Internet Tooo Slow.. seems like some kind of blocker in my T410 laptop.
Hey Experts,
I am having problem to access internet slow in home and at Office via cable. So Wire less is too worse than cable. Its takinng too long some time to open google home webpage. I can't say how annoying it is. Please help..
And sometime web page appears without images... so I need to refresh page to load images and display proper webpage. annoying
Note: Also I can't do Automatic System update because of having some problem as
I have raised another question for this issue which is in progress now.
Thanks!
I am having problem to access internet slow in home and at Office via cable. So Wire less is too worse than cable. Its takinng too long some time to open google home webpage. I can't say how annoying it is. Please help..
And sometime web page appears without images... so I need to refresh page to load images and display proper webpage. annoying
Note: Also I can't do Automatic System update because of having some problem as
I have raised another question for this issue which is in progress now.
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi MrAlicard
I can't download IE 9 as I got WIN XP , but I have tried advancedsystemcare. and It found problems in 1000's in each section, but I think it didn't help 100%. i see couple kind of error on the status bar. please see as i attach
I can't download IE 9 as I got WIN XP , but I have tried advancedsystemcare. and It found problems in 1000's in each section, but I think it didn't help 100%. i see couple kind of error on the status bar. please see as i attach
Microsoft has a fix for this:
http://support.microsoft.com/kb/175500
You can disable the message so that it no longer appears by going to Tools - Options - Advanced. Under Settings - Browsing - make sure there is a tick next to "Disable script debugging" and ensure there is no tick next to "Display a notification about every script error".
Or try using a different browser:
http://www.mozilla.com/en-US/firefox/new/
Good luck!!!
http://support.microsoft.com/kb/175500
You can disable the message so that it no longer appears by going to Tools - Options - Advanced. Under Settings - Browsing - make sure there is a tick next to "Disable script debugging" and ensure there is no tick next to "Display a notification about every script error".
Or try using a different browser:
http://www.mozilla.com/en-US/firefox/new/
Good luck!!!
ASKER
Hi Phototropic
I ran 'Fix This Problem' , thanks for providing. I will let you know how it gone.
I got firefox already installed but that too behave weirdly.
Finger Cross!!!
Thanks!
I ran 'Fix This Problem' , thanks for providing. I will let you know how it gone.
I got firefox already installed but that too behave weirdly.
Finger Cross!!!
Thanks!
ASKER
Hi Guys..
Seems like IE browser doing litte good, but not still 100%.
And Firefox is still taking too much time to open pages or sometime faield to load images.
MrAlicard:
Every time I m running Advance System Care V4, it found 1000 errors.. Hmmm.. so do u think its fininding really bug.
Please suggest more ideas /soltuions..
Thanks!
Seems like IE browser doing litte good, but not still 100%.
And Firefox is still taking too much time to open pages or sometime faield to load images.
MrAlicard:
Every time I m running Advance System Care V4, it found 1000 errors.. Hmmm.. so do u think its fininding really bug.
Please suggest more ideas /soltuions..
Thanks!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Phototropic
Mbam scan is in progress, I will post report v soon
Ccleaner done.
Speed Test result: via http://www.speedtest.net/
WireLess
PING : 42 ms
DOwnload Speed: Between 2 - 4.96 mbps
Upload Speed : 0.56 Mbps
Wired
PING : 198 - 230 ms( some it varies , and even reporting 25 ms also)..confused
DOwnload Speed: Between 6 - 7 mbps
Upload Speed : 0.62 Mbps
Seems like above speed is acceptable
I got Win Xp OS
Intel core i5CPU
M560 @ 2.67 Ghz
2.92 Gb RAM
Thanks!
Mbam scan is in progress, I will post report v soon
Ccleaner done.
Speed Test result: via http://www.speedtest.net/
WireLess
PING : 42 ms
DOwnload Speed: Between 2 - 4.96 mbps
Upload Speed : 0.56 Mbps
Wired
PING : 198 - 230 ms( some it varies , and even reporting 25 ms also)..confused
DOwnload Speed: Between 6 - 7 mbps
Upload Speed : 0.62 Mbps
Seems like above speed is acceptable
I got Win Xp OS
Intel core i5CPU
M560 @ 2.67 Ghz
2.92 Gb RAM
Thanks!
There appears to be no problem with the speed of your connection.
How is the computer's performance generally? Maybe you have a lot of background tasks running.
Please post a Hijackthis log:
http://uk.trendmicro.com/uk/products/personal/free-tools-and-services/
Download the installer. Click on "Do a system scan and save a logfile". Post the scan log here via the "file" tab below.
How is the computer's performance generally? Maybe you have a lot of background tasks running.
