Jump to content

Search the Community

Showing results for tags 'malware'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • PC Pitstop Site
    • Information Desk
    • PC Pitstop Test or AutoFix Problems
    • PC Pitstop's Paid Products
    • Site Feedback
    • Tech Talk
  • Community
    • Networking, Email, and Internet Connections
    • Viruses, Spyware, Adware
    • User to User Help
    • Tips 'n' Tricks
    • Post Your Pit Test Results
    • Linux
    • All Things Apple
    • Custom PCs, case mods, overclocking
    • Smart Phones and Hand-held Devices
    • Games and Gear
    • Distributed Computing Teams
    • Making Web Sites
    • General Discussions

Calendars

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


System Specifications:


TechExpress Link:

Found 24 results

  1. Dantes

    Reddit Revelation

    Reddits admission that some employees account were compromised is a complete horror to many. Very many questions to ask; however, the main question is are we really safe online? To be safe always ensure you use two-factor authentication in all your accounts.
  2. I just switched from Avast secure browser to Firefox. I'm paying for Avast Pro and Malwarebytes Premium. Adaware Antivirus Free version. Uninstalled CCcleaner because I heard it was compromised and contained malware. Anyone have any suggestions about what antivirus/malware programs work best with Firefox, freeware or paid for? Trying to get rid of what dosn't work and keep or find what does. No current computer issues. Thanks
  3. Hours after two successful scans had bright red full screen malware with following: "Internet Security Alert! Code: 055BCCAC9FEC" URL begins: https://muitomasjhs.info/ lengthy string follows above Phone number to call to request help from Microsoft was (888)374-9888 Normal actions to close ineffective but able to close Chrome from taskbar. What action is needed to clear and block future infection? If logs are needed will need instructions.
  4. Robert Gay

    Titanium tv box

    I got an email the other day it was labled Titanium TV Box. I opened it to see what it was all about and when I Xed out of it to destroyed all my browser certificates and was unable to get on the internet at all. I tried everything which is more than the average bear would know but to no avail. Was only able to go to settings and renew my OS which deleted all my apps. Having a lot of fun. Hope this helps someone. Just delete this email..... Maybe the guys in pcmatic will see this and fix it
  5. I have this pesky Rockettab adware that infected both of my browsers Chrome and Firefox. I tried looking for it in the add and remove programs manager in the control panel but I didn't see either program. I'm currently checking my registry for any leads. Does anybody know what I can do to remove this? This adware is killing me.
  6. dixiedld

    Facebook Block

    I received this block from my Facebook today.... Your Computer Needs to Be Cleaned It looks like your computer is being affected by malware. We’ll help you fix the problem to keep your account secure and prevent malware from spreading to friends. Malware is software that tries to steal personal information and causes problems when you use Facebook. Clicking or sharing links that contain spam can give your computer malware. When I first got it I ran a scan using PCMatic two times. When I attempted to log back on to Facebook I received this error. Facebook requires I allow TrendMicro to go in and clean my computer, which I do not feel I need to do. I had TrendMicro for approximately 7-10 years before switching to PCMatic. Has anyone else ever experienced something like this from Facebook and is there any way around it. A bigger question is what can TrendMicro clean that PCMatic has missed, and how does Facebook even know? Facebook will NOT allow me to sign in until I approve the clean.
  7. When I run the scan programs I use are getting tagged as malware etc to auto repair... how do I stop this? I do not want them removed.
  8. Can someone please tell me why PC Matic isn't catching this? I have gotten it twice on my own laptop and once on another laptop that PC Matic is supposed to be protecting. Also, how to make sure the malware is removed? I'm disappointed that PC Matic isn't protecting our machines from this.
  9. Hello, My mother-in-law has a nasty adware virus on her laptop called Offers4U. I have uninstalled all non-essential programs, uninstalled all Chrome Extensions, run PC Matic a dozen times, and even completely uninstalled and re-installed Google Chrome. Nothing seems to work and there is very little support for this online. I have made their laptop functional by finally installing adblock and popup block extensions for Chrome. This is working, but it is just a bandaid. I need this removed - any support is appreciated. PS - Why doesn't PC Matic remove this? Thanks
  10. djs1952

