Everything posted by coltm4carbine
-
hijackthis log [PROBLEM SOLVED - lock please]
yup..you have vundo. try this first. It should work: Please download VundoFix[Caution: Executable File] to your desktop. [*:pm4nnopz]Double-click VundoFix[Caution: Executable File] to run it. [*:pm4nnopz]Put a check next to Run VundoFix as a task. [*:pm4nnopz]You will receive a message saying vundofix will close and re-open in a minute or less. Click OK [*:pm4nnopz]When VundoFix re-opens, click the Scan for Vundo button. [*:pm4nnopz]Once it's done scanning, click the Remove Vundo button. [*:pm4nnopz]You will receive a prompt asking if you want to remove the files, click YES [*:pm4nnopz]Once you click yes, your desktop will go blank as it starts removing Vundo. [*:pm4nnopz]When completed, it will prompt that it will shutdown your computer, click OK. [*:pm4nnopz]Turn your computer back on. [*:pm4nnopz]Please post the contents of C:\vundofix.txt and a new HiJackThis log.
-
hijackthis log [PROBLEM SOLVED - lock please]
If you have downloaded winantivirus that means you have vundo. Don't download it. Rename Hijackthis[Caution: Executable File] to something like Scan[Caution: Executable File]. Then post another HJT log.
-
CPU at 100%
svchost is usually legit. in windows operating systems...but it does depend on it's location. On here you have to change the ".e3e (CAUTION - executable file)" to "[Caution: Executable File]"... Update and run your antivirus and see if it picks anything up to be sure. Edit: damn someone got there before me..
-
Windows Media Player Difficulties
about the plug ins.. which browser are you using?
-
NVM Solved: virus infection.
err..a sidenote: I think you got the latest version of vundo.[no BHOs and very few o20s...] not smitfraud. [lol lucky you..i've been trying to find this latest version since i knew about it] edit: Do this for vundo first, to make sure it aint that.. Please download VundoFix[Caution: Executable File] to your desktop. [*:2ji55t5o]Double-click VundoFix[Caution: Executable File] to run it. [*:2ji55t5o]Put a check next to Run VundoFix as a task. [*:2ji55t5o]You will receive a message saying vundofix will close and re-open in a minute or less. Click OK [*:2ji55t5o]When VundoFix re-opens, click the Scan for Vundo button. [*:2ji55t5o]Once it's done scanning, click the Remove Vundo button. [*:2ji55t5o]You will receive a prompt asking if you want to remove the files, click YES [*:2ji55t5o]Once you click yes, your desktop will go blank as it starts removing Vundo. [*:2ji55t5o]When completed, it will prompt that it will shutdown your computer, click OK. [*:2ji55t5o]Turn your computer back on. [*:2ji55t5o]Please post the contents of C:\vundofix.txt and a new HiJackThis log.
-
Dual core, Vista Beta and 10mb = PWNAGE!
So am I...infact I am using Vista 5472 to post this reply right now... Yes my 5472 is legit and yes i can post a SS of my connect account to show all the other betas i am in
-
stange popups randomly.. HJT log
erm are those pop-ups from winantivirus pro 2006 or something like that? if it is it's the new smitfraud varient. I don't know why it appears randomly but you usually get pop-ups like those when you visit rapidshare without a pop-up blocker.. Just a few weeks ago, before i secured my laptop, i intentially got myself with as much junk as my laptop can handle... If you want a ready made set of hosts files you can find a pretty good one here: http://www.mvps.org/winhelp2002/hosts.htm That one blocked out all the Ads plus all the other things on my desktop.
-
Windows Vista
Sorry I misunderstood you, I thought you was talking about the overall rating [The part where it says: Your computer has an overall Windows System Preformance Rating of ....]
-
Windows Vista
Who said the performance rating was out of 10? I am not 100% sure about BETA 2 CTP but on my builds of Vista [5365 and 5456 both interim] the best you can get was 5. 1 is the worst and 5 is the best.
-
BIG problem, program wont go away.
hint for anyone: Spyfalcon= spysheriff,spywarequake, virtual maid, antivirus gold etc... [a variant smitfraud in other words] nvm you tried spybot. Do an online antivirus scan with panda activescan...that should help a bit. If that doesn't kill it then there is always the original way...
-
New worm- pretty destructive be careful.
you might want to read about it from microsoft's website here:http://www.microsoft.com/technet/security/advisory/904420.mspx link to ms virus info library. http://www.microsoft.com/security/encyclopedia/details.aspx?Name=Win32/Mywife.E@mm quotes from M$ library. (the info might change over time) IMHO quite destructive if you have any important files (homeworks, reports, financial reports whatever). If you update your antivirus then i think you'll be fine for the time being. Also seriously be careful with dodgy attachments and emails. Just a little warning for those of you who have important things inside your pc. edit: typo and added link.
-
Spyware and Virus Help. Good Free programs
personally i don't think it's junk and i deffinitely don't think it's spyware itself. yes most free things are junk but some are clean. If people actually stopped using limewire, kazaa and the other infected p2p programs to get cracked versions of programs (i have seen someone get a cracked version of spysweeper before so it is possible). Trend micro anti-virus= good Spyware=bad. The reason? it gave me a lot f/p the last time i scanned it (as soon as i saw this thread like an hour ago). something that supprised me was that Norton, ad-aware, MSAS,spybot, ewido, panda online scan all didn't detect it. They detected nothing...either it's another one of trend's f/p (again? last time it said i had CWS and deleted my search bar) or is it because all those programs are rubbish? I think it's a f/p but thats my opinion- you make your choice (maybe I am infected...) edit: F/P= false positive. The thing it detected was 2 keyloggers.
