Tech Problem Aggregator

Trojan infection after downloading Archiver.exe and letting it install

Q: Trojan infection after downloading Archiver.exe and letting it install

I am using Windows 8.1 Pro, 64-bit. I downloaded/installed Archiver.exe and got a message of warning from my real time AV, TrendMicro Antivirus. However, I misunderstood the severity of the warning and OK'd the install. Soon I could not start most programs/applications, losing network access quite often (even in Safe Mode with Networking). No Anti-malware, neither TrendMicro nor Malwarebytes on-demand, will start up. I tried installing another malware scan (Panda, I think) and Install got blocked. Tried reinstalling Malwarebytes in Safe Mode, but again I could not scan. Ran Microsoft Malicious Software Tool and one other Microsoft scan and neither found anything. Finally tried Kaspersky Rescue 10 and it found Trojan.W32.Agent.ahqlz. However, Kapersky 'recommended' NOT removing it. Help!

A: Trojan infection after downloading Archiver.exe and letting it install

Welcome aboard  Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

1 more replies
Answer Match 68.04%

I've got a Popup that keeps reappearing on my desktop after every startup and after certain time periods again. It is advertisement, mostly for Gameforge and it has a big yellow button that says "Skip ad", when clicking it, the Popup closes. It seems to be connected to a file named "KS.exe", since the Popup closes when ending the process in task manager. There's also a process running named "ARCHIVER.exe" that keeps reinstalling in the autostart folder after being deleted.
So far I ran Malwarebytes Anti-Malware, which didn't fix the problem.
Thanks in the meanwhile!
___________________
 
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von Spleen (Administrator) auf SPLEEN-PC (31-08-2015 22:39:06)
Gestartet von C:\Users\Spleen\Downloads
Geladene Profile: Spleen (Verfügbare Profile: Spleen)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(EnTech Taiwan) C:\Program Files (x86)\softOS... Read more

More replies
Answer Match 62.58%

well today i was trying to download this softwares and i could not open or save their setups..this problem happened to this softwares i tried to download:Elite Keylogger 3.6 Handy Keylogger 3.25Quick Keylogger 2.1i tried downloading their setups and i got thiserror messages and this AVAST! message.how can i fix the problem so i could download them..??

A:Trojan Infection And Downloading Problem

Keylogging programs can be legitimate but their related files are often detected by anti-virus or anti-malware scans as a "RiskTool", "Hacking tool, "Potentially unwanted tool" or even a "Trojan". These types of programs have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. Potentially unwanted does not necessarily mean the file is malware or a bad program. It means it has the potential for being misused by others. Anti-virus and anti-malware utilities cannot cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.In your case, avast is doing its job and stopping you from downloading a keylogging program it considers malicious. You may have to temporarily disable avast to complete the download. However, after install, avast (when re-enabled) may flag the program again. In that case your going to have to tell avast to "ignore".

1 more replies
Answer Match 60.06%

Hi All

My fathers laptop has some issues. When the network cable or wireless is connected to the net the computer hogs all the bandwidth and appears to be downloading or uploading something. I have run spyware doctor, spybot S&D, Malwarebytes, Ad-aware, AVG in normal and safe mode. It has fixed the majority of the issues but it has not fixed the bandwidth hogging. Here is a list of some of the things the scanners found and cleaned.

Adware.zangosearch
Trojan.brisV
spyware.mywebtattoo
virtumonde

Any help would be greatly appreciated

PS as per the guide I did a rootrepeal scan and it got and error and closed not sure what it was though.

cheers
Christian

Below is the dds report
DDS (Ver_09-12-01.01) - NTFSx86
Run by Barry at 12:09:49.26 on Wed 06/01/2010
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_07
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.61.1033.18.2037.708 [GMT 10:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgr... Read more

A:Can't Find what is downloading secondary infection like Trojan.brisV and hogging bandwidth

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on Download_mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may ta... Read more

10 more replies
Answer Match 57.12%

Hello Bleeping computer. I come here to seek your excellent help.
 
So today, I went to do a full scan of my system with my antivirus (Bitdefender Free Edition). To my horror, the notification bubble popped up and said it had found and removed 40 something threats. I found this a bit strange since I had just ran a Malwarebytes scan that came up completely clean, and my computer was running fine. I tried to view what it had found, but it kept glitching out (Apparently, Bitdefender Free has a reputation for glitches). I tried to view the "An on demand scan is ongoing" event (Even though it said the scan had finished), but it said zero threats found in the event. Also, when I went to the threat control tab, there is nothing in the quarantine. I know that Bitdefender Free will sometimes delete infected files instead of quarantining them, but it seemed like out of the 40 something threats it said it found, at least a few would be quarantined.
 
The program was glitching out pretty bad, reloading the events and not allowing me to clear them (A system reboot fixed this). I continued to scan with Hitmanpro which found a couple PuP registry entries (Which, since my trial had expired, I manually deleted with Regedit), and AdwCleaner, which found a registry entry for a proxy server override? (Something like that), does that mean that I was using a proxy server? If so, That's bad.
 
I don't think my system is currently infected (But, who knows!). I'm not even sure if BD ev... Read more

A:Bitdefender Free possibly letting infection through

Hello, 
 
we will check for infection.
------
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
§  Flush DNS
§  Report IE Proxy Settings
§  Reset IE Proxy Settings
§  Report FF Proxy Settings
§  Reset FF Proxy Settings
§  List content of Hosts
§  List IP configuration
§  List Winsock Entries
§  List Installed Programs
§  List Users, Partitions and Memory size.
§  List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
-------
Download Security Check from here or here and save it to your Desktop.
§  Double-click SecurityCheck.exe
§  Follow the onscreen instructions inside of the black box.
§  A Notepad document should open automatically called checkup.txt; please post the contents of that document.
--------
Kaspersky Virus Removal ToolPlease download Kaspersky Virus Removal Tool from here.
§  Right click on KVRT.exe and select Run as Administrator.
§  Read the EULA, then select Accept.
§  Wait for Kaspersky Virus Removal Tool to initialize.
§  In the main screen, select Change parameters, place a checkmark in System drive, then click OK.
§  Click... Read more

9 more replies
Answer Match 57.12%

I have posted this same problem on numerous forums and nobody will help me, I just hope that you fine people can help me. --A few days ago, I ran some routine scans and found that Spybot S&D has detected Virtumonde.sci. Ever since, I've been trying to get rid of it, but to no avail.Since then, everytime I scan with Spyware Doctor, there is always more spyware/adware such as Advertising and Generic. These have posted no threat so far, but I'm seriously concerned in case Virtumonde lets in something more deadly, especially since I've only had this laptop for around three weeks. For the sake of convenience, here is a list of things I have done to try and remove this nasty bug:+ Deleted suspicious looking files myself with HijackThis - didn't work, Virtumonde has a DLL file which relaunches these files upon reboot.+ Scanned with Ad-Aware - nothing found.+ Scanned with MalwareBytes (usually very reliable) - nothing found.+ Scanned with Spyware Doctor (also usually very reliable) - nothing found.+ Scanned with Spybot S&D - the only scanner that identified Virtumonde.sci, but cannot permanently remove due to that pesky DLL file.+ Scanned with VundoFix - nothing found.+ Scanned with Symantec's Virtumonde Removal Tool - received C++ error upon scanning, Task Manager couldn't end it so I had to log off. (A sign maybe?)+ Scanned with Spybot S&D during Safe Mode - found Virtumonde.sci again, but still couldn't permanently remove it.+ Scanned with Ad-Aware during Safe Mode - n... Read more

A:Possible Virtumonde Infection - Letting Other Adware Into My Computer

Sincere we're working on this at Tech Support Guy, I'm going to close this thread.

1 more replies
Answer Match 54.6%

Hi All,

I am running a Dell Dimension 1100, XP system and I cannot install new programmes. Each time I try, I get the Windows 'New Hardware Found' window pop up and it asks for the installation disc, which does no good. Today tried to install a printer, I d/loaded the up to date software & drivers direct from the Kodak site, it installed the publishing suite etc, but when it went to find the drivers to link the printer to the PC I get the message ' Printer Not Found'.

I have the latest and correct drivers , and , this is not the first time I havent been able to install a new proggie as the same problem crops up. I use a usb cable for connection purposes. I also have x 5 empty usb ports and I have tried swapping ports, with no success.

Now the interesting thing is that I tried installing the printer onto my laptop ( Windows Visa ), and it installed immediately, no problems.

I have either a software problem on my PC, or a hardware problem.

If anyone can help, I would be grateful.

~~ andy whitham ~~

A:Not letting me install new proggies

Double Double check you have the correct drivers you downloaded.

If it still does not work, Try Manualy extracting the setup or locate where the files are being installed to.

Then go to Device Manager and Update the driver, Only this time specify the exact folder you want the wizard to look into and It will have better luck locating the driver it needs.

2 more replies
Answer Match 53.76%

Hey guys.

I'm trying to install an audio driver for my reimaged Dell; it tells me there's a newer version installed and can I please uninstall it before I proceed. The driver its asking me to uninstall is called SoundMAX.

I go into Add/Remove Programs. I see it, I click to remove. I get the error message 'The HDA Audio Bus Driver is required and not found'. I conesquently cannot remove it. Meaning I cannot install a new one. Meaning no sound.

Is there another way for me to remove this shiznit?

Thanks ya'll.

Ilya.

A:Windows isn't letting me un install a program

perhaps in safe mode.

4 more replies
Answer Match 53.76%

I have DX 10 and I'm on WINDOWS 10 PRO . When I try to upgrade to another newer version of directx its not letting me saying something like there is no need to install .......

A:Cant install DX11 or DX12? Its not letting me

Do you have a Directx 11 or 12 capable graphics card?

5 more replies
Answer Match 53.76%

Alright, here's my problem:

If I remember correctly it started in October when I uninstalled Crossy Road, while an update happened for the game. I had no idea the update was happening, so I uninstalled the game, and when I went to download an app days later, three updates were saying they were being downloaded, one for Crossy Road, one for MSN News (which I had already deleted), and a Microsoft .Net update.

Here's what I've tried to fix the problem:
- Running wsreset
- Logging out of the store and rebooting my computer
- Going offline, logging out of the store, and rebooting my computer
- Just simply rebooting my computer

The store won't let me update my computer or install any other apps. At this point, I'm almost ready to just reformat my computer, so any help will be accepted.