    PicColor Utility

    Does anyone know how to remove from PC? Uninstall does not do it. Comes back with "you do not have sufficient access to uninstall. Please contact system administrator.
  11. Hi, I'm going nuts trying to get Malware off of my computer. I think it's just on Firefox because I'm on Opera and I'm not getting those spam screens. When I discovered the problem, I downloaded Housecall and thought it would take maybe an hour - well, it's six days later and it's currently at 83%. This is not the first Housecall that was downloaded - once, it was at 85% and shut down. It keeps shutting down when in the 80 percentage. I thought perhaps there's too much stuff on my computer so I opened Windows Task Manager to see if there's something that I could delete. I deleted itunes because I wasn't using it. I'm not sure what else to delete, though. Then I went to Performance on Task Manager. The CUP Usage green picture showed 2% Memory showed 1.985GB At the bottom, there were Processes: 111; CPU Usage 6; Physical Memory: 60: Under Physical Memory (MB) it says: Total" 3325 Cached 1854 Free 1 (I've seen this go up to 6) Is this why it's taking so darned long to get the Housecall scan done? (BTW, I went to Housecall and they charge a min of $79 which I just don't have so I'm hoping someone here will be able to help me. And I'm so thankful that I finally remembered this site's name!) Edited to add: Sure enough, while 83% completed with the Housecall scan, my computer rebooted. I am not using anything right now - what's the use? Is there a different product that I can use that might actually finish scanning? Is the Physical Memory Free Category (1) what's making everything so slow? Please - I really need to have my computer for medical reasons. Thank you. Thanks, nadalotta Vista Serv. Pack 2 Dell XPS XPS_420 Mem. 4.00 GB
  12. I am reviewing PC Matic to see if I can get rid of an adware / malware virus that resides on my PC. It has hijacked my IE and FF browsers - and when I click links, click into a blank field to add data, etc., etc. anywhere from 1 to 2 new browser windows automatically pop up with ads of some product - mostly PC software to remove viruses, optimize my PC, etc. (PC Keeper, for example). Their are other ads that pop up as well - they look to be legit. I currently use Webroot as my virus software - they spent about 2 hours trying to eradicate all occurrences of 'video+ mediaplayer+' virus from my registry and my IE add-ons. I thought we had the problem solved, but nope - it's back, but I no longer see it in my IE add-ons or add-ons in FF. Has anyone heard of this virus How do I get rid of it - willing to buy PC Matic if it remove this virus.
  13. I had a problem a few days ago and ran Avira. It came back with 91 viruses, cleared those out. Ran Malwarebytes Anti-Malware - It had hits, cleaned those out. Now my computer does not appear to like certain security settings but I might have just fixed that. The main issue that I am noticing now is that the process "dllhost.exe" is using a HUGE amount of system resources. As of right now between 11 and 46 on the task manager under CPU and the mem usage at 760,000 to 770,000 k. I tried to terminate the process and copy a new version of the file over to "reset" the program but since it is a system file it is protected and the computer said No. Now Avira and Anti-malware are both running clean. I installed Spybot search and destroy and it found some minor things like tracking cookies etc but my laptop is still misbehaving. What else can I try?
  14. Ok with in the last week I have been having some serious issues with my computer. Both of my browsers crash consistently chrome and firefox can't even use adobe flash to watch movies anymore says not enough memory. The computer just blanks out and blue screen comes up and says physical memory dump. I removed a bunch of stuff of my computer and nothing works. I do the pcpitstop optimize scan and pay for the program to fix it now my AVG antivirus interface does not work won't even open up. I can't take it anymore. Can somebody please assist it would be greatly appreciated. I have operating system windows XP professional. Version 2002 service pack 3. Intel ® 4 CPU 2.80 GHZ, 2.79 GHZ, 0.99 GB of ram.
