2 Big Problems!!

I am having a huge problem on mys system with some kind of registry change called Wow Access and with another called My Soft. I can't seem to rid them off of my computer and my Internet Explorer seems to open by itself to a page called FindJizz.com and it opens 20 to 25 pages of the same site called FindJizz.com. I have gotten rid of CoolWWWSearch already but can't seem to get rid of these new ones. I am also having trouble using remove about:blank buddy because I still have traces of about:blank under the restore configuration settings of remove about:blank buddy. I am pulling out my hair with all of these problems. Any help?

 

If I do run all the steps in the read me first tutorial and they don't work, how do I unzip the hijack this file and how do I creat a file called C:\ProgramFiles\HJT in a separate folder. I am unsure how to do either.

 

Here is my hijcakthis logfile.

 

Sorry about that, the tutorial has some added steps that I didn't do last year when I got about:blank and I have not updated some of the programs listed that I have.

 

I think that notepad.exe listed 3 times might be from when I was having a problem saving the hijack this logfile to a folder, although I don't know. I am not quite sure because I am still kind of new to all of this depsite the fact that I have asked you guys for help before.

 

No I did not rename it notepade so it must be the trojan problem you are talking about. Sorry if this is taking me some time but some of it is confusing. Thank you for everything so far and hopefull I can remedy thiis without bugging you guys too much. Thanks again.

 

I have run all the steps in the read me first before asking for support tutorial and unfortunately I am still having problems. It seems that I still keep getting sent to various porn websites all that end with search.com or find.com. I ran all the necessary scans and followed the tutorial step by step. I haven't run hijackthis but ran the other optional steps and still no luck. What would be the next option for me to try and get rid of this problem. Thanks again and I apologize that it took me so long to get this far. Thanks.

 

Here is my hijackthis logfile. Thanks for all your help.

 

I could not find the file winpipe.exe in the C:/Windows/system32 file. Did I look wrong or could the file just not be there?

 

Here is my current hijackthis logfile after I removed what you told me to remove with hijackthis and after I rebooted. Things seem to be ok so far.
Thank you very much for all your help.

 

Things are runnning good so far. Rmail is probably readnotify which is a program I use that tells me when people have opened emails that I send them. If there are any programs running that you see and don't feel I need besides that please let me know. I really can't thank you enough for all of your help and its also great because I am learning a little more about my computer and how to keep it running as best as possible.

 

I apologize if I seem ignorant but in your last post when you say "this only stops them from starting on startup" what does that mean? Doies that mean every time I reboot I will have that problem. Also in regards to limewire, should I remove it from my system? I use it to download music along with Itunes but I can take it out if it will help. Thanks again.

 

Thank you very much for everything. I have been online all evening and have had no problems and no symptoms of what I had before. I am going to get rid of limewire (I payed a subscription fee to them and was not aware that it was still illegal to download through them!). Thanks again and hopefully I won't be back bugging you guys anytime soon. Thanks again!!!

 

Hate to bother you again but today when I booted up I was not able to get open Internet Explorer. I tried rebooting and tried opening it again and still no response. I can still open outlook express so its not my wireless internet connection so I am a little puzzled. I checked my internet settings and my homepage or anything else hasn't been changed from what I see. I also ran a few of the scans from the read me first tutorial and they returned no results.....Adaware, spybot, and a2 to be exact. Any ideas??? Thank you. I am currently contacting you because I have started in safe mode with networking.

 

I made a mistake and posted a new thread with regards to my current problem. Chaslang told me to continue using this thread. My current problem is that I now seem to have a problem with a hijacker called PSguard. Yesterday I could not get onto Internet Explorer in normal mode and today the same thing. Every time I boot in normal mode I get a blue screen after all the desktop icons come up and it says its dumping physical memory. I can't do anything and have to reboot into safe mode with networking just so I can get onto your site to post these. I have run through all the steps in the Ream me first tutorial and I stil have this psguard. I removed it with Adaware, spysweeper and spybot and yet it is sitll on my system. What can I do?

 

Two questions about smitrem. Should I save it to the same folder that I saved the rest of the spyware tools to and second once I do that I tried finding the smitrem.exe but the closest thing I saw was a smitrem.reg.exe. Should this be ok or am I doing something wrong?

