2,959 Posted Topics
 | [QUOTE]being as I'm new here, and dont know my way about yet, feel free to move this thread if you feel it is in the wrong forum[/QUOTE] No problems in terms of being new to our site whatsoever. However, given the symptoms you've described, I'm moving this thread to our …  |
 | Re: config.sys.error Everyone's config.sys file can vary depending on their exact system configuration. Post the contents of your config.sys file here so that we can see exactly what's going on.  |
| | I hate to say it, but if the crash happened in the middle of the SP2 upgrade, the most reliable thing to do is probably to start the installation process over from the beginning. :( |
| | You've a few nasties alright. :( Before we attack the problem with HijackThis, do the following to get as much of the stuff cleaned up as possible: A) Run a full anti-virus scan, making sure that your anti-virus program is using the most current virus definition updates. Also do the … |
| | [QUOTE=mookie5381]so? how does it look?[/QUOTE] Much Better, but you still have a couple of "unwanted guests". try the following and post a fresh log after that: 1. Have HJT fix the following entries: [b] O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL (file missing) [color=Red](if you didn't purpously uninstall … |
| | Your TCP/IP software may have gotten corrupted. Remove and reinstall the software following the instructions in this Microsoft article: [url]http://support.microsoft.com/kb/q302861/[/url] |
| | [QUOTE=SAZAR]I have KFC monitor with speakers built in, which doesn't seem to work.[/QUOTE] Before digging ino the fairly unlikely possibility that the audio electronics of your monitor aren't working because some overvoltage "crowbar" sort of protection circuitry has kicked in, can you give us more information regarding the whole problem: … |
 | A few things you can try... Go to your Internet Options control panel and have a look at the following settings: - Under the General tab, adjust the setting of the "Days to keep pages in history" option. - In the Security section under the Advanced tab, uncheck the "Empty … |
 | OK- let's start with this: 1. Have HJT fix: [b] R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = [url="http://clearsurfing.net/srch.php?qq=%s"]http://clearsurfing.net/srch.php?qq=%s[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\WINDOWS\System32\qwsxp.dll/sp.html (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://F:\WINDOWS\System32\qwsxp.dll/sp.html (obfuscated) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = …  |
 | [QUOTE=OurNation]Please post the HiJack this log.[/QUOTE] Yes- we'll need your HJT log to start with. Many malicious infections use randomly-generated filenames which can even "morph" their names at times; this is especially true of the variants which require use of the KillBox. Given that, a fix that was posted for … |
| | It sounds like you still have some leftover from dameon Tools which is reserving the E: drive designation for a virtual drive. Do you see any reference to a drive "E:" in My Computer, in the Disk Management utility, or anywhere else in the system? |
| | There are different versions/variants of the Elitebar pest, and if you have an EliteBar infection you may have other "unwanted guests" as well. Please do the following, and we'll show you what to do from there: Download the free "HijackThis" detection and removal tool: [url="http://www.majorgeeks.com/download3155.html"]http://www.majorgeeks.com/download3155.html[/url] Once downloaded, follow these instructions … |
| | 1. Run Live Update now and install all available updates. According to Symantec/Norton, the fix is built in to the latest updates. 2. There's no indication of malicious infections in your HijackThis log, although there is a slightly newer version of HJT available (v 1.99.1). If you would like, you … |
 | " Error #62 - Input past end of file" is a general program error which usually indicates that the program throwing the error (HJT, in this case) has encounted unexpected or incorrect information in the file it is trying to process/access/fix/modify. In the case of text files, the problem is … |
| | Oh, there's a lot more than that going on... [color=Red]!! Please print out these instructions, as you will have to disconnect from the Internet for parts of this procedure.[/color] 1. Download and run [url="http://www.cexx.org/lspfix.htm"]LSPFix[/url]. When LSPFix opens: - put a check in the "I know what I am doing" box. … |
| | The "NetDetect" component of Norton's Live Update feature is probably the source of the DOS pop-up. Check the Live Update-related preferences within your Norton applications to see if there's a setting which allows you to modify the 5-minute auto-run interval. It might also be listed in your Windows Task Scheduler; … |
