<div>
Download the IE9. :)<br />
Link: <a href="http://windows.microsoft.com/en-GB/internet-explorer/downloads/ie" rel="ugc">http://windows.microsoft.com/en-GB/internet-explorer/downloads/ie</a><br />

</div>


<div>
Hi MrAlicard<br />
<br />
I can't download IE 9 &nbsp;as I got WIN XP , but I have tried &nbsp;advancedsystemcare. and It found problems in 1000's in each section, but I think it didn't help 100%. i see couple kind of error on the status bar. please see as i attach <a href="https://filedb.experts-exchange.com/incoming/2011/05_w21/459865/error1.bmp" target="_blank" title="Error on IE status bar (949 KB)"><img alt="Error on IE status bar" class="file-block lazyload" style="max-width: 720px;" data-src="https://filedb.experts-exchange.com/incoming/2011/05_w21/459865/error1.bmp" /></a> <a href="https://filedb.experts-exchange.com/incoming/2011/05_w21/459867/internet-explorer-error.bmp" target="_blank" title="Script error.. not sure what it is (3.7 MB)"><img alt="Script error.. not sure what it is" class="file-block lazyload" style="max-width: 800px;" data-src="https://filedb.experts-exchange.com/incoming/2011/05_w21/800_459867/internet-explorer-error.bmp" /></a>
</div>


error1.bmp

internet-explorer-error.bmp

<div>
Microsoft has a fix for this:<br />
<br />
<a href="http://support.microsoft.com/kb/175500" rel="ugc">http://support.microsoft.com/kb/175500</a><br />
<br />
You can disable the message so that it no longer appears by going to Tools - Options - Advanced. Under Settings - Browsing - make sure there is a tick next to &quot;Disable script debugging&quot; and ensure there is no tick next to &nbsp;&quot;Display a notification about every script error&quot;.<br />
<br />
Or try using a different browser:<br />
<br />
<a href="http://www.mozilla.com/en-US/firefox/new/" rel="ugc">http://www.mozilla.com/en-US/firefox/new/</a><br />
<br />
Good luck!!! 
</div>


<div>
Hi Phototropic<br />
<br />
I ran 'Fix This Problem' , thanks for providing. &nbsp;I will let you know how it gone.<br />
<br />
I got firefox already installed but that too behave weirdly. <br />
<br />
Finger Cross!!!<br />
<br />
Thanks!
</div>


<div>
Hi Guys..<br />
<br />
Seems like IE browser doing litte good, but not still 100%. &nbsp;<br />
And Firefox is still taking too much time to open pages or sometime faield to load images.<br />
<br />
MrAlicard:<br />
<br />
Every time I m running Advance System Care V4, it found 1000 errors.. Hmmm.. so do u think its fininding really bug.<br />
<br />
Please suggest more ideas /soltuions.. <br />
Thanks!<br />

</div>


<div>
Hi Phototropic<br />
<br />
Mbam scan is in progress, &nbsp;I will post report v soon<br />
Ccleaner done.<br />
Speed Test result: &nbsp;via <a href="http://www.speedtest.net/" rel="ugc">http://www.speedtest.net/</a><br />
<br />
WireLess<br />
<br />
PING : 42 ms<br />
DOwnload Speed: Between 2 - 4.96 mbps<br />
Upload Speed : 0.56 Mbps<br />
<br />
Wired<br />
<br />
<br />
PING : 198 - 230 ms( some it varies , and even reporting 25 ms also)..confused<br />
DOwnload Speed: Between 6 - 7 mbps<br />
Upload Speed : 0.62 Mbps<br />
<br />
Seems like above speed is acceptable<br />
I got Win Xp &nbsp;OS<br />
Intel core &nbsp;i5CPU<br />
M560 @ 2.67 Ghz<br />
2.92 Gb RAM<br />
Thanks!<br />

</div>


<div>
There appears to be no problem with the speed of your connection.<br />
<br />
How is the computer's performance generally? &nbsp;Maybe you have a lot of background tasks running.<br />
<br />
Please post a Hijackthis log:<br />
<br />
<a href="http://uk.trendmicro.com/uk/products/personal/free-tools-and-services/" rel="ugc">http://uk.trendmicro.com/uk/products/personal/free-tools-and-services/</a><br />
<br />
Download the installer. Click on &quot;Do a system scan and save a logfile&quot;. Post the scan log here via the &quot;file&quot; &nbsp;tab below.
</div>


