If you have a PC problem lets hear about it, we may be able to help!

 

Porky I see that you use a Mac(from another thred) as well.

Just to ask are you using a modem and If so have you used this Onspeed software at all please?

TTT for Porky or others who may fit the bill.

Stan, You are unlikely to find a Mac user here who uses Onspeed, I agree with Kayak just try it !

Mac users normally keep on about how their machines are immune from bad software so its refreshing to see you being cautious however in this case I think the risk is low.

I am a Mac user (as well as a PC user) but I do not use dial up. My guess is that onspeed will be fine. Personally I don't like the model they use but if you cannot get decent bandwidth from ISDN or Broadband I would definitely try it.

Some months ago it was possible to get a free trail via ZD net but I am not sure if it still works or if the Mac version is available, here is a link http://downloads-zdnet.com.com/Onspeed/3000-2155-10293068.html

LOADS OF VIRUS'S- HELP HELPAHHHHHHHHHHHHHHHH AND POPUPS

hey pat where are you?

John-picked this up from traders room seems to be same problem-I know I saw a few virus links in here but not sure if that will help :-(
stockbunny - 16 Jan'05 - 14:34 - 2930 of 2943


Message for Optimist,
Thanks for all your help last week, I disappeared without trace I
know midweek!
I'm currently on a borrowed
laptop as my PC is out of use.It seems to be an incurable problem.

I ended up talking to Symantec,
and Microsoft trying to firstly remove the virus and then trying to
get shot of the file, but all has failed. So it's a very new virus
and there's no cure yet - most likely picked up when a son was on
a games website - those with kids you are warned!
So it's a system rebuild - thankfully someone has said they will
do it for me and they've done this kind of thing before, as I don't
think I could tackle it.


Optimist - 16 Jan'05 - 15:49 - 2931 of 2943


Stockbunny

Sorry to hear that you have to take such drastic action. When you rebuild the system, your installation CD will not have the most recent Microsoft security updates and unless you use an external firewall it will not be safe to connect to the internet even to download the updates.

Get hold of a CD copy of SP2 (they were given away with many computer mags or you can do a 270MB download). Once SP2 is installed, you are reasonably safe connecting and installing the remaining updates.

John-some more- happy reading Amanda :-)

Stuck with 4 embedded virus! (STUK) supermum - 30 Dec'04 - 18:02


I have already got rid of 19 other viruses! but please could someone help me get rid of embedded objects off my friends PC - they are ..

alchem.exe
polmx.exe
polall1t.exe .... all in local settings/temp/

systime.exe .. in the system32 folder

would be very grateful for any advice
SM



Optimist - 30 Dec'04 - 18:19 - 1 of 49


Supermum

I haven't had a chance to look into these in detail but have you used a virus scanner in safe mode yet?

What operating system are you using?


Richgit69 - 30 Dec'04 - 18:26 - 2 of 49


Supermum, you need to run your virus scanner in dos mode ;-)


Treblewide - 30 Dec'04 - 18:59 - 3 of 49


bugger I have just run the free house call from trend micro and it has found the following which it cannot remove

JAVA_BYTEVER.A
TROJ_SMALL.ZK (1)
TROJ_SMALL.ZK (2)

would someone be kind enough to put up instructions on how to get rid of these wee nut sacks in simpleton language.

ta

edit....the house call said it could not clean them but it has deleted them and after re-scan my itchy infections have gone.

gotta love free software!


DocProc - 30 Dec'04 - 19:12 - 4 of 49


Instructions for dealing with an infection of JAVA_BYTEVER.A are here:-

JAVA_BYTEVER.A


supermum - 30 Dec'04 - 19:14 - 5 of 49


running xp pro... I have run a 'remover' programme - I have also run antivirus - bang up to date...how do i do this in safe mode? is that the same as dos mode?


DocProc - 30 Dec'04 - 19:17 - 6 of 49


The instructions for dealing with TROJ_SMALL.ZK (1) and TROJ_SMALL.ZK (2)

should be almost identical to those for this one:-

TROJ_SMALL.AN


MightyMicro - 30 Dec'04 - 19:21 - 7 of 49


sm: Oh, you've got some pains in the neck there. You need to use some specialist tools to get rid of that junk. Luckily the tools tend to be free. Systime.exe is a chunk of a browser hijack called CoolWebSearch (CWS).

I would suggest running Spybot and AdAware at a minimum, also installing Spywareblaster afterwards to prevent these browser hijacks from getting back in. Spywareblaster will also allow you to snapshpot your system so you can restore browser settings after a hijack. It protects both IE and Firefox. You can also snapshot the "hosts" file, another favorite target of browser hijackers

It's best to run these programs one at a time, as they can interact.

