WINDOWS system svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C WINDOWS system spoolsv exe C Program Files Microsoft Small Business Business Contact Manager BcmSqlStartupSvc exe C Program Files Bonjour mDNSResponder exe C Program Files ESET ESET NOD Antivirus ekrn exe C Program Files Comcast Desktop Doctor bin sprtsvc exe C Program Files Microsoft SQL Server Shared sqlwriter exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C Program A Little Help For My Friend Please. Files Zune ZuneLauncher exe C WINDOWS system ctfmon exe C WINDOWS system ZuneBusEnum exe C Documents and Settings Matthew Flores Desktop dss exe C PROGRA TRENDM HIJACK Matthew Flores exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie www yahoo com R - HKCU Software Microsoft Internet Connection Wizard ShellNext http att yahoo com R - HKCU Software Microsoft Internet Explorer Main Window Title Windows Internet Explorer provided by Comcast R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer O - BHO IE Pro - -E - DF-A - FCD B BF - C Program Files IEPro iepro dll O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - Toolbar no name - BF - F - - - FE E AA - no file O - HKLM Run egui quot C Program Files ESET ESET NOD Antivirus egui exe quot hide waitservice O - HKLM Run NodLogin C Program Files ESET ESET NOD Antivirus nodlogin exe O - HKLM Run Zune Launcher quot C Program Files Zune ZuneLauncher exe quot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra button IE Pro Preferences - F-A - f - C - F CBBF C D - C Program Files IEPro iepro dll O - Extra 'Tools' menuitem IE Pro Preferences - F-A - f - C - F CBBF C D - C Program Files IEPro iepro dll O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Re... Read more

http://www.techsupportforum.com/forums/f284/a-little-help-for-my-friend-please-223262.html
Relevancy 32.25%

hey i m at a friend s house and we noticed his computer was running abnormally slow for its hardware so we figured we d do some scans and download some stuff to optimize it and we realized he had serious malware problems can anyone help me help him out i gots an hour and mins before i g g and he has no clue what he s doing so yeah if u dont think it can be fixed needs friend help in that time lemme know and we ll do it another time i m posting the HijackThis log Logfile of HijackThis v friend needs help Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared SNDSrvc exe C friend needs help Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C Program Files Common Files Symantec Shared ccProxy exe C PROGRA Symantec NORTON GHOSTS EXE C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Norton Internet Security Norton AntiVirus navapsvc exe C Program Files Norton Internet Security Norton AntiVirus SAVScan exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files Common Files Ulead Systems DVD ULCDRSvr exe C Program Files Common Files Symantec Shared Security Center SymWSC exe C WINDOWS Explorer EXE C Program Files Common Files Real friend needs help Update OB realsched exe C PROGRA MYWEBS bar bin mwsoemon exe C WINDOWS system ctfmon exe C Program Files MSN Messenger MsnMsgr Exe C WINDOWS system devldr exe C Program Files Microsoft AntiSpyware gcasDtServ exe C Program Files Microsoft AntiSpyware gcasServ exe C Program Files iTunes iTunes exe C Program Files iPod bin iPodService exe C Program Files Internet Explorer iexplore exe C Documents and Settings Joanne Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http channels aimtoday com search aimtoolbar jsp R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http channels aimtoday com search aimtoolbar jsp R - URLSearchHook no name - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL O - BHO MyWebSearch Search Assistant BHO - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C PROGRA Yahoo COMPAN Installs cpn ycomp dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO mwsBar BHO - B EA -A - -B BB- DE CCA - C Program Files MyWebSearch bar bin MWSBAR DLL O - BHO CNisExtBho Class - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO CNavExtBho Class - BDF E -B - AD-A -FADC B - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - Toolbar Web assistant - B EAC - D - b e- B -A C A A - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - Toolbar AIM Search - D A B-D B- d - A - EE F C - C Program Files AIM Toolbar AIMBar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - Toolbar amp Yahoo Companion - EF BD -C FB- D - F- D F - C PROGRA Yahoo COMPAN Installs cpn ycomp dll O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run MyWebSearch Email Plugin C PROGRA MYWEBS bar bin mwsoemon exe O - HKLM Run Canon Photoshot Camera CanonPho... Read more

Relevancy 32.25%

ok my friend has a problem and I copyed it from my email so here the problem word for word Here s friend help help me a the help me help a friend story Someone borrowed my laptop and brought it back with a burned out power supply When he returned it he didn t realize I was going to take the hard drive out to retrieve some info I needed When I hooked the hard drive to my desktop PC I help me help a friend realized the laptop drive was horribly infected with a virus over infected files removed by Norton help me help a friend Antivirus I also found several porn videos that had been downloaded starting the day after this person borrowed the laptop These aren t just porn pictures or small clips some are up to minutes long When questioned the person who borrowed my laptop claimed that the virus must have been there before he borrowed it and that the virus is responsible for downloading the porn videos Please tell me if it is possible for a virus to download porn videos on a computer I thought websites wanted people to pay for these so why would a virus give them to people for free Click to expand nbsp

A:help me help a friend

"I thought websites wanted people to pay for these, so why would a virus give them to people for free?"

There's over 1000000000000 hours of free porn on the net. I'm not going to say how as illegal discussion is not allowed on this forum. *hint*

Maybe the porn he downloaded had a virus binded to it. - So when he runs the movie the virus also launches.

So what's the question? The reason I posted a response is because I don't see a real question. Just more of a statement.
 

https://forums.techguy.org/threads/help-me-help-a-friend.531874/
Relevancy 32.25%

Hi It's been some time since I've been here but I need some help I am trying to clean up a computer for a friend He says it is running exceedingly slowly it is --to the point that he can't get anything done on it His kids have visited all sorts of sites The machine is an eMachines that does NOT have a NIC card--so net access is only via dial-up thru Juno I am moving files friend help for Need some a and programs between it and my regular machine with a Need some help for a friend USB RAM disk The machine is also attempting to continually connect to the net via the dial-up even tho the Internet Properties Connection tab Need some help for a friend is set to quot Never dial a connection quot I also cannot get Need some help for a friend the task manager to stay visible on the screen Then I do the CTL ALT DEL the Windows Security window opens--but when I hit Task Manager the Task Manager window flashes on then closes The machine is running XP-Home I have booted into Safe Mode and have run Adaware Personal CW Shredder and an evaluation copy of Spy Subtract I couldn't fine a link for Spy Bot Search and Destroy--except to buy the software Adaware found about items all of which I had the software delete However when I booted back in normal mode the machine still was slow I still can't open Task Manager and it is still trying to dial my phone about every seconds Below is the HiJack This log I'd appreciate any help you could give me Thanks Dennis SchneiderEmail address removed as per board policy and to protect you against spambots--Papakid Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system LEXBCES EXEC WINDOWS system spoolsv exeC WINDOWS system LEXPPS EXEC WINDOWS netdu exeC Program Files Norton AntiVirus navapsvc exeC WINDOWS wanmpsvc exeC WINDOWS Explorer EXEC Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exeC WINDOWS System RUNDLL exeC WINDOWS System SVCHOSTE EXEC PROGRA NORTON navapw exeC WINDOWS netpz exeC Program Files BigFix BigFix exeC SIERRA CardStudio PLNRnote exeC WINDOWS System wuauclt exeC Program Files HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Bar res C WINDOWS ulkkk dll sp html R - HKCU Software Microsoft Internet Explorer Main Search Page res C WINDOWS ulkkk dll sp html R - HKLM Software Microsoft Internet Explorer Main Default Page URL about blankR - HKLM Software Microsoft Internet Explorer Main Default Search URL res C WINDOWS ulkkk dll sp html R - HKLM Software Microsoft Internet Explorer Main Search Bar res C WINDOWS ulkkk dll sp html R - HKLM Software Microsoft Internet Explorer Main Search Page res C WINDOWS ulkkk dll sp html R - HKCU Software Microsoft Internet Explorer Search SearchAssistant res C WINDOWS ulkkk dll sp html R - HKLM Software Microsoft Internet Explorer Search SearchAssistant res C WINDOWS ulkkk dll sp html R - HKCU Software Microsoft Internet Explorer SearchURL Default http my juno com s search r minisearchR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer http R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride searchap untd com localhost windowsupdate microsoft com windowsupdate com wustat windows com pogo com test-speed com liveupdate symantecliveupdate com symantec com nai com networkassociates com lt local gt R - Default URLSearchHook is missingF - win ini run fntldr exeO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocxO - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dllO - BHO Class - F FBCC D-F F- - - C D FD - C WINDOWS javawr dllO - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocxO - Toolbar Norton AntiVirus - CDD BF... Read more

A:Need some help for a friend

Hello again,Since my first post, I have run several more scans and virus checkers--and have eliminated the problem with the machine trying to call Juno every 10 secs, as well as the problem with the Task Manager not remaining on screen.But the system is still running slow (not as bad as before).Here is the latest Hi Jack this log:Please let me know what else I should try to get this running better.Again, thanks in advance for your help.Denny Schneider-----------------------------------Logfile of HijackThis v1.99.1Scan saved at 2:46:19 AM, on 7/22/2005Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\ewido\security suite\ewidoctrl.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\wanmpsvc.exeC:\WINDOWS\System32\RUNDLL32.exeC:\Program Files\interMute\SpySubtract\SpySub.exeC:\Program Files\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ulkkk.dll/sp.html#10001R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ulkkk.dll/sp.html#10001R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ulkkk.dll/sp.html#10001R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ulkkk.dll/sp.html#10001R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ulkkk.dll/sp.html#10001R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ulkkk.dll/sp.html#10001R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\ulkkk.dll/sp.html#10001R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.juno.com/s/search?r=minisearchR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7900R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 64.136.29.30;64.136.21.30;64.136.29.34;searchap.untd.com;127.0.0.1;localhost;*windowsupdate.microsoft.com;*windowsupdate.com;*wustat.windows.com;*.pogo.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;<local>F1 - win.ini: run=fntldr.exeO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocxO2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dllO2 - BHO: Class - {F0FBCC5D-F83F-2011-4825-6319C233D4FD} - C:\WINDOWS\javawr32.dll (file missing)O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dllO4 - HKLM\..\Run: [Windows Logon Procedure] SVCHOSTE.EXEO4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exeO4 - Sta... Read more

http://www.bleepingcomputer.com/forums/t/25386/need-some-help-for-a-friend/
Relevancy 32.25%

Since this site did a great job with my computerheres my friends HJT logLogfile of HijackThis v Scan saved at Help A Friend PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running Help A Friend processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Common Files Symantec Shared ccProxy exeC Program Files Common Files Symantec Shared ccSetMgr exeC Program Files Norton Internet Security ISSVC exeC Program Files Common Files Symantec Shared SNDSrvc exeC Program Files Common Files Symantec Shared SPBBC SPBBCSvc exeC Program Files Common Files Symantec Shared ccEvtMgr exeC WINDOWS system spoolsv exeC WINDOWS Nhksrv exeC Program Files Common Files Microsoft Shared VS Debug mdm exeC Program Files Norton Internet Security Norton AntiVirus navapsvc exeC WINDOWS System nvsvc exeC Program Files Common Files Symantec Shared CCPD-LC symlcsvc exeC WINDOWS Help A Friend Explorer EXEC WINDOWS MMKeybd exeC WINDOWS System spool drivers w x hpztsb exeC WINDOWS system mcc exeC Program Files Common Files Symantec Shared ccApp exeC Program Files Netropa Traymon exeC Program Files Netropa OSD exeC WINDOWS System P P Networking P P Networking exeC WINDOWS system ctfmon exeC Program Files Mozilla Firefox firefox exeC WINDOWS system wuauclt exeC Program Files Messenger msmsgs exeC Documents and Settings SEAN McGILL Desktop HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Bar http channels aimtoday com search aimtoolbar jspR - HKCU Software Microsoft Internet Explorer Main Start Page http comcast net R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www comcast netR - HKLM Software Microsoft Internet Explorer Main Start Page http comcast netR - HKLM Software Microsoft Internet Explorer Search Default Search URL http www searchxp com search htmlR - HKLM Software Microsoft Internet Explorer Search SearchAssistant http search looksmart com p search pi lstb tv R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by ComcastR - URLSearchHook no name - D DFF D -B B- -B - C C C B - no file R - URLSearchHook LookSmart Toolbar - CC C F F-F E - B-A D- CC A - C Program Files LookSmart Toolbar tbu toolbar dllO - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dllO - BHO Norton Internet Security - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dllO - BHO XBTB - BBBE C A- F - AF -ABD -F FBCFA - C PROGRA LOOKSM tbu toolbar dllO - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton Internet Security Norton AntiVirus NavShExt dllO - BHO no name - D C E -C - E - E - AA AEB - no file O - Toolbar Norton Internet Security - B EAC - D - b e- B -A C A A - C Program Files Common Files Symantec Shared AdBlocking NISShExt dllO - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton Internet Security Norton AntiVirus NavShExt dllO - Toolbar LookSmart Toolbar - CC C F F-F E - B-A D- CC A - C Program Files LookSmart Toolbar tbu toolbar dllO - Toolbar AIM Search - D A B-D B- d - A - EE F C - C Program Files AIM Toolbar AIMBar dllO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartupO - HKLM Run DellTouch C WINDOWS MMKeybd exeO - HKLM Run HPDJ Taskbar Utility C WINDOWS System spool drivers w x hpztsb exeO - HKLM Run Configuration Loaded wupdated exeO - HKLM Run SmcService C PROGRA Sygate SPF Smc exe -startguiO - HKLM Run Generic Host Process for Win Services vgadvr exeO - HKLM Run Multimedia Codecs C WINDOWS system mcc exeO - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run Symantec NetDriver Monitor C PROGRA SYMNET SNDMon exe ConsumerO - HKLM Run P P Networking C WINDOWS System P P Networking P P Networking exe AUTOSTARTO - HKLM RunServices Configuration Loaded wupd... Read more

A:Help A Friend

Hello BenjaminWard and welcome to the BC forums. After reviewing your log I see a few items that require our attention. Please print these directions and then proceed with the following steps in order.Step #1Download Cwshredder.exe and save it to a folder of its own. Start the program and click on the Check for Update button. If an update is available then download and install it. Close the program (do not run it yet).Download CCleaner and install it but do not run it yet.Remove installed programs using Add or Remove Programs in the Control Panel:Click Start.Click Control Panel.Double-click Add or Remove Programs.Look in the Currently installed programs box for each program listed below and if it is there:Click on it to select it.Click Change (or Change/Remove) button.If you are prompted to confirm the removal of the program, click Yes.P2P NetworkStep #2Restart in Safe ModeRestart the computer.As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.Use the arrow keys to select the Safe Mode menu item.Press the Enter key.Step #3Start HijackThis and click the Scan button to perform a scan. Look for the following items and click in the checkbox in front of each item to select it:R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchxp.com/search.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.looksmart.com/p/search?pi=lstb2&tv=1R3 - URLSearchHook: (no name) - _{D6DFF6D8-B94B-4720-B730-1C38C7065C3B} - (no file)R3 - URLSearchHook: LookSmart Toolbar - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - C:\Program Files\LookSmart Toolbar\tbu835\toolbar.dllO2 - BHO: XBTB01232 - {BBBE1C1A-89F7-4AF6-ABD1-F8FBCFA47408} - C:\PROGRA~1\LOOKSM~1\tbu835\toolbar.dllO2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file)O3 - Toolbar: LookSmart Toolbar - {CC8C8F4F-F2E8-404B-A43D-5CC57876A008} - C:\Program Files\LookSmart Toolbar\tbu835\toolbar.dllO4 - HKLM\..\Run: [Configuration Loaded] wupdated.exeO4 - HKLM\..\Run: [Generic Host Process for Win32 Services] vgadvr.exeO4 - HKLM\..\Run: [Multimedia Codecs] C:\WINDOWS\system32\mcc.exeO4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTARTO4 - HKLM\..\RunServices: [Configuration Loaded] wupdated.exeO4 - HKCU\..\Run: [Generic Host Process for Win32 Services] vgadvr.exeO4 - Startup: PowerReg Scheduler.exeO4 - Startup: PowerReg Scheduler.RB0O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exeO19 - User stylesheet: (file missing)Now close ALL open windows except HijackThis and click the Fix Checked button to finish the repair.Step #4We need to make sure all hidden files are showing so please:Click Start.Open My Computer.Select the Tools menu and click Folder Options.Select the View tab.Under the Hidden files and folders heading select Show hidden files and folders.Uncheck the Hide file extensions for known types option.Uncheck the Hide protected operating system files (recommended) option.Click Yes to confirm.Click OK.Find the following files/folders and delete them (don't worry if they are already gone):C:\Program Files\LookSmart Toolbar\ <--folderC:\WINDOWS\system32\mcc.exeC:\WINDOWS\System32\P2P Networking\ <--folderNow search for these files and delete all instances. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.wupdated.exevgadvr.exeStep #5Start CClean... Read more

http://www.bleepingcomputer.com/forums/t/19182/help-a-friend/
Relevancy 32.25%

Hello I'm new to this site so pls bare with me I have a friend who's computer is acting strange at times freezing and crashing when looking at a webcam I sent her the hijackthis program and she sent me the log back I looked through it and I can tell she has an infection surfsidekick chod exe bin bleh to be more specific but I'm not sure what's good and what isn't If any of you can help me sort through the log and tell me what I should have her delete that'd be super Thanks in advanced Logfile of HijackThis v Scan saved at for in need... help Need friend a PM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exeC WINDOWS system csrss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Need help for a friend in need... WINDOWS System svchost exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC WINDOWS Explorer EXEC Program Files MessengerPlus MsgPlus exeC Program Files Creative Shared Files CAMTRAY EXEC Program Files Java jre bin jusched exeC Program Files Internet Explorer iexplore exec progra intern iexplore exeC WINDOWS System svchost exeC WINDOWS System wdfmgr exeC Program Files MSN Messenger msnmsgr exeC WINDOWS System wuauclt exeC Program Files Internet Explorer IEXPLORE EXEC Program Files Internet Explorer IEXPLORE EXEC Program Files Digital Asphyxia Y TunnelPro YTPro exeC PROGRA YAHOO MESSEN ymsgr tray exeC Hijack This HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Bar http www evtvvajrsgkc com EXY jIbBqhG WI QrbTqRgT m htmlR - HKCU Software Microsoft Internet Explorer Main Start Page http www comcast com R - HKCU Software Microsoft Internet Explorer SearchURL Default websearch drsnsrch com q cgi q R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - Default URLSearchHook is missingO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocxO - BHO PCTools Site Guard - C B A - DB - A -A CB-D BBFEB - C PROGRA SPYWAR tools iesdsg dllO - BHO no name - B C - - ACF- EC -C E E E - C DOCUME sassy APPLIC COOLFI Heart play exeO - BHO PCTools Browser Monitor - B A D D- - C -A - DF C AC - C PROGRA SPYWAR tools iesdpb dllO - BHO WinStat - EE B B- D - bc-B DB- A CE F - C WINDOWS System WinStat dllO - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocxO - HKLM Run MessengerPlus quot C Program Files MessengerPlus MsgPlus exe quot O - HKLM Run Creative WebCam Tray C Program Files Creative Shared Files CAMTRAY EXEO - HKLM Run dalewarn glue C Documents and Settings All Users Application Data HoldNameDaleWarn bin bleh exeO - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exeO - HKLM Run SurfSideKick C Program Files SurfSideKick Ssk exeO - HKLM Run chod C WINDOWS System chod exeO - HKCU Run settings draw C DOCUME sassy APPLIC owns ProcAtom exeO - HKCU Run Y TunnelPro C Program Files Digital Asphyxia Y TunnelPro YTPro exeO - HKCU Run MessengerPlus quot C Program Files MessengerPlus MsgPlus exe quot WinStartO - HKCU Run SurfSideKick C Program Files SurfSideKick Ssk exeO - HKCU Run msnmsgr quot C Program Files MSN Messenger msnmsgr exe quot backgroundO - Extra context menu item amp AIM Search - res C Program Files AIM Toolbar AIMBar dll aimsearch htmO - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dllO - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dllO - Extra button Spyware Doctor - D D A- - D -A A - C B E E - C PROGRA SPYWAR tools iesdpb dllO - Extra button AIM - AC E - - d -BC D- B D A DE - C Program Files AIM aim exeO - Extra button Related - c fe - f d- d -a b- aa c a - C WINDOWS web related htmO - Extra 'Tools' menuitem Show amp Related Links - c fe - f d- d -a b- aa c a - C WINDOWS web related htmO - Plugin for spop C Program Files Internet Explorer P... Read more

A:Need help for a friend in need...

