I have been running two HP printers (one colour, 1 B&W, which could be selected by a switch console.)
If you're talking about an external switch box here, what's probably going on is that when you switch from the Epson to the HP with the switch, you aren't also changing your selected printer from the Epson to the HP in your (software) printer setup. That is, you're physically printing to the HP, but still using the Epson driver. If that's the case, the reason the two HP printers worked together was that whatever HP driver you were using was compatible with both HP printers.
- Have you verified that your Internet connection to your ISP is functioning? Try these steps and see what you get; tell us what happens for each step:
1. Open a DOS box and type the following commands (in order) at the prompt:
We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.
Please start your own thread and post your question there.
For a full description of our posting guidelines and general rules of conduct, please see this page:
Download and run the anti-spyware programs after the virus scan. Anti-virus programs won't be much help in detecting and removing spyware.
In terms of the "error 82", what program are you trying to install? It sounds like a permissions problem- if you are trying to install the program while logged in as a normal user, log in under an Administrator account instead and try from there.
We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.
Please start your own thread and post your question there. When you do, please try to give us as much specific info as possible regarding the problem (exact error messages, system specs, etc.).
For a full description of our posting guidelines and general rules of conduct, please see this page:
Quite possibly, yes. I would definitely takes Catweazle's suggestion and check out Ad Aware, SpyBot, and similar "malware" removal programs- you might be surprised at what they turn up. If you do find malware on your system and have questions concerning that, please start a thread in our Security forum, as that's where we deal with issues.
Tell us this- does the behaviour occur under any user account (including Administrator/Owner accounts), or does it only occur when logged in under a certain account?
To keep it that way, make sure to stay current with the lastest critical fixes from Microsoft by using Windows Update, and always make sure to check for the latest updates for your anti-virus and anti-spyware utilities as well. Use the automatic update feature of those programs if available.
when I wanted to delete an Idex.dat file under the andministator folder in save mode, I got the message that it could not be deleted because it was used by another user or program
Sorry about that- forgot to mention that if there's an index.dat file in the main, top-level folder you're deleting items from, it won't let you delete that file (which is OK). It was index.dat or desktop.ini files in any subfolders of the main folder that I was talking about.
We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.
Please start your own thread and post your question there. When you do, please try to give us as much specific info as possible regarding the problem (exact error messages, system specs, etc.). In your particular case, you should also describe the pattern of the beeps. For example: 2 short beeps-1 long beep- 3 short beeps- 2 long beeps- etc.-etc.
For a full description of our posting guidelines and general rules of conduct, please see this page:
We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.
Please start your own thread and post your question there. When you do, please try to give us as much specific info as possible regarding the problem (exact error messages, system specs, etc.).
For a full description of our posting guidelines and general rules of conduct, please see this page:
3. Delete the contents of all Cookie, Temp, and Temporary Internet Files folders, and then empty the Recycle Bin. Reboot into safe mode after that.
4. Once in safe mode, open Windows Explorer. Go to the Tools menu and select Folder Options. In the Advanced section under the View tab, check "show hidden files and folders"; uncheck "hide extentions for known filetypes" and …
Umm... I just noticed that your log doesn't show any anti-virus programs running. You need to get yourself over to either Trend Micro or Panda Software and run the (free) online virus scan they offer before we go any further. You also need to get and install an anti-virus package that will constantly monitor and protect your system. AVG has a free version; you can also look at products from Symantec (Norton) and McAfee.
Do you know what program this file relates to; it looks suspicious to me? The only info I could find on it is in languages which I don't speak or read: C:\WINDOWS\System32\ethernet32m.exe
And this one as well: O4 - HKLM\..\Run: [pmh] C:\WINDOWS\pmh.exe
The above indicates infection by a version of the CoolWebSearch trojan. You need to download and run CWShredder (from the same site that you got HJT); it will attempt to fix CWS infections.
Are you sure you're running full anti-virus and spyware scans with the most current updates to the programs? If so, I'd think your utilities should have caught much of this.
Also, there are still Incredimail references; did you at least try to delete it through you Add/Remove Programs control panel yet?
OK- some of the really evil malware programs hide multiple copies of pieces of themselves on your system, and will be able to "repair" themselves if every single bit of them isn't surgically removed. Let me do a little research and get back to you in a few hours.
The above seems to indicate that you still had IE running when you ran HJT- you need to totally quit/close your web browser or else HJT won't be able to fully perform its function.
After closing your browser, run HJT again and have it fix:
You will need to reboot into safe mode and find and delete mxTarget.dll, bcwcuj.exe, and log.dll. Don't use Windows Explorer's search function to find these files, but instead:
In Windows Explorer, go to your Tools menu and select Folder Options. In the Advanced section under the View tab, check "show hidden files and folders"; uncheck "hide extentions for known filetypes" and "hide protected oprating system files". Click OK.
