I downloaded wedo's one click install pack, changed the config file from wedo to my Folding@home login. I think thats what I'm supposed to do. Then I click on the OC-FAH-v2.2.exe. A dos window pops up, does some stuff then closes. As far as I can tell nothing is running. What would It show up as in the task manager. How do I know if this thing is working?

also, Any tips for a noob to folding?

press ctrl+alt+del and see if the process is running. I used to crunch, and i know it was a little weird setting up, good luck!

I downloaded wedo's one click install pack, changed the config file from wedo to my Folding@home login. I think thats what I'm supposed to do. Then I click on the OC-FAH-v2.2.exe. A dos window pops up, does some stuff then closes. As far as I can tell nothing is running. What would It show up as in the task manager. How do I know if this thing is working?

also, Any tips for a noob to folding?
Look in your tasks for FAH502-Console.exe and also (FahCore_78.exe, FahCore_79.exe, or FahCore_65.exe) if you have those two processes, you are folding for Team 32! If you don't you could try restarting and that should fix it, give it a few minutes to come up and start folding.

As far as tips for folding, if your computer has enough RAM (say, at least 512MB, you can open the config file and change bigpackets=no to bigpackets=yes). This allows you to fold big packets which are worth more points, but take up more RAM than the regular work units.

Welcome to Folding, its great to have you! :)

in the task manager, the Fahcore_78.exe should show a large percentage of your cpu usage. System Idle Process should be at or near 00.

press ctrl+alt+del and see if the process is running. I used to crunch, and i know it was a little weird setting up, good luck!
used to? what happened :eh?:

hi im new to these forums and have limited knowledge of computers.
im having a prob,my cpu is always at 100 perc, and its fahcore_79.exe thts taking most of it ive never seen it in my processes before why is it now doing this what can i do to stop it ive no idea what it is.
if im in the wrong section of this forum please let me know where to go.
but any help would be appreciated
nic:)

this is the right place to ask that one, although i would assume you'd post a new thread instead of bringing up one from a year and 8 mos ago :p

thats F@h, which is what this subforum is dedicated to... basically your computer is helping to cure cancer. However, that program can only be running if someone installed it on your computer, which we're very explicit about obtaining permission.

One thing to note is fahcore will not stop other things from running- as soon as something else needs the cpu power f@h will step off and let the other programs use it.
I can guarentee almost anyone else responding to you on this question will tell you the same thing, as we promote this program...

Welcome to helping to find the cure for cancer and a handfull of other things that go bump in the night- i hope you stay.

hi im new to these forums and have limited knowledge of computers.
im having a prob,my cpu is always at 100 perc, and its fahcore_79.exe thts taking most of it ive never seen it in my processes before why is it now doing this what can i do to stop it ive no idea what it is.
if im in the wrong section of this forum please let me know where to go.
but any help would be appreciated
nic:)

and if you look in the fahlog.txt file in the directory the fahconsole.exe is in you will see what username you are folding under!

i dont understand anything about this at all how it got here or what its doing,how does it cure disease etc im very confused about it all

[settings]
username=Anonymous
team=0
asknet=no
machineid=1
local=7

[http]
active=no
host=localhost
port=8080
usereg=no

this is what i found

[settings]
username=Anonymous
team=0
asknet=no
machineid=1
local=7

[http]
active=no
host=localhost
port=8080
usereg=no

this is what i found

What that tells us is someone installed FAH on your machine but didn't have the guts to input his name and team.

What FAH does is your computer simulates a protein and how it folds. I assume you have taken biology and know what proteins are, if not I don't mind explaining.

Stanford is trying to figure out how and why proteins fold the way they do and why sometimes they misfold. Cancer, Alzheimer's and many other diseases care cause or are related to proteins and their misfolding.
http://folding.stanford.edu/FAQ-diseases.html

so how does a computer give the results to all this,i followed the link but with my limited knowledge i still dont understand what all this does how it works etc(when it says diseases,is it computer diseases or human)

so how does a computer give the results to all this,i followed the link but with my limited knowledge i still dont understand what all this does how it works etc(when it says diseases,is it computer diseases or human)
Human

edit it helps by finding posible avinues of grater reserch and identifying imposibitys. i think i read once that over 500 years of lab science dead ends had been found.

do you have google tool bar? it may install fah but i thought it set it up with team 446

If you want to join our team and Fold Protiens for the public good (stanford are an educational establishment and are not for profit) You cna see some papers on folding here
http://folding.stanford.edu/papers.html

if you would like to continue and join our team set your user name to one of the sub-teams or your username or make up a new one and set the team to 32

The team is the important thing. 32, thirty two

every time your vcomputer starts fah starts and it resumes where it left off.