<div>
Hi phototropic<br />
As u have requested, please see logs files for both Mbam and Hijack this<br />
<br />
<a href="https://filedb.experts-exchange.com/incoming/2011/05_w21/461387/mbam-log-2011-05-20--23-25-51-.txt" target="_blank" class="file-inline" title="MBAM logs (1 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>mbam-log-2011-05-20--23-25-51-.txt</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2011/05_w21/461388/hijackthis.log" target="_blank" class="file-inline" title="HIJACKthis log (17 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>hijackthis.log</a>
</div>


mbam-log-2011-05-20--23-25-51-.txt

hijackthis.log

<div>
Just in case&gt; &nbsp; A guide and tutorial on using ComboFix:<br />
<a href="http://www.bleepingcomputer.com/combofix/how-to-use-combofix" rel="ugc">http://www.bleepingcomputer.com/combofix/how-to-use-combofix</a>
</div>


<div>
From the HJT log file there are at least three &quot;file missing&quot; entries, including &quot;Program Files\IBM\Java60\jre\bin\j<wbr />qs.exe&quot;, but its unlikely these are contributing towards the problem ... in any case HJT is probably not showing any remaining infection(s).<br />
<br />
Incidently by using MSCONFIG, you may wish to disable a number of processes that launch automatically at Startup ..this could help, <b>after</b> disinfecting.
</div>


<div>
Looking at just the wired connection for now, are you connecting to the network in full duplex or half duplex? &nbsp;Usually you can tell from an indicator light on the network port on the router or switch (or on the computer's network jack) whether it's running in half or full duplex. &nbsp;
</div>


<div>
hi &nbsp;Jonvee<br />
<br />
combofix ran OK. Please see log file as attched below<br />
<br />
thx<br />
<a href="https://filedb.experts-exchange.com/incoming/2011/05_w22/462285/Combo-log.txt" target="_blank" class="file-inline" title="combo log (17 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>Combo-log.txt</a>
</div>


Combo-log.txt

<div>
From your ComboFix log file you can see that several tmp files have been created, together with an Icon386ED4E3.exe file. &nbsp;More detail attached:<br />
<a href="http://www.prevx.com/filenames/1403485638806000688-X1/ICON386ED4E3.EXE.html" rel="ugc">http://www.prevx.com/filenames/1403485638806000688-X1/ICON386ED4E3.EXE.html</a><br />
<br />
If you do not recognise this particular .exe file, may i suggest you run ComboFix for a 2nd scan, and follow these instructions &gt;&gt;&nbsp;<br />
<br />
<br />
1. Open Notepad. <br />
2. Copy &amp;&nbsp;paste all text between the lines below, into Notepad window:<br />
==========================<wbr />==========<wbr />==========<wbr />==========<wbr />=<br />
<br />
File::<br />
<br />
Icon386ED4E3.exe<br />
c:\windows\DUMP92e9.tmp<br />
c:\windows\DUMP9191.tmp<br />
c:\windows\DUMP1846.tmp<br />
c:\windows\DUMP929b.tmp<br />
c:\windows\DUMPbf39.tmp<br />
c:\windows\DUMP9049.tmp<br />
c:\windows\DUMPb90f.tmp<br />
c:\windows\DUMP9eff.tmp<br />
c:\windows\DUMP9d3a.tmp<br />
c:\windows\DUMP9877.tmp<br />
c:\windows\DUMP95b8.tmp<br />
c:\windows\DUMP8e36.tmp<br />
<br />
==========================<wbr />==========<wbr />==========<wbr />====<br />
3. Now Save the above as CFScript.txt on your desktop.<br />
4. Then drag the CFScript.txt just created into ComboFix.exe. This will re-start ComboFix, &amp;&nbsp;the problem should be removed.<br />
<br />
5. Finally, please attach the newComboFix logfile.
</div>


