2,959 Posted Topics
 | You definitely have a variant of the "about:blank" family of infections, and possibly one or two other infections as well. We'll need to run a few automated removal tools in order to clean things up most thoroughly. Please do the following: 1. Download and install these three about:blank removal tools …  |
| | I hate to say this, but your HijackThis log looks like the Who's Who of Spyware Celebrities. :eek: Also, you are using an outdated version of HijackThis. Please [url="http://www.stevewolfonline.com/Downloads/DMR/Spyware%20Tools/HJT/HijackThis.exe"]download the latest version[/url] and use that from now on. Once you get the new version of HJT, please go through the … |
| | Re: need help Hi kingdawiyd, welcome to the site. :) You've got quite a few infections in that log, but you need to take care of a couple of things before we can work on it: 1. The formatting of the log you posted has strange line breaks and spacings in it, which … |
| | crunchie is right- your logs show signs of numerous infections. :( In addition to SpyBot and Ad Aware, please download, install, and run the following two utilities; use each program's online update function before running them to make sure you have the most current updates installed. After each utility completes … |
| | One question does beg asking there- why do you not have root access on a machine upon which you are trying to install a rather major piece of software? |
| | You've still got infections, but you need to take care of something first: You've posted a log from a very old version (1.98.2) of HijackThis. Please download [url="http://www.stevewolfonline.com/Downloads/DMR/Spyware%20Tools/HJT/HijackThis.exe"]the current version[/url] (1.99.1) and post the log [i]that[/i] version generates. |
| | Please complete the following steps; they should clean up some of the things that HiajckThis alone isn't going to be able to clean: 1. Run at least two or three of the following online anti-virus/anti-spyware scans and let them fix what they can: [url]http://www.kaspersky.com/scanforvirus.html[/url] [url]http://housecall.trendmicro.com/[/url] [url]http://us.mcafee.com/root/mfs/default.asp?cid=9914[/url] [url]http://www.pandasoftware.com/active...n_principal.htm[/url] [url]http://www.ravantivirus.com/scan/[/url] [url]http://www.bitdefender.com/scan/licence.php[/url] 2. … |
| | [QUOTE=Catweazle]IPerhaps you could try locating and reinstalling a device driver for the Cirrus Logic display card?[/QUOTE]Yes, try that. I've seen exactly what you describe happen even when Device Manager reports that the video card is functioning and the correct driver is in use. Downloading and installing a new copy of … |
| | You've got a bit more than Aurora. :( You need to take care of one thing before we continue: C:\DOCUME~1\me\LOCALS~1\Temp\Rar$EX86.313\HijackThis.exe The log entry above indicates that you are running HJT from within a Temp/Temporary folder ( `C:\Documents and Settings\me\Local Settings\Temp`). Please do the following: Create a folder outside of any … |
| | That alteration to your Display properties is usually the work of the "smitfraud" infection. See if this fixes the problem: 1. Download the following reg file by right-clicking on the link and choosing [b]Save As[/b]. Save this file to your [b]Desktop[/b]. [url="http://www.bleepingcomputer.com/files/reg/smitfraud.reg"][b][color=#ff0000]Smitfraud Fix Reg File[/color][/b][/url] 2. When it is finished … |
 | The basic Hotmail service is web-based only; you have to subscribe (pay) for the feature that lets you access your mail via a POP3 client program. There are a few ""workarounds" to that, but I haven't tried them. More info here: [url="http://www.moztips.com/wiki/index.pcgi?page=ThunderbirdFaq"]http://www.moztips.com/wiki/index.pcgi?page=ThunderbirdFaq[/url] |
| | 1. Although the suggestions in the link below relate to the "HotOffers" infection, I believe they apply to SpecialGoods as well. Try them and let us know the results: [url]http://www.daniweb.com/techtalkforums/post114046-41.html[/url] 2. Once you do the above, run HijackThis again, put a check mark to the left of the following entries, … |
| | Unless you're using a combo broadband modem/router (which the BEFSR41 isn't) the speed capping will be happening in the modem, not the router. However, hacking the modem usually violates the ISP's Terms of Use Agreement; some people who have been caught doing this have been banned from using their ISP's … |
| | Re: help with IE v6 Hi bultoki, 1. The HijackThis log you posted is from a scan done in Safe Mode. The ewido scan should have been Safe Mode, but we need a log from a HijackThis scan that's been done when booted into Windows normally. 2. Getting rid of the "crazywinnings" entry takes a … |