More replies
Answer Match 53.34%

I have tried updating adobe, updating java, deleting bonjour (and when I tried to re-add it, got the same message I get when trying to download new itunes version)...I need the new version of itunes to run ipod...any ideas are most welcome. Thanks.
 

A:Bonjour not letting me install new itunes version

6 more replies
Answer Match 53.34%

Hey everyone. I started having this problem last Friday. I use Mozilla as my browser while my folks use IE. Starting last Friday random popups have been popping up while I browse using Mozilla. I tried to scan with Lacasoft's Adaware, but I had an older version so I uninstalled it and installed a new one. I scanned with the Adaware and it found 7 files that it deleted, but popups from internet explorere still continued. I decided to increase the pop-up blocker in Internet explorer to high, and this seemed to limit the amount of popups I get, but I still get one or two popups every 10 minutes. I decided to then uninstall Mozilla and IE8, and use Google Chrome instead. That still did not work since pop ups have still been appearing. So I decided to reinstall Mozilla, and maybe try Malwarebytes. I tried installing malwarebytes but it will not install, citing that malwarebam.exe can not be found, or something along that line. I have now decided that this is far out of my league. I have read your guidelines, my firewall is up and I understand that I should not install or unistall anything unless instructed to do so.PS. I am surprised that there is a community like yours in the web where volunteers try and help others to rid their computers of infections, props to all the volunteers!Here's the DDS:DDS (Ver_09-12-01.01) - NTFSx86 Run by richard at 9:43:50.15 on Sun 01/24/2010Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Home Edition 5... Read more

A:Random Popups, Not Letting Malwarebytes install

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

10 more replies
Answer Match 53.34%

Hi!

I am running Vista and am trying to install the software for an HP LJ 3050.

I am the only user on the computer (an HP laptop) and I have administrator privileges.

The software install stops halfway through and says that it cannot continue since I am not the administrator.

I have tried creating a new account called System Administrator and installing the software with that, but the same thing happened.

Any ideas?

Thanks --

Mary
 

A:Solved: HP Printer software - not letting me install

Log into your administrator account and go to "Control Panel>User Account and Family Safety>User Account" and click on "Turn User Account Control on or off" and temporarily turn it off (It will require you to restart). And try to install it. It should allow you to install it. Once it's installed, just turn UAC back on.

Also, make sure your account is set to Administrator and not Standard, by going to "Control Panel>User Account and Family Safety>User Account>Change your account type" and make sure the Administrator box is ticked.
 

1 more replies
Answer Match 53.34%

Hello all,

My laptop was hit with a multiple virus infection while using Firefox.
Symantec seemed to have taken care of things at the time but I was still having some problems, and it didn't seem to be able to get rid of TDSS. I disabled system restore and tried to clean the registry manually, but wasn't able to find all the entries listed on the Symantec site. I disabled the TDSS driver via the control panel.
MBAM wouldn't install, so I tried Spybot which found a few other issues. Finally I was able to install MBAM and HJT from a disc, and connected back to the internet again briefly to update both.
I ran CCCleaner then MBAM in safe mode and MBAM seems to have cleaned everything (both MBAM and HJT scans looked ok afterwards, though there are still a few entries in the HJT log that look suspicious to me).
Everything seems to be fine now, and I proceeded to uninstall the old Java updates, got all the latest Windows updates, and then turned system restore on again.
I'm basically looking for some advice on what to do to make sure everything is in fact gone as there are those few HJT entries that look suspicious to me.
Thanks in advance!
DDS (Version 1.1.0) - NTFSx86
Run by mo at 16:50:17.96 on Tue 01/06/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2532 [GMT -6:00]

AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)

============== Running Processes ====... Read more

A:Multiple Virus Infection: Trojan.Vundo, Trojan.VundoH, Trojan.BHO, Trojan.TDSS, Trojan.Agent, Trojan.Downloader, Malware.Trace...

My name is BHowett and I will be helping you to get sorted. If for any reason you do not understand any of the instructions, or are just unsure then please do not guess , simply post back with your question, and we will go through it again. This seems like a tech issue and not a malware problem, but lets take a look and see what we find.Sorry for the delay, please do the following...ComboFix Please ownload ComboFix from Here or Here* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License A... Read more

12 more replies
Answer Match 52.92%

Hello, my name is Jon and im running:

Windows XP Professional

Version 2002

Service Pack 3

--

Dell Dimention 1100

--------------------------------

I first noticed a problem when Internet Explorer kept shutting down randomly.

Then 'XP Antispyware 2012' (which ive never noticed before even on my computer, and is making me register) went crazy with pop-ups saying 'Stealth Intrusion', 'Virus Intrusion', 'Security Breach', etc. Some of the viruses mentioned are 'Trojan-BNK.Win32.keylogger.gen' & 'Email-Worm.Win32.eyeveg.f
Now for the confusing part. When i first started to try and open 'Malwarebytes' the pc acted as if i was trying to do an update for Abdobe, over and over again.

Mcafee - opens but demands an update, then when i try to update i get a pop-up saying 'error intitializing Update interface'...forcing me to 'close'

Avast - Does absolutly nothing.

So my next ides was to download ' Advanced Windows SystemCare 4' have this at my home computer and works great. But 'XP Antivirus Spyware 2012' wont let me surf with Internet Explorer even though there is an option to 'Continue Unprotected' which does nothing but bring me back to the same screen.

I again tried doing all this in SafeMode with AND without Networking, but all the same problems.

Anyone with any kind of help would be greatly appreciated, thank you in advance!


- i also un-installed McAfee.

A:Trojan Issues...Not Letting Me Run Malewarebytes or Internet Explorer...Please Help.

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined below. Use a USB flash drive to download and transfer the tools to the affected machine, if necessary. You might like to run the Flash_Disinfector.exe on the clean machine and the flash drive first to protect against any possible transfer of infection via USB.


NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Answer Match 52.92%

Hello, my name is Jon and im running:

Windows XP Professional

Version 2002

Service Pack 3

--

Dell Dimention 1100

--------------------------------

I first noticed a problem when Internet Explorer kept shutting down randomly.

Then 'XP Antispyware 2012' (which ive never noticed before even on my computer, and is making me register) went crazy with pop-ups saying 'Stealth Intrusion', 'Virus Intrusion', 'Security Breach', etc. Some of the viruses mentioned are 'Trojan-BNK.Win32.keylogger.gen' & 'Email-Worm.Win32.eyeveg.f
Now for the confusing part. When i first started to try and open 'Malwarebytes' the pc acted as if i was trying to do an update for Abdobe, over and over again.

Mcafee - opens but demands an update, then when i try to update i get a pop-up saying 'error intitializing Update interface'...forcing me to 'close'

Avast - Does absolutly nothing.

So my next ides was to download 'Advanced Windows SystemCare 4' have this at my home computer and works great. But 'XP Antivirus Spyware 2012' wont let me surf with Internet Explorer even though there is an option to 'Continue Unprotected' which does nothing but bring me back to the same screen.

I again tried doing all this in SafeMode with AND without Networking, but all the same problems.

Anyone with any kind of help would be greatly appreciated, thank you in advance!

A:Trojan Issues...Not letting me use Malwarebytes or Internet Explorer! PLEASE HELP.

Please read this sticky and follow the directions. NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

6 more replies
Answer Match 52.92%

Hi.  I foolishly hit a update notification for Flash which installed a trojan on my computer. Looking at other postings on this forum I have run the following: HitMan ProSecuritycheck.exeFarbar Service ScannerMiniTool BoxMalwarebytes AntiMalware softwareMalwarebytes AtiiRootkitJunkware Removal ToolSuper AntiSpyware These did find some things including a trojan file by Malwarebytes, and did the quarantine, but system is still being  screwy so there's more out there... I am unable to install Adaware - some sort of conflit or problem on the install even though it is trying to install as a secondary compatible.Running MS Security Essentials.Malware/Trojan seems to be interfering with web pages that might install removal tools. Thanks.  Logs as follows: ********************************************************************************************HitmanPro 3.7.3.194
www.hitmanpro.com

   Computer name . . . . : KITCHEN
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Kitchen\Anne
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)

   Scan date . . . . . . : 2013-04-22 09:47:10
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 46s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

... Read more

A:Flash Player Install Trojan Infection

Hello putnama I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same",... Read more

17 more replies
Answer Match 52.92%

Running xp home sp3

Hi everyone hope you able to help me.

I have had to do 2 fresh installs of xp now as I keep coming acroos the same problem.

I have set up 3 accounts, only 1 of them is an administrator, the other 2 are limited accounts.

Now when I try to install software using the the account with admin priveliges such as vlc, it asks for the password for the admin account, which is fine, I can then click through the 'next' pages to prepare the install, but once I click install, it starts the process but skips a hell of a lot of files such as plugins that are vital to run the software, making it useless.

I know it has something to do with the priveliges as I am able to install software normally with all users having admin priveliges. Soon as I make accounts limited and password the admin account, I cant install anything. Even if I unrestrict users accounts after and remove the admin password to install software, still asks me for password.

So the only way to be able to install software again after doing these changes, is to do a fresh install of xp and keep all users with admin priveliges and not password protect accounts which isnt what I am trying to achieve.

Has anyone had the same problem and know of a solution?

Thank you
 

A:XP Home admin account not letting me install software

7 more replies
Answer Match 52.92%

Hello.

I have a hard drive with Vista Home Premium 32-bit installed. I pulled it out of an Acer whose motherboard and power supply got toasted. I connected it to a friend's EMachine and it worked just fine. I'm trying to connect it to a generic system that I built, and when I start it, it goes straight into Windows Startup Repair. The HDD is a 320 GB Seagate, the motherboard is a MSI K9N6GM Series with a new AMD Athlon 64 x2 CPU and 2 GB RAM. I'm wondering if it has anything to do with the fact that I had 4 GB RAM on my old Acer, or if it's just set up in such a way that it won't work on non-Acer machines? I can't even get to the part where it would let me install the chipset drivers, and my recovery CD's (with the Vista OS) don't get me the recovery console. Ideas? I'm stumped here! Thanks.