| | 1. [b]C:\Program Files\Internet Explorer\iexplore.exe [/b] The log entry above indicates that you had at least 1 instance of Internet Explorer running when you ran HijackThis. Before fixing problems with HijackThis, you must make sure to close/quit ALL instances of your web browser! HijackThis cannot fully perform its fixes while browsers … |
| | That could be caused by a number of things; let's see if we can narrow down the possibilities: 1. What version of Windows are you using? 2. Does it exhibit the same problem when you boot into Safe Mode? (you get to the safe mode boot option by hitting the … |
| | [QUOTE=oxyjen]Thank You so much for the info :mrgreen: I apperciate it ... Sincerely Jennifer[/QUOTE] And soooo... where's your HijackThis log? ;) Post it here and we'll tell you what you need to do. |
| | The usual cause of that error (and the solution) is described in the following link: [url]http://www.murraymoffatt.com/software-problem-0009.html[/url] Give that a try and let us know how it goes. |
| | That's a clean log, but that doesn't necessarilly mean you have an entirely clean system. What exact problems prompted you to post the log? |
| | There are no obvious signs of infections in your log. If you can give us some details of the problem(s) you're having, that might help us. |
| | trueblue, I don't see anything obviously "nasty" in your log, but I do notice that you're running a [i]slightly[/i] older version of HijackThis. The latest version is 1.99.1; just be on the safe side, please download that version (link is in my sig below) and post the log it generates. |
| | [QUOTE=olly]Theres more stuff that it says, but hope you get the idea as this is getting a tad to long a post!.[/QUOTE] We'll deal with the long post. :) Please give us as much specific information as possible, including the [i]full and exact[/i] contents of all error messages. The numbers, … |
| | Re: forensics For fairly recently-deleted files, a program like Norton Utilities' Unerase can obviously be of help. For reading/recovering data that was deleted some time ago though, you're probably looking at spending some serious $$ for a professional data-recovery application, because the areas of the disk in which that data was stored … |
| | Re: Agrh!!!! [QUOTE=tiki240]is that what yall needed?[/QUOTE] Yup- but before we proceed we also need you to tell us if you've already run about:Buster, HSRemove, and have followed any of the other suggestions given in the links that dlh6213 provided. If you haven't, please do so now. |
| | OK- you definitely do have problems, but you're using an outdated version of HijackThis. Please download the latest version (1.99.0; the download link is in my sig below), run it, and post the log it generates. |
| | Giving us the exact model # of the Presario and its BIOS make/version/revision would help.  |
 | Also, some (many?) of us moderated on other support forums long before joining the team here. Dani just snuck in to those forums with a canvas sack one dark night and poached us. :mrgreen: |
| | Re: Lost Partitions Just last week I had one of my multi-drive/multi-partition/multi-operating system computers take a serious hit, which ended up totally hosing the partition layout of one of the drives. In my search for a solution I found a free trial verison of a [i]very [/i]cool recovery tool that absolutely and saved … |
| | [QUOTE] Logfile of HijackThis v1.98.2[/QUOTE] You are running a rather old version of HJT. The latest version is 1.99.1, which you can download from the link in my sig below. Please uninstal version 1.98.2 through your Add/Remove Programs control panel, install the new version, and use that from now on. |
| | You [i]should[/i] be able to just blow the Linux partition away using XP's Disk Management utility in your Administrative Tools folder. If not, boot into rescue mode from the Linux install CD and delete the partition with Linux's version of fdisk. If you need more help with that, let us … |
| | Windows 9x has a very limited "process manager". Try downloading the StartupList and Itty Bitty Process Manager from the following site; they should give you a better idea of what's going on: [url]http://www.spywareinfo.com/~merijn/downloads.html[/url] If you have questions about which processes you can eliminate, post the log file that StartupList creates … |
| | First of all, disable McAfee [i]entirely[/i] and see if that changes anything. Let us know what happens and we'll take it from there. |
| | 1. Have HJT fix: [b] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://websearch.drsnsrch.com/sidesearch.cgi?id="]http://websearch.drsnsrch.com/sidesearch.cgi?id=[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://websearch.drsnsrch.com/sidesearch.cgi?id="]http://websearch.drsnsrch.com/sidesearch.cgi?id=[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.comcast.net/"]http://www.comcast.net/[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://websearch.drsnsrch.com/sidesearch.cgi?id="]http://websearch.drsnsrch.com/sidesearch.cgi?id=[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://websearch.drsnsrch.com/sidesearch.cgi?id="]http://websearch.drsnsrch.com/sidesearch.cgi?id=[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.comcast.net/"]http://www.comcast.net/[/url] R0 - HKLM\Software\Microsoft\Internet … |
