Jump to content

Change Mode

pskelley

Trusted Malware Techs
  • Content Count

    1,759
  • Joined

  • Last visited

Everything posted by pskelley

  1. Thanks for returning your information. Please do not "quote" my instructions, it is a waste of space and the information is there if you wish to view it...thanks. The items AVG Anti-Spyware is locating are cookies: http://en.wikipedia.org/wiki/HTTP_cookie see this from the same site: http://en.wikipedia.org/wiki/HTTP_cookie#Tracking Cookies are part of the price for surfing the internet, you can either not go where they are placing them on your computer (most websites do use cookies) or you can block them, but be careful you don't block cookies needed for security (banking,passwards, et
  2. Welcome to the forum, I do not understnad what you mean by this: The first this you need to do is read this information:http://service1.symantec.com/SUPPORT/nav.n...000031316555206 "Microsoft recommends that you have only one anti-virus program installed on your computer." http://www.washingtonpost.com/wp-dyn/conte...5120300087.html Then choose what anti-virus program you want to use, uninstall the other one. Have you purchased either AVG anti-Spyware or Spysweeper. post that information. Follow the instructions in this link to run AVG Anti-Spyware, make sure you delete or at
  3. Resolved and closed. Thanks
  4. No response to this request since this date, assuming the issue is resolved and closing this topic. Thanks
  5. This topic is resolved and closed. Thanks
  6. This topic is resolved and closed. Thanks
  7. This topic is resolved and closed. Thanks
  8. Welcome to the forum, to help with with your investigations, here is the link to CastleCops: To your left in Security Central you will find the CLSID List. Scan the CLSID number and you get: NavErrRedir Class {5D60FF48-95BE-4956-B4C6-6BB168A70310} X BHO SH incfindbho.dll, INCFIN~1.DLL eUniverse IncrediFind adware or http://www.symantec.com/security_response/...-123115-0817-99 This item: O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file) is what we call an orphaned entry, the file has been remove by a security program rendering it harmless, and we usually
  9. Thanks for providing that information. Let me first say I can't really believe Trend Micro is suggesting you turn off the immunization feature in Spybot. I just checked my version and that feature has 15,794 Bad products blocked on my computer. If only Trend Micro could only do the same. I have a notion this is the problem: My computer runs slowly after installing Trend Micro PC-cillin Internet Security 2007 and not Spybot S&D! So if you are asking my personal opinion, I would say Trend Micro is the problem. There is no way I personally would turn off Spybot's immunization feature
  10. Welcome to the forums, always nice to know what steps you took to remove the problems, helps other folks. If you are no longer having malware problems, let's do this: Open HijackThis and choose "Do a system scan only" then check the box in front of these line items: (the Yahoo! Toolbar is missing a file and not working right if at all. If you use it, download it again) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file) Close all programs but HJT and all
  11. Thanks for returning your information, Blacklight is clean. Open the Trojan Hunter folder (probably defaulted to C:\Program Files\) and delete the junk in the quarantine folder. That's what it is supposed to do, that's what you pay them for:http://www.symantec.com/security_response/...-091612-5500-99 How is the computer running now, post a fresh HJT log. Thanks
  12. Here are links that might help. The computer does need to be clean of malware or problems will occur. I suggest you discuss the issues with Internet Explorer with a Microsoft tech to see what they say. Of course, I know what they will suggest. Update to SP2 and IE7, once you do that if you have issues with IE7 they give you a couple of free support calls: http://www.microsoft.com/windows/products/...y/ie/iefaq.mspx Consumers only: Support for Internet Explorer 7 is available via the phone based on your locale. Customers must be running Windows XP or Windows Vista in a non domain enviro
  13. You know I saw that item and scanned it, first time as far as I remember: http://www.shavlik.com/ <<< but the item looked valid. I run into a lot of weird sofware since these forums are global. I know in troubleshooting high CPU usage, eliminating items one by one usually identifies the culprint and I am glad you did not have to resort to that to find the problem. Here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online: http://forums.spybot.info/showthread.php?t=279 http://russelltexas.com/malware/allclear.htm htt
  14. As long as it looks ok to you. That is what I usually say, post it if you see anything you are unsure of. C:\Documents and Settings\Doug Radcliffe\Desktop\Hotline\Hotline Client 1.8.5.exe This a safe program? I can't find much information about it. If you are talking about multiple internet explorer's opening, I had this issue at one time and discussed it with Microsoft Support: http://support.microsoft.com/ The tech told me it was called "looping" and caused when we ask Internet Explorer to do something and then ask it to do something else before the first request has been completed
