2,959 Posted Topics
 | 1. Your log doesn't indicate severe infection; what exact problems are you experiencing? 2. Have HijackThis fix these: R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://quickmetasearch.com/?said=acc0001_ho"]http://quickmetasearch.com/?said=acc0001_ho[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - [url="http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe"]http://a1540.g.akamai.net/7/1540/52...meInstaller.exe[/url] O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - [url="http://offers.e-centives.com/cif/download/bin/actxcab.cab"]http://offers.e-centives.com/cif/do...bin/actxcab.cab[/url] |
| | [QUOTE=snowwolf]sometime when I just run the IF/Firefox the cpu can be overheat and shut down my laptop... Here's my "Hijackthis log"[/QUOTE] The free versions of FlashGet and BearShare install adware/spyware applications on your computer; I'd suggest uninstalling them and looking for adware-free alternatives. Aside from that though, there's nothing in …  |
| | Re: Virus invasion 1. You might want to post a HijackThis log for us to analyze. 2. You mentioned "Home Search"; if you really do have the Home Search Assistant (HSA) infection, you'll probably also need to download the About:Buster and HSRemove utilities. Please see my first post in the following thread for … |
 | You're fairly well infested, but I need to log for the night and can't dive into this right now. Let me try to contact one/some of other security experts and see if they can help you; we're all in different time zones, so one of them will hopefully be able … |
 | Have you had any version of Linux running correctly on this system before? Give us the system's full specs. |
| | Re: Is it clean now? OK- you definitely still have problems. First, we need to ge rid of the "newdotnet" infection. Removal instructions have been posted by our member "crunchie" in the following thread. Please follow his advice concerning newdotnet removal [i]very[/i] carefully, as improper removal of the pest can further corrupt your Internet connection: … |
| | You've got new pests. :( 1. Have HJT fix the following: R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://www.couldnotfind.com/search_page.html?&account_id=1002245"]http://www.couldnotfind.com/search_...ount_id=1002245[/url] O1 - Hosts: 216.19.0.250 idenupdate.motorola.com O2 - BHO: (no name) - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~2\SEARCH~1.DLL O2 - BHO: CATLEvents Object - {98BC949B-3D81-4750-836F-4BC57BD032EE} - C:\DOCUME~1\LINDAT~1\LOCALS~1\Temp\kablmx.dat O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll …  |
| | Your log is clean. I'd check with your ISP to see if the problem might be on their end, and also perhaps reset the modem before calling them. |
| | [QUOTE=djm123]To TOTALLY remove Ad Ware & Spyware?[/QUOTE] A single program to [i]totally[/i] remove adware/spyware (free or not)? Unfortunately, no. There are simply too many existing variants of adware/spyware programs out there, and at this point in time, new ones appear probably more frequently than do new types of "traditional" viruses. … |
| | The strange characters in the filenames in your screenshot indicate file/folder corruption, as does the fact that one of the files is listed as being more than 865[i][b]M[/b][/i]B in size (which I highly doubt to be true). When you say that the computer "won't turn on again", what exactly do … |
| | You've picked up a new nasty; have HJT fix: O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU) Reboot, delete the C:\WINDOWS\farmmext.exe file, and post a new log. Also: tell us what (if any) problems you are still experiencing. |
| | Nice work up-front on your part; you've given a lot to go on! From the looks of your log and the other info you posted, you have a few "unwanted guests" that we need to get rid of, and HijackThis isn't going to be able to do it all. Although … |
| | Yup- it definitely looks like a hijack. :( However, the Internet Explorer forum isn't the place for troubleshooting those types of issues. I've moved your thread to our [url="http://www.daniweb.com/techtalkforums/forum64.html"]Viruses, Spyware, and other Nasties forum[/url]; please post your HijackThis log now, and we'll help you from there. |
| | Let's check a few things concerning your basic connectivity: - In your Start menu, click the "Run..." option, type "cmd" (omit the quotes; if you use Windows 95/98, type "command" instead) in the "Open:" box, and hit enter. In the resulting DOS window, type the following command at the DOS …  |
| | See our member antioed's suggested fix (involving the "regsvr32" command) in the this thread: [url="http://www.daniweb.com/techtalkforums/thread782-browseui.dll.html"]http://www.daniweb.com/techtalkforums/thread782-browseui.dll.html[/url] Run the regsvr32 commands on the dlls you listed in your post and see if that fixes the problems. |
