Andro1d
-
Content Count
737 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by Andro1d
-
-
Hey Brian,
Not much man, just been tryin to keep up with school. I did a few quick scans for malware, but haven't had the time to go in delpth with them yet. I think I might have to though.
Hey Pete_C,
I tried your advice along with the M$ article with no luck.
Hey shanenin,
Unfortunately the answer is no to both of your questions. I also have tried your other suggestions. Yes, that is exactly what I mean when I say I can't afford to reinstall Windows.
-
Well I am compeltely stumped with my laptop. It all started about two weeks ago when I couldn't connect to my school email address. I noticed it required a secure connection and I then realized I couldn't access any https sites. I took it to the tech support at my school and they told me to re install Windows, and I can't afford to do that. Its a Toshiba running Windows 7 HP 64bit. I used to be able to connect just fine, and it just randomly stopped connecting one day. I can connect fine from other computers, just not mine. Any help is really appreciated.
-
Yeah I tried another monitor and had the same thing. I do have an update though, I decided to try the new card one more time, so I re seated it and what do you know it is working right now. I don't trust this computer very well, its about 6 years old and its gone through its thing with issues. Memtest and WD Data Lifeguard Diagnostic came up empty.
-
Im set!
-
It turns out that your nosey neighbor isn't the only one interested in that cache of 100 million Facebook profiles that showed up on torrent trackers. Some major companies that you do business with are getting the package as well. By connecting to the torrent and recording IP addresses that are also in the swarm, some have noticed the extent of interest here.
Among the companies seen downloading the data are Apple, Boeing, Church of Scientology, Disney, Intel, Pepsi Cola, Sony, and Viacom. It is worth noting that the mere fact that connections from these companies are present, does not mean this is a sanctioned action. All it means is that someone inside the company is downloading it. But our experience with corporate IT leads us be suspect Pepsi and Disney aren't in the habit of allowing employees to go around downloading torrents on their own.
-
How do you like them and how do they sound? I have read alot of good reviews about them.
-
Update: I put in a known working graphics card, and I am still getting nothing. Can we now say it is a bad PCI-E slot on the mobo?
-
So lately my parents PC monitor has been randomly not been turning on. My workaround fix is to take it into another room, plug it in to the power cable in that room, and then it magically turns on. It has been a normal thing now every few days for about a week or so. Anyways, happened again this morning, I did the usual fix, but still no signal. I made sure everything was plugged in, and even tried the other port on the GFX card; still nothing. I get out a brand new DVI cable I have, and try both ports, still nothing. I took out the card and re seated it, still nothing. I took the computer to a current working monitor, and still nothing. It was working fine last night, and wasn't this morning.
The card seems to power up just fine, fan spins and everything. I was thinking it was a bad port on th card, but I think it is kinda strange that they would both just go out in one night.
The mobo has no onboard GFX and I don't have an extra spare card to try in its place at the moment.
Any ideas?
-
Great to see BT back online!!!
-
Hi,
Please register (it's free, don't worry) with PCPitStop and run the full tests here. When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me.
-
Hi,
When you try to play video clips in what?
-
How is everything running?
-
Hi,
Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
- Doubleclick the drweb-cureit.exe file and Allow to run the express scan
- This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
- Once the short scan has finished, mark the drives that you want to scan.
- Select all drives. A red dot shows which drives have been chosen.
- Click the green arrow at the right, and the scan will start.
- Click 'Yes to all' if it asks if you want to cure/move the file.
- When the scan has finished, in the menu, click file and choose save report list
- Save the report to your desktop. The report will be called DrWeb.csv
- Close Dr.Web Cureit.
- Doubleclick the drweb-cureit.exe file and Allow to run the express scan
-
Hi,
Lets try a different scan then.
Please go HERE to run Panda ActiveScan 2.0
- Click the big green Scan now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
- Once the scan is completed, please hit the notepad icon next to the text Export to:
- Save it to a convenient location such as your Desktop
- Post the contents of the ActiveScan.txt in your next reply
- Click the big green Scan now button
-
Inactive topic...
If you still need help on this problem, contact me or one of the Moderators to re-open this up.
Topic closed.
-
Hi,
Lets run an F-Secure online scan for Viruses, Spyware and RootKits:
- Go to http://support.f-secure.com/enu/home/ols.shtml
- Scroll to the bottom of the page and click the Start scanning button. A window will pop up.
- Allow the Active X control to be installed on your computer, then click the Accept button
- Click Full System Scan and allow the components to download and the scan to complete.
