Net_Surfer

Happy Birthday Isaiah!!!, http://i318.photobucket.com/albums/mm416/Net_Surfer/7.jpg :rockon:Enjoy the cake!!! Saludos Net_Surfer

Hello chloeam and Welcome to FreePc Help Malware removal forum. My nick is Net_Surfer and I will be helping you with your malware issues, this may or may not solve other issues you may have with your machine. Please note that whatever repairs we make, are for fixing "your computer problems only" and by no means should be used on another computer. I would also like to inform you that most of us here at freepc help offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided! Please be patient and I'd be grateful if you would note the following: The cleaning process is not instant. Gmer, DDS, ComboFix, RSIT and hijackthis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please Read All Instructions Carefully and perform the steps fully and in the order they are written. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Do not attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process. Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible. Please continue to review my answers until I tell you that your machine is clean and free of malware. (Absence of symptoms does not mean that everything is clear. Just because you can't see a problem doesn't mean it isn't there. If you can do these things, everything should go smoothly. :good: OK. chloeam.......If you have a Vista computer ensure that you right click on the tools and run them as an Admin. IF XP double click on the program to run them. Before we begin, you should save these instructions in Notepad to your Desktop, or print them, for easy reference and to make sure you don't get lost. Make sure to work through the fixes in the exact order in which they are mentioned below and do not miss any steps out. If at any point you have questions, or are unsure of the instructions, do not hesitate to post here and ask for clarification before proceeding with the fixes. Please carefully follow the next set of steps: Step 1. * exeHelper by Raktor. Please download: exeHelper to your desktop. Double-click on exeHelper.com to run the fix. A black window should pop up, press any key to close once the fix is completed. Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan) Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file). http://img233.imageshack.us/img233/7729/mbamicontw5.gifMalwarebytes' Anti-Malware step 2. * Please download: Malwarebytes' Anti-Malware Note: If you already have Malwarebytes' Anti-Malware, just update first then run it. Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform a Full system Scan", then click Scan (the scan may take some time to finish, so please be patient). When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy and Paste the entire report in your next reply . Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately. Step 3. Download OTL to your desktop. if you have problems, try this download link: OTL Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/OTL/otlDesktopIcon.png icon to run it. Make sure all other windows are closed and to let it run uninterrupted. (Vista user's right click and ran as an Admin.) When the window appears, underneath Output at the top change it to Minimal Output. Check the boxes beside LOP Check and Purity Check .. http://img.photobucket.com/albums/v708/starbuck50/new/newOtl2.png Now copy the lines in bold below: netsvcs msconfig %SYSTEMDRIVE%\*.exe /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys adp3132.sys /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles CREATERESTOREPOINT right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste. http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png . Click the Run Scan button. http://img.photobucket.com/albums/v708/starbuck50/runscan.png Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply. Summary of the logs we will need in your next reply: The report log of exehelper. The report log of MBAM the report logs of OTL: OTL.Txt and Extras.Txt Upon completing the above steps I will review your logs and take the steps necessary with you to get your machine back in working order clean and free of malware. Please DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean and free of malware!!! Regards Net_Surfer

OK. gandolf123.......If you have a Vista computer ensure that you right click on the tools and run them as an Admin. IF XP double click on the program to run them. Before we begin, you should save these instructions in Notepad to your Desktop, or print them, for easy reference and to make sure you don't get lost. Make sure to work through the fixes in the exact order in which they are mentioned below and do not miss any steps out. If at any point you have questions, or are unsure of the instructions, do not hesitate to post here and ask for clarification before proceeding with the fixes. Please carefully follow the next set of steps: If you can not download and run the following tools, then I would like for you to try another approach: If you have the use of another computer please either use a Flash Drive or a CD to download the following and transfer them for use on the infected machine. Be sure you put them on the desktop of the infected computer. * exeHelper by Raktor. step1. Please download: exeHelper to your desktop. Double-click on exeHelper.com to run the fix. A black window should pop up, press any key to close once the fix is completed. Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan) Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file). step2.* After running exeHelper ("without rebooting") download and run Rkill and combofix after the reboot of combofix follow the Malwarebyte's step and run them using this instructions: We need to use the RKill Tool by Grinler Rkill.com <--- Download site Please Download Rkill.com. Save it to your Desktop. Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how. NOTE: If you are unable to connect to the site to download rkill, then you should download it to a clean computer and copy it to the infected one via a USB flash drive or CDROM. Once it is downloaded, double-click on the http://i318.photobucket.com/albums/mm416/Net_Surfer/rkill-1.png rkill.com in order to automatically attempt to stop any processes associated with Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. NOTE: If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Antivirus Suite when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate the rogue program. So, please try running Rkill until the malware is no longer running. You will then be able to proceed with the rest of the steps. If you continue having problems running rkill.com, you can download: iExplore.exe or eXplorer.exe which are renamed copies of rkill.com, and try them instead. *If the tool does not run from any of the links, Please tell me about it. Step 3.Please try ComboFix tool, if you can not run it use exehelper and Rkill and without rebooting try ComboFix again..... Please download ComboFix http://img7.imageshack.us/img7/4930/combofix.gif from BleepingComputer.com Alternate link: GeeksToGo.com Alternate link: Forospyware.com Rename ComboFix.exe to commy.exe before you save it to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console http://img.photobucket.com/albums/v666/sUBs/Query_RC.gif Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: http://img.photobucket.com/albums/v666/sUBs/RC_successful.gif Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply. **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall** A word of advise if you are a lurker: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. It is intended by its creator to be used under the guidance and supervision of a Malware Removal Expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read the: Combofix's "Disclaimer". http://img233.imageshack.us/img233/7729/mbamicontw5.gifMalwarebytes' Anti-Malware step4.* Please download: Malwarebytes' Anti-Malware Note: If you already have Malwarebytes' Anti-Malware, just update first then run it. Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform a Full system Scan", then click Scan (the scan may take some time to finish, so please be patient). When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy and Paste the entire report in your next reply . Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately. Summary of the logs I will need in your next reply: ExeHelper log. Rkill log. The ComboFix log. MBAM log. How are things your end gandolf123? Upon completing the above steps I will review your logs again and take the steps necessary with you to get your machine back in working order clean and free of malware. Again, Please DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean and free of malware!!! The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day then I will close the topic. Kind regards Net_Surfer

