Posts by dlh6213

Have you tried the remv3 utility yet (link in post #3)? That should clean up the freshbar files.

Did you try emptying your Temp folders from Safe Mode?

Isisync, first of all you need to go to Windows Update and get all the Critical Updates for your system. Hold off on SP2, however, until your system gets cleaned up.

Next, you have hijackthis in a Temp folder, in order to protect it, and the backups it will create, you need to put in it's own permanent folder, like c:\HJT\hijackthis.exe.

If you have anything disabled in msconfig, enable it before the next scan.

Once you've done this, close all browser windows, scan with HJT, and post a new log please.

:cheesy: :cheesy: Hi, all

Recently bought a DL-604 router. The question like to ask is? Can i use the router with software firewall. The router also come with firewall capability. which is better and how do i configure the router and firewall.
i am running winxp sp2.

any help is greatly appreciated.

thank..

Your router should have come with instructions for configuring it, if not, their website should have a manual you can download.

Post #5 sent this in a different direction, probably should have been a new thread.

Just one more minor thing. Right-click on your desktop and select New, Folder; give the folder a name (like HJT or hijackthis). Then drag 'hijackthis.exe' on your desktop into that new folder; also, if you now have a folder on your destop named 'Backups', put it in that folder as well (these are the backups HJT created). This way everything is together in a safe place.

You should also go to Windows Update and get the Critical Updates for your system :)

Also I have used OS on 5gig c:\ with all system files on the 5gig and changed the default install to d:\ and loaded all programs on D:\ partion ,this also made defrag faster .it all worked for me anyway .

How do you change the default install to a different drive?

You should post this question in the Windows forum for better response; also include your operating system (if it's XP, also include the current service pack installed).

With DSL you're more likely to experience malware attacks, see these threads for some helpful advice:

http://www.daniweb.com/techtalkforums/thread5690.html

http://www.daniweb.com/techtalkforums/thread16365.html

Some info related to this but on the email side can be found here:
http://www.daniweb.com/techtalkforums/thread17228.html

I doubt MS is going to help you, but it can't hurt to try. You might have better luck contacting the manufacturer of the computer. I have an e-Machine that I had this problem with once; I called them up and they gave it to me in just a few minutes.

Without a CD, how are you getting to the "enter your product key" page?

How exactly did the computer become 'fragged'?

I agree, as long as you have a router with a built-in firewall, the firewall in XP is fine.

... it still freezes, I have 128 RAM, I will have an extra 250 ram installed next week. Do you think that will cure the freezing problem? Please let me know.

See how it runs after you add the additional RAM. If you still have problems, try WinSocks Fix:
http://www.digitalminds.net/index.pl/downloads

Looks like someone merged the two threads so there is only one now.

Please keep all replies within the thread; that way, if anyone else has a similar question, they can find the answer themselves.

No advantage to one over the other (Ad-Aware/SpyBot), you should have them both, as well as an antivirus program; keep them all updated. Ad-Aware looks primarily for adware, SpyBot for spyware, and antivirus programs for, well, viruses (though the newer versions seem to be looking for some spyware and adware as well).

Getting your Windows Updates regularly and installing SpywareBlaster and SpywareGaurd will also help prevent infections (most virsus are released after the patches have been made available).

In addition to reading the link in post #2, have a look at this one:
http://www.daniweb.com/techtalkforums/thread16365.html

Please download About:Buster from the following link; install it and run it according to the directions given in the link:

http://www.majorgeeks.com/download4289.html

After doing so, close all browser windows, scan with HJT, and post a new log please.

Boot into Safe Mode, go to Add/Remove Programs in your Control Panel and see if SP2 is there; if it is, remove it, and then see if you can boot normally.

If it's not there, or you still can't boot into normal mode, go back into Safe Mode and see if you can use System Restore to go back to a Point prior to when you started having trouble.

3,000 in less then a year :eek: :eek:

All good ones too! :)

When you mention "thermal compound" are you referring to the heat transfer grease that Thong_Inspector suggested?

Yes, I was wondering if you actually had replaced it.

Maybe the power supply will work, good luck and let us know.

(I don't think anyone thought you were calling anyone a liar:) )

See if this helps:
http://support.microsoft.com/?kbid=289022

Ad-Aware is an excellent program, but will not remove everything (nothing will). You should also have SpyBot Search and Destroy. You can find links to those and other helpful utilities and advice in this thread:
http://www.daniweb.com/techtalkforums/thread5690.html

This thread may help you:
http://www.daniweb.com/techtalkforums/thread16475-remv3.html

I'm not real sure what you mean... Are you saying there's no video on the monitor? If that's the case, check the connection on the back of the computer where the monitor cord connects; there should be screws on both sides of that connector -- make sure the connector is pushed all the way in and the screws snug (don't overtighten them).

If I misunderstood your question, could you please clarify?

How far can I overclock a 600 MHz Intel PIII without problems?