<div>
I could see some .dll and .sys files as well with randon names and same sizes in your combofix logs.<br />
<br />
You should remove them as well.<br />
<br />
2011-03-03 13:21 . 2004-08-04 05:00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;1857920 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;----a-w- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;c:\windows\system32\win32k<wbr />(2)(4).sys<wbr /><br />
2011-03-03 13:21 . 2004-08-04 05:00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;1857920 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;----a-w- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;c:\windows\system32\win32k<wbr />(2)(4)(3).<wbr />sys<br />
2011-03-03 13:21 . 2004-08-04 05:00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;1857920 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;----a-w- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;c:\windows\system32\win32k<wbr />(2)(3).sys<wbr /><br />
2011-03-03 06:55 . 2004-08-04 05:00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;149504 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;----a-w- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;c:\windows\system32\dnsapi<wbr />(2)(3).dll<wbr /><br />
2011-03-03 06:55 . 2004-08-04 05:00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;149504 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;----a-w- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;c:\windows\system32\dnsapi<wbr />(2)(3)(3).<wbr />dll<br />
2011-03-03 06:55 . 2004-08-04 05:00 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;149504 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;----a-w- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;c:\windows\system32\dnsapi<wbr />(2)(2).dll<wbr /><br />
<br />
1. Open Notepad.<br />
2. Copy &amp;&nbsp;paste all text between the lines below, into Notepad window:<br />
==========================<wbr />==========<wbr />==========<wbr />==========<wbr />=<br />
<br />
File::<br />
c:\windows\system32\win32k<wbr />(2)(4).sys<wbr /><br />
c:\windows\system32\win32k<wbr />(2)(4)(3).<wbr />sys<br />
c:\windows\system32\win32k<wbr />(2)(3).sys<wbr /><br />
c:\windows\system32\dnsapi<wbr />(2)(3).dll<wbr /><br />
c:\windows\system32\dnsapi<wbr />(2)(3)(3).<wbr />dll<br />
c:\windows\system32\dnsapi<wbr />(2)(2).dll<wbr /><br />
==========================<wbr />==========<wbr />==========<wbr />====<br />
3. Now Save the above as CFScript.txt on your desktop.<br />
4. Then drag the CFScript.txt just created into ComboFix.exe. This will re-start ComboFix, &amp;&nbsp;the problem should be removed.<br />
<br />
5. Finally, please attach the newComboFix logfile.<br />
<br />
Also did you ran the Full System Scan of MalwareBytes? You must if you haven't also you must update it before running.<br />
<br />
After that I would recommend you to run the ESET online scan<br />
<br />
<a href="http://www.eset.com/us/online-scanner" rel="ugc">http://www.eset.com/us/online-scanner</a><br />
<br />
Sudeep
</div>


<div>
Hi S Sharma/ Jonvee<br />
<br />
Can u please tell how can I drag the CFScript.txt into ComboFix.exe (step 4), &nbsp;Sorry I do not understand can u please explain again, that what I should do after I save as CFScript.txt , so Shall I just save somwhere and run combofix.exe , will that pickup the file by itself.<br />
<br />
Thanks!
</div>


<div>
Guys<br />
<br />
Please see attached file, often see on my IE browsers. Please check if u guys have an Idea.<br />
<br />
Thanks!<br />
<a href="https://filedb.experts-exchange.com/incoming/2011/05_w22/463703/ie-ERROR.bmp" target="_blank" class="file-inline" title="IE error (949 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>ie-ERROR.bmp</a>
</div>


ie-ERROR.bmp

<div>
Answering your 1st question ... <br />
<br />
After you save as CFScript.txt on your desktop, &nbsp;drag the CFScript.txt just created, on to the top of the ComboFix.exe icon, and let your mouse button go. This is shown in the picture, if you scroll down in the link below. &nbsp; <br />
It will re-start ComboFix, automatically.<br />
<a href="http://www.bleepingcomputer.com/combofix/how-to-use-combofix" rel="ugc">http://www.bleepingcomputer.com/combofix/how-to-use-combofix</a><br />
<br />
--------------------------<wbr />-----<br />
<br />
&gt;&gt;errors on this webpage might cause it to work incorrectly&lt;&lt;<br />
<br />
There was a similar problem earlier, unfortunately to date its a case of &quot;unable to resolve&quot;, however, will investigate further ...<br />
<br />
Errors on this webpage might cause it to work incorrectly permissions denied:<br />
<a href="https://www.experts-exchange.com/questions/26795281/Errors-on-this-webpage-might-cause-it-to-work-incorrectly-permissions-denied.html" rel="ugc nofollow">https://www.experts-exchange.com/questions/26795281/Errors-on-this-webpage-might-cause-it-to-work-incorrectly-permissions-denied.html</a>
</div>


<div>
For the webpage error you may find this MS article useful&gt;<br />
&quot;How to troubleshoot script errors in Internet Explorer on Windows-based computers&quot;:<br />
<a href="http://support.microsoft.com/kb/308260" rel="ugc">http://support.microsoft.com/kb/308260</a>
</div>


