jholland1964

Who told you to run Combofix? This is an infection specific tool, NOT recommended unless specific symptoms are showing. Running it without supervision or being told to run it can cause damage to the computer. Why are you running Windows Installer? What specific program are you trying to install?

You need to [B]STOP[/B] manual registry editing for now. We don't know what all is there and doing this can actually disrupt what we may need to do. There are certain infections which need to be removed in a very specific way and removing random entries can cause problems later. …

How did you know[B] before [/B]scanning what infection you had or that you had an infection?

"lsass.exe" is the Local Security Authentication Server, a valid Windows file if it is running from C:\Windows\System32 and that is where yours is running from. I would like you to Update MBA-M and run another Full System Scan, of course have it REMOVE everything found. Reboot Immediately following the completion. …

[QUOTE=searchlight;858114]That's a good method to carry out the hijacking process but one can always keep the pop-up blocker on and avoid such fake pop-ups[/QUOTE] On an infected computer a pop-up blocker will not stop the pop-ups from the infection. Please download [B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"]Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your Desktop. * DoubleClick[B] mbam-setup.exe[/B] …

[QUOTE]Teun Spaans=Simple solution to re-enable registry: download and install spybot. [/QUOTE] The poster IS running Spybot. No need to download it again, HOWEVER; You need to [B]Disable Spybot's TeaTimer[/B] as it will interfere with fixes done. * Run Spybot-S&D in Advanced Mode * If it is not already set to …

Could be a corrupted display driver. You should check the manufacturer's website to see if there is a new one available.

It would be nice to have information on the computer...operating system, hard drive size, how much space remaining, what other security programs are on the computer, what av program was there before, was it removed?

Please TURN OFF the BitTorrent program until cleaning is complete. Better yet, Uninstall it, this is probably one reason for your infections. Please download [B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"]Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your Desktop. * DoubleClick [B]mbam-setup.exe[/B] and follow the prompts to install MBA-M. [B] * Be sure a checkmark is placed next to …

[B]You have a very infected computer.[/B] There are multiple worms and several trojans showing in your log. Update your anti-virus program and run a full system scan with it, allow it to fix/remove/quarantine anything found. Reboot the computer Do the following: download [B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"]Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your Desktop. * DoubleClick …

Open MBA-M. Click the Logs tab. That first log should be in there.

[QUOTE=rickilambert;857952]i don't use norton tho?[/QUOTE] Hi welcome to daniweb, poster may have noticed this entry in your HJT log: [QUOTE]O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) [/QUOTE] This can be taken care of later. It isn't hurting anything right …

Hi and welcome to daniweb, Think people have a misconception about HiJackThis. It is NOT really a "fixer" program. It is a program used to get a "snapshot" of what may be running on a computer and that is the way it should be thought of, period. Yes, at times, …

Hi welcome to daniweb, don't have any idea how large a hard drive you have or how much RAM is on there but you are running and extraordinarily large amount of programs at one time. Many are unnecessary. Also your Java is WAY out of date. But, you DO have …

Hi and welcome to daniweb, sorry we missed your thread. What anti-virus did you install? Other than a Norton update scheduler I don't see any other entry related to an anti virus program. You have at least one questionable program on the computer, SweetIM. Do the following: Please download [B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"]Malwarebytes' …

Neither of these scans need internet access IF you can transfer them via the laptop to the infected computer. Both can easily be done OFFLINE. Do the following using the laptop and transferring to infected computer: Please download[B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"] Malwarebytes' Anti-Malware (MBA-M) [/URL][/B]to your Desktop. * DoubleClick [B]mbam-setup.exe[/B] and follow the …

Doesn't sound like a virus to me. Since the computer is so new it would still be under warranty. Try contacting HP Tech service. They generally will work very well with you to try to get things fixed and will do it online or on the phone.

Please do not attach logs. Can you post the log using copy/paste and we can take a look.