After that, manually navigate to the Windows and Windows\System folders to look for the files you need to delete. For files with seemingly gibberish-looking names such as the "bcwcuj.exe" file, it can often be helpful to sort files by date/time instead of filename. Many malicious programs create multiple files with randon and obscure names; if you see a pile of these that, judging from their date stamp, all got installed exactly (or almost exactly) at the same time, you should be suspicious of all of them.
I also deleted my temporary internet files, and cookies, but I'm not sure, that they were deleted properly, because, it didn't take …
The above (as well as other entries in your log) indicates that you're still infected with viruses/trojans. For example, have a look at the description of the family of trojans/worms responsible for the "sndcfg.exe" entry:
Are you absolutely sure you had the lastest virus definition updates when you ran Norton? If not:
- Use Norton's LiveUpdate feature to get the program updated.
- Download Ad Aware, Spybot, and CWShredder (links to the utilities are in my sig). Again- make sure you get the latest versions/updates.
- Unplug your computer's Internet connection! The family of trojans described in the link above will just "phone home" and reinstall themselves if they aren't completely removed.
- Empty all Temp and Temporary Internet Files folders, delete all Cookies, and empty your recycle bin.
- Run CWShredder; it will attempt to fix any CoolWebSearch infections it finds.
- Open Ad Aware and configure it as follows:
Click the “use custom scanning options, and then click “Customize
- In Settings, under 'scanning' - have it set to: 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.'
- In 'tweaks':
Under 'scanning engine', set it to: 'unload recognized processes during scanning.' Under 'cleaning engine', set it to: 'Automatically try to unregister …
More on this later (it's dinner time in my end of the world), but Incredimail has not only a questionable history of what it does with the data it collects as you use the service and who they are affiliated with, but the program also has a history of causing bugs/crashes/conflicts such as you describe. Permanent and complete removal of the beast also seems to be somewhat difficult; I'll get back to you tomorrow with more info.
C) Reboot into safe mode and delete: -> C:\WINDOWS\System32\zwsixdcx.exe -> C:\WINDOWS\System32\xxncwcsg.exe -> Any remaining Incredimail files/folders if they exist (Note that you should have Windows Explorer's view options set to view all hidden and system files when you do this)
D) Delete all cookies and the contents of all Temp/Temporary Internet and browser cache folders, empty your Recycle Bin, and reboot.
E) That might not have gotten everything, so post a fresh HJT log after doing the above.
We do ask that members not tag their questions on to a thread previously started by another member (regardless of how similar you problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.
Please start your own thread and post your question there. When you do, please try to give us as much specific info as possible regarding the problem (exact error messages, system specs, etc.).
Are there any error messages in your event logs which might shed some light? You can review the logs by using the Event Viewer in your Administrative Tools folder.
If you can think of anything more specific about what you did that would help.
When you say that you "put the computer back together", do you mean that you just reconnected all the peripheral components (monitor, mouse, keyboard, etc.), or did you add/change remove any internal hardware components or software in the process?
If the puter exhibits the same behaviour with two different monitors, it probably isn't the monitor.
Sounds like you've still got some nasties in there. Can you still get online? If so, download the latest virus definition updates for your anti-virus program and run a full system scan. Also download SpyBot (link in my sig below); SpyBot is very similar to Ad Aware, and it's always a good idea to run both programs consecutively when removing spyware. Let us know what happens after you do the above.
SaMBa is the open-source implementation of the SMB/CIFS file and print sharing protocol. It is a separate program, not part of the OS itself; you'll have to install it yourself, but depending on the way you installed RH the Samba packages might already be installed as well. You can check to see if the Samba RPM has been installed with the following command:
rpm -q samba
* Note that for in order get the tightest integration with a Win 2K AD domain, you'll want to use the latest (stable) release, which is v3.0.4. The version available on your RH8 disks will be older.
A thorough step-by-step walkthrough of Samba might be a bit lengthy to post here- there are many different options which you configue in Samba. You might want to read through a few online resources, see how far you can get using those, and then post here with specific questions:
What file formats? What version of Windows? The more specifics you can give us about your configuration and the problem you're having, the faster we'll be able to help.
Looks like we were posting at the same time. Your log does show that you've got "unwanted guests" in your system, so run Ad Aware and SpyBot as I indicated above; let them fix everything they find.
Also- I believe the "Search-For-You" crap is associated with some version of the Cool Web Search trojan. You should download and run CWShredder (again, link is in my sig) to try to remove the stuff.
Once you've run the utilities, delete all of your browser cookies and all Temp/Temporary Internet files (including "offline content"), empty your trash, and reboot.
After you've done the above, post a fresh HJT log and we'll take it from there.
OK, you're right- that dll does seem to be associated with a couple of trojans.
Trend Micro's report on one of those trojan variants indicates that it is often installed by another malicious program, so you should check your system thoroughly, making sure you have the absolute latest virus definition updates installed in your anti-virus program. You should also download and run Ad Aware and SpyBot if you haven't already; links to those utilities are in my sig below. Before running Ad Aware, configure it as follows:
Click the “use custom scanning options, and then click “Customize
- In Settings, under 'scanning' - have it set to: 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.'