For Spybot, download from http://www.spybot.info/en/index.html

For AdAware SE (the free personal edition), download from http://www.lavasoft.de/

For Spywareblaster, download from http://www.javacoolsoftware.com/

As with all these things run frequently and keep them up to date by downloading the updates weekly or as often as recommended.

[On edit] There is one other program which is very useful tool but dangerous in the hands of the non-expert user (like, er, a surgeon's scalpel). It's called HijackThis and allows you to examine registry entries and other key system information. I found it useful to clean up rogue registry entries that were being a pain trying to load deleted DLLs from otherwise exterminated spyware.

Instruction on use and download from http://www.tomcoyote.org/hjt/

Good luck!

Derek
--


Treblewide - 30 Dec'04 - 19:31 - 8 of 49


cheers techy dudes.

MM i run adaware and spybot regularly...does the spyware blaster stop them from hacking back in once removed?? as every time i run it i get the same cookies on adaware and spybot

ta


supermum - 30 Dec'04 - 19:32 - 9 of 49


I have run Adaware and Spydoctor... I cant access the PC til the morning now but will download the programmes suggested on my pc and run them from a CD then...
these are the spy stuff progs I run on my own PC and have not had any probs since doing so
Thanks all
still dont know what safe mode will do????? or how i run it.. should i do it in this mode?

SM


Treblewide - 30 Dec'04 - 19:34 - 10 of 49


ah bugger spyware blaster not protect Netscape?


MightyMicro - 30 Dec'04 - 19:36 - 11 of 49


Treble: Spywareblaster does the following (from their website) and more (you can optionally block Flash if Flash ads get up your nose).

Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests.
Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
Restrict the actions of potentially dangerous sites in Internet Explorer.

SpywareBlaster can help keep your system spyware-free and secure, without interfering with the "good side" of the web.

And unlike other programs, SpywareBlaster does not have to remain running in the background.

SpywareBlaster is freeware for personal and educational use.

D.


Optimist - 30 Dec'04 - 19:37 - 12 of 49


Supermum

Windows XP does not have a DOS mode (You can run a DOS command prompt but this is not the same as safe mode and will not help you).

To boot into safe mode, restart the computer and press F8 when it says "Starting Windows", you can then select a number of options, choose safe mode with network support and keep the machine in safe mode until it is clear.

Restarting in normal mode could allow a virus to reinstal itself.

MM's advice is excellent. You will probably need Spybot S&D to get rid of coolwebsearch but safe mode running is also important.

You should also dissable system restore.


Treblewide - 30 Dec'04 - 19:40 - 13 of 49


MM...cheers....going to use Firefox from now on..just finished downloading it and it has just transpferred all of my settings from Netscape and IE.

Now only if it were easy/posible to take IE of my pc it would be gone in a second!


MightyMicro - 30 Dec'04 - 20:09 - 14 of 49


sm, Treble and others: I've updated my post #7 above to include information about "HijackThis" a powerful tool for experts.

Cheers,

D.


supermum - 30 Dec'04 - 20:11 - 15 of 49


I have downloaded all this and printed it off so I can do all this..... I assume I can run all these programmes in safemode and as I dont have to go online to do it I just restart as normal after doing the deed?

treble - I use MYIE - which is a copycat browser - maybe this is why i don't have any probs now - I HATE anything GATES!!!
http://www.myie2.com/index2.htm
- thanks all for the advice
SM


tyketto - 30 Dec'04 - 21:19 - 16 of 49


NOTE
Recommend updating SpywareBlaster every weekend as new stuff being generated
all the time.
Also Spybot S&D and Adaware.
mac


jfwinvestments - 02 Jan'05 - 20:06 - 17 of 49


Supermum


Alchem

http://www.kephyr.com/spywarescanner/library/alchem/index.phtml


Agincourt !


supermum - 02 Jan'05 - 23:03 - 18 of 49


Agincourt - how nice to see you this side of the street!! wish I had seen that link before. I have done ZERO stock research trying to solve this problem.... dunno how I got meself volunteeered!