Please post a Hijackthis log:
http://uk.trendmicro.com/uk/products/personal/free-tools-and-services/
Download the installer. Click on "Do a system scan and save a logfile". Post the scan log here via the "file" tab below.
ASKER
Hi phototropic
As u have requested, please see logs files for both Mbam and Hijack this
mbam-log-2011-05-20--23-25-51-.txt
hijackthis.log
As u have requested, please see logs files for both Mbam and Hijack this
mbam-log-2011-05-20--23-25-51-.txt
hijackthis.log
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Just in case> A guide and tutorial on using ComboFix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
From the HJT log file there are at least three "file missing" entries, including "Program Files\IBM\Java60\jre\bin\j
Incidently by using MSCONFIG, you may wish to disable a number of processes that launch automatically at Startup ..this could help, after disinfecting.
Incidently by using MSCONFIG, you may wish to disable a number of processes that launch automatically at Startup ..this could help, after disinfecting.
Looking at just the wired connection for now, are you connecting to the network in full duplex or half duplex? Usually you can tell from an indicator light on the network port on the router or switch (or on the computer's network jack) whether it's running in half or full duplex.
ASKER
From your ComboFix log file you can see that several tmp files have been created, together with an Icon386ED4E3.exe file. More detail attached:
http://www.prevx.com/filenames/1403485638806000688-X1/ICON386ED4E3.EXE.html
If you do not recognise this particular .exe file, may i suggest you run ComboFix for a 2nd scan, and follow these instructions >>
1. Open Notepad.
2. Copy & paste all text between the lines below, into Notepad window:
==========================
File::
Icon386ED4E3.exe
c:\windows\DUMP92e9.tmp
c:\windows\DUMP9191.tmp
c:\windows\DUMP1846.tmp
c:\windows\DUMP929b.tmp
c:\windows\DUMPbf39.tmp
c:\windows\DUMP9049.tmp
c:\windows\DUMPb90f.tmp
c:\windows\DUMP9eff.tmp
c:\windows\DUMP9d3a.tmp
c:\windows\DUMP9877.tmp
c:\windows\DUMP95b8.tmp
c:\windows\DUMP8e36.tmp
==========================
3. Now Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt just created into ComboFix.exe. This will re-start ComboFix, & the problem should be removed.
5. Finally, please attach the newComboFix logfile.
http://www.prevx.com/filenames/1403485638806000688-X1/ICON386ED4E3.EXE.html
If you do not recognise this particular .exe file, may i suggest you run ComboFix for a 2nd scan, and follow these instructions >>
1. Open Notepad.
2. Copy & paste all text between the lines below, into Notepad window:
==========================
File::
Icon386ED4E3.exe
c:\windows\DUMP92e9.tmp
c:\windows\DUMP9191.tmp
c:\windows\DUMP1846.tmp
c:\windows\DUMP929b.tmp
c:\windows\DUMPbf39.tmp
c:\windows\DUMP9049.tmp
c:\windows\DUMPb90f.tmp
c:\windows\DUMP9eff.tmp
c:\windows\DUMP9d3a.tmp
c:\windows\DUMP9877.tmp
c:\windows\DUMP95b8.tmp
c:\windows\DUMP8e36.tmp
==========================
3. Now Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt just created into ComboFix.exe. This will re-start ComboFix, & the problem should be removed.
5. Finally, please attach the newComboFix logfile.
I could see some .dll and .sys files as well with randon names and same sizes in your combofix logs.
You should remove them as well.
2011-03-03 13:21 . 2004-08-04 05:00 1857920 ----a-w- c:\windows\system32\win32k
2011-03-03 13:21 . 2004-08-04 05:00 1857920 ----a-w- c:\windows\system32\win32k
2011-03-03 13:21 . 2004-08-04 05:00 1857920 ----a-w- c:\windows\system32\win32k
2011-03-03 06:55 . 2004-08-04 05:00 149504 ----a-w- c:\windows\system32\dnsapi
2011-03-03 06:55 . 2004-08-04 05:00 149504 ----a-w- c:\windows\system32\dnsapi
2011-03-03 06:55 . 2004-08-04 05:00 149504 ----a-w- c:\windows\system32\dnsapi
1. Open Notepad.
2. Copy & paste all text between the lines below, into Notepad window:
==========================
File::
c:\windows\system32\win32k
c:\windows\system32\win32k
c:\windows\system32\win32k
c:\windows\system32\dnsapi
c:\windows\system32\dnsapi
c:\windows\system32\dnsapi
==========================
3. Now Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt just created into ComboFix.exe. This will re-start ComboFix, & the problem should be removed.
5. Finally, please attach the newComboFix logfile.
Also did you ran the Full System Scan of MalwareBytes? You must if you haven't also you must update it before running.
After that I would recommend you to run the ESET online scan
http://www.eset.com/us/online-scanner
Sudeep
You should remove them as well.
