1,366 Posted Topics
 | Please follow the steps given here and post back with the requested logs. I would "guess" the pop ups were messages from McAfee...am I correct? [url]http://www.daniweb.com/forums/thread134865.html[/url]  |
| | Re: Stuck Key Error This thread is [B][COLOR="Green"]4[/COLOR][/B]years old but what held true then hold true today: Member Rules are very clear here: [B][COLOR="Green"]KEEP IT LEGAL[/COLOR][/B] Rules of this section are also very clear: [B][COLOR="Green"]Please Uninstall or Disable any P2P (peer-to-peer) programs on the infected computer before posting in this forum. Rather than write … |
| | And please note and follow to the letter: [I][B]1A – Please Uninstall or Disable any P2P (peer-to-peer) programs on the infected computer before posting in this forum.[/B][/I] from the sticky. Get rid of that BitTorrent program. It is likely how you became infected in the first place. |
| | IEXPLORE.EXE is [B]not[/B] showing in your running processes during the HJT scan. You need to do all the steps given in our [B]Read Me sticky[/B] and post back with all those logs. Then we can better tell what may be going on. [url]http://www.daniweb.com/forums/thread134865.html[/url] |
| | Run HiJackThis again and place check marks next to the following entries: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.theprizeday.com/today.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.0.0.610\HPIEAddOn.dll O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet … |
| | Hello, one of your biggest problems is you are not sticking with this. You began this thread 8 days ago. 5 days ago Biker told you to begin with fresh running of the tools in the Read Me sticky and finally this morning you post the info that [B]microsoft malicious … |
| | What browser are you using? |
| | Do the above BUT that is generally NOT the only tool or step you will need to take so follow the steps given in the Read Me sticky. [url]http://www.daniweb.com/forums/thread134865.html[/url] Post back right here with all the requested logs. |
| | Folks this thread is [B][COLOR="Red"]5 years old[/COLOR][/B]. I imagine the poster has made his choice by now. |
 | roycsc, as noted, this thread was SOLVED 18 months ago. You will receive NO help in a solved thread and no help in another person's thread. You must begin your own, stating all your problems, and give all information about your computer and listing the steps you have all ready … |
| | Oh my goodness!!! I don't believe I have EVER seen a MBA-M log like that! BUT...you didn't have it remove anything. Update and run another full scan, this time have it remove everything it finds, Reboot and then do the following: Please Run the [B][URL="http://www.eset.com/onlinescan/"]ESET Online Scanner[/URL][/B] and attach the …  |
| | [I][B]1) Fake anti-virus software alert (opens up fake Windows security alert bubble from icon taskbar in bottom right and internet pages to porn, viagra etc). Each time i try to open programs i get infection errors, do i want to continue etc. I assume these are ok to click OK …  |
| | Re: Media Gateway If you read our Read Me Sticky [url]http://www.daniweb.com/forums/thread134865.html[/url] Then you will see: [I][B]Please Uninstall or Disable any P2P (peer-to-peer) programs on the infected computer before posting in this forum. Rather than write a long piece on the dangers of P2P, I’m just going to say this: P2P software circumvents common-sense … |
| | Re: Slow Computer Since this thread is two years old I would imagine it is very likely the problem has been solved. |
| | [I]"gurukid22>>>>Ok yes sorry about that, have not heard of olp and assumed it was a hijack this log they do look similar i will have a look at OLP now.... Not to mention i do believe you have several virus/spyware invasions which will not be helping in anyway and several … |
| | Yes, all of the files can be downloaded to another computer, transferred to a flash drive and then taken to the affected computer so that steps may be completed. You WILL need to save the logs, transfer those back to the flash drive and then uploaded here from that drive. |
| | PLEASE DON'T use System Restore. That won't help anything and really could damage something or restore the infected file you have all ready removed. Please run all the tools in our Read Me sticky and then post back here with all the requested logs. [url]http://www.daniweb.com/forums/thread134865.html[/url] |