Hello gandolf123 and Welcome to FreePc Help Malware removal forum. My nick is Net_Surfer and I will be helping you with your malware issues, this may or may not solve other issues you may have with your machine. Please note that whatever repairs we make, are for fixing "your computer problems only" and by no means should be used on another computer. I would also like to inform you that most of us here at freepc help offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided! Please be patient and I'd be grateful if you would note the following: The cleaning process is not instant. Gmer, DDS, ComboFix, RSIT and hijackthis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.[/b] Please Read All Instructions Carefully and perform the steps fully and in the order they are written. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Do not attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process. Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible. Please continue to review my answers until I tell you that your machine is clean and free of malware. (Absence of symptoms does not mean that everything is clear. Just because you can't see a problem doesn't mean it isn't there. If you can do these things, everything should go smoothly. :good: Please stand by for further instructions!

Hello Silver tongued...,http://fc07.deviantart.com/fs14/f/2007/069/f/1/Smiley_Hello_by_Lucifer4671.gif Are you still there??? Please reply to this post so I know you are there. : If you are please follow the instructions in my previous post. Please continue to review my answers until I tell you your machine appears to be clear. Remember absence of symptoms does not mean that everything is clear. I have not had a reply from you for over 3 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open. The forum is busy and we need to have replies as soon as possible. Unfortunately, if I do not hear back from you within 2 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread I would also like to inform you that most of us here at Freepchelp offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided by replying back and let us know the reason of your delay. If you like you can PM me. Thanks, Kind regards Net_Surfer http://fc07.deviantart.com/fs7/i/2005/216/c/c/_quot_E_T_quot____Jark_by_clairebearer.gif

