steve1368
-
Posts
80 -
Joined
-
Last visited
Posts posted by steve1368
-
-
When you said you got 4 trojans, was that from installing Limewire or downloading a file from it? Just curious becuase Limewire has only shown positives results for me.
When downloading...maybe I was just unlucky.
-
I used Kazaa Lite b4, removed it as per advise from this forum.
Tried Limewire, didn't like it ...and 4 trojans intruded my pc.
Fortunately able to remove it.
Thought of trying WinMx, but I stumbled upon "Usenet".
There are paid usenet & I believe also free usenet.
Does anyone know about usenet?
Are they better, safer then P2P(like WinMx)?
Thanks
-
I've used AVG 6 then 7 for quite sometime ( had norton b4).
Came to this forum read about Avast av.
Lee16 & others recommended Avast. Removed AVG 7, gave Avast a try &.....I love it. Its much better then AVG. It has no update problems like AVG ( sometimes it cannot be updated due to whatever ???)
I'm not a techy, but as a layman, I feel Avast is much better av.
Give a try. You might like it.
Steve.
P/S - U want technical info about avast , do a search in this forum , you'll get the infos from experts over here.
-
The registry "fragmentation" that most people talk about is one of two things:
1) The hive files themselves which can become fragmented on the disk (use Raxco Perfectdisk or Pagedefrag above or something)
2) The hive files contain keys that were deleted but have not been purged yet (just like Win9x -- use NTREGOPT for this)
Can I presume that I shud run Pagedefrag at startup, then later run NTREGOPT.
Is this the best way to do it??
Thanks
-
You must be joking gunner, but I'm still cool about your statement. I'm learning about computers as much as I can....I don't sell any computers or motherboards,
in fact I work in a shipping company. LOL
lol gunner. motherboard manufacturers don't spam like that.steve1368: This may sound weird, but are you helping someone named Mordred [the impaler]? o_O
Sorry DJ Lizard, I don't know "Mordred" , I'm actually checking for my wife{yes that someone I know
} who is getting a cpu, which earlier suppose to come with Asus m/board, now it is going to come with MSI m/board.......so I was curious becos my pc has Asus, and I thought it was the best......at least from my limited knowledge I have on computers. Anyway.There are motherboard driver and BIOS updates and sometimes it is useful to get them, but it is NOT generally recommended that you get them unless you are having problems, and are advised by a technician.
Steve: your question can't be answered because they are both equally good but in different areas. MSI tends to make some of the most stable and balanced video cards, and ASUS tends to make the best Intel motherboards... MSI makes some pretty good AMD 64 boards... it will definitely depend on the model or platform in mind.
I currently use an ASUS A7N8X-E Deluxe, which is a kickass board for AMD 2500+ through 3200+, but is last generation. The equivalent P4 board is apparently just as great. (ASUS P4P800-E DLX). Your board is based on the i845 chipset, which is excellent, but is also last-gen. Your particular board was getting high ratings with the high-end PC builders. Also, ASUS tends to pack in as much hardware as they can on one board (a bazillion USB ports, a bazillion PCI slots, etc)... MSI goes more for stability and balance than performance, whereas ASUS is known for performance and high quality.
I know what you mean, it is difficult to answer. But with your message I still "feel" Asus sounds better for Pentium 4, well I guess my wife has to try out with MSI.
About the update , thanks for the info...I'll keep my hands off from that.
Steve
-
A person I know plans to buy a new cpu.
Between MSI & Asus, which is better? (without specific model, just in general)
2ndly, aside the above 2, whats the most recommended motherboards?
BTW I have Asus P4PE, is it O.K ? and I noted there is Asus Update at the start menu,
I never updated.....is it necessary to update my motherboard or any m/board for that matter?
Thanks
Steve
-
I' ve read the article b4. But I don't know how to do handle this :
"If you are not using the scheduler, I suggest disabling it, this will not only allow you to back up this file, but also save some RAM."
So, how do I disable the scheduler ?
Thanks
Steve
-
Start, Run, cmd
cd C:\Windows\System32\drivers\etc\
del hosts
Or just try to browse there and delete the file.
Did as above.......this problem
My Soft
Redirect host
desktop.kazaa.com=127.0.0.1
CLEANED
This one
Log
Activity.SchedLgu.Txt
C:\Windows|SchedLgu.Txt
Still there.
Thanks
-
-
-
Ok, I have a better idea. (I missed the 'system32' on step 1')
1) Start, Run... CMD
2) %systemdrive%
3) cd \
4) cd %systemroot%\system32\drivers\etc
5) attrib -r -h -s hosts
6) del hosts
Sorry for the late reply.
Up to step 3 it is O.K.
Type instruction as per step 4, error message appearing.
Do you want me give you any other "report" or "reading" for your analysis.
Steve
-
O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u
^^ This item is safe to remove using HJT, and usually won't come back, unless you get another 'serious error' from Windows to report.
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
^^ This one usually comes back, unless you do what Tarun said, which is "using the GUI", which actually means to use the appropriate interface for disabling MSNM startup, which is:
With MSNM running, go to Tools, Options, Preferences (or in MSN 7, "General"), and uncheck "Automatically run messenger when I log on to Windows"
Done as told.