<div>
Create the file as suggested on your desktop and I am sure you have Combofix.exe on your Desktop as well. So click on CFScript.txt and drag it to Combofix.exe<br />
<br />
CFScript.txt --&gt; Combofix.exe.<br />
<br />
I hope that would help.<br />
<br />
Sudeep<br />
<br />
Further basis on the files found by Jonvee and me the new script is below:<br />
1. Open Notepad.<br />
2. Copy &amp;&nbsp;paste all text between the lines below, into Notepad window:<br />
==========================<wbr />==========<wbr />==========<wbr />==========<wbr />=<br />
<br />
File::<br />
<br />
Icon386ED4E3.exe<br />
c:\windows\DUMP92e9.tmp<br />
c:\windows\DUMP9191.tmp<br />
c:\windows\DUMP1846.tmp<br />
c:\windows\DUMP929b.tmp<br />
c:\windows\DUMPbf39.tmp<br />
c:\windows\DUMP9049.tmp<br />
c:\windows\DUMPb90f.tmp<br />
c:\windows\DUMP9eff.tmp<br />
c:\windows\DUMP9d3a.tmp<br />
c:\windows\DUMP9877.tmp<br />
c:\windows\DUMP95b8.tmp<br />
c:\windows\DUMP8e36.tmp<br />
c:\windows\system32\win32k<wbr />(2)(4).sys<wbr /><br />
c:\windows\system32\win32k<wbr />(2)(4)(3).<wbr />sys<br />
c:\windows\system32\win32k<wbr />(2)(3).sys<wbr /><br />
c:\windows\system32\dnsapi<wbr />(2)(3).dll<wbr /><br />
c:\windows\system32\dnsapi<wbr />(2)(3)(3).<wbr />dll<br />
c:\windows\system32\dnsapi<wbr />(2)(2).dll<wbr /><br />
==========================<wbr />==========<wbr />==========<wbr />====<br />
3. Now Save the above as CFScript.txt on your desktop.<br />
4. Then drag the CFScript.txt just created into ComboFix.exe. This will re-start ComboFix, &amp;&nbsp;the problem should be removed.<br />
<br />
5. Finally, please attach the newComboFix logfile.
</div>


<div>
hi S S/Jonvee<br />
<br />
Please find combo log file attached as suggested.<br />
<br />
Note: When ever I am running combo.exe I get &nbsp;rmbr.cfxee error window, I have attached that file too<br />
<br />
thanks!<br />
<a href="https://filedb.experts-exchange.com/incoming/2011/05_w22/463921/comboRunError.bmp" target="_blank" class="file-inline" title="error during combo.exe run (1.0 MB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>comboRunError.bmp</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2011/05_w22/463922/Combo-log2.txt" target="_blank" class="file-inline" title="Combo Scan 2 (14 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>Combo-log2.txt</a>
</div>


comboRunError.bmp

Combo-log2.txt

<div>
So is this the error you are getting when you drag the CFScript.txt to Combofix.exe, right?<br />
<br />
Sudeep
</div>


<div>
Hi S S<br />
<br />
Ya, I get last 2 time when I run combo.exe , but just I need to close the window as it don't interrupt combo.exe run. <br />
<br />
Thanks!
</div>


<div>
From your latest ComboFix log, it doesn't look as though those tmp files have been deleted, so presumably CF never ran.<br />
&nbsp;<br />
&lt;rmbr.cfxxe has encountered a problem and needs to close&gt;<br />
<br />
Thought at first that you had a rootkit attached to the mbr(Master Boot Record), but there's no reference to an mbr in the ComboFix log.<br />
<br />
It's past midnight over here ...will scrutinise the log more closely in the morning.
</div>


<div>
Can you paste the resulting TDSSKiller log here please, ready to study in the morning? &nbsp;Tks ...
</div>


<div>
HI Jonvee<br />
<br />
I scan TDSsKiller , but not found nothing infected. anyway pls look the report<br />
<a href="https://filedb.experts-exchange.com/incoming/2011/05_w22/463950/TDSSKiller.2.5.3.0-28.05.2011-13.txt" target="_blank" class="file-inline" title="TDssKiller scan report (5 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>TDSSKiller.2.5.3.0-28.05.2011-13.txt</a>
</div>


TDSSKiller.2.5.3.0-28.05.2011-13.txt

<div>
Thanks for the report.<br />
Two questions ... did you run CCleaner to clear your Temp file cache, as first suggested by phototropic?<br />
<br />
Also, did you notice whether the slow internet access began after a Symantec Client Security package installation, or an update?<br />
<br />
Finally, can you try the ESET Online Scanner, a free, &amp;&nbsp;powerful tool: <br />
<a href="http://www.eset.com/online-scanner" rel="ugc">http://www.eset.com/online-scanner</a>
</div>


<div>
hi Jonvee<br />
<br />
1) Yes, I ran Ccleaner, I always have this in my all PCs. <br />
<br />
2) No. I have symantec since beginning as this my 2 month old laptop just, its must to keep that. I think too symantec AV might is one problem but I can't ignore/avoid it.<br />
<br />
<br />
3) I tried to run ESet scanner, but I am having probl. it asking for Proxy Settings. I have checked , no proxy is enable. &nbsp;Pls see attachment<br />
<a href="https://filedb.experts-exchange.com/incoming/2011/05_w22/464001/ESETscanner-Error.bmp" target="_blank" class="file-inline" title="Eset scanner run error (949 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>ESETscanner-Error.bmp</a>
</div>


ESETscanner-Error.bmp

<div>
See if these comprehensive instructions help. &nbsp;From here you should be able to see how to start downloading the virus signature database:<br />
<br />
<a href="http://www.myantispyware.com/2009/11/21/how-to-use-eset-online-scanner/" rel="ugc">http://www.myantispyware.com/2009/11/21/how-to-use-eset-online-scanner/</a>
</div>