Hello Silver tongued and Welcome to FreePc Help Malware removal forum. Sorry for the delay. My nick is Net_Surfer and I will be helping you with your malware issues, this may or may not solve other issues you may have with your machine. Please note that whatever repairs we make, are for fixing "your computer problems only" and by no means should be used on another computer. I would also like to inform you that most of us here at freepc help offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided! Please be patient and I'd be grateful if you would note the following: The cleaning process is not instant. Gmer, DDS, ComboFix, RSIT and hijackthis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please Read All Instructions Carefully and perform the steps fully and in the order they are written. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Do not attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process. Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible. Please continue to review my answers until I tell you that your machine is clean and free of malware. (Absence of symptoms does not mean that everything is clear. Just because you can't see a problem doesn't mean it isn't there. If you can do these things, everything should go smoothly. Step 1. Download MsnCleaner.zip from here, to your desktop and extract it to his own folder but don't use it yet. Now reboot into Safe Mode Double-click MsnCleaner.exe to run it. Select your language http://i318.photobucket.com/albums/mm416/Net_Surfer/MSNCleaner_.png Click the Analyze button. A report will be created once after you finish scan. If it finds an infection, click the Deleted button. Now, please reboot back to normal mode. Please post the contents of C:\MsnCleaner.txt in a reply to this post. Step 2. Let's fix some issues with OTL by doing the following: Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/OTL/otlDesktopIcon.png Icon at your desktop to run it. (Vista users right click and run as an Admin.) Copy the lines in the codebox below. (make sure that :Otl is on the first line ) just highlight everything in the code box (starting with :Otl ) and copy and paste it into the 'Custom scan/fix' box on OTL. :OTL O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O4 - HKCU..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe File not found O4 - Startup: C:\Documents and Settings\Manager\Start Menu\Programs\Startup\Shortcut to Warning.lnk = C:\Documents and Settings\Manager\Desktop\Warning.txt.txt () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: HonorAutoRunSetting = 1 O15 - HKCU\..Trusted Domains: plaxo.com ([www] https in Trusted sites) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMPFC5A2B2 :Files C:\0155e82d78be3512d09d :Commands [PURITY] [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [REBOOT] Return to OTL, right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste. http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png Click the red Run Fix button. http://img.photobucket.com/albums/v708/starbuck50/runfixbutton.png Note: The fix for OTL automatically hides your Desktop and Start menu so the fix can be completed. Do not be alerted, this is normal. Please do not exit the program. It might take a while to fix, but allow it to run. If it asks to reboot the computer, allow it to reboot. If the program freezes, and the computer fails to reboot - let me know. After the reboot, you may need to double click OTL to launch the program and retrieve the log. Copy and paste the contents of the OTL log that comes up after the fix in your next reply. if you lose the report, there will be a copy here: C:\_OTL\MovedFiles Step 3. * MBAM You already have http://img233.imageshack.us/img233/7729/mbamicontw5.gifMalwarebytes' Anti-Malware installed. Open MBAM Go to the updates tab, and click Update to update to the latest version Once the program has updated, select Perform full scan, then click Scan. When the scan is complete, click OK, then Show Results to view the results. Be sure that everything is checked, and click Remove Selected . When completed, a log will open in Notepad. Please save it to a convenient location and post the results. Note: if you can not run a full system scan then retry with a quick scan. * Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes. We need to Scan for Rootkits. Credit to Quietman for this speech canned. The speed and ability to complete a scan depends on a variety of factors. The program itself and how its scanning engine is designed to scan: using a signature database vs heuristic scanning for suspicious behavior or a combination of both. Options to scan for spyware, adware, riskware and potentially unwanted or unsafe programs (PUPs). Options to scan memory, boot sectors, registry and alternate data streams (ADS). Type of scan performed: Deep, Quick or Custom scanning. What action has to be performed when malware is detected. A computer's hard drive size. Disk used capacity (number of files to include temporary files) that have to be scanned. Types of files (.exe, .dll, .sys, .cab, archived, compressed, packed, email, etc) that are scanned. Whether external drives are included in the scan. Competition for and utilization of system resources by the scanner. Other running processes and programs in the background. Interference from malware. Interference from the user. Before performing an anti-rootkit (ARK) scan it is recommended to do the following to ensure more accurate results and avoid common issues that may cause false detections. Disconnect from the Internet or physically unplug you Internet cable connection. Clean out your temporary files. Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver. Temporarily disable your anti-virus and real-time anti-spyware protection. After starting the scan, do not use the computer until the scan has completed. When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet. Note: Not all hidden components detected by ARKs are malicious. It is normal for a Firewall, some Anti-virus and Anti-malware software (ProcessGuard, Prevx1, AVG AS), sandboxes, virtual machines and Host based Intrusion Prevention Systems (HIPS) to hook into the OS kernal/SSDT in order to protect your system. SSDT (System Service Descriptor Table) is a table that stores addresses of functions that are used by Windows. Both Legitimate programs and rootkits can hook into and alter this table. You should not be alarmed if you see any hidden entries created by legitimate programs after performing a scan. If you are using a CD Emulator (Daemon Tools, Alchohol 120%, Astroburn, AnyDVD, etc) be aware that they use rootkit-like techniques to hide from other applications. When dealing with a malware infection, CD Emulators can interfere with investigative or anti-rootkit (ARK) tools. This interference can produce misleading or inaccurate scan results, false detection of legitimate file, cause unexpected crashes, BSODs, and general dross. This 'dross' often makes it hard to differentiate between genuine malicious rootkits and the legitimate drivers used by CM Emulators. In some cases, the drivers related to such tools can cause crashes or system hanging when attempting to boot into safe mode. Since CD Emulators use a hidden driver which can be seen as a rootkit and interfere with providing accurate results or cause other problems, it is recommended that they be removed or disabled until disinfection is completed. Step 4. * Disable CD-ROM Emulation Software. DeFogger - Disable Please download >>> DeFogger <<< to your desktop. Double click DeFogger to run the tool. The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OK DeFogger will now ask to reboot the machine - click OK IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop. Do not re-enable these drivers until otherwise instructed. Step 5. * Rootkit Scan with Gmer. Please download GMER from one of the following locations and save it to your desktop. NOTE: when you run it ensure that the sections option is also checked: Main Mirror This version will download a randomly named file (Recommended) Zipped Mirror This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop. Disconnect from the Internet and close all running programs. Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver. Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked. Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe. http://img.photobucket.com/albums/v666/sUBs/gmer_zip.gif GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress) If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO. Now click the Scan button. If you see a rootkit warning window, click OK. When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log. Click the Copy button and paste the results into your next reply. Exit GMER and re-enable all active protection when done. -- If you encounter any problems, try running GMER in Safe Mode. Some ARK scanners have settings which you can adjust if the scan hangs or freezes while others do not. If that's the case and you still cannot complete a scan, then try another ARK. Sophos Anti-rootkit Avira AntiRootkit Avast AntiRootkit Scanner Summary of the logs I will need in your next reply: The report log of MSN Cleaner. The report log of OTL located at: C:\_OTL\MovedFiles The report log of MBAM. Gmer rootkit report log. How are things your end Silver tongued? Upon completing the above steps I will review your logs again and take the steps necessary with you to get your machine back in working order clean and free of malware. Again, Please DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean and free of malware!!! Kind regards Net_Surfer http://fc06.deviantart.net/fs39/f/2008/356/f/4/Smiley_Wizard_by_Momma__G.gif

