weird and strange behavior

skitz · Sep 11, 2006

I have a couple of things which are baffling me, and i have tried everythoing I know, as well as searched the forums with limited sucess
#1-my router came with pc-cillin, which when running will not let me access the internet(therefore no updates or registration is possible)
Easy-just exit the app, and i can access the internet(not what i want-but ok for the time being)

#2-every once in a while-my start button goes blank and no programs on my desktop will run when clicked on--WINDOWS CANNOT FIND SPECIFIED DEVICE OR FILE

I have run through your file list of thiings to do, and will attch log files as requested, in my next post

skitz · Sep 11, 2006

from my previous post, please find attachments here....

skitz · Sep 11, 2006

part 2 of required files submission
ccleaner done
malicious software scanner-no threats
spybot s&d no threats
windows defender-no threats

panda quick remover did remove 1 infection(dont recall what it was)
cwshredder removed coolwebsearch

skitz · Sep 11, 2006

cwshredder found cws.msconfig
after fix--->returns

skitz · Sep 11, 2006

any ideas anyone?>

chaslang · Sep 12, 2006

Your problem is not malware. It is end user cockpit problems.

You have multiple antivirus applications installed. See step 3 of the READ ME. Uninstall all but one.
You have THREEE firewalls installed. See step 3 of the READ ME. Uninstall ALL but one.
You may not be allow various applications to have access thru your firewall. You have to configure this yourself.
You also have Ewido, Spybot's Teatimer (we asked you not to run this in the READ ME) and Windows Defender all running and fighting each other. If Ewido is a free trial, uninstall it. If it is a paid version, keep it and uninstall Windows Defender. But either way you must disable Teatimer unless you uninstall both Ewido and Windows Defender.

If you want to keep TrendMicro software you need to dump all the junk from Earthlink (which includes
Aluria Firewall and Authentium's Command Antivirus)

You can however have HijackThis fix the below:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {0519A9C9-064A-4cbc-BC47-D0EACD581477} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {465A59EC-20E5-4fca-A38A-E5EC3C480218} - (no file)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no file)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} -

skitz · Sep 14, 2006

chaslang said:

Your problem is not malware. It is end user cockpit problems.

You have multiple antivirus applications installed. See step 3 of the READ ME. Uninstall all but one
.
You have THREEE firewalls installed. See step 3 of the READ ME. Uninstall ALL but one.
You may not be allow various applications to have access thru your firewall. You have to configure this yourself.
You also have Ewido, Spybot's Teatimer (we asked you not to run this in the READ ME) and Windows Defender all running and fighting each other. If Ewido is a free trial, uninstall it. If it is a paid version, keep it and uninstall Windows Defender. But either way you must disable Teatimer unless you uninstall both Ewido and Windows Defender.

If you want to keep TrendMicro software you need to dump all the junk from Earthlink (which includes
Aluria Firewall and Authentium's Command Antivirus)

You can however have HijackThis fix the below:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {0519A9C9-064A-4cbc-BC47-D0EACD581477} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {465A59EC-20E5-4fca-A38A-E5EC3C480218} - (no file)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no file)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} -
Click to expand...

thank you so much, sorry about the teatimer, have had it running for quite a long time, didnt realize it was still enabled.
all issues seem to be resolved, av updates as it should and reports system as clean.
system running smoothest it ever has, many thanks to you for your knowledge and help
skitz

chaslang · Sep 14, 2006

You're welcome! Make sure you work thru the below link:

How to Protect yourself from malware!

Log in or Sign up

weird and strange behavior

skitz Private E-2

skitz Private E-2

Attached Files:

runkeys.txt

newfiles.txt

bdscan.txt

skitz Private E-2

Attached Files:

hijackthis.log

Activescan.txt

skitz Private E-2

skitz Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

skitz Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Log in or Sign up

weird and strange behavior

skitz Private E-2

skitz Private E-2

Attached Files:

runkeys.txt

newfiles.txt

bdscan.txt

skitz Private E-2

Attached Files:

hijackthis.log

Activescan.txt

skitz Private E-2

skitz Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

skitz Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

Useful Searches