More replies
Answer Match 51.66%

Like in lumia 730 and why the shutter speed not working effectively in inbuilt camera application in windows 10 device it changes automatically to fast shutter or some other even on fully manual setting as it use to work perfectly in windows 8.1 using lumia camera classic? I've 14393.448 build installed.

A:why Microsoft not letting us to install old lumia camera application in windows 10 mobile

They do that to direct you to Microsoft Camera. Even if you installed it, it would direct you to it.
I'm not 100% sure, but that seems to be the likely reason.

1 more replies
Answer Match 49.98%

Plz can anyone help me out to compress efficiently using kgb archiver 2??
i have googled it but they say that it can compress 1 gb into 10mb...but i could get compression ratio as 99.9% for any file....plz somebody help.......

A:Can any one help me in KGB archiver?????

I doubt that will happen anytime soon. What are you compressing?

3 more replies
Answer Match 49.56%

Just now, noticed a compression software named B1 Free Archiver?

anyone ever used it, it also has its own extension named b1 like 7z, rar,zip etc.

http://b1.org/

http://www.softpedia.com/get/Compression-tools/B1-Free-Archiver.shtml

.
 

A:B1 Free Archiver - anyone used it?

never used it, but the GUI looks good
wanna try now
 

6 more replies
Answer Match 49.56%

I downloaded the VisualBoyAdvance, and then downloaded the UniExtractor to unzip it. After unzipping, I removed UniExtractor. I then downloaded a game for the emulator, intending to save it as a zip file (VisualBoyAdvance doesn't require you to unzip game files), but the only choice my computer gave me was to save the file as a Universal Extractor Archive. I need to save it as a zip file!
 

A:Uniextractor Archiver

Please see the TSG Rules, we provide no support for emulators or illegal game downloads.

Closed.
 

1 more replies
Answer Match 49.56%

Is it possible to archive a particular site, so that it can be accessed
later. I do not want to save the data to my local drive. The site in question
gets updated daily. Since I cannot access the site/internet over the weekend.
Is it possible to access the weekend data from the site on the following
monday

More replies
Answer Match 49.14%

I recently downloaded a program called Power Archiver and i'm curious to know how it compares to others such as winzip or winrar. I currently use winrar, does anyone think i should swith to power archiver?
 

A:Is Power Archiver Any Good?

IMHO WinRAR is absolutely the best and most natural archive manager. Has the best features too, especially for multipart archives. Not free though.

I had a very nasty experience with Powerarchiver once (years ago, I'm sure they have fixed the bug by now) and I am not going to use that program again myself.
 

5 more replies
Answer Match 49.14%

Hi, I download a large file from usenet that came in multiple parts. I tried to merge the file together and it gives me a Packed data CRC failed: the volume is corrupted error. I used quick par and inspected the files and they are complete which means not corrupted otherwise I could repair them with their par2 files. Neone know how to fix this?
 

A:winrar archiver CRC error

I'm not sure if a packed data CRC error is any different than a regular CRC error but the first action to take is usually to download the file(s) again, possibly at a time when data collisions (network traffic) isn't at its peak. There can be several other reasons for getting a CRC error though, the following webpage deals with those and other possible fixes (http://www.instant-registry-fixes.org/fixing-crc-error/).
 

1 more replies
Answer Match 49.14%

Is there a product that y'all are aware of that will archive e-mail and calenders for exchange?
 

More replies
Answer Match 48.3%

I compressed some files with kgb archiver that ends with .kgb and then try to open it with 7zip,somehow it seems not possible to open.

Regard,
Thanks.

A:Can't open kgb archiver files with 7zip?

I guess nobody responded because this isn't a Vista problem. However, from what I've read, when you compress with kgb, you can specify either kgb or zip. It appears that you specified kgb so that's what you'll have to decompress the file with.

8 more replies
Answer Match 48.3%

my windows 7 stuffed I can't use my main pc I changed the extensions from exe to RAR archiver.accident.

I can't restore late point because i changed all of extension [exe]

does anybody know where is application exe ? so I can change it back .
help me please
 

More replies
Answer Match 47.88%

hei.. i m newbie heree, well.. i have some problem with this error message

everytime i open any program this error message would pop up:
"WinRAR archiver has encountered a problem and needs to close. We are sorry for the inconvenience. If u were in the middle of something, the informaton you were working on might be lost."

above error message would pop up if i open winrar, as well as another program, if i try to open it many times, this error message sometimes would pop up:
"The instruction at "0x7c882f9c" referenced memory at "0x7c882f9c. The memory could not be "written".
Click OK to terminate the program
Click on CANCEL to debug the program"

what should i do now ?

A:archiver has encountered a problem [Moved Back to XP]

Is this a recent development? or has it been going on for a while?

19 more replies
Answer Match 46.62%

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:07:10 PM, on 11/22/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\hp\support\hpsysdrv.exeC:\WINDOWS\RtHDVCpl.exeC:\Windows\system32\schtasks.exeC:\Program Files\AVG\AVG8\avgtray.exeC:\Windows\system32\jusched.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\SweetIM\Messenger\SweetIM.exeC:\Program Files\MyWebSearch\bar\3.bin\M3SRCHMN.EXEC:\WINDOWS\System32\rundll32.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exeC:\Windows\system32\wbem\unsecapp.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exeC:\Windows\ehome\ehmsas.exeC:\hp\kbd\kbd.exeC:\Windows\System32\wsqmcons.exeC:\Program Files\Orbitdownloader\orbitdm.exeC:\Program Files\Orbitdownloader\orbitnet.exeC:\Program Files\Orbitdownloader\Grab.exeC:\Program Files\Motoro... Read more

A:Possible Infection/Downloading problems...

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable ... Read more

9 more replies
Answer Match 45.78%

Started noticing some serious crashing in Chrome, then lots of redirects in both Firefox and IE (ie gazette.com redirects to something like 690835.net, might load properly after refresh). Ran Malware Bytes and SS&D, removing a few items. Problem still persisted.

YouTube / flash will never load (currently uninstalled as part of my troubleshooting), and I am unable to download files from any browser. The save as dialog appears, but the download never starts.

Ran DDS, no issues. I also ran GMER, however I'm having trouble with the system rebooting ~2x/day (system recovered from a serious error), so GMER never runs to completion. I did capture the log after it had run for a few hours and had scanned a majority of files.

Any help or direction is REALLY appreciated!

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 17:50:05.39 on Tue 03/08/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.209 [GMT -7:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C: ... Read more

A:Infection: Web redirects, downloading issues

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

18 more replies
Answer Match 45.78%

I have been trying to figure this out. I have a MS website that allows you to download Visual Basic 2008 express edition sp1. It gives you the option of downloading offline or a website download. When I download I can only get like 7% of the download as a saved file. When I go back to download some more of the file, it starts the download from scratch and I never get the hold program.
Q1) What is the diff in a website download and a offline download?
http://www.microsoft.com/express/download/#webInstall

Q2) Have any brite ideas as to how download part of the program and save it, so has to download the rest on the next time I am on line?

Monitor; if I have ask the Q. on the wrong forum thread, please foward my thread the the proper location and please excuse. God Bless all DC.

More replies
Answer Match 45.78%

Lately my computer has been exceptionally slow. Blue screens a time or two. Ive recognized a few other suspicious things such as 'Service Distribution Software 3.0' trying to install at 3 am for the past 2 weeks. I also looked at my ReportingEvents.log and noticed that even though Microsoft updates were downloading successfully they were not installing since 6-10-2010 (i went ahead and attached a copy of that as well). Also, Firefox was acting really funny. Taking a huge amount of time to load. I also found that even if I shut Firefox down, it was always running. Even if I went to Task Manager to kill firefox.exe, it was very difficult to get it to finally stop running.I even saw a post here saying: ------------------------------------------------------------------------QUOTELets check your HOSTS file.It's located at c:\windows\system32\drivers\etc\hosts.You can open it up in Notepad.If it's just some lines on top with a # in front of it and followed by 127.0.0.1 localhost, then you don't need to post it;however, if there are others following 127.0.0.1 localhost, you may have to fix it.Lets check your HOSTS file.It's located at c:\windows\system32\drivers\etc\hosts.You can open it up in Notepad.If it's just some lines on top with a # in front of it and followed by 127.0.0.1 localhost, then you don't need to post it;however, if there are others following 127.0.0.1 local... Read more

A:Trojan horse Vundo.JW - Trojan.Mebroot. Mebroot/Sinowal Infection, Trojan.Tracur, Trojan.TDSS or what?

Hi deetheis,Welcome to Bleeping Computer!My name is mpascal, and I will be helping you fix your problem.Before we begin, I would like to make a few things clear so that we can fix your problem as efficiently as possible:Be sure to follow all my instructions carefully! If there is anything you don't understand, don't hesitate to ask.Please do not do anything or perform other steps unless I have asked you to do so.Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.Don't attach any logs unless asked. Posting them in the forums will make them easier to analyze.If you are unsure of how to reply, or need help with anything regarding the website, please look here.STEP 1 - MBAMOpen Malwarebyte's Anti-Malware.Under the Updates tab, click Check for Updates. Let the updates install (if any).After that, under the Scanner tab, click Perform Quick Scan and then Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Exit MBA... Read more

2 more replies
Answer Match 45.36%

About a month ago I downloaded softare on my PC for syncing downloaded ring tones on my phone.   It sync via itunes.
Since then, I have really bad malar ith pop up ads on almost any e-comerce page I visit.  I tried to uninstall the program but I still have the pop up issues.  Can you help?

A:Malware infection after downloading software for ringtones

Download Malwarebytes, update and run the free version.  You can get Malwarebytes from this site.  I always "quarantine all" regardless of what it finds.  See how you do after that.

2 more replies
Answer Match 44.1%

Howdy,

Yesterday the little brother decided to look at smut, and promptly infected our computer with an annoying program called Malware Defense. Tried safe mode avast, didn't work, uninstalled that, did some reading. After running rkill and using a randomly-generated malwarebytes .exe file, Malware Defense seems to be dead and gone from the computer. It doesn't launch all crazy at start-up and I've yet to see a return in the past three hours after I dealt with it. However, the HJT file seems to list Malware Defense as my AV, which is unsettling and suspicous.

