2,959 Posted Topics
 | 1. Can you give us some specifics on the history of the problem (when did it start happening, did you make any hardware/software changes around that time, etc.)? 2. "After about 20 minutes of use, my computer crashes--"Blue Screen O' Death" comes up with Memory Dump error message" Give us …  |
| | The following page at Symantec/Norton's support site explains one of the infections you have: [url="http://sarc.com/avcenter/venc/data/pf/adware.easysearch.html"]http://sarc.com/avcenter/venc/data/pf/adware.easysearch.html[/url] Since you already have Norton and SpyBot installed, also download and install Ad Aware and then do the following: A) Run a full anti-virus scan, making sure that your anti-virus program is using the most … |
| | Sorry, but the way in which you've described your network environment is more than a bit unclear. Can you please elaborate on what [i]exact[/i] functions each of the two servers provide, and what services are running on each of the two of them? [QUOTE=earthguy]2 windows 2000 servers with independent domain … |
| | [QUOTE=deso|ate|]... but It won't go back. [/QUOTE] How did you try to get it back? If you haven't already: - Right-click on the taskbar. - Choose "Properties" from the resulting pop-up window. - Click on the "Start Menu" tab in the resulting window. - If the "Classic Menu" option is … |
| | Makes and models of the networking gear please, as well the specific drivers in use for the USB wifi device. |
| | Hi hankemeier, First of all- welcome to TechTalk! We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but … |
| | Some general questions to help us narrow down the possibilities: 1. Can you give us any more specific, exact information about the Memory problem error? If the computer had stopped responding, how were you able to run the check up, and exactly what "check up" program did you use? 2. …  |
| | 1) [QUOTE] C:\Program Files\Internet Explorer\iexplore.exe C:\DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 2 for hijackthis[1].zip\HijackThis.exe[/QUOTE] Those two lines indicate that A) Internet Explorer was running when your friend did the HijackThis scan, and B) he/she has HijackThis running from within a Temp folder. For HJT to work correctly, it must be run from its own … |
| | You get to the Safe Mode boot option by hitting the F8 as the computer starts up. You have to hit the key [i]just[/i] before/as Windows starts to load, so if you miss it first time just reboot again and start hitting F8 a bit earlier. |
 | Version 1.99.0 of HJT is a very recent release, and even the author of HJT admits that there's still work to be done in terms of certain bug fixes. Read a bit more about that on the author's site:: [url="http://www.spywareinfo.com/%7Emerijn/"]http://www.spywareinfo.com/~merijn/[/url] If you can't get the latest version of HJT to …  |
| | netdaemon.exe is probably a nasty. Locate the file in Windows Explorer, right-click on it, and choose "Properties". Is there any company name/version information listed anywhere in the Properties tabs? I'm not sure about "pc[b]tt[/b]ptt.exe"; did you spell that filename correctly? pc[b]t[/b]ptt.exe (note the [i]single[/i] "T") is a legit file related … |
| | [QUOTE=meow]bumpidy bump dump bump[/QUOTE] After less than 3 hours from your first post?? :rolleyes: Please try to be a bit more patient in the future... First- you're running an older version of HijackThis. Please download the latest version (1.99.0) using the "HijackThis" link in my sig below, run that version, … |
| | Hi Sheldon, welcome to TechTalk! :) Being new to this site I'm sure you aren't aware of this, but we do ask that members start their own thread when they have a question rather than "piggybacking" the question onto a thread previously started by another member (regardless of how similar … |
| | [QUOTE=wendigo922]in the bottom corner where the website address would be is [b]something to the effect of[/b]...[/QUOTE] Please give us the exact info if possible; the more specific you are, the more quickly we can help you out. - Have you checked for virus/spyware/adware infections yet? They can certainly cause problems … |
| | Hi Per Ivar , First of all- welcome to TechTalk! We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's … |
| | A download accelerator is a type of third-party download management sofware which offers (supposedly) faster download speeds than your regular browser. I think what Alex is alluding to is that such a program might be corrupting the downloaded video images. By the way- being "stuck" with Netscape isn't a bad … |
| | Re: about chkdsk [QUOTE=ArtChess]also. i created a ms-dos via right click A: format and put a check mark on create ms-dos boot disc. however when i boot to that disc i cannot run chkdsk. how can i create a DOS boot disc so that i can run chkdsk /f[/QUOTE] When you choose to …  |
