Marcus

Members
 View Profile  See their activity

  • Content Count

    24

  • Joined

  • Last visited

 Content Type 

Posts posted by Marcus

  4. Windows Host File[s]

    in Windows 10, 8, 7, Vista, and XP

    Posted

    I have Microsoft AntiSpyware, and I noticed I have ALOT of "unwanted" sites on my log. I clicked permanently remove host. [And] I tried that already but it still did not remove or block the host.

    Examples: [600pics.com, besthardcore.net, lust-mature.com, sexpics.biz, etc........]

    600pics.com

    IP Address: 127.0.0.1

    Status: Active

    The host, 600pics.com , is mapped to your local loopback address. A local loopback address is a special Internet address, 127.0.0.1, defined by the Internet Protocol. A host can use local the loopback address to send messages to itself. This means that any web browsing to the host 600pics.com will actually be redirected to your computer.

    What program do I need to remove this? Or how do I permanently remove these hosts?

    How do I remove the Destination Address or IP Address 127.0.0.1 [from my computer?]

    Please help.

    Thats not a log, and the way it reads is the proper way for that type of web site.

    What happens is that your browser checks the hosts file every time you try to access a web page, and if it finds an entry in there for that web site, it follows the addressing thats contained in the hosts file.

    127.0.0.1 is basically YOUR computer, so anytime your browser tries to access a site thats listed in your hosts file with that 127.0.0.1 loopback IP address, you'll be denied access to that site. This is done on purpose to protect you from those nasty sites that are known to silently install unwanted software on your machine, so you WANT to keep all those entries as is.

    You do NOT want to remove 127.0.0.1 as the destination address, nor remove any entry that uses that address!!

    Thanks, I finally took care of this problem.

  5. Help! Laptop Is Running Slow!

    in Windows 10, 8, 7, Vista, and XP

    Posted

    Never use MSConfig to disable startup programs no matter what others have recommended. MSConfig is for troubleshooting purposes only. If you use it to disable startups and then run the program, you may cause what is known as a "memory leak" which does all sorts of strange things to your system. And disabling programs and services with it can get you into trouble that only a repair install can get you out of. Please note the warning found on the Microsoft site concerning MSConfig.. Instead, use one of the following startup managers.

    What does mean?

    Because this popped up on my screen last week, and eversince my laptop has been running SLOW.

    Er.. what you quoted is an exact quote from the Commonly Recommended Software, Links, And Tips thread. I find it hard to believe that that pooped up on your system...

    Even still, with a slow running system, I'd post a log in the HJT area..

    Matt

    Noooo..........this quote didn't pop up. This popped up: "?npsbd" or something like that

  6. Permanently Remove Host[s]

    in Malware Removal

    Posted

    hijackthis log:

    Logfile of HijackThis v1.99.1

    Scan saved at 8:33:20 PM, on 2/20/2006

    Platform: Windows 2000 SP4 (WinNT 5.00.2195)

    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:

    C:\WINNT\System32\smss.exe

    C:\WINNT\system32\winlogon.exe

    C:\WINNT\system32\services.exe

    C:\WINNT\system32\lsass.exe

    C:\WINNT\system32\svchost.exe

    C:\WINNT\System32\svchost.exe

    C:\WINNT\system32\spoolsv.exe

    C:\Program Files\AMD\PowerNow!\GemServ.exe

    C:\Program Files\AMD\PowerNow!\gemback.exe

    C:\WINNT\system32\regsvc.exe

    C:\WINNT\system32\MSTask.exe

    C:\WINNT\System32\WBEM\WinMgmt.exe

    C:\WINNT\System32\mspmspsv.exe

    C:\WINNT\system32\svchost.exe

    C:\WINNT\Explorer.EXE

    C:\WINNT\system32\carpserv.exe

    C:\PROGRA~1\SwiftBtn\SwiftBtn.EXE

    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Motive\AsstCommon\motmon.exe

    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe

    C:\Program Files\Linksys\WUSB11 v25 Config Utility\WUSB11Cfg.exe

    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe

    C:\Program Files\WLAN\WLAN\wlanutil.exe

    C:\HijackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx

    O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

    O4 - HKLM\..\Run: [CARPService] carpserv.exe

    O4 - HKLM\..\Run: [QT4StBtn] C:\PROGRA~1\SwiftBtn\SwiftBtn.EXE

    O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

    O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\AsstCommon\motmon.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

    O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WUSB11 v25 Config Utility\WUSB11Cfg.exe

    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1136869218214

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1139290816122

    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

    O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll

    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

    O23 - Service: AMD PowerNow! Technology Service (GemServ) - Advanced Micro Devices - C:\Program Files\AMD\PowerNow!\GemServ.exe

    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

  7. Permanently Remove Host[s]

    in Malware Removal

    Posted

    ActiveScan Report:

    Incident Status Location

    Dialer:Dialer.B Not disinfected C:\Program Files\Linksys\WUSB11 v25 Config Utility\WUSB11Cfg.exe

    Adware:adware program Not disinfected C:\WINNT\ss3unstl.exe

    Adware:adware/zipclix Not disinfected Windows Registry

    Spyware:Cookie/go Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@go[1].txt

    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt

    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[2].txt

    Spyware:Cookie/go Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@go[1].txt

    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt

    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[2].txt

    Adware:Adware/Comet Not disinfected C:\Documents and Settings\Administrator.bak\Local Settings\Temp\unpack\CC_43.inf

    Dialer:Dialer.B Not disinfected C:\Program Files\Linksys\WUSB11 v25 Config Utility\WUSB11Cfg.exe

  8. Permanently Remove Host[s]

    in Malware Removal

    Posted

    Your log is clean, so you most likely have no malicous lines in your host file. However, to restore your Host file back to its original settings, follow these steps:

    Download the Hoster Here

    Please do not use program yet

    Unzip Hoster to your desktop

    Open up the Hoster program.