However, Malwarebytes has also detected two Trojan.FakeAlert files, items "\\?\globalroot\systemroot\System32\H8SRTinrimeodbm.dll" and "\\?\globalroot\systemroot\System32\H8SRTinrimeodbm.dll". While the files have the same name, Malwarebytes lists one as a "memory module" and the other as a "file". I click on remove in Malwarebytes, restart, scan again, the infections are back. I noticed this infection file showed up as 'hidden from windows api' during one of the scans I ran for this HJT, but I've no idea what to do about it.

After running rootkit, I also received an error stating "Error - on-disk corruption detected - run chkdsk!"

The Trojan.FakeAlert does not appear to be doing anything clearly visible. I've read that it is supposed to spam you with fake anti-virus but it's not doing so at the moment an... Read more

A:Trojan.FakeAlert Infection After Dealing with MalwareDefense Infection

Howdy, guys.

I know the list says not to bump, but the topic thread says it might take a few days and it's been a bit over a week, so I was wondering if this was left behind in a flurry of other topics or if I just put myself back in line another week.

Please let me know!

From reading the logs created by this website's programs and proccesses and looking at the corresponding file names in MalwareBytes, I think I see where the files are (all those H8SRTd things) but I have no idea how to make them actually show up so that I can get rid of them.

3 more replies
Answer Match 43.68%

Edit: Trojan Horse BHO.HJE infection post Trojan horse generic 12 infection (by post i mean after)Trojan Horse BHO.HJE infection AFTER Trojan horse generic 12 infectionI have resolved or am in the process of resolving this trojan horse generic 12 infection when AVG informed me that i now have trojan horse BHO.HJE. I ran a malwarebytes smart scan and nothing found. Here are the results of HJT scan:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:15:02 AM, on 2/9/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\DigitalPersona\Bin\DPWinLct.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\DigitalPersona\Bin\DpHost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Java\jre6\bin&... Read more

A:Trojan Horse BHO.HJE infection post Trojan horse generic 12 infection

Hi sharma10,Welcome to the BleepingComputer forums.We apologize for the delay in responding to your request for assistance. Every one of our team members is a volunteer and unfortunately, there are often just not enough to keep up with demand. Thank you so much for your patience.If your issue has been resolved or you have received help elsewhere, please post a reply here and let us know so that we can close this thread.If you still need assistance, my name is SpotCheckBilly (SCB for short) and I will be happy to help you.===Very Important===The instructions in this thread have been specifically designed for THIS USER'S MACHINE ONLY . You should not use these instructions to clean your machine. Doing so could cause irreparable damage to your machine. If you need assistance, please start your own thread.=================A few things which will make our fix go more smoothly.Please >> DO NOT<< run any scans/tools or other fixes unless I ask you to.Please DO NOT install any software while we are working.Please Do not skip any steps. With some infections skipping a step can be disastrous.If there is something you don't understand or or are unsure of -- please stop and take a moment to ask about it. If you are running P2P filesharing program(s). My recommendation is you uninstall it/them.Remove any cracked/pirated software. I will immediately stop helping you if I discover any.The most important thing to remember is to be patient. Very seldom can we remove the ... Read more

1 more replies
Answer Match 43.26%

Well, I'm not sure if this is in the right section but here goes.

Back in Dec '09, I purchased Windows7 Pro upgrade. I put it on a computer but I eventually sold it (with WinXP). I have just recently built a new computer that needs an OS. I have a key for Win7 Pro just sitting around and so I thought I'd use that.

Problem is, I don't have an install disk. And I don't have an operating system currently on it so I can't upgrade.

I'd like to clean install Win7 Pro 64-bit on that computer but to do that, I need to download it.

I've tried logging into the Microsoft store but it says I don't have any purchase history. I know that is false since I have an email with my information (but the order number doesn't work either).

So as you can see, I'm in a pickle. If anyone can suggest how to get a download of Win7 pro, I would really appreciate it.

Thanks,
okami

A:Need help with downloading Win 7 pro for install

Well I got a download going. The link in my email from Digital River finally connected.

I just want to confirm, the key for Windows OS isn't tied to either 32bit or 64bit, correct? It's just tied to the version (Home, Pro, Ultimate, etc.). Reason I ask, I originally bought it as the 32bit from Digital River since my laptop could only do 32bit. However, my new desktop can do 64bit and I want to utilize that. I'm downloading both 32 and 64 from Digital River at the moment just incase.

Thanks,
okami

3 more replies
Answer Match 42.84%

Windows Vista SP-2
AVG Antivirus Free 9.0
Windows Defender
MBAM
I'm not sure exactly where I got this virus from, but it first surfaced after I decided to try the WoW trial on my laptop...

The first thing that happened was a program that I did not install popped up in my taskbar. --Antispyware Soft. It began scanning, which freaked me out, so I turned off my computer and restarted in Safe Mode. I ran a scan with AVG, which turned up nothing. Lies! So I used the desktop computer we have to do some searches and found out some information about Antispyware Soft. The post which I read instructed me to download Malwarebyte's Anti-Malware, which I did, and when I ran the program it found and removed a backdoor trojan and also the Antispyware Soft scareware.

My computer worked normally for a few days, and I thought I was rid of my problem, until I noticed in task manager several processes running that were suspicious and had randomly assigned names---e.exe, app.exe, ape.exe, etc. I located these on my hard drive in several different directories and removed them. My computer worked fine for another few days.

Then, today, AVG popped up and told me that it detected trojan horse dropper.tiny.ao on open. I tried removing it but it said the file was inaccessable. Then, it popped up several more times in the same folder. The process it was accessing was Adobe reader, so I restarted in safe mode, ran a scan with MBAM, which turned up almost 58 items, all of which had the An... Read more

A:Trojan-Downloading new malware, can't seem to get rid of it. Help!

Let's do a couple things. You may have had an Antivirus soft infection.Hello and welcome... You need to do all the steps.Please follow our Removal Guide here Remove Antivirus SoftYou will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system..Now run TFC by OTPlease download TFC by Old Timer and save it to your desktop. alternate download linkSave any unsaved work. TFC will close ALL open programs including your browser! Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator. Click the Start button to begin the cleaning process and let it run uninterrupted to completion. Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.Follow with an SAS scan and tell me how it's running after.Please download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on A... Read more

3 more replies
Answer Match 42.84%

Hi all,

A friend reccomended this site. I hope someone can help. A few days ago I started having problems with pops and today Norton said that I had a "downloading trojan" and it quarantined it, but its not gone. I went to symantec and printed the instructions to remove it. (I had to do this with a different virus before, so I am familar with the procedure.) So I run Norton in Safe mode, but now it doesn't detect the trojan, so how do I get rid of it? Its really frustrating b/c of all the pops that come on when I am on the internet.

TIA~ Jewel
 

A:Help removing downloading trojan?

7 more replies
Answer Match 42.84%

I have started having problems with my new laptop(> 2 mos old). it has problems coming out of sleep mode, it shuts down unexpectedly, and i have also found browser history files for websites i have never gone to. i ran Spybot search and destroy and found no spyware files, but when i looked at my startup, i found a blank registry fire that S&D said was connected with multiple trojans and worms including agbot-ku worm, mkmoose-a worm, delf-ux trojan, sdbot worm, and the dadobra-iw trojan. so now i am here. i have ran a hijack this program and also dekards system scanner. here is the results. any halp would be great, thank you. Deckard's System Scanner v20071014.68Run by Tim on 2008-04-18 19:02:45Computer is in Normal Mode.---------------------------------------------------------------------------------- Last 5 Restore Point(s) --29: 2008-04-18 15:02:42 UTC - RP69 - Windows Update28: 2008-04-15 23:35:51 UTC - RP68 - Windows Update27: 2008-04-13 15:19:00 UTC - RP67 - Windows Update26: 2008-04-10 21:14:02 UTC - RP66 - Scheduled Checkpoint25: 2008-04-09 07:00:26 UTC - RP65 - Windows Update-- First Restore Point -- 1: 2008-03-12 18:59:05 UTC - RP38 - Device Driver Package Install: ATI Technogies Inc System devicesBacked up registry hives.Performed disk cleanup.-- HijackThis (run as Tim.exe) -------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:05:14 PM, on 4/18/2008Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Inte... Read more

A:Laptop Infection Dadobra-iw Trojan, Delf-ux Trojan, Agbogt Worm

Hello tpokoy , welcome to the BC HijackThis Log and Analysis forum. I will be assisting you in the effort to clean up your computer.Please allow me some time to study your log and I will get back to you. In the meantime if you have ran any additional tools to try and do repairs or made any other changes to your computer since you first posted the DSS log, please let me know.I would also ask that you refrain from running any additional tools unless I ask you to while we are in the process of cleaning everything up. It is necessary that we as helpers know what is being done on the system and any time in order to best formulate a fix.Thank You ,thewall

10 more replies
Answer Match 42.84%

Help! My computer is infected! I ran Kaspersky full scan and it found the following, but is unable to get rid of them:virus HEUR:Trojan.Script.IframerTrojan program Exploit.JS.Pdfka.btaBelow is the hijack this log. It's also attached. Thanks!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:27:25 PM, on 3/29/2010Platform: Unknown Windows (WinNT 6.01.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeC:\Program Files\Acer\Acer ePower Management\ePowerTray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Apoint2K\Apoint.exeC:\Windows\PLFSetI.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Windows\system32\igfxsrvc.exeC:\Windows\system32\igfxext.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Apoint2K\Apntex.exeC:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exeC:\Program Files\uTorrent\uTorrent.exeC:\Windows\system3... Read more

A:Infection! Trojan.Script.Iframer, Trojan program Exploit.JS.Pdfka.bta

Help! My computer is infected! I ran Kaspersky full scan and it found the following, but is unable to get rid of it:Rootkit.win32.agent.bdkqBelow is the hijackthis log. Thanks!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:27:25 PM, on 3/29/2010Platform: Unknown Windows (WinNT 6.01.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeC:\Program Files\Acer\Acer ePower Management\ePowerTray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Apoint2K\Apoint.exeC:\Windows\PLFSetI.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Windows\system32\igfxsrvc.exeC:\Windows\system32\igfxext.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Apoint2K\Apntex.exeC:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exeC:\Program Files\uTorrent\uTorrent.exeC:\Windows\system32\conhost.exeC:\Program Files\TrendMicro\HiJackThi... Read more