2011-03-03 13:21 . 2004-08-04 05:00 1857920 ----a-w- c:\windows\system32\win32k
2011-03-03 13:21 . 2004-08-04 05:00 1857920 ----a-w- c:\windows\system32\win32k
2011-03-03 13:21 . 2004-08-04 05:00 1857920 ----a-w- c:\windows\system32\win32k
2011-03-03 06:55 . 2004-08-04 05:00 149504 ----a-w- c:\windows\system32\dnsapi
2011-03-03 06:55 . 2004-08-04 05:00 149504 ----a-w- c:\windows\system32\dnsapi
2011-03-03 06:55 . 2004-08-04 05:00 149504 ----a-w- c:\windows\system32\dnsapi
1. Open Notepad.
2. Copy & paste all text between the lines below, into Notepad window:
==========================
File::
c:\windows\system32\win32k
c:\windows\system32\win32k
c:\windows\system32\win32k
c:\windows\system32\dnsapi
c:\windows\system32\dnsapi
c:\windows\system32\dnsapi
==========================
3. Now Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt just created into ComboFix.exe. This will re-start ComboFix, & the problem should be removed.
5. Finally, please attach the newComboFix logfile.
Also did you ran the Full System Scan of MalwareBytes? You must if you haven't also you must update it before running.
After that I would recommend you to run the ESET online scan
http://www.eset.com/us/online-scanner
Sudeep
ASKER
Hi S Sharma/ Jonvee
Can u please tell how can I drag the CFScript.txt into ComboFix.exe (step 4), Sorry I do not understand can u please explain again, that what I should do after I save as CFScript.txt , so Shall I just save somwhere and run combofix.exe , will that pickup the file by itself.
Thanks!
Can u please tell how can I drag the CFScript.txt into ComboFix.exe (step 4), Sorry I do not understand can u please explain again, that what I should do after I save as CFScript.txt , so Shall I just save somwhere and run combofix.exe , will that pickup the file by itself.
Thanks!
ASKER
Guys
Please see attached file, often see on my IE browsers. Please check if u guys have an Idea.
Thanks!
ie-ERROR.bmp
Please see attached file, often see on my IE browsers. Please check if u guys have an Idea.
Thanks!
ie-ERROR.bmp
Answering your 1st question ...
After you save as CFScript.txt on your desktop, drag the CFScript.txt just created, on to the top of the ComboFix.exe icon, and let your mouse button go. This is shown in the picture, if you scroll down in the link below.
It will re-start ComboFix, automatically.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
--------------------------
>>errors on this webpage might cause it to work incorrectly<<
There was a similar problem earlier, unfortunately to date its a case of "unable to resolve", however, will investigate further ...
Errors on this webpage might cause it to work incorrectly permissions denied:
https://www.experts-exchange.com/questions/26795281/Errors-on-this-webpage-might-cause-it-to-work-incorrectly-permissions-denied.html
After you save as CFScript.txt on your desktop, drag the CFScript.txt just created, on to the top of the ComboFix.exe icon, and let your mouse button go. This is shown in the picture, if you scroll down in the link below.
It will re-start ComboFix, automatically.
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
--------------------------
>>errors on this webpage might cause it to work incorrectly<<
There was a similar problem earlier, unfortunately to date its a case of "unable to resolve", however, will investigate further ...
Errors on this webpage might cause it to work incorrectly permissions denied:
https://www.experts-exchange.com/questions/26795281/Errors-on-this-webpage-might-cause-it-to-work-incorrectly-permissions-denied.html
For the webpage error you may find this MS article useful>
"How to troubleshoot script errors in Internet Explorer on Windows-based computers":
http://support.microsoft.com/kb/308260
"How to troubleshoot script errors in Internet Explorer on Windows-based computers":
http://support.microsoft.com/kb/308260
Create the file as suggested on your desktop and I am sure you have Combofix.exe on your Desktop as well. So click on CFScript.txt and drag it to Combofix.exe
CFScript.txt --> Combofix.exe.
I hope that would help.
Sudeep
Further basis on the files found by Jonvee and me the new script is below:
1. Open Notepad.
2. Copy & paste all text between the lines below, into Notepad window:
==========================
File::
Icon386ED4E3.exe
c:\windows\DUMP92e9.tmp
c:\windows\DUMP9191.tmp
c:\windows\DUMP1846.tmp
c:\windows\DUMP929b.tmp
c:\windows\DUMPbf39.tmp
c:\windows\DUMP9049.tmp
c:\windows\DUMPb90f.tmp
c:\windows\DUMP9eff.tmp
c:\windows\DUMP9d3a.tmp
c:\windows\DUMP9877.tmp
c:\windows\DUMP95b8.tmp
c:\windows\DUMP8e36.tmp
c:\windows\system32\win32k
c:\windows\system32\win32k
c:\windows\system32\win32k
c:\windows\system32\dnsapi
c:\windows\system32\dnsapi
c:\windows\system32\dnsapi
==========================
3. Now Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt just created into ComboFix.exe. This will re-start ComboFix, & the problem should be removed.