<div>
MSGK161091,<br />
Your laptop could be infected with a trojan, or equivalent, that is blocking the ESET scanner. &nbsp;See if you can connect to: <br />
<a href="http://www.eset.eu" rel="ugc">www.eset.eu</a>. <br />
<br />
Then try the instruction here&gt;<br />
<a href="http://www.eset.eu/knowledge-base/virus-signature-database-could-not-be-updated" rel="ugc">http://www.eset.eu/knowledge-base/virus-signature-database-could-not-be-updated</a><br />
<br />
It may be possible to rename the ESET scanner.<br />
<br />
Further information:<br />
<a href="http://kb.eset.com/esetkb/index?page=content&id=SOLN2256" rel="ugc">http://kb.eset.com/esetkb/index?page=content&id=SOLN2256</a>
</div>


<div>
You could also try HitManPro<br />
<br />
32bit<br />
<a href="http://dl.surfright.nl/HitmanPro35.exe" rel="ugc">http://dl.surfright.nl/HitmanPro35.exe</a><br />
<a href="http://download.cnet.com/Hitman-Pro-3/3000-2239_4-10895604.html" rel="ugc">http://download.cnet.com/Hitman-Pro-3/3000-2239_4-10895604.html</a><br />
<br />
64bit<br />
<a href="http://dl.surfright.nl/HitmanPro35_x64.exe" rel="ugc">http://dl.surfright.nl/HitmanPro35_x64.exe</a><br />
<br />
I hope that would help<br />
<br />
Sudeep
</div>


<div>
Sudeep ... i came across this link earlier&gt;<br />
<br />
&quot;Do you trust and use HitMan Pro?&quot;<br />
<a href="https://www.experts-exchange.com/questions/27056402/Do-you-trust-and-use-HitMan-Pro.html" rel="ugc">https://www.experts-exchange.com/questions/27056402/Do-you-trust-and-use-HitMan-Pro.html</a>&nbsp;<br />
<br />
Note how younghv states that ...<br />
&lt;quote&gt;Here are some threads that were passed on to me&lt;unquote&gt;, then he proceeds to list the threads ... <br />
<br />
i thought you would like to view the details. &nbsp; <br />
How conditions change so quickly in the Malware world! <br />
Jonvee
</div>


<div>
Hi Jonvee<br />
<br />
Yes, I agree with you , last time on my other PC I ran hit man pro and it wasn't much effective but it seems it create some other problems, so I am bit histant to trust Hitman Pro. But I appreciate Sudeep thanks anyway.<br />
<br />
I tried to configure my symantec F/W for ESET scanner but every time I go in configure firewall , Symantec AV &nbsp;configure window get closed, (error attched).<br />
<br />
And also I tried to follow the Global Proxy server setting but I am not sure where it is asking to press F5 button, &nbsp;as per the step 1 in below link.<br />
&quot;1.Press the F5 key to open the Advanced Setup window. From the setup tree, click Miscellaneous ¿ Proxy server.&quot;<br />
<br />
<a href="http://www.eset.eu/knowledge-base/global-proxy-server-settings" rel="ugc">http://www.eset.eu/knowledge-base/global-proxy-server-settings</a><br />
<br />
Phototropic/MrAlicard/Jonv<wbr />ee/S Sharma<br />
As of now , I confirmed Internet browsing is much much much better, I think last thing I too intrested to do is ESET scanner, as I heard its v power tool. so I m too looking to do that before I close and award points to you guys. Because I think ESET scanner would improve my system more.<br />
<br />
And guys I got &nbsp;Malware installed, Symantec AV ( which I can't remove/avoid as I hate it) , TDSskiller, CCleaner, ComboFIx &amp;&nbsp;Advanced System Care &nbsp;. So please suggest me What I should keep and What I should remove as I think I have too many<br />
<br />
<a href="https://filedb.experts-exchange.com/incoming/2011/05_w23/464264/symantec-firewall-configure-erro.bmp" target="_blank" class="file-inline" title="Shit Symantec Software (2.2 MB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>symantec-firewall-configure-erro.bmp</a>
</div>


symantec-firewall-configure-erro.bmp

<div>
My own thoughts ... hope it helps.<br />
<br />
Symantec AV products, along with at least one other manufacturer, are usually very heavy on computer resources, and miss detecting and/or removing the more recent, advanced viruses &amp;&nbsp;Malware.<br />
Recommend you remove the Symantec AV <br />
<br />
<br />
TDSSkiller is particularly good at browser redirect repairs, and is a very useful Tool to have available in your arsenal.<br />
<br />
Nowadays CCleaner is seen to be excellent for temp file removal, but with a product such as this, i am not a fan of registry cleaning, it can cause more computer problems than it resolves.<br />
<br />
ComboFix should be removed from your computer <b>only after the machine has become stable once again</b>. &nbsp; &nbsp;If ComboFix is removed too earlier, you are removing the &quot;recovery facility&quot; (backup) that CF provides. <br />
<br />
You should uninstall ComboFix as follows &gt;<br />
Start &gt;&nbsp;Run &gt;&nbsp;then type &quot;ComboFix /Uninstall&quot; (with no quotes, and space between x and / )<br />
Then hit enter. &nbsp;This will uninstall ComboFix, reset your clock settings, re-hide system hidden files, re-hide the file extensions and reset System Restore.
</div>