18 more replies
Answer Match 42.42%

I scanned my box with BitDefender 8 and it showed that I had about 14 infected files or so. It showed up as Trojan.Qrap.B and Genpark:Trojan.SillyDi50760 . I tried removing/healing the infected files with BitDefender but it didn't work . I tried every other free AV but to no avail . I tried Kasperskys online scanning but it too long .... and i had to give it up at some point . Heres the log from DSS : Deckard's System Scanner v20071014.68Run by Administrator on 2008-04-28 10:50:55Computer is in Normal Mode.--------------------------------------------------------------------------------Percentage of Memory in Use: 76% (more than 75%).Total Physical Memory: 126 MiB (512 MiB recommended).-- HijackThis (run as Administrator.exe) ---------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:50:59 AM, on 4/28/2008Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:G:\WINDOWS\System32\smss.exeG:\WINDOWS\system32\csrss.exeG:\WINDOWS\system32\winlogon.exeG:\WINDOWS\system32\services.exeG:\WINDOWS\system32\lsass.exeG:\WINDOWS\system32\svchost.exeG:\WINDOWS\System32\svchost.exeG:\WINDOWS\System32\svchost.exeG:\WINDOWS\System32\svchost.exeG:\WINDOWS\system32\spoolsv.exeG:\WINDOWS\System32\alg.exeG:\WINDOWS\E... Read more

A:Trojan.qrap.b And Genpark:trojan.sillydi.50760 Infection

Hello pokemonDoomWelcome to the Bleeping Computer Malware Removal Forum, sorry about the delay, but the amount of people posting with infected computers is through the roof and sometimes we can't get to logs as fast as we would like to. You posted here for help with the same issue, the forums are so busy that we cannot afford to tie up two people helping one poster with the same problem, this is what you need to do, if you want to continue here thats fine but you need to let the other forum know your being helped here so they can close that thread, or vise versa.http://www.techsupportforum.com/security-c...di-50760-a.htmlIf you choose to continue here I need to see a complete Hijackthis log and also the Kaspersky log if you still have itDownload Trendmicros Hijackthis to your desktop.Double click it to installFollow the prompts and by default it will install in C:\Program Files\Trendmicro\Hijackthis\Highjackthis.exeOpen HJT Scan and Save a Log File, it will open in Notepad Go to Format and make sure Wordwrap is UncheckedGo to Edit> Select All.....Edit > Copy and Paste the new log into this thread by using the Post Reply and not start a New Thread.DO NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required.

2 more replies
Answer Match 42.42%

hi, I have a possible Rootkit Zero access virus that Malwarebytes is picking up as rootkit.0access It's also picking up a trojan.small and trojan.sifef . Malwarebytes hasn't been able to remove them after several scans, removals and reboots. Recently I have also experienced unwanted audio playing in the background on my computer.

I have run SpyBot and Malwarebytes. but the files remain after a reboot.

As requested in the preparation guide I have done the following:

CD Emulators disabled with DeFogger
DDS has been run and the .txt file is copied below Attach file is attached
Attempted to create a GMER Log but was unsuccessful. GMER ended in a stack dump on two occasions so I quit while I think I was ahead

Thanks in advance for your help on this! I work shifts, so I may not always get back immediately following your posts
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_27
Run by User at 20:48:59 on 2012-06-16
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3327.1760 [GMT -3:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012&... Read more

A:Possible rootkit.0access / trojan.small / trojan.sifef infection

download Farbar Recovery Scan Tool and save it to a flash drive.(you need the 32bit version)Plug the flashdrive into the infected PC.Enter System Recovery Options. To enter System Recovery Options from the Advanced Boot Options:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.Use the arrow keys to select the Repair your computer menu item.Choose your language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account and click Next.To enter System Recovery Options by using Windows installation disc:Insert the installation disc.Restart your computer.If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.Click Repair your computer.Choose your language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account an click Next.On the System Recovery Options menu you will get the following options:Startup RepairSystem RestoreWindows Complete PC RestoreWindows Memory Diagnostic ToolCommand Prompt[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe and press Enter Note: Replace letter e ... Read more

28 more replies
Answer Match 42.42%

Quick background - My young teenage son clicked on pop-up for Duck Hunt. He told me after he clicked popup he got message that "something" was being installed but he couldn't stop it. And now I am infected with some kind of virus.

I ran full scan on my McAfee, rebooted when it told me to and ended with the log showing following infections on my computer:

DNSCharger.r (Trojan); Generic FakeAlert.k (Trojan); FakeAlert-SpywareGuard.gen.b (Trojan). Major location of them appear to be in c:\windowns\system32 - with different dll files. There is also message about unwanted program (log's words) SetupGamevance[1].exe in Temp Internet files\Content.IES
(I'm not sure if you need the actual path but if so I can enter them). I just can't seem to copy and paste the info or print the log out.

All are showing in the log as "cannot be removed" except for the Gamvance which shows as "cannot be repaired" and McAfee did not or cannot quarantine them.

I know that at least one of them is trying to redirect me on google search. This is what clued me in to what happened, when I was looking for a site and it tried to tell me it was at a different address from what I remembered. I'm not sure what the others will do.

Is there something I can do to get these off my computer? Can some one help me?

I am running Windows XP Home Edition Version 2002 Service Pack 3. I have an Emachine T3104. Not sure what other info I need to ent... Read more

A:Infection - DNSCharger.r (Trojan), Generic FakeAlert.k (Trojan) and SetupGameVance.exe

Please download Malwarebytes Anti-Malware (v1.38) and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will... Read more

12 more replies
Answer Match 42.42%

PTTD: Post Traumatic Trojan Disorder
Several weeks ago, I got attacked after something slipped past resident McAfee. No popups, but my computer was running very slow, click on files would not open, running processes showed numerous host dll, internet restarts, and the cursor was always thinking and moving on its own. I ran several full scans (NOT in safe mode). MBAM found Trojan.generic, SAS found Trojan.fakeMS and clicker.FMS, Beta MBAR found Trojan.poweliks, McAfee nothing. My computer seems to be OK now, but I still think something is lurking with the refresh of paging while on the internet.
 
Just a few of many concerns: 
setbj in startup programs (disabled a year ago due to other event); don’t know how to delete it or if I should.
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
Regedit: Windows software entry with numbers and then data Houdsodu!Rdbtshux; not sure if I should delete the main entry.
Microsoft office14 (hijackthis log), which I don’t have.
 
I followed the prep guide before posting. I hope the page is not out of date (2005).
Backup of data
McAfee shows firewall enabled
 
My computer:
Microsoft Windows 7 Home Premium
Version 6.1.7601 Service Pack 1 Build 7601
LENOVO IdeaCentre K330B x64-based PC
Intel® Core™ i3-2120 CPU @ 3.30GHz, 3300 Mhz, 2 Core(s), 4 Logical Processor(s)
LENOVO DPKT21A, 8/8/2011
SMBIOS Version           ... Read more

A:PTTD after infection with Trojan.poweliks, Trojan.generic, fakeMS...

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download the version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.===Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.To attach a file select the "More Reply Option" and follow the instructions.Wait for further instructions.

17 more replies
Answer Match 42%

The windows containing the User Licence Agreement gets stuck. What might be the cause? Please help. Why does it happen often?

A:Not able to install after downloading Express Scrbe

Is that the XP version of Express Scribe?Always pop back and let us know the outcome - thanksmessage edited by Derek

2 more replies
Answer Match 42%

I seem to have an issue that is the reverse of what most people experience. I have seen this before in Windows Vista too. Here in South Africa bandwidth is expensive, so most of you guys overseas won't have noticed this probably:

I asked Windows 7 to 'check for updates' and it reported a KB971092 which is an update to Visual Studio 2008 installed on my PC. I saw that the KB was 350MB so instead of letting Windows Update download it for me, I decided to download it from the Microsoft Download Centre, so I could keep it in case I reinstalled my PC and wanted to use it again without downloading it over and over again, 350MB being huge.

The KB downloading fine and installed fine. It appears in the 'Installed Updates' window. After going online again, I used the 'check for updates' again, and the KB disappeared from the list of items I still needed to download. So far so good.

But my connection kept on being very busy, downloading heavily from the internet. I installed NetLimiter to check what application was so busy downloading, and an IP was returned to me, it being Microsoft's Windows Update server's IP. No other application was doing anything on the net, just Windows Update STILL downloading KB971092! I am sure what will happen is, it will download all 350MB again and only then check and see it is installed, and then ignore it, but this is wasting valuable bandwidth!

Is there a way that I can check which updates are currently being downloading in some folder or log... Read more

A:Windows Update downloading after install

In Vista and in Windows 7 you can choose to Hide that update so Windows Update will not download it or install it... This information came from Microsoft Support..


You can hide the update, and then Windows Update won't offer it to you again unless you choose to restore it. Here's how to hide an update:Open Windows Update by clicking the Start button . In the search box, type Update, and then, in the list of results, click Windows Update.
Do one of the following:Click the link that tells you important updates are available if you have important updates to hide.
Click the link that tells you optional updates are available if you have optional updates to hide.

Select any update that you want to hide, right-click it, and then click Hide update. Do this for each update you want to hide.
Click OK.

8 more replies
Answer Match 42%

Hi,

Any help would be greatly appreciated. I used a friends external hardrive which was infected and now my pc is infected as well as my flashdrive. In more detail this is what is said in AVG Anti-Spyware report :

C:\copy.exe - Infected with : Trojan.Copyself
C:\host.exe - Infected with : Dropper.Small.apl
The same applies to a host of other files....

Then another folder is infected with Trojan.Copier and another one that came up is Backdoor.Small.apl

Here is the HJT log :

Logfile of HijackThis v1.99.1
Scan saved at 12:31:11 PM, on 11/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Acer\Empowering Technology\eP... Read more

More replies
Answer Match 42%

Hi,

Yesterday I got virus warnings from AVG and Windows Defender. After running them, and Malwarebytes Anti-Malware, and ComboFix, I think I have cleaned them off. But I want to make sure. I would greatly appreciate any help and will make a donation if we can make sure I'm all clean.