- In 'tweaks':
under 'scanning engine', set it to: 'unload recognized processes during scanning.' under 'cleaning engine', set it to: 'Automatically try to unregister objects prior to deletion' & 'let Windows remove files in use at next reboot.'
- Select 'activate in-depth scan' before starting scan.
Yes, the file is a component of a malicious program. You must have managed to eliminate the file itself, but not all Registry entries related to the file.
In my sig below is a link to a program called HijackThis, which can detect and remove certain "nasties" from your system. Create a folder such as C:\HijackThis and download the program into that folder. Once done, quit any other programs you have open and run HJT. Just have it scan your system- do not have it fix anything yet! When the scan is done the program will create a log file of what it detected. Save that file in a convenient location, open the file in NotePad, and cut-n-paste the contents of the file here so that we can analyze the results.
That's a 'hidden' partition, created by the system manufacturer for the storage of utilities which operate at the system level.
Yup, that's exactly what it is. Specifically, it's an HP utility/diagnostics partition; as CW said, don't sweat it. (Any of the diagnostic tools in that partition can be downloaded from HP's support site in the very unlikely event that you would ever need them.)
I guess if someone shows up with just a grunt, all you can do is wait and see if there's any more noise that may emanate from them :D
lol. Come on now Terry- try to be nice to the new members.. ;)
HCatzeyez,
What CW is saying, in his own inimitable way, is that we would be able to give you a much quicker solution if you gave us a heck of a lot more to go on. You've given us only the name of the offending dll, but no background whatsoever regarding the problem, when it started to occur, or any other helpful specifics.
However, the upshot is this:
w3knet.dll is a component of the Web3000 spyware program. The fact you're getting the rundll error most likely (and hopefully) means that you've removed the program itself, but an "orphaned" entry for it still exists in your Windows Registry. More info on the Web3000 pest and instructions for removing it can be found here:
I'm just trying to figure out: a) could it be just loose connectors or a broken pin somewhere; b) should I shell out the $$$ to take this to a "professional" repair place; c) or how can I find out what is broken so I can simply go buy a new mobo or processor or whatever (I just don't want to buy more than necessary to fix it)
A) Yes, it definitely could be that a connection got broken or bent- recheck your cables and connections again very carefully.
B) Remove any components that aren't absolutely needed for the system to boot (network card, sound card, all but one stick of RAM, etc.). If that alows the machine to boot, replace the components one at a time until you find the one that's faulty.
C) Unfortunately, the impact could have created a fracture somewhere on your mobo, and that could be hard to pinpoint. If your comfortable with the process, remove the mobo and examine both sides of it carefully with a magnifying glass.
The second partition is a FAT, while the primary is a FAT32.
There's something about this that's stuck in the back of my brain, but I can't quite put my finger on it- how large is the second (FAT) partition, and is it a Primary or Logical partition?
The reason I belive that it is this trojan is because, Ad Aware succeded in deleting a dmid32.dll file... So I searced google and learned that that file is pressent in the windows system...
Are you sure you spelled the name of the file correctly in your post? I get no results at all when I Google for dmid32.dll.
Further more my Norton keeps popping up with an error thar there is at trojan on the pc, but it can't remove it, not even in safe mode.
Does Norton tell you the exact name of the trojan? If so, let us know what it is.
In terms of the error about the dll being missing, that's most likely a result of Ad Aware having deleted the file but there still being a reference to the file in your Registry. In my signature below there is a link to the HijackThis utility. Create a C:\HijackThis folder on your computer, download HJT into this folder, and run the program (close all other programs before doing so).
At this point, have HJT only perform a scan; do not have it fix anything yet! Save the log file it generates in a convenient location, open the log in Window's Notepad, and cut-n-paste the contents of the log here.
The POP-before-SMTP authentication scheme usually has a time limit associated with it. If you haven't authenticated to the POP server (by checking your mail) within the specified timeout window, you may get the 550 error. The next time it happens, try checking your mail first and then resend the message.
This may sound kinda silly, but just to make sure the netgear isn't the issue, if you remove it from the loop, and just plug in your pc to your cable modem (or DSL, or whatever), can you get to Hotmail again?
Not silly at all; a good idea actually. Just be sure to power down the modem when you do so; the modem may need to acquire the MAC address of the computer in order for your ISP to validate your logon.
I was just thinking that setting up a dedicated *NIX computer to act as the router could be a bit more than the average home user might want to delve into considering the fact that there are "off the shelf" devices that can provide the same basic functionality.
...and I am starting to forget everytime I use a new command.
I know what you mean- it gets difficult to keep it all straight in your mind. I started my computer life in "DOS Land" (no Windows back in those days). I was down with all of the DOS commands and switches/options, but after years of also dealing with Linux systems, I often find myself trying to do something silly like "lsmod" or "ifconfig" from within a DOS window...
"It gives an error message something to do with not enough memory. To me that's silly."
Although a bit of a long shot, and I haven't done extensive Mac work in a while- I do recall instances of "out of memory" issues which were not caused by applications themselves, but rather by the extenstions the apps used.