If the infection is in Quarantine it cannot harm the computer and can be deleted. But if you are still having problems then you should UPDATE MBA-M and run another Full System scan with it and then REMOVE all that is found. Then reboot. Run a NEW HJT scan and …

What is the exact FULL wording of the error message? Have you done a clean up of temp files, emptied browser cache lately? Try running the free program [B][URL="http://www.filehippo.com/download_ccleaner/"]CCleaner [/URL][/B]and see if this helps.

Why do you want to run regedit? We need to see the MBA-M logs also before making any suggestions. One reason the machine may be slow is the excessive number of running processes, 14 instances of Microsoft Visual Studio for one thing. Totally unnecessary. But I don't see your Avast …

First thing I see is you are running two anti-virus programs, ESET NOD32 Antivirus and COMODO Internet Security which contains both a firewall AND an anti-virus program. This is an absolute no-no. Rule is ONE anti-virus program and One firewall. You need to uninstall ESET or Comodo but one must …

FYI, we prefer that logs be copy/pasted rather than attached here. Saves helpers from the chance of downloading an infected attachment to their computer. That said, I see nothing in your log indicating infection. I DO, however, see a portion of what is probably an old Norton application, still listed …

You are not running an anti-virus program. Why? You absolutely need an anti-virus program running at all times. Please do the following: Please download [B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"]Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your Desktop. * DoubleClick[B] mbam-setup.exe[/B] and follow the prompts to install MBA-M. [B] * Be sure a checkmark is placed next to …

[QUOTE=beastman1212;851696]I got a message while trying to access a site that said I was possibly infected, after I'd JUST ran AVG. So I tried to open Spybot Search and Destroy, no-go. AVG won't update on top of this.[B] I've looked in other threads and tried the suggestions, didn't work[/B]. Help?[/QUOTE] …

Please do the following, first of all remove you HiJackThis. You are running a very old version download the most recent version from [B][URL="http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe"]HERE[/URL][/B] Please download [B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"]Malwarebytes' Anti-Malware (MBA-M) [/URL][/B]to your Desktop. * DoubleClick [B]mbam-setup.exe[/B] and follow the prompts to install MBA-M. [B] * Be sure a checkmark is placed …

The infection you have on the computer is the W32/SillyFDC-AP worm. It is spread via Removable storage devices. I see by your log that it shows both processes running from both "C" drive and "E" drive. I have to assume that "E" drive is a removable drive, correct? That drive …

Your MBA-M is STILL out of date. Newest version is 1.36 and the scan you posted is 3 days old. Also Disable Spybot's TeaTimer, it will interfere with attempted fixes. * Run Spybot-S&D in Advanced Mode * If it is not already set to do this, go to the Mode …

It appears that you DID NOT reboot the computer after running MBA-M. At least one of the listings of infections found with MBA-M would have had this order at the end; [B]Delete on Reboot[/B]. That means infection cannot be deleted until the computer is rebooted. It shows in the log …

Do the following, update your anti-virus program and run a Full system scan with it, allow it to fix/remove/quarantine anything found. Then download [B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"]Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your Desktop. * DoubleClick [B]mbam-setup.exe[/B] and follow the prompts to install MBA-M. [B] * Be sure a checkmark is placed next to Update …

Who instructed you to run Combofix? This isn't a tool to be run without FIRST being instructed to do so. MBA-M will not do anything but scan unless you tell it to remove items found, which according to the log you have posted you did not. It says [B]No Action …

First of all MBA-M is [B]NOT meant to be run in Safe Mode[/B] it should always be run in NORMAL mode, this is the way it is configured. Please update the program and then run a FULL SYSTEM Scan in Normal Mode. When it is complete be sure to REMOVE …

Really need a lot more info than supplied. How do you know there is no spyware, malware or viruses? What other programs are running on the computer when the problem happens? Updates really aren't the way to go until the computer is known absolutely to be in good working order. …

Who told you to run combofix, and [B]WHY[/B]? It appears you have run it more than once. WHY was it run more than one time? I quote here from combofix instructions at bleepingcomputer [QUOTE][B]You should not run ComboFix unless you are specifically asked to by a helper.[/B] Also, due to …

What anti-virus program do you have installed?