The initial warning was for Trojan.Fakealert. Since then I have had detections of:
Trojan.Fakealert
Trojan.Agent
Trojan.Hanam
Adware.Minibug
Malware.Trace
Trojan.SHeur2.ANWV

Yesterday with repeated Malwarebytes scans in safe mode, and with ComboFix, I was able to get the system responsive again. Since then I have had detections of a trojan in a System Restore point (which I deleted) and in the Recycler (which I emptied).

Once again, some help reviewing logs to make sure I cleaned it off would be most appreciated!! My DDS logs are attached. I will check back frequently and provide any other info if needed.

DDS (Ver_09-06-26.01) - NTFSx86
Run by Steven at 17:36:04.03 on Wed 07/01/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.1008 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\s... Read more

A:Trojan.Fakealert and Trojan.Agent infection, hopefully almost cleaned

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 42%

Hey ,

I've recently gotten a trojan.vundo / Trojan.agent (are they the same thing?) infection, but I've managed to remove all but four of the infected files through MBAM.

Here's the log for MBAM:

Malwarebytes' Anti-Malware 1.33
Database version: 1691
Windows 5.1.2600 Service Pack 2

1/25/2009 12:13:36 AM
mbam-log-2009-01-25 (00-13-36).txt

Scan type: Quick Scan
Objects scanned: 57803
Time elapsed: 10 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 8
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 3
Files Infected: 8

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\xxyyxYQg.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ssqRHbXq.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a6b70589-057d-4dc5-a644-c4b5fbb1904d} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{a6b70589-057d-4dc5-a644-c4b5fbb1904d} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqrhbxq (Trojan.Vundo) -> Delete on reboot.
HKEY_L... Read more

A:Recent Trojan.Vundo/Trojan.Agent Infection

Hi My name is Extremeboy (or EB for short), and I will be helping you with your log.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.If you do not make a reply in 5 days, we will need to close your topic.You may want to keep the link to this topic in your favourites. Alternatively, you can click the button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.Please take note of some guidelines for this fix:Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.Even if things appear to be better, it might not mean we... Read more

25 more replies
Answer Match 42%

I am working on a Win XP SP3 Laptop and have had fake anti-virus infections over the last few months. MalwareBytes has helped me remove them by running in safe mode.After working for awhile, I will start to get repeated "Internet Explorer Cannot Display the Webpage" errors (using IE8). I have tried SuperAntiSpyware, MalwareBytes, SpyBot, and Ad-Aware.Even if they remove something, the problem returns. Ad-aware recently removed Trojan.1 and Trojan.Win32.Generic!BT. I think GMER removed a rootkit, but it closed before I could save the log and I reran it to produce this one.Thank you.Here are my DDS and GMER logs (attach.txt is attached)DDS.txt:DDS (Ver_10-03-17.01) - NTFSx86 Run by Peter at 22:39:38.31 on Fri 07/30/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.153 [GMT -5:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEsvchost.exeC:\Prog... Read more

A:Repeat Infection - Trojan.1 and Trojan.Win32.Generic!BT

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until ... Read more

12 more replies
Answer Match 42%

Hi guys

This is my first post so let me know if I miss anything out.

For the past few days, I have had a major virus and trojan infection on my laptop and have no idea how to get rid of it. First I used Norton 360 and it said the trojan was removed but I was still having the same problems as before. I then downloaded spy sweeper and it found the following viruses and malware on my PC:

Trojan Horse found: trojan-agent-tdss
Virus found: Mal/FakeAV-AX
Virus found: Mal/Behav-170
Virus found: Mal/Generic-A
Virus found: Mal/Behav-035
Virus found: Mal/Refpron-B
Virus found: Mal/HckPk-A
Trojan Horse found: trojan-pushu
Trojan Horse found: trojan-downloader-popwin
Virus found: W32/Scribble-B
Virus found: Mal/Scribble-D
Virus found: Mal/AutoInf-A

It quarantineed the files and deleted them, but the problems persist.

The problems are as follows:
internet explorer home page hijacked and the program keeps crashing
google hijacked so that search items will go to random sites about shopping etc.
It will not allow programs such as norton 360 to update and msn messenger can no longer connect to the internet
Anytime I try to go on a website about virus removal software it says the server cannot be found.

My laptop is a Toshiba Equium running on Windows Vista home premium Service Pack 2

Thanks in advance for your assistance
 

More replies
Answer Match 42%

Hi,

I've searched around a little, but couldn't find anything similar. I have a problem with a trojan infection that won't go away. The pop-up says "trojan-clicker.win32.tiny.h", "trojan-spy.html.bankfraud.dq" and some other things. I've searched around, and it seems not to be dangerous, but it's annoying as hell. I've tried Ad-Aware, Spy-Bot, AVG and Mal-Ware, and it detects it, removes some of it, but it returns after next reboot.

Can you please help me delete it?

This is my HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:51:44, on 19.10.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Progra... Read more

More replies
Answer Match 42%

I tried downloading ComboFix twice and BT Net Protect Plus/McAfee stated the quarantine of Trojan Artemis!4611BC286A01. The download failed. IS this software ok?

A:Downloading ComboFix 14.2.5.2 McAfee Trojan quarantined

This is a false positive by the anti-virus. Combofix is not malware. However, certain embedded files that are part of legitimate programs or specialized fix tools such as Combofix may at times be detected by some anti-virus and anti-malware scanners as suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not the case. This occurs for a variety of reasons to include the tool's compiler, the files it uses, whether files are compressed or packed, what behavior (routines, scripts, etc) it performs, any registry strings it may contain and the type of security engine that was used during the scan. Other legitimate files which may be obfuscated, encrypted or password protected in order to conceal itself so they do not allow access for scanning but often trigger alerts by anti-virus software. For example, Catchme is a rootkit scanner that detects userland rootkits and is incorporated with some specialized fix tools like Combofix and GMER.When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. Compressed and packed files in particular are often flagged as suspicious by security software because they have difficulty reading what is inside them. These detections do not necessarily mean the file is malicious or a bad program. It means it has the potential for being misused by ... Read more

2 more replies
Answer Match 42%

I had a major issue with a trojan spy earlier today and now about 5 hours after it first began I would have to say that I manually removed almost all the infection from my system. I just have to run another virus scan when I manage to get a anti virus app installed again. It disabled my other app then I had to install another anti virus application, then it disabled that one too. I was in the process of trying to remove malicious software and everytime i tried to delete one of them it shut my comp off. So I had to go the long way about it.....its a lot better now than what is was before this happened. But still is a little slow besides I have disable startup items in msconfig. When I try to reenable them, my comp is still slow but not really bad. To finish what i started i ran a scan after i downloaded hijack this. I have heard of it before but have never used it. Anyway here is my log from hijack this. Can you help me I'm not sure about this log file.Logfile of HijackThis v1.99.1Scan saved at 11:08:51 PM, on 1/7/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\WINDOWS\sys... Read more

A:Trojan Infection And Malware Infection

Hello Jenna, A tip of the hat to noahdfear for this fix. Print out these instructions as we will need to shutdown every window that is open later in the fix.Download SmitRem and save the file to your desktop. Double click on smitRem.exe and then click on Start. When it is done, click on the OK button. You should now have a folder called smitRem on your desktop.Next, please reboot your computer in SafeMode by doing the following:Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, press F8.Instead of Windows loading as normal, a menu should appearSelect the first option, to run Windows in Safe Mode.When your computer has started in safe mode and you see the desktop, close all open Windows.Open the smitRem folder on your desktop and double click the RunThis.bat file to start the tool.Follow the prompts on screen and wait for the tool to complete and disk cleanup to finish.When the tool is finished, it will will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or the partition where your operating system is installed. Examining that log should show that the infection was cleaned.Reboot your computer back to normal mode.Click on the Start button, then click on All Programs (or Programs), and then locate the SpywareStrike folder and right-click on it. Select the option to delete that folder. C:\DOCUME~1\Jay\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\... Read more

2 more replies
Answer Match 41.58%

All the security updates are downloaded on my computer but I cannot install them. I believe I am missing an wupdt (sic) file but I am not sure. I de-installed and reinstalled my xp professional program, but that did not help. I've tried countless hours trying to get help from Microsoft to no avail. Can you please help. Thank you very much.
 

More replies
Answer Match 41.58%

Why does my Windows 10 PC keep downloading updates and then failing to install, every day for weeks now it downloads updates and then fails to install

More replies
Answer Match 41.58%

I first noticed a problem when I saw my firewall go off and then My update detection for Windows XP was shut off. Right after that AVG said it found a trojan and I told it to vault it ot something along those lines. After that I noticed I had a I.E. window up when i Haven't opened it in months since i use firefox. Well When i brought it up It came up with a blue screen, which is all I can remember, and it said it was downloading a Anti-virus. I don't rememeber the name of the anti-virus it says it was putting down I freaked and turned off my computer. When I rebooted my computer I scanned with both Spybot and AVG. AVG kept alerting me of the trojan but when it did a official scan It found abosolutly nothing. Spybot found a few things about trojans but didn't do all that much to remove them. So after that I basically searched online for a solution but then I started getting popups especially when I changed the page on google. One of the pop-ups in the webpage link had trojan in it.

So now I'm kinda stuck, I tried downloading that HJT so I can show my log but it told me:
"C:\Document and settings\KELLY\Desktop\HJTsetup.exe is not a valid Win32 application"
I Keep trying again but I get the same message.
So I'm sorry I can't show my log but if someone could still help me that would be nice.
 

A:Trojan Horse downloading as a protector and now giving popups

I still currently can't download the HJT log so i'm wondering if my computer should be restarted.

But avg has scanned for a 2nd time while I was asleep and found 2 things, and put them in the vault .
Here's whats in there:
(There were found in C:\WINDOWS\ststem32\ area)
Trojan horse SHeur.KZU
Trojan horse SHeur2.KZU
Trojan horse Generic12.BABB
Trojan horse Generic12.BAAZ
Trojan horse SHeur2.KZU
Trojan horse Generic12.AYYR
(Found in C:\System Volume Information\_restore{)
Trojan horseSHeur2.KZU
Trojan horse Generic12.AYYR
 

2 more replies
Answer Match 41.58%

Hi Everybody!

I am going through freaking problem. Whenever I open internet explorer or Firefox browser I always get the warning message from Kaspersky Internet security that browser is attempting to download the trojan.

I thorough checked my system through scanning and trojan remover program but could not find anything.

