Posts by DMR

Apparently, there is no Flash Recovery capability with this motherboard, so the computer was hung up trying to execute an impossibility.

Odd- if that's the case, I wonder why/how they even had the option available...

In any event, I'm glad you got it straightened out without any harm done to the machine. :)

Squeaky Clean :)

Hi sonia_555; welcome to DaniWeb :)

There are two things you need to take of before we dive into your log:

1. C:\DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 3 for hijackthis.zip\HijackThis.exe

The log entry above indicates that you are running HijackThis from within a Temp/Temporary folder. Please do the following:

Create a folder for HJT outside of any Temp/Temporary folders and move the HijackThis.exe file to that folder now. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do.

One of the normal steps in eliminating malicious programs is to entirely delete the contents of all Temp folders. Given that, if HijackThis (and other data that you care about) is living in those Temp folders, it will be erased along with everything else!
Temp/Temporary folders are just that- Temporary. They are not meant for permanent storage, as their contents are often delete in the course of troubleshooting, by running disk clean-up utilities, etc.

2. The HijackThis log you posted does indicate that you have a couple of infections (which we can help you remove), but what you posted isn't the full contents of your log. Tthere is some important header information missing from the beginning of the log; you can compare yours with some of the other logs that have been posted to see what I mean.

Please move HJT to a proper folder, run another scan, and post the entire contents of the new log.

Just thought Id use this as i have a similar problem with only 1 bay.

Hi Gawnio,

We actually ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.

Please start your own thread and post your question there. When you do, please try to give us as much specific info as possible regarding the problem (exact error messages, system specs, etc.).

For a full description of our posting guidelines and general rules of conduct, please see this page:

http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_policies

Thanks for understanding.

Swapping monitors with another computer will give you the definitive word on where the problem lies. If the monitor from the newly-built computer doesn't work on the second computer, but the second monitor does work on the newly-built computer, chances are pretty damn good that the monitor is duff.

Doesn't sound good; 3 hours is much too long for a flash upgrade.
Before you try anything, please tell us the make/model of the computer and the BIOS (including revision # if possible).

Please give us more details, such as:

- The version(s) of Windows the machines are running.
- The specific IP addressing scheme(s) you're using, including netmasks, gateway addresses, etc.
- Whether you're using a hub, router, or switch to connect the client machines to the server.
- Can the machines on the LAN communicate with each other (can you at least ping each machine from the others)?
- Did the configuration ever work, or is this the first time you're trying to set it up?

Due to the fact that the member who originally started this thread has not responded in quite a long time, this thread is considered abandoned and has been closed.

In accordance with our posting rules, other members having similar problems should start their own threads and post their questions there. In order to help us help you most quickly, please include as much information about your problem as possible in your posts.

If the member who originally started this thread wishes to have the thread reopened, please send your request, including a link to this thread, to one of our moderators via email or Private Message.

Thank you.

Right then; does everything still seem to be working without problems?

i didn't like the look of... skynetave.exe...

And you shouldn't have liked the look of it- skynetave.exe is the executable file of a variant of the Sasser worm. :(

There may be other infections present on you system as well which aren't being reported by HijackThis; please do the following:

A) Visit at least two of the following sites for an online virus scan:

BitDefender Free Online Virus Scan
http://www.bitdefender.com/scan/licence.php
Make sure you tick AutoClean under Scan Options.

Panda ActiveScan
http://www.pandasoftware.com/active...n_principal.htm
Make sure you tick Disinfect automatically under Scan Options.

Housecall at TrendMicro
http://housecall60.trendmicro.com/e...orp.asp?id=scan
Make sure you tick Auto Clean.

eTrust Antivirus Web Scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

Also run this online trojan scanner

TrojanScan

B) You will need to close/quit all web browser programs and disconnect from the Internet for much of the following, so you should print out these instructions or save them into a text file with Notepad.