5. Finally, please attach the newComboFix logfile.
CFScript.txt --> Combofix.exe.
I hope that would help.
Sudeep
Further basis on the files found by Jonvee and me the new script is below:
1. Open Notepad.
2. Copy & paste all text between the lines below, into Notepad window:
==========================
File::
Icon386ED4E3.exe
c:\windows\DUMP92e9.tmp
c:\windows\DUMP9191.tmp
c:\windows\DUMP1846.tmp
c:\windows\DUMP929b.tmp
c:\windows\DUMPbf39.tmp
c:\windows\DUMP9049.tmp
c:\windows\DUMPb90f.tmp
c:\windows\DUMP9eff.tmp
c:\windows\DUMP9d3a.tmp
c:\windows\DUMP9877.tmp
c:\windows\DUMP95b8.tmp
c:\windows\DUMP8e36.tmp
c:\windows\system32\win32k
c:\windows\system32\win32k
c:\windows\system32\win32k
c:\windows\system32\dnsapi
c:\windows\system32\dnsapi
c:\windows\system32\dnsapi
==========================
3. Now Save the above as CFScript.txt on your desktop.
4. Then drag the CFScript.txt just created into ComboFix.exe. This will re-start ComboFix, & the problem should be removed.
5. Finally, please attach the newComboFix logfile.
ASKER
hi S S/Jonvee
Please find combo log file attached as suggested.
Note: When ever I am running combo.exe I get rmbr.cfxee error window, I have attached that file too
thanks!
comboRunError.bmp
Combo-log2.txt
Please find combo log file attached as suggested.
Note: When ever I am running combo.exe I get rmbr.cfxee error window, I have attached that file too
thanks!
comboRunError.bmp
Combo-log2.txt
So is this the error you are getting when you drag the CFScript.txt to Combofix.exe, right?
Sudeep
Sudeep
ASKER
Hi S S
Ya, I get last 2 time when I run combo.exe , but just I need to close the window as it don't interrupt combo.exe run.
Thanks!
Ya, I get last 2 time when I run combo.exe , but just I need to close the window as it don't interrupt combo.exe run.
Thanks!
From your latest ComboFix log, it doesn't look as though those tmp files have been deleted, so presumably CF never ran.
<rmbr.cfxxe has encountered a problem and needs to close>
Thought at first that you had a rootkit attached to the mbr(Master Boot Record), but there's no reference to an mbr in the ComboFix log.
It's past midnight over here ...will scrutinise the log more closely in the morning.
<rmbr.cfxxe has encountered a problem and needs to close>
Thought at first that you had a rootkit attached to the mbr(Master Boot Record), but there's no reference to an mbr in the ComboFix log.
It's past midnight over here ...will scrutinise the log more closely in the morning.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Can you paste the resulting TDSSKiller log here please, ready to study in the morning? Tks ...
ASKER
HI Jonvee
I scan TDSsKiller , but not found nothing infected. anyway pls look the report
TDSSKiller.2.5.3.0-28.05.2011-13.txt
I scan TDSsKiller , but not found nothing infected. anyway pls look the report
TDSSKiller.2.5.3.0-28.05.2011-13.txt
Thanks for the report.
Two questions ... did you run CCleaner to clear your Temp file cache, as first suggested by phototropic?
Also, did you notice whether the slow internet access began after a Symantec Client Security package installation, or an update?
Finally, can you try the ESET Online Scanner, a free, & powerful tool:
http://www.eset.com/online-scanner
Two questions ... did you run CCleaner to clear your Temp file cache, as first suggested by phototropic?
Also, did you notice whether the slow internet access began after a Symantec Client Security package installation, or an update?
Finally, can you try the ESET Online Scanner, a free, & powerful tool:
http://www.eset.com/online-scanner
ASKER
hi Jonvee
1) Yes, I ran Ccleaner, I always have this in my all PCs.
2) No. I have symantec since beginning as this my 2 month old laptop just, its must to keep that. I think too symantec AV might is one problem but I can't ignore/avoid it.
3) I tried to run ESet scanner, but I am having probl. it asking for Proxy Settings. I have checked , no proxy is enable. Pls see attachment
ESETscanner-Error.bmp
1) Yes, I ran Ccleaner, I always have this in my all PCs.
2) No. I have symantec since beginning as this my 2 month old laptop just, its must to keep that. I think too symantec AV might is one problem but I can't ignore/avoid it.
