Home Mail MemberMap Chat (0) Wallpapers
Go Back   ChiefsPlanet > The Royal Lounge > Media Center

Reply
 
Thread Tools Display Modes
Old 08-18-2010, 12:28 AM  
Bearcat Bearcat is online now
Is this real life?
 
Bearcat's Avatar
 
Join Date: Nov 2000
Location: Kansas City
Casino cash: $8785
The Official Malware/Antivirus Thread - Need help or general advice? Read this first!

This thread provides information on malware removal, links to malware removal tools, and recommendations & links to anti-virus software. The intention of this thread is to provide quick and accurate support for malware-related issues and questions.

Many people here are willing to provide assistance if you're having computer problems, and this thread is not meant to discourage people from asking for help.... but, please read the information provided first, or else there's a good chance you'll be sent here, here, or here . We aren't Geek Squad, so while we won't grossly overcharge you for information and advice, we also aren't responsible for anything you do to your computer.

Also, feel free to make suggestions on the content of this post, and I'll try to keep it up to date.

Research


A lot of information can be found at this EliteKiller link, including...
  • Links to recommended malware scanning & removal tools, including the Rogue Removal Kit (which includes combofix), malwarebytes (aka MBAM), and Hitman Pro.
  • A link to HiJackThis, which creates a log of registry entries, running services, etc; that can be posted here for additional support.
  • Reviews, recommendations, and links to antivirus software, on-demand scanners, and online scanners.
  • Information on firewalls and unsecured networks, as well as malware/virus prevention.

Malware Removal

If you think your computer is infected, the EliteKiller link provides a thorough solution. Simply put...

Quote:
Originally Posted by mikeyis4dcats. View Post
Step 1 go here http://www.elitekiller.com/malware.htm and read up

Step 2 download the Rogue Removal Kit http://www.elitekiller.com/files/rogueremoval.zip

Step 3 unzip the Kit, read the instruction file and run the tools in the order given.

Step 4 Thank me in about 3 hours for fixing your shit.

The Rogue Removal Kit is is a zipped file that includes malwarebytes, CCleaner (a registry cleaner that will also delete temporary files), Combofix, Hitman Pro, and HiJackThis (HiJackThis is optional, see below). The instructions guide you through running these tools in Safe Mode With Networking; then running malwarebytes and an online scanner in Normal Mode.

Some people don't recommend running Combofix unless you're fairly certain you need to use it, but I've never heard of people having major problems with it. Here's a list of symptoms to Vundo infections, which may help determine if you need to run Combofix. You can also look here to see instructions with screenshots on how to use Combofix.

Taken from the readme in the Rogue Removal Kit:

Quality Online Virus Scanners: (all scanners offer detection and removal)


F-Secure
NOD32
Bitdefender

Quality Free Anti-Virus Software:

Panda Cloud
Microsoft Security Essentials
Antivir
Avast!
AVG


My two cents on downloading anti-malware software...
  • Download it from another computer if possible, or from Safe Mode With Networking on the infected machine.
  • Verify you are downloading from a legit source and are not being redirected to a site where you'll end up downloading more malware. If you click on any links above, verify the link in the bottom left before clicking on it, then after clicking the link verify that's where you were taken in the address bar.
  • The elitekiller article mentions downloading the software to a USB drive. Do not download the software to a USB drive on the infected machine if you're not in Safe Mode, or else you risk infecting the USB drive and other computers you connect the drive to in the future.

Other Helpful Tips & Tools

Rkill will kill processes that may be preventing scanners from completely removing malware.

To get into Safe Mode With Networking, press F8 every couple of seconds while the computer is starting (before the Windows splash screen). If you see the Windows splash screen, you will need to try again. The safe thing to do is log into Windows, restart, and try pressing F8 several times before seeing the Windows splash screen. Alternatively, my advice that falls into the category of “what I'd do if it was my own computer, but wouldn't tell someone to do it if I worked in tech support” would be, if you didn't get into Safe Mode the first time and you're at the Windows splash screen, hold down the power button until the computer turns off. When you start the computer again, it should automatically ask you if you want to go into Safe Mode With Networking.