Hello AMD ME and welcome to BleepingComputer.The log shows that you are seriously behind on windows updates. It is essential that you update your operating system as soon as possible; otherwise any infections we remove could reoccur. Go to Windows Update and install all the offered Critical and Security updates and service packs. Windows 2000 needs to be at SP4. WindowsXP needs to be at least at SP1 and preferably SP2.You have a LOP infection that often comes together with Messenger Plus. To remove it we will try the simple way first.1. Go to Control Panel, then Add/Remove programs. Double click on "Messenger Plus!"2. The "Messenger Plus! - Setup" is now displayed. Click on the Uninstall button. Note: options displayed on the first screen are not related to the sponsor program.3. The sponsor screen is now displayed (if you don't see it, search for it in your Task Bar). To prove that someone is currently reading the screen, you have to type the code that is displayed. Once you enter the code, press Uninstall.4. If you entered the code properly, the program will ask you to confirm that you want to uninstall. You must answer "Yes" to this question, else, you won't have another chance of uninstalling.5. To complete the uninstallation, follow the instructions that are displayed (the first one is to close all your Internet Explorer windows, that's very important). When everything is complete, restart your computer.6. You may reinstall Messenger Plus after you are clean as long as you DO NOT allow it to install the sponsor program.While still in Add/Remove programs, look for and uninstall if found, Window Search, Window Searching, Lop.com, LOP Search, Browser Enhancer, or Ultimate Browser Enhancer. If you are given a code to insert, do so. Also while still in Add/Remove programs, uninstall if found: SurfSideKick 3Also, I'm having her download and run the avg virus scanner, to see if that would help. I may have her run adaware and S&D, but she is computer illertate, and hasn't got a clue what to do. Any help would be greatly appreciated.Yes, I notice you do not have any anti-virus software running. On today's internet, an up to date AV is a must. AVG by Grisoft is a well respected and free AV program. Download it, install it, update it, use it. Also, I see no third party Firewall running. At least be sure that Windows XP built in firewall is active. If possible, get her to:Download Ad-aware SE v1.06 from LavaSoft. Install, update and configure it as explained in this tutorial. Run Ad-aware and allow it to remove everything it finds.Download Spybot Search & Destroy v1.4. Install, update and configure it as expained in this tutorial. Run Spybot and allow it to remove everything it finds.Reboot and post a fresh HJT log. It is very unusual to see a log with no O23 entries. On the next post, be sure the entire log is copied.

http://www.bleepingcomputer.com/forums/t/23735/need-help-for-a-friend-in-need/
Relevancy 32.25%

Logfile of HijackThis v Scan saved at PM on Platform Windows SE Win x A MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLLC WINDOWS SYSTEM MSGSRV EXEC WINDOWS SYSTEM MPREXE W98 help Friend's please EXEC WINDOWS SYSTEM WINMODEM wmexe exeC PROGRAM FILES COMMON FILES AOL ACS ACSD EXEC PROGRAM FILES COMMON Friend's W98 please help FILES SYMANTEC SHARED CCEVTMGR EXEC PROGRAM FILES NORTON INTERNET SECURITY NISUM EXEC PROGRAM FILES NORTON INTERNET SECURITY CCPXYSVC EXEC PROGRAM FILES ENCOMPASS ENCMONTR EXEC PROGRAM FILES COMMON FILES WINTOOLS WTOOLSA EXEC WINDOWS SYSTEM KB KB EXEC WINDOWS SYSTEM MSTASK EXEC WINDOWS SYSTEM mmtask tskC WINDOWS EXPLORER EXEC WINDOWS TASKMON EXEC WINDOWS SYSTEM SYSTRAY EXEC PROGRAM FILES VOYETRA AUDIOSTATION VTRAY EXEC PROGRAM FILES DIRECTCD DIRECTCD EXEC Friend's W98 please help PROGRAM FILES REAL REALPLAYER REALPLAY EXEC PROGRAM FILES COMMON FILES SYMANTEC SHARED CCAPP EXEC PROGRAM FILES SUPPORT COM BIN TGCMD EXEC WINDOWS SYSTEM QTTASK EXEC WINDOWS SYSTEM ISRRMV EXEC PROGRAM FILES COMMON FILES WINTOOLS WSUP EXEC PROGRAM FILES HP DESKJET C SERIES EREG REMIND EXEC WINDOWS SYSTEM WMIEXE EXEC WINDOWS SYSTEM DDHELP EXEC WINDOWS SYSTEM SPOOL EXEC PROGRAM FILES WINZIP WZQKPICK EXEC PROGRAM FILES INTERNET EXPLORER IEXPLORE EXEC WINDOWS SYSTEM RPCSS EXEC WINDOWS DESKTOP HIJACKTHIS EXER - HKCU Software Microsoft Internet Explorer Main Start Page http www comcast net R - HKLM Software Microsoft Internet Explorer Main Search Bar http www excite com microsoft ie R - HKLM Software Microsoft Internet Explorer Main Search Page http www excite comR - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by ComcastF - win ini run hpfschedO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCXO - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHELPER DLLO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCXO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run ScanRegistry C WINDOWS scanregw exe autorunO - HKLM Run TaskMonitor C WINDOWS taskmon exeO - HKLM Run SystemTray SysTray ExeO - HKLM Run CriticalUpdate C WINDOWS SYSTEM wucrtupd exe -startupO - HKLM Run VoyetraTray C PROGRAM FILES VOYETRA AUDIOSTATION VTRAY EXE sO - HKLM Run Adaptec DirectCD C PROGRA DIRECTCD DIRECTCD EXEO - HKLM Run RealTray C Program Files Real RealPlayer RealPlay exe SYSTEMBOOTHIDEPLAYERO - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot C Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run tgcmd quot C Program Files support com bin tgcmd exe quot serverO - HKLM Run Symantec NetDriver Monitor C PROGRA SYMNET SNDMON EXEO - HKLM Run QuickTime Task quot C WINDOWS SYSTEM QTTASK EXE quot -atboottimeO - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrSchemeO - HKLM Run isrrmv C WINDOWS SYSTEM isrrmv exeO - HKLM Run WinTools C PROGRA COMMON WINTOOLS WTOOLSA EXEO - HKLM RunServices winmodem WINMODEM wmexe exeO - HKLM RunServices AolAcsDaemon quot C PROGRAM FILES COMMON FILES AOL ACS ACSD EXE quot O - HKLM RunServices ccEvtMgr quot C Program Files Common Files Symantec Shared ccEvtMgr exe quot O - HKLM RunServices Nisum C Program Files Norton Internet Security NISUM EXEO - HKLM RunServices ccPxySvc C PROGRA NORTON CCPXYSVC EXEO - HKLM RunServices Encompass ENCMONTR C Program Files Encompass ENCMONTR EXEO - HKLM RunServices WinTools C PROGRA COMMON WINTOOLS WTOOLSA EXEO - HKLM RunServices KB C WINDOWS SYSTEM KB KB EXEO - HKLM RunServices LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrSchemeO - HKLM RunServices SchedulingAgent mstask exeO - HKLM RunServicesOnce WinTools C PROGRA COMMON WINTOOLS WTOOLSA EXE bootO - HKCU Run YDqnRWjnS C PROGRAM FILES AS... Read more

A:Friend's W98 please help

Please downloadSpyBot and Adaware[/b] . Get the latest versions here: Adaware SpybotInstall, and then verify that they are fully updated. If you need help working with these tools, here are some helpful tutorials.Spybot TutorialAdaware Tutorial Run them, and fix everything they find. Then reboot and post a new log please.

http://www.bleepingcomputer.com/forums/t/23719/friends-w98-please-help/
Relevancy 32.25%

From your list here I am looking for my friend AVG
and I am directed to
http://free.avg.com/us-en/free-antivirus-download
I think I need to choose Trial Version and therefore do not understand, what basic protection is for ?
So I assume this is how AVG is doing things these days
Am I correct in saying that you need to take the trial offer to install a free version , . . then convert later, . . if so, . .
please tell me how does that happen ?

A:My friend needs help with AVG

At his time I believe my friend D/Led the basic version
and when she goes to run it it ask for password etc. ??

What shall I tell her to do ?

http://www.bleepingcomputer.com/forums/t/427233/my-friend-needs-help-with-avg/
Relevancy 32.25%

Only symptom here is a slow machineLogfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exeC WINDOWS system csrss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS System svchost exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC PROGRA Grisoft AVGFRE avgamsvr exeC PROGRA Grisoft AVGFRE avgupsvc exeC WINDOWS system cisvc exeC Program Files Kerio Personal Firewall kpf ss exeC WINDOWS System nvsvc exeC WINDOWS System svchost exeC Program Files Kerio Personal Firewall kpf gui exeC WINDOWS System wdfmgr exeC WINDOWS System MsPMSPSv exeC WINDOWS system cidaemon exeC WINDOWS system cidaemon exeC Program Files Stardock Object Desktop A for friend log a WindowBlinds wbload exeC WINDOWS system ctfmon exeC Program Files Kerio Personal Firewall kpf gui exeC WINDOWS Explorer EXEC Program Files Microsoft Hardware Mouse point exeC PROGRA Grisoft AVGFRE avgcc exeC Program Files Java jre bin jusched exeC PROGRA Grisoft AVGFRE avgemc exeC Program Files AWS weatherbug Weather exeC Program Files CallWave IAM exeC PROGRA INCRED bin IMApp exeC WINDOWS system csrss exeC WINDOWS system winlogon exeC Program Files Stardock Object Desktop A log for a friend WindowBlinds wbload exeC Program Files Kerio Personal Firewall kpf gui exeC WINDOWS system ctfmon exeC WINDOWS Explorer EXEC Program Files Microsoft Hardware Mouse point A log for a friend exeC PROGRA Grisoft AVGFRE avgcc exeC Program Files Java jre bin jusched exeC PROGRA Grisoft AVGFRE avgemc exeC Program Files a a guard exeC Program Files Spybot - Search amp Destroy TeaTimer exeC Program Files CursorXP CursorXP exeC Program Files CallWave IAM exeC PROGRA INCRED bin IMApp exeC PROGRA MOZILL firefox exeC Program Files Trillian trillian exeC PROGRA INCRED bin IBMain exeC My Hjt HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http wwwbleepingcomputer com forums R - HKLM Software Microsoft Internet Explorer Main Start Page http wwwbleepingcomputer com forums O - BHO no name - D -C F - efb- B - ECA - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B -C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocxO - BHO IBBHO Class - BA E- E- CE -A C - FE - C ProgramFiles IncrediBar bin IBBHO dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F -c windows googletoolbar dllO - Toolbar IncrediBar - D - C - -BF -C ACBF E -C Program Files IncrediBar bin IBTBar dllO - Toolbar amp Google - C B - - d - B - A CD F -c windows googletoolbar dllO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dllNvStartupO - HKLM Run POINTER point exeO - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUPO - HKLM Run ImInstaller IncrediMail C DOCUME Sara LOCALS Temp ImInstaller IncrediMail incredimail installexe -startup -product IncrediMailO - HKLM Run KernelFaultCheck systemroot system dumprep -kO - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exeO - HKLM Run AVG EMC C PROGRA Grisoft AVGFRE avgemc exeO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run IncrediMail C Program Files IncrediMail bin IncMail exe cO - HKCU Run Weather C Program Files AWS weatherbug Weather exe O - HKCU Run a quot C Program Files a a guard exe quot O - HKCU Run SpybotSD TeaTimer C Program Files Spybot - Search amp Destroy TeaTimer exeO - HKCU Run CursorXP C Program Files CursorXP CursorXP exeO - Global Startup Internet Answering Machine lnk C ProgramFiles CallWave IAM exeO - Extra context menu item amp Add animation to IncrediMail Style Box -C PROGRA INCRED bin resources WebMenuImg htmO - Extra context menu item amp AIM Search - res C Program Files AIMToolbar AIMBar dll aimsearch htmO - Extra context menu item amp Google Search -res c windows GoogleToolbar dll cmsearch htmlO - Extra context menu item Backward Links -res c windows Googl... Read more

A:A log for a friend

Hi Leurgy Fancy meeting you in a place like this! I don't see anything unusual in the log file so let's check for some other things.Download Find_It_s.zip and unzip the contents to its own folder.Important! Reboot in SAFE MODE !!Start in Safe Mode Using the F8 method:Restart the computer in Safe Mode.As soon as the BIOS is loaded begin tapping the F8 key until the Advanced Options menu appears.Use the arrow keys to select the Safe Mode menu item.Press the Enter key.Locate the FindIt's.bat file and double-click it to run it. It will start scanning your computer and could take a little while so be patient. When the DOS window closes, reboot back to normal mode.Now start HijackThis and follow these steps:Click on Config buttonClick on the Misc Tools buttonCheck the checkbox for List minor sections (full)Check the checkbox for List empty sections (complete)Click on the Generate StartupList Log buttonClick the Yes button to create the listPost the information from the StartupList scan and the contents of the c:\log.txt file and I will review them when they come in.Cheers.OT

http://www.bleepingcomputer.com/forums/t/19072/a-log-for-a-friend/
Relevancy 32.25%

I have a friend with a laptop and at the moment his files are disapearing, he cant click on anything in the control panel it says missing files and now his nero and media player have gone also, he doesnt have the net he just borrowed someones connection the other day now it is stuffed, any ideas how to fix this??
thanks

A:friend needs help

Welcome to TSF....

Do you have the laptop where you are and for how long?

http://www.techsupportforum.com/forums/f10/friend-needs-help-255511.html
Relevancy 32.25%

Well I made the switch to Linux Mandriva a few months ago and I don't have a Windows partition anymore so I need someone to do this for my friend Thanks His explanation of the problem is that he gets porn popups and websites he tries to go to don't go there He tries to go to google but ends up on some other search engine friend's log My Sounds like he was using IE to browse pornography and got hijacked I've already gotten him to switch to Firefox Update and run his antivirus McAfee and update and run both spybot and adaware Mysteriously neither of the scanning tools detected a problem Anyhow here's his log and he's pretty computer illiterate so if you can simplify instructions it would help You My friend's log don't have to go overboard I can always help him Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files Java j re bin jusched exe C WINDOWS stsystra exe C Program Files Java j re bin jucheck exe C Program Files Intel Modem Event Monitor IntelMEM exe C Program Files CyberLink PowerDVD DVDLauncher exe C Program Files Real RealPlayer RealPlay exe C WINDOWS system dla tfswctrl exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Dell Media Experience DMXLauncher exe C PROGRA mcafee com agent mcagent exe C PROGRA mcafee com vso mcvsshld exe c progra mcafee com vso mcvsescn exe C PROGRA McAfee com PERSON MpfTray exe C Program Files Dell Photo AIO Printer dlbubmgr exe C Program Files Dell Photo AIO Printer memcard exe C Program Files Dell Photo AIO Printer dlbubmon exe C PROGRA COMMON AOL ACS AOLacsd exe c PROGRA mcafee com vso mcvsrte exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C PROGRA McAfee com PERSON MpfAgent exe C PROGRA McAfee com PERSON MPFSERVICE exe C WINDOWS system svchost exe c PROGRA mcafee com vso mcshield exe C Program Files QuickTime qttask exe C Program Files iTunes iTunesHelper exe C WINDOWS system ctfmon exe C Program Files Dell Support DSAgnt exe C Program Files AIM aim exe C Program Files Common Files AOL ee AOLHostManager exe C Program Files iPod bin iPodService exe C Program Files America Online aoltray exe C Program Files Common Files AOL ee AOLServiceHost exe C Program Files Common Files AOL ee AOLServiceHost exe c progra mcafee com vso mcvsftsn exe C Program Files Messenger msmsgs exe C Program Files Internet Explorer iexplore exe C Program Files Mozilla Firefox firefox exe C DOCUME Pattik LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe C WINDOWS system NOTEPAD EXE R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKCU Software Microsoft Internet Explorer Main Search Bar http mysearch myway com jsp dellsidebar jsp p DE R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKLM Software Microsoft Internet Explorer Main Start Page http www dell me com myway R - URLSearchHook AOLTBSearch Class - EA - - DB- F -D CA FB C D - C Program Files AOL AOL Toolbar aoltb dll R - URLSearchHook no name - D F -B FE- -BF - AB D D - C Program Files MyWaySA SrchAsDe deSrcAs dll O - BHO no name - DBDAC - - - E A- C AB BC - C WINDOWS system sstts dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - D F -B FE- -BF - AB D D - C Program Files MyWaySA SrchAsDe deSrcAs dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO MSEvents Object - DD BC - - BA -BEBC-FBAE A - C WINDOWS system jkkjg dl... Read more

A:My friend's log

Hello and Welcome

Please subscribe to this thread to get immediate notification of fixes as soon as they are posted.

Before proceeding any further, please create a new directory - C:\PROGRAM FILES\HIJACKTHIS\
Re-locate your HijackThis files to the new directory


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Download and install CleanUp!

Then, download this tool and save it to your desktop. Then double click the tool and follow the instructions.

VirtumundoBeGone.exe

When its done, reboot and post the log that is created on your desktop called VBG.TXT in your next reply


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


With HiJackThis & place a check next to these items and select "Fix checked":

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
O2 - BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - C:\WINDOWS\system32\sstts.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
O2 - BHO: MSEvents Object - {6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} - C:\WINDOWS\system32\jkkjg.dll
O2 - BHO: (no name) - {df1b8f4b-ccee-4382-95c0-0857bf81abd2} - C:\WINDOWS\system32\eshnfivu.dll
O4 - HKLM\..\Run: [stratas] lockx.exe
O4 - HKLM\..\RunServices: [stratas] lockx.exe
O4 - HKCU\..\Run: [stratas] lockx.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O20 - Winlogon Notify: jkkjg - C:\WINDOWS\system32\jkkjg.dll
O20 - Winlogon Notify: sstts - C:\WINDOWS\SYSTEM32\sstts.dll


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Next, please reboot your computer in SafeMode by doing the following:
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the option to run Windows in Safe Mode.


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Uninstall the following programs, if present, using Control Panel->Add/Remove Programs: MyWaySA / MyWebSearch
WeatherBug / AWS

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


If you have not done so already, please enable the viewing of Hidden files
From Windows Explorer, go to Tools>Folder Options> View tab. Tick - Show hidden files and folder
Untick - Hide file extensions for known types
Untick - Hide protected operating system files
Click Yes to confirm & then click OK

Locate and delete the following files/folders: (let me know if you fail to find/delete any) C:\WINDOWS\system32\eshnfivu.dll
C:\Program Files\AWS\
C:\Program Files\MyWaySA

lockx.exe >> search for this file

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):Empty Recycle Bins
Delete Cookies
Delete Prefetch files
Cleanup! All Users
Click OK
Pres... Read more

http://www.techsupportforum.com/forums/f284/my-friends-log-81245.html
Relevancy 32.25%

please take a look at this thanks I know I see a few things but feedback would be appreciated Logfile of HijackThis v HJT Friend's log Scan saved at AM on Platform Windows XP SP Friend's HJT log WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe C Program Files Intel Wireless Bin ZcfgSvc exe C Program Files Intel Wireless Bin WLKeeper exe C WINDOWS Explorer EXE C Program Files Common Files Symantec Shared SNDSrvc exe C WINDOWS system spoolsv exe C PROGRA Intel Wireless Bin XConfig exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Intel Wireless Bin RegSrvc exe C WINDOWS system svchost exe C WINDOWS system wscntfy exe C WINDOWS system dllhost exe C WINDOWS ehome ehtray exe C WINDOWS eHome ehmsas exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C WINDOWS stsystra exe C WINDOWS system igfxsrvc exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Intel Wireless Bin ifrmewrk exe C Program Files Dell Media Experience DMXLauncher exe C Program Files CyberLink PowerDVD DVDLauncher exe C WINDOWS system dla tfswctrl exe C Program Files Dell Media Experience PCMService exe c progra mcafee com vso mcvsescn exe C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C Program Files Messenger msmsgs exe C WINDOWS system wuauclt exe C Program Files Hewlett-Packard Digital Imaging bin hpohmr exe C Program Files Hewlett-Packard Digital Imaging bin hpotdd exe c progra mcafee com vso mcvsftsn exe C Program Files Common Files Microsoft Shared Works Shared wkcalrem exe C Program Files Hewlett-Packard Digital Imaging bin hpoevm exe C Program Files Hewlett-Packard Digital Imaging Bin hpoSTS exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Grisoft AVG Anti-Spyware guard exe C Program Files Grisoft AVG Anti-Spyware avgas exe C WINDOWS system ZoneLabs vsmon exe C PROGRA ZONELA ZONEAL zlclient exe C Documents and Settings Tia Desktop cwshredder exe C Documents and Settings Tia Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - Default URLSearchHook is missing O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - Toolbar no name - BA B -B - c -B - F F - no file O - HKLM Run ehTray C WINDOWS ehome ehtray exe O - HKLM Run igfxtray C WINDOWS system igfxtray exe O - HKLM Run igfxhkcmd C WINDOWS system hkcmd exe O - HKLM Run igfxpers C WINDOWS system igfxpers exe O - HKLM Run SigmatelSysTrayApp stsystra exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run IntelZeroConfig C Program Files Intel Wireless bin ZCfgSvc exe O - HKLM Run IntelWireless C Program Files Intel Wireless Bin ifrmewrk exe tf Intel PROSet Wireless O - HKLM Run DMXLauncher C Program Files Dell Media Experience DMXLauncher exe O - HKLM Run DVDLauncher quot C Program Files CyberLink PowerDVD DVDLauncher exe quot O - HKLM Run dla C WINDOWS system dla tfswctrl exe O - HKLM Run UpdateManager quot C Program Files Common Files Sonic Update Manager sgtray exe quot r O - HKLM Run PCMService quot C Program Files Dell Media Experience PCMService exe quot O - HKLM Run URLLSTCK exe C Program Files Norton Internet Security UrlLstCk exe O - HKLM Run Symantec NetDriver Monitor C PROGRA SYMNET SNDMon exe O - HKLM Run WorksFUD C Program Files Microsoft Works wkfud exe O - HKLM Run Microsoft Works Portfolio C Program Files Microsoft Works Wk... Read more

Relevancy 32.25%

My friends afraid some game hacker guy is going to nuke him.
He says he has 'nukes' and my friend has posted on the guys forum before so he has my friends IP address.
 