| | You [i]are [/i]infected with the latest VX2 variant, which is extremely nasty and persitent. As crunchie already mentioned- do not do anything that we don't suggest, and do what we [i]do[/i] suggest exactly, and in the exact order given! As you've already found out, the infected files will both morph … |
| | [QUOTE=TheOgre]You just got rid of your authentication server...[/QUOTE] Yup. Unless you've promoted another server to DC status, you not longer have centralized authentication. In that situation you will need to log on to the 98 box using an account which exists locally on that box. |
| | [QUOTE=ravengal_420]Well, I deleted everything from that Temp folder...[/QUOTE] There may be duplicate copies elsewhere. Also, did you do the deletion while booted into safe mode? If not: 1. Turn off System Restore. As previously posted, instructions are here: [url]http://www.daniweb.com/techtalkforums/thread13362.html[/url] 2. Reboot into safe mode (you get to the safe mode … |
| | [QUOTE=Tome722]I am unable to boot from the Windows CD or get into the system BIOS.[/QUOTE] - Did the system ever boot correctly after installing the new motherboard? Your post is slightly unclear on that. - Does the system emit any beeps when it attempts to boot? If so, tell us …  |
| | There's nothing suspicious in your log, but that doesn't mean you're not still infected. Disable ME's System Restore function, reboot into safe mode, and try deleting the contents of the Temp folders again: 1. [url="http://www.daniweb.com/techtalkforums/thread13362.html"]How to disable System Restore[/url]. 2. Reboot into safe mode (you get to the safe mode … |
| | [QUOTE=Greenwood]This one says for sale with new computer only.[/QUOTE] I think Christian's take on the above may be on the mark. Where exactly did you get the disk? Does it have a PC manufacturer's name on it? Install disks labelled in that way are OEM versions meant for distribution only … |
| | Caught, and moved... :mrgreen: Manny805, In addition to the fact that you [i]do[/i] need to move HijackThis to a folder outside of any Temp or Temporary Internet folder, your log doesn't look complete: 1. The header information should list the version of HijackThis; yours doesn't. 2. I'd expect to see … |
| | Re: "DNS Error Page" Just to clean things up, have HJT fix this: O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file) And, if you no longer have UltraVNC installed, fix this also: O23 - Service: VNC Server - Unknown - C:\Program Files\UltraVNC\winvnc.exe (file missing) |
| | RPrice, Two things before we dig in to this: 1. You are running an old version of HijackThis. Please download the latest version (1.99.0) using the link in my sig below. 2. You are currently running HijackThis from a folder within your C:\Documents and Settings\Administrator\Local Settings\Temp folder. Please create a … |
| | Danielle, This entry in you HijackThis log indicates that you have at least 1 instance of Internet Explorer open when you ran HijackThis. HJT cannot fully perform all of its fixes while any instances of your web browser(s) are running, so you need to make sure all browsers are completely … |
| | There's nothing in your HijackThis log to indicate that malicious infections are responsible for your problems, but I wouldn't jump to the conclusion that you need a new CPU yet. 1. Have you had a look through your system log files for messages/errors which might point to the problem? If …  |
| | [QUOTE] O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup[/QUOTE] Robotman, You should uninstall both spykiller and bestpopupkiller; they are both programs of at least, shall we say, "dubious repute". SwankSoft is the name of the company which makes both programs, and they are [i]bogus[/i]! … |
| | 1. Close all running programs. 2. Run HijackThis again and have it fix the following: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://toolbar.webfile.com/side.php"]http://toolbar.webfile.com/side.php[/url] R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - (no file) O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-D7F2-F66AB690AD7D} - (no file) O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D7F2-F66AB690AD7D} - … |
| | You can probably also delete the file when booted into Safe Mode; it's most likely that the file won't be running in Safe Mode. There's a larger issue though: you're obviously infected, and it's highly likely that the wndllsys.exe file is not the only "unwanted guest" on your system. You … |
