2,042 Posted Topics
 | Hi, bobby, the beauty of running an online scan is that you do not have any files loaded which could become corrupted - you load an ActiveX which runs the scan, plus a signatures file. So do this: Clean first to reduce the log clutter... here is one: ==Download this …  |
| | It is difficult to help without that hijackthis log file as a starter.... run another scan if you must and just paste it in from that notepad.  |
| | A different motherboard and chipset?.. it will not boot up, that's it. There is a fair to very good chance that you will have the wrong version of HAL, and certainly wrong drivers etc. A Windows Repair will not be a good option, either, because all that will do is … |
 | "Speed: 3.0 MHz" ... that's your speed bottleneck, right there. Ida gone for one of the 3 GHz ones.... :) Assuming disk space is not a problem, set a paging file of 1.5G. Got a second hard drive? Put it on that, first partition. Don't have one on the OS's … |
| | Gee, nice, pointed and accurate reply by pushkar. Nothing beats experience.... Okay, file deletion.... try it in safe mode, or use this tool: ==This one is a general purpose deleter, Unlocker: [url]http://filehippo.com/download_unlocker/[/url] Dclick the exe to install it, unchecking the updater and assistant boxes. It runs from the rclick context … |
| | Have you tried uninstalling Spyware Doctor, if you are able to keep your sys running long enough? Stop it via Task Manager if you only have a brief chance to act. If ther is not time for even that before your sys crashes then you may have to use Recovery … |
 | A good place to start would be: Clean: ==Get CCleaner from [url]http://www.ccleaner.com/[/url] - and install it in a new folder. You should keep this one for general use. I set the installation checkboxes only to open from the recycle bin. It's neater that way. Now run CCleaner from the recycle … |
| | If you do not see any BIOS activity at the beginning of boot, no list of disks or memory check then it is a bit dead, too dead for us to help you with it. Your not knowing anything about computers pretty much precludes us giving ideas about memory stick … |
| | Go to Windows Update site and dl KB918118 into your desktop machine. |
| | Re: IExplorer You have an instance of iexplore.exe for every IE window you have open. A blank window uses about 9 or 10 MB of memory, one with lots of site [or other] content will naturally use a lot more. That is the beauty of a tabbed browser like Opera or Firefox … |
| | I take it that you replaced the config\SYSTEM file with repair\SYSTEM. What about SAM, SECURITY [and SOFTWARE, DEFAULT] files? If you get it working you next have to get the most recent working registry hive from System Restore files [in System Volume Information]. You cannot just do a sys restore … |
| | Hughv has it right. If you change the order in the Boot Menu [on my machine I reach that via F11 at startup] to CDROM [or DVDROM] then naturally the puter will try to boot from your cd. If the cd is actually not bootable then BIOS will next try … |
| | I actually cannot guess what you have done... is svchost.exe running... can you see instances of it in task manager/processes? I actually don't know if windows can even start without it, and I don't know how you could interfere with it via gpedit.... but... |
| | |
| | Dave, the legitimate file is dllhst3g.exe, malware is dllhst3g.dll. Check that you do have the valid one, if not, then insert your cd, run sfc /scannow. |
| | It is very early on in the loading that the Windows logo screen [with loading bar] is presented. BIOS has read the MBR code and transferred it into memory; that code then scans the partition table for an active partition and the code in that partition's first sector, the boot … |
| | Re: Start up Feeze Heh.... some key gen. Not much is for free these days. You gotta realise, some folks don't like cracks and gens for their pgms being put about on the net so they make their own which are designed to cause you some trouble, other crack n gen makers are paid … |
 | Re: Help G'day, imperious, Really this should have been posted over at Viruses n Nasties, but what the heck, you're here, I'm here... Please do not do a Windows Repair, it's not really called for. Let's fix your Hosts File: - download HostsXpert from http://www.funkytoad.com/content/view/13/31/ - click the top button Make Writable … |
| | Re: windows error dinesh... it is not common for exe files to be in the inf folder; one that is there is unregmp2.exe for Windows media player. The normal files in the inf folder are .inf and related .pnf files which are used for loading software and drivers. I would rename others.exe to … |