| | Can you give us the exact model of the device please? Also- what are the exact names of the other files in the Linux folder? That will tell us which module/driver they shipped with the device and help us guide you through the instalation. Get back to us with that …  |
| | Before you delete the files entirely, try scanning with these other 2 AV programs and see if they can heal some of the infected files: Free online scan: [url]http://www.pandasoftware.com/activescan/com/activescan_principal.htm[/url] AVG, a free downloadable Anti-virus program: [url]http://free.grisoft.com/freeweb.php/doc/2/[/url] |
| | Your log is pretty clean. 1. Have Hijackthis fix: [b]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\OOBE\BLANK.HTM[/b] and then delete the "C:\WINDOWS\SYSTEM\OOBE\BLANK.HTM" file. 2. Tell us whatever you can about this Proxy setting: [b] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;Ezekiel;;zechariah;<local>[/b] |
 | Re: Feeling Spooked [QUOTE=Kamex]1. Will SuSE try to make changes to Hard Drive 1, Partition 1 that would cause the Windows bootloader to be unable to start if I run YaST Online Update?[/QUOTE] I'm not sure (I use Redhat for the most part), but an update [i]shouldn't[/i] make any configuration changes to your … |
| | In terms of your log: 1. Verify that the IPs listed in this entry are your correct DNS sserver IPs: O17 - HKLM\System\CCS\Services\Tcpip\..\{BAC5B70D-A401-439E-8F49-A7754842CD27}: NameServer = 69.50.188.180 195.225.176.31 If not, have HJT fix the entry and verify/reset your DNS settings in your network connection's properties page. 2. From the little info … |
| | Re: more problem!!!! 1. Have HijackThis fix: [b] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url="http://www.yaadifzawhkykymcdhdm.biz/Ps4WUjlh6Uwoc8zgjyIEXMUuvIZURXkv53EAggbeO/iv_RxDurSWf83_hEPmrbC3.html"]http://www.yaadifzawhkykymcdhdm.biz...3_hEPmrbC3.html[/url] O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing) O2 - BHO: (no name) - {9260DCB5-BB2E-BD39-6707-EF2059B3B8E9} - C:\PROGRA~1\WMABEN~1\TIMEPING.exe (file missing) O4 - HKLM\..\Run: [SOFTWAREFOURBALLVIEW] C:\Documents and Settings\All Users\Application Data\RULE SURF SOFTWARE FOUR\remoteprogram.exe O18 - Filter: … |
| | Re: IDE / Serial ATA Go into your BIOS' setup and make sure that any setting related to detecting/enabling IDE are turned on. If the motherboard has IDE connectors on it but doesn't see the drive, it's probably just a question enabling some such setting. Also- the IDE drive is jumpered (Master/Slave) correctly, yes? |
| | It could definitely be a sign of malicious infections, and it would be a good idea to eliminate that possibility before trying other avenues of repair. Have a read through the threads in our [url="http://www.daniweb.com/techtalkforums/forum64.html"]Viruses, Spyware, and other Nasties forum[/url] for suggestions about how you can determine if that might … |
| | Your log is comparatively clean. 1. Is it only secure pages on those sites that you can't reach, or can you not even reach the home pages of the sites? 2. Have HJT fix: O2 - BHO: rasmintr - {979518F7-955E-F863-ACBD-D776BD48656B} - C:\WINDOWS\system32\rasmintr.dll O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} … |
| | |
| | - Is this an internal or external drive? - IDE? USB? Firewire? - What are the specifications of the computer you've installed it on? |
| | [QUOTE=knuckleball]i didnt want to just follow what everyoen else was told to do since my config is probly different.[/QUOTE] Good intuition on your part, knuckleball- everyone's config [i]is[/i] slightly different, so everyone's HijackThis logs will differ, as will the procedures they need to use to get things cleaned up. Let's … |
| | Did you try booting into Safe Mode yet as dlh6213 suggested? If not, try that. Let us know if the computer still reboots itself while in Safe Mode. Also, as [i]soon[/i] as you get the shutdown warning message, do the following: Click on your Start button and then click on … |
| | [QUOTE=vonniegirl][color=DarkSlateBlue]Dare I try to defrag in the same way?[/color][/QUOTE] Yes, Defrag can suffer from the same problems as ScanDisk in terms of being interrupted by other running programs. When you run Safe Mode, Windows does not load/start most (if not all) of the third-party programs which can interfere with ScanDisk …  |
| | [QUOTE=kc0arf]Hello, I would be *very* surprised if your present salon would allow you to run with the customer list. That is Intellectual Property of the Salon you are at...[/QUOTE] With salons in particular, that's not always the case. Instead of hiring people to work as staff employees, salons often have … |
The End.