| | Re: help Then how do you know you have this? Follow instructions on our Read Me sticky and post back with the logs requested. [url]http://www.daniweb.com/forums/thread134865.html[/url] |
| | [QUOTE=kristain;1231991]Download and run Sysinternals Process Explorer and check it the next time you experience this error.[/QUOTE] kristain; You need to fully read all posts in a thread. The original poster, raya2, clearly states in the very first post that Sysinternals is all ready on the system and has been used. … |
| | You have used nearly a three year old version of HiJackThis. It is currently at version 2.04 so you need to remove that old version and download the newest version [url]http://free.antivirus.com/hijackthis/[/url] But please follow all of the steps given in our Read Me sticky and post back with all those … |
| | From what I could find this thing can be a real @#%@! to remove. Have you looked for it's program file? Maybe there is an uninstaller in there. Have you tried in Safe Mode? |
| | Re: Virus in Modem The cable modem has no storage or processor. There's no way any virus can infect a modem. Viruses only reside on computers. The modem is controlled by your internet provider so I believe if there is infection it would be coming from your internet provider. More likely there is an … |
| | You need to follow all the steps given in our Read Me sticky and then post back here with all the requested logs and somebody will be happy to help you. [url]http://www.daniweb.com/forums/thread134865.html[/url] |
| | How do you know it didn't go through Host Files? You need to do the steps found in our Read Me Sticky [url]http://www.daniweb.com/forums/thread134865.html[/url] and post back with the requested logs. I insist that you especially read this and follow those instructions, otherwise no help will be offered: [B][I]Please Uninstall or … |
| | Hi, other than the Malwarebytes' and HiJackThis logs I have no idea what those other logs you posted are from. You have a huge number of running processes yet really no auto starting because you have disabled them using MSCONFIG. You have a large number of auto starting services. You … |
| | Hello and welcome to daniweb, sorry it has taken so long for you to receive a reply. Give us the exact wording of the neverending wuauclt.exe error messages. There appears to only be one notation in the event log generated by the DDS scan pointing to this file. It reads; … |
| | mikep7394;1241536]New member here.. mike, this thread is three years old. You won't get any help in this one, you need to begin your OWN thread. We need you to follow the instructions in our Read Me Sticky and start your OWN thread and post the logs in it. The HJT … |
| | Re: residual virus? You need to update Malwarebytes' and do the Full Scan as requested in our Read Me sticky. [url]http://www.daniweb.com/forums/thread134865.html[/url] |
| | [QUOTE=Cyber 14;1239223]I guess you're right. I'll have to do that when I get around to it. Anyone care to hazard a guess as to how this infection managed to get in undetected? I 'm always careful about my downloads and use ForceField at all times. I think it may have … |
 | Well, in response to your comments about the Advanced System Care by IObits...you may want to take a look at this info and think about whether you DO want to keep this program at all. [url]http://www.malwarebytes.org/forums/index.php?showtopic=29681[/url] With these two below please note that both links received "This site has a … |
| | [QUOTE=PhilliePhan;1238086]They were just spamming a link to their forum. It was poor etiquette, so I fixed it for them :)[/QUOTE] :D I figured that was your doing. Very good! Will remember that for later:D |
| | Please follow the instructions given on our Read Me sticky and post back with the requested logs and one of us will be happy to provide assistance [url]http://www.daniweb.com/forums/thread134865.html[/url] |
| | Please follow the instructions given in our Read Me Sticky and post back here with the requested logs. [url]http://www.daniweb.com/forums/thread134865.html[/url] |