| | Yep, firewall. Uninstall it, try net access with just Windows Firewall enabled. All okay? - reinstall your firewall. |
| | Re: pos.tmp HELP! Hi, alice , you have a short log but it is full of malware. We can clean it up, but be aware that your internet traffic has been monitored and your passwords may no longer be secure. If you use your sys for banking etc then your accounts may be … |
| | Hello, megaman.. and Susan... I am sure I know what your problem is, and it is not a fault in your mouse or drivers, rather a facility that some people find useful has been turned on - it is called X-mouse. It comes in two stages: with only stage one … |
| | Windows File Protection is what is copying in a replacement msconfig.exe as soon as you delete or rename or modify the original. The source file is in system32\dllcache. Not all system32 files are guarded by this protection, just those listed in a library or with extensions exe, sys ocx, dll.. … |
| | Interesting, Liz. Not one instance of svchost.exe running. I am not used to that. But then this is a Vista machine and I don't know too much about them. C:\Windows\System32\svchost.exe It may be an incompatibility with your version of hijackthis.... which is out of date/superseded. ==download hijackthis: [url]http://www.majorgeeks.com/download5554.html[/url] -install it … |
| | Hello, cookie... if you have a desktop with icons, a task bar or Start/All programs visible then Windows Explorer is running. Internet Explorer is totally different, although some functions are similar. [I wrote a lil bit about W E to a poster named cynikal in Viruses, Nasties forum [last page … |
| | Hello, Warrior... that Hijackthis log looks truncated.. I know it is run in safe mode, but even so... There are a lot of things to fix, those that Overwhelmed pointed out and a lot more. If we fix those and remove a couple of files could you post another log, …  |
| | Hi, you need to remove this: C:\WINDOWS\system32\tcpsvcs.dll It is already running, started at boot by this key :O20 - AppInit_DLLs: tcpsvcs.dll ... If you cannot manually delete the file in normal mode you will not be able to do it in safe mode either, because it is loaded and running … |
| | Overwhelmed, that is a log from Deckard's System Scanner [without its header].. hence the emulation heading for the hijackthis section. XPmase, your amchine has a vundo infection, amongs others. We should try to clean that first. ==Please download VundoFix.exe to your desktop from [url]http://www.atribune.org/ccount/click.php?id=4[/url] =Restart your system in Safe Mode. … |
| | Re: I Need Help..... Heya, Overwhelmed by clicks.. :) we all ask for help from time to time... who could know it all? SP2 by default plays a click when it blocks a pop-up. To disable that: In IE click on tools, Internet Options, Privacy tab, Settings. Remove the check from "Play a sound … |
 | Hatespy, it is most likely not a problem with your computer, more likely Paypal was momentarily down and IE then fooled with the URL. If you want a complete explanation [or one, anyway] click on the link in your post above and then in the webpage that opens click the … |
| | Hello, zombie... especially for you. ==Download SmitfraudFix (by S!Ri) from [url]http://siri.urz.free.fr/Fix/SmitfraudFix.zip[/url] Extract the content (a folder named SmitfraudFix) to your Desktop. - Restart your computer in Safe Mode. - Open the SmitfraudFix folder and double-click SmitfraudFix.cmd, select option #2 - Clean [type 2 and Enter] You will be prompted: "Registry … |
| | |
| | Hello, nuhjski, you cannot do what you are doing and expect your sys to run properly - you can only have ONE active AV service running. Out of the three, Mcaffee, AVG and Symantec keep only one... Mcaffee, I guess, cos you are paying for it. Symantec does not look … |
| | Heya, heidi, it does all depend upon the versions you have, that is, whether they are fulltime protection services or on-demand. Spybot teatimer is a fulltime registry guard, not much load there. Spywareblaster is no load on your sys at all. Adaware, AVG AS and Spywareguard - if you update … |
| | Post C:\vundofix.txt also... |
| | Not sure ul get a reply from mattpas, nomee, thread is well old. You run a windows Repair from the installation media.... it is a part of Setup that searches for and repairs an old installation thereby saving your data. No formatting is involved. Mmm.... I see now that you … |