-
Keylogger Removing
well, you can download a free anti virus like avg or do a online scan an see ehat they find. the antivirus should pick up a keylogger(if u have one). Make sure u update ur definition files before scannning.
-
Weird problem with SpySweeper, please help!
but don't forget to read the replies from the experts...yes it is legit and it is also a reputable scanner.
-
HJT-log
ok, as for the about blank it is the sp.html variant. i did post a fix for it but most of the links got censored out. I think of something else...
-
HJT-log
edit: don't do this fix yet- most of the links don't work...there is only one exe (cws shredder) so i donno about the others. thanks mercifull for reminding me. edit: ok do this for now. search for microsoft antispyware, ad-aware and spybot search and destroy. download and install them update them scan and remove everything they find.
-
hijckthis log
I just want to give someone else a chance with logs thats all. I mean loads of other people know what they are doing with hjt (like you for a start). good point, i think i change me sig now. well i wait for a while to see if anyone will take this log. if noone takes it then i finish it off.
-
hijckthis log
ok least it's gone now. yes please post a new hjt log and then someone should take over it. if noone does after 2 days then i do it myself.
-
HJT-log
oh i forgot to add on my last post print it off. well after i fix this up i got another canned to use (sp.html) you can fix these if you want (if your that desperate, but it won't solve your desktop hijack problem)(also i will need to see a new log later so it will show up new entries): R3 - Default URLSearchHook is missing most of the other bad entries require special removal tools - your computer has been quite badly affected... have you been visiting dodgy websites?
-
HJT-log
i start you off by giving you smitrem Download smitRem[Caution: ExecutableFile] and save the file to your desktop. (if the link doesn't work then google up smirem) Double click on the file to extract it to it's own folder on the desktop. Place a shortcut to Panda ActiveScan on your desktop. Please download the trial version of Ewido Security Suite here: http://www.ewido.net/en/download/ Install it, and update the definitions to the newest files. Do NOT run a scan yet. Next, please reboot your computer in SafeMode by doing the following: [*:25y4aaf7]Restart your computer [*:25y4aaf7]After hearing your computer beep once during startup, but before the Windows icon appears, press F8. [*:25y4aaf7]Instead of Windows loading as normal, a menu should appear [*:25y4aaf7]Select the first option, to run Windows in Safe Mode.Now scan with HJT and place a checkmark next to each of the following items and click FIX CHECKED: Close HiJackThis. Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen. Wait for the tool to complete and disk cleanup to finish. The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply. Open Ad-aware and do a full scan. Remove all it finds. Run Ewido: [*:25y4aaf7]Click on scanner [*:25y4aaf7]Click on Complete System Scan and the scan will begin. [*:25y4aaf7]NOTE: During some scans with ewido it is finding cases of false positives. [*:25y4aaf7]You will need to step through the process of cleaning files one-by-one. [*:25y4aaf7]If ewido detects a file you KNOW to be legitimate, select none as the action. [*:25y4aaf7]DO NOT select "Perform action on all infections" [*:25y4aaf7]If you are unsure of any entry found select none for now. [*:25y4aaf7]When the scan is finished, click the Save report button at the bottom of the screen. [*:25y4aaf7]Save the report to your desktopClose Ewido Next go to Control Panel click Display > Desktop > Customize Desktop > Web > Uncheck "Security Info" if present. Reboot back into Windows and click the Panda ActiveScan shortcut. - Once you are on the Panda site click the Scan your PC button - A new window will open...click the Check Now button - Enter your Country - Enter your State/Province - Enter your e-mail address and click send - Select either Home User or Company - Click the big Scan Now button - If it wants to install an ActiveX component allow it - It will start downloading the files it requires for the scan (Note: It may take a couple of minutes) - When download is complete, click on Local Disks to start the scan - When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the Panda scan report, along with a new HijackThis Log, the contents of smitfiles.txt and the Ewido Log by using Add Reply. that should get rid of smitfraud and it's variants.
-
hijckthis log
yeh i can tell just needed to confirm; your desktop has been hijacked. google up a toold called Smitrem made by noahdfear. download and save it to your desktop. Close all other programs and windows. Double click smitrem[Caution: ExecutableFile], then click Start to extract the tool to it's own folder. Open the Smitrem folder and double click the runthis.bat to start the tool. At one point when the tool runs, your taskbar will dissappear, and your computer will restart when the tool completes. A text file will be created in the Smitrem folder. Post the contents of that log please. have you moved HJT out of the temp?
-
hijckthis log
no need to be ashamed, hardly anyone knows what it is (even adults). It's basically a program made by a dutch person named merjin (merlin in english). Please move HJT into somewhere else. ============================================= Create a folder on the C: drive called C:\HJT. You can do this by going to My Computer (Windows key+e) then double click on C: then right click and select New then Folder and name it hjt Move HJT into this new folder please, This is important so please do this prior to anything else please ok before you fix the o2 line, has your desktop wallpaper been changed? are you getting fake windowsupdate messages (telling you to download spyaxe,spyware sticker, pcgaurd etc? if you have post back, and if you don't still post back.
-
Friend's HiJackThis log.
has your friend ran the basic stuff (ad-aware, spybot etc)? as for the 2 entries they are part of the ZenoSearch adware.
-
the thing of pictures vulnerability ..
if u mean the patch then run windows update. if you want the virus then it's not hard to get it.
-
WINDOWS META FILE EXPLOIT!!!!! WINDOWS 98 - XP VUNERABILITY
hi people, i have recieved this email:-