Below link is about the image of the warning message I get.
 kaspersky_warning.bmp   131.89KB
  20 downloads

Please help me.

Regards

A:Internet Browser Diverting To Trojan Downloading Site

Hello amitesh8,I would first run some online AV scanshttp://housecall.trendmicro.com/uk/http://www.eset.com/onlinescan/If the problem still remains then you should follow the instructions http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

1 more replies
Answer Match 41.16%

Hi,I am running xp pro with CA anti virus, a d link router with firewall and ad aware SE all installed. I keep getting popups telling me that my AV is ourt of date ( which it isn't) and also loads of other popups about system problems that dont exist. my anti Virus does keep detecting and deleting trojans, but they keep comming back again. I have gone through all the steps you suggest before sending this in, as well as running "combofix" and "vundofix" but the problem just keeps recurring. I have appended both the hijack this and the combofix logs below, I can only hope they mean more to you than they do to me lol.can you help me please?many thanks in antisipationRonLogfile of Trend Micro HijackThis v2.0.2Scan saved at 12:21:27, on 14/01/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:F:\WINDOWS\System32\smss.exeF:\WINDOWS\system32\winlogon.exeF:\WINDOWS\system32\services.exeF:\WINDOWS\system32\lsass.exeF:\WINDOWS\system32\svchost.exeF:\WINDOWS\System32\svchost.exeF:\WINDOWS\system32\spoolsv.exeF:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exeF:\Program Files\Kontiki\KService.exeF:\WINDOWS\System32\svchost.exeF:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exeF... Read more

A:Errsowl.c Trojan And Vundo Trojan Infection?

Welcome to the BleepingComputer HijackThis Logs and Analysis forum. My name is Richie and i'll be helping you to fix your problems.Apologies for the late response,as i'm sure you can appreciate we are extremely busy.If you've already recieved help at another forum and your issues have been resolved,or you're presently recieving help elsewhere then please let us know.If you have not followed the info in the link below prior to posting your log then please do so now:Preparation Guide for use before posting a HijackThis Log:http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/If you still require help,please post a new Hijackthis log into this topic in your next reply.Also post a detailed description of the issues you're experiencing.*Note*Post all reports/logs directly into this topic,not as attachments,thanks.

11 more replies
Answer Match 41.16%
Answer Match 41.16%

Eset identifies the following threat:
Object: C:\WINDOWS\SYSTEM32\SERVICES.EXE
Threat: Win64/Patched.B.Gen trojan

I've tried Malware Bytes a few times and it identifies Rootkit.0Access but even after rebooting the problem returns.

Eset has also flagged the sirefef.al trojan.

Please note I'm corresponding with you on a different computer, but I have network access to the infected computer and am able to copy log files and software tools back and forth. Your help is greatly appreciated!

The DDS.txt log is here:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Owner at 13:20:06 on 2012-07-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.6250 [GMT -7:00]
.
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvc... Read more

A:Patched.B.Gen trojan & sirefef.al trojan infection

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems. I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At... Read more

18 more replies
Answer Match 41.16%

Have picked up a malware problem that is causing IE/Firefox to randomly redirect pages from search engine results page. Redirects occur both out of Yahoo and Google results. Pages are randomly redirected to sites like Toseeka, Shopzilla, Wesearchmaster, etc. Redirect from Google search results seems to occur after browser connects with "googleads.gdoubleclick.net" Tried many Spyware programs including Sbybot & SuperAntiSpyware. Finally, Malwarebytes found and removed Trojan.Agent and Trojan.Vundo but redirect problem persists.Log file of HijackThis follows:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:26:38 PM, on 3/23/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16791)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\agrsmsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\Program Files&#... Read more

A:Trojan.Agent & Trojan.Vundo Infection

Hi,

I will handle your log. As I am in training, all my fixes have to be checked.
I'll get back to you as soon as is possible.

24 more replies
Answer Match 41.16%

Hi, I'm new to this site, but it looked like good advice was given to others with the same problem I'm having. My computer is infected with Trojan.Vundo.H and Trojan.Agent Virus. Here is a list of the anti-virus programs that I ran:
Norton Anti-Virus
Ad-Aware
Threat Fire
F Secure
Bitdefender
Eset
Malwarebytes
SuperAntispyware

Malwarebytes & SuperAntispyware detected more infected files but they reappear after rebooting. I also keep getting the pop-up that Norton has removed Trojan.Adclicker after every reboot.

Here is my Hijack This Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:09:17 PM, on 10/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\svchost.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WI... Read more

A:Trojan.Vundo.H & Trojan.Agent Infection

Since I've posted the thread. I downloaded Zone Alarm in hopes that would help against further infection. I also downloaded Comobfix, but I didn't do anything with it since it's advised not to do anything without supervision. I get a warranty disclaimer error message when it tries to open. I'm using Windows XP/SP2. I'm just hoping I don't have a backdoor Trojan. Does anyone out there think they'll be able to help?
 

1 more replies
Answer Match 41.16%

When I type a search into a search engine (it doesn't seem to matter which one, i.e., AT&T, Google), a description of an appropriate match for that search term shows up. However the actual address is an advertising address such as monstermarketplace.com, airplat.com, info.com, moxiesearch.com, couponmountain.com. When I click the description, the browser takes me to the advertising destination. The spy sweeper recently found 2 trojans (ldpinch trojan and trojan.gen) which it quarantined, but the problem keeps occurring. I have run 2 virus scans (Computer Associates and McAfee) and Webroot Spysweeper which has supposedly quaratined the infection, but the problem with the search engine continues. When multiple pages of search results appear, pages past the 1st or 2nd will appear with the correct links. Thanks you so much for volunteering your time and energy to help me with this problem. Here is the DDS scan log:DDS (Version 1.1.0) - NTFSx86 Run by HP_Administrator at 15:24:16.51 on Sat 01/03/2009Internet Explorer: 7.0.5730.13Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.311 [GMT -6:00]AV: Norton Internet Security *On-access scanning enabled* (Outdated)AV: McAfee VirusScan *On-access scanning enabled* (Updated)FW: Webroot Internet Security Essentials *disabled*FW: McAfee Personal Firewall *enabled*FW: Norton Internet Security *enabled*============== Running Processes ===============C:\Program Files\Webroot\Spy Sweeper\WRConsumerSe... Read more

A:trojan.gen and ldpinch trojan recent infection

Howdy, my name is Hoov, and I will be helping you with your dilemma.Please make sure you watch this thread for responses. If you click the options tab at the top of your first post, you can select to track this thread. Here is what I am asking you to do during the repair of your computer*Tell me everything that you have done, if anything, to try and fix this problem.*Please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.*Follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go. Don't install anything, even other programs that have nothing to do with security or malware, it could cause things to change, and I would never know it. *Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try. *Stick with me to the end. My aim is to fix your problems, and give you the tools and knowledge to keep this from happening again.Now onto trying to fix your computer. Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes t... Read more

3 more replies
Answer Match 41.16%

Last week I noticed that my cooling fan was running very loudly.  I was concerned that my system would overheat and the computer would stop working permanently.
 
I opened up Task Manager and noticed there were many instances of dllhost.exe *32 running, which was taking up all the CPU power.  I did some further research on the subject and found out that my computer may be infected with two Trojans associated with this:  Trojan.Powelik and Trojan.Adclicker.  I found nothing out of the ordinary after running Norton Power Eraser and a full scan using Norton 360, but while running Malwarebytes I found someone - or something - attempting to gain access through 2 IP addresses:
 
95.215.1.57 and 31.184.192.90.
 
I have blocked both addresses.  Yesterday, Norton found, quarantined and deleted two tmp files associated with Trojan.Powelik:
 
00014365.tmp
00010890.tmp
 
Again, I ran a full scan, Power Eraser and Malwarebytes and thought everything to be normal, but the dllhost.exe *32 issue popped up again last night, making me think that the Trojans are still in the system somewhere.
 
I'd like to get rid of this issue for good, as this computer is one of my main means of communication.
 
Thanks for reading.

A:Trojan.Powelik and Trojan.Adclicker infection

Hi & to Bleeping Computer Forums!My name is Jürgen and I will be assisting you with your Malware related problems.Before we move on, please read the following points carefully: My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.If I don't reply within 24 hours please PM me!Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.Step 1Please run a FRST scan. This will help us diagnose your problem.Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, d... Read more

23 more replies
Answer Match 41.16%

I was recommended to post hereThunderZ from the Am I infected forum helped me out a "bunch" and sent me here Topic referenced is here: http://www.bleepingcomputer.com/forums/t/276314/xp-pro-desktop-wont-load/ ~ OBOriginal Post:My laptop will not load the desktop - running Xp Pro Service Pack 3, HP Pavilion dv8000When I start it up it goes through the regular process, reaches the log on screen, after entering password it says it is loading personal settings but only the wallpaper screen showsNo icons, no task bar, no startup programs showingI have tried to open Task Manager but when I enter CTRL+ALT+DEL the Window Security box where you select Task Manager comes up, but when I select Task Manager this box disappears and it doesn't take me to Task Manager. It just stays on the wallpaper screenLet me know if there is any other way to get task manager to open.I have tried going back to a couple of prior restore points, but still same problemSafe mode starts up fine, but i am not real sure of what to try from here to fix problemAny help would be appreciatedHe had me run SuperAntiSpyware and Malwarebytes Anti-malware.It now seems to be starting up ok, but he recommended I still come here to make sure I am 100% cleanDDS logDDS (Ver_09-12-01.01) - NTFSx86 Run by Ron at 10:18:06.26 on 12/06/09Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.292 [GMT -8:00]AV: avast! antivirus 4.8.1356 [VPS 091204-0] *On-acces... Read more

A:(Trojan.Crypt)-(Trojan.Zlob) - Possible infection

Hi,My name is Extremeboy (or EB for short), and I will be helping you with your log.We apologize for the delay of response. If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a RootRepeal log and a description of any remaining problems or symptoms you may still have please.If for any reason you did not post a DDS log or RootRepeal log please refer to this page and in step #6 and Step #7 for further instructions on downloading and running DDS & RootRepeal. If you have any problems just let me know in your next reply or simply post a Hijackthis log.For your next reply I would like to see:-The DDS logs---DDS.txt and Attach logs-RootRepeal logs-Description of any remaining problems you may still have.Thanks again and we apologize for the delay.With Regards,Extremeboy

8 more replies
Answer Match 41.16%

Hey Guys, Thanks for your help.