 | If Windows isn't automatically detecting the video card, you will have to tell us the exact make and model # of the card before we can tell you where to get the drivers for it. Knowing the exact make and model of the computer itself will help too. Also - … |
| | 1. In Safe Mode, and with your Explorer's View settings set to show hidden/system folders as crunchie instructed, delete everything in the C:\Recycler folder. 2. "Local Page"="c:\\winxp\\system32\\blank.htm" <-- note the double slashes in that path; that's abnormal. Is that really the way the entry reads, or is that a typo? … |
| | [QUOTE]I have to use the onscreen keyboard[/QUOTE] What "onscreen keyboard" are you referring to? Given everything you've described, I'd try a different keyboard first; it sound's like yours might be getting flaky. |
| | [QUOTE=chemicalking]... internet explorer keeps popping up at random...It just pops up with stupid adverts on.[/QUOTE] You [i]are[/i] infected. When you say "I have checked for spyware and virusus", what exact programs did you use? Moving to the Viruses, Spyware, and other Nasties (damn, Dani- why did you have to make … |
| | 1. Viewpoint Manager: it does, at the very least, "phone home" to check for updates. The program's maker says that you can disable that function through the VM control panel, and also says VM collects no user data or the like. Care to believe them? ;) You can safely remove … |
| | Can we have the exact make and model of the tape drive please? |
| | That log looks clean to me; let's see if crunchie seconds my option on that. |
| | Have you tried eBay? You can often find old software there for not a lot of $$.  |
| | OK, here we go... 1. SpyKiller, BestPopUpKiller, and SpyHunter all fall into the category of "dubious" programs, in that they are unreliable and at the very least return "false positive" findings as a way of enticing users to buy the commercial versions of the programs. You should uninstall them and … |
| | Hi Eric9112, welcome to TechTalk! You do have infections, but you need to address couple of things before we start with the troubleshoot: 1. Your log indicates that you are using version 1.97.7 of HijackThis, which is out of date. Please download the latest version (1.98.2) using the link in … |
| | Since you seem to have the cabs in your C:\Windows\Options folder, you should be able to extract a fresh copy of rundll32.exe from there: extract /a win98_40.cab rundll32.exe /L c:\windows |
| | [QUOTE=OurNation]First off it doesnt show the HJT version...[/QUOTE] Yes- your log is missing that bit of information, and it [i]is[/i] important. If you don't have it already, you can download the latest version of HijackThis (1.99.0) from the link in my sig below. [QUOTE=OurNation]and dont run internet explorer while scaninng … |
| | Hi LOSTWORLD, welcome to TechTalk :) A couple of things before we dig into your log: 1. You are running an outdated version of HijackThis. Please download the latest version (1.99.0) from the link in my sig below, run it, and post the new log it generates. 2. When you … |
| | These programs don't need to be run as startup items: O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE Depending … |
| | [QUOTE=w1r3sp33d]There are many reasons it won't work...[/QUOTE] Er, um... huh?? There are actually [i]two[/i] technologies which will do this; one is called "modem bonding" and the other is called "modem teaming". Modem bonding needs to be supported by your particular ISP; modem teaming does not, but it does require special … |
| | [QUOTE=talonnet30]not sure if i am doing this right , if not sorry, i am newbi ... can any one help me????? please???[/QUOTE] Actually, you need to start a new thread in our Security forum and post your log there; Security is the only forum where HijackThis logs should be posted. … |
| | [QUOTE=agavzy]COuld it be the crlf32.exe or the kalvkyr32.exe file?[/QUOTE] Yes, those are two of your problems. Also, you still have some "nasties" running from within your C:\documents and settings\gavzya\local settings\temp folder. Did you [i]fully[/i] follow caperjack's instructions regarding deleting all of the files in that folder? 1. Use your Add/Remove … |
 | Please download the utility program HijackThis, run it, and post the log file it generates for us to review. Instructions for downloading and using HijackThis can be found in our member caperjack's post in this thread: [url="http://www.daniweb.com/techtalkforums/thread15641.html"]http://www.daniweb.com/techtalkforums/thread15641.html[/url] |
 | OurNation, Please don't sweat the whole Reputation Points thing. Without going into a ton of detail and history: As you've found out, a "Points" system is by nature somewhat prone to abuse/misuse; we and other support sites who've implemented such rating systems have had a lot of discussion concerning the … |
The End.