Computer Hope
Software => Computer viruses and spyware => Topic started by: mcummings36 on January 23, 2010, 03:51:54 PM
-
I am on Facebook at least 2-3 times a day and have never had any problems. Today I tried to go on and this page comes up that says the site is "restricted due to my security preferences." Also says "Your system is infected. Please activate your antivirus software." What the heck does this mean? I have avast, Malwarebytes and Super Antispyware programs on my computer. I run them regularly, and like I've expressed here before, they do nothing. I still can't use google to search for anything unless I copy and paste the search results, which is kind of a pain, and shouldn't be happening. I tried fixing that by running all the security programs, and of course it didn't help. Which is why I don't like having these programs on my computer to begin with. They take up a ton of space and don't seem to serve any purpose. Can someone tell me how to fix this facebook thing?
-
all 3 serve a purpose and work well , but if you think that , take all 3 out and see what happen's
in the mean time if you want to download hijackthis and re-name it to snipper.exe , run and post a log
http://www.filehippo.com/download_hijackthis/
-
I am not at all computer literate or whatever you want to call it, so maybe they do serve a purpose, but I just don't know what it is or see that they make much difference either way. But I wouldn't know since I know so little about this. I ran the hijackthis program.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:54:54 PM, on 1/23/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\slrundll.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\WINDOWS\system32\smss32.exe
C:\Program Files\InternetSecurity2010\IS2010.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.mirarsearch.com/?useie5=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\winlogon32.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Mirar - {2CEB7D52-D79D-4E78-94C4-626D622D2375} - C:\WINDOWS\system32\7c78.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [smss32.exe] C:\WINDOWS\system32\smss32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhereSphere] C:\Documents and Settings\Christopher Apostle\Application Data\WhereSphere\wheresphere.exe
O4 - HKCU\..\Run: [SfKg6wIPuS] C:\Documents and Settings\Christopher Apostle\Application Data\Microsoft\Windows\oulwsv.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Internet Security 2010] C:\Program Files\InternetSecurity2010\IS2010.exe (User 'Default user')
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Crawler Screensaver - {CDAFD956-97BE-443D-8EF7-F4F094EB5766} - C:\Program Files\Crawler\SSaver\CSSaver.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\helper32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\helper32.dll
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v46/shared/FunGamesLoader.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/US/install.cab
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.67.cab
O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} (Auctiva Image Uploader Control) - http://www.auctiva.com/Aurigma/ImageUploader55.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553557800} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.auctiva.com/hostedimages/activex/xupload/XUpload.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kwanzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwanzy\kwanzy131.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 9396 bytes
-
So now what????
-
If you have followed the directions listed here (http://www.computerhope.com/forum/index.php/topic,46313.0.html) and already ran Superantispyware and Malwarebytes you need to wait for a specialist to help you. You are severely infected. Everyone here are volunteers so it may take some time for a specialists to assist you.
-
Follwing the instructions in that post is what made my printer driver magically disappear, not once, but twice, so no, don't think I'll be doing that again.
-
Follwing the instructions in that post is what made my printer driver magically disappear, not once, but twice, so no, don't think I'll be doing that again.
you say:
I am not at all computer literate or whatever you want to call it
And yet you decide to strike out on your own. OK.
Oh, and harry_48 was actually wrong about the security programs; chances are they are actually rogue malware.
Enjoy!
-
Strike out on my own....whatever that means?!?!? I guess what I should have said is, I know enough about my computer to do what I need to do. When something goes wrong, I don't know much about how to fix it. I use my computer to go online, run my website and do basic things, surf the web, buy stuff on ebay, chat with friends on Facebook, etc....I can use Microsoft word and other very basic programs. That's about it. So, I'm sorry I'm not some computer genius that understands all of this. I guess that's what I thought these sites were for, to help those of us that don't know as much as others. But wow, the smart a*@ comments are about all that's coming out of this place today. Strike out on my own.....hmmmmm....guess I should have known better, I should have just sat around and waited for someone to do it all for me???
-
Strike out on my own....whatever that means?!?!? I guess what I should have said is, I know enough about my computer to do what I need to do. When something goes wrong, I don't know much about how to fix it. I use my computer to go online, run my website and do basic things, surf the web, buy stuff on ebay, chat with friends on Facebook, etc....I can use Microsoft word and other very basic programs. That's about it. So, I'm sorry I'm not some computer genius that understands all of this. I guess that's what I thought these sites were for, to help those of us that don't know as much as others. But wow, the smart a*@ comments are about all that's coming out of this place today. Strike out on my own.....hmmmmm....guess I should have known better, I should have just sat around and waited for someone to do it all for me???