  15. I seem to have been infected with this malware in spite of running pitstop. Now I'm wondering how to remove it? Any suggestions? Thanks.
  16. Hey, I am new to this forum and like to stick around to learn more about various aspect in technology. However my first question and not the last one is my curiosity on restore softwares like Deep Freeze or Drive Vaccine. My question lies whether when a restore takes place does it remove the Virus or Malware from the system. Keep in mind, the restore point is in the same system as of the restore software. Any information will be great. Cheers
  17. iamgem The problem I am encountering with PC Matic is the scanning ends with an error reported during the High Level Threat Scan with the message that an error has occurred and PC Matic must close. Up to that point every scan works exactly as it it should (and I suspect that every scan after will do so as well). I have not installed Super Shield because I know that there is a conflict between it and the current antivirus software that I use (Spyware Doctor with Antivirus). I have had no problems over the 2 years that I have been using both programs together (both programs are currently uptodate) until about a month ago. I also use Malwarebytes Anti-Malware, Advanced SystemCare 5 and System Mechanic Pro with never any conflicts among any of them. There were no recent updates to any of them before this problem developed other than the data files which each uses. I have removed or disabled each of these programs (as wll as others) one at a time and tested PC Matic but the problem still occurs -- I have even tried re-installing PC Matic but with no success in fixing the problem. Here is the info from Event Viewer: ---------------------------------------------------------------------------------------------------------------------------------PC Matic Error during High Level Threats: Event Viewer ==================================== Event Type: Error Event Source: Application Error Event Category: None Event ID: 1000 Date: 10/12/2012 Time: 11:12:27 AM User: N/A (Administrator) Computer: HOME-7B0D9FAD53 Description: Faulting application pcmatic.exe, version 1.0.0.24, faulting module pcpitstopantivirus2.dll, version 1.0.0.15, fault address 0x000223c6. Data: 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 46 61 69 6c ion Fail 0010: 75 72 65 20 20 70 63 6d ure pcm 0018: 61 74 69 63 2e 65 78 65 atic.exe 0020: 20 31 2e 30 2e 30 2e 32 1.0.0.2 0028: 34 20 69 6e 20 70 63 70 4 in pcp 0030: 69 74 73 74 6f 70 61 6e itstopan 0038: 74 69 76 69 72 75 73 32 tivirus2 0040: 2e 64 6c 6c 20 31 2e 30 .dll 1.0 0048: 2e 30 2e 31 35 20 61 74 .0.15 at 0050: 20 6f 66 66 73 65 74 20 offset 0058: 30 30 30 32 32 33 63 36 000223c6 0060: 0d 0a ---------------------------------------------------------------------------------------------------------------------------------
  18. Hi guys, my pc has been really laggy lately and i dont understand why? it lags in video games and when im on my homescreen and when im doing anything really. I do have Bullguard antivirus. and not much programs,i thought i had and ok pc... and i also ran Norton PC Checkup and it found nothing. Here are my specs: -------------------------------------- Summary -------------------------------------- Computer Brand Name: HP-Pavilion BT437AA-ABA s5623w Operating System: Microsoft Windows 7 Home Premium (x64) Build 7601 Service Pack: Service Pack 1 Processor: AMD Phenom II X4 840 (3200.0 MHz) Motherboard: PEGATRON CORPORATION NARRA5 (nVidia nForce 6100-405/430) Memory: 3 GBytes (Dual-Channel) Hard