| | [QUOTE=sam1]i did this in .bash_profile PATH = $PATH:/usr/java/j2ske1.4.2-06/bin/javac export PATH[/QUOTE] Just at first glance (although it may not be the fix): your PATH statement should only point to the directories in which executables reside, [i]not[/i] to the executables themselves; try this instead: PATH = $PATH:/usr/java/j2ske1.4.2-06/bin: export PATH You may also … |
 | [QUOTE=dlegend9195]After 3 attempts my 80 GB hard was 39 GB and I had no new drives and missing a huge chunk of my HD?????[/QUOTE] Windows operating systems and Windows/DOS-only partitioning utilities cannot not recognize partitions which have been formatted as non-Microsoft (FAT, FAT32, NTFS) partitions; this includes Linux filesystems (ext2, … |
| | Give us the exact errors you're getting if possible, please. That will help us narrow down the possible causes of your problems. |
| | [QUOTE=Malkcontent]The HD reads as 2 gig in the bios as well.[/QUOTE] That indicates a problem at a lower level than the operating system, fdisk, etc. Please give us the following specifics: - Model of motherboard, including version and/or revision number if possible. - Make and specific version of the BIOS … |
| | [QUOTE=Perrom]I would appreciate too if you could specify what the running processes in the log do.(e.g. InCd.exe is a software I have installed with my cd-dvd writer)[/QUOTE] Running processes: KERNEL32.DLL - Windows Dynamic Link Library file MSGSRV32.EXE - Windows file; handles 32-bit system messaging services MPREXE.EXE - Windows file; handles … |
| | Re: "DNS Error Page" Hi isisnyc, First of all- welcome to TechTalk! We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but … |
| | Hi BlindMelonade, welcome to TechTalk! Unfortunately, we do not troubleshoot problems via AIM, email, or other "offsite" methods for a few reasons. The most important reason for our policy on this is that by keeping the entire troubleshooting history of our members' problem(s) documented in our forums, we create a … |
| | Re: Hijack this log clkoptimizer is definitely adware, but [i]current[/i] reference files for Ad Aware SE are supposed to detect it. Are you positive that you are running the latest version of Ad Aware, with the most current reference file installed? If Ad Aware actually does detect it, but can't clean it, try running … |
| | 1. In IE or FF, can you reach web sites by their IP (as opposed to their URL)? In the location/address bar of IE and FF, type the following to see if you can reach (respectively) Yahoo, Google, and this site: [url="http://66.94.230.34"]http://66.94.230.34[/url] [url="http://216.239.57.147"]http://216.239.57.147[/url] [url="http://69.93.117.133"]http://69.93.117.133[/url] 2. Did the original occurrence of … |
| | Are you still experiencing problems? If so, please tell us what they are; because your post was split from another thread, we don't have that info in this thread. You should uninstall any Wild Tangent programs through the Add/Remove Programs control panel; Wild Tangent is rather notorious for its adware/spyware … |
| | Your log still shows the signs of the about:blank infection. Please download About:Buster from the following link; install it and run it according to the directions given in the link: [url="http://www.majorgeeks.com/download4289.html"]http://www.majorgeeks.com/download4289.html[/url] Post a new HJT log after doing so. |
| | Re: explorer.exe?? [QUOTE=Comatose]Maybe A Safemode will help?[/QUOTE] Yeah, explorer.exe is the graphical shell; booting directly to a DOS shell (command prompt only) should let you do it with DOS commands. |
| | 1. Does the problem occur when you are booted into Safe Mode? 2. Have you looked through your system logs yet for any pertinent error messages? If not, open the Event Viewer program in your Administrative Tools folder to do so. 3. Give us some history of the problem: when … |
 | Re: Kuang2 Virus [QUOTE=Getwyred]I am beginning to think the above website is a scam to try and get you to buy their product. I have went to it on antoher computer and it said the same thing. Plus I have never not ran antivirus software. let me know what you think.[/QUOTE] I think … |
| | [QUOTE=sutapanaki]I got the message "Spybot reports that you want to download "Avenue A, Inc.". This is a known threat. Do you want to Bloc this". I say "yes" to block it, but now everytime I open a new page I get this message. There's something sitting in my computer (this … |
| | Re: Fat32 The consistency check doesn't necessarilly indicate that a disk error is the real root of the problem. The consistency check is automatically forced when Windows senses that it was shut down abnormally, but the reason for that shutdown could be one (or more) of many things. Spontaneous shutdowns/reboots can be … |
| | [QUOTE=mandy101w]how do i post a message on here, i need help desperatly!? amanda[/QUOTE] Hi Mandy, I've sent you a personal message which hopefully answers your question. To read it, go to the Quick Links menu option at the top the page and click Private Messages under the Miscellaneous section. :) |
