2,959 Posted Topics
 | Removing [i]all[/i] pieces of that infection seems to be a bit of a pain; please do the following: 1. [url="http://www.daniweb.com/techtalkforums/thread13362.html"]Disable System Restore[/url]. 2. Download and install the following (free) utilities: [u]CCleaner[/u] - [url="http://www.ccleaner.com/"]www.ccleaner.com[/url] [u]Webroot Spy Sweeper (14 day free trial)[/u] - [url="http://www.webroot.com/shoppingcart/tryme.php?bjpc=64011&vcode=DT02"]http://www.webroot.com/shoppingcart...4011&vcode=DT02[/url] [u] Microsoft Anti-Spyware beta[/u] - [url="http://www.microsoft.com/downloads/...&displaylang=en"]http://www.microsoft.com/downloads/...&displaylang=en[/url] [u]ewido Anti-malware … |
| | Re: help needed Please give us more details, such as: - The version(s) of Windows the machines are running. - The specific IP addressing scheme(s) you're using, including netmasks, gateway addresses, etc. - Whether you're using a hub, router, or switch to connect the client machines to the server. - Can the machines … |
| | |
| | You'll be able to read from/write to the old ME drive, but there won't be booting conflicts or the like with XP, if that's what you're concerned about.  |
| | Re: computer freeze [color=Blue][b]Due to the fact that the member who originally started this thread has not responded in quite a long time, this thread is considered abandoned and has been closed. [color=Red]In accordance with our [url="http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_policies"]posting rules[/url], other members having similar problems should start their own threads and post their questions there. …  |
| | Download the (free) [url="http://www.stevewolfonline.com/Downloads/DMR/Spyware%20Tools/HJT/HijackThis.exe"]HijackThis[/url] utility. Once downloaded, follow these instructions to install and run the program: Create a folder for HJT outside of any Temp/Temporary folders and move/extract HijackThis to that folder now. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do. Run HijackThis, but do not have … |
| | You definitely have a nest of infections there, a couple of which will need special attention. Please do the following to see how much of the rest we can clean up: 1. Download and install the following (free) utilities: [u]CCleaner[/u] - [url="http://www.ccleaner.com/"]www.ccleaner.com[/url] [u]Webroot Spy Sweeper (14 day free trial)[/u] - … |
| | Since this isn't a question about a technical problem, I'm moving this to the Geek's Lounge. :) |
| | Other than the following IE settings (which you can have HJT fix) pointing to a MyWay-sponsored Dell page, I see no signs of MyWay components in your log: [b] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.dell4me.com/myway"]http://www.dell4me.com/myway[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://g.msn.com//0seenus/saos01"]http://g.msn.com//0seenus/saos01[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.dell4me.com/myway"]http://www.dell4me.com/myway[/url] R0 - … |
| | Are you [i]absolutely[/i] sure that the load of XP that you installed is legal? |
| | Your log definitely shows signs of a few different, separate infections, but the following info in your HJT log's header also shows that you are running a totally "virgin" version of Windows XP (no Service Packs, Security/Bug Fixes, etc. appear have been installed): [b] Platform: Windows XP (WinNT 5.01.2600) MSIE: … |
| | [QUOTE=Dwy3r688]I removed all the viruses and such...[/QUOTE]But unfortunately, your HijackThis log doesn't seem to agree with you. :eek: (You actually have signs of a few different infections) Before we begin the actual cleaning process: [b]C:\DOCUME~1\ANNMAR~1\LOCALS~1\Temp\Rar$EX00.875\HijackThis.exe[/b] The log entry above indicates that you are running HijackThis from within a Temp/Temporary folder. … |
| | You are infected with a variant of the [url="http://www.sophos.com/virusinfo/analyses/w32brontoki.html"]Brontok worm[/url], which I don't [i]think[/i] AVG can deal with yet. Also, speaking of AVG: you mentioned "other staff's pc". The version of AVG that you are running (AVG Free) is [i]only[/i] for personal use; you are violating AVG's terms of use … |
| | [QUOTE=maraniba]...but I got a message saying that I it wouldn't let me merge it with the registry. [/QUOTE]Did the message give you any indication as to [i]why[/i] the Registry merge was being denied? The reason I ask is that some anti-spyware programs like SpyBot, Ad Aware, etc. have protection features … |
| | [QUOTE=Syakoban]It's not XP it's 2000...[/QUOTE]Doesn't matter; both 2000 and XP are fully backward compatible in that regard. All you should need to do is install each drive as a slave drive in the new system, paying attention to the Master/Slave jumper settings on your IDE devices. The drives should then … |
