Matt

A sound driver file was in your temp folder? Why would it be there?

Hey Liz. Cold Stone ice cream.. i have to song as I work

Hey mac. I really wish that you didn't feel that you "ruined" any part of the forum, because that just isn't true. I don't think anyone thinks any differently of you for anything you've done, we just all miss you being around to goof around with. All of us mods have made mistakes and hit road blocks (whether publicly or privately) over these months and thats just 'cause we're new at it. It is right that Chappy has been worried about over modding, but really I'm probably more guilty of that than you are. You needn't feel you did anything wrong to BT, and I don't believe anyone has been dri

Hey TT75. I've never heard that before. Can you give me an example? I would think that if an AV were to put any file in a temp folder, it can't be too important. The companies know that people empty them regularly, either manually or with a tool. I would assume that any file an AV places in a Temp folder is not of great importance, and the AV can replace it if deleted.

There are many tools that automate the deletion of temp folder contents. My personal favorite is ATF-Cleaner

Inactive topic... If you still need help on this problem, contact me or one of the Moderators to re-open this up. Topic closed.

Hi shanenin. I moved this to spyware/adware information as (if I understand what youre asking) you just want some general information on this infection. Winfixer/Virtumonde/Msevents/Trojan.vundo can be recognized by a randome named file in the O2 and O20 lines of HJT. The file will have the same name in both entries. In the HJT log you posted, it is this entry: O20 - Winlogon Notify: jkhhe - C:\WINDOWS\system32\jkhhe.dll (file missing) However, it would be slightly hard to diagnose as the files are missing (an anti-spyware tool proably did this), AND the O2 line is missing. Sometimes, you

Hi shanenin, I did not mean to imply that help and conversation wouldn't be allowed, I just was informing you that HJT logs can't be analyzed for commercial purposes. Many forums have had issues where users would post new logs many times a week; and it turned out they were taking advantage of the forums for their own personal gain. I wouldn't imply that you were doing this, just threw it out there. As for what Dragon said, I agree, going through a malware training program would really benifit you and your business. If I might suggest one I'd say GeekstoGo's GeekU is a very good program. S

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Glad to see you got everything under control!

There are tools specially designed to get rid of WinFixer. Google may be your friend there. However, the authors of the tools may or may not allow their use commercially. As for BT, we would not be able to assist in a HJT log coming from your customer: From the ToU:

Alright, if you can get KAV to run, that'd be great

I just do not like all the things it disables after thirty days if you do not buy it. Kind of leaves you with a false sense of its capabilities after you get used to them , and they silently dissappear. Most users would never notice them go missing and that is a ba Snapfiles search lists several http://www.iopus.com/guides/free-firewall.htm http://www.agnitum.com/products/outpostfree/download.php This is true. But even after the 30 days, the free firewall is very good. Even though certain features creep away without notice, the firewall still functions very well. I actually didn't like it

Wow, looks like AdAware found a lot. We're going to kill those three files found by avast just to be sure that infection is gone. From its showing, the PC is looking better. Please download the Killbox by Option^Explicit. Note: In the event you already have Killbox, this is a new version that I need you to download. Save it to your desktop. Please double-click Killbox.exe to run it. Select: Delete on Reboot then Click on the All Files button. [*]Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and ch

If all you can get is Avast to run, post the log it generates. (I'm not sure if it gives you the ability to save a log, but if it does, please post that). Good Luck Matt

Happy Birthday CTS.

Not too much left on here. Scan with HJT and place a check next to the following items: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com O16 - DPF: {45231111-1111-1111-1111-111111113458} - file://C:\WINDOWS\Tempor~1\Content.IE5\WWQGV3EE\epl169[1].cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...tup1.0.0.15.cab Then, make sure all broswer windows and other applications are running, and click the Fix Checked button. If y

In firefox go to Tools > Options > Downloads > Views & Edit Actions Find MPEG. Click Change Action. Select "Use this Plugin" Quicktime or Similar pluging should be available. Then it should play in the browser using that plugin.

Yes, the end of Sygate is what brought me to Kerio. I had Sygate for about 2 months (after finally getting rid of McAfee) and then it was bought my Symantec. So, I switched to Kerio. Fortunately, after Kerio was bought by Sunbelt, they continued to support the free firewall.

Inactive topic... If you still need help on this problem, contact me or one of the Moderators to re-open this up. Topic closed.

Dragon shows in this post, just how much of a hog McAfee really is. Using HJT, you can clearly see how many things it has running.

Yes

If the firewall in windows xp sp2 blocks any outgoing traffic, its limited. http://www.microsoft.com/technet/prodtechn...et/default.mspx You can configure IPSec to add a layer of protection. Its still easier and safe to use a third party firewall (or a hardware router would be your best bet.)

The windows firewall is better than none, but it isn't the greatest. It only catches inbound activity. So, if say, you had a trojan or other malware on your pc that was sending packets out (for example, your pc was compromised and being used in a DDOS attack) the windows firewall wouldn't catch it. I reccomend the Kerio Personal Firewall. It is free (even though it doesn't look like it on the site) and very good. Matt

Ok - We've found a sort of "band-aid" solution. We discovered that while working on the presentation, all the images are fine. We also found we can save, close, and re-open it, and the presentation is still fine. The problem lies only when the computer has been shut down, and then booted up again. After a restart, the random Xes appear. So, what we have decided to do, at least until we start replacing the images, is to work on the presentation, and not to turn off the computer. Then, once it is finished, we will burn the "clean" copy of it to a disc. That way, the read only disc will ne