Drive: Seagate ST3320418AS (305,245 MBytes (320 GB)) Optical Drive: hp DVD-RAM GH60L (DVD+R DL) Display Adapter: EVGA e-GeForce GT 430 Audio Adapter: nVIDIA MCP61 - High Definition Audio Controller nVIDIA GF108 - High Definition Audio Controller Network Adapter: Belkin USB Wireless Adaptor Monitor: Hewlett-Packard [unknown Model: HWP292F] -------------------------------------- Processor -------------------------------------- CPU ID: 00100F53 Extended CPU ID: 00100F53 Code Name: Propus CPU Stepping: BL-C3 CPU Platform: Socket AM2r2 Microcode Update Revision: 10000AF Core(s): 4 Thread(s): 4 Original Frequency: 3200.0 MHz Current Frequency: 3214.7 MHz = 16.00 x 200.9 MHz @ 1.3750 V CPU Core Temperature: N/A L1 Cache: Instruction: 4 x 64 KBytes, Data: 4 x 64 KBytes L2 Cache: Integrated: 4 x 512 KBytes CPU Thermal Design Power: 95.0 W CPU Thermal Design Current: 76.0 A -------------------------------------- Motherboard -------------------------------------- Model: PEGATRON CORPORATION NARRA5 Chipset: nVidia nForce 6100-405/430 Slots: 1xPCI, 2xPCI Express x1, 1xPCI Express x16 PCI Express Version Supported: v1.0 USB Version Supported: v2.0 Super IO/LPC Chip: Fintek A8000B BIOS Manufacturer: Phoenix - AwardBIOS v6.00PG BIOS Date: 05/20/10 BIOS Version: 5.59 -------------------------------------- Memory -------------------------------------- Module Number: 0 Module Size: 1024 MBytes Memory Type: DDR2-SDRAM Memory Speed: 400.0 MHz (PC2-6400) Module Manufacturer: Kingston Error Check/Correction: None Number Of Banks: 8 Number Of Ranks: 1 Supported CAS Latencies: 6.0, 5.0, 4.0 Min. RAS-to-CAS Delay: 15.00 ns Min. Row Precharge Time: 15.00 ns Min. RAS Pulse Width: 45 ns Supported Module Timing at 400.0 MHz: 6.0-6-6-18 Supported Module Timing at 333.3 MHz: 5.0-5-5-15 Supported Module Timing at 266.7 MHz: 4.0-4-4-12 Min. Row-Activate To Row-Activate Delay: 7.50 ns Write Recovery Time: 15.00 ns Internal write to read command delay: 7.50 ns Internal read to precharge command delay: 7.50 ns Minimum Activate to Activate/Refresh Time: 60.00 ns Minimum Refresh to Activate/Refresh Command Period: 127.50 ns Address and Command Setup Time Before Clock: 0.17 ns Address and Command Setup Time After Clock: 0.25 ns Data Input Setup Time Before Strobe: 0.05 ns Data Input Setup Time After Strobe: 0.12 ns Module Number: 1 Module Size: 2048 MBytes Memory Type: DDR2-SDRAM Memory Speed: 400.0 MHz (PC2-6400) Module Manufacturer: Micron Tech. Error Check/Correction: None Number Of Banks: 8 Number Of Ranks: 2 Supported CAS Latencies: 6.0, 5.0, 4.0 Min. RAS-to-CAS Delay: 15.00 ns Min. Row Precharge Time: 15.00 ns Min. RAS Pulse Width: 45 ns Supported Module Timing at 400.0 MHz: 6.0-6-6-18 Supported Module Timing at 333.3 MHz: 5.0-5-5-15 Supported Module Timing at 266.7 MHz: 4.0-4-4-12 Min. Row-Activate To Row-Activate Delay: 7.50 ns Write Recovery Time: 15.00 ns Internal write to read command delay: 7.50 ns Internal read to precharge command delay: 7.50 ns Minimum Activate to Activate/Refresh Time: 60.00 ns Minimum Refresh to Activate/Refresh Command Period: 127.50 ns Address and Command Setup Time Before Clock: 0.17 ns Address and Command Setup Time After Clock: 0.25 ns Data Input Setup Time Before Strobe: 0.05 ns Data Input Setup Time After Strobe: 0.12 ns -------------------------------------- Hard Drive -------------------------------------- Drive Model: Seagate ST3320418AS Drive Controller: Serial ATA 3Gb/s Drive Serial Number: 9VMKPJZ0 Firmware Revision: HP35 Drive Capacity: 305,245 MBytes (320 GB) Media Rotation Rate: 7200 RPM Temperature: N/A Cache Buffer Size: 16384 KBytes Number of Cylinders: 16383 Number of Heads: 16 Number of Sectors: Unknown Sectors Per Track: 63 Native Command Queuing: Supported, Max. Depth: 32 TRIM Command: Not Supported Write Cache: Present, Active S.M.A.R.T. Feature: Present, Active Security Feature: Present, Inactive Removable Media Feature: Not