> Download and install the following utilities:

CCleaner - www.ccleaner.com
Webroot Spy Sweeper (14 day free trial) - http://www.webroot.com/shoppingcart...4011&vcode=DT02
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
ewido Anti-malware (14 day free trial) - http://www.ewido.net/en/download/

- Open Spy Sweeper, click on "Options", and then click on "Update Definitions" under the Program Options tab. Do not run a scan yet; just close the program once the update completes.

…

All seems to be good- you said your last run of the utilities found no infections, and your HijackThis log is clean. :)

is there anything I should restore (i.e. checking/unchecking certain properties)

You'll probably want to reset the Explorer options which revealed the hidden files and folders.

should I uninstall the anti-spyware tools I downloaded? Are there any you suggest keeping?

* Uninstall Webroot SpySweeper, as it will stop working entirely after the 14 day trial period expires.
* Keep MS Antispyware installed; it provides good "real-time" protection for your system.
* I'd keep ediwo also; it's a very good anti-spyware program. Although its automatic update and auto-protect features will expire after the trial period, the main program can still be used to scan and clean your system; you'll just need to update it manually before scanning.
* I'd keep CCleaner as well; it's a good idea to run a program like that every once in a while just to clean out old/unused files that accumulate over time.

I'll hold off on the Wombat for the moment, because we probably aren't quite done yet; you had at least one other infection aside from the Look2Me parasite. However, I've been looking (here in the US) for a stuffed Wombat for years without luck, sooooo... once we get your system entirely disinfected, I seriously might take you up on your offer. :cheesy:

Please run HijackThis again, post the new log, and we'll start the final roung of cleanup.

That isn't a complete log; it should contain much more information than that. Please double-check the log file and make sure you posted the entire contents.

I can't find the things I'm supposed to check in Explorer... I open a browser...

It sounds like you're making a common mistake- you need to go to the "Tools" menu in Windows Explorer, not Internet Explorer. In your Start menu, go to Programs->Accessories; you should find a shortcut to Windows Explorer there.

Do I do this in safe mode??

Yes, that's a good idea. CCleaner should be able to do a more thorough job of deleting Temp files if you run it in Safe Mode.

Great; glad you found the right way to put the WiFi puzzle pieces together. :)

I got a cmd.exe error, that it can't load something...

Ok- that does happen sometimes; here's the "canned answer" for that situation:

If you receive an error while running option #1 like: ''C:\windows\system32\cmd.exe
C:\windows\system32\autoexec.nt the system file is not suitable for running ms-dos and microsoft windows applications, choose close to terminate the application.."...then do one of the following:

* Click on the l2mfix.bat again and choose option # 5 for Fix Autoexec.nt/cmd.exe error.
* Alternatively, you can click the fixautont.html link in the l2mfix folder and follow the directions there to fix it manually.
* After you have performed the procedures to fix the error, repeat the steps above to run option #1 for Run Find Log. Post the contents of the log here.

Your HijackThis log is clean, and Spy Sweeper and ewido were able to delete the malicious items they found; that's all good. Since the file that was originally flagged by Norton as being infected lived in a Temp folder inside your Local Settings folder, we should still have CCleaner flush out those folders.

You couldn't find the Local Settings folders because they are normally hidden, and I forgot to post instructions for making them visible. :o

Try this:

* Open Windows Explorer, and in the Folder Options->View settings under the Tools menu; check "Show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types". Close Explorer after that.

* Open CCleaner.
- Go to Options-> Advanced: Uncheck "Only delete files in Windows Temp folders older than 48 hours"
- Go to Options>CustomFolders>Add Folder>Navigate to these folders (click on bold file once and hit OK) :
* C:\Windows\Temp
* C:\Windows\Prefetch
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ (This will delete all your cached internet content including cookies.)
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp
* C:\Documents and Settings\<any other user's Profile>\Local Settings\Temporary Internet Files
* C:\Documents and Settings\<Any other user's Profile>\Local Settings\Temp
* C:\Documents and Settings\<Your Profile>\Cookies
* C:\Documents and Settings\<Any other users Profile>\Cookies
Hit OK

- In left pane, scroll down to "Advanced, Custom Folders", put a check in Custom Folders

- Click on Run …

I did everythin you told me to do apart from download the virus protection which i will do tomorrow, hopefully i did them right, if it look's like i did somethin wrong just say and i'll start again.