Relevancy 32.25%

I need help with my friend's computer First an about blank separate window pops up often along with many other pop-ups Also the computer is very slow when not connected to the internet Sometimes' the computer shuts down all by itself anyways here is the hijack report Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system LEXBCES EXEC WINDOWS system LEXPPS EXEC WINDOWS system spoolsv exec Program Files Norton AntiVirus navapsvc exeC Program Files Softex OmniPass Omniserv exeC WINDOWS System svchost exeC Program Files Softex OmniPass OPXPApp exeC WINDOWS Explorer EXEC windows system hpsysdrv exeC WINDOWS System hkcmd exeC WINDOWS System hphmon exeC Program Files Common Files Logitech QCDriver LVCOMS EXEC Program Files AutoUpdate AutoUpdate exeC Program Files NetZero exec exeC Program Files NetZero exec exeC Program Files NetZero qsacc x exec exeC Program Files Media Access MediaAccess exeC Program Files Internet Explorer iexplore exeC Program Files Media Access MediaAccK exeC help is my for This friend Program Files CxtPls CxtPls exeC Documents and Settings Owner Local Settings Temp Temporary Directory for hijackthis zip hijackthis exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Search This is help for my friend URL http srch-us hpwis com R - HKCU Software Microsoft Internet Explorer Main Start Page http searchnation com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http my netzero net s search r minisearchR - HKLM Software Microsoft Internet Explorer Main Search Bar http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Page http my netzero net s search r minisearchR - HKLM Software Microsoft Internet Explorer Main Start Page http us hpwis com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer http R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride searchap untd com localhost windowsupdate microsoft com windowsupdate com This is help for my friend wustat windows com pogo com test-speed com liveupdate symantecliveupdate com symantec com nai com networkassociates com lt local gt R - URLSearchHook URLSearchHook Class - D CDBF- AF - AA- -BD D DA C B - C Program Files NZSearch SearchEnh dll file missing O - BHO BHObj Class - - F D- C- E - A C E C - C WINDOWS nem dllO - BHO no name - BE- D - CEB-ADD -E A D - C Program Files CxtPls plg cxtpls dllO - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dllO - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dllO - BHO Search Relevancy - D E B - CE- B-BE B-A B E - C PROGRA SEARCH SEARCH DLL file missing O - BHO no name - B DE- C - BF-B B- B F A E - C Program Files Microsoft Money System mnyside dllO - BHO X IEHook Class - EF -D A - AD-A -E CF - C Program Files NetZero qsacc X IEBHO dllO - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dllO - BHO CNavExtBho Class - BDF E -B - AD-A -FADC B - c Program Files Norton AntiVirus NavShExt dllO - BHO ADP UrlCatcher Class - F E - E- -BE D-ED A FD DA - C WINDOWS System msbe dllO - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocxO - Toolbar HP View - B E - D D- DEB- B - D BCF F - c Program Files Hewlett-Packard Digital Imaging bin hpdtlk dllO - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - c Program Files Norton AntiVirus NavShExt dllO - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F ... Read more

A:This is help for my friend

Hello babybrowneyez and welcome to the BC forums. After reviewing your log I see a few items that require our attention. Please print these directions and then proceed with the following steps in order.Step #1Download CCleaner and install it but do not run it yet.ImportantYour copy of HijackThis needs to be in a folder of it's own. If it is run from Temporary folders the backups and HijackThis itself could be accidentally deleted if the Temporary folders are cleaned. If it is run from the desktop then the backup files and folders can clutter up the desktop and be accidentally deleted. If it is run from inside a compressed file then the backups are not created at all.Please open My ComputerDouble-click on Local Disk (C:)Click on the File menu, point to New and then click on Folder. Name the folder 'HijackThis' or 'HJT'.Unzip to or copy and paste HijackThis.exe to the new folder.Step #2Start in Safe Mode Using the F8 method:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.Use the arrow keys to select the Safe Mode menu item.Press the Enter key.Step #3Start HijackThis and click the Scan button to perform a scan. Look for the following items and click in the checkbox in front of each item to select it:R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchnation.com/O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dllO2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\CxtPls\plg0\cxtpls.dllO2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~2.DLL (file missing)O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dllO2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll (file missing)O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exeO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/ClickYes...e/bridge-c3.cabO16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAcc...bridge-c293.cabO16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...up1.0.0.8-2.cabO16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cabNow close ALL open windows except HijackThis and click the Fix Checked button to finish the repair.Step #4We need to make sure all hidden files are showing so please:Click Start.Open My Computer.Select the Tools menu and click Folder Options.Select the View tab.Under the Hidden files and folders heading select Show hidden files and folders.Uncheck the Hide file extensions for known types option.Uncheck the Hide protected operating system files (recommended) option.Click Yes to confirm.Click OK.Find the following files/folders and delete them (don't worry if they are already gone):C:\WINDOWS\nem220.dllC:\Program Files\CxtPls\ <--folderC:\PROGRAM FILES\SEARCH~1\ <--folder (a folder whose name begins with SEARCH)C:\WINDOWS\System32\msbe.dllC:\Program Files\TheSearchAccelerator\ <--folderC:\Program Files\AutoUpdate\ <--folderC:\Program Files\Media Access\ <--folderStep... Read more

http://www.bleepingcomputer.com/forums/t/19034/this-is-help-for-my-friend/
Relevancy 32.25%

My friends computer is seriously fubar'd here's the logLogfile of HijackThis v Scan saved at on Platform Windows XP nbsp WinNT MSIE Internet Explorer v Running processes C log HJT friend) (for WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C PROGRA TEXTBR BIN INSTAN EXE C PROGRA ntl BROADB SMARTB MotiveSB HJT log (for friend) exe C WINDOWS System spool DRIVERS W X LMPDPSRV EXE C Program Files Zone Labs ZoneAlarm zlclient exe C Documents and Settings default My Documents adam Gmail Notifier gnotify exe C WINDOWS System rundll exe C WINDOWS System ctfmon exe C wp exe C Program Files Lexmark X LEX SU exe C WINDOWS system pctspk exe C WINDOWS SYSTEM ZONELABS vsmon exe C WINDOWS System wuauclt exe C WINDOWS SYSTEM rundll exe C PROGRA MOZILL FIREFOX EXE C WINDOWS System wuauclt exe C WINDOWS System wuauclt exe C WINDOWS SoftwareDistribution Download ca b a efd a b f fff a eb update update exe C Documents and Settings default Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar res C DOCUME default LOCALS Temp se dll spage html R - HKCU Software Microsoft Internet Explorer Main Search Page about blank R - HKLM Software Microsoft Internet Explorer Main Search Bar res C DOCUME default LOCALS Temp se dll spage html R - HKLM Software Microsoft Internet Explorer Main Search Page about blank R - HKCU Software Microsoft Internet Explorer Search SearchAssistant about blank R - HKLM Software Microsoft Internet Explorer Search SearchAssistant about blank R - HKCU Software Microsoft Internet Explorer Main HomeOldSP about blank R - HKLM Software Microsoft Internet Explorer Main Local Page C WINDOWS SYSTEM blank htm R - HKLM Software Microsoft Internet Explorer Main HomeOldSP about blank R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - URLSearchHook no name - FFC - - b - CB- CBB E - no file O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER DLL O - BHO ST - EDE -C B - E- - BF AF E - C PROGRAM FILES MSN APPS ST EN-XU STMAIN DLL O - BHO MSNToolBandBHO - BDBD DAD-C - A -ADC - B B FF D - C PROGRAM FILES MSN APPS MSN TOOLBAR EN-GB MSNTB DLL O - BHO no name - D C A- B - E -B A- FB F - C WINDOWS System geak dll O - Toolbar no name - CDE A D-A - -BF -E B C F EB - no file O - Toolbar MSN - BDAD DAD-C - A -ADC - B B FF D - C PROGRAM FILES MSN APPS MSN TOOLBAR EN-GB MSNTB DLL O - Toolbar Yahoo Companion - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn ycomp dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run SystemTray SysTray Exe O - HKLM Run InstantAccess C PROGRA TEXTBR BIN INSTAN EXE h O - HKLM Run Motive SmartBridge C PROGRA ntl BROADB SMARTB MotiveSB exe O - HKLM Run LMPDPSRV C WINDOWS System spool DRIVERS W X LMPDPSRV EXE O - HKLM Run Zone Labs Client C Program Files Zone Labs ZoneAlarm zlclient exe O - HKLM Run e - f c- e -a ec-b a b c C Documents and Settings default My Documents adam Gmail Notifier gnotify exe O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run FX C WINDOWS Downloaded Program Files ieloader exe O - HKLM Run sp rundll C DOCUME default LOCALS Temp se dll DllInstall O - HKCU Run CTFMON EXE C WINDOWS System ctfmon exe O - HKCU Run WindowsFY c wp exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Global Startup broadband medic lnk C Program Files ntl broadband medic bin matcli exe O - Global Startup Lexmark X Settings Utility lnk C Program Files Lexmark X LEX SU exe O - Extra context menu item amp Search - http bar mywebsearch com menusearch html p ZNxuk AYGB O - Extra button no name - B E C - F... Read more

A:HJT log (for friend)

Hi Welcome to BCDownload SpSeHJfix to your desktop; be sure to download the one that's appropriate for your operating system.1) Click "Start Disinfection".-Be sure to post the log created by the SpSeHjfix cleanup tool, along with any other logs requested after completing this solution.

http://www.bleepingcomputer.com/forums/t/18131/hjt-log-for-friend/
Relevancy 32.25%

Hello, a friend is having trouble with his computer. This is what he told me:

- unresponsive mouse cursor
- hangs and freezes
- Explorer.exe not running on startup
- can't run Explorer.exe from Task Manager
- can run in safe mode
- problems persist after running System File Checker
- problems persist after reinstalling Windows
- installed the correct bit version of Windows
- OS: Windows 7
- GPU: ATI
- regularly overclocks
 

A:Can you help my friend? :'(

regularly overclocksClick to expand...

That may be the root of the issues with that computer.

---------------------------------------------------------
 

https://forums.techguy.org/threads/can-you-help-my-friend.1117460/
Relevancy 32.25%

Hi everyone Help friend a for Not up to date on all the latest spyware issues Mac user I have a friend whose system Help for a friend has been having problems and below is her HJT log If one of you would kindly take a look-see at the log and give me some pointers I will pass the information on to her I greatly appreciate it She uses IE and XP Thanks in advance Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C Help for a friend WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe c Program Files Common Files Symantec Shared Help for a friend ccProxy exe C WINDOWS Explorer EXE c Program Files Common Files Symantec Shared ccSetMgr exe c Program Files Norton AntiVirus navapsvc exe c Program Files Common Files Symantec Shared SNDSrvc exe c Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe c Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system HPZipm exe C WINDOWS system svchost exe c Program Files Common Files Symantec Shared Security Center SymWSC exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Musicmatch Musicmatch Jukebox mm tray exe C Program Files QuickTime qttask exe C Program Files Messenger msmsgs exe C PROGRA MUSICM MUSICM MMDiag exe C Program Files Musicmatch Musicmatch Jukebox mim exe C Program Files Internet Explorer iexplore exe C Program Files interMute SpySubtract SpySub exe C DOCUME HP Owner LOCALS Temp Temporary Directory for hijackthis zip HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http start earthlink net R - HKCU Software Microsoft Internet Explorer Main Default Search URL http www earthlink net partner more msie button search html R - HKCU Software Microsoft Internet Explorer Main Search Bar http start earthlink net AL Search R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Search Page http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN US amp c Q amp bd pavilion amp pf desktop R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http start earthlink net AL Search R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride R - URLSearchHook SrchHook Class - F B - C- -A B -D BD DCBB - C Program Files EarthLink TotalAccess ElnIE dll R - URLSearchHook no name - EA - - DB- F -D CA FB C D - no file R - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO EarthLink Popup Blocker - B F E - F - a-B -B E C EDF - C Program Files EarthLink TotalAccess PnEL dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO AOL Toolbar Launcher - C - CB - A -B F - EA C F - C Program Files AOL AOL Toolbar aoltb dll O - BHO Web assistant - ECB - F - bbc- D- DDF E - c Program Files Common Files Symantec Sh... Read more

A:Help for a friend

Download Registrar Lite from here:
http://www.resplendence.com/download/reglite.exe
Save it to your desktop, double click on it and follow the setup wizard.
Click on Continue with LITE.
Copy and paste the follow text into the address bar, then hit 'Go':
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

In the pane on the right are the values associated with that key.
We want to remove these, one at a time

~EA756889-2338-43DB-8F07-D1CA6FB9C90D}
~CFBFAE00-17A6-11D0-99CB-00C04FD64497}

Right click on it, and select delete.
Is the person having any problems?
 

https://forums.techguy.org/threads/help-for-a-friend.507037/
Relevancy 32.25%

ok my friend s internet has been going a lot slower lately according to him so i told him to download hijackthis and give me his log he also gets a lot of pop ups and adware spyware everytime he gets on the internet -- plz help him heres the log Logfile of HijackThis v Scan saved at PM on friend help! My needs Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS System CTsvcCDA exe C Program Files Norton AntiVirus navapsvc exe C Program Files Norton AntiVirus AdvTools NPROTECT EXE C WINDOWS System MsPMSPSv exe C WINDOWS Explorer EXE C WINDOWS My friend needs help! sysbu exe C Program Files Common Files Symantec Shared ccApp exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C WINDOWS System CTHELPER EXE My friend needs help! C documents and settings will zeavin local settings temp ddXSZNd exe C Program Files Creative SBAudigy ZS Surround Mixer CTSysVol exe C Program Files Creative SBAudigy ZS DVDAudio CTDVDDET EXE C WINDOWS System pvdyas exe C WINDOWS ipjr exe C Program Files Messenger msmsgs exe C Program Files AIM aim exe C WINDOWS System ciauxt exe C Program Files Internet Explorer iexplore exe C Fraps fraps exe C WINDOWS System BlvC exe C WINDOWS System KxkWgDx exe C Program Files ubi com Core GS exe My friend needs help! C Program Files Windows Media Player wmplayer exe C Program Files Ventrilo Ventrilo exe C Program Files Internet Explorer iexplore exe C Documents and Settings Will Zeavin Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar file C WINDOWS System SearchBar htm R - HKCU Software Microsoft Internet Explorer Main Start Page http www cox net O - BHO no name - FF B F- - F -E D - E AF - C WINDOWS appot dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot C Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run Advanced Tools Check C PROGRA NORTON AdvTools ADVCHK EXE O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run CTHelper CTHELPER EXE O - HKLM Run ddXSZNd C documents and settings will zeavin local settings temp ddXSZNd exe O - HKLM Run CTSysVol C Program Files Creative SBAudigy ZS Surround Mixer CTSysVol exe r O - HKLM Run CTDVDDET C Program Files Creative SBAudigy ZS DVDAudio CTDVDDET EXE O - HKLM Run EW B FQMZR C WINDOWS System SzepW ln exe O - HKLM Run Bakra C WINDOWS System IEHost exe O - HKLM Run Dsi C WINDOWS System dp-him exe O - HKLM Run wvozlsanre C WINDOWS System pvdyas exe O - HKLM Run AutoLoadersFp NKfaMaN quot C WINDOWS System dspupdll exe quot PC quot AM WILD quot HideUninstall O - HKLM Run ss g X dspupdll exe O - HKLM Run ipjr exe C WINDOWS ipjr exe O - HKLM Run IEDriver C WINDOWS System IEDriver IExplore exe U O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run AIM C Program Files AIM aim exe -cnetwait odl O - HKCU Run dBpmRTbtl ciauxt exe O - HKLM RunOnce sysbu exe C WINDOWS sysbu exe O - HKLM RunOnce iphp exe C WINDOWS system iphp exe O - HKLM RunOnce iept exe C WINDOWS iept exe O - HKLM RunOnce addjf exe C WINDOWS addjf exe O - HKLM RunOnce javasq exe C WINDOWS system javasq exe O - HKLM RunOnce javaiq exe C WINDOWS system javaiq exe O - HKLM RunOnce d gu exe C WINDOWS d gu exe O - HKLM RunOnce netvb exe C WINDOWS system netvb exe O - HKLM RunOnce addjg exe C WINDOWS system addjg exe O - HKLM RunOnce atljv exe C WINDOWS atljv exe... Read more

Relevancy 32.25%

Can you get a virus if you use teamviewer? i want to help my friend who may be infected, but don't want to contract anything onto my computer...

A:should i help my friend???

No you can't, not unless you download an infected file and run it on your machine.

http://www.bleepingcomputer.com/forums/t/435923/should-i-help-my-friend/
Relevancy 32.25%

Thanks Gang Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe Friend's LOG, help! HJT please C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Friend's HJT LOG, please help! Program Files Fujitsu Application Panel QuickTouch exe C Program Files Fujitsu BtnHnd BtnHnd exe C WINDOWS system atiptaxx exe C Program Files Java jre bin jusched exe C WINDOWS System Ati evxx exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C PROGRA Grisoft AVGFRE avgemc exe C PROGRA mcafee com PERSON MPFSERVICE exe C WINDOWS System svchost exe C Program Files Webroot Spy Sweeper WRSSSDK exe C WINDOWS system wscntfy Friend's HJT LOG, please help! exe C Program Files LimeWire LimeWire exe C Program Files ewido anti-spyware guard exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C Program Files Windows Media Player wmplayer exe C Program Files Hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run LoadFujitsuQuickTouch C Program Files Fujitsu Application Panel QuickTouch exe O - HKLM Run LoadBtnHnd C Program Files Fujitsu BtnHnd BtnHnd exe O - HKLM Run ATIModeChange Ati mdxx exe O - HKLM Run AtiPTA atiptaxx exe O - HKLM Run AVG CC C PROGRA Grisoft AVGFRE avgcc exe STARTUP O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run EPSON Stylus CX Series C WINDOWS System spool DRIVERS W X E FATIA CA EXE P quot EPSON Stylus CX Series quot O quot USB quot M quot Stylus CX quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run AVP quot C Program Files Kaspersky Lab Kaspersky Anti-Virus avp exe quot O - HKLM Run ewido quot C Program Files ewido anti-spyware ewido exe quot minimized O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup Start McAfee com Personal Firewall lnk C Program Files mcafee com Personal Firewall MpfTray exe O - Extra context menu item amp Google Search - res c program files google GoogleToolbar dll cmsearch html O - Extra context menu item amp Translate English Word - res c program files google GoogleToolbar dll cmwordtrans html O - Extra context menu item Backward Links - res c program files google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res c program files google GoogleToolbar dll cmcache html O - Extra context menu item Similar Pages - res c program files google GoogleToolbar dll cmsimilar html O - Extra context menu item Translate Page into English - res c program files google GoogleToolbar dll cmtrans html O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin ssv dll O - Extra button Web Anti-Virus - F - A - D - CA -AA ACF ED E - C Program Files Kaspersky Lab Kaspersky Anti-Virus scieplugin dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com... Read more

Relevancy 32.25%

My friend needs help He is in college and taking a baic electricity and computer programming Java and HTML My needs help. friend He gets many virus worms trojans spyware adware and other malware My friend needs help. He does NOT know what he is doing and many times remove good files of the computer and remove stuff from the high ject this I told him if he has problem to come to this site and post a HijackThis log But he just does his own thing He flunked out of the PC Maintenance class and was saying he does NOT need to learn it and he will do is own thing He is tring to get job at airport fixing airplanes with his electricity and computer programming not even months of college He than was trying to get job has a network specialist at IBM NOT wanting to take the MCSE or CICO certification He keeps getting malware and such and does his own thing So how do I put common sense in him and explain what college is With out taking stuff at college that has nothing to do what he wants to do at a job nbsp

A:My friend needs help.

Hi you may get more replies in the discussion forum..
It seems that you have tried your best.
He want to go his own way..we may have all been there.
"common sense" [whatever that is] we either have or suddenly comes upon us or not at all.
Clicking on this site and seeing how much knowledge is required to read Hjt logs correctly may help..
But you have tried that.
Stand back..be there for him.
 

https://forums.techguy.org/threads/my-friend-needs-help.485257/
Relevancy 32.25%

Hi My friends PC is really messed up I ve followed help Log to friend HJT trying - a most of the advice I could on this forum HJT Log - trying to help a friend except that HJT Log - trying to help a friend I can not download the ewido HJT Log - trying to help a friend update b c her PC is not online right now and I could find anything I could download to my Flash drive to transfer to her PC I did every part of the Ewido SmitRem exe I could Below I am including the HJT Log for your review and help Also should I delte the restore file I found in the c System Volume Information folder or will that be detrimental Here s the log - thanks in advance for any advice I don t want to move forward without some expert opinion Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS System winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C PROGRA Grisoft AVGFRE avgemc exe C Program Files ewido anti-spyware guard exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C PROGRA Grisoft AVGFRE avgcc exe C WINDOWS system wscntfy exe C PROGRA Grisoft AVGFRE avgwb dat C Program Files PC Cleanup Software HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cus http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Start Page http red clientapps yahoo com customize ie defaults stp ymsgr http my yahoo com R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page R - URLSearchHook no name - - C- B - - D FEC A - no file R - URLSearchHook no name - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL R - URLSearchHook no name - - no file F - REG system ini UserInit C WINDOWS System Userinit exe O - BHO AOL Toolbar Launcher - C - CB - A -B F - EA C F - no file O - BHO no name - eb d-ae a- - bd- a f be - no file O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar AOL Toolbar - DE C F- - A - B-AA ED D - no file O - Toolbar Safety Bar - b f - fa- - - c b - blank file missing O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run ewido quot C Program Files ewido anti-spyware ewido exe quot minimized O - HKLM Run MSConfig C WINDOWS PCHealth HelpCtr Binaries MSConfig exe auto O - HKCU Run uoltray C Documents and Settings AN Desktop New Folder NetZero exec exe regrun O - Extra context menu item amp Search - http edits mywebsearch com toolbaredits menusearch jhtml p ZNxmk YYUS O - Extra button AOL Toolbar - AF D- E - bda- -B C B - C WINDOWS System shdocvw dll O - Extra button Real com - CD F -D E - d - FE- C F AFE - C WINDOWS System Shdocvw dll O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - DPF Fortune Bingo by pogo - http superbingo pogo com applet- superbingo superbingo-ob-assets cab O - DPF Pop Fu by pogo - http popfu pogo com applet- popfu popfu-ob-assets cab O - DPF Texas Hold em Poker by pogo - http game pogo com applet- holdem holdem-ob-assets cab O - DPF Tri-Peaks by pogo - http game pogo com applet- peaks peaks-ob-assets cab O - DPF WordJong by pogo - http wordjong pogo com applet- wordjong wordjong-ob-assets cab O - DPF Yahoo Checkers - http download games yahoo com games clients y kt x cab O - DPF Yahoo Spades - http download games yahoo com games clients y st ... Read more

Relevancy 32.25%

Hello everyone I use this site for all my issues and it has always been VERY helpful I am at my help HJT a Log) Trying to friend out(Plz chk friends house and her computer needs some serious help If you could look this Trying to help a friend out(Plz chk HJT Log) over and also give me any suggestions as what programs to use like adaware CC cleaner Tweak now etc that would be great She is out of town and I would like to surprise her with a nice running system THANKS AGAIN EVERYONE Intel Pentium III MHZ MB RAM I have gathered her system info amp a HJT log for review Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS System dllhost exe c program files cox applications app CurtainsSysSvcNt exe C Program Files Cisco Systems VPN Client cvpnd exe C Program Files Common Files Command Software dvpapi exe C WINDOWS System imapi exe C WINDOWS System svchost exe C WINDOWS System svchost exe C Program Files Cox Applications app Prism exe C WINDOWS system ctfmon exe C WINDOWS Explorer exe C Program Files QuickTime qttask exe C Program Files Messenger msmsgs exe C Program Files D-Link AirPlus AirPlus exe C Program Files Yahoo Messenger ymsgr tray exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C Program Files Hijackthis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Search Bar http websearch drsnsrch com sidesearch cgi id R - HKLM Software Microsoft Internet Explorer Main Search Page http websearch drsnsrch com sidesearch cgi id R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch http websearch drsnsrch com sidesearch cgi id F - REG system ini Shell Explorer exe C WINDOWS Nail exe F - REG system ini UserInit C WINDOWS system auserinit exe O - BHO Band Class - F D - - f -A - F AE C - C WINDOWS dsr dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO UberButton Class - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dll O - BHO YahooTaggedBM Class - D A - CA - B-BB - D EFB A - C Program Files Yahoo Common YIeTagBm dll O - BHO AuthBHO cBHO - A D - CB - - C -A AB D A D - C Program Files Cox Applications app AuthBHO dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar Cox Popup Blocker - -B EA- B - B - D C - C Program Files Cox Applications app AuthBHO dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run Yahoo Pager quot C Program Files Yahoo Messenger ypager exe quot -quiet O - Global Startup D-Link AirPlus lnk O - HKCU Software Policies Microsoft Internet Explorer Restrictions present O - HKCU Software Policies Microsoft Internet Explorer Control Panel present O - Extra context menu item amp Google Search - res C Program Files Google GoogleToolbar dll cmsearch html O - Extra context menu item amp Yahoo Search - file C Program Files Yahoo Common ycsrch htm O - Extra context menu item Backward Links - res C Program Files Google GoogleToolbar dll cmbacklinks html O - Extra context menu item Cached Snapshot of Page - res C Program Files Google GoogleToolbar dll cmcache html O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra context menu item Similar Pages - res C Program Files Google GoogleToolbar dll cmsimi... Read more

Relevancy 32.25%

I m attaching the HJT log help Log...Please HJT Friend's of a friend s computer They are getting numerous pop-ups porn included Symantec found SpySheriff and other scans she has run has found a couple other things trojan spm LX I think that s what it is spyworm win and psw x-virtrojan Any help is appreciated Thanks Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer Friend's HJT Log...Please help v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccProxy exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Norton Internet Security ISSVC exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Gold Codec isamonitor exe C Program Files Real RealPlayer RealPlay exe C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe C Program Files Common Files AOL ee AOLSoftware exe C Program Files Gold Codec isamini exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C PROGRA MYWEBS bar bin mwsoemon exe C Program Files Viewpoint Viewpoint Toolbar V FotomatDeviceConnect exe C Program Files Java jre bin jusched exe C PROGRA HEWLET HPSHAR hpgs wnf exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS system ctfmon exe C Program Files Common Files Microsoft Shared Works Shared wkcalrem exe C PROGRA COMMON AOL ACS AOLacsd exe C Program Files Norton Internet Security Norton AntiVirus navapsvc exe C WINDOWS system svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS wanmpsvc exe C Program Files Common Files Symantec Shared NMain exe C Friend's HJT Log...Please help Program Files Common Files Symantec Shared AdBlocking NSMdtr exe C Program Files Internet Explorer iexplore exe C Program Files HijackThis exe C Program Files Messenger msmsgs exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft Friend's HJT Log...Please help com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Norton Internet Security - ECB - F - bbc- D- DDF E - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - BHO Viewpoint Toolbar BHO - A C -B - EDB- - D C EC - C Program Files Viewpoint Viewpoint Toolbar V ViewBarBHO dll O - BHO no name - ae da e-be - - bb- c af - C Program Files Gold Codec isaddon dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - Toolbar AOL Toolbar - D A-C B- -B B-B B E D C - C Program Files AOL Toolbar toolbar dll file missing O - Toolbar Viewpoint Toolbar - F AD AA -D - - DAF- D B - C Program Files Viewpoint Viewpoint Toolbar V ViewBar dll O - Toolbar Norton Internet Security - B EAC - D - b e- B -A C A A - C Program Files Common Files Symantec Shared AdBlocking NISShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - HKLM Run AOLDialer C Program Files Common Files AOL ACS AOLDial exe O - HKLM Run RealTray C Program Files Real RealPlayer RealPlay exe SYSTEMBOOTHIDEPLAYER O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run WorksFUD C Program Files ... Read more

Relevancy 32.25%

She's running Home Edition on an HP..