| | Run Find-Qoologic and HijackThis again and post a new log from both. That will llet us know if the items were truly deleted. |
| | 1. Please uninstall WeatherBug and Surf Sidekick through your Add/Remove Programs control panel; both programs have adware/spyware components. 2. Please follow these Aurora removal instructions fully and carefully: You will need to disconnect from the Internet for most of the cleaning procedures, so you should print out the following instructions … |
| | Hi dc3128, Please do the following: Download the (free) HijackThis utility: [url]http://www.stevewolfonline.com/Downloads/DMR/Spyware%20Tools/HJT/HijackThis.exe[/url] Once downloaded, follow these instructions to install and run the program: Create a folder outside of any Temp/Temporary folders for HJT and move it there now. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do. Run … |
| | Hi jaysabz, welcome to the site :) First, please perform the following general cleaning proceedures to get as much of the infections cleaned up automatically as possible: 1. Run at least two or three of the following online anti-virus/anti-spyware scans and let them fix what they can: [url]http://www.kaspersky.com/scanforvirus.html[/url] [url]http://housecall.trendmicro.com/[/url] [url]http://us.mcafee.com/root/mfs/default.asp?cid=9914[/url] … |
| | The "morphing filename" trick is one of the methods that many of the newer infectious variants use to avoid removal. The morphing or respawning of such .exe files is controlled by a hidden .dll file (or files), but the names and locations of those "Mother dlls" also vary. Unfortunately, Ad … |
| | [QUOTE=Zachery]If you don't see an SATA hookup on your motherboard...[/QUOTE]Yeah, the "Deluxe" version of the A7N8X has SATA, but the straight-up A7N8X doesn't. |
| | Re: No CD Restore Online teardown manuals for laptops can often be found online, but it really depends on the make/model. Give us that info and we'll see what we can come up with. |
| | Hi KBrown, welcome to the site. :) The Community Introductions forum is just a casual place for new members say hello, but we don't ask or answer computer-related questions here. Given that, I've moved your post to one of our technical forums so that your question can get some exposure. |
| | Unfortunately, Windows' foreign language support can't do actual translations; it only allows you to view and/or type foreign language characters. :( |
| | Hi plankton314, and welcome :) 1. I would avoid using SpyFerret and NoAdware; both of those programs are of dubious repute. More info on those programs and other rogue/suspect "anti-spyware" programs can be found at [url="http://www.spywarewarrior.com/rogue_anti-spyware.htm"]this site[/url]. In addition to SpyBot and SpySubtract, these are the other most-recommended and respected … |
| | |
| | If the computer was working faster before you reinstalled Windows, and you've changed nothing hardware-wise, it would be likely that the reinstall didn't quite go correctly. - Why did you need to reinstall? - Did you do a fresh, clean reinstall, or did you reinstall on top of the existing … |
| | Hi warrenforty, Just for future reference- HijackThis logs are only to be posted in our Spyware, Viruses, and other nasties forum for use in removing malicious infections. |
| | You have the correct default user name and password, but remote administration via a wireless connection is disabled by default on those routers. You will need to connect to the router directly (via an Ethernet cable) in order to access the setup pages. |
| | Hi chmoke, Please give us more specific information (make/model of router and laptop, version of Windows, etc.); without such info, we really don't have a heck of a lot to work with. |
| | Hi nick123, welcome to the site. :) Also, please go to the front counter to collect your prize- that is the [i]ugliest[/i] log I've seen in days. :mrgreen: Seriously though- you [i]are[/i] pretty infested. Please perform the following general detection and removal proceedures to get some of the nasties cleaned … |
| | Hi Rod, welcome to the site. :) 1. Uninstall WeatherBug via your Add/Remove Programs control panel; WB has adware/spyware components. 2. In addtition to the Houswecall and CA online scans, run these as well: [url]http://www.kaspersky.com/scanforvirus.html[/url] [url]http://us.mcafee.com/root/mfs/default.asp?cid=9914[/url] [url]http://www.pandasoftware.com/active...n_principal.htm[/url] [url]http://www.ravantivirus.com/scan/[/url] [url]http://www.bitdefender.com/scan/licence.php[/url] 3. In addition to Ad Aware and SpyBot, download, install, and … |
| | Re: Nasties! Oh yes, definitely more than a few Gremlins in [i]that[/i] log. :( Although it looks like you've managed to remove some of the ABI/Aurora infection, let's start by going through the "official" fix. It should help to remove some of the other infections that you have as well: You will … |