- If malware is found, check Submit samples to F-Secure then select Automatic cleaning
- When cleaning has finitished, click Show report (this will open an Internet Explorer window containing the report)
- Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) in a new reply to this post
If Automatic cleaning with Submit samples hangs, click Cancel, then New Scan
- When the cleaning option is presented, Uncheck Submit samples to F-Secure
- Click Automatic cleaning
- When cleaning has finitished, click Show report (this will open an Internet Explorer window containing the report)
- Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) in a new reply to this post
Notes:
- This scan will only work with Internet Explorer
- You must have administrator rights to run this scan
- This scan can take several hours, so please be patient
- Go to http://support.f-secure.com/enu/home/ols.shtml
-
Hello again,
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the quotebox below into it:
KillAll::File::
C:\4B.tmp
C:\4A.tmp
C:\49.tmp
C:\48.tmp
C:\12.tmp
C:\47.tmp
C:\46.tmp
C:\45.tmp
C:\44.tmp
C:\3E.tmp
C:\43.tmp
C:\42.tmp
C:\41.tmp
C:\40.tmp
C:\3F.tmp
C:\3A.tmp
C:\3D.tmp
C:\3C.tmp
C:\3B.tmp
C:\2B.tmp
C:\1D.tmp
C:\1C.tmp
C:\1B.tmp
C:\1A.tmp
C:\19.tmp
C:\18.tmp
C:\17.tmp
C:\16.tmp
C:\15.tmp
C:\14.tmp
C:\13.tmp
C:\10.tmp
C:\11.tmp
C:\F.tmp
C:\A.tmp
C:\9.tmp
C:\8.tmp
C:\7.tmp
C:\6.tmp
C:\5.tmp
C:\4.tmp
C:\3.tmp
C:\E.tmp
C:\D.tmp
C:\C.tmp
C:\B.tmp
c:\windows\system32\2D.tmp
cc:\windows\system32\2C.tmp
c:\windows\system32\2A.tmp
c:\windows\system32\28.tmp
c:\windows\system32\27.tmp
c:\windows\system32\26.tmp
c:\windows\system32\25.tmp
c:\windows\system32\23.tmp
c:\windows\system32\22.tmp
c:\windows\system32\21.tmp
c:\windows\system32\20.tmp
c:\windows\system32\1F.tmp
c:\windows\system32\1E.tmp
c:\windows\system32\1D.tmp
c:\windows\system32\1C.tmp
c:\windows\system32\1B.tmp
c:\windows\system32\1A.tmp
c:\windows\system32\19.tmp
c:\windows\system32\18.tmp
c:\windows\system32\17.tmp
c:\windows\system32\16.tmp
c:\windows\system32\15.tmp
c:\windows\system32\14.tmp
c:\windows\system32\13.tmp
c:\windows\system32\12.tmp
c:\windows\system32\11.tmp
c:\windows\system32\10.tmp
c:\windows\system32\nuvameje.dll.vir
c:\windows\iun6002.exe
c:\windows\system32\vbzip10.dll
Rootkit::
C:\WINDOWS\system32\ntos.exe
Save this as CFScript.txt, in the same location as ComboFix.exe
Refering to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt which I shall require in your next reply.
-
As long as they are both 802.11g for example, they will work. Same foes for a, n, etc.
-
Please download this file - combofix.exe by sUBs
- Save it to your Desktop
- Please, never rename Combofix unless instructed.
- Now physically disconnect from the internet and STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields)
- Click on your START button and choose Run. Then copy/paste the entire content of the following quotebox (Including the "" marks and the Symbols) into the run box."%userprofile%\desktop\ComboFix.exe" /KillAll
- Click OK and this will start ComboFix in a special way.
- When finished, it will produce a log. Please save that log to a Notepad File to post in your next reply along with a fresh HJT log.
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
* After you have saved the logs, restart your system to re-enable all the programs that were disabled during the running of ComboFix.
* Reconnect to the internet
* Post the following logs/Reports:
- ComboFix.txt
- Fresh HijackThis log run after all the other tools have performed their cleanup.
- Save it to your Desktop
-
Please post one more HJT log.
-
Hi again,
Please re-open HijackThis and scan. Check the boxes next to all the entries listed below.