Looks good, although I would like to have seen the ewido log. I'm not sure what happened with the cut-n-paste problem there, but it's no biggie.
Get the anti-virus on there as soon as possible, though!

There are two "loose ends" in your HijackThis log that should be fixed. Run HJT again, put a check mark in the box to the left of the following entries, and then click the "Fix checked" button. Close HJT once it completes the fixes:

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

What do i do next and do i keep all this stuff i downloaded to my computer?

* Uninstall Webroot SpySweeper, as it will stop working entirely after the 14 day trial period expires.
* Keep MS Antispyware installed; it provides pretty good "real-time" protection for your system.
* I'd keep ediwo also; it's a very good anti-spyware program. Although its automatic update and auto-protect features will expire after the trial period, the main program can still be used to scan and clean your system; you'll just need to update it manually before scanning.
* I'd keep CCleaner as well; it's a good idea to run a program like that every once …

You definitely have a nest of infections there, a couple of which will need special attention. Please do the following to see how much of the rest we can clean up:

1. Download and install the following (free) utilities:

CCleaner - www.ccleaner.com
Webroot Spy Sweeper (14 day free trial) - http://www.webroot.com/shoppingcart...4011&vcode=DT02
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
ewido Anti-malware (trial version) - http://www.ewido.net/en/download/

- Open Spy Sweeper, click on "Options", and then click on "Update Definitions" under the Program Options tab. Do not run a scan yet; just close the program once the update completes.

- Open ewido. In the main screen, click "Update" and click "Start Update". After the update process completes, exit from Ewido.

- Open MS Antispyware beta. Make sure the "AntiSpyware Autoupdater" feature is enabled, and that it has downloaded the most current antispyware updates. Close the program after you've verified this.

- Open your antivirus program and use its online update function to make sure that it has the most current virus definitions installed. Again- don't scan yet, just close the program once it's updated.

2. Run HijackThis again, put a check in boxes to the left of the following log entries, and then click the "Fix Checked" button:

O4 - HKLM\..\Run: [myupdates] c:\windows\myupdates.exe
O4 - HKLM\..\RunServices: [freexstyle] lockbr.exe
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O20 …

Wow thankyou soo much for ya help, i'll do all this tonight when i've got time and give you an update!!

You're welcome; post the results when you can and we'll take it from there.

i will defo be recomendin this site to everyone!!!

Uh-oh! More HijackThis logs to digest.... joy. [img]http://www.stevewolfonline.com/Downloads/DMR/Visuals/eek3.gif[/img]

1. Please don't post "reminders" here or send me emails/private messages to let me know that you've responded to the thread. I'm automatically notified by the site when a thread I'm working on gets a response, and I will get to that thread when I can.

2. Close all open programs, as this next step requires a reboot. You also need to be totally isolated from the Internet; physically unplug the network/Internet cable from your computer.

From the l2mfix folder on your desktop, double click l2mfix.bat and select option #2 for Run Fix by typing 2 and then pressing enter. It will process then start. Your desktop and icons will disappear (this is normal). L2mfix will continue to scan your computer and when it's finished, it will be ready for a reboot. Press any key to reboot.

After the reboot, notepad will open with a log. Copy the contents of that log and paste it back into this thread (after restoring your Internet connection, of course). Also run HijackThis again and post the new log.

Other than the following IE settings (which you can have HJT fix) pointing to a MyWay-sponsored Dell page, I see no signs of MyWay components in your log:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com//0seenus/saos01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway

Are you trying to say that the MyWay entry is "stuck" in the list of installed applications in your Add/Remove Programs control panel? If so, this page tells you how to remove such entries.

One question before we do anything else: did you re-enable the items you disabled with msconfig before running your HijackThis scan? If not, please re-enable the items and post a new log so that the log will report on those items.

Are you absolutely sure that the load of XP that you installed is legal?