  15. Thanks for the feedback, I know nothing about Alcohol software and suggest you take those issues up with their support. http://support.alcohol-soft.com/en/ Make sure you click the Internet tab on your test results, there is information there you should view, I agree with what you have proposed thus far, many times malware is not the problem. Running the scan I posted the link to will not hurt either. If I can be of further assistance, please let me know. I will leave you link open for a bit in case you need it. Thanks...Phil
  16. Smitfraudfix reported NO infection...thanks for checking
  17. Thanks Doug, nothing showing there, not good to run the fix when the infection is not present, so we will use DelDomains to clean the "Trusted Zone" Take a look in Add Remove Programs to make sure SpySheriff is not there, in fact let me look at the uninstall list if you would: Open Hijackthis. Click the "Open the Misc Tools" section Button. Click the "Open Uninstall Manager" Button. Click the "Save list..." Button. Save it to your desktop. Copy and paste the contents into your reply. See this: http://forums.spybot.info/showpost.php?p=1...amp;postcount=2 C:\Program Files\Java\jr
  18. Welcome to the forum, you are infected but because you said SpySheriff and that usually indicates a hidden Smitfraud Infection, we need to check for it first. I am going to suggest you keep this computer offline as much as possible until you are clean. This junk will download more, especially since they have gained access to your computer via your "Trusted Zone" http://siri.geekstogo.com/SmitfraudFix.php <<< download and tutorial Follow ONLY these directions: Search: Double-click SmitfraudFix.exe Select 1 and hit Enter to create a report of the infected files. The report
  19. Welcome to the forum, let me first say that I see nothing in the HJT log to suggest this is a malware issue. I do not recognize some of your programs, but none look like malware. I can tell you that I see many programs that will be accessing the internet and this is normal. What are you running for a firewall? The activity log should show what is accessing the net and when. Since you are reporting a "sluggish" computer, take a look at this information to help you address that: http://users.telenet.be/bluepatchy/miekiem...owcomputer.html If you have not done so, or not done so recently
  20. Welcome to the forum, let me first say that I see nothing in the HJT log to suggest this is a malware issue. There are many reasons why this can occur. I suggest you look at this link first: http://kadaitcha.cx/high_cpu.html to see if something there helps you. Here is the google: http://www.google.com/search?sourceid=navc...+high+CPU+usage I also suggest a diagnostic: http://www.pcpitstop.com/ and I would appreciate a link to the results, I may spot something. If you have any reason to suspect hidden malware may be at work, please post information about that, especially any er
  21. Welcome to the forum, Let's remove a couple of items and one Downloaded Program File that I can't identify. If it is valid you will be prompted to download it again when you next visit the site. Please download ATF Cleaner by Atribune http://www.atribune.org/content/view/25/2/ Save it to your Desktop. We will use this later. Open HijackThis and choose "Do a system scan only" then check the box in front of these line items: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm R0 - HKLM\Software\Microsoft\Internet E
  22. This topic appears to have been resolved and will be closed. Thanks...pskelley PCPitStop forum http://pcpitstop.com/about/supportus.asp If you are reading this information...thank a teacher, If you are reading it in English...thank a soldier.
  23. The only thing I see in this HJT log is this: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe A good program, but if you do not own it and the trial period is past, it is just wasting your resources. Have you run a recent diagnostic? http://www.pcpitstop.com/ Look here for slow computers http://users.telenet.be/bluepatchy/miekiem...owcomputer.html http://www.microsoft.com/windows/IE/commun...s/IEtopten.mspx http://vlaurie.com/computers2/Articles/runbetter.htm http://www.linkgrinder.com/tutorials/10_Ea...rs_article.html http://www.techbuilder.org/recipes/59201471 Her
  24. Please read and follow the directions carefully. This looks like more aol Viewpoint junk:C:\Program Files\Viewpoint\Common\ViewpointService.exe If you don't use it and know what it is, I would uninstall it also. 1) Your Java program is outdates and a security risk, see this information: http://forums.spybot.info/showpost.php?p=1...amp;postcount=2 C:\Program Files\Java\jre1.5.0_06\ <<< out of dateDownload the newest version and uninstall all old version in Add Remove Programs. 2) How to make files and folders visible: Click Start > Open My Computer. Select the Tools
×
×
  • Create New...