<div>
<br />
Incidently, you should <b>not have more than one resident anti-Malware or anti-virus product</b> because interaction can occur between them, each suspecting the other to be an infection!<br />
<br />
<br />
&gt;&gt;Symantec AV ( which I can't remove/avoid)&lt;&lt;<br />
You should be able to download the appropriate Removal Tool from Symantec, to remove your particular version Symantec AV. &nbsp; If its not listed anywhere above, perhaps you can let us know ... thanks.
</div>


<div>
This google link should help. &nbsp;Scroll to bottom&gt;<br />
<br />
&quot;Symantec removal tool&quot;:<br />
<a href="http://www.google.co.uk/#hl=en&xhr=t&q=Symantec+removal+tool&cp=10&pf=p&sclient=psy&rlz=1W1SUNC_en&source=hp&aq=0&aqi=&aql=&oq=Symantec+r&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=5058ac85bf93e8c2&biw=989&bih=579" rel="ugc">http://www.google.co.uk/#hl=en&xhr=t&q=Symantec+removal+tool&cp=10&pf=p&sclient=psy&rlz=1W1SUNC_en&source=hp&aq=0&aqi=&aql=&oq=Symantec+r&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=5058ac85bf93e8c2&biw=989&bih=579</a>
</div>


<div>
Revisited your thread ...<br />
<br />
Malwarebytes antiMalware is considered to be one of the best around, and is highly recommended!<br />
We regularly recommend the free version, but in the longer term you may wish to purchase the Pro. &nbsp;Both are excellent &amp;&nbsp;are described, from here:<br />
<a href="http://www.malwarebytes.org/products/malwarebytes_pro#details" rel="ugc">http://www.malwarebytes.org/products/malwarebytes_pro#details</a><br />
<br />
Also, at the risk of some repetition, please scroll to rpggamergirl's &quot;EE Articles Written&quot; here:<br />
<a href="https://www.experts-exchange.com/M_3598771.html" rel="ugc">https://www.experts-exchange.com/M_3598771.html</a><br />
<br />
Also, by younghv &gt;&gt;<br />
<a href="https://www.experts-exchange.com/Digital_Living/Software/A_1958-MALWARE-An-Ounce-of-Prevention.html" rel="ugc">https://www.experts-exchange.com/Digital_Living/Software/A_1958-MALWARE-An-Ounce-of-Prevention.html</a><br />
<a href="https://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html" rel="ugc">https://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html</a>
</div>


<div>
@MSGK161091,<br />
<br />
Did you tried running the ESET online scanner using the Mozilla Firefox? Give it a try if you haven't tried this yet.<br />
<br />
Sudeep
</div>


<div>
Hi Sudeep<br />
<br />
Firstly, I am not able to install ESET .exe, as I have a shown above it asking for proxy settings.<br />
<br />
&quot;Cann't get update. Is Proxy Configured&quot;?<br />
I really want to run as final atempt to see if I got any more infection in my laptop, Because I remember my desktop wallpaper change by itself..seems still something hiding in my laptop still , not very strong seems like. Thanks<br />
<br />
Jonvee<br />
<br />
The reason I can't uninstall Symantec Antivirus , its part of job I must keep on my sytem. But thanks for your effort.<br />
<br />

</div>


<div>
It still seems that there is an infection, and it is this that is probably preventing ESET from updating.<br />
If this is so, a Symantec package(yet again?!) has failed to detect &amp;&nbsp;prevent.<br />
<br />
Because this has now become a long thread i'm not absolutely sure what you've tried to run, but ... another option, if you've not already tried it, is to run Rkill.<br />
<br />
Rkill is a small, freeware and portable tool designed to terminate active malware processes allowing you to use other removal tools:<br />
<a href="http://www.technibble.com/rkill-repair-tool-of-the-week/" rel="ugc">http://www.technibble.com/rkill-repair-tool-of-the-week/</a><br />
<a href="http://www.bleepingcomputer.com/forums/topic308364.html" rel="ugc">http://www.bleepingcomputer.com/forums/topic308364.html</a><br />
<br />
Please report back if anything is detected, or logged.<br />
<br />
<br />
There's also &quot;Dr.Web CureIt!&quot; which you may get to run:<br />
<a href="http://www.freedrweb.com/cureit/?lng=en" rel="ugc">http://www.freedrweb.com/cureit/?lng=en</a><br />
<br />
There will be a report, following a scan.
</div>