If you get a Blue Screen of Death after selecting Safe Mode With Networking, read the following posts on how to fix it:
http://blog.didierstevens.com/2006/06/22/save-safeboot/
http://blog.didierstevens.com/2006/0...ring-safeboot/
http://blog.didierstevens.com/2007/0...th-a-reg-file/


Still infected, or just want to make sure everything is okay?

HiJackThis is a tool that will create a log file that can be analyzed by geeks to see what is running on your computer. Install and run HiJackThis (preferably in Safe Mode With Networking), and select 'Do a system scan and save a log file'. You can then copy/paste the output to this thread, and with any luck, someone will stop by and let you know what you can delete. You can then checkmark the items in HiJackThis and click 'Fixed checked'.

If you don't get a quick response here or would rather do it yourself, you can also go to http://hijackthis.de/, which is an online analyzer for your HiJackThis log. Simply copy and paste the log into the text box and click the Analyze button. During my testing of the site, I found it wasn't perfect, especially when a proxy was setup (the visitor rating would be 'extremely nasty', but the site itself would say it was safe)... but, it's at least a good tool that can significantly shorten the time it takes to analyze the log, and it gives you an idea of which entries you can delete or at least Google/post here for further research.

You can also look at the responses to HiJackThis posts in this thread to get an idea of what is safe and what should be removed.


Windows Performance

A good starting point to knowing what processes and services are running on your computer is a HiJackThis log. There's also a lot of information that's only a Google search away.

To manage the process that start when Windows starts, use msconfig (Start button -> Run... -> msconfig -> Startup tab). This is a good resource on startup processes, and it includes a large database of startup processes with information on whether they're required to run Windows or if it's okay to uncheck them. You basically want processes that are in c:\Windows checked, and you can generally uncheck processes in c:\program files (but there are exceptions, like your antivirus), but do some research (Google, the provided links, this thread) if you're not sure. Adobe, Apple (including qttask, Boujour, AppleUpdater, etc), and any messenger program (unless you have it sign you in at startup) are always the first ones to get unchecked on my computer.

Services can be a little tougher to manage, because it's usually a much longer list, and it's not as simple as flipping them on or off. This is a great resource for managing Windows services (Start button -> Run... -> services.msc). Simply choose your version of Windows and then click on the Service Configuration link. It presents the default setup, a safe setup (what most people can use without any consequences), a tweaked setup for faster startup, and a bare bones setup for the super geek. There's also a Tweaks page for stuff like Adding/Removing programs and System Restore.

Last edited by Bearcat; 03-27-2012 at 04:07 PM..
Posts: 27,454
Bearcat has an IQ even higher than Frankie's.Bearcat has an IQ even higher than Frankie's.Bearcat has an IQ even higher than Frankie's.Bearcat has an IQ even higher than Frankie's.Bearcat has an IQ even higher than Frankie's.Bearcat has an IQ even higher than Frankie's.Bearcat has an IQ even higher than Frankie's.Bearcat has an IQ even higher than Frankie's.Bearcat has an IQ even higher than Frankie's.Bearcat has an IQ even higher than Frankie's.Bearcat has an IQ even higher than Frankie's.
  Reply With Quote
Old 04-11-2011, 03:44 PM   #136
Fish Fish is online now
Missing Dick Curl
 
Fish's Avatar
 

Join Date: Sep 2005
Casino cash: $8395
Also, while this thread is humming....

If you haven't upgraded Firefox >= 3.6.16, you really should do so. There was an SSL certificate authority that was recently compromised, and some legit certificates were stolen. Some of which includes login.live.com, login.yahoo.com, login.skype.com, and mail.google.com. Meaning that those pages could potentially be spoofed and you'd never know the difference, giving hackers your info.

Both Firefox and IE could be affected by this. So if you haven't updated your browser recently, DO IT NOW!