Your log definitely shows signs of a few different, separate infections, but the following info in your HJT log's header also shows that you are running a totally "virgin" version of Windows XP (no Service Packs, Security/Bug Fixes, etc. appear have been installed):

Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

If you are running such an outdated, unpatched version of Windows, your system will almost certainly get reinfected in no time. Before doing anything else, you need to use the Windows Update feature to bring your system up to a fully-patched version of Service Pack 1 (note that upgrading to Service Pack 2 on an infected system is not recommended!). Once you've done that, the info in your log's header should read as follows:

Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Do the above and then run HJT again and post the new log.

Removing all pieces of that infection seems to be a bit of a pain; please do the following:

1. Disable System Restore.

2. Download and install the following (free) utilities:

CCleaner - www.ccleaner.com
Webroot Spy Sweeper (14 day free trial) - http://www.webroot.com/shoppingcart...4011&vcode=DT02
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
ewido Anti-malware (trial version) - http://www.ewido.net/en/download/

- Open Spy Sweeper, click on "Options", and then click on "Update Definitions" under the Program Options tab. Do not run a scan yet; just close the program once the update completes.

- Open ewido. In the main screen, click "Update" and click "Start Update". After the update process completes, exit from Ewido.

- Open MS Antispyware beta. Make sure the "AntiSpyware Autoupdater" feature is enabled, and that it has downloaded the most current antispyware updates. Close the program after you've verified this.

- Open your antivirus program and use its online update function to make sure that it has the most current virus definitions installed. Again- don't scan yet, just close the program once it's updated.

3. Download the HijackThis utility. Once downloaded, create a folder for HJT outside of any Temp/Temporary folders and move/extract HijackThis.exe to that folder now. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do. Do not actually run the program yet.

4. Reboot into safe mode (you get to the safe …

This time I used a newer version of hijackthis to get the log file, so the extra files you were looking for are now there at the bottom of the log file if Im not mistaken. ...Maybe this will help you see something I cannot...

Good job; I missed the fact that your first log was from an outdated version.

Your new log does show signs of infections; please do the following:

Download the L2MFix utility from one of these two locations:

http://www.atribune.org/downloads/l2mfix.exe
http://www.downloads.subratam.org/l2mfix.exe

* Save the file to your desktop and double click l2mfix.exe.
* Click the Install button to extract the files and follow the prompts.
* Open the newly added l2mfix folder on your desktop.
* Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing Enter.

This will scan your computer and it may appear nothing is happening. After a minute or two, notepad will open with a log. Copy the contents of that log and paste it into this thread.

IMPORTANT: Do NOT run option #2 or any other files in the l2mfix folder until you are asked to do so!

OK- There are actually no indications of malicious infections in your HJT log, although that's not necessarilly an indication that your system is infection-free.

1. In terms of antivirus software, I'd recommend downlaoding and installing AVG Anti-Virus; the program is very good, is updated very regularly, and it doesn't put anywhere near as much of a load on your system as does Norton or McAfee. The version of AVG that I linked to is totally free for personal use.

2. In terms of spyware detection and removal, Ad Aware and SpyBot unfortunately really just aren't keeping up with many of the nastier infections out there right now, but there are alternatives.
If possible, try these general detection and removal procedures and let us know the results:

A) Please visit at least two of the following sites for an online virus scan:

BitDefender Free Online Virus Scan
http://www.bitdefender.com/scan/licence.php
Make sure you tick AutoClean under Scan Options.

Panda ActiveScan
http://www.pandasoftware.com/active...n_principal.htm
Make sure you tick Disinfect automatically under Scan Options.

Housecall at TrendMicro
http://housecall60.trendmicro.com/e...orp.asp?id=scan
Make sure you tick Auto Clean.

eTrust Antivirus Web Scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

Also run this online trojan scanner

TrojanScan

B) You will need to close/quit all web browser programs and disconnect from the Internet for much of the following, so you should print out these instructions or save them …

Damnspyware,

The log you posted definitely shows signs of infections, but it also looks like you may not have posted the complete log. On Windows 2000 and XP systems, a HijackThis log usually contains a section of "023 - Service:" listings after the " O21 - SSODL:" entries. Please double-check that you posted the full log before proceeding with any other suggestions.