When you play a game fah has a LOWER priority and so frees cpu time for the game.

When a WU work unit finishes It sends the results and the machine/user/team id to stanford NO PERSONAL INFO IS SENT

FAH is secure: FAH now needs a new protien to fold so it knows who (the IP of the server) it should call up. This server tells it the ip of its new work server and it will down load a small WU and begin to process it.

(if you could, can you type start)
edit:
i can't type/spell lol! If you are willing to try could you press start --> run--> type " services.msc " and look for FAH service. If you want to stop FAH for a little while press the STOP buton not pause to resume press play. TO delete we will be able to advise more effectivly if it is a console a service or the gui depending on what you tell us.


edit 3: jaydog did you get fah oi start up? some times it runs after a reboot.

edit it helps by finding posible avinues of grater reserch and identifying imposibitys. i think i read once that over 500 years of lab science dead ends had been found.

do you have google tool bar? it may install fah but i thought it set it up with team 446

If you want to join our team and Fold Protiens for the public good (stanford are an educational establishment and are not for profit) You cna see some papers on folding here
http://folding.stanford.edu/papers.html

if you would like to continue and join our team set your user name to one of the sub-teams or your username or make up a new one and set the team to 32

The team is the important thing. 32, thirty two

every time your vcomputer starts fah starts and it resumes where it left off.

When you play a game fah has a LOWER priority and so frees cpu time for the game.

When a WU work unit finishes It sends the results and the machine/user/team id to stanford NO PERSONAL INFO IS SENT

FAH is secure: FAH now needs a new protien to fold so it knows who (the IP of the server) it should call up. This server tells it the ip of its new work server and it will down load a small WU and begin to process it.

(if you could, can you type start)
edit:
i can't type/spell lol! If you are willing to try could you press start --> run--> type " services.msc " and look for FAH service. If you want to stop FAH for a little while press the STOP buton not pause to resume press play. TO delete we will be able to advise more effectivly if it is a console a service or the gui depending on what you tell us.


edit 3: jaydog did you get fah oi start up? some times it runs after a reboot.

i followed the link u put but it makes no sense to me is it soley based round games if so i dont play any on my computer,none of what you said there makes sense to me at all i do appreciate ure help on this its just i dont have a clue,i dont understand how computers cure diseases etc.ive been to services but cannot find fah services in the list,if i know fully what this all does i might keep it on but at the mo i want to stop it.
cheers for your patience

ok ill try and explain as simply as possible. Also sorry I cant spell well

Past scientific breakthroughs have involved chemists/physicist/biologists working in a lab with test tubes, microscopes both optical and electromagnetic /scanning /tunnelling and even mass spectrometers

every living thing has proteins that are made up of bases. These bases aren’t simple things but complexes made up of many many atoms.

the bases can combine with each other and other elements such as iron in this case haemoglobin

i will stick to haemoglobin for four reasons

0 you are probably familiar with it

1 it has a shape that is a result of forces between the atoms and the molecules that make it what it is. the order of these molecules is important.

2 when it combines with OXIGEN the shape changes. It can also combine with carbon monoxide and infact would prefer too but it wont let go.

3. it can go wrong!! When some one with a genetic abnormality in this case stickle cell anaemia makes haemoglobin the red blood cells don’t make the correct shape however they dont get malieria.

evolution will favour the adaptable or those that will live to breed. if your parents were stickle cell and did not get malaria you will be stickle and not get malaria.

Now why fold?

What if you could cure stickle and malaria? Every one would be better off wouldn’t they? Whites and non stickle could be immune from the plasmodium’s that course malaria, Africans could live with out the fear of children having debilitating stical cell and a virus could be used to adapt the population, making the correct cells only and overruling the cells function to make the faulty protein.