3) I tried to run ESet scanner, but I am having probl. it asking for Proxy Settings. I have checked , no proxy is enable. Pls see attachment
ESETscanner-Error.bmp
See if these comprehensive instructions help. From here you should be able to see how to start downloading the virus signature database:
http://www.myantispyware.com/2009/11/21/how-to-use-eset-online-scanner/
http://www.myantispyware.com/2009/11/21/how-to-use-eset-online-scanner/
MSGK161091,
Your laptop could be infected with a trojan, or equivalent, that is blocking the ESET scanner. See if you can connect to:
www.eset.eu.
Then try the instruction here>
http://www.eset.eu/knowledge-base/virus-signature-database-could-not-be-updated
It may be possible to rename the ESET scanner.
Further information:
http://kb.eset.com/esetkb/index?page=content&id=SOLN2256
Your laptop could be infected with a trojan, or equivalent, that is blocking the ESET scanner. See if you can connect to:
www.eset.eu.
Then try the instruction here>
http://www.eset.eu/knowledge-base/virus-signature-database-could-not-be-updated
It may be possible to rename the ESET scanner.
Further information:
http://kb.eset.com/esetkb/index?page=content&id=SOLN2256
You could also try HitManPro
32bit
http://dl.surfright.nl/HitmanPro35.exe
http://download.cnet.com/Hitman-Pro-3/3000-2239_4-10895604.html
64bit
http://dl.surfright.nl/HitmanPro35_x64.exe
I hope that would help
Sudeep
32bit
http://dl.surfright.nl/HitmanPro35.exe
http://download.cnet.com/Hitman-Pro-3/3000-2239_4-10895604.html
64bit
http://dl.surfright.nl/HitmanPro35_x64.exe
I hope that would help
Sudeep
Sudeep ... i came across this link earlier>
"Do you trust and use HitMan Pro?"
https://www.experts-exchange.com/questions/27056402/Do-you-trust-and-use-HitMan-Pro.html
Note how younghv states that ...
<quote>Here are some threads that were passed on to me<unquote>, then he proceeds to list the threads ...
i thought you would like to view the details.
How conditions change so quickly in the Malware world!
Jonvee
"Do you trust and use HitMan Pro?"
https://www.experts-exchange.com/questions/27056402/Do-you-trust-and-use-HitMan-Pro.html
Note how younghv states that ...
<quote>Here are some threads that were passed on to me<unquote>, then he proceeds to list the threads ...
i thought you would like to view the details.
How conditions change so quickly in the Malware world!
Jonvee
ASKER
Hi Jonvee
Yes, I agree with you , last time on my other PC I ran hit man pro and it wasn't much effective but it seems it create some other problems, so I am bit histant to trust Hitman Pro. But I appreciate Sudeep thanks anyway.
I tried to configure my symantec F/W for ESET scanner but every time I go in configure firewall , Symantec AV configure window get closed, (error attched).
And also I tried to follow the Global Proxy server setting but I am not sure where it is asking to press F5 button, as per the step 1 in below link.
"1.Press the F5 key to open the Advanced Setup window. From the setup tree, click Miscellaneous ¿ Proxy server."
http://www.eset.eu/knowledge-base/global-proxy-server-settings
Phototropic/MrAlicard/Jonv
As of now , I confirmed Internet browsing is much much much better, I think last thing I too intrested to do is ESET scanner, as I heard its v power tool. so I m too looking to do that before I close and award points to you guys. Because I think ESET scanner would improve my system more.
And guys I got Malware installed, Symantec AV ( which I can't remove/avoid as I hate it) , TDSskiller, CCleaner, ComboFIx & Advanced System Care . So please suggest me What I should keep and What I should remove as I think I have too many
symantec-firewall-configure-erro.bmp
Yes, I agree with you , last time on my other PC I ran hit man pro and it wasn't much effective but it seems it create some other problems, so I am bit histant to trust Hitman Pro. But I appreciate Sudeep thanks anyway.
I tried to configure my symantec F/W for ESET scanner but every time I go in configure firewall , Symantec AV configure window get closed, (error attched).
And also I tried to follow the Global Proxy server setting but I am not sure where it is asking to press F5 button, as per the step 1 in below link.
"1.Press the F5 key to open the Advanced Setup window. From the setup tree, click Miscellaneous ¿ Proxy server."
http://www.eset.eu/knowledge-base/global-proxy-server-settings
Phototropic/MrAlicard/Jonv
As of now , I confirmed Internet browsing is much much much better, I think last thing I too intrested to do is ESET scanner, as I heard its v power tool. so I m too looking to do that before I close and award points to you guys. Because I think ESET scanner would improve my system more.