This is the error that she's getting stop:c0000218 {Registry File} The registry cannot load the hive (file): \SystemRoot\System32\Config\SECURITY or its log or alternate. It is corrupt, absent, or not writable.

I'm just curious as to what the best solution would be to solve this. She's at the point of format now, but I wanted to know if there's an alternative. I hate friggin HP's and imo the recovery drive is worthless. lol

Oh, she also informed me that she's looked at articles about it, but that they're usually aimed at people that can't boot windows at all.

TIA!

A:Trying to help a friend

Check this out:

http://support.microsoft.com/default...&Product=winxp

Good luck.

http://www.techsupportforum.com/forums/f10/trying-to-help-a-friend-22253.html
Relevancy 32.25%

This is My friends Log i tried to get rid or the Surf Side Friend NEEDS help kick using hijack this but I failedLogfile of HijackThis v Scan saved at PM on Platform Windows XP Friend NEEDS help WinNT MSIE Internet Explorer v Running Friend NEEDS help processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC WINDOWS System Ati evxx exeC WINDOWS SkJpcmQA command exeC Program Files Trend Micro PC-cillin Tmntsrv exeC Program Files Trend Micro PC-cillin PCCPFW exeC WINDOWS system rundll exeC WINDOWS Explorer exeC WINDOWS etb pokapoka exeC WINDOWS System Kaqdcn exeC Program Files QuickTime qttask exeC WINDOWS System PSof exeC Program Files Trend Micro PC-cillin Pop trap exeC Program Files Trend Micro PC-cillin pccguide exeC Program Files Trend Micro PC-cillin PCCClient exeC WINDOWS System sstray exeC Program Files D-Link AirPlus G AirGCFG exeC WINDOWS System RUNDLL exeC Program Files ATI Technologies ATI Control Panel atiptaxx exeC Program Files Trend Micro PC-cillin WebTrap EXEC Program Files ANI ANIWZCS Service WZCSLDR exeC WINDOWS System bemqluk exeC Program Files AIM aim exeC Program Files Spybot - Search amp Destroy TeaTimer exeC Program Files Messenger msmsgs exeC Program Files Common Files Windows services exeC WINDOWS System Psryjr exeC WINDOWS system cmd exeC Program Files Common Files services exeC WINDOWS System medgs exeC Program Files Avant Browser avant exeC WINDOWS System gms exeC Program Files Internet Explorer iexplore exeC WINDOWS System rundll exeC hijackthis HijackThis exeR - HKCU Software Microsoft Internet Explorer SearchURL http www - searching-and-more com sp phpR - HKCU Software Microsoft Internet Explorer Main Search Bar file C WINDOWS System Searchx htmR - HKCU Software Microsoft Internet Explorer Main Search Page http www - searching-and-more com sp phpR - URLSearchHook no name - EE B -F - BB- FB-A BD B A - C Program Files SurfSideKick SskBho dllF - REG system ini Shell Explorer exeO - BHO URLLink Class - A AACF -ADF - D - A - E B E - C Program Files NewDotNet newdotnet dllO - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocxO - HKLM Run SurfSideKick C Program Files SurfSideKick Ssk exeO - HKLM Run wrwekc C WINDOWS System wrwekc exeO - HKLM Run WinTask driver C WINDOWS System wintask exeO - HKLM Run version C WINDOWS System Eztwyz exeO - HKLM Run System service C WINDOWS etb pokapoka exeO - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exeO - HKLM Run secure C WINDOWS System Psryjr exeO - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottimeO - HKLM Run PSof C WINDOWS System PSof exeO - HKLM Run Pop trap exe quot C Program Files Trend Micro PC-cillin Pop trap exe quot O - HKLM Run pccguide exe quot C Program Files Trend Micro PC-cillin pccguide exe quot O - HKLM Run PCCClient exe quot C Program Files Trend Micro PC-cillin PCCClient exe quot O - HKLM Run nForce Tray Options sstray exe rO - HKLM Run Media Access C Program Files Media Access MediaAccK exeO - HKLM Run exp exe C WINDOWS System exp exeO - HKLM Run dnam C WINDOWS system d a Stub EXEO - HKLM Run D-Link AirPlus G C Program Files D-Link AirPlus G AirGCFG exeO - HKLM Run AUNPS RUNDLL AUNPS DLL Run O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exeO - HKLM Run ANIWZCS Service C Program Files ANI ANIWZCS Service WZCSLDR exeO - HKLM Run pavowas C WINDOWS System bemqluk exe rO - HKLM Run MedGS C WINDOWS System medgs exeO - HKLM Run GsAds C WINDOWS System gms exeO - HKLM Run opr C WINDOWS System opr exeO - HKLM Run Windows Incontext C DOCUME JBird LOCALS Temp InSearch exeO - HKLM Run winsync C WINDOWS System gutitt exe reg runO - HKLM Run New net Startup rundll C PROGRA NEWDOT NEWDOT DLL NewDotNetStartup -sO - HKCU Run services C Program Files Common Files Windows mc- - - exeO - HKCU Run DNS C Program Files Common... Read more

A:Friend NEEDS help

Hello RandomScrewed and welcome to the BC HijackThis forum. The first thing we need to do is update the operating system on this computer.The operating system is extremely out of date. By not keeping the OS updated the computer is vulnerable to every infection on the net and in emails today and trying to repair an unpatched system is virtually impossible. For update purposes, Microsoft has even stopped supporting a system that is this far out of date. Go to the Microsoft Windows XP Service Pack 1.a site and install Service Pack 1a. After all of the updates have been performed post a new HijackThis log back here using the Add Reply button and I will review it when it comes in.Cheers.OT

http://www.bleepingcomputer.com/forums/t/30256/friend-needs-help/
Relevancy 32.25%

she got a new laptop with Vista on it and she downloaded a virus i guess it had a laughing skull and she didnt think that was a bad thing i tried to print a log and it said there was an error but i have the one it opened anyway can someone help Logfile of HijackThis v Scan saved at AM on Platform Unknown Windows WinNT MSIE Internet Explorer v Running processes C Windows system Dwm exe C Windows System rundll exe friend help my needs C Program Files Synaptics SynTP SynTPStart exe C Program Files HP QuickPlay QPService exe C Program Files Hewlett-Packard HP Quick Launch Buttons QLBCTRL exe C Program Files Windows Defender MSASCui exe C Program Files HP Digital Imaging bin HpqSRmon exe C Windows system taskeng my friend needs help exe C Program Files HP HP Software Update hpwuSchd exe C Program Files Hewlett-Packard HP Wireless Assistant HPWAMain exe C Program Files Hewlett-Packard HP Wireless Assistant WiFiMsg exe C Program Files Java jre bin jusched exe C Program Files Zune ZuneLauncher exe C Program Files Windows Sidebar sidebar exe C Program Files Hewlett-Packard HP Advisor HPAdvisor exe C Windows ehome ehtray exe C Windows System rundll exe C Windows System rundll exe C Windows System rundll exe C Windows ehome ehmsas exe C Program Files Hewlett-Packard Shared HpqToaster exe C Windows System notepad exe C Program Files Windows Media Player wmplayer exe C Windows explorer exe C Program Files Mozilla Firefox firefox exe C Program Files AIM aim exe C Program Files AIM aolsoftware exe C Windows System mobsync exe C Users LGxF AppData Local Temp WPDNSE SID- winzip exe C Users LGxF AppData Local Temp WZSE TMP SETUP exe C Program Files WinZip WINZIP EXE C Users LGxF Documents HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TY ario amp pf laptop R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TY ario amp pf laptop R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TY ario amp pf laptop R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - Hosts localhost O - Toolbar no name - FEBEFE - B - - D -FFB D B CA - no file O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - HKLM Run NvSvc RUNDLL EXE C Windows system nvsvc dll nvsvcStart O - HKLM Run NvCplDaemon RUNDLL EXE C Windows system NvCpl dll NvStartup O - HKLM Run NvMediaCenter RUNDLL EXE C Windows system NvMcTray dll NvTaskbarInit O - HKLM Run SynTPStart C Program Files Synaptics SynTP SynTPStart exe O - HKLM Run QPService quot C Program Files HP QuickPlay QPService exe quot O - HKLM Run QlbCtrl ProgramFiles Hewlett-Packard HP Quick Launch Buttons QlbCtrl exe Start O - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hide O - HKLM Run hpqSRMon C Program Files HP Digital Imaging bin hpqSRMon exe O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run HP Health Check Scheduler ProgramFilesFolder Hewlett-Packard HP Health Check HPHC Scheduler exe O - HKLM Run HP Software Update C Program Files Hp HP Software Update HPWuSchd exe O - HKLM Run hpWirelessAssistant C Program Files Hewlett-Packard HP Wireless Assistant HPWAMain exe O - HKLM Run WAWifiMessage C Program Files Hewlett-Packard HP Wireless Assistant WiFiMsg exe O - HKLM Run SunJava... Read more

A:my friend needs help

Hello Durd and welcome,

If you still require assistance, we prefer a more comprehensive set of logs to assist in detecting any malware that may be present.

As noted in the final step (Step 5) of our sticky topic IMPORTANT - Read This Before Posting For Malware Removal Help....

Download Deckard's System Scanner (DSS) to your Desktop.

What DSS will do:create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review.
DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt in your next reply.
Please attach extra.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.

Please include the following in your next reply:

main.txt
an attached extra.txt

http://www.techsupportforum.com/forums/f284/my-friend-needs-help-262679.html
Relevancy 32.25%

My friend has been getting internet problems Most pages won t load the techsupportguy page for example or they load very slowly and end up with a quot this page cannot be displayed quot notice She uses windows XP Her HJT log Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS system Ati evxx exe C WINDOWS system dla tfswctrl exe C Program Files Common Files Real Update OB realsched exe C Program Files WinFast WFTVFM WFWIZ exe C Program Files SMSC Seticon exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files Java jre bin jusched friend's look Please at log my HJT exe C Program Files Eset nod kui exe C Program Files iTunes iTunesHelper exe C Program Files QuickTime qttask exe C Program Files DtecNet Software Digital File Check DigitalFileCheck exe C WINDOWS system ctfmon exe C Program Files VIA RAID raid tool exe C Palm HOTSYNC EXE C Program Files Sony Corporation Picture Package Picture Package Applications Residence exe C Program Files Sony Corporation Picture Package Picture Package Menu Please look at my friend's HJT log SonyTray exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C Program Files Eset nod krn exe C Program Files Analog Devices SoundMAX SMAgent exe C WINDOWS system svchost exe C Program Files Common Files Ulead Systems DVD ULCDRSvr exe C Program Files iPod bin iPodService exe c progra common instal update isuspm exe C PROGRA COMMON INSTAL UPDATE agent exe C WINDOWS system conime exe C Program Files MSN Messenger msnmsgr exe C WINDOWS explorer exe C Program Files Eset Please look at my friend's HJT log nod exe G prog Seasonal Sudoku Seasonal Sudoku exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C Program Files Real RealPlayer RealPlay exe C Program Files Internet Explorer iexplore exe C Program Files HijackThis HijackThis exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- Please look at my friend's HJT log B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - Toolbar ISTbar - FAA E -D - a -AB -A C E D - C Program Files ISTbar istbarcm dll file missing O - HKLM Run IMJPMIG quot C WINDOWS IME imjp IMJPMIG EXE quot Spoil RemAdvDef Migration O - HKLM Run PHIME ASync C WINDOWS system IME TINTLGNT TINTSETP EXE SYNC O - HKLM Run PHIME A C WINDOWS system IME TINTLGNT TINTSETP EXE IMEName O - HKLM Run dla C WINDOWS system dla tfswctrl exe O - HKLM Run UpdateManager quot C Program Files Common Files Sonic Update Manager sgtray exe quot r O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run MSN MMISSENGER mssmmspgr exe O - HKLM Run Jl B C WINDOWS kktnqyj exe O - HKLM Run Qquaj C Program Files Tqbaqda Eztar exe O - HKLM Run WIN C WINDOWS system windows exe O - HKLM Run services C WINDOWS system windows exe O - HKLM Run NITE C WINDOWS NITEAIM EXE O - HKLM Run WinFast Schedule C Program Files WinFast WFTVFM WFWIZ exe O - HKLM Run SetIcon Program Files SMSC Seticon exe O - HKLM Run ISUSPM Startup C PROGRA COMMON INSTAL UPDATE ISUSPM exe -startup O - HKLM Run ISUSScheduler quot C Program Files Common Files InstallShield UpdateService issch exe quot -start O - HKLM Run CorelDRAW Graphics Suite b C Program Files Corel Corel Graphics Languages CT Programs Registration exe title quot CorelDRAW Graphics Suite quot date serial DR WBS- -NFD lang CT O - HKLM Run crlregistrationf C Program Files Corel Corel Graphics Languages CT Programs registration exe title quot crlregistration quot dat... Read more

Relevancy 32.25%

OK this is for my friend he cant view any websites I know him HJT-For a friend in person so i can print off what he should do go to his house and help him out with it if thats ok Thanks alot in advance for any help Logfile of HijackThis v Scan HJT-For a friend saved at AM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C Windows System smss exeC Windows system winlogon exeC Windows system services exeC Windows system lsass exeC Windows system svchost exeC Windows System svchost exeC Program HJT-For a friend Files Common Files Symantec Shared ccSetMgr exeC Program Files Common Files Symantec Shared ccEvtMgr exeC Windows system spoolsv exeC Windows System Ati evxx exeC Program Files Norton AntiVirus navapsvc exeC Program Files Norton AntiVirus SAVScan exeC Windows System svchost exeC Program Files Common Files Symantec Shared CCPD-LC symlcsvc exeC Windows Explorer EXEC Windows System atiptaxx exeC Program Files QuickTime qttask exeC Program Files Messenger Plus MsgPlus exeC Program Files ISTsvc istsvc exeC Program Files AutoUpdate AutoUpdate exeC Windows lfpcg exeC Windows System qpredsvc exeC Program Files MSN Messenger msnmsgr exeC Windows System psipxspx exeC Program Files SAMSUNG RF KeyboardMouse mmkbd exeC Windows System wuauclt exeC Program Files Internet Explorer IEXPLORE EXEC Program Files CxtPls CxtPls exeC Program Files Internet Explorer IEXPLORE EXEC Program Files Internet Explorer IEXPLORE EXEC Program Files Internet Explorer IEXPLORE EXEC Program Files Internet Explorer IEXPLORE EXEC Documents and Settings james My Documents New Folder HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Bar http www btopenworld com searchpaneR - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www btinternet com R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by BTopenworldR - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file O - BHO BHObj Class - - F D- C- E - A C E C - C Windows nem dllO - BHO no name - BE- D - CEB-ADD -E A D - C Program Files CxtPls cxtpls dllO - BHO BAHelper Class - A FDD -A - - - ED E DBBB - C Program Files SideFind sfbho dllO - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dllO - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocxO - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dllO - Toolbar ISTbar - F ABCDB-A - c - -B A E - C PROGRA ISTbar istbar dllO - HKLM Run ATIModeChange Ati mdxx exeO - HKLM Run AtiPTA atiptaxx exeO - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottimeO - HKLM Run MessengerPlus quot C Program Files Messenger Plus MsgPlus exe quot O - HKLM Run CPQHotkeys hotkeysvc exeO - HKLM Run CTHelper cthelper exeO - HKLM Run IST Service C Program Files ISTsvc istsvc exeO - HKLM Run Windows System Configuration C Windows WINFRW EXEO - HKLM Run Windows Security Updater C Windows WINFRW EXEO - HKLM Run AutoUpdater quot C Program Files AutoUpdate AutoUpdate exe quot O - HKLM Run m a Q C Program Files ISTsvc istsvc exe C Windows lfpcg exeO - HKLM Run xsnj P qpredsvc exeO - HKLM Run bO y- C Windows lfpcg exeO - HKLM RunServices CPQHotkeys hotkeysvc exeO - HKLM RunServices CTHelper cthelper exeO - HKCU Run msnmsgr quot C Program Files MSN Messenger msnmsgr exe quot backgroundO - HKCU Run CPQHotkeys hotkeysvc exeO - HKCU Run CTHelper cthelper exeO - HKCU Run gB tRVjmR psipxspx exeO - HKCU RunServices CPQHotkeys hotkeysvc exeO - HKCU RunServices CTHelper cthelper exeO - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXEO - Global Startup RF Keyboard amp Mouse Program lnk O - Extra context menu item Web Rebates - file C Program Files Web Rebates Sy Tp scri a htmO - Extra button SideFind - E -DEB - -A -B F EC B - C Program Files SideFi... Read more

A:HJT-For a friend

Hello St_Anger and welcome to the BC forums. After reviewing your log I see a few items that require our attention. Please print these directions and then proceed with the following steps in order.Step #1Download CCleaner and install it but do not run it yet.I highly recommend removing Messenger Plus. It is known to have infectious files included in its installation routine.Remove installed programs using Add or Remove Programs in the Control Panel:Click Start.Click Control Panel.Double-click Add or Remove Programs.Look in the Currently installed programs box for each program listed below and if it is there:Click on it to select it.Click Change (or Change/Remove) button.If you are prompted to confirm the removal of the program, click Yes.Messenger Plus! 3Step #2Start in Safe Mode Using the F8 method:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.Use the arrow keys to select the Safe Mode menu item.Press the Enter key.Step #3Start HijackThis and click the Scan button to perform a scan. Look for the following items and click in the checkbox in front of each item to select it:R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\Windows\nem220.dllO2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:\Program Files\CxtPls\cxtpls.dllO2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dllO3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\PROGRA~1\ISTbar\istbar.dllO4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"O4 - HKLM\..\Run: [CTHelper] cthelper.exeO4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exeO4 - HKLM\..\Run: [Windows System Configuration] C:\Windows\WINFRW.EXEO4 - HKLM\..\Run: [Windows Security Updater] C:\Windows\WINFRW.EXEO4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"O4 - HKLM\..\Run: [????0??]m?*^a?Q??C:\Program Files\ISTsvc\istsvc.exe] C:\Windows\lfpcg.exeO4 - HKLM\..\Run: [xsnj39P] qpredsvc.exeO4 - HKLM\..\Run: [bO???#?y-??] C:\Windows\lfpcg.exeO4 - HKLM\..\RunServices: [CPQHotkeys] hotkeysvc.exeO4 - HKCU\..\Run: [CPQHotkeys] hotkeysvc.exeO4 - HKCU\..\Run: [CTHelper] cthelper.exeO4 - HKCU\..\Run: [gB4tRVjmR] psipxspx.exeO4 - HKCU\..\RunServices: [CPQHotkeys] hotkeysvc.exeO4 - HKCU\..\RunServices: [CTHelper] cthelper.exeO8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htmO9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dllO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Windows\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Windows\web\related.htmO16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4...006_regular.cabO16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/gamc6-gb/gbc6/games4.cabO16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CABNow close ALL open windows except HijackThis and click the Fix Checked button to finish the repair.Step #4We need to make sure all hidden files are showing so please:Click Start.Open My Computer.Select the Tools menu and click Folder Options.Select the View tab.Under the Hidden files and folders heading select Show h... Read more

http://www.bleepingcomputer.com/forums/t/18793/hjt-for-a-friend/
Relevancy 32.25%

Logfile of HijackThis v Scan saved at hjt help log friend pls this with my on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C WINDOWS system rundll exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS Explorer exe C WINDOWS system spoolsv exe C PROGRA svhost exe C Program Files Common pls help my friend with this hjt log Files Symantec Shared ccApp exe C WINDOWS Twain ScanWiz SDetect exe C Program Files Winamp winampa exe C Program Files Common Files EPSON EBAPI SAgent exe C Program Files Norton AntiVirus IWP NPFMntor exe C WINDOWS SOUNDMAN EXE C Program Files Vrlrde Dsuqx exe C Program Files Common Files Real Update OB realsched exe C Program Files Common Files InstallShield UpdateService issch exe C WINDOWS System atiupdpl exe C WINDOWS system slserv exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files Microsoft AntiSpyware gcasServ exe C WINDOWS System UAService exe C Program Files MSN Messenger MsnMsgr Exe c windows system plgkbmo exe C Utopia Angel Angel exe C Program Files Sony Corporation Image Transfer SonyTray exe C WINDOWS System spool DRIVERS W X E S IC EXE C Program Files Microsoft AntiSpyware gcasDtServ exe C Program Files Microsoft AntiSpyware GIANTAntiSpywareMain exe C Program Files Microsoft AntiSpyware gcasServAlert exe C Program Files mIRC mirc exe C Program Files Opera opera exe C Program Files Microsoft AntiSpyware gcasServAlert exe C Program Files Microsoft AntiSpyware gcasServAlert exe C Program Files Microsoft AntiSpyware gcasServAlert exe C Program Files Internet Explorer IEXPLORE EXE C Documents and Settings user Local Settings Temp Temporary Directory for HijackThis zip HijackThis exe R - HKCU Software Microsoft Internet Connection Wizard ShellNext http windowsupdate microsoft com R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - Default URLSearchHook is missing F - REG system ini Shell Explorer exe C WINDOWS Nail exe F - REG win ini load C PROGRA svhost exe O - Toolbar AZE Search - a ef - d - e - a-fe e c aed - C WINDOWS System azesearch ocx O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run SDetect exe C WINDOWS Twain ScanWiz SDetect exe O - HKLM Run WinampAgent C Program Files Winamp winampa exe O - HKLM Run C-Media Speaker Configuration C PROGRA C-Media WIN ME Setup exe SPEAKER O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run Cwpjsk C Program Files Vrlrde Dsuqx exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run ISUSPM Startup C PROGRA COMMON INSTAL UPDATE ISUSPM exe -startup O - HKLM Run ISUSScheduler quot C Program Files Common Files InstallShield UpdateService issch exe quot -start O - HKLM Run Desktop Search C WINDOWS isrvs desktop exe O - HKLM Run atiupdpl C WINDOWS System atiupdpl exe O - HKLM Run gcasServ quot C Program Files Microsoft AntiSpyware gcasServ exe quot O - HKLM RunServices atiupdpl C WINDOWS System atiupdpl exe O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - HKCU Run atiupdpl C WINDOWS System atiupdpl exe O - HKCU Run Utopia Angel quot C Utopia Angel Angel exe quot O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup EPSON Status Monitor Environment Check lnk C WINDOWS system spool drivers w x E SRCV EXE O - Global Startup Image Transfer lnk O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Extra button Spyware Doctor - D D A- - D -A A - C B E E - C W... Read more

A:pls help my friend with this hjt log

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.