More info:

http://www.microsoft.com/technet/sec...y/2524375.mspx

http://blog.mozilla.com/security/201...-certificates/
__________________
Posts: 25,942
Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.Fish is obviously part of the inner Circle.
  Reply With Quote
Old 04-11-2011, 03:46 PM   #137
Sure-Oz Sure-Oz is online now
Stay positive, don't give up
 
Sure-Oz's Avatar
 

Join Date: Dec 2001
Location: Kansas City, MO
Casino cash: $6687
Ran Malware bytes in safe along with spybot and it was clean. if i go to the cc cleaner website or microsoft security essentials avast keeps detecting that its a bad site and stops it, weird!

i got sec. essentials another way and am installing
__________________
Quote:
Originally Posted by DeezNutz View Post
Sure-Oz could ****ing track anyone in the country via Twitter. Dude makes me scared to leave the house.
Quote:
Originally Posted by DeezNutz View Post
.
Sure-Oz in this mother****er. Resident Tweet master and maligned Royals fan.
Posts: 40,254
Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.
  Reply With Quote
Old 04-11-2011, 04:17 PM   #138
Sure-Oz Sure-Oz is online now
Stay positive, don't give up
 
Sure-Oz's Avatar
 

Join Date: Dec 2001
Location: Kansas City, MO
Casino cash: $6687
Well i ran MSE as well as malwarebytes, spybot S&D and nothing has been found, no threats. I noticed now avast isnt going batshit crazy by trying to open the MSE site or CC Cleaner site. weird
__________________
Quote:
Originally Posted by DeezNutz View Post
Sure-Oz could ****ing track anyone in the country via Twitter. Dude makes me scared to leave the house.
Quote:
Originally Posted by DeezNutz View Post
.
Sure-Oz in this mother****er. Resident Tweet master and maligned Royals fan.
Posts: 40,254
Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.
  Reply With Quote
Old 04-11-2011, 04:17 PM   #139
Sure-Oz Sure-Oz is online now
Stay positive, don't give up
 
Sure-Oz's Avatar
 

Join Date: Dec 2001
Location: Kansas City, MO
Casino cash: $6687
Quote:
Originally Posted by Bowser View Post
This is interesting. Everytime I go to try and get to MS's website, avast pops up with a malware warning....
Is yours still doing that?
__________________
Quote:
Originally Posted by DeezNutz View Post
Sure-Oz could ****ing track anyone in the country via Twitter. Dude makes me scared to leave the house.
Quote:
Originally Posted by DeezNutz View Post
.
Sure-Oz in this mother****er. Resident Tweet master and maligned Royals fan.
Posts: 40,254
Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.
  Reply With Quote
Old 04-11-2011, 05:24 PM   #140
Galileo Humpkins Galileo Humpkins is offline
For Luck, you monster.
 
Galileo Humpkins's Avatar
 

Join Date: Sep 2009
Casino cash: $5000
For anyone still experiencing issues with Avast, I would recommend reading this blog update:

https://blog.avast.com/2011/04/11/fa...defs-110411-1/

Had the same issue with another computer I oversee earlier today. If you do a manual update of Avast, the pop-up error should disappear.
Posts: 449
Galileo Humpkins is a favorite in the douche of the year contest.Galileo Humpkins is a favorite in the douche of the year contest.Galileo Humpkins is a favorite in the douche of the year contest.Galileo Humpkins is a favorite in the douche of the year contest.Galileo Humpkins is a favorite in the douche of the year contest.Galileo Humpkins is a favorite in the douche of the year contest.
  Reply With Quote
Old 04-11-2011, 05:28 PM   #141
Sure-Oz Sure-Oz is online now
Stay positive, don't give up
 
Sure-Oz's Avatar
 

Join Date: Dec 2001
Location: Kansas City, MO
Casino cash: $6687
Quote:
Originally Posted by Galileo Humpkins View Post
For anyone still experiencing issues with Avast, I would recommend reading this blog update:

https://blog.avast.com/2011/04/11/fa...defs-110411-1/

Had the same issue with another computer I oversee earlier today. If you do a manual update of Avast, the pop-up error should disappear.
Excellent, that explains why its stopped now. Thank You.
__________________
Quote:
Originally Posted by DeezNutz View Post
Sure-Oz could ****ing track anyone in the country via Twitter. Dude makes me scared to leave the house.
Quote:
Originally Posted by DeezNutz View Post
.
Sure-Oz in this mother****er. Resident Tweet master and maligned Royals fan.
Posts: 40,254
Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.
  Reply With Quote
Old 04-11-2011, 07:39 PM   #142
Dayze Dayze is offline
Resident Glue Sniffer
 