What I posted came out wrong; didn't mean it quite the way it reads now, sorry.
basically (actually I posted something similar in your other thread)- the new symptoms aren't caused by the cleaning procedure steps; but rather because some of the malware has been removed. In the case of your printer driver it's possible the driver was infected, and the tool cleaned it (meaning it was deleted).
a Hijackthis log helps but I think the experts will need the other two logs to make sure. Personally I've found malwarebytes to be a very useful program. (have you run this yet?) If not I'd run it again, and post the log here. Concentrate on the infections first, and forget about the printer for now, or any of that sort of stuff. Once a expert thinks your good to go we can help you to install and try to fix the other issues that aren't related to malware.
-
I've been watching this post and I'm waiting for SAS and MBAM to be run and the logs posted before I begin. To simplify things I think I should lock the other post.
-
BC_Programmer ; quote
Oh, and harry_48 was actually wrong about the security programs; chances are they are actually rogue malware.
-------------------------------------------------------------------------
if you had read the op post and my reply , i meant if he did want to take all 3 security opp's out as he said , he can sit back and see what happen's to his pc ( see below)
all 3 serve a purpose and work well , but if you think that , take all 3 out and see what happen's
-
all 3 serve a purpose and work well , but if you think that , take all 3 out and see what happen's
depends what three we're talking about. But yes the three mentioned do fit your description.
The one that says to "run your anti-virus software" however, is not. and is likely part of a rogue malware program.
-
depends what three we're talking about. But yes the three mentioned do fit your description.
The one that says to "run your anti-virus software" however, is not. and is likely part of a rogue malware program.
i know that
this is what i meant ( below )
I have avast, Malwarebytes and Super Antispyware programs on my computer. I run them regularly, and like I've expressed here before, they do nothing. I still can't use google to search for anything unless I copy and paste the search results, which is kind of a pain, and shouldn't be happening. I tried fixing that by running all the security programs, and of course it didn't help. Which is why I don't like having these programs on my computer to begin with. They take up a ton of space and don't seem to serve any purpose.
if he wanted to take them out he will see what happens
-
What I was trying to say was, I run these programs all the time, but I don't understand what they do, so I misspoke, god forbid. I still have all these problems, and have to come here for help, so what purpose do they serve, is what I was trying to say. AGAIN, I do not know enough about computers to know if they are doing nothing or if they're doing something all the time. I was just simply expressing my opinion, which I've learned is not allowed here.
I'll post what I've done so far.
[Saving space, attachment deleted by admin]
-
ok mcummings36 , you have posted all 3 logs that an expert will want to see before he goe's any further
I was just simply expressing my opinion , which there is no problem but i was only pointing out you need them in the pc working for you
your anti-virus works all the time the pc is on and will up-date it's self
sas : you must up-date and run this yourself once a week
mbam : as above
your pc will be keep clean , harry
-
What about avast? I have that as well. Are the free programs ok, or is it worth it to purchase an upgraded or advanced version? My printer driver is fine for now, lostcoast on the chatroom helped me with that last night. I'm am totally willing, at this point, to purchase a better security program if needed. I just am not sure which is best, or if what I have is okay, and I'm maybe just not running them often enough. Thank you everyone who has replied with help. I don't mean to come across as rude or ungrateful, this stuff just freaks me out.
-
Hello mcumming36 and welcome to Computer Hope Forum. My name is Superdave but you can just call me SD. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
I apologize if things got off on the wrong foot in your request for help. As you can see SAS and MBAM certainly got rid of a lot of infections. Now, if you don't mind, I would like to have a fresh HJT log. Then we can start to clean what's left on your computer.
-
Thank you! I'll wait for you to tell me the next step!
-
I'll wait for you to tell me the next step!
I normally don't like to post once SuperDave is on the case, however to speed things up for you I will point out that SuperDave has requested that you run HijackThis again and post a new log.
I apologize if things got off on the wrong foot in your request for help. As you can see SAS and MBAM certainly got rid of a lot of infections. Now, if you don't mind, I would like to have a fresh HJT log. Then we can start to clean what's left on your computer.
-
Here is the newest hijackthis log, just ran it now.
[Saving space, attachment deleted by admin]
-
Thanks, cruisin.