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: C:\WINDOWS\system32\sdrgfcvbf.dll - {C2BA40A1-74F3-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\sdrgfcvbf.dll (file missing)
O4 - HKCU\..\Run: [nidle] "C:\Documents and Settings\Owner\Application Data\nidle\nidle.exe"
O4 - HKCU\..\Run: [igfxSys] rundll32.exe "C:\Documents and Settings\Owner\Application Data\Messenger\Drivers\IgfxSys.dll",StartProtector
O4 - HKCU\..\Run: [Diagnostic Manager] C:\DOCUME~1\Owner\LOCALS~1\Temp\570833324.exe
O4 - HKUS\S-1-5-18\..\Run: [] C:\WINDOWS\TEMP\j1icns6s.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows Resurections] C:\WINDOWS\TEMP\j1icns6s.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Diagnostic Manager] C:\WINDOWS\TEMP\1604645086.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [uidenhiufgsduiazghs] C:\WINDOWS\TEMP\mvtmymxi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] C:\WINDOWS\TEMP\j1icns6s.exe (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O22 - SharedTaskScheduler: jso8joigm409gopgmrlgd - {B2BA40A2-74F0-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\kjsdiowq8oikf.dll (file missing)
O22 - SharedTaskScheduler: sdfsefsfdvdubgiungfuyd - {C2BA40A1-74F3-42BD-F434-12345A2C8953} - C:\WINDOWS\system32\sdrgfcvbf.dll (file missing)
Now close all windows other than Hijackthis, then click Fix Checked. Close HijackThis.
Then
- Please double-click OTMoveIt3.exe to run it.
- Copy the fix below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
:processes
explorer.exe
:files
C:\WINDOWS\system32\ntos.exe
C:\WINDOWS\system32\sdrgfcvbf.dll
C:\Documents and Settings\Owner\Application Data\nidle
C:\Documents and Settings\Owner\Application Data\Messenger\Drivers\IgfxSys.dll
C:\DOCUME~1\Owner\LOCALS~1\Temp\570833324.exe
C:\WINDOWS\TEMP\j1icns6s.exe
C:\WINDOWS\TEMP\1604645086.exe
C:\WINDOWS\TEMP\mvtmymxi.exe
C:\WINDOWS\system32\kjsdiowq8oikf.dll (file missing)
C:\WINDOWS\system32\sdrgfcvbf.dll
:commands
[purity]
[emptytemp]
[start explorer] - Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
- Click the red Moveit! button.
- A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
- Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
- Please double-click OTMoveIt3.exe to run it.
-
Personaly, I am Intel and ATI all the way. Thats the reason I posted what I did.
For storage, I upgraded from a 7,200 RPM drive to a 10,000 RPM drive and I noticed a huge speed improvement. I was really happy that I did.
For the sound card, I noticed that abit later after I have posted it. I am not the most familiar with sound cards, I have always used on board due to money restrictions.
For all of my builds, I always go red(ATI), white(Intel), and blue(Gigabyte) as I say. Everyone has their personal preferences, and those happen to be mine.
-
Please post a new HJT log.
-
Hi again,
Please download the OTMoveIt3 by OldTimer.
- Save it to your desktop.
- Please double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
- Copy the fix below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
:processes
explorer.exe
:registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\nidle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\IgfxSys
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DigiFast
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Diagnostic Manager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{B2BA40A2-74F0-42BD-F434-12345A2C8953}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{C2BA40A1-74F3-42BD-F434-12345A2C8953}
:files
C:\WINDOWS\system32\ntos.exe
C:\WINDOWS\SoftwareDistribution\Download\351c39c58af1240d8e8a02f54010533a\BIT32.tmp
C:\WINDOWS\SoftwareDistribution\Download\5addd6f775e0368f244f62c739d66dd4\BIT58.tmp
C:\WINDOWS\SoftwareDistribution\Download\7ab777f7de3e6e633438f06ba30269aa\BIT46.tmp
C:\WINDOWS\temp\d4dhv2gu.exe
C:\WINDOWS\temp\j1icns6s.exe
C:\WINDOWS\temp\kscs4o5ayb.exe
C:\WINDOWS\temp\ml2i872r.exe
C:\WINDOWS\temp\mvtmymxi.exe
C:\WINDOWS\temp\ur40dz.exe
C:\Documents and Settings\Owner\Application Data\nidle
C:\WINDOWS\system32\wsnpoem
C:\Documents and Settings\Owner\Application Data\digifast
C:\WINDOWS\system32\kjsdiowq8oikf.dll
C:\Documents and Settings\Owner\Application Data\Messenger\Drivers\IgfxSys.dll
C:\WINDOWS\system32\sdrgfcvbf.dll
C:\WINDOWS\system32\kjsdiowq8oikf.dl
:commands
[purity]
[emptytemp]
[start explorer] - Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
- Click the red Moveit! button.
- A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
- Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
- Save it to your desktop.
Can't access https sites
in Windows 10, 8, 7, Vista, and XP
Posted
My room mate ended up getting some outside malware removal assistance and clearing the hosts appeared to work. Not sure why I did not think of that.
Thanks for your help though!