Dayze's Avatar
 

Join Date: Nov 2003
Location: Overland Park
Casino cash: $10601
...so, how bad is it?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:38:39 PM, on 4/11/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\WerCon.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\vsnp2uvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Brad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IA82SPBQ\HijackThis[1].exe
C:\Windows\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chiefsplanet.com/BB/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Connections.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9158 bytes
Posts: 26,208
Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.
  Reply With Quote
Old 04-11-2011, 08:00 PM   #143
Sure-Oz Sure-Oz is online now
Stay positive, don't give up
 
Sure-Oz's Avatar
 

Join Date: Dec 2001
Location: Kansas City, MO
Casino cash: $6687
So i guess all those false positives with avast put a bunch of .js files from the temp internet files in there, i assume its safe to leave it there? they show no viruses but there is so many of them that i can't restore all without manually selecting since some are real malware viruses from the past.
__________________
Quote:
Originally Posted by DeezNutz View Post
Sure-Oz could ****ing track anyone in the country via Twitter. Dude makes me scared to leave the house.
Quote:
Originally Posted by DeezNutz View Post
.
Sure-Oz in this mother****er. Resident Tweet master and maligned Royals fan.
Posts: 40,254
Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Sure-Oz Forgot to Remove His Claytex and Got Toxic Shock Syndrome.
  Reply With Quote
Old 04-11-2011, 09:09 PM   #144
DaFace DaFace is offline
Version 3.0
 
DaFace's Avatar
 

Join Date: Aug 2005
Location: Donkey Land
Casino cash: $8276
On a random Avast side note, any of you ever had it lose its ability to access the internet? I got a little minor gremlin a week or so ago. I removed it immediately, and it really didn't do anything, but somewhere in the removal process something got screwy. Avast won't update, and if I turn the web shield on, all my browsers are blocked.

I've done a full uninstall/reinstall, all of the typical scanners come up clean, everything seems fine, etc. Hosts file is fine. Hijack this doesn't seem to have anything out of the ordinary. Everything works fine except that one program. I almost don't even care (it's just my media center pc), but it's got me stumped.
Posts: 28,271
DaFace is obviously part of the inner Circle.DaFace is obviously part of the inner Circle.DaFace is obviously part of the inner Circle.DaFace is obviously part of the inner Circle.DaFace is obviously part of the inner Circle.DaFace is obviously part of the inner Circle.DaFace is obviously part of the inner Circle.DaFace is obviously part of the inner Circle.DaFace is obviously part of the inner Circle.DaFace is obviously part of the inner Circle.DaFace is obviously part of the inner Circle.
  Reply With Quote
Old 04-13-2011, 01:14 PM   #145
chasedude chasedude is offline
Supporter
 
chasedude's Avatar
 

Join Date: Sep 2005
Location: St. Joe
Casino cash: $5000
Quote:
Originally Posted by Dayze View Post
...so, how bad is it?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:38:39 PM, on 4/11/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\WerCon.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Windows\vsnp2uvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Brad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IA82SPBQ\HijackThis[1].exe
C:\Windows\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chiefsplanet.com/BB/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Connections.lnk = C:\Program Files\HP Connections\6811507\Program\HP Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9158 bytes
I uploaded your log file to the site I get my recommendations from
hijackthis.de and didn't see anthing malicious. There's a few recommendations to remove unnecessary junk, I highlighted your original post. Are you having specific problems?
Posts: 36,278
chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.
  Reply With Quote
Old 04-13-2011, 01:16 PM   #146
chasedude chasedude is offline
Supporter
 
chasedude's Avatar
 

Join Date: Sep 2005
Location: St. Joe
Casino cash: $5000
Quote:
Originally Posted by DaFace View Post
On a random Avast side note, any of you ever had it lose its ability to access the internet? I got a little minor gremlin a week or so ago. I removed it immediately, and it really didn't do anything, but somewhere in the removal process something got screwy. Avast won't update, and if I turn the web shield on, all my browsers are blocked.