| | [QUOTE=Salem]> urgently needed as submissions by next week... What makes you special? [url="http://www.daniweb.com/techtalkforums/announcement8-2.html"]http://www.daniweb.com/techtalkforums/announcement8-2.html[/url][/QUOTE] [QUOTE=Salem]Noting also that this was 9 months old before you said "me too".[/QUOTE]Agreed on both counts. [color=Blue][b]Due to the fact that the member who originally started this thread has not responded in quite a long time, this … |
| | I see no signs of infections in the log. Open the Event Viewer utility in your Administrative Tools control panel and look through your System and Application logs for entries flagged with "Error" or "Warning" which might be related to the problems. Double-clicking on such an entry will open a … |
| | - When did this start happening? - Have you verified that your Internet connection to your ISP is functioning? Try these steps and see what you get; tell us what happens for [i]each[/i] step: 1. Open a DOS box and type the following commands (in order) at the prompt: ping …  |
| | If the issue isn't with the fans: The thermal transfer compound which is applied between the CPU's surface and the heat sink can dry out, or the heatsink itself can work itself loose; either may cause the computer to go into thermal shutdown. Remove the heatsink from the CPU and … |
| | Hi FLYN, You do have at least one infection (a worm), as indicated by this HJT log entry: [b] O23 - Service: lsass (Local Security Authority System Service) - Unknown owner - C:\WINNT\lsass.exe (file missing) [/b] However, you need to take care of something first: [b]C:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.exe [/b]The … |
| | Hi Ny4windserboy02, First of all- welcome to DaniWeb :) We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, … |
| | There are no infections evident in your log; can you tell us exactly which websites give you trouble? |
| | [QUOTE=tayspen] btw: you did a little double posting[/QUOTE]Thanks for the heads up; dupe has been deleted. [QUOTE=tayspen]Download hijackthis - [url="http://www.spywareinfo.com/%7Emerijn/"]http://www.spywareinfo.com/~merijn/[/url] and post a log in the spyware forum. That will get you started in the process of cleanup.[/QUOTE]Right- there are a lot of very nasty infections out there which Norton … |
| | Given some of the background info you've posted, I'd suggest giving us a HijackThis log to review; we may catch something that you overlooked. If you do post, please post the log in a new thread in our Virues, Spyware, and other Nasties forum, not in this forum. Also- if … |
| | I see no signs of infections there; looks clean :) |
| | The problem could be caused by a number of things, including virus/spyware infections, software corruption/conflicts, hardware-related problems, etc. Please give us as much background information as you can. The more details we have on the problem, the faster we can help you pinpoint the exact cause. |
| | [QUOTE=peppylepiu]I have put a selective startup and stopped lsass from running because a dos popup was occuring on startup system32/cmd.exe.[/QUOTE][i]That[/i] sounds suspicious; please do the following: Download the (free) HijackThis utility: [url]http://www.stevewolfonline.com/Downloads/DMR/Spyware%20Tools/HJT/HijackThis.exe[/url] Once downloaded, follow these instructions to install and run the program: Create a folder for HJT outside of … |
| | Can you describe the problem(s) in more detail please? There are only a couple of possibly suspicious entries in your log, but HijackThis isn't as effective at pointing out infections on Win 98 systems as it is on WIn 2000 or XP systems. |
| | Although my first hunch would be to check for legit program which might be scheduled to perform automatic updates at that time, there [i]is[/i] one nasty infection evident in your HJT log. Please do the following: [color=Blue]You will need to close/quit all web browser programs and disconnect from the Internet … |
| | Odd. Care to give us a few small details, such as the make/model of the 'puter? ;) |
| | I don't see the usual signs of that infection in your HJT log. Can you give us any further info/details to go on? |
| | I'm pretty sure "StillMnt.exe" is a component of some webcam software. Do you have such software installed?  |
| | Re: Need Help [QUOTE=Confused]When installed by CD AOL said file to large to open. [/QUOTE]Can you be more clear on that please? AOL should have nothing to do with installing the Lexmark software from CD.  |
| | [QUOTE=marbeau41]...the disk is only 31.49GB [b]Fat 32[/b][/QUOTE]That's the problem- Win XP and 2000 cannot [i]format[/i] partitions larger than 32G with FAT32, although they canwork with FAT32 partitions larger than 32G (which third-party disk utilities like Partition Magic [i]can[/i] create, as FAT32 itself has a 2TB partition limit). You have 2 … |