And guys I got Malware installed, Symantec AV ( which I can't remove/avoid as I hate it) , TDSskiller, CCleaner, ComboFIx & Advanced System Care . So please suggest me What I should keep and What I should remove as I think I have too many
symantec-firewall-configure-erro.bmp
My own thoughts ... hope it helps.
Symantec AV products, along with at least one other manufacturer, are usually very heavy on computer resources, and miss detecting and/or removing the more recent, advanced viruses & Malware.
Recommend you remove the Symantec AV
TDSSkiller is particularly good at browser redirect repairs, and is a very useful Tool to have available in your arsenal.
Nowadays CCleaner is seen to be excellent for temp file removal, but with a product such as this, i am not a fan of registry cleaning, it can cause more computer problems than it resolves.
ComboFix should be removed from your computer only after the machine has become stable once again. If ComboFix is removed too earlier, you are removing the "recovery facility" (backup) that CF provides.
You should uninstall ComboFix as follows >
Start > Run > then type "ComboFix /Uninstall" (with no quotes, and space between x and / )
Then hit enter. This will uninstall ComboFix, reset your clock settings, re-hide system hidden files, re-hide the file extensions and reset System Restore.
Symantec AV products, along with at least one other manufacturer, are usually very heavy on computer resources, and miss detecting and/or removing the more recent, advanced viruses & Malware.
Recommend you remove the Symantec AV
TDSSkiller is particularly good at browser redirect repairs, and is a very useful Tool to have available in your arsenal.
Nowadays CCleaner is seen to be excellent for temp file removal, but with a product such as this, i am not a fan of registry cleaning, it can cause more computer problems than it resolves.
ComboFix should be removed from your computer only after the machine has become stable once again. If ComboFix is removed too earlier, you are removing the "recovery facility" (backup) that CF provides.
You should uninstall ComboFix as follows >
Start > Run > then type "ComboFix /Uninstall" (with no quotes, and space between x and / )
Then hit enter. This will uninstall ComboFix, reset your clock settings, re-hide system hidden files, re-hide the file extensions and reset System Restore.
Incidently, you should not have more than one resident anti-Malware or anti-virus product because interaction can occur between them, each suspecting the other to be an infection!
>>Symantec AV ( which I can't remove/avoid)<<
You should be able to download the appropriate Removal Tool from Symantec, to remove your particular version Symantec AV. If its not listed anywhere above, perhaps you can let us know ... thanks.
This google link should help. Scroll to bottom>
"Symantec removal tool":
http://www.google.co.uk/#hl=en&xhr=t&q=Symantec+removal+tool&cp=10&pf=p&sclient=psy&rlz=1W1SUNC_en&source=hp&aq=0&aqi=&aql=&oq=Symantec+r&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=5058ac85bf93e8c2&biw=989&bih=579
"Symantec removal tool":
http://www.google.co.uk/#hl=en&xhr=t&q=Symantec+removal+tool&cp=10&pf=p&sclient=psy&rlz=1W1SUNC_en&source=hp&aq=0&aqi=&aql=&oq=Symantec+r&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=5058ac85bf93e8c2&biw=989&bih=579
Revisited your thread ...
Malwarebytes antiMalware is considered to be one of the best around, and is highly recommended!
We regularly recommend the free version, but in the longer term you may wish to purchase the Pro. Both are excellent & are described, from here:
http://www.malwarebytes.org/products/malwarebytes_pro#details
Also, at the risk of some repetition, please scroll to rpggamergirl's "EE Articles Written" here:
https://www.experts-exchange.com/M_3598771.html
Also, by younghv >>
https://www.experts-exchange.com/Digital_Living/Software/A_1958-MALWARE-An-Ounce-of-Prevention.html
https://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html
Malwarebytes antiMalware is considered to be one of the best around, and is highly recommended!
We regularly recommend the free version, but in the longer term you may wish to purchase the Pro. Both are excellent & are described, from here:
http://www.malwarebytes.org/products/malwarebytes_pro#details
Also, at the risk of some repetition, please scroll to rpggamergirl's "EE Articles Written" here:
https://www.experts-exchange.com/M_3598771.html
Also, by younghv >>
https://www.experts-exchange.com/Digital_Living/Software/A_1958-MALWARE-An-Ounce-of-Prevention.html
https://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html
@MSGK161091,
Did you tried running the ESET online scanner using the Mozilla Firefox? Give it a try if you haven't tried this yet.
Sudeep
Did you tried running the ESET online scanner using the Mozilla Firefox? Give it a try if you haven't tried this yet.
Sudeep
ASKER
Hi Sudeep
Firstly, I am not able to install ESET .exe, as I have a shown above it asking for proxy settings.
"Cann't get update. Is Proxy Configured"?