Hi Hship, Find the right memory, the easy way... The Crucial System Scanner automatically analyzes your computer memory information and suggests an upgrade that's guaranteed compatible. Go to Crucial and test your memory Note: Downloading and running the Crucial System Scanner is easy. 1. First, agree to the terms and conditions. 2. Click the "download the scanner" button, and choose "Save File" when prompted. 3. Save the file to your desktop, or anywhere you prefer. 4. Navigate to this saved CrucialScan.exe file and open. If you get a security warning, click "Run" to allow the download. 5. It will take several moments while your browser is updated with your scan results. ~~~~ BIOS beep codes 1- Make sure you have a case speaker connected, if you are getting 1 long continuous beep this indicates the system can’t find usable ram, reseat the ram, try different ram or try the ram in a different dimm slot 2- 1 long 2 short indicates video error reseat the video card, try another video card Nothing on the screen with no beeps 1-Make sure the hs (heatsink) is installed properly, tight with thermal paste applied 2-Make sure the cpu fan is connected to the correct header on the motherboard 3-Clear the cmos by unplugging the computer removing the battery then move the clear cmos jumper from pins 1&2 to 2&3 for 10 minutes 4-Replace the battery and move the jumper back to pins 1&2 5-Verify all motherboard jumpers are set correctly 6-Verify all case connections are correct ( case switch ect.) 7-Verify the power supplies 20/24 pin and 4pin 12v are tightly seated to the motherboard Still won’t go 1-Remove all drives and cards except the video, remove front sound and usb 2-Repeat the above 3-The idea here is to get the computer to post and boot into bios if after doing so you are able to get into bios let the computer idle in bios for a while and watch the temps and voltages. 4-If everything appears normal load the bios defaults and make sure to save and exit 5-Now add the drives and install windows then add the remaining cards Still won’t go 1-Remove the motherboard from the case and place on a piece of cardboard 2-Install only the cpu with hsf, 1 stick ram in dimm 1, psu, video card, case switch and case speaker 3-Connect ps2 mouse and keyboard along with the monitor 4-Repeat the above and power on 5-If the computer now boots into bios you most likely had a case short so make sure when installing the motherboard in the case that you use standoffs and they line up with the mounting holes in the motherboard and none of the standoffs touch anything else on the underside of the board. If all the above fails, then reply back explaining what you have done and listing your full system specs Regards Net_Surfer

Hello cookaboy, "UBCD4Win": is a bootable recovery CD that contains software used for repairing, restoring, or diagnosing almost any computer problem. ... If you have a booting problem then you need to open your own thread on the right forum explaining in details when this happened and what were you doing at the time and I or another member can reply with the right steps for you to follow to get your machine back in order and free of malware. Regards Net_Surfer

Hello Mikeyorks, I will try to help with this issue. look into this link and see if that helps: Bug Check 0x24: NTFS_FILE_SYSTEM Questions: Do you have your windows xp CD so we can use the Recovery Console? Or Do you have the Recovery Console already installed on your computer.[/b] Regards Net_Surfer

Re-Hi all Hello Randy, Thanks for your comment. I just graduated from Malware Removal Training, I took me a year to go through all the phases of learning the trade but now I am ready to help infected members in this site also if you guys admit me. I was invited by Starbuck to join here and to see if I like it he can recommend me with you guys. I hope to hear from you guys. Best regards Net_Surfer

Hello all and thanks to Starbuck for the invitation to join this board.