Does the task manager give you the exe of the culprite? Just look for the file with the high cpu usage. You may then be able to find and delete the file or disable it in start up.

shortLived,

High CPU or memory usage is not a definitive indication of an infected file, and disabling or deleting files simply based on those criteria may very well disable/cripple legit programs and/or critical Windows processes.
We definitely do appreciate new members who are eager to help out here, but if you do offer help, you need to be very careful with the advice you give. In the future, please make sure that your suggestions are correct, and that any instructions you give are thorough and succinct.

Thanks for understanding.

Hi Nicki, welcome to DaniWeb :)

We can probably get your system cleaned up without a reinstall or costly repair shop fees; to start with, please do the following:

Download the (free) HijackThis utility:

Once downloaded, follow these instructions to install and run the program:

Create a folder for HJT outside of any Temp/Temporary folders and move/extract HijackThis to that folder now. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do.

Run HijackThis, but do not have HJT fix anything yet; only have it scan your system! Once the scan is complete, the "Scan" button will turn into an option to "Save log...".
Save the log in the folder you created for HijackThis; the saved file will be named "hijackthis.log". Open the log file with Windows Notepad, and cut-n-paste the entire contents of the Notepad file here.

The log contents will tell us a lot about what "nasties" have crept into your system, and once we analyse the log we can tell you what to do from there.

I removed all the viruses and such...

But unfortunately, your HijackThis log doesn't seem to agree with you. :eek: (You actually have signs of a few different infections)

Before we begin the actual cleaning process:

C:\DOCUME~1\ANNMAR~1\LOCALS~1\Temp\Rar$EX00.875\HijackThis.exe

The log entry above indicates that you are running HijackThis from within a Temp/Temporary folder. Please do the following:

Create a folder for HJT outside of any Temp/Temporary folders and move the HijackThis.exe file to that folder now. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do.

One of the normal steps in eliminating malicious programs is to entirely delete the contents of all Temp folders. Given that, if HijackThis (and other data that you care about) is living in those Temp folders, it will be erased along with everything else!
Temp/Temporary folders are just that- Temporary. They are not meant for permanent storage, as their contents are often delete in the course of troubleshooting, by running disk clean-up utilities, etc.
--------------------------------------------------------------------------------------
After taking care of the above issue, please do the following:

1. Open your Add/Remove Programs control panel and uninstall these programs if you find them listed there:

SpyRemover
SideFind

2. Download and install the following (free) utilities:

CCleaner - www.ccleaner.com
Webroot Spy Sweeper (14 day free trial) - http://www.webroot.com/shoppingcart...4011&vcode=DT02
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
ewido Anti-malware (trial version) - http://www.ewido.net/en/download/

- Open Spy Sweeper, …

1. I see no signs in your HJT log of the files usually associated with the trojan.downloader.slvr infection; please give us the exact name and location of the file that AVG keeps finding.

2. This entry in your HJT log's list of running processes is very abnormal: C:\HijackThis\StubInstaller.exe; it should read: C:\HijackThis\HijackThis.exe

Did you download the HijackThis utility from the link I gave you, or did you download it from another location?

Even though the "Use XP Zero Config" option is selected, after I open the Zero config once and try to connect, or open the Linksys tool and try to connect, I can't use Zero Config again. It tells me it's not set as the network connection manager or whatever - even though I just used it.

Yup- exactly the conflicts I've run across. What makes things more frustrating is that there isn't one "right" way to configure WiFi cards. The instructions for some wireless devices explicitly say not to let Wireless Zero configure the card, while others say that you should let WZ configure the card; some devices are supposed to be connected to the computer before installing the associated software, while other cards have it the other way around. Go figure... [img]http://www.stevewolfonline.com/Downloads/DMR/Visuals/dunno.gif[/img]

Ah, ok. By default the Linksys config tool has "Use XP Zero Config" Enabled. I guess I should disable that and do my fiddling. If that doesn't work, I suppose for safe measure, I could leave it enabled, configure them both the same way, then disable the Zero Config option to try and cement it in the proper configuration.