Present, Disabled Power Management: Present, Active Advanced Power Management: Not Present, Inactive Packet Interface: Not Present, Disabled Look-Ahead Buffer: Present, Active Host Protected Area: Not Present, Disabled Power-Up In Standby: Not Supported, Inactive Automatic Acoustic Management: Not Supported, Inactive 48-bit LBA: Supported, Active Raw Read Error Rate: 119/6, Worst: 99 (Data = 228223807) Reallocated Sector Count: 100/36, Worst: 100 Power-On Hours/Cycle Count: 94/Always OK, Worst: 94 (Data = 5493) Power Cycle Count: 100/20, Worst: 100 (Data = 985) SATA Interface Downshift / Runtime Bad Block: 100/Always OK, Worst: 100 Reported Uncorrectable Errors: 100/Always OK, Worst: 100 Command Timeout: 100/Always OK, Worst: 98 (Data = 12) Spin Up Time: 98/Always OK, Worst: 97 Start/Stop Count: 99/20, Worst: 99 (Data = 1992) Seek Error Rate: 82/30, Worst: 60 (Data = 168181565) Spin Retry Count: 100/97, Worst: 100 Temperature: 29/Always OK, Worst: 47 (Data = 29.0 C) Reallocation Event Count: 100/36, Worst: 100 Current Pending Sector Count: 100/Always OK, Worst: 100 Off-Line Uncorrectable Sector Count: 100/Always OK, Worst: 100 Ultra DMA/SATA CRC Error Rate: 200/Always OK, Worst: 200 -------------------------------------- Optical Drive -------------------------------------- Drive Model: hp DVD-RAM GH60L Device Type: DVD+R DL Drive Serial Number: 027CD022497 Firmware Revision: RD01 Supported Disk Type (Read): CD-R, CD-RW, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-RAM, DVD+R DL Supported Disk Type (Write): CD-R, CD-RW, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-RAM, DVD+R DL -------------------------------------- Display Adapter -------------------------------------- Video Card: EVGA e-GeForce GT 430 Video Chipset: nVIDIA GeForce GT 430 (GF108-300) Video Memory: 1048256 KBytes of DDR3 SDRAM Bus Type: PCIe v2.0 x16 (2.5 Gb/s) @ x16 (2.5 Gb/s) Video BIOS Version: 70.08.29.00.38 Video Chipset Revision: A1 Memory Bus Width: 64-bit Number Of Pixel Pipelines: 4 Number Of Unified Shaders: 96 GPU Temperature: N/A GPU Clock(Geometry Domain): 699.5 MHz GPU Clock(Shader Domain): 1399.1 MHz Memory Clock: 597.9 MHz (Effective 1195.7 MHz) -------------------------------------- Audio Adapter -------------------------------------- Audio Adapter: nVIDIA MCP61 - High Definition Audio Controller High Definition Audio Codec: RealTek ALC888 Audio Adapter: nVIDIA GF108 - High Definition Audio Controller High Definition Audio Codec: nVidia HDMI -------------------------------------- Network Adapter -------------------------------------- Network Adapter: Belkin USB Wireless Adaptor MAC Address: 94-44-52-EB-AA-72 Maximum Link Speed: 65 Mbps -------------------------------------- Monitor -------------------------------------- Monitor Name: Hewlett-Packard [unknown Model: HWP292F] Serial Number: CNT031S1K3 Date Of Manufacture: Week: 31, Year: 2010 Max Vertical Size: 23 cm Max Horizontal Size: 41 cm Standby: Not Supported Suspend: Not Supported Standard Colour Space: Supported Preferred Timing Mode: Supported Default GTF Supported: Not Supported -------------------------------------- Time of this report: 9/21/2012 7:47:22 AM HWiNFO32.dll: 3.9.6.0 HWiNFO32.sys: 8.72.0.0 HWiNFO64A.sys: 8.72.0.0 Here is some stuff i got from Hijack this!: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:58:36 AM, on 9/21/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Sidebar\sidebar.exe C:\Program Files (x86)\BitTorrent\BitTorrent.exe C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1819839267-1696124477-317962788-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1819839267-1696124477-317962788-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{F272961C-CC80-4369-8BAA-B24B5490FD71}: NameServer = 192.168.1.1 O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - PowerUp Software, LLC - C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9255 bytes
  19. Dragonmaster