| | As suRoot suggests, check the link speed and duplex settings in the network card's hardware properties. Also double-check that the card is using the correct driver. If there doesn't seem to be a problem there: - Switch the Ethernet cable with one that known to be in good working condition. … |
| | OK- you have more than a few infections, so let's try to clean some of them out before working on your log. Please do all of the following: A) Run a full anti-virus scan with Kaspersky, making sure that your anti-virus program is using the most current virus definition updates. … |
| | Hi fi216, welcome to TechTalk :) [color=black] We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it … |
| | [color=Red]Hi folks, For those of you new to this forum: We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar you problem might seem). Not only does it divert the focus of the thread away from the original poster's … |
| | Does SBC require that you use the PPPoE protocol to connect? If so, check your router's setup/configuration page and make sure that it is set for the correct protocol. Most routers default to using the DHCP protocol, which works for Cable connections, but most DSL providers use PPPoE instead. |
| | Unfortunately, most variants of the Home Search Assistant (HSA) are [i]very[/i] difficult to remove. The methods of infection used by HSA variants are constantly evolving/changing, and they have the ability to "morph" the names of the malicious files they use in such a way that the names of those files … |
| | The error you're getting is not specific to Samba; it's a Windows network error message. 1. Temporarily disable any firewall software that you might have running on the XP box; XP's built-in firewall as well as third-party firewalls from Norton, McAfee, Zone Alarm, etc. can all cause problems such as …  |
| | You're not clean yet, though- a new nasty has appeared in your latest log: [font=Arial] O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe Have HJT fix the above entry, reboot into safe mode, and do the following: - Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, … |
| | 1. Uninstall any Wild Tangent software and the WeatherBug program using the Add/Remove Programs control panel if possible; they have spyware/adware components. 2. Run HijackThis again and have it fix the following: O2 - BHO: WebBar Class - {EE392A64-F30B-47C8-A363-CDA1CEC7DC1B} - C:\PROGRA~1\ADVANC~1\bar.dll O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe O4 - … |
| | In addition to Ad Aware, also download/install/run SpyBot Search & destroy, CWShredder, SpywareGuard, and SpywareBlaster. The following thread explains a bit more about the above utilities and the begin2search infection; follow the basic suggestions given in the thread and them post a fresh log: [url]http://www.bullguard.com/forum/9/help-with-nasty-trojans-please_5946.html[/url] |
| | pcpalct is on the right track- Outlook components themselves are not natively designed to be served/shared network resources. That funtionality is what Microsoft Exchange provides, but installing and maintaining an Exchange server isn't often practical for people with relatively small networks. Adise from the possible solution offered by pcpalct, the … |
| | |
| | [QUOTE=Rickyholly]Keeps coming up with errors?[/QUOTE] What [i]exact[/i] errors? The more specific information you can give us, the more quickly we'll be able to help you resolve the issue. |
| | At what exact point during the install did it fail out to that error? |
| | winpack.exe is a trojan which, among other things, performs browser redirects. 1. Have HijackThis fix the " O4 - HKCU\..\Run: [winpack] C:\WINNT\system32\winpack.exe" entry, reboot, delete C:\WINNT\system32\winpack.exe, and empty your Recycle Bin. 2. Make sure you have the most current virus definitions for AVG and run a full system scan. 3. … |
| | [QUOTE=dlh6213]...have it fix the following entries: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://us9.hpwis.com/"]http://us9.hpwis.com/[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://us9.hpwis.com/"]http://us9.hpwis.com/[/url] F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe[/QUOTE] 1.The hpwis.com entries are valid for owners of HP computers, which this one appears to be. 2. The Userinit.exe entry can be valid as well under normal … |
| | [QUOTE=crunchie]Can I play too? :).[/QUOTE] Yay! Let's all party at thread #16625 tonight!!! :mrgreen: asianpanthers, You log looks clean now. Are you still noticing anything suspicious, or do things seem to be working correctly now? If you're still seeing problems, let us know. If not, here are some general suggestions … |
| | If you want our help, you will have to give us as much information as you possibly can; the simple fact that Windows does not shut down for you tells us basically nothing. There is no single reason why one gets that; it can be caused by too many things … |
The End.