 

I tried running smitrem. It gave me a list of extracted files and one of them was Ltd_fix.exe. I tried to run it but it says that all files have already been extracted. I highlighted it twice and clicked on start and nothing seems to happen. I have tried attaching the whole folder that is labeled smitrem after the extraction but it doesn't seem to attach or work. I apologize if I am doing this wrong but I feel I am following your instructions correctly and it deosn't seem to work.

 

Sorry I think I figured it out..........here's what I got.

 

OK good, here is my current hijack this logfile. Thanks again for all your help.

 

I have been at this for the last day and a half and I am stuck. I can't seem to get ewido to finish its scan. I run it, following the steps you have instructed and the scan keeps stopping when it hits around 20-21%. I let the scan run for well over 2 hours and it doesn't get past 21.7% finished. That is the mark I have gotten to 7 times and then it doesn't go any further. I am running it in safe mode as instructed. I don't know what else to do.

 

Alright, I had another problem. I tried to download killbox and my computer froze. I tried to reboot and now all that keeps happening is this blue screen with a long message on it that I have seen before. The blue screen appears after half of my desktop icons have loaded up and then it freezes and the blue screen appears. This happens when I boot in safe mode, safe mode with networking or normal boot. I can't do anything. The message says that a problem has been detected and windows has been shut down to prevent damage to the computer.
It then says check to see if there is adequate disk space. If a driver is identified in stop message disable driver or check with manufacturer for updates. Try changing video adapters.
Check with hardware vendor for any bios updates. Disable bios memory options like caching or shadowing. If you need to use safe mode to remove or disable components do so.
Technical info: 0x0000008E (oxc0000005, 0x0026003c, 0xf8380ca0, 0x000000000)
Beginning dump of physical memory
Physical memory dump complete
Contact system administrator or technical support group for further assistance.

I don't know what else to do?

 

There is no driver listed in the error message, only what I wrote out for you. I am concerned because I can't see any other way to get on to continue the steps you gave me to fix this problem. Is there any other way to boot up without getting this blue screen with that message?

 

I still keep getting the blue screen and message I posted earlier. I keep checking to see if there is any additional info but the message still reads as I posted earlier with no drivers or anything listed. Still not sure what to do?

 

If I use the XP cd will that cause me to lose my emails or any of that type of stuff. Sorry I have turned this into a bigger problem then it probably had to be but I will try and get this right. I will let you know how it turns out after using the xp cd.

 

I am a little confused about which CD to use for the Recovery Console. I have 4 cd's that are labeled Quick Restore System Recovery CD's labeled 1-4. Those I have used in the past to set the computer back to factory settings. Then I have another CD labeled Quick Restore Application Recovery CD and then another CD labeled Operating System CD. Which one do I use for what you recommended?

 

What do I do once I get into the Recovery console. On the screen it says
1: C\Windows
Which windows installation would you like to log onto?

I don't know what to do from here??? After that if I type something in it asks for an administrator password?? I have no idea what that means?

 

After it says "Which windows installation would you like to log onto" it will only let me type in 1 character. I can't type CHKDSK/F because it only lets me type one letter or number???

 

I'm not sure what dual booting means but I know that I reinstalled windows when I used the system recovery CD's last year, so does that mean that I also reinstalled XP also. If not then I am not quite sure what it means?

 

It doesn't give me any options, it just says "Which windows installation would you like to log onto and then its blank

 

I finally got to run CHKDSK but when I then tried to run CHKDSK/F it said it was an invalid command. What can I do from here or do I have no other altrenatives?

 

I finally was able to run CHKDSK /F and it said it found nothing wrong. Then is said Default config restored and then it had C:/Windows and I can't do anything else. I am starting to get very confused as I don't really understand these screens.

 

It also tells me to type in help to get a list of valid commands and when I do that it gives me a list in alphabetical order or valid commands I can use. I don't know what to choose from that menu to reboot or to see if the computer will boot safely now.

 

Tried restart and it said command not valid and then I powered down and rebooted and that blue screen with the physical memory dump message came up. I don't know what else to try and I really do not want to use the system recovery cd's because I will lose all emails and saved media. Is there anything else I can try?

 

I'm not actually sure how much ram I have, don't mean to sound stupid but I don't know. Second, how do I burn a program like that to a cd.....I have burnt songs to cd's through a program called Musicmatch but I have never tried burning a program. How can I do it? sorry it has taken me so long to post but I was away for a bit. Thanks again.