<div>
MSGK161091,<br />
<br />
Another idea ... if there is no improvement <b>after</b> running Rkill, and <b>before</b> you try &quot;Dr Web CureIt&quot;, try &quot;Rogue Killer&quot;. &nbsp;All necessary details can be found in this next link.<br />
<br />
“Rogue Killer” – What a great name!<br />
<a href="https://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html" rel="ugc">https://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html</a><br />
<br />
Then see if there's been an improvement, and re-scan with a Malwarebytes scan, even though MBAM found nothing on the earlier scan.
</div>


<div>
Jonvee <br />
Sure I wil try as u said above sometime tonight.. just been busy . <br />
Please check the screenshot I have attached..I think its not normal to have such yellow mark on IE.<br />
to me it seems not every 100% perfect I have .<br />
<br />
Thanks<br />
<a href="https://filedb.experts-exchange.com/incoming/2011/06_w23/465648/IEerror-often.bmp" target="_blank" class="file-inline" title="Object not found (949 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>IEerror-often.bmp</a>
</div>


IEerror-often.bmp

<div>
IE 8 includes a &quot;compatibility view&quot; feature that will display web sites created for older browsers. &nbsp;Could be the reason for the error. &nbsp;Have a look at these suggested methods of resolving this:<br />
<a href="http://answers.microsoft.com/en-us/ie/forum/ie8-windows_other/errors-on-this-webpage-might-cause-it-to-work/e1e7576c-842d-42aa-a14c-17a8e7089e52" rel="ugc nofollow">http://answers.microsoft.com/en-us/ie/forum/ie8-windows_other/errors-on-this-webpage-might-cause-it-to-work/e1e7576c-842d-42aa-a14c-17a8e7089e52</a><br />
<br />
Also ...<br />
How to optimize Internet Explorer<br />
<a href="http://support.microsoft.com/default.aspx/kb/936213" rel="ugc nofollow">http://support.microsoft.com/default.aspx/kb/936213</a><br />
<br />
How to reset Internet Explorer settings<br />
<a href="http://support.microsoft.com/kb/923737" rel="ugc nofollow">http://support.microsoft.com/kb/923737</a>
</div>


<div>
Error message &quot;Errors on this webpage might cause it to work incorrectly&quot;: <br />
<br />
IE 8 processes JavaScript differently from IE 6 and 7. It's the processing of a particular function that causes this problem.<br />
Have you tried updating JavaScript ?<br />
<br />
IE 8 can be configured not to display this error by unchecking/unticking &quot;Always show this message for webpage errors&quot;.<br />
<br />
<br />
Error Message when Displaying Webpage in Internet Explorer 8: <br />
<a href="http://knowledgebase.triaster.co.uk/Home/technical-help/publishing/ie8pageerror" rel="ugc">http://knowledgebase.triaster.co.uk/Home/technical-help/publishing/ie8pageerror</a>
</div>


<div>
hi jonvee<br />
<br />
I ran Rkill and Rogue Killer. please see the log report <a href="https://filedb.experts-exchange.com/incoming/2011/06_w23/466026/RogueKiller-report-1-.txt" target="_blank" class="file-inline" title="scan report (874 bytes)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>RogueKiller-report-1-.txt</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2011/06_w23/466027/RogueKiller-report-2-.txt" target="_blank" class="file-inline" title="delete infected object report (711 bytes)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>RogueKiller-report-2-.txt</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2011/06_w23/466028/RogueKiller-report-3-.txt" target="_blank" class="file-inline" title="option 3 report (580 bytes)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>RogueKiller-report-3-.txt</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2011/06_w23/466029/RogueKiller-report-4-.txt" target="_blank" class="file-inline" title="option 4 report (536 bytes)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>RogueKiller-report-4-.txt</a><br />
<a href="https://filedb.experts-exchange.com/incoming/2011/06_w23/466030/rkill.log" target="_blank" class="file-inline" title="Rkill (437 bytes)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>rkill.log</a>
</div>


rkill.log

RogueKiller-report-3-.txt

RogueKiller-report-1-.txt

RogueKiller-report-2-.txt

RogueKiller-report-4-.txt

<div>
Thanks for reports ...<br />
<br />
Since running rkill and Roguekiller, has there been any further improvement in your internet download speed? &nbsp; Any other symptoms?<br />
<br />
As you can see, both 'scanners' found suspected bad processes, the two files being an AT&amp;T and Symantec.<br />
<br />
Details:<br />
&quot;netcfgsvr.exe - netcfgsvr process information&quot;:<br />
<a href="http://www.liutilities.com/products/wintaskspro/processlibrary/netcfgsvr/" rel="ugc">http://www.liutilities.com/products/wintaskspro/processlibrary/netcfgsvr/</a><br />
<br />
&quot;VPTray.exe file information&quot;:<br />
<a href="http://www.file.net/process/vptray.exe.html" rel="ugc">http://www.file.net/process/vptray.exe.html</a>
</div>