Download Ewido Security Suite at http://www.ewido.net/en/download/ and install it. Update to the newest definitions. Do NOT run it yet.

Please download nailfix at http://users.pandora.be/bluepatchy/nailfix.zip (for Windows XP) or http://users.pandora.be/bluepatchy/nailfix2k.zip (for Windows 2000) Unzip it to the desktop but do NOT run it yet.

Download KillBox http://www.greyknight17.com/spy/KillBox.exe. You will use this later

Reboot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Make sure to close any open browsers. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click 'Kill process' for each one if they are still listed (they shouldn't be - but double check):

C:\PROGRA~1\svhost32.exe
C:\Program Files\Vrlrde\Dsuqx.exe
C:\WINDOWS\System32\atiupdpl.exe
c:\windows\system32\plgkbmo.exe

Once in Safe Mode, please double-click on nailfix.bat (or nailfix2k.bat if you have Windows 2000). Your desktop and icons will disappear and reappear, and a window should open and close very quickly --- this is normal.

Next run a full scan in Ewido. Post the log from the Ewido scan here.

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
F3 - REG:win.ini: load=C:\PROGRA~1\svhost32.exe
O3 - Toolbar: AZE Search - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - C:\WINDOWS\System32\azesearch3.ocx
O4 - HKLM\..\Run: [Cwpjsk] C:\Program Files\Vrlrde\Dsuqx.exe
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [atiupdpl] C:\WINDOWS\System32\atiupdpl.exe
O4 - HKLM\..\RunServices: [atiupdpl] C:\WINDOWS\System32\atiupdpl.exe
O4 - HKCU\..\Run: [atiupdpl] C:\WINDOWS\System32\atiupdpl.exe
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} - http://iebar.t2t2.com/iebar.cab
O20 - Winlogon Notify: Control Panel - C:\WINDOWS\system32\lv6809jue.dll
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

Close all open windows except for HijackThis and click Fix Checked.

Run KillBox and check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'. For each of the following files below, check the box that says 'Unregister .dll Before Deleting' if it's not grayed out. Copy and paste each of the following into KillBox (hitting the X button for each file - choose NO when it asks if you want to reboot):

C:\WINDOWS\Nail.exe
C:\Program Files\svhost32.exe<<<<note the exact spelling and location of this file, as it is similar to a legit Windows file
C:\Program Files\Vrlrde\
C:\WINDOWS\isrvs\
C:\WINDOWS\System32\atiupdpl.exe
C:\WINDOWS\System32\atiupdpl.exe
C:\WINDOWS\System32\atiupdpl.exe
C:\WINDOWS\system32\lv6809jue.dll
C:\WINDOWS\svcproc.exe

Now, restart your computer in normal mode and post a new HijackThis log, as well as the log from the Ewido scan.

Also, Download L2MFix from one of these two locations:

http://www.atribune.org/downloads/l2mfix.exe
http://www.downloads.subratam.org/l2mfix.exe

Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts. Then open the newly added l2mfix folder on your desktop. Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and th... Read more

http://www.techsupportforum.com/forums/f284/pls-help-my-friend-with-this-hjt-log-53925.html
Relevancy 32.25%

Could someone please have a look at this friend's log Thanks Logfile of HijackThis v Scan saved at AM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes C WINNT System friend's log smss exe friend's log C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system svchost exe C WINNT system spoolsv exe E VIRUSS avgserv exe C WINNT System svchost exe C WINNT System nvsvc exe C WINNT system regsvc exe C WINNT system MSTask exe C WINNT system stisvc exe C WINNT System WBEM WinMgmt exe C WINNT system svchost exe C WINNT Explorer EXE E Winamp Winampa exe C Program Files Java j re bin jusched exe C WINNT friend's log system sysmon exe E VIRUSS avgcc exe E Program Files ICQ ICQ exe C Program Files MSN Messenger MsnMsgr Exe C Program Files Yahoo Messenger ymsgr tray exe C WINNT system wuauclt exe E Kazaa Lite K KazaaLite kpp C WINNT system ZoneLabs vsmon exe E PROGRA ZONELA ZONEAL zlclient exe C Program Files Internet Explorer iexplore exe C Documents and Settings Administrator Local Settings Temporary Internet Files Content IE I MLYHSP HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cus http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Search Page http red clientapps yahoo com customize ie defaults sp ymsgr http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www hotmail com R - HKLM Software Microsoft Internet Explorer Main Start Page http red clientapps yahoo com customize ie defaults stp ymsgr http my yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cus http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http red clientapps yahoo com customize ie defaults sp ymsgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http red clientapps yahoo com customize ie defaults stp ymsgr http my yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http red clientapps yahoo com customize ie defaults su ymsgr http www yahoo com R - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com customize ie defaults su ymsgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main SearchAssistant about blank O - BHO no name - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dll O - BHO no name - D D -F E - ad- A - ECE AC - C Program Files MyWay myBar bin MYBAR DLL O - BHO no name - E F-C D - D -B D- B D BE B - E Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - FA -E E- - -A B EC - C WINNT system domain dll O - BHO no name - F F- AE- C -B D - B C - C WINNT system smail dll O - BHO no name - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - Toolbar amp Radio - E - F- D - E- A C - C WINNT system msdxm ocx O - Toolbar amp SearchBar - D D -F E - ad- A - ECE AC - C Program Files MyWay myBar bin MYBAR DLL O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - Toolbar amp Yahoo Companion - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn ycomp dll O - HKLM Run Synchronization Manager mobsync exe logon O - HKLM Run NvCplDaemon RUNDLL EXE C WINNT System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run Cmaudio RunDll cmicnfg cpl CMICtrlWnd O - HKLM Run PCTVOICE pctspk exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run WinampAgent quot E Winamp Winampa exe quot O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKLM Run Mirabilis ICQ E Program Files ICQ NDetect exe O - HKLM Run P P Networking C WINNT system P P Networking P P Networking exe AUTOSTART O - HKLM Run sysmon C WINNT system sysmon exe O - HKLM Run AVG CC E VIRUSS avgcc exe STARTUP O - H... Read more

Relevancy 32.25%

This process is running on my wife's computer and often causes it to run quite slow. Google search shows conflicting reports from "it's a normal program that is part of the Kaspersky security suite" to "it's a remote based trojan that should be removed immediately". Can anyone clear this up please? (I installed "The Shield 2008 Deluxe" to see if it recognized this file as a trojan but it didn't)

Thanks in advance for any help with this issue.

A:Avp.exe Friend Or Foe?

Hi Brodyack! Welcome to BC!

Does your wife's computer have Kaspersky security suite installed on it? If not, then I'd say it's probably not legit. If so, it probably is but still merits closer attention. Also, if Kaspersky is installed, check to make sure that it's fully up to date.

Let us know!

http://www.bleepingcomputer.com/forums/t/114189/avpexe-friend-or-foe/
Relevancy 32.25%

Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS HJT log Friend's system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC WINDOWS system devldr exeC WINDOWS Explorer EXEC Program Files QuickTime qttask exeC Program Files Norton SystemWorks Norton Ghost GhostStartTrayApp exeC PROGRA VERIZO SUPPOR SMARTB MotiveSB exeC Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exeC Program Files Common Files Microsoft Shared Works Shared WkUFind Friend's HJT log exeC Program Files Creative SBLive Creative Diagnostics DIAGENT EXEC WINDOWS DELLMMKB EXEC Program Files Common Files Symantec Shared ccApp exeC Program Files Roxio Easy CD Creator DirectCD DirectCD exeC Program Files Netropa OSD exeC Program Files Common Files Microsoft Shared Works Shared wkcalrem exeC WINDOWS Nhksrv exeC Program Files Common Files Symantec Shared ccEvtMgr exeC WINDOWS System CTsvcCDA EXEC PROGRA NORTON NORTON GHOSTS EXEC Program Files Norton SystemWorks Norton AntiVirus navapsvc exeC Program Files Norton SystemWorks Norton Utilities NPROTECT EXEC WINDOWS System nvsvc exeC PROGRA NORTON SPEEDD nopdb exeC WINDOWS System svchost exeC WINDOWS System MsPMSPSv exeC Program Files Messenger msmsgs exeC WINDOWS system wscntfy exeC Program Files Verizon Online SupportCenter bin mpbtn exeC Program Files Internet Explorer iexplore exeC Documents and Settings William Harman Local Settings Temporary Internet Files Content IE D ZG YZ HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http start verizon net vzn dsl welcome htm ver O - HKLM Run NvCplDaemon RUNDLL EXE C Friend's HJT log WINDOWS System NvCpl dll NvStartupO - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottimeO - HKLM Run QD FastAndSafe C Program Files Norton SystemWorks Norton Ghost GhostStartTrayApp exeO - HKLM Run nwiz nwiz exe installO - HKLM Run Motive SmartBridge C PROGRA VERIZO SUPPOR SMARTB MotiveSB exeO - HKLM Run mmtask C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exeO - HKLM Run Microsoft Works Update Detection C Program Files Common Files Microsoft Shared Works Shared WkUFind exeO - HKLM Run GhostStartTrayApp C Program Files Norton SystemWorks Norton Ghost GhostStartTrayApp exeO - HKLM Run DIAGENT C Program Files Creative SBLive Creative Diagnostics DIAGENT EXE startupO - HKLM Run DellTouch C WINDOWS DELLMMKB EXEO - HKLM Run ccRegVfy quot C Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run AHQInit C Program Files Creative SBLive Program AHQInit exeO - HKLM Run AdaptecDirectCD quot C Program Files Roxio Easy CD Creator DirectCD DirectCD exe quot O - HKCU Run SpyKiller C Program Files SpyKiller spykiller exe startupO - HKCU Run MoneyAgent quot C Program Files Microsoft Money System Money Express exe quot O - HKCU Run BestPopUpKiller C Program Files BestPopUpKiller BestPopupKiller exe startupO - Startup verizon online lnk O - Global Startup Microsoft Works Calendar Reminders lnk O - Global Startup Shortcut to verizon online lnk O - Global Startup Verizon Online Support Center lnk C Program Files Verizon Online SupportCenter bin matcli exeO - DPF E DBFB C- A- CF-B -F C AF DE BD - http download abacast com downloa asetup f cabLogfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC WINDOWS system devldr exeC WINDOWS Explorer EXEC Program Files QuickTime qttask exeC Program Files Norton SystemWorks Norton Ghost GhostStartTrayApp exeC PROGRA VERIZO SUPPOR SMARTB MotiveSB... Read more

A:Friend's HJT log

Nothing wrong here, but you should remove Spykiller and do the following:Log looks clean...great job!Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point.

You can find instructions on how to enable and reenable system restore here:

Managing Windows Millenium System Restore

or

Windows XP System Restore Guide

Renable system restore with instructions from tutorial above

Make your Internet Explorer more secure - This can be done by following these simple instructions:From within Internet Explorer click on the Tools menu and then click on Options.Click once on the Security tabClick once on the Internet icon so it becomes highlighted.Click once on the Custom Level button.
Change the Download signed ActiveX controls to PromptChange the Download unsigned ActiveX controls to DisableChange the Initialize and script ActiveX controls not marked as safe to DisableChange the Installation of desktop items to PromptChange the Launching programs and files in an IFRAME to PromptChange the Navigate sub-frames across different domains to PromptWhen all these settings have been made, click on the OK button. If it prompts you as to whether or not you want to save the settings, press the Yes button.Next press the Apply button and then the OK to exit the Internet Properties page.Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

See this link for a listing of some online & their stand-alone antivirus programs:

Virus, Spyware, and Malware Protection and Removal Resources

Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

For a tutorial on Firewalls and a listing of some available ones see the link below:

Understanding and Using Firewalls

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an antivirus software.

A tutorial on installing & using this product can be found here:

Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers

Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

A tutorial on installing & using this product can be found here:

Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer

Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

A tutorial ... Read more

http://www.bleepingcomputer.com/forums/t/2363/friends-hjt-log/
Relevancy 32.25%

my friend's pc = 486/win98/only floppy disk
he wants me to clean it up of virus and spyware
1: i want to install spybots, but it too big for a floppy, so i'm thinking of using winsplit to fit it in the floppy is there a better software than winsplit
2: where can i d/l the latest spybot updates by itself
3: any freeware antivirus software that will fit on a floppy with update detection file
4: any freeware spyware that fits on a single floppy
5: how can i do a ping test on a 56K modem
 

A:help my friend's old 486

Can you remove the drive out you friends 486 and temporarily hook it to your PC to move those apps over?
 

https://forums.techguy.org/threads/help-my-friends-old-486.265528/
Relevancy 32.25%

Error loading E6F1873B.DLL

My friend is 600 miles away so I can't just jump over there and help her. So what she tells me is that eveytime she runs Ad-Aware and her norton, both in safe mode she get 3-400 spywares. some she can't delete. She also has spykiller which I read here is a rogue spyware. Could this be her major troubles?She also says when she boots up a error message is diplayed.

Error loading E6F1873B.DLL

Do you think if she removes spykiller and reruns ad-aware and spybot S&D she might be okay.

A:Want To Help A Friend?

Hi mschroe919-

That .dll file is indicative of a trojan onboard. Uninstalling Spykiller is always recommended, but, I think, not necessarily related.

I'd recommend your friend do this:

Have her please download HijackThis - this program will help us determine if there are any spyware/malware on your computer. Create a folder at C:\HJT and move HijackThis.exe there. Double click on the program to run it. Save the log, and copy it into a new thread in the HijackThis Log Help forum.

Have her describe her problem, and what she has attempted to fix it so far.

http://www.techsupportforum.com/forums/f10/want-to-help-a-friend-39477.html
Relevancy 32.25%

Hiya At a mates house and think they have all sorts Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Virgin Broadband PCguard fws exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C Program Files Java jre bin jusched exe C Program Files Trust WB- T USB Webcam SnapTrap exe C WINDOWS system rundll exe C PROGRA MYWEBS bar bin mwsoemon exe C Program Files QuickTime qttask exe C Program Files iTunes iTunesHelper exe C Program Files Virgin Broadband advisor Broadbandadvisor exe C Program Files Virgin Broadband PCguard Rps exe C Program Files Picasa PicasaMediaDetector exe C WINDOWS system ctfmon exe C Program Files MSN Messenger MsnMsgr Exe C Program Files Skype Phone Skype exe C Program Files Ulead Systems Ulead Photo Express SE CalCheck exe C Program Files Windows Desktop Search WindowsSearch exe C Program Files MSWorks Calendar WKCALREM EXE c progra intern iexplore exe C Program Files Internet Explorer iexplore exe C Program Files Windows Desktop Search WindowsSearchIndexer exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C WINDOWS System inetsrv inetinfo exe C WINDOWS System tcpsvcs exe C WINDOWS System snmp exe C WINDOWS System svchost exe C WINDOWS System mqsvc exe C WINDOWS System mqtgsvc exe C Program Files iPod bin iPodService exe C Program Files Skype Plugin Manager SkypePM exe C Program Files Virgin Broadband advisor BroadbandadvisorComHandler exe C WINDOWS system wuauclt exe C Program Files MSN Messenger usnsvc exe C WINDOWS System dllhost exe C Program Files Common Files Command Software dvpapi exe C Program Files Internet Explorer iexplore exe C Program Files HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www virginmedia com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http home bt yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search Log for a Friend URL http uk red clientapps yahoo com customize btyahoo defaults su http uk search yahoo com R - HKLM Software Microsoft Log for a Friend Internet Explorer Main Search Bar http uk red clientapps yahoo com b http uk docs yahoo com info bt side html R - HKLM Software Microsoft Internet Explorer Main Start Page http home bt yahoo com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file R - URLSearchHook no name - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL O - BHO MyWebSearch Search Assistant BHO - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL O - BHO mwsBar BHO - B EA -A - -B BB- DE CCA - C Program Files MyWebSearch bar bin MWSBAR DLL O - BHO dsWebAllowBHO Class - F D C- - F-A - E BD E - C Program Files Windows Desktop Search dsWebAllow dll O - BHO Pop-Up Blocker BHO - C EA -E A - E -A -D B C A - C Program Files Virgin Broadband PCguard pkR dll O - BHO Form Filler BHO - E D-C B- D -B C- E A - C Program Files Virgin Broadband PCguard FBHR dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO SidebarAutoLaunch Class - F AA - - -B C -A CCDF CBF D - C Program Files Yahoo browser YSidebarIEBHO dll file missing O - HKLM Run MsmqIntCert regsvr s mqrt dll O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run STICAP C Program Files Trust WB- T USB Webcam SnapTrap exe O - HKLM Run BluetoothAuthenticationAgent rundll exe bthprops cpl BluetoothAuthenticationAgent O - HKLM Run Ulead AutoDetector C Documents and Settings T Firth Desktop Monitor exe O - HKLM Run My Web Search Bar rundll C PROG... Read more

https://forums.techguy.org/threads/log-for-a-friend.578816/
Relevancy 32.25%

Okay, So my friend is having issues with his taskbar....He is using vista but I tried to sort it using team viewer but that did not work.
Please help him. Picture below xD

A:Help my friend.

Are you referring to the white bar between your taskbar and... whatever that weird window thing is in the background.

http://www.sevenforums.com/general-discussion/142833-help-my-friend.html
Relevancy 32.25%

hey for a friend help i liked this forum so much help for a friend i thought i might use it to help my friends computer plz look at this Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE c program files mcafee com agent mcdetect exe c PROGRA mcafee com agent mctskshd exe c PROGRA mcafee com vso mcvsrte exe C PROGRA McAfee com PERSON MPFSERVICE exe C WINDOWS system svchost exe C Program Files Common Files Ulead Systems DVD ULCDRSvr exe C WINDOWS system hkcmd exe C Program Files Analog Devices Core smax pnp exe C Program Files Dell Media Experience PCMService exe C Program Files MUSICMATCH Musicmatch Jukebox mm tray exe C PROGRA mcafee com agent mcagent exe C PROGRA mcafee com vso mcvsshld exe C PROGRA McAfee com PERSON MpfTray exe C WINDOWS system dla tfswctrl exe C Program Files Common Files Sonic Update Manager sgtray exe C Program Files Dell Photo AIO Printer dlbtbmgr exe C Program Files Common Files Real Update OB realsched exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C Program Files Common Files AOL ee AOLSoftware exe C Program Files Common Files Ulead Systems AutoDetector monitor exe C Program Files iTunes iTunesHelper exe C Program Files QuickTime qttask exe c progra mcafee com vso mcvsescn exe C Program Files Messenger msmsgs exe C Program Files Google Google Desktop Search GoogleDesktop exe C Program Files MSN Messenger MsnMsgr Exe C Program Files Plaxo PlaxoHelper exe C Program Files Dell Photo AIO Printer dlbtbmon exe C Program Files AIM aim exe C PROGRA MUSICM MUSICM MMDiag exe C Program Files MUSICMATCH Musicmatch Jukebox mim exe c progra mcafee com vso mcvsftsn exe c PROGRA mcafee com vso mcshield exe C Program Files iPod bin iPodService exe C PROGRA McAfee com PERSON MpfAgent exe C WINDOWS system wuauclt exe C Program Files Yahoo Messenger ymsgr tray exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Google Google Desktop Search GoogleDesktopIndex exe C Program Files Google Google Desktop Search GoogleDesktopCrawl exe C Ried exe exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie ch search html R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http as starware com dp search x w TCIlDEij T Y R - HKCU Software Microsoft Internet Explorer SearchURL Default http us rd yahoo com customize ie www yahoo com R - HKCU Software Microsoft Internet Connection Wizard ShellNext http ts mcafeehelp com dell R - URLSearchHook no name - EA - - DB- F -D CA FB C D - no file R - URLSearchHook no name - - no file R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn yt dll O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C Program Files Yahoo Companion Installs cpn yt dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO InfoDocReader Object - D F F- ED- DC- A -A B - C WINDOWS system mlljk dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO Yahoo IE Services Button - BAB B B- BC- B - D - F... Read more

A:help for a friend

Hello and welcome...

Please download VundoFix.exe to your desktop.Double-click VundoFix.exe to run it.
Put a check next to "Run VundoFix as a task."
You will receive a message saying vundofix will close and re-open in a minute or less. Click "OK".
When VundoFix re-opens, click the "Scan for Vundo" button.
Once it's done scanning, click the "Remove Vundo" button.
If it says "No infected files were found", right-click the blank listbox (white box) in the main VundoFix window.
Select "Add More Files?" from the menu that comes up. This will open a new VundoFix window that says "Paste files into the boxes below:"
In the top/first field, copy and paste the path to the dll: C:\WINDOWS\system32\mlljk.dll
In the next/second field, copy and paste the path to the reversed file: C:\WINDOWS\system32\kjllm.*
Click the "Add Files" button.
Click the "Close Window" button.
Click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click "YES".
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click "OK".
Turn your computer back on.
Please post the contents of C:\vundofix.txt and a new HiJackThis log.


Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=w...TCIlDEij39T5Y=
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: InfoDocReader Object - {39D36F7F-81ED-45DC-87A3-A51824966B06} - C:\WINDOWS\system32\mlljk.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
O20 - Winlogon Notify: mlljk - C:\WINDOWS\system32\mlljk.dll

Open Windows Explorer and delete the following red folder/s

C:\Program Files\ Viewpoint
C:\Program Files\ Spyware Cleaner <--- "Spyware remover" of dubious repute

Reboot....................................

Please download, update and run the A2 (A squared) anti-trojan. Let it fix whatever it wants to.

Anti-virus
Also, run this pc through the Panda Online virus scanner
or
Trend Micro Housecall Online virus scanner

Let it delete whatever it finds. If it cannot delete it, then post the log and we will delete it manually.

Please download ATF Cleaner by Atribune
http://www.atribune.org/public-beta/ATF-Cleaner.exe
Save it to your Desktop.

Double-click ATF-Cleaner.exe to run the program.
Click Select All found at the bottom of the list.
Click the Empty Selected button.
Click Exit on the Main menu to close the program.


Please post the contents of C:\vundofix.txt and a new HiJackThis log.

http://www.techsupportforum.com/forums/f284/help-for-a-friend-115162.html
Relevancy 32.25%

Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS System cisvc exe C Program Files ewido anti-malware ewidoctrl exe friend's HJT log My C Program Files Common Files Microsoft Shared VS Debug mdm exe C WINDOWS system wdfmgr exe C My friend's HJT log WINDOWS My friend's HJT log System alg exe C Program Files iPod bin iPodService exe C WINDOWS system cidaemon exe C Program Files iTunes iTunes exe C Program Files ewido anti-malware SecuritySuite exe C Program Files Lavasoft Ad-Aware SE Professional Ad-Aware exe C Program Files MSN Messenger msnmsgr exe C WINDOWS system ctfmon exe C WINDOWS explorer exe C WINDOWS system rundll exe C Program Files HiJackThis HijackThis exe C WINDOWS system NOTEPAD EXE R - HKCU Software Microsoft Internet Explorer Main Default Search URL http searchbar findthewebsiteyouneed com R - HKCU Software Microsoft Internet Explorer Main Search Bar http searchbar findthewebsiteyouneed com R - HKCU Software Microsoft Internet Explorer Main Search Page http searchbar findthewebsiteyouneed com R - HKCU Software Microsoft Internet Explorer Main Start Page http www findthewebsiteyouneed com R - HKLM Software Microsoft Internet Explorer Main Search Page My friend's HJT log http searchbar findthewebsiteyouneed com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http searchbar findthewebsiteyouneed com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost O - Toolbar FlashGet Bar - E E AB-F - D - D - BA E - C PROGRA FlashGet fgiebar dll O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run MSPY C WINDOWS System IME PINTLGNT ImScInst exe SYNC O - HKLM Run PHIME ASync C WINDOWS System IME TINTLGNT TINTSETP EXE SYNC O - HKLM Run PHIME A C WINDOWS System IME TINTLGNT TINTSETP EXE IMEName O - HKLM Run MessengerPlus quot C Program Files Messenger Plus MsgPlus exe quot O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run Easy-PrintToolBox C Program Files Canon Easy-PrintToolBox BJPSMAIN EXE logon O - HKLM Run IMJPMIG quot C WINDOWS IME imjp IMJPMIG EXE quot Spoil RemAdvDef Migration O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run Logitech Utility Logi MwX Exe O - HKLM Run mmtask c Program Files MusicMatch MusicMatch Jukebox mmtask exe O - HKLM Run newname c nwnmff e exe O - HKLM Run defender c dfndrff e exe O - HKLM Run keyboard c kybrdff e exe O - HKCU Run MessengerPlus quot C Program Files Messenger Plus MsgPlus exe quot WinStart O - HKCU Run H PC Connection Agent quot C Program Files Microsoft ActiveSync wcescomm exe quot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run LDM C Program Files Logitech Desktop Messenger Program LogitechDesktopMessenger exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run msnmsgr quot C Program Files MSN Messenger msnmsgr exe quot background O - Startup LimeWire On Startup lnk C Program Files LimeWire LimeWire exe O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup Logitech Desktop Messenger lnk C Program Files Logitech Desktop Messenger Program LDMConf exe O - Extra context menu item amp Clean Traces - C Program Files DAP Privacy Package dapcleanerie htm O - Extra context menu item amp Download with amp DAP - C Program Files DAP dapextie htm O - Extra context menu item amp Download with Download Accelerator Lite - C Program Files Download Accelerator Lite dal htm O - Ext... Read more

A:My friend's HJT log

Hi and welcome...


Please download Combofix: http://download.bleepingcomputer.com/sUBs/combofix.exe
and save to the desktop.

1. Double click on combo.exe & follow the prompts.
2. When finished, it will produce a logfile located at C:\ComboFix.txt.
3. Post the contents of that log in your next reply with a new hijackthis log.

Notes:
* Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.
* Do not proceed with the rest of the fix if you fail to run combofix
* Disable script blocking if you have NAV installed so it will not interfere with the fix. Trojan Hunter has been reported to detect combofix as Worm.Qiv.100.


=================================

Please download, update and run (one at a time of course!) Spybot Search & Destroy v1.4 and Ad-aware SE v1.06 . Fix whatever they suggest.

If you would like to learn more about how to use these two programs with the proper settings you can read the tutorials below:

Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer:

Using Spybot - Search & Destroy to remove Spyware, Malware, & Hijackers from Your Computer.

Anti-trojan
Please download, update and run the A2 (A squared) anti-trojan. Let it fix whatever it wants to.

Also, run this pc through the...
Panda Online virus scanner
or
Trend Micro Housecall Online virus scanner

Let it delete whatever it finds. If it cannot delete it, then post the log and we will delete it manually.

Post back the HJT and the ComboFix log.

http://www.techsupportforum.com/forums/f284/my-friends-hjt-log-117323.html
Relevancy 32.25%

Hello all Thank you for all your help in the past The log I am submitting this time a Log Help friend please... of H/J is from a computer that has slowed down unexpectedly Help please... H/J Log of a friend on the net and shuts Help please... H/J Log of a friend down sometimes for no reason and wont let some apps run or they run slowly This entry is suspicious to me O - HKLM Run TCASUTIEXE TCAUDIAG exe -on but the rest look normal I just ran a housecall scan and no viruses were detected I will do a panda and a trojan scan later Logfile of HijackThis v Scan saved at AM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes C WINNT System smss exe C WINNT system winlogon exe C WINNT system services exe C WINNT system lsass exe C WINNT system svchost exe C WINNT system spoolsv exe C WINNT System msdtc exe C PROGRA Adaptec STORAG service exe C PROGRA Adaptec STORAG ASMProServer exe C WINNT System svchost exe C PROGRA Symantec NORTON GHOSTS EXE C WINNT System llssrv exe C WINNT Explorer EXE C PROGRA Navnt npssvc exe C WINNT system TCAUDIAG exe C WINNT system atiptaxx exe C Program Files Symantec Norton Ghost GhostStartTrayApp exe C Program Files D D exe C Program Files Belkin Bulldog Plus MUPS exe C WINNT system regsvc exe C Program Files Navnt NAVAPW EXE C Program Files Microsoft SQL Server Tools Binn sqlmangr exe C WINNT system MSTask exe C Program Files Belkin Bulldog Plus upsd exe C WINNT System WBEM WinMgmt exe C WINNT system svchost exe C WINNT system Dfssvc exe C WINNT System inetsrv inetinfo exe C WINNT System svchost exe C WINNT System svchost exe C PROGRA Navnt navapsvc exe C PROGRA Navnt alertsvc exe C PROGRA MICROS MSSQL binn sqlagent exe C WINNT system MAPISP EXE C Program Files HijackThis HijackThis exe O - Toolbar msdxmLC dll email protected amp Radio - E - F- D - E- A C - C WINNT System msdxm ocx O - HKLM Run TCASUTIEXE TCAUDIAG exe -on O - HKLM Run nForce Tray Options sstray exe r O - HKLM Run AtiPTA atiptaxx exe O - HKLM Run GhostStartTrayApp C Program Files Symantec Norton Ghost GhostStartTrayApp exe O - HKLM Run NPS Event Checker C PROGRA Navnt npscheck exe O - HKLM Run Dimension C Program Files D D exe O - Global Startup MUPS lnk C Program Files Belkin Bulldog Plus MUPS exe O - Global Startup Norton AntiVirus AutoProtect lnk C Program Files Navnt NAVAPW EXE O - Global Startup Service Manager lnk C Program Files Microsoft SQL Server Tools Binn sqlmangr exe O - Extra button Related HKLM O - Extra Tools menuitem Show amp Related Links HKLM O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net housecall antivirus com housecall xscan cab O - DPF F C AA- B- -BA - A BB F Update Class - http v windowsupdate microsoft com CAB x unicode iuctl CAB O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http download macromedia com pub shockwave cabs flash swflash cab O - HKLM System CCS Services Tcpip Parameters Domain O - HKLM System CCS Services Tcpip ED C -AFAD- - FBA-A E AECA NameServer O - HKLM System CCS Services Tcpip A - C- -AB E- NameServer O - HKLM System CS Services Tcpip Parameters Domain O - HKLM System CS Services Tcpip ED C -AFAD- - FBA-A E AECA NameServer O - HKLM System CS Services Tcpip Parameters Domain O - HKLM System CS Services Tcpip ED C -AFAD- - FBA-A E AECA NameServer Thank you for all your help again nbsp

A:Help please... H/J Log of a friend

Hi Munkee,

O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on

is a diagnostic tool for the NIC card.

Please run a new HJT! Scan, and check to fix the following entries, being sure to double check that you haven't missed any. Next, close all browser windows and click the Fix checked button…

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain =

O17 - HKLM\System\CCS\Services\Tcpip\..\{1ED782C8-AFAD-4845-8FBA-A0E555AECA44}: NameServer =

O17 - HKLM\System\CCS\Services\Tcpip\..\{27A45719-656C-4470-AB1E-288841000470}: NameServer =

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain =

O17 - HKLM\System\CS1\Services\Tcpip\..\{1ED782C8-AFAD-4845-8FBA-A0E555AECA44}: NameServer =

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain =

O17 - HKLM\System\CS2\Services\Tcpip\..\{1ED782C8-AFAD-4845-8FBA-A0E555AECA44}: NameServer =

See if that cures it. I'm assuming that you haven't edited these for privacy reasons. If you have but still don't want to broadcast the info, then please PM me with the info, and I'll check out what you send. If the entires do appear as shown, then they can be fixed.

Cheers

Liam
 

https://forums.techguy.org/threads/help-please-h-j-log-of-a-friend.202807/
Relevancy 32.25%
Q: friend

Cant connect to facebook why...
 

A:friend

Hi....I'm going to need some more information.

How are you trying to connect?? From a tablet, laptop, desktop, smartphone?

If a computer are you hooked up via Ethernet connection or WiFi?
 

https://forums.techguy.org/threads/friend.1161563/
Relevancy 32.25%

OK where to start I m doing this via msn messenger for him He can t update log a HJT friend's Ad-aware AVG updated and ran fine I had him run trend and panda s online scans I had him run the sasser and gaobot removal tools The thing is in his HJT scan I googled this quot WINDOWS System alg exe quot which turned up with this http vil nai com vil content Print htm He checked it via properties and it s been on his computer since after a format I don t know what else to do Any help will be greatly appreciated P S a friend's HJT log Here s a copy paste from our messenger conversation It s his explanation of what s going on quot after i made the mistake of using opera and mozilla as my default browsers and i uninstalled both of them I cannot open any of the links you post in this IM window it acts like its trying to open another browser besides the IE browser and nothing opens quot Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS System alg exe C PROGRA Grisoft AVG avgserv exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C WINDOWS System nvsvc exe C Program Files MSN Messenger msnmsgr exe C WINDOWS System devldr exe C PROGRA Grisoft AVG AVGCC EXE C Program Files Internet Explorer IEXPLORE EXE C Documents and Settings Ken Desktop New Folder hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www webcrawler com info wbcrwl toolbar dog forms search htm R - HKCU Software Microsoft Internet Explorer Main Search Page http www webcrawler com info wbcrwl R - HKCU Software Microsoft Internet Explorer Search SearchAssistant http www webcrawler com info wbcrwl toolbar dog forms search htm R - HKLM Software Microsoft Internet Explorer Main Search Bar http www webcrawler com info wbcrwl toolbar dog forms search htm R - HKLM Software Microsoft Internet Explorer Main Search Page http www webcrawler com info wbcrwl R - HKCU Software Microsoft Internet Explorer SearchURL Default http www webcrawler com info wbcrwl toolbar O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - Toolbar Webcrawler Toolbar - F F -E - F- F- CC AE - C Program Files WebcrawlerToolbar ultrabar dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run THGuard quot C Program Files TrojanHunter THGuard exe quot O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run Zone Labs Client C PROGRA ZONELA ZONEAL zlclient exe O - Global Startup Microsoft Office lnk disabled O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS Office EXCEL EXE O - Extra context menu item Webcrawler Cursor Search - C Documents and Settings All Users Application Data Infospace WebcrawlerToolbar contextsearch htm O - Extra button Messenger HKLM O - Extra Tools menuitem Messenger HKLM O - DPF Yahoo Poker - http download games yahoo com games clients y pt x cab O - DPF Yahoo Spades - http download games yahoo com games clients y st x cab O - DPF B BCA- F C- CF- - Shockwave ActiveX Control - http fpdownload macromedia com pub shockwave cabs director swdir cab O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net d ae housecall antivirus com housecall xscan cab O - DPF A - C- E - B- D EC D CRAVOnline Object - http www ravantivirus com scan ravonline cab nbsp

A:a friend's HJT log

If he can have him remove it in control panel, add/remove programs. If that fails...

Run HJT again and check:

O3 - Toolbar: Webcrawler Toolbar - {9677F3F1-E994-451F-805F-7148CC8AE040} - C:\Program Files\WebcrawlerToolbar\ultrabar.dll

Close all applications and browser windows before you click "fix checked".
Restart in safe mode Click here to see how
Open My Computer. Go to Tools, Folder Options and click on the View tab. Make sure that "Show hidden files and folders" is checked. Also uncheck "Hide protected operating system files". Now click "Apply to all folders"
Click "Apply" then "OK"

Now find these files and folders and delete them.

C:\Program Files\WebcrawlerToolbar --> folder
C:\Documents and Settings\All Users\Application Data\Infospace\WebcrawlerToolbar --> folder
 

https://forums.techguy.org/threads/a-friends-hjt-log.227550/
Relevancy 32.25%

Alright this guy is on another forum and I am just relating information, he sent his picture of ewido's scan and I am having him download Hijack this.

http://img395.imageshack.us/img39

That should be the link...

He's pretty screwed up....
 

A:My Friend needs help

Hmmmm...that link sent me to imageshack...but it didn't show the scan.

Can you try again (or get your friend to send you the correct link)?
 

https://forums.techguy.org/threads/my-friend-needs-help.393693/
Relevancy 32.25%

Hey guys if you're reading thank you for your time My friend recently had a run-in with Limewire After downloading and using the program they began to notice some odd things happening to their computer data loss in particular I've done my best to remove whatever malware A Hjt Log For Friend is on their computer but I'm not completely sure I got everything Here's the log Logfile Hjt Log For A Friend of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C Windows system taskeng exeC Windows system Dwm exeC Windows Explorer EXEC Program Files Synaptics SynTP SynTPEnh exeC Windows sttray exeC Program Files Common Files Symantec Shared ccApp exeC Program Files Google Google Desktop Search GoogleDesktop exeC Program Files Dell MediaDirect PCMService exeC Program Files ScanSoft PaperPort pptd nt exeC Program Files Windows Sidebar sidebar exeC Program Files DellSupport DSAgnt exeC Program Files WIDCOMM Bluetooth Software BTTray exeC Program Files ATI Technologies ATI ACE CLI EXEC Program Files Digital Line Detect DLG exeC Program Files Dell QuickSet quickset exeC Program Files Common Files InstallShield UpdateService issch exec Program Files WIDCOMM Bluetooth Software BtStackServer exeC Program Files Google Google Desktop Search GoogleDesktopIndex exeC Program Files Google Google Desktop Search GoogleDesktopDisplay exeC Program Files Google Google Desktop Search GoogleDesktopCrawl exeC Program Files ATI Technologies ATI ACE CLI exeC Program Files ATI Technologies ATI ACE CLI exeC Program Files Internet Explorer ieuser exeC Program Files MSN Messenger msnmsgr exeC Program Files Internet Explorer iexplore exeC Program Files Yahoo Messenger ymsgr tray exeC Program Files Trend Micro HijackThis HijackThis exeC Windows system wermgr exeR - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie defaul www yahoo comR - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaul rch search htmlR - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaul www yahoo comR - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Main Window Title Internet Explorer provided by DellR - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhostO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no name - E A - - D F-BEAE-D A C - C Program Files Common Files Symantec Shared coShared Browser NppBho dllO - BHO Yahoo IE Services Button - BAB B B- BC- B - D - FC DE A - C Program Files Yahoo Common yiesrvc dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - c Program Files Java jre bin ssv dllO - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO Windows Live Toolbar Helper - BDBD DAD-C - A -ADC - B B FF D - C Program Files Windows Live Toolbar msntb dllO - BHO CBrowserHelperObject Object - CA C - B - E-A -A C DB F - C Program Files BAE BAE dllO - Toolbar Show Norton Toolbar - -F - -B -FBEE C B DF - C Program Files Common Files Symantec Shared coShared Browser UIBHO dllO - Toolbar Windows Live Toolbar - BDAD DAD-C - A -ADC - B B FF D - C Program Files Windows Live Toolbar msntb dllO - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hideO - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exeO - HKLM Run ATICCC quot C Program Files ATI Technologies ATI ACE ... Read more

A:Hjt Log For A Friend

Welcome to the BleepingComputer HijackThis Logs and Analysis forum. My name is Richie and i'll be helping you to fix your problems.Apologies for the late response,as i'm sure you can appreciate we are extremely busy.If you've already recieved help at another forum and your issues have been resolved,or you're presently recieving help elsewhere then please let us know.If you have not followed the info in the link below prior to posting your log then please do so now:Preparation Guide for use before posting a HijackThis Log:http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/If you still require help,please post a new Hijackthis log into this topic in your next reply.Also post a detailed description of the issues you're experiencing.*Note*Post all reports/logs directly into this topic,not as attachments,thanks.

http://www.bleepingcomputer.com/forums/t/125358/hjt-log-for-a-friend/
Relevancy 32.25%

I have some experience with computers spyware removal A friend of mine is having trouble with her laptop runnin slow etc I took the initial steps of getting super anti spyware and running a check However superantispyware will not run it installed successfully but when i click on the icon it wont run this led me to believe its more the spyware and actually a virus preventing it from running i then downloaded and attempted to install avg avg just plain would not install i checked for programs that me a friend help help might prevent avg from running installing uch as norton or other antivirus programs however i was not able to find any running i will post the hjt log and see what you guys think i told her the easiest aproach might just be to reformat her computer after saving everything she would need off it anyways lets keep this short haha she is using windows vista and it is a laptop here is the hjt log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform help me help a friend Windows Vista SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows system taskeng exe C Windows system Dwm exe C Windows Explorer help me help a friend EXE C Program Files Synaptics SynTP SynTPEnh exe C Program Files Motorola SMSERIAL sm hlpr exe C Windows RtHDVCpl exe C help me help a friend Program Files Intel Intel Matrix Storage Manager IAAnotif exe C Program Files HP QuickPlay QPService exe C Program Files Hewlett-Packard HP Quick Launch Buttons QLBCTRL exe C Program Files Hewlett-Packard HP QuickTouch HPKBDAPP exe C Program Files Windows Defender MSASCui exe C Program Files HP Digital Imaging bin HpqSRmon exe C Program Files Hewlett-Packard HP Wireless Assistant HPWAMain exe C Program Files Hewlett-Packard HP Wireless Assistant WiFiMsg exe C Program Files Java jre bin jusched exe C Program Files HP HP Software Update hpwuSchd exe C Program Files FastAccessDSL HelpCenter bin sprtcmd exe C Windows System igfxtray exe C Windows System hkcmd exe C Windows System igfxpers exe C Program Files SelectRebates SelectRebates exe C Windows system igfxsrvc exe C Program Files iTunes iTunesHelper exe C Program Files Windows Sidebar sidebar exe C Program Files Common Files LightScribe LightScribeControlPanel exe C Program Files Hewlett-Packard HP Advisor HPAdvisor exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Windows ehome ehtray exe C Program Files Windows Media Player wmpnscfg exe C Program Files Microsoft Office Office ONENOTEM EXE C Windows ehome ehmsas exe C Program Files Hewlett-Packard Shared HpqToaster exe C Program Files Synaptics SynTP SynTPHelper exe C Windows system wuauclt exe C Program Files FastAccessDSL HelpCenter agent bin bcont nm exe C Program Files Mozilla Firefox firefox exe C Windows system SearchFilterHost exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale en us amp c amp bd Pavilion amp pf laptop R - HKCU Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http us rd yahoo com customize ie defaults su msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - H... Read more

Relevancy 32.25%

Hiya Complaining of slowness etc Once I ve been given the go-ahead its all clean I ll sort out the startup programs Logfile of HijackThis v Scan saved at on Platform Windows ME Win x MSIE Internet Explorer v Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM SPOOL EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C WINDOWS SYSTEM SSDPSRV EXE C PROGRAM FILES COMMON FILES AOL ACS AOLACSD EXE C WINDOWS SYSTEM mmtask tsk for a Second Log Friend C WINDOWS EXPLORER EXE C WINDOWS SYSTEM RESTORE STMGR EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS SYSTEM PELMICED EXE C IBMTOOLS APTEZBTN APTEZBP EXE C WINDOWS LOADQM EXE C PROGRAM FILES REAL REALPLAYER REALPLAY EXE C WINDOWS SYSTEM WMIEXE EXE C WINDOWS SYSTEM QTTASK EXE C PROGRAM FILES COMMON FILES AOL AOL SPYWARE PROTECTION AOLSP SCHEDULER EXE C PROGRAM FILES COMMON FILES AOL EE AOLSOFTWARE EXE C PROGRAM FILES AOL D AOLTRAY EXE C PROGRAM FILES AOL D WAOL EXE C PROGRAM FILES AOL D SHELLMON EXE C PROGRAM FILES COMMON FILES AOL AOLTPSPD EXE C WINDOWS SYSTEM DDHELP EXE C WINDOWS SYSTEM RNAAPP EXE C WINDOWS SYSTEM TAPISRV EXE C PROGRAM FILES Log for a Second Friend COMMON FILES AOL EE AOLLAUNCH EXE C PROGRAM FILES HIJACKTHIS HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Search Bar http channels aimtoday com search aimtoolbar jsp R - HKCU Software Microsoft Internet Explorer Main Start Page http my starware com dp startpage src id R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www aol co uk R - HKLM Software Microsoft Internet Log for a Second Friend Explorer Main Search Bar http red clientapps yahoo com cus http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http us rd yahoo com customize ie defaults sp msgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http as starware com dp search x WT v e ygdc IABV nhlE jioLkW wEATNLJM MuJI R - HKCU Software Microsoft Internet Explorer SearchURL Default http search aol co uk web isinit true amp query s R - HKLM Software Microsoft Internet Explorer Main First Home Page C Program Files AOL Toolbar welcome html R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by AOL R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YT DLL O - BHO Yahoo Toolbar Helper - D -C F - EFB- B - ECA - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YT DLL O - BHO no name - A E- - EAE-A - D F E C DE - C PROGRAM FILES STARWARE BIN STARWARE DLL O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar AIM Search - D A B-D B- d - A - EE F C - C PROGRAM FILES AIM TOOLBAR AIMBAR DLL O - Toolbar Starware Screensavers Toolbar - FB C- - CB - F -E F C - C PROGRAM FILES STARWARE BIN STARWARE DLL O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C PROGRAM FILES YAHOO COMPANION INSTALLS CPN YT DLL O - Toolbar AOL Toolbar - D A-C B- -B B-B B E D C - C PROGRAM FILES AOL TOOLBAR TOOLBAR DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run PCHealth C WINDOWS PCHealth Support PCHSchd exe -s O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run GDRIVE C IBMTOOLS IBMBOOT GDRIVE EXE -N O - HKLM Run Mouse Suite Daemon PELMICED EXE O - HKLM Run AEZBProc c ibmtools aptezbtn aptezbp exe O - HKLM Run ZIBMACC c windows rundll exe setupx dll InstallHinfSection DefaultInstall C WINDOWS INF ZIBMACC INF O - HKLM Run LoadQM loadqm exe O - HKLM Run RealTray C Program Files Real RealPlayer RealPlay exe SYSTEMBOOTHIDEPLAYER O - HKLM Run QuickTime Task quot C WINDOWS SYSTEM QTTASK EXE quot -atboottime O - HKLM Run AOL Spyware Protection quot C PROGRA COMMON AOL AOLSP... Read more

A:Log for a Second Friend

Rescan with Hijack This.
Close all browser windows except Hijack This.
Put a check mark beside these entries and click "Fix Checked".