    • Make sure that the "make hosts writable?" button in the upper right corner is enabled.
    • Click back up Host files
    • then click Restore orginal host files
    • close program

    If you are still having problems, please post back with a new HJT log.

    Thanks.I cleaned out my host log. But my computer is still moving slow. Here's my results from

    bandwith.com:

    Connection Capacity Time

    33.6 K (Modem) 33,600 bps

    56 K (Modem) 56,000 bps

    64 K (DS-0) 64,000 bps

    128 K (ISDN) 128,000 bps

    256 K (DSL) 256,000 bps

    Your Connection 291,966.22 bps <----This is where I am now.

    640 K (DSL/Cable) 640,000 bps

    768 K (DSL/Cable) 768,000 bps

    T1, DS-1 1.544 Mbps <----But I'm usually here.

    T3, DS-3 44.736 Mbps

    OC-1 51.840 Mbps

    OC-3 155.520 Mbps

    OC-12 622.080 Mbps

    OC-48 2.488 Gbps

    OC-192 10 Gbps

  9. Permanently Remove Host[s]

    in Malware Removal

    Posted

    How do I permanently remove host from my Windows Hosts File?

    I have a lot of "unwanted" hosts that I want to remove permanently.

    Please Help

    hijackthis log:

    Logfile of HijackThis v1.99.1

    Scan saved at 4:00:49 PM, on 2/20/2006

    Platform: Windows 2000 SP4 (WinNT 5.00.2195)

    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:

    C:\WINNT\System32\smss.exe

    C:\WINNT\system32\winlogon.exe

    C:\WINNT\system32\services.exe

    C:\WINNT\system32\lsass.exe

    C:\WINNT\system32\svchost.exe

    C:\WINNT\System32\svchost.exe

    C:\WINNT\system32\spoolsv.exe

    C:\Program Files\AMD\PowerNow!\GemServ.exe

    C:\Program Files\AMD\PowerNow!\gemback.exe

    C:\WINNT\system32\regsvc.exe

    C:\WINNT\system32\MSTask.exe

    C:\WINNT\System32\WBEM\WinMgmt.exe

    C:\WINNT\System32\mspmspsv.exe

    C:\WINNT\system32\svchost.exe

    C:\WINNT\Explorer.EXE

    C:\WINNT\system32\carpserv.exe

    C:\PROGRA~1\SwiftBtn\SwiftBtn.EXE

    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\Motive\AsstCommon\motmon.exe

    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe

    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe

    C:\Program Files\Linksys\WUSB11 v25 Config Utility\WUSB11Cfg.exe

    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe

    C:\Program Files\WLAN\WLAN\wlanutil.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe

    C:\HijackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

    O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

    O4 - HKLM\..\Run: [CARPService] carpserv.exe

    O4 - HKLM\..\Run: [QT4StBtn] C:\PROGRA~1\SwiftBtn\SwiftBtn.EXE

    O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

    O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\AsstCommon\motmon.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WUSB11 v25 Config Utility\WUSB11Cfg.exe

    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1136869218214

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1139290816122

    O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll

    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

    O23 - Service: AMD PowerNow! Technology Service (GemServ) - Advanced Micro Devices - C:\Program Files\AMD\PowerNow!\GemServ.exe

    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

  10. Windows Host File[s]

    in Windows 10, 8, 7, Vista, and XP

    Posted

    I have Microsoft AntiSpyware, and I noticed I have ALOT of "unwanted" sites on my log. I clicked permanently remove host. [And] I tried that already but it still did not remove or block the host.

    Examples: [600pics.com, besthardcore.net, lust-mature.com, sexpics.biz, etc........]

    600pics.com

    IP Address: 127.0.0.1

    Status: Active

    The host, 600pics.com , is mapped to your local loopback address. A local loopback address is a special Internet address, 127.0.0.1, defined by the Internet Protocol. A host can use local the loopback address to send messages to itself. This means that any web browsing to the host 600pics.com will actually be redirected to your computer.

    What program do I need to remove this? Or how do I permanently remove these hosts?

    How do I remove the Destination Address or IP Address 127.0.0.1 [from my computer?]

    Please help.

  12. Help! Laptop Is Running Slow!

    in Windows 10, 8, 7, Vista, and XP

    Posted

    Never use MSConfig to disable startup programs no matter what others have recommended. MSConfig is for troubleshooting purposes only. If you use it to disable startups and then run the program, you may cause what is known as a "memory leak" which does all sorts of strange things to your system.  And disabling programs and services with it can get you into trouble that only a repair install can get you out of.  Please note the warning found on the Microsoft site concerning MSConfig.. Instead, use one of the following startup managers.

    What does   mean?

    Because this popped up on my screen last week, and eversince my laptop has been running SLOW.