Thank you all - I have solved them all!!!
I ran all the programmes suggested and in safe mode but was still stuck with 2 embedded files and a default IE home page which was not changeable. Just went to porn sites!
soooo...... in desperation (8 hours later!)I did a search on google for 'active Scan' which I found on a help page somewhere - it directed me to pandasoftware.... with a large amount of suspicion but nothing left to lose I down loaded their Titantium version - the super duper version.. 30 days free evaluation.. gulp! I ran it in safe mode and it found 9!!! things and on cleaned them all except one
I rebooted and rescanned in normal mode... Iwas then offered the opportunity to delete a file.. I did and then rebooted again... all gone!
I ran it again tried all the bells whistles and then some... still all gone and my buddy can load up her home page again - so lots of brownie points and a BIG thanks to you all

xxxxx
SM


Ruth - 04 Jan'05 - 12:11 - 19 of 49


im having problems with one of my machines,whenever i say for example go into a level 2 screen and try and type in the box to change epic, no new letters will type in,just blank as if they arent working,its not only on money am, i cant change any letters or add anything new in e-signal either,and when i go to msn messenger i ant type in my password?in fact i cant type in anywhere,im cresting this post from a second computer.
i can browse the web etc and look at whatever i want, its just that i cant type anything in anywhere, any suggestions,
i did remove a load of old stuff over the last few days, have i deleted a file by accident?or have i got a virus?done a virus check, coming up ok,


Ruth - 04 Jan'05 - 12:16 - 20 of 49


oh and my pipex email account wont work from my envelope button on my keyboard
oh dear, not a good start to they new trading year.


Optimist - 04 Jan'05 - 12:20 - 21 of 49


Ruth

Are you sure that it's not the keyboard?

I would suggest that you reboot with a different keyboard. Don't ignore the possibility of a virus though. Do a scan with Adaware and Spybot S&D as well as your anti virus.


Iain - 04 Jan'05 - 12:25 - 22 of 49


all i ever get is a DSO EXPLOIT.I remove it but it always comes back.What is it and how do i stop it??


Optimist - 04 Jan'05 - 12:30 - 23 of 49


The DXO exploit that Spybot detects can be ignored.


TullettJ (MoneyAM) - 04 Jan'05 - 12:30 - 24 of 49


supermum,

I've just emailed you with a link to some useful software. Should help sort all your problems.

J.


tyketto - 04 Jan'05 - 12:33 - 25 of 49


Iain,
I've had that on one of my comps(98)
for a couple of years.If you go to thier site
they ack it and say they are working on it!
Doesn't seem to do any harm.
Cleared it off my 2000 machine OK.
mac


Ruth - 04 Jan'05 - 12:54 - 26 of 49


Optimist, your a star, it was the bloody keyboard. i should have checked theat first i suppose, but im useless with computers,didnt even cross my mind:-(
its only a couple of months old, a packard bell one, looks like its going back to pc world,;-)
thanks again for kind help, Ruth xxx


MightyMicro - 04 Jan'05 - 14:19 - 27 of 49


That Spybot DSO exploit is a harmless "false positive". If you explore further, you'll find that it's our old friend Microsoft that's responsible.


Iain - 04 Jan'05 - 16:50 - 28 of 49


Thanks all


supermum - 04 Jan'05 - 19:05 - 29 of 49


jon -all received thanks ;-)

SM


Spaceman - 04 Jan'05 - 22:43 - 30 of 49


I am too remote and I dont have time to do this at the moment but I think it is probably worth some of us getting together a thread explaing these processes and acting as a focus for this type of problem. For the reasons in the next paragraph I suggest that such a thread should be read only !!!!!

There is a lot of confusion about Virus infections, Spyware and Troijans at the moment and most of these threads end up with a lot of repeated information and some wrong and missleading information in them.

The answer to all of Supermums problems are in the PC problems thread but they would be very difficult to find. (I know they are there because I have writtens a fair chunk of them;-) ).

If Coolwebsearch is confirmed in Supermums case then I would recommend using CWshredder version 2.1 or above from its new home :-

http://www.intermute.com/spysubtract/cwshredder_download.html

You need the standalone version, this is about the only porogram that will clear the recent versions of coolwebsearch. CWS malware is one of the most difficulty to remove.

Also please note, at the moment there is no single simple method of clearing all of these infections, I know its frustrating to anyone with an infected computer but it will take many hours of boring scanning and several periods of concentration to remove these pests. It can be done and there are people here who will help but you have to be patient and be prepered to foillow instructions precicly.

Sorry I cant help more at the moment but being in a time zone thats 11 hours different from the UK makes it difficult.

Good Luck......


MightyMicro - 04 Jan'05 - 23:09 - 31 of 49


Spaceman: I do agree with you, although I must say that CWShredder proved ineffective in my own case. It may be that I didn't have the latest version.

If I ever meet Mr Coolwebsearch, he will get both barrels.