| | Looking at your combofix log, [B][I]nothing was removed or changed[/I][/B] by combofix, changes would definitely have been noted in the log and there are absolutely none noted. However one thing I DO see is this; AV: [B][COLOR="Red"]AVG Anti-Virus Free[/COLOR][/B] [B]*On-access scanning enabled*[/B] (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: [B]Spyware Doctor [COLOR="Red"]with AntiVirus[/COLOR][/B] *[B]On-access … |
| | [QUOTE=tiger86;1225355]. ESET is for Creative Technology. .[/QUOTE] ESET is the Anti-virus program installed on the computer.  |
| | [QUOTE=Ribkin;1232722]Ash Abe Add. I suspect you have svchost.exe virus. Take a look at [url]http://www.howtofixsvchostexe.com[/url]. It offers quite simple solution.[/QUOTE] Since the original poster has not been here in nearly 3 months I would say this thread is closed. |
| | kristain; I suggest that you read this FULL Thread. All of these steps that you have just asked the poster to do have all ready been requested by Crunchie and completed by the poster. |
| | Hi and welcome to daniweb, [QUOTE]I have adequate virus protection, adware software installed.[/QUOTE] Obviously not, unless you are located in the Ukraine, and your profile indicates that you aren't but your log indicates connections to the Ukraine, you have at least one backdoor trojan on the along with multiple others … |
| | [QUOTE]P.S. heres my registry: C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe C:\Program Files\Sunbelt Software\CounterSpy\SBPIMSvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe[/QUOTE] Not certain what you mean by the above as this is not the registry. The HiJackThis log you posted is incomplete. We need to see the entire log from top to bottom. Please follow … |
| | Please also post the MBA-M log. Your HJT log DOES show at least one Trojan, which should have been removed by the MBA-M full scan. You don't appear to be running either an anti-virus program or a firewall...why not? |
| | Hello, sorry it has taken so long for you to receive a reply. If you haven't gotten this problem solved we will be happy to assist. Can you read and attempt to do all of the requested scans found in this link [url]http://www.daniweb.com/forums/thread134865.html[/url] Then post back with the requested logs. … |
| | Thanks for those logs. You left one log off which we also need to see. As our instructions say "Copy&Paste [B]both [/B]the [B]DDS.txt[/B] and the [B]DDS Attach.txt[/B] into your post for assistance." We need both of those logs. |
| | [QUOTE=finito;1227633]safe mode Restart and hold F8 right after the Bois boot screen, where it asks you to press Del (or F2 in some cases) to enter Bois. Then it will list boot options just press enter on Safe mode and you should be able to run the scanners there.[/QUOTE] Those … |
| | Hello, One thing for sure I can tell you that is definitely wrong is you are running TWO anti-virus programs, AVG9 and Norton 360. That is an absolute No-No. The rule is ONE anti-virus program on a computer. I have no idea which one is current or if the AVG … |
| | Sounds to me like a Firefox setting. Check your settings. Can you clarify this for us? When you view an image are you saying this image opens in a new tab or if you click on an image then a new tab opens but the image is in the original … |
| | Let me go through things you have mentioned one by one: [QUOTE]I installed a fresh SPybot and teatimer and teatimer was blocking my internet for some unknown reason.[/QUOTE] Here is the info from the [B][URL="http://www.safer-networking.org/en/faq/33.html"]SpyBot FAQ[/URL][/B]: [QUOTE]The Resident TeaTimer is a tool of Spybot-S&D which perpetually monitors the processes called/initiated. … |
| | Hey, where is the MBA-M log? We have to see this to hopefully know what you are dealing with, please post that log. |
| | We know nothing about the computer, need the operating system, how you are connected to the internet in order to give information. Run HiJackThis, tell it to save the log. The log should open when the scan is done, just copy/paste it here. |
| | Re: Malwarebytes log Welcome to daniweb, Not horrible, not wonderful either but have certainly seen worse. Here are the next steps you need to take; Go to Start, Control Panel, Add/Remove Programs and look for the following: * My Web Search (Smiley Central or Fun Web Product as applicable) * My Way Speedbar … |
| | [url]http://www.google.com/search?hl=en&q=MBR+worm&sourceid=navclient-ff&rlz=1B3MOZA_enUS327US327&ie=UTF-8[/url] |
The End.