To stop bad effects of too much virus and virus mutations the virus cant be able to reproduce its self so regular gene therapy would be required


to reduce the amount of time it take s to find out what goes wrong and why computers can mathematically simulate the bonds, forces and as a result the shape of the molecule, the protein being studied, and can run 1 million permutations of the order of the atoms in the molecule.
a computer is quicker at just checking these things than a person and can record the results with little error (there are ways that the errors are minimised further by multiple clients (peoples pcs) folding the same thing.)

why do we fold?

Because Stanford shows papers on line, because it speeds things up and is morel in the way that if the results are morally used they will reduce the number of people who suffer unnecessarily

edit : lab time is slow and limited to the number of skiled lab people, time and lab space repatative task also, supper computers are expensive, home pcs; donated/free masivly parralel, dont get board

edit2: i think the link was to pappers on the results of folding protiens not games. you may have been redrected.

right im getting there thanx,but how do i start and stop fah manually then like i say i cant find it in services
cheers

is there a file called servany in the fah directory? more acurrtely srvany.exe

oh and what version of windows ta

edit:to make sure it is fah and not some thing pretending to be fah can you tell me if the log has changed

also do you have FAH50?-Console.exe running as well as FahCore_??.exe running now?

to stop fah we must stop the console.

to start fah there may well be a registry entry that is related to fah console at start up. this morning i removed a adware installer (was blooking it so it couldnt down load but it was still a pita) by registry editing so my self or others can help you stop it from starting again. To do this tho we wil proably need you to tell us the windows version and also to be willing to check the registry.

If it is not present in services.msc then it has been hiden or is not called fah in this list. you may need to run hijack this to get the service name or like i said some one will be able to asssisted in removing the entry from the registry.

edit:2 if you ahve xp see if you can stop fah with msconfig

is there a file called servany in the fah directory? more acurrtely srvany.exe

oh and what version of windows ta

edit:to make sure it is fah and not some thing pretending to be fah can you tell me if the log has changed

also do you have FAH50?-Console.exe running as well as FahCore_??.exe running now?

to stop fah we must stop the console.

to start fah there may well be a registry entry that is related to fah console at start up. this morning i removed a adware installer (was blooking it so it couldnt down load but it was still a pita) by registry editing so my self or others can help you stop it from starting again. To do this tho we wil proably need you to tell us the windows version and also to be willing to check the registry.

If it is not present in services.msc then it has been hiden or is not called fah in this list. you may need to run hijack this to get the service name or like i said some one will be able to asssisted in removing the entry from the registry.

edit:2 if you ahve xp see if you can stop fah with msconfig

i cant find servany in the directory or fah 50 in the processes,i have windows xp home edition. heres the beginning of a log its the only one.im willing yo check reg if u tell me how

--- Opening Log file [June 23 07:02:17]


# Windows Console Edition ################################################## ###
################################################## #############################

Folding@Home Client Version 5.02

http://folding.stanford.edu

################################################## #############################
################################################## #############################

Launch directory: C:\Windows\temp
Service: C:\Windows\temp\windowsautomaticupdates.exe
Arguments: -svcstart -local -service -forceasm -advmethods

Launched as a service.
Entered C:\Windows\temp to do work.

Warning:
By using the -forceasm flag, you are overriding
safeguards in the program. If you did not intend to
do this, please restart the program without -forceasm.
If work units are not completing fully (and particularly
if your machine is overclocked), then please discontinue
use of the flag.

srvany is for nt4/win2k services sorry to add to the confusion.

the fahconsole500 could be fahconsole502 or fahconsole504 there may be a fahconsole503 also the "?" represented a whild card


ok to find out what it is running as i would like you to download and run "hijackthis" it is a little program that will tell us what is running give us some registry info and the services that are running.

if you could try this link http://www.merijn.org/files/hijackthis.zip

its to the zip.


then in code tags could you put in your log? like this with a scrole bar


code tags are formated as folows :
you need a pair

opening and closing

to open them
[
c
o
d
e
]
on one line













and

to close
[
/
c
o
d
e
]


see ?


as you can see the code tags will add a scroll bar if it is a lot of text


the hijack this log should tell us how it is being started. then we can stop it and if you wish tell you how to tidy it up of your system.