It appears the the two previous scans got rid of a lot of infections. Just a few more things to do.
Download Disable/Remove Windows Messenger (http://www.majorgeeks.com/DisableRemove_Windows_Messenger_d2327.html) to the desktop to remove Windows Messenger.
Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.
Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.
Exit out of MessengerDisable then delete the two files that were put on the desktop.
----------------------------------------------------------------------------------
Open HijackThis and select Do a system scan only
Place a check mark next to the following entries: (if there)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - - (no file)
O3 - Toolbar: Mirar - {2CEB7D52-D79D-4E78-94C4-626D622D2375} - C:\WINDOWS\system32\7c78.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] \"C:\Program Files\Java\jre6\bin\jusched.exe\"
(Description: Sun Java update scheduler. Checks for updates. Not necessary. Removing this entry will free up a small amount of system resources.)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v46/shared/FunGamesLoader.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
Important: Close all open windows except for HijackThis and then click Fix checked.
----------------------------------------------------------------------------------------------------------
Download ComboFix by sUBs from one of the below links. Be sure to save it to the Desktop.
link # 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
link #2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.
Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link (http://www.bleepingcomputer.com/forums/topic114351.html) to see a list of security programs that should be disabled and how to disable them.
Vista users Right-click combofix.exe and select Run as Administrator and follow the prompts.
Double-click combofix.exe and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix log and a new HijackThis log in your next reply.
NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.
Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.
Once completed, exit HijackThis.
-
I went to the site to download whatever it is to remove windows messenger, but I don't know what to click on??? There are a bunch of different downloads there, but none say windows messenger? Which one is it?
-
I went to the site to download whatever it is to remove windows messenger, but I don't know what to click on??? There are a bunch of different downloads there, but none say windows messenger? Which one is it?
http://majorgeeks.com/downloadget.php?id=2327&file=1&evp=407844d9f4a1d230eda60d32e2d153e8
-
"Unzip the file on the desktop..."
Does that mean open and run the program, because tha's pretty much the only option it's giving me. I right clicked on it to see if there was an option to unzip, and there wasn't.
-
Does that mean open and run the program,
thats right just click it
-
I got an error message about ComboFix only or not being compatible with Windows XP? Now what? It downloaded to my desktop, but didn't run apparently.
-
I got an error message about ComboFix only or not being compatible with Windows XP? Now what? It downloaded to my desktop, but didn't run apparently.
does it look like This:
(http://i531.photobucket.com/albums/dd355/BC_Programming/cbfixsec.gif)
If so just tell it to Run the program. Otherwise, I have no idea what it is or what it's from; I just ran it successfully on my XP Virtual Machine and that box was all that appeared.
EDIT: it's also possible that malware is showing you this "not compatible" message. you could try renaming combofix to something else.
-
Hi mcummings. Does it look like what B C Programmer posted. If not, could you do a screen print and post it here in your next reply?
How to post screenshots or images (http://www.computerhope.com/forum/index.php/topic,61232.0.html)
-
I couldn't post a screenshot, I clicked out of it before I posted the last message. However, I believe the program ran anyway, as the blue/black box came up and it went through all the phases, rebooted, etc...do I need to post anything else? Thanks so much for helping me and for responding so quickly.
-
I couldn't post a screenshot, I clicked out of it before I posted the last message. However, I believe the program ran anyway, as the blue/black box came up and it went through all the phases, rebooted, etc...do I need to post anything else? Thanks so much for helping me and for responding so quickly.
When finished, ComboFix will produce a log for you.
Post the ComboFix log and a new HijackThis log in your next reply.
NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.
Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.
Once completed, exit HijackThis.
So- the Combofix log and a new hijackthis log. If you already closed the notepad window that displays the log, or it didn't appear for whatever reason, I believe Combofix saves it as C:\ComboFix.txt.
-
I attached the files to my last post? They aren't there, apparently...will try again. The hijack this log is the one I ran last night, or do I need to do it again after running combofix today?
[Saving space, attachment deleted by admin]
-
When finished, ComboFix will produce a log for you.
Post the ComboFix log and a new HijackThis log in your next reply.
-
The logs look good. There were a few problems but I'm quite sure they're fixed now. Let's do one more scan.
ESET Online Scan
Scan your computer with the ESET FREE Online Virus Scan (http://eset.com/onlinescan)
* Click the ESET Online Scanner button.
* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
* Click on the esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop
* Double click on the esetsmartinstaller_enu.exe icon on your desktop.