 

I figured out how to burn the program to CD. I tried to run it once I booted up but that is the whole problem I have been having this whole time, I can't boot the computer. Whether I try normal mode, safe mode, safe mode with networking it goes to that blue screen with that physical memory dump message every time. All it lets me do is enter my logon password and then as soon as the start menu at the bottom left of my screen appears the screen goes blue with that message. It doesn't even begin to cascade the desktop items anymore. Is there another way I can run the program from the cd. I hear the cd spinning and it sounds like its going to run but that blue screen pops up and everything stops. I can't even get out of that blue screen, I have to shut the power on my surge protector to get the computer to go off. No buttons work or anything once that blue screen hits. I'm lost!!!

 

Before I burnt the program to CD I saw that at the end of the program it said .ISO and so I saved it to the CD as that. Then my computer gave me the option to burn the memstart.iso to the CD and I selected OK. It then started the burn process and said that it was copied OK. If I need to do something different I will do it, but first I will try what you told me to do.

 

OK, I tried booting the CD drive first. I had to hit F10 to get into my Phoenix Bios Setup screen. From there it gave me 4 choices. The 4 were Main, Advanced, Security, and Exit. I looked around and found the Boot order under Advanced. I went under that to where it said Boot and found these 4 choices. It was in this order Floopy Diskette, ATAPI CD ROM DRIVE, Hard Drive, and Network Boot. I moved ATAPI CD Rom up to the first slot and tried rebooting. Again it asked me for my logon password and after that the Start came up in the lower left and immediately back to the blue screen with the physical memory dump message.

 

The only other thing I have picked up on is that in the physical memory dump message that I originally posted awhile back it says the same thing that it says now in regards to If a driver is identified in the stop message disable driver or check with manufacturer for updates. Then a little further down in the message it says:
Stop: 0x0000008E (0xc0000005, 0x0026003c, 0xf8380cA0, 0x000000000)

Could that be describing the drive that they are talking about?

 

I am not fluent enough where I have done something like that before but obviously I am willing to try. Is it something you could outline for me here or would that take too long? At this point I am willing to do whatever I need to do to get this thing right.

 

I will follow your steps to take out the RAM as soon as I get home from work. I will let you know how I make out. Don't know if it makes a difference but my laptop is a Compaq Presario.

 

If I do get it open or bring it somewhere to get it done then am I still looking for the RAM cards that you described in a regular PC or will they be different. Once the card is removed am I then to close the laptop back up and reboot or do I need to get a new RAM card or something?

 

I will try a few more times to get into safe mode but if I can't get in then what do I do? Should I purchase more RAM and install it myself, is that something I would be able to do myself? I see to open my laptop I need some alan keys which I have plenty of and should have the right size. I called two places around my house that fix computers and they want $90 and $110 to open up and take a look. I also called Best Buy and they said they would do it for $65. What do you think my best alternative is? I know Best Buy says they will clean your whole system and save whatever you want saved for $325. I really would rather not.

 

FINALLY I was able to get into safe mode and ran some of the steps we had previously done earlier on. I was still not able to run that Memtest that you had my burn to disc. I am sure I burnt it correctly and yet it wouldn't open. An error message stating a file was missing kept popping up when I tried to run it.
Are you familiar with SpySweeper. That is the program I had mainly been using to protect against browser hijacks and homepage changes. Well my Startup Shield from Spysweeper pops up when I log in in normal mode, which I am now able to do after booting in safe mode and running the spyware tools I used earlier with my first problem. Well the startup shield for spysweeper reads as follows:
Startup shield has detected the following changes to the windows startup:
secmon.exe
winpipe
gxcsv.exe
StartPage
SpybotSD (I assume Spybot Search and Destroy)
KernellFaultCheck
Shell
MouseDrv
MouseDrv

Now also the Desktop is not my normal blue screen with all the desktop items. It is now Red and has an ad for a spyware tool I never heard of called RazeSpyware. It is in the background of my desktop and reads Windows recommends you the following software products to keep your PC safe.
I know certain hijackers and adware do these things to get you to purchase products but I was wondering if you have heard of this one. I can surf the net and retrieve email and I was going to run hijackthis and post the logfile but I wanted to update you as to where I stood. This has been tough but I feel like I am learning quite a bit. Sorry if this has been a pain for you. I'm trying really hard on this one.

 

Here is my current Hijackthis logfile.