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.starware.com/dp/startpage?src_id=316

O2 - BHO: (no name) - {45A4902E-4479-4EAE-A186-8D0F7E4C78DE} - C:\PROGRAM FILES\STARWARE316\BIN\STARWARE316.DLL

O3 - Toolbar: Starware Screensavers Toolbar - {9FB3908C-6565-4CB0-95F8-E9F85258723C} - C:\PROGRAM FILES\STARWARE316\BIN\STARWARE316.DLL

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...p1.0.0.8-2.cab

Reboot, post a new log.
 

https://forums.techguy.org/threads/log-for-a-second-friend.559936/
Relevancy 32.25%

I've got a "live" 486 (Win 3.1 and dos) and we need to get data off of it. I have a few older laptops that might be able to act as transitional computers (Win 95. 98)to laplink data through - but each of them have storage issues already. These are the only only ones that com and/or parallel ports. Before I dig into that approach does any one have suggestions for the "easiest" to grab the data from this old beastie?
Someone in another thread mentioned a usb hard drive "rack" or holder? Would that work with an old full height hard drive?
Sigh.
Suggestions/advice welcomed.
Thanks.
 

http://www.techspot.com/community/topics/help-for-an-old-friend.129196/
Relevancy 32.25%

someone please help me...my friend got the blaster virus and her computer keeps rebooting every 60seconds and i know there is a patch but my questions are will the patch help her even though she already has the virus? and also if she cant connect to the internet since she said that her computer will do NOTHING how does she get the patch??does she have to use another computer and download the patch to a disc and then run it on her computer and will that work since her computer will do NOTHING (those are her words repeated over and over and over ..NOTHING =)) please help me help her =)
 

A:Help me help a friend

Howdy four20gurl...

Download this Hyjackthis, and copy it to a floppy, then install Hyjackthis to the problem pc, open the program and click on Scan, once the scan completes, click on Save log,and save the log back to the floppy, then take the floppy to a pc that has access to the internet, open the log from the floppy, and copy, and paste the contents, back here...
 

https://forums.techguy.org/threads/help-me-help-a-friend.155044/
Relevancy 32.25%

Hey peeps lol my friend has a lota crap pls log, friend help me hjt on this comp firstly i told him dl ad-ware it found like objects he restarted and said evrything goes faster no wonder but he still has his main problem diablo He can t play it The reason I posted this here is I suspect it s a virus His comp does some strainge stuff and he cant get to housecall i forgot wat the other sites were though i know now anyway could some pls check this HJT log Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS hjt log, pls help me friend system LEXBCES EXE C WINDOWS system LEXPPS EXE C WINDOWS system spoolsv exe C Program Files Common Files Microsoft Shared VS Debug mdm hjt log, pls help me friend exe C Program Files Norton AntiVirus navapsvc exe C WINDOWS System nvsvc exe C WINDOWS System svchost exe C WINDOWS SYSTEM xcommsvr exe C Program Files Winamp winampa exe C Program Files QuickTime qttask exe C Program Files Microsoft Hardware Mouse point exe C PROGRA NORTON navapw exe C Program Files Messenger Plus MsgPlus exe C WINDOWS System LXSUPMON EXE C Program Files Common Files Logitech QCDriver LVCOMS EXE C Program Files Logitech ImageStudio LogiTray exe C HP KBD KBD EXE C windows system hpsysdrv exe C Program Files D-Tools daemon exe C Program Files Adaptec Easy CD Creator DirectCD DirectCD exe C Program Files Common Files Real Update OB realsched exe C Program Files Netscape Netscape Netscp exe C Program Files MSN Messenger msnmsgr exe C Program Files Logitech Desktop Messenger Program BackWeb- exe C WINDOWS System ctfmon exe C Program Files Second Nature Snsicon exe C Documents and Settings Owner Desktop HijackThis exe R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost R - Default URLSearchHook is missing N - Netscape user pref quot browser search defaultengine quot quot engine C A CProgram Files CNetscape CNetscape Csearchplugins CSBWeb src quot C Documents and Settings Owner Application Data Mozilla Profiles default sgu hfb slt prefs js O - BHO no name - A -E CA- D - CD - D B - C PROGRA FlashGet jccatch dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run WindowEnhancer quot C Program Files winex v winex EXE quot U O - HKLM Run WinampAgent quot C Program Files Winamp winampa exe quot O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run PS C WINDOWS system ps exe O - HKLM Run PrinTray C WINDOWS System spool DRIVERS W X printray exe O - HKLM Run POINTER point exe O - HKLM Run NvCplDaemon RUNDLL EXE NvQTwk NvCplDaemon initialize O - HKLM Run NAV Agent C PROGRA NORTON navapw exe O - HKLM Run mload C WINDOWS System dllcache lxmstart exe O - HKLM Run Mirabilis ICQ C Program Files ICQ NDetect exe O - HKLM Run MessengerPlus quot C Program Files Messenger Plus MsgPlus exe quot O - HKLM Run LXSUPMON C WINDOWS System LXSUPMON EXE RUN O - HKLM Run LVCOMS C Program Files Common Files Logitech QCDriver LVCOMS EXE O - HKLM Run LogitechImageStudioTray C Program Files Logitech ImageStudio LogiTray exe O - HKLM Run LogitechGalleryRepair C Program Files Logitech ImageStudio ISStart exe O - HKLM Run KBD C HP KBD KBD EXE O - HKLM Run IgfxTray C WINDOWS System igfxtray exe O - HKLM Run hpsysdrv c windows system hpsysdrv exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run DAEMON Tools- quot C Program Files D-Tools daemon exe quot -lang O - HKLM Run AdaptecDirectCD C Program Files Adaptec Easy CD Creator... Read more

A:hjt log, pls help me friend

Hi

I'm no expert in reading these dumps but i can see a few that must go!
Repost the dump in the security section of the forums. You WILL get answers there.

Regards

Pileyrei
 

https://forums.techguy.org/threads/hjt-log-pls-help-me-friend.176835/
Relevancy 32.25%

I have a friend with some malware installed - I'm busy giving friend help Help me a him a firewall and the like However there is Help me help a friend one piece Help me help a friend of malware that I can't seem to get rid of Logfile of HijackThis v Scan saved at on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS popuper exe C WINDOWS System msole exe C WINDOWS AGRSMMSG exe C Program Files Apoint K Apoint exe C Program Files QuickTime qttask exe C PROGRA ALWILS Avast ashDisp exe C Program Files Common Files Real Update OB realsched exe C WINDOWS System ctfmon exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Program Files InterVideo Common Bin WinCinemaMgr exe C WINDOWS System intmonp exe C Program Files Apoint K Apntex exe C Program Files Alwil Software Avast aswUpdSv exe C Program Files Alwil Software Avast ashServ exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS System nvsvc exe C Program Files Alwil Software Avast ashMaiSv exe C Program Files Alwil Software Avast ashWebSv exe C PROGRA MOZILL FIREFOX EXE C WINDOWS System wuauclt exe C Program Files Alwil Software Avast ashSimpl exe C Program Files Internet Explorer iexplore exe C Documents and Settings Steve Desktop hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www qfind net R - HKCU Software Microsoft Internet Explorer Main Default Search URL http www qfind net search php qq s R - HKCU Software Microsoft Internet Explorer Main Search Bar res C WINDOWS system bdbwj dll sp html R - HKCU Software Microsoft Internet Explorer Main Search Page res C WINDOWS system bdbwj dll sp html R - HKLM Software Microsoft Internet Explorer Main Default Page URL about blank R - HKLM Software Microsoft Internet Explorer Main Default Search URL res C WINDOWS system bdbwj dll sp html R - HKLM Software Microsoft Internet Explorer Main Search Bar res C WINDOWS system bdbwj dll sp html R - HKLM Software Microsoft Internet Explorer Main Search Page res C WINDOWS system bdbwj dll sp html R - HKCU Software Microsoft Internet Explorer Search SearchAssistant res C WINDOWS system bdbwj dll sp html R - HKCU Software Microsoft Internet Explorer Search CustomizeSearch http www qfind net search php qq s R - HKLM Software Microsoft Internet Explorer Search SearchAssistant res C WINDOWS system bdbwj dll sp html R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch http www qfind net search php qq s R - HKCU Software Microsoft Internet Explorer SearchURL Default http www qfind net search php qq s R - HKCU Software Microsoft Internet Explorer Main Local Page http www qfind net R - HKLM Software Microsoft Internet Explorer Main Local Page http www qfind net R - Default URLSearchHook is missing F - REG system ini Shell explorer exe msmsgs exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO no name - F A - EF- A -A - E B CFED - C WINDOWS system iean dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run AGRSMMSG AGRSMMSG exe O - HKLM Run Apoint C Program Files Apoint K Apoint exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run sysgj exe C WINDOWS sysgj exe O - HKLM Run avast C PROGRA ALWILS Avast ashDisp exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKL... Read more

A:Help me help a friend

Hi. Welcome to TSF.

I'm currently reviewing your log under the supervision of an expert analyst. I'll be back with a fix for your problem ASAP, and I ask your patience while it's being composed and checked.

We recommend that you subscribe to this thread so you'll be notified as soon as we post your fix. To do this, at the top of your original post, click Thread Tools and then Subscribe to this thread; on the next page, make sure "Instant notification by email" is selected, then click Add subscription.

Thanks.

http://www.techsupportforum.com/forums/f100/help-me-help-a-friend-50536.html
Relevancy 32.25%

He said he wanted me to check even though his computer runs perfectly So here it is and I already ran all the spyware programs and such Logfile of HijackThis v Scan saved at PM on Platform Windows ME Win x MSIE Internet Explorer v SP Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM MSTASK EXE C PROGRAM FILES F-SECURE COMMON FSMA EXE C WINDOWS SYSTEM MDM EXE C WINDOWS SYSTEM STIMON EXE C PROGRAM FILES F-SECURE COMMON FSMB EXE C WINDOWS SYSTEM RPCSS EXE C PROGRAM FILES F-SECURE COMMON FCH EXE C WINDOWS EXPLORER for log friend HT EXE C WINDOWS SYSTEM RESTORE STMGR EXE C PROGRAM FILES F-SECURE COMMON FNRB EXE C PROGRAM FILES F-SECURE COMMON FAMEH EXE C PROGRAM FILES F-SECURE ANTI-VIRUS FSGK EXE C PROGRAM FILES F-SECURE COMMON FIH EXE C PROGRAM FILES F-SECURE ANTI-VIRUS FSSM EXE C PROGRAM FILES F-SECURE ANTI-VIRUS FSAV EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY HT log for friend EXE C WINDOWS SYSTEM PELMICED HT log for friend EXE C PROGRAM FILES F-SECURE COMMON FSM EXE C WINDOWS SYSTEM WMIEXE EXE C WINDOWS SYSTEM DDHELP EXE C WINDOWS SYSTEM WBEM WINMGMT EXE C WINDOWS SYSTEM SPOOL EXE C MY DOCUMENTS DDDDD HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software HT log for friend Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhost O - BHO no name - E F-C D - D -B D- B D BE B - C PROGRAM FILES ADOBE ACROBAT READER ACTIVEX ACROIEHELPER OCX O - BHO mwsBar BHO - B EA -A - -B BB- DE CCA - C PROGRAM FILES MYWEBSEARCH BAR BIN MWSBAR DLL O - BHO MyWebSearch Search Assistant BHO - A FAF - E- cf- - F A D - C PROGRAM FILES MYWAY SEARCHAT BIN MWSSRCAS DLL O - Toolbar Easy-WebPrint - C -E D- c -AA D- AC BABA C - C PROGRAM FILES CANON EASY-WEBPRINT TOOLBAND DLL O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS SYSTEM MSDXM OCX O - Toolbar My amp Way Speedbar - B EA -A - -B BB- DE CCA - C PROGRAM FILES MYWEBSEARCH BAR BIN MWSBAR DLL O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run PCHealth C WINDOWS PCHealth Support PCHSchd exe -s O - HKLM Run SystemTray SysTray Exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run Mouse Suite Daemon PELMICED EXE O - HKLM Run AtiPTA Atiptaxx exe O - HKLM Run F-Secure Manager quot C Program Files F-Secure Common FSM EXE quot splash O - HKLM RunServices SchedulingAgent mstask exe O - HKLM RunServices StateMgr C WINDOWS System Restore StateMgr exe O - HKLM RunServices fsaa C Program Files F-Secure Common fsaa exe O - HKLM RunServices F-Secure Management Agent C Program Files F-Secure Common FSMA EXE O - HKLM RunServices Machine Debug Manager C WINDOWS SYSTEM MDM EXE O - HKLM RunServices StillImageMonitor C WINDOWS SYSTEM STIMON EXE O - Global Startup F-Secure BackWeb lnk C Program Files F-Secure BackWeb Program backweb- exe O - Extra context menu item Easy-WebPrint Print - res C PROGRAM FILES CANON EASY-WEBPRINT Resource dll RC Print html O - Extra context menu item Easy-WebPrint High Speed Print - res C PROGRAM FILES CANON EASY-WEBPRINT Resource dll RC HSPrint html O - Extra context menu item Easy-WebPrint Preview - res C PROGRAM FILES CANON EASY-WEBPRINT Resource dll RC Preview html O - Extra context menu item Easy-WebPrint Add To Print List - res C PROGRAM FILES CANON EASY-WEBPRINT Resource dll RC AddToList html O - Extra button Researcher HKLM O - Plugin for spop C PROGRA INTERN Plugins NPDocBox dll O - DPF F C AA- B- -BA - A BB F Update Class - http v windowsupdate microsoft com CAB x ansi iuctl CAB O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http download macromedia com pub shockwave cabs flash swflash cab O - DPF - F - BB - D -FA D F A AB YInstStarter Class - http download yahoo com dl installs yse yinst cab O - DPF C C -E F- A - C- CAF F WatchOCX WatchX - https www watchsatellite tv members WatchOCX CAB O - D... Read more

A:HT log for friend

Run Hijack This again and put a check by these. Close all windows except HijackThis and click "Fix checked"

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\PROGRAM FILES\MYWEBSEARCH\BAR\3.BIN\MWSBAR.DLL

O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\PROGRAM FILES\MYWAY\SEARCHAT\3.BIN\MWSSRCAS.DLL

O3 - Toolbar: My &Way Speedbar - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\PROGRAM FILES\MYWEBSEARCH\BAR\3.BIN\MWSBAR.DLL

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocach...etup1.0.0.6.cab

Restart and delete the C:\PROGRAM FILES\MYWEBSEARCH folder
 

https://forums.techguy.org/threads/ht-log-for-friend.209513/
Relevancy 32.25%

some website had blocked using smooth firewall , how do i unblock firewall. please tell.
 

A:hi friend help me

Hi nbyapa, and welcome to TSG.

If you are a student or employee of a school or company that uses a firewall to restrict Internet access, you would need to discuss your web site access needs with the Information Technology manager. They would be the ones to decide if their firewall configuration needs to change.

If your situation is different, please give us some more details in the matter.
 

https://forums.techguy.org/threads/hi-friend-help-me.1131625/
Relevancy 32.25%

Hello there My friend asked me to post here his log he claims about suffering from pop-ups coming even when he's not surfing the internet just when he's connected Thank you Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files TGTSoft StyleXP StyleXPService exe C WINDOWS system spoolsv exe c PROGRA mcafee com vso mcvsrte exe C WINDOWS system ZoneLabs vsmon exe C WINDOWS system rundll exe c PROGRA mcafee com vso mcshield exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C PROGRA mcafee his try my HJT with friend help log to Please com vso mcvsshld exe c program files mcafee com agent mcagent exe C PROGRA mcafee com agent McUpdate exe c progra mcafee com vso mcvsescn exe C Program Files Babylon Babylon exe C Program Files NetLimiter NetLimiter exe C Program Files Zone Labs ZoneAlarm zlclient exe C Program Files QuickTime qttask exe C WINDOWS system ctfmon exe C Program Files TGTSoft StyleXP StyleXP exe C Program Files Webroot Spy Sweeper SpySweeper exe C Documents and Settings Agent G PREFETCH exe C Program Files Please try to help my friend with his HJT log Microsoft AntiSpyware gcasDtServ exe C WINDOWS system wuauclt exe C Program Files HJT HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http rotter name cgi-bin nor dcboard cgi R - HKCU Software Microsoft Internet Explorer Main Window Title GOLIVER Browser O - HKLM Run VSOCheckTask quot c PROGRA mcafee com vso mcmnhdlr exe quot checktask O - HKLM Run VirusScan Online quot c PROGRA mcafee com vso mcvsshld exe quot O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe C PROGRA mcafee com agent McUpdate exe O - HKLM Run Babylon Client C Program Files Babylon Babylon exe -AutoStart O - HKLM Run NetLimiter C Program Files NetLimiter NetLimiter exe s O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run Zone Labs Client quot C Program Files Zone Labs ZoneAlarm zlclient exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run gcasServ quot C Program Files Microsoft AntiSpyware gcasServ exe quot O - HKCU Run CTFMON EXE C WINDOWS system ctfmon exe O - HKCU Run STYLEXP C Program Files TGTSoft StyleXP StyleXP exe -Hide O - HKCU Run SpySweeper quot C Program Files Webroot Spy Sweeper SpySweeper exe quot O - Startup PREFETCH exe O - User Startup PREFETCH exe O - HKCU Software Policies Microsoft Internet Explorer Control Panel present O - Extra context menu item amp - Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra context menu item Do amp wnload by ReGet Deluxe - C Program Files Common Files ReGet Shared CC Link htm O - Extra context menu item Download A amp ll by ReGet Deluxe - C Program Files Common Files ReGet Shared CC All htm O - Extra button no name - B E C - FCB- CF-AAA - C - C WINDOWS system msjava dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C WINDOWS system msjava dll O - Extra button ICQ Pro - f -cba - -b - cb cd - C PROGRA ICQ ICQ exe O - Extra 'Tools' menuitem ICQ - f -cba - -b - cb cd - C PROGRA ICQ ICQ exe O - Extra button - B - CC- C -B BE- C C A - C PROGRA MICROS OFFICE REFIEBAR DLL O - Extra button Messenger - FB F -F - d -BB E- C F - c program files messenger msmsgs exe file missing O - Extra 'Tools' menuitem Messenger - FB F -F - d -BB E- C F - c program files messenger msmsgs exe file missing O - Trusted IP range O - ProtocolDefaults 'http' protocol is in My Computer Zone should be Internet Zone O - ProtocolDefaults 'http' protocol is in My Computer Zone should be Internet Zone HKLM O - DPF D A - BC- E C- A- C CF BF MailConfig Class - http lotus netvision net il help MailCfg dll O - Winlogon Notify ShellScrap -... Read more

A:Please try to help my friend with his HJT log

My friend also gave me a picture of this popup:




While searching the net I found this one to be known. There might be some connection to Registry here.