See the last paragraph in this link:
http://www.zen26266.zen.co.uk/P3-600.htm

(Nice sig you've got there :lol: )

That's interesting... I wonder if Nero or Microsoft are aware of this problem... :confused:

Glad you got it figured out and thanks for letting us know what it was in case it comes up again :)

By the way, there's nothing wrong with using msconfig to boot into Safe Mode (usually), that's what the option is there for.

Do you mind telling us what you did in case it comes up again?

Wow, that didn't sound like a hard drive problem to me. Thanks for letting us know how you fixed it :)

Marking this as solved, even though you did it on your own :D

I recently had a computer made for me and my family. It was running perfectly for the first few weeks, but then it began to slow down. I know have numerous pop ups and the computer is slowing down. My guess is that my children must have downloaded files with viruses.

As I was reading your post it reminded me of this thread so I thought I would post the link for you to read if you like (and to hopefully prevent this from happening again):
http://www.daniweb.com/techtalkforums/thread16365.html

For every user account listed under C:\Documents and Settings, delete the entire contents of these folders:
Local Settings\Temp
Cookies
History
Local Settings\Temporary Internet Files\Content.IE5

Delete the entire content of
C:\Windows\Temp folder
C:\Temp folder

Do a search for *.tmp and delete everything found

Empty your Recycle Bin

Here's a link to the spyware site crunchie mentioned if you care to see what they said about those programs:
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Go to Add/Remove Programs in your Control Panel and remove (if found):
Viewpoint and/or Viewpoint Manager
WildTangent

Scan with HJT and have it fix the following entries:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O2 - BHO: ZServObj Class - {00000000-C1EC-0345-6EC2-4D0300000000} - C:\WINDOWS\ZServ.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll (file missing)
O2 - BHO: IEHlprObj Class - {2096CA9F-76CB-469E-8D8E-8C41CB788D90} - C:\WINDOWS\system32\mo030414s.dll (file missing)
O2 - BHO: TChkBHO Class - {35C95DFE-E560-46FA-BF13-449C8466CD50} - C:\WINDOWS\system32\csxlw.dll (file missing)
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O4 - HKLM\..\Run: [Sentry] C:\WINDOWS\Sentry.exe
O4 - HKLM\..\Run: [System Tray] C:\Documents and Settings\BARBARA\My Documents\Lindsay\screen_doc.pif
O4 - HKLM\..\Run: [susp] C:\WINDOWS\susp.exe
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [xrmjhxbvxz] C:\WINDOWS\System32\cjdcxn.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SAHAgent] C:\WINDOWS\System32\SahAgent.exe
O4 - HKCU\..\Run: [System Tray] C:\Documents and Settings\BARBARA\My Documents\Lindsay\screen_doc.pif
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - …

Before fixing anything with hijackthis, you need to move it into it's own permanent folder (you now have it in a temp folder) so it doesn't get deleted and so the backups it will create don't get deleted. Put it in a folder like c:\HJT\hijackthis.exe.

After you've put it in a safe folder, close all browser windows, scan again, and post a new log.

I'm really having trouble with this virus. My computer is acting slower than ever. Could someone please tell me the name and website of a free anti-virus download? Not the after-the-fact kind, but the kind that actually prevent the virus infection in the first place?
I'm too incompetent to find one on my own.
-Little Jimmy

This website is about helping people help themselves; if you can spell 'incompetent,' I doubt that you are.

This thread offers protective measures you should find useful:
http://www.daniweb.com/techtalkforums/thread5690.html
(Yes, it even has a link to a free antivirus program)

Did you check the links previously suggested? They offer advice on how to set processes.

I'll assume your using Internet Explorer (IE) since that's the forum you posted in.

Click on Tools at the top, and then Internet Options. Click on the Privacy tab, and near the bottom you should see a box that says Web Sites; click on the Edit button inside that box. Type in the address of the website you wish to allow cookies from (like www.yahoo.com), and then click the Allow button. After you've entered all the address you want, click OK. You can add more whenever you find a site you wish to allow cookies for. You can also Block certain sites here as well.

That was a pretty simple fix, Thanks for posting it. I'll try to remember that in case it comes up again!

I'm going to mark this as solved; even though we didn't help, there is a solution to the problem :D

After discussing this with hammy some more, I decided I should include some detailed information in case someone else came across this thread with a similar issue/question. If anyone has any other reasons that I have forgotten (or don't know about), please feel free to post them.

Q: Why shouldn't you open an email from someone you don't know, especially if there's nothing in it?

A: First of all, you don't know whether or not there is anything in it until you open it. It may contain a virus that executes automatically as soon as the email is opened (it doesn't have to be an attachment as many believe).
Second, if there is nothing in it, the sender most likely had 'read receipt' attached to it (meaning as soon as you open it, the sender gets a message in their inbox letting them know it was opened). Now that they know the email has been opened, they know they have a valid email address and they can either send spam themselves or, more likely, sell it with a list of others email addresses to other spammers.

Q: Why shouldn't you open an email from someone you know if it's in your 'Junk' folder?

A: If it's in your 'Junk' folder, it has probably been identified as spam, which can happen for two reasons.
1.) Viruses are often spread by going into the users address list and sending out emails on it's own (replicating itself).