[QUOTE=weblover;849638]hi all ,how are u? i want to ask a question ...what to choose as my antivirus ? is bitdefender total security better then avira ? i have these 2 and i don't know what to choose ....please help me ..and thnx in advance ..[/QUOTE] Hope you don't mean you …

Please turn off ALL of the P2P programs until this is complete. Better yet, uninstall them. Download and run a Full System Scan with [B][URL="http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe"]HiJackThis[/URL][/B] and save the log. Post back here with that log.

It must have been an older thread because the version of HiJackThis you used is WAY out of date. Uninstall that one and download the [B][URL="http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe"]NEWEST[/URL][/B] version. Secondly, you say that Bearshare and Limewire gave you an infection, then WHY do you still have them on the computer? UNINSTALL them …

First of a a big word...CAUTION...you should never run Combofix unless first directed to do so by a helper. It can do severe damage to the computer if run at the wrong time. First thing to do now is Disable Spybot's TeaTimer as it will interfere with fixes done. * …

[B]Hugh, where are you located?[/B] Please download[B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"] Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your Desktop. * DoubleClick[B] mbam-setup.exe [/B]and follow the prompts to install MBA-M. [B]* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.[/B] * If an update is found, it will …

Hurricane, this thread is six months old. You need to begin your own thread, stating all your problems and what you have done to try to correct them. Include your HJT log in your new thread and we will try to get things in order. Judy

[QUOTE=geezer;845623]Ahoy there! Its been a while thank god, but AVG just spotted this... Trojan horse Downloader.Generic8.AFYY Just wondering if its really a threat or if maybe its scare tactics now that the free edition is running out..;) Anyway, I'd appreciate any help you can give![/QUOTE] Hi welcome back. This is …

[QUOTE]can bittorent hide viruses [/QUOTE] ABSOLUTELY. P2P is one of the most common ways to infect a computer AND to infect it very dangerously. Your anti-virus program won't see them because much of the time they AREN'T viruses but trojans, two very different things. [B]Uninstall whatever it was that caused …

[QUOTE=normanallen;845779]Have you tried booting into Safe Mode? You should be able to run your anti-virus/malware software from there. If you can download MalwareBytes Anti-Malware, run it and post the results here, someone should be able to see what's going on.[/QUOTE] A very good idea. Also, do not connect to the …

We don't teach hacking here. If you have problem with Facebook I suggest you contact Facebook. [url]http://www.facebook.com/help/contact.php?show_form=account_compromised[/url]

Please do the following: download [B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"]Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your Desktop. * DoubleClick [B]mbam-setup.exe[/B] and follow the prompts to install MBA-M. *[B] Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.[/B] [B] * If an update is found, it will download …

First of all, unless it is impossible to run in Normal Mode HiJackThis should not be run in Safe Mode. You don't get a full picture of the computer in safe mode. Secondly, fixes done with HJT are most generally Clean up fixes AFTER removal programs have been completed. Just …

Hi, unfortunately you received incomplete instructions for the use of MBA-M. You need to run a Full System scan with it again but this time when the scan is complete [B] Be sure that everything is checked, and click [COLOR="Red"]Remove Selected[/COLOR].[/B] [B]Reboot the computer[/B] Run a NEW HiJackThis Full System …

Desktop.ini files appear in many folders and hold the view settings for that folder. There is nothing wrong with them. They are not indication of a virus. If you would feel more comfortable you can do the following: download [B][URL="http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html"]Malwarebytes' Anti-Malware (MBA-M)[/URL][/B] to your Desktop. * DoubleClick [B]mbam-setup.exe[/B] and follow …

jackwainaina, this thread you posted in is over two years old. You need to begin YOUR OWN thread. The log you posted with HJT is a very old version of the program. Uninstall that one and download the newest verion from [B][URL="http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe"]HERE[/URL][/B] But you also must state exactly what your …