Thanx a lot for your help :)

http://www.techsupportforum.com/forums/f284/please-try-to-help-my-friend-with-his-hjt-log-51416.html
Relevancy 32.25%

Hey all my computer has been getting slow go A to friend here. said along with the internet so i asked a friend and he said to come here for help He said there was at least adware malware here so im posting here THANKS for helping Logfile of Trend Micro HijackThis v Scan A friend said to go here. saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files Windows Defender MsMpEng exe C WINDOWS System svchost exe C Program Files Ahead InCD InCDsrv exe C WINDOWS A friend said to go here. system spoolsv exe C WINDOWS Explorer EXE C Program Files VIA RAID raid tool exe C Program Files Generic USB Card Reader Driver v Disk Monitor exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Ahead InCD InCD exe C Program Files Browser Mouse mouse a exe C Program Files Windows Defender MSASCui exe C Program Files Multimedia keyboard utility KbdAp A exe C Program Files Cash-Back cashback exe C PROGRA Grisoft AVG avgcc exe C WINDOWS system VTTimer exe C WINDOWS system VTtrayp exe C Program Files Java jre bin jusched exe C WINDOWS system ctfmon exe C Program Files Messenger msmsgs exe C PROGRA Ahead NEROPH data Xtras mssysmgr exe C Program Files Spybot - Search amp Destroy TeaTimer exe C PROGRA Grisoft AVG avgamsvr exe C PROGRA Grisoft AVG avgupsvc exe C Program Files Common Files Microsoft Shared VS Debug mdm exe C Nexon Mabinogi npkcmsvc exe C WINDOWS system PnkBstrA exe C WINDOWS System svchost exe C Program Files Viewpoint Common ViewpointService exe C WINDOWS system wuauclt exe C Program Files AIM aim exe C Program Files AIM aolsoftware exe C Program Files Mozilla Firefox firefox exe C WINDOWS system wuauclt exe C Program Files Trend Micro HijackThis HijackThis exe R - URLSearchHook AOLSearchHook Class - EB EA-E BE- CFD- F F-C A C EAFA - C Program Files AIM Search AOLSearch dll R - URLSearchHook UrlSH Class - FE A- E - EB- - E CECBB - C Program Files Cash-Back csbkhm dll R - URLSearchHook amp Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - Hosts www sleepywood net O - Hosts sleepywood net O - BHO Ecbso Class - AE - A- D-B E - D E DE - C Program Files Cash-Back csbkhm dll O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO AOL Search Enhancement - EB EA-E BE- CFD- F F-C A C EAFA - C Program Files AIM Search AOLSearch dll O - BHO winhost app winhost appdll - E E- - B-A - A F - C WINDOWS winhost app dll O - BHO Canon Easy Web Print Helper - F E- - E - AAF- BC A A BE - C Program Files Canon Easy-WebPrint EWPBrowseLoader dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Ecbso Class - FF CDE B-B E - B - F- C A F C - C Program Files Cash-Back csbkhm dll O - Toolbar Easy-WebPrint - C -E D- c -AA D- AC BABA C - C Program Files Canon Easy-WebPrint Toolband dll O - HKLM Run IMJPMIG C WINDOWS IME imjp IMJPMIG EXE Spoil RemAdvDef Migration O - HKLM Run PHIME ASync C WINDOWS System IME TINTLGNT TINTSETP EXE SYNC O - HKLM Run PHIME A C WINDOWS System IME TINTLGNT TINTSETP EXE IMEName O - HKLM Run RaidTool C Program Files VIA RAID raid tool exe O - HKLM Run Disk Monitor C Program Files Generic USB Card Reader Driver v Disk Monitor exe O - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run InCD C Program Files Ahead InCD InCD exe O - HKLM Run FLMOFFICE DMOUSE C Program Files Browser Mouse mouse a exe O - HKLM Run FLMK KB C Program Files Multimedia keyboard utility MMKEYBD EXE O - HKLM Run Windows Defender quot C Program Files Windows Defender MSASCui exe quot -hide O - HKLM Run cash-back C Program Files Cash-Back cashback exe O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run VTTi... Read more

Relevancy 32.25%

Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Unable to get Internet Explorer version Running processes C WINDOWS System smss exe C A log friend's HJT WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files Windows Defender MsMpEng exe C WINDOWS System svchost exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared ccEvtMgr A friend's HJT log exe C WINDOWS system spoolsv exe E Program Files WindowBlinds wbload exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C Program Files WIDCOMM Bluetooth Software bin btwdins exe C Program Files Norton AntiVirus navapsvc exe C Program Files Norton AntiVirus IWP NPFMntor exe C WINDOWS system nvsvc exe C PROGRA Dantz RETROS retrorun exe A friend's HJT log C WINDOWS system svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C A friend's HJT log WINDOWS Explorer EXE C WINDOWS system isnotify exe C WINDOWS system issearch exe C WINDOWS system rundll exe C Program Files Common Files Symantec Shared ccApp exe C WINDOWS SOUNDMAN EXE C Program Files Microsoft IntelliType Pro type exe C WINDOWS system rundll exe C Program Files Microsoft IntelliPoint point exe C Program Files Windows Defender MSASCui exe C Program Files Common Files Real Update OB realsched exe C Program Files iTunes iTunesHelper exe C Program Files QuickTime qttask exe C Program Files Sony Ericsson Mobile Application Launcher Application Launcher exe C WINDOWS system rundll exe C Program Files iPod bin iPodService exe E Program Files Cursor CursorXP exe C Program Files Common Files Teleca Shared CapabilityManager exe C Program Files MSN Messenger msnmsgr exe C WINDOWS system ctfmon exe C Program Files Common Files Teleca Shared Generic exe C Program Files Sony Ericsson Mobile Mobile Phone Monitor epmworker exe D Dickson BitComet BitComet exe C WINDOWS system cool exe C Program Files Messenger msmsgs exe C Documents and Settings Melvin Tan Jianwei Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com sg O - BHO Tensons Application DownloadAcceleratorManager BHO - - - da- cd - c - mscoree dll file missing O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - E B -FB -FBD - A - EBECF E - C WINDOWS system ksrpmje dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO ST - EDE -C B - E- - BF AF E - C Program Files MSN Apps ST en-xu stmain dll O - BHO no name - a f - - d- d -b b e fcca - C WINDOWS system ixt dll O - BHO MSNToolBandBHO - BDBD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar MSN Toolbar en-us msntb dll O - BHO CNavExtBho Class - BDF E -B - AD-A -FADC B - C Program Files Norton AntiVirus NavShExt dll O - BHO no name - FFFFFEF - B - D - D- - E PROGRA STARDO SDIEInt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - Toolbar MSN - BDAD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar MSN Toolbar en-us msntb dll O - Toolbar Safety Bar - b f - fa- - - c b - C Program Files Safety Bar SafetyBar dll O - HKLM Run BluetoothAuthenticationAgent rundll exe bthprops cpl BluetoothAuthenticationAgent O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run Symantec NetDriver Monitor C PROGRA SYMNET SNDMon exe Consumer O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run type quot C Program Files Microsoft IntelliType Pro type exe quot O - HKLM ... Read more

Relevancy 32.25%

hello gurus im posting this for a friend she has already run spybot and ad-aware Logfile of log HJT please friend for a help HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS Nhksrv exe C WINDOWS System PackethSvc exe C WINDOWS System CTsvcCDA EXE C WINDOWS System nvsvc exe C WINDOWS System svchost exe C WINDOWS wanmpsvc exe C WINDOWS System MsPMSPSv exe C Program Files Common Files Microsoft Shared Works Shared WkUFind exe C WINDOWS System ltmsg exe C WINDOWS DELLMMKB EXE C PROGRA LEXMAR ACMonitor X exe HJT log for a friend please help C WINDOWS System devldr exe C WINDOWS System clrprv oo server exe C WINDOWS System clrprv oo register exe C Program Files Netropa OSD exe C Program Files Microsoft ActiveSync WCESCOMM EXE C Program Files AIM aim exe C Program Files MSN Messenger msnmsgr exe C Documents and Settings Kate Wilhoit My Documents My Received Files HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cus http www yahoo com ext search search html R - HKCU Software Microsoft Internet Explorer Main Search Page http red clientapps yahoo com customize ie defaults sp ymsgr http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http yahoo com R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKLM Software Microsoft Internet Explorer Main Start Page http red clientapps yahoo com customize ie defaults stp ymsgr http my yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com cus http www yahoo com ext search search html R - HKLM Software Microsoft Internet Explorer Main Search Page http red clientapps yahoo com customize ie defaults sp ymsgr http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http red clientapps yahoo com customize ie defaults stp ymsgr http my yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http red clientapps yahoo com customize ie defaults su ymsgr http www yahoo com R - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com customize ie defaults su ymsgr http www yahoo com O - BHO no name - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dll O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO no name - FDD B - D - ffb- - B AD ACC - C Program Files Microsoft Money System mnyviewer dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar amp Yahoo Companion - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn ycomp dll O - HKLM Run Microsoft Works Update Detection C Program Files Common Files Microsoft Shared Works Shared WkUFind exe O - HKLM Run NvCplDaemon RUNDLL EXE NvQTwk NvCplDaemon initialize O - HKLM Run LTWinModem ltmsg exe O - HKLM Run UpdReg C WINDOWS Updreg exe O - HKLM Run AHQInit C Program Files Creative SBLive Program AHQInit exe O - HKLM Run DellTouch C WINDOWS DELLMMKB EXE O - HKLM Run DIAGENT C Program Files Creative SBLive Creative Diagnostics DIAGENT EXE startup O - HKLM Run Lexmark X Button Monitor C PROGRA LEXMAR ACMonitor X exe O - HKLM Run Lexmark X Button Manager C PROGRA LEXMAR AcBtnMgr X exe O - HKLM Run PrinTray C WINDOWS System spool DRIVERS W X printray exe O - HKLM Run kev dll C WINDOWS Win Types WinConst exe O - HKLM Run winmac C WINDOWS keyspool exe O - HKLM Run HPDJ Taskbar Utility C WINDOWS System spool drivers w x hpztsb exe O - HKLM Run pcServer C WINDOWS System clrprv oo server exe O - HKLM Run c ... Read more

A:HJT log for a friend please help

Check the following items in the Scan and click Fix Checked. Then reboot and delete the bolded file (if still present):

O4 - HKLM\..\Run: [] c:\WINDOWS\System32\
O4 - HKLM\..\Run: [zzb2] c:\WINDOWS\System32\zzb2.exe
O4 - HKCU\..\Run: [] c:\WINDOWS\System32\
O4 - HKCU\..\Run: [zzb2] c:\WINDOWS\System32\zzb2.exe

Although there are a number of odd-ball items in the Scanlog they appear to be related to a MAC/Windows interface and not Security concerns. The Scanlog should be reposted if there are any real problems to be resolved.
 

https://forums.techguy.org/threads/hjt-log-for-a-friend-please-help.232952/
Relevancy 32.25%

I had alot of malware on my laptop and it was acting very strange I accepted help from a friend who used a program to delete virus malware and fix registry problems It appeared to be working deleted malware and numerous other problems It looked ok until my computer crashed and I had the blue screen of death When I turned it back on it said something about my not having a profile I recieve pop ups warning lap to friend tried top.. my 'fix' my me about this then it says that it is making a temporary profile or something like that My screen is now only my background with no buttons or start any where I had another friend tell me that I had completely fried my lap top but I m looking for a second opinion I understand that my info is gone but I want to return it to usablility I used quot ctrl alt del quot to get to the task manager Most of my files appear to be gone but I was able to open Firefox as a new task I m even able to go on my friend tried to 'fix' my lap top.. the internet and am actually typing this right my friend tried to 'fix' my lap top.. now this way Although it If it was completely fried should I be able to do this I also went and redownloaded OTList i m not sure if this would help give the answer What are the steps to returning my computer to a usable state Can i reboot How is the rebooting process OTListIt logfile created on AM - Run OTListIt by OldTimer - Version Folder C Documents and Settings Clifford ACER- A CC DesktopWindows XP Media Center Edition Service Pack Version - Type NTWorkstationInternet Explorer Version Locale Country United States Language ENU Date Format M d yyyy Mb Total Physical Memory Mb Available Physical Memory Memory free Gb Paging File Gb Available in Paging File Paging File freePaging file location s C pagefile sys SystemDrive C SystemRoot C WINDOWS ProgramFiles C Program FilesDrive C Gb Total Space Gb Free Space Space Free Partition Type FAT Drive D Gb Total Space Gb Free Space Space Free Partition Type FAT E Drive not present or media not loadedF Drive not present or media not loadedG Drive not present or media not loadedH Drive not present or media not loadedI Drive not present or media not loaded Computer Name ACER- A CC Current User Name CliffordLogged in as Administrator Current Boot Mode NormalScan Mode Current userOutput StandardFile Age DaysCompany Name Whitelist On Processes SafeList PRC - ---- M Lavasoft -- C Program Files Lavasoft Ad-Aware aawservice exePRC - ---- M Acer Inc -- C Acer Empowering Technology ePerformance MemCheck exePRC - ---- M Apple Inc -- C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exePRC - ---- M Apple Inc -- C Program Files Bonjour mDNSResponder exePRC - ---- M Microsoft Corporation -- C WINDOWS eHome ehRecvr exePRC - ---- M Microsoft Corporation -- C WINDOWS eHome ehSched exePRC - ---- M Sun Microsystems Inc -- C Program Files Java jre bin jqs exePRC - ---- M Hewlett-Packard Company -- C Program Files Common Files LightScribe LSSrvc exePRC - ---- M -- C Acer Empowering Technology eLock LockServ exePRC - ---- M Microsoft Corporation -- C Program Files Common Files Microsoft Shared VS DEBUG mdm exePRC - ---- M NVIDIA Corporation -- C WINDOWS system nvsvc exePRC - ---- M Absolute Software Corp -- C WINDOWS system rpcnet exePRC - ---- M Microsoft Corporation -- C WINDOWS ehome mcrdsvc exePRC - ---- M -- C WINDOWS system userinit exePRC - ---- M Mozilla Corporation -- C Program Files Mozilla Firefox firefox exePRC - ---- M Xfire Inc -- C Program Files Xfire Xfire exePRC - ---- M OldTimer Tools -- C Documents and Settings Clifford ACER- A CC Desktop OTListIt exe Win Services SafeList SRV - ---- M Lavasoft -- C Program Files Lavasoft Ad-Aware aawservice exe -- aawservice Auto Running SRV - ---- M Acer Inc -- C Acer Empowering Technology ePerformance MemCheck exe -- AcerMemUsageCheckService Auto Running SRV - ---- M Apple Inc -- C Program Files Common Files Apple Mobile Device Support bin AppleMobi... Read more

A:my friend tried to 'fix' my lap top..

You appear to have an HJT log thread open http://www.bleepingcomputer.com/forums/ind...=209157&hl=on which your Helper is awaiting you to complete their instructions

http://www.bleepingcomputer.com/forums/t/214600/my-friend-tried-to-fix-my-lap-top/
Relevancy 32.25%

Help me BIG! Log= HJT My Friend's fix his computer please This thing is HUGE -------------------------------------------- Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Common Files Autodesk Shared Service AdskScSrv exe C WINDOWS System CTsvcCDA exe c PROGRA mcafee com vso mcvsrte exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS System nvsvc exe C WINDOWS System svchost exe C WINDOWS Explorer EXE c PROGRA mcafee com vso mcshield exe C WINDOWS system dla tfswctrl exe C Program Files Common Files Real Update OB realsched exe C PROGRA mcafee com agent mcagent exe C program files mcafee com vso mcvsshld exe C Program Files Xerox NWWia XrxFTPLt exe C Program Files Creative SBLive Diagnostics diagent exe C Program Files Hewlett-Packard My Friend's HJT Log= BIG! HP Software Update HPWuSchd exe C WINDOWS System spool drivers w x hpztsb exe C Program Files Hewlett-Packard Digital Imaging bin hpotdd exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C Program Files MUSICMATCH MUSICMATCH Jukebox mmtask exe C Program Files Java j re bin jusched exe C WINDOWS System ztnud exe C WINDOWS System btqov exe C WINDOWS BCMSMMSG exe C WINDOWS System RUNDLL EXE C Program Files Google Gmail Notifier gnotify exe C WINDOWS System Keylogger exe C WINDOWS System ctfmon exe C My Friend's HJT Log= BIG! Program Files AIM aim exe C Program Files Dell Support DSAgnt exe C WINDOWS System wuauclt exe C WINDOWS System NsqV exe C WINDOWS System MipL X exe C Program Files BearShare BearShare exe C Program Files Microsoft AntiSpyware gcasDtServ exe C Program Files Ad Muncher AdMunch exe C Program Files Spybot - Search amp Destroy SpybotSD exe C Program Files Mozilla Firefox firefox exe C Documents and Settings Monty Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKCU Software Microsoft Internet Explorer Main Search Bar http red clientapps yahoo com customize ycomp defaults sb http www yahoo com search ie html R - HKCU Software Microsoft Internet Explorer Main Search Page http red clientapps yahoo com customize ycomp defaults sp http www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http www dell me com myway R - HKCU Software Microsoft Internet Explorer Search CustomizeSearch about blank R - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com customize ycomp defaults su http www yahoo com R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file R - URLSearchHook no name - A FAF - E- cf- - F A D - no file R - URLSearchHook no name - A FAF - E- cf- - F A D - no file O - BHO NavErrRedir Class - DF - - bd - FEE- A AB E - C PROGRA INCRED BHO INCFIN DLL file missing O - BHO Yahoo Companion BHO - D -C F - efb- B - ECA - C Program Files Yahoo Companion Installs cpn ycomp dll O - BHO no name - E - CD- -DE - EA - C WINDOWS System ruckiuzm dll O - BHO no name - A DA F- - E D- DF - DB D F - C WINDOWS System jegpqgto dll O - BHO no name - D F -A - A -E A -C C BDFB - C WINDOWS System ldfaiksd dll O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn ycomp dll O - Toolbar no name - A CE -FA - - BEE- FE F CB - no file O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS system msdxm ocx O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run dla C WINDOWS system dla tfswctrl exe O - HKLM Run StorageGuard quot C Program Files Common Files Sonic Update Manager sgtray exe quot r O - HKLM Run ... Read more

Relevancy 32.25%

Hiya Some more friends but not my gaming buddies this time Logfile of HijackThis v Scan saved friend for a Log HT at on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost HT Log for a friend exe C WINDOWS System svchost exe c Program Files Common Files Symantec Shared ccProxy exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE c Program Files Common Files Symantec Shared ccSetMgr exe c Program Files Norton Internet Security ISSVC exe c Program Files Common Files Symantec Shared SNDSrvc exe c Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C Program Files Common Files AOL ACS AOLAcsd exe c Program Files Norton Internet Security Norton AntiVirus navapsvc exe C WINDOWS system svchost exe C WINDOWS wanmpsvc exe c Program Files Common Files Symantec Shared Security Center SymWSC exe C Program Files Java jre bin jusched exe C windows system hpsysdrv exe C Program Files ATI Technologies ATI Control Panel atiptaxx exe C HP KBD KBD EXE C Program Files Common Files Symantec Shared ccApp exe C Program Files HP HP Software Update HPwuSchd exe C Program Files iTunes iTunesHelper exe C Program Files QuickTime qttask exe C Program Files Common Files AOL ee AOLSoftware exe C Program Files Real RealPlayer RealPlay exe C PROGRA MYWEBS bar bin m SrchMn exe C PROGRA MYWEBS bar bin mwsoemon exe C WINDOWS system P P Networking P P Networking exe C WINDOWS system ctfmon exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files AOL aoltray exe C Program Files HP Digital Imaging bin hpqtra exe C Program Files AOL Broadband Assistant bin mpbtn exe C Program Files PVR Series PVR Console PVR exe C Program Files iPod bin iPodService exe C PROGRA Magentic bin MgApp exe C Program Files PVR Series PVR Console PVRWatch exe c program files common files aol ee services antiSpywareApp ver AOLSP Scheduler exe c program files common files aol ee aolsoftware exe C Program Files AOL waol exe C Program Files AOL shellmon exe c program files common files aol ee anotify exe C Program Files Common Files AOL aoltpspd exe C WINDOWS system svchost exe C Program Files HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - URLSearchHook no name - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL O - BHO MyWebSearch Search Assistant BHO - A FAF - E- cf- - F A D - C Program Files MyWebSearch SrchAstt bin MWSSRCAS DLL O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO mwsBar BHO - B EA -A - -B BB- DE CCA - C Program Files MyWebSearch bar bin MWSBAR DLL O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO ST - EDE -C B - E- - BF AF E - C Program Files MSN Apps ST en-xu stmain dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO MSNToolBandBHO - BDBD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar en-us msntb dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - c Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - c Program Files Norton Internet Security Norton AntiVirus NavShExt dll O - Toolbar MSN - BDAD DAD-C -... Read more

Relevancy 32.25%

I can see a few problems but I d rather get an expert analysis Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system Log... Friend's A HJT winlogon exe A Friend's HJT Log... C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe c Program Files Norton AntiVirus navapsvc exe C Program Files Softex OmniPass Omniserv exe C WINDOWS Explorer EXE C windows system hpsysdrv exe C WINDOWS A Friend's HJT Log... System hkcmd exe C Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe C Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe C HP KBD KBD EXE C Program Files Common Files Symantec Shared ccApp exe C WINDOWS ALCXMNTR EXE C WINDOWS System winproc exe C Program Files AIM aim exe C Program Files Updates from HP Program BackWeb- exe c Program Files Hewlett-Packard HP Share-to-Web hpgs wnf exe C Program Files WinZip WZQKPICK EXE C Program Files interMute SpamSubtract SpamSubtract exe C Program Files Softex OmniPass OPXPApp exe c Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Internet Explorer iexplore exe C Josh HijackThis exe C Program Files Messenger msmsgs exe R - HKCU Software Microsoft Internet Explorer Main Search Page http srch-us hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Start Page http us hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Bar http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Search Page http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKLM Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKCU Software Microsoft Internet Connection Wizard Shellnext http us hpwis com O - BHO no name - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO NAV Helper - BDF E -B - AD-A -FADC B - c Program Files Norton AntiVirus NavShExt dll O - Toolbar hp toolkit - B E - D D- DEB- B - D BCF F - C HP EXPLOREBAR HPTOOLKT DLL O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - c Program Files Norton AntiVirus NavShExt dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run hpsysdrv c windows system hpsysdrv exe O - HKLM Run HotKeysCmds C WINDOWS System hkcmd exe O - HKLM Run CamMonitor c Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe O - HKLM Run Share-to-Web Namespace Daemon c Program Files Hewlett-Packard HP Share-to-Web hpgs wnd exe O - HKLM Run KBD C HP KBD KBD EXE O - HKLM Run StorageGuard quot C Program Files Common Files Sonic Update Manager sgtray exe quot r O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run Recguard C WINDOWS SMINST RECGUARD EXE O - HKLM Run ccApp quot c Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot c Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run AlcxMonitor ALCXMNTR EXE O - HKLM Run PS C WINDOWS system ps exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run WinProc winproc exe O - HKLM RunServices WinProc winproc exe O - HKCU Run AIM C Program Files AIM aim exe -cnetwait odl O - Startup spamsubtract lnk C Program Files interMute SpamSubtract SpamSubtract exe O - Global Startup Microsoft Office lnk C Program Files Microsoft Office Office OSA EXE O - Global Startup Quicken Scheduled Updates lnk C Program Files Quicken bagent exe O - Global Startup Updates from HP lnk C Program Files Updates from HP Program BackWeb- exe O - Global Startup Verizon Online Account ... Read more

A:A Friend's HJT Log...

G'day acpo,

May I suggest you have a read of this link http://forums.techguy.org/t178092/s.html

and also download the latest version of HJT (1.97.7), and post a new scan log.

Thanks
 

https://forums.techguy.org/threads/a-friends-hjt-log.181981/
Relevancy 32.25%
Q: Friend

I have a HP Pavilion a h Friend Desktop For the past -weeks the following problem has occurred after booting up and all icon shortcuts are on Friend the desktop a large box appears On the top it says system It has the minimize-enlarge-redX It has a line for file edit vie favorites tools help On the left side it shows System Tasks The front of the box says quot These files are hidden This folder contains files that keep your system working properly You should not modify its contents Show the contents of this folder quot I know that System is important and that I should not mess with it Some friends have had me go into run msconfig and uncheck one at a time files in the start-up list to determine if this box is appearing because it is linked to a startup file I have unchecked and re-booted No luck large box continues to appear The computer is not working any differently The box is really just an annoyance you know having to hit the red x to get it to go away Why has this started to appear and how can I get it to stop nbsp