WeatherBug is related to adware and, in my opinion, should be removed. You can decide for yourself; here are a couple of links:
http://sarc.com/avcenter/venc/data/adware.weathercast.html
http://www.auditmypc.com/process/weather.asp

If you decide to uninstall it, go to Add/Remove Programs in your Control Panel and remove WeatherBug

Regardless of your decision regarding WeatherBug, scan with HJT and have it fix the following entries:

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/cus...://my.yahoo.com
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

And these only if you don't want WeatherBug:
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/min...ransporter.cab?

Close all windows other than HJT before hitting the Fix button

Last step, again only if you don't want WeatherBug:
Reboot into Safe Mode
Go to C:\Program Files\AWS and delete the WeatherBug folder

Reboot normally

Close all browser windows, scan with HJT and post a new log

Did Microsoft give you the instructions you need once you get into the Registry Editor?

To get to the Registry Editor, go to Start, Run, and type in regedit; click OK and the Registry Editor will open.

Before you edit the registry, you should make a backup. At the top of the Registry window, click on the Registry menu, click Export Registry File. In the Export range panel, click All, then save your registry as Backup.

Make the changes you want, then exit the Registry Editor.

If you end up needing to reinstall, here are complete instructions:
http://www.daniweb.com/techtalkforums/thread6632.html

Since SP2 caused problems before, you may not want to try it again, but here is some info on it if you're interested:
http://www.daniweb.com/techtalkforums/thread10031.html

Go to this thread and get the self-extracting version of hijackthis:
http://www.daniweb.com/techtalkforums/thread15611.html

Close all browser windows, scan with HJT, and post the log in the Virus forum (not in this thread) along with the problem you are having.

Did you scan again with the updated CWShredder? If so, did it find anything?

Go to Add/Remove Programs in your Control Panel and remove (if found) Viewpoint

Scan with HJT and have it fix the following entries:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

Close all windows other than HJT before hitting the Fix button

Reboot into Safe Mode

Go to:
C:\Program Files and delete the Viewpoint folder

Reboot normally

Reset your homepage

Go to this thread and get SpywareBlaster and/or SpywareGaurd (free):
http://www.daniweb.com/techtalkforums/thread5690.html

Close all browser windows, scan with HJT, and post a new log

I'm not sure what you mean by 'going in circles,' does it keep rebooting itself? You can't get into msconfig to uncheck SAFEMODE?

Can you boot to your XP CD? (Still assuming you have XP)

Where does AVG say Downloader.Small.9.BV is located?

WeatherBug is adware related and, in my opinion, should be removed. If you decide to...

Go to Add/Remove Programs in your Control Panel and remove WeatherBug (if found)

Scan with HJT and have it fix the following entries (if found):

O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/min...Transporter.cab?

Reboot into Safe Mode

Do a search for WeatherBug and Weather.exe and delete all instances found

Reboot normally

As far as processes running, check the link caperjack gave ( http://castlecops.com/StartupList.html) and this one:
http://www.blackviper.com/WinXP/servicecfg.htm

These links may help:
http://www.espere.org/pdffile.htm
http://www.newton.dep.anl.gov/askasci/comp99/CS078.htm

There are other programs that will do this, but I haven't used any of them so I can't make any recommendations. If you do a google search I'm sure you will find some.

There may be someone here that has used some of these and will reply to this thread.

Try msconfig and see if it will work that way.

Good on ya caperjack :D. That's a long time in front of a monitor :).

Look who's talking! And this isn't the only forum you work at!

Congratulations caperjack!

Maybe you should try Belkin's website (Support Center):
http://world.belkin.com/

Wish I could be of more assistance :(

Did you delete the entire folders or just the contents? If just the contents, it shouldn't have created any problems. I'm not sure what happens if you delete the folders themselves.

Try using System Restore to go back to a date before you deleted anything.

More advice here:
http://www.daniweb.com/techtalkforums/thread5690.html

Noadware may not be helping you much, see this review:
http://www.adwarereport.com/mt/archives/000023.html

Go to this thread and follow the suggestions:
http://www.daniweb.com/techtalkforums/thread5690.html

Then post a hijackthis log in this same thread.

First of all, right-click on your desktop and select New folder. Name this folder something like HJT, and then drag hijackthis.exe into that new folder.

CWShredder should have fixed some of this, are you sure it's updated? Try updating it and run it again.

Scan with hijackthis and have it fix the following entries:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us10.hpwis.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us10.hpwis.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://us10.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: VDOMP Class - {A0ED918D-B8E6-4c3d-BD15-1DB1AE9A5DD3} - C:\WINDOWS\wtlbass32.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
O3 - Toolbar: SToolbar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\stoolbd.dll
O4 - HKCU\..\Run: [CTFMONSS] C:\WINDOWS\System32\CTFMONSS.EXE
O4 - HKCU\..\Run: [CSRSSW] C:\WINDOWS\System32\CSRSSW.EXE
O13 - DefaultPrefix: http://ehttp.cc/?
O13 - WWW Prefix: http://ehttp.cc/?
O13 - WWW. Prefix: http://ehttp.cc/?

Reboot into Safe Mode

Go …