| | Re: Second HD [QUOTE=mab1966]The jumper is set to slave[/QUOTE]That may be the problem- SATA drives don't use a Master/Slave relationship. Your ATA drive should be set to Master or to Single if it is the only device on the IDE channel. Which drive the computer tries to boot from (SATA or IDE) is … |
| | An nslookup of the exact IP yields: Name: i3ED6C5A6.versanet.de Address: 62.214.197.166 [url="http://www.versanet.de"]www.versanet.de[/url] redirects to Versatel, which is an ISP in the Netherlands. In other words, your computer appears to be trying to "phone home" to a computer on Versatel's Internet service. I doubt this is what one would call a … |
| | From the "Trippy but True Hardware Fixes" department: For any of you out there who've had the wonderful misfortune of having a hard drive go totally belly-up on you, but recovering the data on the drive is absolutely necessary, check this out: One of my clients' old Maxtor drives finally … |
| | [QUOTE=cozzy]The cable i'm using to connect the PC's together is; YFC UTP CAT.5E PATCH 150/IEC 11801 & EN 50173 & TIA/EIA 568B.2 3P VERIFIED FOR GIGABYTE ETHERNET-24AWG x 4P TYPE CM (UL) C (UL) CMHE161469... I cannot peel any wires back (ref to einstein's description of crossover & ethernet cables). … |
| | [color=Blue][b]Due to the fact that the member who originally started this thread has not responded in quite a long time, this thread is considered abandoned and has been closed. [color=Red]In accordance with our posting rules, other members having similar problems should start their own threads and post their questions there. … |
| | Please do the following on the problematic computer: * Click on the "Run..." option in your Start menu. In the "Open:" box of the resulting window, type "cmd" (omit the quotes) and hit Enter. This will bring up a DOS window * At the DOS prompt, type the following command … |
| | I'll second sfbell's assessment. Although it's a relatively common boast in chat rooms, that kind of "I got your IP, now know all about you" drivel [i]is[/i] BS, for just the reasons sfbell explained. |
 | Does this happen regardless of what format of audio file you're trying to play? I know it's obvious, but have you checked all of the places where volume/mixer settings could be adjusted? Sometimes it's just a question of your sound input/output settings getting a glitch and muting itself. |
| | Ok- your log [i]does [/i]show signs of at least two infections; please do the following: Before we start to remove the infection, there is one thing you have to take care of first: [b] C:\Documents and Settings\Lindstrom\Local Settings\Temp\Temporary Directory 3 for hijackthis.zip\HijackThis.exe [/b]The log entry above indicates that you are … |
| | You have a few different "unwanted guests" listed in your log. Please do the following: - Open your Add/Remove Programs control panel and uninstall these programs if they appear in the list of installed programs: My Way/My Search/My Bar Wild Tangent BrowserAid BrowserPal CashToolbar Web Toolbar iSearch If you did … |
| | Open the Event Viewer utility in your Administrative Tools control panel. Look through the Application and System logs for "Error" or "Warning" entries; double-clicking on the entries will open a properties window with more details. If you see any entries whose details look like they might relate to the problem(s) … |
 | 1. "sass.exe" [i]is[/i] a component of a trojan infection, but I see no signs of that particular trojan (or any other "nasties", for that matter) in your log. 2. C:\WINDOWS\system32\[i][b]L[/b][/i]sass.exe is a valid Windows program/process; is that possibly what you saw? 3. Do your antivirus/antispyware programs flag anything malicious/suspicious? 4. … |
| | Re: Win32/.Sober There's a good chance that you may have other infections in addition to the Sober worm. Please do the following so that we can get a "snapshot" of the state of your system: Download the (free) HijackThis utility: [url]http://www.stevewolfonline.com/Downloads/DMR/Spyware%20Tools/HJT/HijackThis.exe[/url] Once downloaded, follow these instructions to install and run the program: … |
| | That HijackThis log looks like it is from a scan done in Safe Mode. If so, we'll need the log generated from a scan done while Windows is booted normally. |
| | We're here when we can be; this [i]is[/i] a volunteer gig, after all. :) 1. Odd log entry here:[QUOTE] Scan saved at AA 12EETING!! 8:06:14 AM, on 1/11/2006[/QUOTE]I'd suggest discouraging your anti-spyware utilities from cross-breeding with your scheduling applications; it isn't usually recommended. ;) 2. I see nothing amiss in … |
| | Can you give us the [i]full[/i] information dispayed in the Blue Screen error please? |
The End.