    Browser speed is very slow

    Hi, a few days ago my web browser started to run very slowly, using up almost 50% of my CPU most of the time. There is also some sort of redirect malware on my computer as sometimes I get sent to random links whenever I use a search engine. I'll post my log here. Any help would be greatly appreciated Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 6:03:27 p.m., on 29/08/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16448) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxpers.exe C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe C:\windows\system32\wuauclt.exe C:\Users\Edward\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Edward\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F3 - REG:win.ini: load=C:\Users\Edward\LOCALS~1\Temp\caqdricoxx.pif O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe O4 - HKLM\..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [smoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe O4 - HKLM\..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe O4 - HKLM\..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe O4 - HKLM\..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://easyabc.95599.cn O15 - Trusted Zone: http://www.95599.cn O15 - Trusted Zone: http://www.95599.sh.cn O15 - Trusted Zone: http://www.abchina.com O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- End of file - 8070 bytes
  20. Someone used my computer and installed a Korean media player "Gom Player" and now my Internet Explorer homepage is set to Daum.net and can't be changed. Once the homepage is changed in settings (or asked to be blank), and applied, there is no effect, and I'm looking the Daum homepage still. The Gom Player program has been uninstalled, but they must have packaged it with a bunch of insidious BS. I only even use IE because the Korean government forces people to use that browser for online banking, in addition to being forced to install a bunch of "safety" programs ("Keysecure" anyone?) in order to check balances and such (which is probably a Samsung conspiracy to keep Apple unviable). Anyway, I'm running Spybot and Avast right now, and hating these Korean companies. Can anybody solve this problem, and/or advise me of what other things they might have done to my system?
  21. Fernando Santillán

    Bad Image Error (Win7)

    Hello, I'm new to this community. Thanks for reading my topic. For the past few days i've been experiencing an annoying problem and would greatly appreciate some help fixing it. Every time i boot up my computer and when i make it to the desktop a Bad Image Error appear. I close the message and another message came up telling me the same problem. I red on one of the forums that this type of problem may be caused by malware. Here's what it says: DDE Server Window:iTunes.exe - Bad Image C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or ocntact your system administrator or the software vendor for support. The same problem hapened in this forums: http://forums.pcpitstop.com/index.php?/topic/194798-bad-image-error/ http://forums.pcpitstop.com/index.php?/topic/169944-bad-image-error-resolved/ http://forums.pcpitstop.com/index.php?/topic/170560-bad-image-error-win-xp-resolved/ I've been looking for solutions to my problem and i found that many people resolved this same problem through this forum and the professional help that you guys give. So i'm hoping that i can help here too. I would be very greatful foy any help that i can find. Here's my hjt log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 4:05:28 PM, on 6/17/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16446) Boot mode: Normal Running processes: C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com.pe/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13927 bytes
  22. lizardo_manson

    Malware and viruses differences

    I found this page with good information about what are them. http://www.emsisoft.com/en/kb/articles/tec120308/ Thanks to, Emisoft newsletter
  23. Hello all What started out looking like a minor problem or annoyance. Has now become a major headache & looks like a major problem. I was surfing the net, at my usual places. Im using Firefox's newest browser, because I know its safer the IE. I use the Noscripts add on, as well as their popup blocker all the time. And at the time the original problem started. I was also using Nortons 360, along with Malwarebytes. My problem originally started with what seemed like a minor loss of internet connection. But then every few minutes or half hour or hour. I would once again be disconnected from the net. I've had connection problems with my cable before, so I immediately called my service provider. In the mean time, I ran my virus program & Malwarebytes & they both came up clean. So knowing my Nortons was soon to expire, I uninstalled it & downloaded AVG. Did a scan with that, which came up clean too. So then I put my disc for Nortons back in & noticed problem number two. The disc wasnt reading & when I went in to My Computer, the drive also wasnt showing up on my list. So after I had unisntalled AVG, I went to delete if from my programs folder & I couldnt delete it. I also found other files in there that looked exactly like the AVG file, and after uninstalling them. Noticed I couldnt delete them either. ( the icons dont look at all like they ones for the programs they are for. All the icons look exactly the same. But anyway, after my service provider sent out a truck & found no problems outside the house. I started checking the lines inside. Eventually, I have now replaced all wires/cables, got a brand new modem, & splitters. And Im still having the same problem staying connected to the net. Like I said, I finally downloaded & ran Hijackthis, & I see A LOT of nasties on the list. Should I make a new ppst in that forum as well? Thank you very much in adavance, for all help offered.
  24. Hard drive recently crashed - folks at the pc store were nice enough to update my OS to Windows 7. Windows 7 has microsoft security essentials installed. On my previous platform I was running SpywareBlaster, AVG Antivirus, Spybot S&D, AdAware, and Malwarebytes. My question is should I have all these programs installed, or is it a bit excessive? Now that I have the microsoft security essentials installed, which ones should I have in addition? Are there any I'm missing from this list? Thanks!
×