* Place a check mark next to YES, I accept the Terms of Use.
* Click the Start button.
* Accept any security warnings from your browser.
* Leave the check mark next to Remove found threats and place a check next to Scan archives.
* Click the Start button.
* ESET will then download updates, install, and begin scanning your computer. Please be patient as this can take some time.
* When the scan completes, click List of found threats.
* Next click Export to text file and save the file to your desktop using a name such as ESETScan. Include the contents of this report in your next reply.
* Click the <<Back button then click Finish.
In your next reply please include the ESET Online Scan Log
-
Now I can't print or scan anything again. I had to go back and download the driver, the full download instead of the basic, because I couldn't use my scanner without the full. So 2+ hours later, I installed the new driver, and now I can't do anything. It says that my printer isn't connected, when it is. It's one *censored* thing after another. Can you help me with this too?
-
Bc programmer:
I can read. I did post a new log.
-
Here's the ESET log.
[Saving space, attachment deleted by admin]
-
Bc programmer:
I can read. I did post a new log.
hey... you asked :P
-
Hi. Your ESET scan took out anything that was left. As for the printer, this is the first time I've seen anyone having problems with a printer after doing scans. Perhaps you should start another thread in the software or hardware forums to resolve this problem. If there are not other issues (other than the printer) it's time for some clean-up. You can uninstall HJT and ESET. You can keep SAS and MBAM, if you wish. Update them and run them every once in a while.
* Click START then RUN - Vista users press the Windows Key and the R keys for the Run box.
* Now type Combofix /uninstall in the runbox
* Make sure there's a space between Combofix and /Uninstall
* Then hit Enter
* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore Point.
-------------------------------------------------------------------------
Download OTC by OldTimer (http://oldtimer.geekstogo.com/OTC.exe) and save it to your desktop.
1. Double-click OTC to run it.
2. Click the CleanUp! button.
3. Select Yes when the "Begin cleanup Process?" prompt appears.
4. If you are prompted to Reboot during the cleanup, select Yes
5. OTC should delete itself once it finishes, if not delete it yourself.
-------------------------------------------------------------------------
Clean out your temporary internet files and temp files.
Download TFC by OldTimer (http://oldtimer.geekstogo.com/TFC.exe) to your desktop.
Double-click TFC.exe to run it.
Note: If you are running on Vista, right-click on the file and choose Run As Administrator
TFC will close all programs when run, so make sure you have saved all your work before you begin.
* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.
Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
---------------------------------------------------------------------------------
Looking over your log it seems you don't have any evidence of a third party firewall.
Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.
Remember only install ONE firewall
1) Comodo Personal Firewall (http://www.majorgeeks.com/Comodo_Personal_Firewall_d5033.html) (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor (http://www.majorgeeks.com/Online_Armor_Free_d4872.html)
3) Agnitum Outpost (http://www.majorgeeks.com/Outpost_Firewall_Free_d1056.html)
4) PC Tools Firewall Plus (http://www.majorgeeks.com/PC_Tools_Firewall_Plus_d5470.html)
If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
---------------------------------------------------------------------------------------
Use the Secunia Software Inspector (http://secunia.com/software_inspector) to check for out of date software.
•Click Start Now
•Check the box next to Enable thorough system inspection.
•Click Start
•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------
Go to Microsoft Windows Update (http://windowsupdate.microsoft.com/) and get all critical updates.
----------
I suggest using WOT - Web of Trust (http://www.mywot.com/). WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.
SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html)- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer (http://www.bleepingcomputer.com/forums/tutorial49.html) from Spyware and Malware
* If you don't know what ActiveX controls are, see here (http://www.webopedia.com/TERM/A/ActiveX_control.html)
Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. (http://www.safer-networking.org/en/spybotsd/index.html) Guide: Use Spybot's Immunize Feature (http://www.bleepingcomputer.com/tutorials/tutorial43.html#immunize) to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ (http://www.safer-networking.org/en/faq/index.html)
Check out Keeping Yourself Safe On The Web (http://evilfantasy.wordpress.com/2008/05/20/keeping-yourself-safe-on-the-web/) for tips and free tools to help keep you safe in the future.
Also see Slow Computer? It may not be Malware (http://evilfantasy.wordpress.com/2008/05/24/slow-computer-it-may-not-be-malware/) for free cleaning/maintenance tools to help keep your computer running smooth.
Safe Surfing!