You should simply delete your hosts file and start it over.1) Start, Run... CMD
2) CD %systemroot%\drivers\etc
2) ATTRIB -R -H -S -A HOSTS
3) DEL HOSTS
Then run spybot s&d, go to advanced mode, then Tools, then checkmark Hosts file, then click the button to "add spybot s&d's hosts file"
Did item 1 as above
when typed item 2, I get this message: The filename,directory name, or volume label syntax is incorrect
Tried many other ways, I get error msg like above or some other error msg.
Steve -
Domain hijack, safe to remove. Safe to remove:
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F2A6F5F-8BAF-4972-ABC6-DA099E47B685}: NameServer = 202.188.0.133 202.188.1.5
Tarun, something interesting for you to know. I removed the above item. Guess what I cannot open any webpage after that. I restarted & it worked fine, but the item is back on the HJT list after restart.
Im suprised LSPfix and Hijackthis are not picking up these host file redirects.OK for the kazza thing try running this program: http://www.spywareinfo.com/~merijn/files/kazaabegone.zip
For the SchedLgu.Txt file, see here: http://www.safer-networking.org/en/faq/6.html
--lee
Ran the Kazzabegone, came out with 21 ITEMS, now thats way too many items, don't you think ??
I read the link about the SchedLgu, but this brains didn't understand what it read
.... just add to the ignore list, is that the message??O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u^^ This item is safe to remove using HJT, and usually won't come back, unless you get another 'serious error' from Windows to report.
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
^^ This one usually comes back, unless you do what Tarun said, which is "using the GUI", which actually means to use the appropriate interface for disabling MSNM startup, which is:
With MSNM running, go to Tools, Options, Preferences (or in MSN 7, "General"), and uncheck "Automatically run messenger when I log on to Windows"
Understood this, will do it tonite.
You should simply delete your hosts file and start it over.1) Start, Run... CMD
2) CD %systemroot%\drivers\etc
2) ATTRIB -R -H -S -A HOSTS
3) DEL HOSTS
Then run spybot s&d, go to advanced mode, then Tools, then checkmark Hosts file, then click the button to "add spybot s&d's hosts file"
Now this is alien to me
...mind telling me in simple non techy terms. ThanksSteve
-
Hi steve,
In addition to what Tarun analyzer has said (i'm impressed with that analyzer Tarun
), its safe to remove these as they slow down boot up,This just creates logs of errors, and can only help you if you can read the logs it creates:
O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u
This just starts up MSN Messenger every boot up, it can still be started via the icon though:
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
BTW, the latest MSN Messenger is MSN 7, you can get it from here: http://imagine-msn.com/messenger/en-us/ (click "Get it now")
--lee
It's better to disable those via GUI, thus why I left them alone until his next reply.Hi everyone, I've removed the items Tarun suggested, but did not what Lee told me, since I see there might be a better way to remove it , so I wait for further guidance.
After removing, scanning with spybot...the result...the same 2 items still there!!!
Anyway I'm copying the hijackthis list again.
Tarun, have removed Real Player & Quicktime, substituted with "alternatives"
Here is the list:-
Logfile of HijackThis v1.99.1
Scan saved at 22:49:38, on 15/04/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\unzipped\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe /waitservice
O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Steve
P/S I sure wish I can get rid of those pesky items.
-
Did you download a host file latley?, i have been getting Spybot/Hijackthis moaning about my latest update to my host file.
--lee
I didn't see anything to do with "Host". I must admit I've installed quite a few softwares lately & also deleted some old softwares. Kazaa was actually deleted from my pc.
Anyway I copy my HijackThis report, in case my newbie eye didn't find what you were asking for.
Logfile of HijackThis v1.99.1
Scan saved at 22:32:13, on 14/04/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\unzipped\HijackThis\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan - {072F3B8A-2DA2-40e2-B841-88899F240200} - C:\PROGRA~1\Agnitum\OUTPOS~1\TRASH.EXE (HKCU)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...463/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F2A6F5F-8BAF-4972-ABC6-DA099E47B685}: NameServer = 202.188.0.133 202.188.1.5
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Steve
-
The log you don't need to worry about. As for the redirect host, where did Spybot say it's located?
I checked the result, it only shows this :
--- Search result list ---
MySoft: Redirected host (Redirected host, fixing failed)
I do believe he has all of those applications already. Ad-Aware can get pieces Spyboy misses, and Spybot can get pieces Ad-Aware misses. Just one Anti-Malware utility is never enough.Yes I do have it.
-
I did a scan several times with spybot S&D & even tried couple of times on reboot.
There are items unable to be removed:-
My Soft
Redirect host
desktop.kazaa.com=127.0.0.1
another one
Log
Activity.SchedLgu.Txt
C:\Windows|SchedLgu.Txt
Please guide me how to remove the above.
Thanks
Steve
} who is getting a cpu, which earlier suppose to come with Asus m/board, now it is going to come with MSI m/board.......so I was curious becos my pc has Asus, and I thought it was the best......at least from my limited knowledge I have on computers. 
Steve
), its safe to remove these as they slow down boot up,
Usenet vs P2P
in Software
Posted
Free usenet- Are there any advantage over WinMx & Shareaza ?
Any recommended free usenet?
Thanks