I really want to run as final atempt to see if I got any more infection in my laptop, Because I remember my desktop wallpaper change by itself..seems still something hiding in my laptop still , not very strong seems like. Thanks
Jonvee
The reason I can't uninstall Symantec Antivirus , its part of job I must keep on my sytem. But thanks for your effort.
Firstly, I am not able to install ESET .exe, as I have a shown above it asking for proxy settings.
"Cann't get update. Is Proxy Configured"?
I really want to run as final atempt to see if I got any more infection in my laptop, Because I remember my desktop wallpaper change by itself..seems still something hiding in my laptop still , not very strong seems like. Thanks
Jonvee
The reason I can't uninstall Symantec Antivirus , its part of job I must keep on my sytem. But thanks for your effort.
It still seems that there is an infection, and it is this that is probably preventing ESET from updating.
If this is so, a Symantec package(yet again?!) has failed to detect & prevent.
Because this has now become a long thread i'm not absolutely sure what you've tried to run, but ... another option, if you've not already tried it, is to run Rkill.
Rkill is a small, freeware and portable tool designed to terminate active malware processes allowing you to use other removal tools:
http://www.technibble.com/rkill-repair-tool-of-the-week/
http://www.bleepingcomputer.com/forums/topic308364.html
Please report back if anything is detected, or logged.
There's also "Dr.Web CureIt!" which you may get to run:
http://www.freedrweb.com/cureit/?lng=en
There will be a report, following a scan.
If this is so, a Symantec package(yet again?!) has failed to detect & prevent.
Because this has now become a long thread i'm not absolutely sure what you've tried to run, but ... another option, if you've not already tried it, is to run Rkill.
Rkill is a small, freeware and portable tool designed to terminate active malware processes allowing you to use other removal tools:
http://www.technibble.com/rkill-repair-tool-of-the-week/
http://www.bleepingcomputer.com/forums/topic308364.html
Please report back if anything is detected, or logged.
There's also "Dr.Web CureIt!" which you may get to run:
http://www.freedrweb.com/cureit/?lng=en
There will be a report, following a scan.
MSGK161091,
Another idea ... if there is no improvement after running Rkill, and before you try "Dr Web CureIt", try "Rogue Killer". All necessary details can be found in this next link.
“Rogue Killer” – What a great name!
https://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html
Then see if there's been an improvement, and re-scan with a Malwarebytes scan, even though MBAM found nothing on the earlier scan.
Another idea ... if there is no improvement after running Rkill, and before you try "Dr Web CureIt", try "Rogue Killer". All necessary details can be found in this next link.
“Rogue Killer” – What a great name!
https://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/A_4922-Rogue-Killer-What-a-great-name.html
Then see if there's been an improvement, and re-scan with a Malwarebytes scan, even though MBAM found nothing on the earlier scan.
ASKER
Jonvee
Sure I wil try as u said above sometime tonight.. just been busy .
Please check the screenshot I have attached..I think its not normal to have such yellow mark on IE.
to me it seems not every 100% perfect I have .
Thanks
IEerror-often.bmp
Sure I wil try as u said above sometime tonight.. just been busy .
Please check the screenshot I have attached..I think its not normal to have such yellow mark on IE.
to me it seems not every 100% perfect I have .
Thanks
IEerror-often.bmp
IE 8 includes a "compatibility view" feature that will display web sites created for older browsers. Could be the reason for the error. Have a look at these suggested methods of resolving this:
http://answers.microsoft.com/en-us/ie/forum/ie8-windows_other/errors-on-this-webpage-might-cause-it-to-work/e1e7576c-842d-42aa-a14c-17a8e7089e52
Also ...
How to optimize Internet Explorer
http://support.microsoft.com/default.aspx/kb/936213
How to reset Internet Explorer settings
http://support.microsoft.com/kb/923737
http://answers.microsoft.com/en-us/ie/forum/ie8-windows_other/errors-on-this-webpage-might-cause-it-to-work/e1e7576c-842d-42aa-a14c-17a8e7089e52
Also ...
How to optimize Internet Explorer
http://support.microsoft.com/default.aspx/kb/936213
How to reset Internet Explorer settings
http://support.microsoft.com/kb/923737
Error message "Errors on this webpage might cause it to work incorrectly":
IE 8 processes JavaScript differently from IE 6 and 7. It's the processing of a particular function that causes this problem.
Have you tried updating JavaScript ?
IE 8 can be configured not to display this error by unchecking/unticking "Always show this message for webpage errors".
Error Message when Displaying Webpage in Internet Explorer 8:
http://knowledgebase.triaster.co.uk/Home/technical-help/publishing/ie8pageerror
IE 8 processes JavaScript differently from IE 6 and 7. It's the processing of a particular function that causes this problem.
Have you tried updating JavaScript ?
IE 8 can be configured not to display this error by unchecking/unticking "Always show this message for webpage errors".