| | ==Download fixwareout from [url]http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe[/url] - and save it to your desktop. Double click Fixwareout.exe to start the Fixwareout Setup Wizard, click next and then install. Ensure that Run fixit is checked, and click on Finish. After the fix follow the prompts. You will be asked to reboot your computer, and … |
| | Hi there. Let's see if this helps... Uninstall 811 Toolbar via CP, Add/Remove pgms. Start hijackthis, select Scan Only, place checkmarks against all the entries listed below that still exist, and then press Fix Checked. -you have obviously removed the 811 toolbar so I have included the website searchpages for … |
| | See how this works.. ==Download this file to your desktop: [url]http://download.bleepingcomputer.com/sUBs/ComboFix.exe[/url] ==Please download VundoFix.exe to your desktop from [url]http://www.atribune.org/ccount/click.php?id=4[/url] =Restart your system in Safe Mode. Double-click VundoFix.exe to start it. Click the Scan for Vundo button. When the scan completes click the Remove Vundo button. You will receive a prompt … |
| | Hello, Wendy. start hijackthis, select Scan Only, place checkmarks against all the entries listed below that still exist, and then press Fix Checked. O2 - BHO: (no name) - {C5413CC2-4408-4DF0-A5DD-F6C39AA524AB} - C:\Program Files\Online Services\metobohit4444.dll (file missing) O2 - BHO: (no name) - {D78E7197-9CD5-46F8-96F8-2008096485C7} - C:\Program Files\Online Services\metobohit83122.dll (file missing) O2 … |
| | Lo, Dee, here's some work for you... ==Download SmitfraudFix (by S!Ri) from [url]http://siri.urz.free.fr/Fix/SmitfraudFix.zip[/url] Extract the content (a folder named SmitfraudFix) to your Desktop. - Open the SmitfraudFix folder and double-click smitfraudfix.cmd, select option #1 - Search [type 1 and Enter]; a text file will appear which lists infected files (if … |
| | |
| | Hello, this may help. We need to remove this service: O23 - Service: Integrated Windows Authentication - Unknown owner - C:\Program Files\Common Files\System\MSIWA32.exe ==Go Start, run, type services.msc -and press Enter. Maximise the window and at foot select Extended tab, scroll to the specific service [Integrated Windows Authentication], rclick it, … |
| | Oh dear..... Please restore from the Recycle bin those files that you deleted [but not the fixes shown to you by Crunchie and Overwhelmed].... this will explain: Open an explorer window, go Tools, Folder Options, View, and check Hide protected Operating system files, above that select Do not show hidden … |
| | Re: Help, please... It is difficult to believe that this lil baby is the source of all your troubles..: O4 - HKLM\..\Run: [b4bda793] rundll32.exe "C:\WINDOWS\system32\yddgxwuw.dll",b Let's ignore it for the moment and run this first: ==Download this file to your desktop: [url]http://download.bleepingcomputer.com/sUBs/ComboFix.exe[/url] - to run it dclick combofix.exe and follow the prompts to … |
| | These two keys: R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = ..if you do not have the Search key, or if these two entries do not have a listed search engine as an entry Hijackthis will put them up in its scan. How are you getting on with … |
| | I'm not sure we should encourage self-help..tsk... we'll be outta business. Nice work... :). Now get this combofix n run it also... [url]http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe[/url] -- to run it dclick combofix.exe and follow the prompts to start it. When finished, it will produce a log - post that log in your next … |
| | Re: help Clean: ==Download this temp file cleaner from [url]http://www.atribune.org/ccount/click.php?id=1[/url] --click in the download window to run it, and when ATF Cleaner opens go Select all, and then Empty Selected. Next click Firefox [if you have that browser..] at the top, Select All again, and Empty Selected again. Follow that procedure also … |
| | ==Download this file to your desktop: [url]http://download.bleepingcomputer.com/sUBs/ComboFix.exe[/url] - to run it dclick combofix.exe and follow the prompts to start it. When finished, it will produce a log, C:\Combofix.txt - post that log in your next reply. A word of caution - do not touch your mouse/keyboard until the scan has … |
| | Mmm... McAfee finds, but ..... Try this: Clean: ==Download this temp file cleaner from [url]http://www.atribune.org/ccount/click.php?id=1[/url] --click in the download window to run it, and when ATF Cleaner opens go Select all, and then Empty Selected. Next click Firefox [if you have that browser..] at the top, Select All again, and … |
The End.