Sounds like you've got the idea; those are the kinds of dances I've had to go through to resolve the problems when I've encountered them.

...So I configured it for wep and mac filtering,...The laptop couldn't connect, it was stuck in a cycle of "Acquiring Network address" ... I reset and cycled the router, left it on factory settings... Now the laptop has wireless working too.

That was probably due to enabling WEP; I've had the same thing happen with Linksys WiFi setups I've configured. Sometimes you have to "experiment" with the Wireless DHCP and WEP configuration settings (especially the order in which you enable/apply the settings) of the router/access point and the computers until they talk to each other properly. One particular "gotcha" I've encountered is that settings for a computer's wireless card in Windows' built-in network configuration can conflict with the settings in the configuration software that gets installed with the network card. Odd things happen, such as Windows thinking that it should be using a static IP address while the WiFi card software thinks it should be using DHCP.

I'm not quite sure what was going on there, but I'm glad you finally got things back to normal. :)

1. I think you're right- the DCOM errors are most likely just a result of the Safe Mode bootups.

2. Concerning the router: I used to prefer Netgear equipment, but I've honestly had better experiences with Linksys gear in the last few years, especially when it comes to wireless devices. If it really is an issue related to the router, trying a Linksys might very well clear things up.

Good luck; let us know how it goes...

No worries on the "piggybacked" post; it's a common and totally understandable thing for people who are new to online forums to do. :)

As for your problem with running the smitfraud.reg file, check out the suggestion I posted in your new thread, and post a follow up there.

Well, I've restarted the system several times since my last post and as of yet haven't gotten any new errors. I think the errors I had from before are from when I was actually setting up the network.

That could certainly be the case, at least for the DHCP and TCP/IP errors. The W32 Time messages are just the Windows Time service telling you that it can't reach a network time server to synchronize your computer's clock to, which could be due to Windows attempting to reach a time server at a point when you aren't connected to the 'Net, or to the fact that you haven't specified the address of a valid time server. The DCOM errors could relate to a number of things; posting the details of a couple of those might not hurt.

...the battery is perma dead, so I was moving from one spot to another in the house and it died before I could plug it back in. When I restarted, twice IE didn't even open when I clicked it. I tried to run the Control panel and it didn't open either. So I shutdown and it had two "end task/wait" dialogs for iexplorer. I wonder if somehow IE got messed up with all the updates..?

IE might be damaged in some way, but considering that you said the computer had just crashed because of the dead battery, it might only have been a "one-time confusion" caused by the crash; it's hard for me …

You're welcome; glad we could help. :)
Have fun with that hammer... :mrgreen:

> urgently needed as submissions by next week...
What makes you special?
http://www.daniweb.com/techtalkforums/announcement8-2.html

Noting also that this was 9 months old before you said "me too".

Agreed on both counts.

Due to the fact that the member who originally started this thread has not responded in quite a long time, this thread is considered abandoned and has been closed.

In accordance with our posting rules, other members having similar problems should start their own threads and post their questions there. In order to help us help you most quickly, please include as much information about your problem as possible in your posts.

If the member who originally started this thread wishes to have the thread reopened, please send your request, including a link to this thread, to one of our moderators via email or Private Message.

Thank you.

...but I got a message saying that I it wouldn't let me merge it with the registry.

Did the message give you any indication as to why the Registry merge was being denied? The reason I ask is that some anti-spyware programs like SpyBot, Ad Aware, etc. have protection features which can block other programs from making Registry changes.
I see no signs of malicious infections in your HijackThis log, so my first thought would be that this is the case. If that's true, you need to temporarilly disable the feature that is blocking the smitfraud.reg utility. Ad Aware's feature is called "Ad Watch", SpyBot calls theirs "Tea Timer", and although I'm sure Spyware Doctor has something similar, I don't know what it's called.

Hi maraniba,

First of all- welcome to DaniWeb :)

We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.