Error Message when Displaying Webpage in Internet Explorer 8:
http://knowledgebase.triaster.co.uk/Home/technical-help/publishing/ie8pageerror
ASKER
hi jonvee
I ran Rkill and Rogue Killer. please see the log report RogueKiller-report-1-.txt
RogueKiller-report-2-.txt
RogueKiller-report-3-.txt
RogueKiller-report-4-.txt
rkill.log
I ran Rkill and Rogue Killer. please see the log report RogueKiller-report-1-.txt
RogueKiller-report-2-.txt
RogueKiller-report-3-.txt
RogueKiller-report-4-.txt
rkill.log
Thanks for reports ...
Since running rkill and Roguekiller, has there been any further improvement in your internet download speed? Any other symptoms?
As you can see, both 'scanners' found suspected bad processes, the two files being an AT&T and Symantec.
Details:
"netcfgsvr.exe - netcfgsvr process information":
http://www.liutilities.com/products/wintaskspro/processlibrary/netcfgsvr/
"VPTray.exe file information":
http://www.file.net/process/vptray.exe.html
Since running rkill and Roguekiller, has there been any further improvement in your internet download speed? Any other symptoms?
As you can see, both 'scanners' found suspected bad processes, the two files being an AT&T and Symantec.
Details:
"netcfgsvr.exe - netcfgsvr process information":
http://www.liutilities.com/products/wintaskspro/processlibrary/netcfgsvr/
"VPTray.exe file information":
http://www.file.net/process/vptray.exe.html
ASKER
Yes, seem OK to me now .. all normal except ESET scanner stil asking for proxy settings, I still cant able to run. Do u think is that just config or still I am affected.
Thanks!
Thanks!
Good, as the laptop seems ok, it does look as though the machine is now clean.
Regarding the ESET scanner, i'm not sure what the reason is.
You could try "Dr.Web CureIt!", which you may get to run:
http://www.freedrweb.com/cureit/?lng=en
But please do not re-try Hitman Pro. Recent developements suggest there are problems>
https://www.experts-exchange.com/questions/27056402/Do-you-trust-and-use-HitMan-Pro.html
Did you re-try Malwarebytes ?
i have to logoff for a few hours ..will call by later ...
Regarding the ESET scanner, i'm not sure what the reason is.
You could try "Dr.Web CureIt!", which you may get to run:
http://www.freedrweb.com/cureit/?lng=en
But please do not re-try Hitman Pro. Recent developements suggest there are problems>
https://www.experts-exchange.com/questions/27056402/Do-you-trust-and-use-HitMan-Pro.html
Did you re-try Malwarebytes ?
i have to logoff for a few hours ..will call by later ...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Jonvee
Yes I ran Dr Web Curelt and it caught few infected files like win32.HLLC.winatc and two other trojan objects..
All good but I am just concerned about yallow triange error notification on the bottom status bar of IE.. as we know it is not normal.. anyway i will leave here and ignore those errors as far it do not pop unless I double click and want to see the error.
Thanks for your help which really improved my PC performance and Now I can see changes in its working condition.
Thanks again to all of you.
Yes I ran Dr Web Curelt and it caught few infected files like win32.HLLC.winatc and two other trojan objects..
All good but I am just concerned about yallow triange error notification on the bottom status bar of IE.. as we know it is not normal.. anyway i will leave here and ignore those errors as far it do not pop unless I double click and want to see the error.
Thanks for your help which really improved my PC performance and Now I can see changes in its working condition.
Thanks again to all of you.
Glad to hear that your PC performance has been improved !
Also, assuming you were referring to a Yellow ! warning triangle on the status bar, i researched it for some time, but could find no solution.
Have seen it before, and if memory serves, it did not appear to affect the operation of IE and seemed to disappear after a Microsoft update.
Possibly it's related to the firmware & software updating of a Quicksilver USB Wireless adapter, if indeed you have one.
You may find some of the comments in this previous thread helpful, which refer to a Yellow ! warning triangle appearing in the status bar:
https://www.experts-exchange.com/questions/23657001/Error-on-Page.html
Thank you.
Also, assuming you were referring to a Yellow ! warning triangle on the status bar, i researched it for some time, but could find no solution.
Have seen it before, and if memory serves, it did not appear to affect the operation of IE and seemed to disappear after a Microsoft update.
Possibly it's related to the firmware & software updating of a Quicksilver USB Wireless adapter, if indeed you have one.
You may find some of the comments in this previous thread helpful, which refer to a Yellow ! warning triangle appearing in the status bar:
https://www.experts-exchange.com/questions/23657001/Error-on-Page.html
Thank you.
Link: http://windows.microsoft.com/en-GB/internet-explorer/downloads/ie