I've asked one of our guys if we (at IST) could host an anti-spyware information and link page. Having had to deal with and help a number of people lately,it seems like the neighbourly thing to do.

Cheers

anyone know if their was a virus thread on bb's ?

Little prob I am unable to resolve on my XP Pro setup.

Folders whether desktop or navigating around explorer are un responsive to change, that is unable to rename or delete without PC locking up. I am unable to drag files from other drives or across network into folders as lockup occurs.

Furthermore my recycle bin has a folder named STOCK 4Kb which is unmoveable and any attempt to empty causes lockup. I have tried rebuilding the recycle bin, but it just stays as the original.

All help appreciated.

Tried rebuild XP but message no hard drives appear in fact I have 2 x 40Gb striped. Tried unplugging USB devices but still no good.

Thanks

Graham

You've tried to roll it back to a known good point I guess?
Also I believe there were problems with associating Phoptoshop with long file names with results similar to this - the solution was to uninstall PShop and reinstall it with no associations.

I don't know why you're running Raid 0 but http://faq.storagereview.com/SingleDriveVsRaid0 might be worth a scrote!

Dexterdog, is you raid working correctlys, how is it implemented? is it software or hardware driven?

Are the disks actually full? have you checked for viri? have you done scandisk and defrag?

I have rolled it back to no avail virus checked daily with AVG 7 and latest Stinger.exe, I run spybot and adaware and spyware blaster.

I do not run photoshop and have run scandisk and defrag, raid is 2 x 40 gb hardware driven I believe and plenty of room left on drives, it is a Croc setup from a couple of years ago, AMD 2400 and 512 Mb ram.

DexterDog,

Not sure what this is it could be a Trojan or it could be hardware (or Software ;-)) failure.

The problem you have when trying to rebuild XP is probably that it needs to know about the raid drive in order to install, I don't have time to check now but early in the procedure you will need to make it aware that you have a raid, for w2k it used to ask you for a disk but I cant remember how it works for xp.

Do you have you important info backed up? if not I suggest you do it soon as your system could fail soon.

Depending on the level of raid you can increase the chance of data loss, as some of the performance enhancing simple setups do not provide redundancy and as they share data the failure of any drive can cause data loss. Personally I do not recommend raid for home users.

I've never created a striped or Raid 0 disk because of it's lack of fault tolerance but, from what I can glean to do it in XP you first load xp on one disk then introduce the other(s) later.....as below.....

Right-click unallocated space on one of the dynamic disks on which you want to create the striped volume, and then click New Volume.
In the New Volume Wizard, click Next, click Striped, and then follow the instructions on your screen.
Notes

To open Computer Management, click Start, and then click Control Panel. Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management.
You must be logged on as an administrator or a member of the Administrators group in order to complete this procedure. If your computer is connected to a network, network policy settings might also prevent you from completing this procedure.
You need at least two dynamic disks to create a striped volume. You can create a striped volume onto a maximum of 32 disks.
Striped volumes are not fault tolerant and cannot be extended or mirrored.

I totally agree with spaceman hat you should get your data safe. I would then remove any raid hardware and rebuild xp onto one disk then introduce the other as a standard disk - forget raid 0, performance improvements are minimal!

i have run chkdsk and a there is a problem with my file system.

The cure being run CHKDSK /F

However this will not run as something else is being accessed and do I want to run on reboot. Y and it runs but goes through so fast I am unable to read the final diagnosis. I have also tried running in safe mode with cmd prompt.

I am now able to drag some files from my A into a folder on my desktop but when a large batch of files is attempted across the network I get preparing to transfer and it just hangs.

I am also still unable to rename the folder on the desktop, lockup occurs but reverts back to new folder on reboot.

Try adding r i.e. chkdsk /f /r the /r finds bad sectors.

Also if you find which raid controller is fitted you may find utilities on their site which could help defraging to disks..

Hi,
I am in a right pickle. Ive got an old panasonic CF-25 laptop. When I switck it on it goes through the normal process of memory scan then 'please run setup program.' 'press F1 to continue.' I put in my windows 98 boot disk, the floppy drive starts then stops and all I get is a flashing line in the top right corner of the screen. I cant get into dos or anything to fdisk. I am stuck!!
Can anybody please help?

wilbs

Can you set it to boot from floppy?

Its set to boot from floppy but doesnt do anything. I think maybr the hard drive is faulty?

wilbs,
you`ve made enough lately, buy a new one, or even two so you`ve got a back-up!!!!. seriously, it sounds similar to when my hard drive went, although i`m no techie.
dexter