In light of the above, I've split your post into its own separate thread, which can be found here: http://www.daniweb.com/techtalkforums/showthread.php?t=38916. We'll follow up on your problem in that thread.

For a full description of our posting guidelines and general rules of conduct, please see this page:

http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_policies.

Thanks for understanding.

You're welcome, Maren :)

Let me know if you need any help with the installation.

Your Event Viewer errors indicate issues in a few different areas; here are some ideas on some fo the errors:

1. Concerning some of the general and network-related instabilities you've described, I found some interesting threads on problems with the NVidia firewall which discuss what sound like very similar issues. Have a read of this thread on NVidia's support forum in particular; see if any of the suggestions there can help you.

2. Event ID 4226: " TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts."

The above error almost certainly relates to the issues you've experienced when doing heavy downloads. Read this article for an explanation; there is also a link in the article to a fix.

3. The W32Time errors are related to syncing your system's clock to a network/Internet time server; you should fix the time discrepancy if possible. See this Microsoft support article and use the recommended fix if the exact situation descibed applies to your case. If your issue is not the "resume from standby" issue discussed in the Microsoft article, correctly set your clock through the Date & Time control panel and see if it remains correct over time. Unless your computer is part of a domain in which you should be syncing to a netwrok time server, you don't need to have the time service running:

* Open the Services utility in …

is there somewhere else I can get it?

You can download the FA311/FA312 driver package from my FTP site. The package includes drivers for Win 98, as well as installation instructions and other help files:

FA31xV18.zip

The download file is in ".zip" format, so you'll need a program like WinZip to extract its contents. You can download the trial version of WinZip here.

Hi Ny4windserboy02,

First of all- welcome to DaniWeb :)

We ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.

In light of the above, I've split your post out into its own new thread, which can be found here; we'll continue your troubleshoot in that thread.

For a full description of our posting guidelines and general rules of conduct, please see this page:

http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_policies

Thanks for understanding.

OK- since you can run programs now, let's try what we couldn't try before:

Download and install the following utilities:

CCleaner - www.ccleaner.com
Webroot Spy Sweeper (14 day free trial) - http://www.webroot.com/shoppingcart...4011&vcode=DT02
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
ewido Anti-malware - http://www.ewido.net/en/download/

- Open Spy Sweeper, click on "Options", and then click on "Update Definitions" under the Program Options tab. Do not run a scan yet; just close the program once the update completes.

- Open ewido. In the main screen, click "Update" and click "Start Update". After the update process completes, exit from Ewido.

- Open MS Antispyware beta. Make sure the "AntiSpyware Autoupdater" feature is enabled, and that it has downloaded the most current antispyware updates. Close the program after you've verified this.

- Open Avast! and make sure that it has the most current virus definitions installed. Again- don't scan yet, just close the program once it's updated.

3. Reboot into Safe Mode and:

Open CCleaner.
- Go to Options-> Advanced: Uncheck "Only delete files in Windows Temp folders older than 48 hours"
- Go to Options>CustomFolders>Add Folder>Navigate to these folders (click on bold file once and hit OK) :
* C:\Windows\Temp
* C:\Windows\Prefetch
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ (This will delete all your cached internet content including cookies.)
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp
* C:\Documents and Settings\<any …

Download the (free) HijackThis utility.

Once downloaded, follow these instructions to install and run the program:

Create a folder for HJT outside of any Temp/Temporary folders and move/extract HijackThis to that folder now. A folder such such as C:\HijackThis or C:\Spyware Tools\HijackThis will do.

Run HijackThis, but do not have HJT fix anything yet; only have it scan your system! Once the scan is complete, the "Scan" button will turn into an option to "Save log...".
Save the log in the folder you created for HijackThis; the saved file will be named "hijackthis.log". Open the log file with Windows Notepad, and cut-n-paste the entire contents of the Notepad file here.

The log contents will tell us a lot about what "nasties" have crept into your system, and once we analyse the log we can tell you what to do from there.

OK- let us know if you have any questions or problems.