I've done a full uninstall/reinstall, all of the typical scanners come up clean, everything seems fine, etc. Hosts file is fine. Hijack this doesn't seem to have anything out of the ordinary. Everything works fine except that one program. I almost don't even care (it's just my media center pc), but it's got me stumped.
So Avast has lost the ability to access the net now?
Posts: 36,278
chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.
  Reply With Quote
Old 04-13-2011, 01:37 PM   #147
Dayze Dayze is offline
Resident Glue Sniffer
 
Dayze's Avatar
 

Join Date: Nov 2003
Location: Overland Park
Casino cash: $10601
Quote:
Originally Posted by chasedude View Post
I uploaded your log file to the site I get my recommendations from
hijackthis.de and didn't see anthing malicious. There's a few recommendations to remove unnecessary junk, I highlighted your original post. Are you having specific problems?
cool thanks;
nothing too bad; I spent a few hours on Monday night running malwarebytes, hijackthis, etc and cleaned up a few things as far as start up processes (could probably even do that again, I just did a quick fly-by). this log i posted was after I had done everything I thought I could do, restarted etc.

up until then, my computer was just slow, starting up slow; locking up etc. and I primarily only use it for email/web etc so not a lot of extra stuff/software downloaded to it.

I think it was running like that because it's about 5 years old, and I hadn't done any sort cleanup etc...
we'll see how it goes...
Posts: 26,208
Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.
  Reply With Quote
Old 04-13-2011, 01:42 PM   #148
chasedude chasedude is offline
Supporter
 
chasedude's Avatar
 

Join Date: Sep 2005
Location: St. Joe
Casino cash: $5000
Quote:
Originally Posted by Dayze View Post
nothing too bad; I spend a few hours on Monday night running malwarebytes, hijackthis, etc and cleaned up a few things as far as start up processes (could probably even do that again, I just did a quick fly-by). this log i posted was after I had done everything I thought I could do, restarted etc.

up until then, my computer was just slow, starting up slow; locking up etc. and I primarily only use it for email/web etc so not a lot of extra stuff/software downloaded to it.

I think it was running like that because it's about 5 years old, and I hadn't done any sort cleanup etc...
we'll see how it goes...
Just curious if you've cracked the case and given it a good dusting inside too. There's always an accumulation of crap on the processors heatsink. I just take an air compressor and blow it out, outside of course, and plug it back in. By doing this the core temp will go down and give me a little increase in speed.
Posts: 36,278
chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.
  Reply With Quote
Old 04-13-2011, 01:44 PM   #149
Dayze Dayze is offline
Resident Glue Sniffer
 
Dayze's Avatar
 

Join Date: Nov 2003
Location: Overland Park
Casino cash: $10601
Quote:
Originally Posted by chasedude View Post
Just curious if you've cracked the case and given it a good dusting inside too. There's always an accumulation of crap on the processors heatsink. I just take an air compressor and blow it out, outside of course, and plug it back in. By doing this the core temp will go down and give me a little increase in speed.
that's the other thing; it's a lap top and gets really hot sometimes when nothing is really going on...
Posts: 26,208
Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.Dayze is obviously part of the inner Circle.
  Reply With Quote
Old 04-13-2011, 01:58 PM   #150
chasedude chasedude is offline
Supporter
 
chasedude's Avatar
 

Join Date: Sep 2005
Location: St. Joe
Casino cash: $5000
Quote:
Originally Posted by Dayze View Post
that's the other thing; it's a lap top and gets really hot sometimes when nothing is really going on...
I had a laptop that was running really hot and fans at full blast. I installed process explorer on it to view my cpu usage and found my lexmark printer software was using 50% of my cpu when doing nothing. I assumed that that program had a memory leak and needed dumping. After the uninstall it now runs cool and quiet. I still blow the air through the exhaust port on my cpu occasionally too with the compressor. Alot of dust can collect on the cooling fan in laptops too.
Posts: 36,278
chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.chasedude wants to die in a aids tree fire.
  Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump




All times are GMT -6. The time now is 10:53 AM.


This is a test for a client's site.
A new website that shows member-created construction site listings that need fill or have excess fill. Dirt Monkey @ https://DirtMonkey.net
Powered by vBulletin® Version 3.8.0
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.