| | Re: Hijackthis LOG 1. Are you sure that is a [i]full and complete [/i]log from a scan done while Windows was booted normally (not booted into Safe Mode)? It looks pretty "short on content" for a normal XP system running in normal mode. If you did do the HijackThis scan in Safe Mode … |
| | Please do the following: 1. Run at least two or three of the following online anti-virus/anti-spyware scans and let them fix what they can: [url]http://www.kaspersky.com/scanforvirus.html[/url] [url]http://housecall.trendmicro.com/[/url] [url]http://www.pandasoftware.com/active...n_principal.htm[/url] [url]http://www.ravantivirus.com/scan/[/url] [url]http://www.bitdefender.com/scan/licence.php[/url] 2. Download, install, and run the following (free) detection and removal tools (use each program's online update function before running them …  |
| | Hi rockstar_cs_32, First of all- wlecome to the site. :) Can you give us more specific information please? - Which exact version of Windows are you using? - Are you using any firewall or other "Internet security"-type software? - What steps have you already taken to try to fix the … |
 | Re: AOL broadband Because you say that you "live in the middle of nowhere", the first thing you'll have to do is to check the availability of DSL [i]at your particular address[/i]. The usual residential flavor of DSL has a distance limit of about 15,000' - 18,000' from the central office (where the … |
| | Re: hackthis log Please do the following: 1. Download the trial version of Ewido Security Suite from here: [url="http://fileforum.betanews.com/detail/ewido_security_suite/1098736486/1"]http://www.ewido.net/en/download/[/url] Install it, and while installing, under [b]Additional Options[/b], [u]uncheck[/u] [b]Install background guard[/b] and [b]Install scan via context menu[/b]. From the main Ewido screen, click on [b]Update[/b] in the left menu, and then click the … |
| | Re: Help Me Please The symptom you describe is not one that I know to be related to a particular infection, but to see if that's a possiblity, here are some general (and free) detection and removal procedures you can perform: 1. Run at least two or three of the following online anti-virus/anti-spyware scans … |
| | [QUOTE=islandbebie]i'm not sure if this is the right forum to post this in, if not, coul someone please let me know where to go?[/QUOTE]It [i]does[/i] sound like a hardware problem, so I'm moving this to the appropriate forum now... |
| | 1. Sounds like the router has "auto-sensing" ports; you shouldn't have to worry about the crossover issue. I know you said the connection didn't seem as slow when you were using DSL, but just to cover some general bases: 2. [QUOTE]...we have the min 4 wires ran between the buildings … |
| | Moving to the appropriate forum now...  |
| | To begin with, please do the following: Download the (free) HijackThis utility: [url]http://www.stevewolfonline.com/Downloads/DMR/Spyware%20Tools/HJT/HijackThis.exe[/url] Once downloaded, follow these instructions to install and run the program: Create a folder outside of any Temp/Temporary folders for HJT and move it there now. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do. … |
| | [QUOTE=boubakis]I didn't find solution from the other posts. Thank you[/QUOTE]Hi Vaso, welcome to our site. :) To avoid having us suggest procedures that you've already tried, could you please give us more inforamtion on what steps you've already taken? Thanks. |
| | You indicate that you think this to be the work of an external attacker; can you please tell us the specifics that led you to that conclusion? From what you've posted, there is no direct information from which to draw the conclusion that "this guy is in the computer". It's … |
| | |
| | Re: Aurora help [QUOTE=Furanu]i have the annoying aurora popup too and have tried everything...[/QUOTE]Aurora is definitely annoying (and that would be putting it mildly), but judging from your log, it doesn't look like you've gone through the specific Aurora removal process yet. Your log also indicates that you may have other infections, and … |
| | 1. You are running Sygate's Personal Firewall; which is the most likely culprit in terms of SpwareBlaster's conneciton problem. Disable the firewall [i]completely[/i] and try SpywareBlaster again. If it connects, you'l have to manually configure Sygate to allow SpywareBlaster to connect. 2. The following entry in your log indicates that … |
| | |
| | Hi Marcus763, First of all- welcome to our site. :) You definitely have a variant of the "about:blank" family of infections, and possibly one or two other infections as well. We'll need to run a few automated removal tools in order to clean things up most thoroughly. Please do the … |
| |
The End.