Launch directory: C:\Windows\temp
Service: C:\Windows\temp\windowsautomaticupdates.exe
Arguments: -svcstart -local -service -forceasm -advmethods

that is why he cant find FAH looks as tho some one is trying to pull a fast one

i think this is what u meant thankyou all again
i think its the very bottom one am i right.in my services i can see the windows auto update,but i didnt see it b4 as it had no descrption

Logfile of HijackThis v1.99.1
Scan saved at 07:26:00, on 27/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\AOL\1127381127\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\VoyagerTest\fts.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\AOL 9.0a\aoltray.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
c:\program files\common files\aol\1127381127\ee\services\antiSpywareApp\ve r2_0_25_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1127381127\ee\aolsoftware.exe
C:\Program Files\AOL\Broadband CheckUp\bin\mpbtn.exe
C:\Windows\temp\windowsautomaticupdates.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.ex e
C:\Windows\temp\FahCore_78.exe
C:\Program Files\Univision Canada Limited\Pico2000\Alarm Caller.exe
C:\Program Files\Univision Canada Limited\Pico2000\AlmSch.exe
C:\Program Files\Univision Canada Limited\Pico2000\DSR.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\Program Files\AOL 9.0a\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\Documents and Settings\nicholas\Desktop\hijackthis\HijackThis.ex e

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127381127\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0a\aoltray.exe
O4 - Global Startup: AOL Broadband Check-Up.lnk = C:\Program Files\AOL\Broadband CheckUp\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Search with Wanadoo - res://C:\WINDOWS\system32\WSBar.dll/VSearch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .au: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O12 - Plugin for .MP4: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125145469718
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37710.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC7C0C47-41BE-412E-B7B3-64CB52859349}: NameServer = 205.188.146.145
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: PAVWAIT.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: GBPoll - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: Kaspersky Anti-Virus Service (kavsvc) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Automatic Updates - Stanford University - C:\Windows\temp\windowsautomaticupdates.exe

that is why he cant find FAH looks as tho some one is trying to pull a fast one

fresh eyes!

ok so to stop fah on your machine you need to stop the last service in the list there. go start run type services.msc look for the service named "Windows Automatic Updates - Stanford University - C:\Windows\temp\windowsautomaticupdates.exe"

note not automatic updates that the windows process dublle cllik it and set it to manual or disabled and restart.

if you wnat to remove it delet the folder its in and if its disabled that will not create more hasel although it will still leave some registry items


edit: thats why there was no FAHConsole5xx.exe as well

all i can say is thanks i disabled it then deleted all the files out the temp folder,its worked my cpu usage is back to normal and for once it didint dump last night.should i start it back up for the updates or leave it disabled

m$'s service is called only "Automatic Updates" and you only need to start this on the second tuseday of the month.

Now the next question ... is who installed this service on your rig ...

did you install windows yourself? or did a 'friend' do it? or did you buy it preloaded?

It would be good for the science and the folding cause to find out who is doing unauthorized borging? Somebody has gone to some effort to to try to hide this presumably? unauthorized install.

m$'s service is called only "Automatic Updates" and you only need to start this on the second tuseday of the month.

sorry dont get what u mean,why do i need to start it on every second tuesday

Now the next question ... is who installed this service on your rig ...

did you install windows yourself? or did a 'friend' do it? or did you buy it preloaded?

It would be good for the science and the folding cause to find out who is doing unauthorized borging? Somebody has gone to some effort to to try to hide this presumably? unauthorized install.

i bought the comp brand new through my girlfriends work(fujitsu siemens)preloaded. no body has touched the comp since we got it just my girly,(she can only just switch it on) any software etc thats been installed has been done by myself.my brother did give me an antivirus software about a month ago which i loaded on which he got off his mate who has a mate thats a comp whizz could he have hidden it in the antivirus install? ill do whatever u need to find out
cheers

http://en.wikipedia.org/wiki/Patch_Tuesday

edit: beem looking over your hijackthis log and seen rapimgr.exe this is used to sync data between pc and phone/pda if you dont need it you could turn it off. same goes for the Service: GBPoll. i would just try to use windows restore points instead. also unless u need hot keys for your ati card you can stop Ati HotKey Poller

edit2: its best to set all services you change to manual if its an important one windows will start it manualy.

edit3: just to make sure that there is no confusion FAH was masquerading (sp>?) as "Windows Automatic Updates" but windows update is called "Automatic updates" it was running in your log because i can see "wuauclt.exe" you dont need to stope it realy but it doesnt need to run most the time thanks to m$'s patch tuesday