<div>
Yes, seem OK to me now .. all normal except ESET scanner stil asking for proxy settings, I still cant able to run. Do u think is that just config or &nbsp;still I am affected.<br />
Thanks!
</div>


<div>
Good, as the laptop seems ok, it does look as though the machine is now clean.<br />
<br />
Regarding the ESET scanner, i'm not sure what the reason is.<br />
<br />
You <b>could</b> try &quot;Dr.Web CureIt!&quot;, which you may get to run:<br />
<a href="http://www.freedrweb.com/cureit/?lng=en" rel="ugc">http://www.freedrweb.com/cureit/?lng=en</a><br />
<br />
<br />
But please <b>do not</b> re-try Hitman Pro. &nbsp; Recent developements suggest there are problems&gt;<br />
<a href="https://www.experts-exchange.com/questions/27056402/Do-you-trust-and-use-HitMan-Pro.html" rel="ugc">https://www.experts-exchange.com/questions/27056402/Do-you-trust-and-use-HitMan-Pro.html</a><br />
<br />
Did you re-try Malwarebytes ?<br />
<br />
i have to logoff for a few hours ..will call by later ...
</div>


<div>
Hi Jonvee<br />
<br />
Yes &nbsp;I ran Dr Web Curelt and it caught few infected files like win32.HLLC.winatc and two other trojan objects..<br />
All good but I am just concerned about yallow triange error notification on the bottom status bar of IE.. as we know it is not &nbsp;normal.. anyway i will leave here and ignore those errors as far it do not pop unless I double click and want to see the error.<br />
<br />
Thanks for your help which really improved my PC performance and Now I can see changes in its working condition.<br />
Thanks again to all of you.<br />

</div>


<div>
Glad to hear that your PC performance has been improved !<br />
<br />
Also, assuming you were referring to a Yellow ! warning triangle on the status bar, i researched it for some time, but could find no solution.<br />
<br />
Have seen it before, and if memory serves, it did not appear to affect the operation of IE and seemed to disappear after a Microsoft update.<br />
Possibly it's related to the firmware &amp;&nbsp;software updating of a Quicksilver USB Wireless adapter, if indeed you have one.<br />
<br />
You may find some of the comments in this previous thread helpful, which refer to a Yellow ! warning triangle appearing in the status bar:<br />
<a href="https://www.experts-exchange.com/questions/23657001/Error-on-Page.html" rel="ugc">https://www.experts-exchange.com/questions/23657001/Error-on-Page.html</a><br />
<br />
Thank you.
</div>


<div>
<div class="content wysiwyg-content">
Hey Experts,<br />
I am having problem to access internet slow in home and at Office via cable. So Wire less is too worse than cable. Its takinng too long some time to open google home webpage. I can't say how annoying it is. Please help.. <br />
And sometime web page appears without images... so I need to refresh page to load images and display proper webpage. annoying<br />
Note: Also I can't do Automatic System update because of having some problem as <br />
I have raised another question for this issue which is in progress now.<br />
Thanks!
</div>
</div>


Hey Experts,
I am having problem to access internet slow in home and at Office via cable. So Wire less is too worse than cable. Its takinng too long some time to open google home webpage. I can't say how annoying it is. Please help.. 
And sometime web page appears without images... so I need to refresh page to load images and display proper webpage. annoying
Note: Also I can't do Automatic System update because of having some problem as 
I have raised another question for this issue which is in progress now.
Thanks!

Internet Tooo Slow.. seems like some kind of blocker in my T410 laptop.

Web browsers are applications used primarily to display documents, files and media from the Internet, identified by a Uniform Resource Identifier (URI) that can be a page, image, video or other file. Some browsers require the use of add-ons or extensions to safely render the information they receive; others have systems built into them to perform the same functions.

Web Browsers

Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge; it has also come to include programs that engage in various kinds of electronic fraud. Anti-spyware is software that removes or blocks that software; some common vendors include Malwarebytes, McAfee, Spybot-Search and Destroy, Ad-Aware and BitDefender.

Anti-Spyware

Transmission Control Protocol/Internet Protocol (TCP/IP) is the set of networking protocols that define end-to-end connectivity specifying how data should be packeted, addressed, transmitted, routed and received at the destination. This functionality is organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.