I got this laptop because normal windows would not boot up, it only boots up in safemode and has internet connectivity using safemode with networking.

With Eset online scanner I removed a cryptic trojan variant and a downloader variant.

Then I ran a combofix- it said I have zeroaccess virus.. -- I was not able to run it on restart because of the boot up problems

Though I am able to get online.

other background info: because I was first chasing the Windows update error 0x8007043c - I had remove the other 2 virus scanners thinking the conflict between AVG and Mcafee was causing Windows to not start in normal mode.

Where do we get started?

HP Pavilion laptop
Windows Vista - SP1
Malware Malbytes installed as well

A:Infection: trojan - trojan downloader and zeroaccess

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

2 more replies
Answer Match 41.16%

Just did a clean install of Win 7 SP1 and started windows update- but it just hangs there- with the green light going across the screen- i know this happened when I had win7 before i upgraded to 10. Did MS change the way they do this? In the past- when I would restart the computer it would say-Don't turn of your computer- windows is installing updates- What's going on?

A:Windows update not downloading updates- clean install Win 7

Try again, please.
 
What version of IE is installed?
 
Louis

9 more replies
Answer Match 41.16%

Did a clean install of Win 8.1 Pro x64 on a desktop i7-2660K machine a week ago. Since then, there's been a problem that didn't exist before the clean install, namely web page loading is very slow while downloading large files, a few hundred mb to a few gb. Pause the downloads and pages load normally. Before the install, the page file was set to system managed size. System drive is fast Plextor SSD and RAM is 16gb. I've now tried 32gb max and still slowness. Not sure where to turn on this. This is a relatively fast cable system (Charter), with line to the computer through an Linksys E1200 router (for wireless laptop). Any ideas? One thing I hadn't done yet is reinstall the router on the desktop, but I just did that and it makes no difference. Is that necessary? Thanks,

A:Slow web when downloading large files after clean install

I'm interested in any responses to this as well, because in my opinion Microsoft screwed it up.

I'm not sure when they changed it, but I noticed they changed this quite a while back. The change they made seems to give full bandwidth to the first thing you start downloading, but as you've discovered it's a nightmare like this because it means you can't do anything internet related until the download has finished. In the case of a large download, that's frustratingly limiting.

How it was before, Windows seemed to balance the load so you could have something downloading in the background, but still carry on with other things on the internet. How it is now, the second thing you try to access on the internet will usually result in a timed out error and if doesn't it's so incredibly slow that it's unusable.

It's not just with file downloads either, if you've got a heavy loading webpage, you can't just leave it loading that page and go view another webpage, because the first webpage sucks all the bandwidth to itself . Also, if you click a link on a heavy loading webpage, it won't do anything due to the webpage sucking all the bandwidth. So you either have to wait for the whole page to load first, or you have to open the link in a new tab, then close the heavy loading webpage tab.

I don't know what they were thinking to be honest because it's pretty bad as it is now. Maybe on a super-fast Microsoft LAN they don't notice how bad it is, but in the real world the changes t... Read more

30 more replies
Answer Match 41.16%

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:26:14, on 6/10/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16640)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\WatchGuard\Mobile User VPN\IreIKE.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\CA\BrightStor ARCserve Backup for Laptops & Desktops\Client\ScheduleSrvc.exeC:\Program Files\CA\SharedComponents\CAM\bin\cam.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exec:\dbssys\DBSNTS.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\Program Files\CA\SharedComponents\DesktopCommonServices\DMPrimer\dmprimer.exeC:\WINDOWS\system32\DVDRAMSV.exeC:\Program Files\WatchGuard\Mobile User VPN\IPSecMon.exeC:\Program Files\LogMeIn\x86\RaMaint.exeC:\Program Files\CA\BrightStor ARCserve Backup for Laptops & Desktops\Client\BAOF\Ofan... Read more

A:Trojan / Malware Problem (possibly Duped Into Downloading A Codec)

Hi and Welcome to the forums.Duped Into Downloading A Codec huh...I like that. You should make a copy of your Hosts file,its looks to be customized.Download ComboFix from Here or Here to your Desktop.Double click combofix.exe and follow the prompts.When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next replyNote: Do not mouseclick combofix's window while its running. That may cause it to stallComboFix will usually replace the Hosts file in cases as such,I cant atest that it does it every single time but it would be in your best interst to check it after each usage of ComboFix.After ComboFix has finished and you have posted that log,follow the instructions below to download,install and run SDFix in Safe Mode.http://www.bleepingcomputer.com/forums/t/131299/how-to-use-sdfix/Post that log when completed,please.

6 more replies
Answer Match 40.74%

Please help me! My Norton antivirus keeps popping up with notifications for trojan.gen, trojan.gen.2 and trojan.zeroaccess. The computer is almost un-useable right now with all the pop-ups.

I am running windows XP 32bit

Thanks in advance!

A:trojan.gen, trojan.gen.2, and trojan.zeroaccess infection

Hello, I moved this to the Am I Infected forum for now.. Please click Start > Run, type inetcpl.cpl in the runbox and press enter.Click the Connections tab and click the LAN settings option.Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.[/b] and click on Run as Administrator.Reboot into Safe Mode with Networking How to enter safe mode(XP/Vista)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. >>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.Run RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
... Read more

13 more replies
Answer Match 40.74%

I cannot see my destop items. I can only see the taskbar. At one point i had WIndows Police Pro and it wouldn't let me run task manager. I fixed that thru this site, but now cannot run Malwarebytes. I get warnings saying my computer is infected constantly from the toolbar and Security Tool and Anti Virus 2010 is still installed on here. Here is the DDS log.

DDS (Ver_09-10-13.01) - NTFSx86
Run by Brad Hanson at 22:45:48.62 on Sat 10/17/2009
Internet Explorer: 8.0.6001.18372
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.413 [GMT -5:00]

AV: Norton AntiVirus *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program File... Read more

A:Security Tool won't leave! .exe's not downloading, malwarebytes will install but not run- errors.

Hi, welcome to the BC Forums. My username is Raktor, and I would be glad to take a look at your log.Please be advised, as I am still in training, all my replies to you will be checked for accuracy by one of our experts to ensure that I am giving you the best possible advice.This may cause a delay, but I will do my best to keep it as short as possible.I will be back to you shortly with instructions.

12 more replies
Answer Match 40.32%

It has ran for 2 hrs. and nothing. SURT has ran for hrs. also, but it's not going to find any updates.
I ran SFC and it found nothing wrong.
I have gotten no error codes.
I am attaching the CBS.zip and the windowsupdate log.zip.
The last couple lines in the update log go on for hundreds of lines to the end so. I deleted them.
This is a clean install of Windows Home Premium 64 bit on a Inspiron 1525.
Everything works great except Windows Update.
I hope someone can figure out from the logs what the problem is.

A:Clean install 7 home premium,windows update not downloading, no error

I'm no Windows 7 Update expert but I did take a look at your logs. I think added information would be help full.

Make sure you complete this tutorial completely.

I believe this tutorial completed would also be helpful.

Windows Update Posting Instructions

Also complete this tutorial and post the log here.

Windows Genuine and Activation Issue Posting Instructions

2 more replies
Answer Match 39.9%

I have Windows Vista, and i just found out my Spy Sweeper has quarantined Trojan.gen and Trojan-Agent.gen. Although they are quarantined, should i need to worry about them?? Should i delete? [It does not say what file they are in or have infected, just under quarantine list] I don't want to delete and find out that it infected a file i need.

Any help??

A:Trojan.gen And Trojan-agent.gen Infection

Eehm,hello? If it quarantined, then file(s) was lockdown..NO access..They are moved,quarantined,password-protected - if some AV's scan pc they dont found virus...So dont worry.Of course you can delete it by remove button

2 more replies
Answer Match 39.9%

Hello kind volunteers!

I think I have a trojan on one of our office laptops. Searches are redirecting, and occasionally a box pops up asking for a network password for no apparent reason. Norton picked up something, but apparently didn't kill all of it. MalwareBytes said it fixed some issues, but on restart it still shows an infected registry key, and the searches are still redirecting.

Thanks for any help you can provide!

Here is the DDS log (other log and GMER log are attached):

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Run by Raj at 13:10:23 on 2011-08-03
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.658 [GMT -5:00]
.
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Progra... Read more

A:trojan infection? (.fsharproj (Trojan.BHO) )

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

12 more replies
Answer Match 39.9%

I've been attempting to remove the Trojan.Vundo.H infection from a friend's computer for a while now, with no success. I've run Combofix, and have the log files which I will post below.Here is the DDS.txt log file:DDS (Ver_09-05-14.01) - NTFSx86 Run by Owner at 10:28:31.01 on Sat 05/16/2009Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.590 [GMT -5:00]AV: avast! antivirus 4.8.1335 [VPS 090515-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYSC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\WINDOWS\system32\dllh... Read more

A:Trojan.Vundo.H/Trojan.BHO.H infection

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_Sca... Read more

2 more replies
Answer Match 38.64%

Hi,
Recently I have been infected with a Trojan that others here seem to have been struggling with too. I realized something was wrong immediately and soon found the folder Google/Desktop/Install….. and tried to delete it. Anyway I tried to delete it and scan it many different ways for days until I read some of the other forum posts on this website. The first two times ComboFix didn’t work, but when I ran it in safe mode it finally got the Google file! Anyway, I thought things were finally over, but then Symantec Antivirus popped up again with similar warnings about the same Trojans. This time found only under C:\Users\Sean\AppData\Local\Temp\ and I went to this file and did see many files appearing and then disappearing with filenames such as DWH6F74.tmp; I’m assuming they were disappearing as they were being quarantined. Anyways, I was hoping for help discovering the rest of this infection, as I have been working for days and have no idea anymore. Thanks in advance for your time and help!
 
Here is my DDS log:
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686
Run by Sean at 19:06:17 on 2013-09-22
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8082.4898 [GMT -7:00]
.
AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Panda Antivirus Pro 2014 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Antivirus Pro 2014 *Enabled/Updated* {3DF6F564-BFB3... Read more

A:ZeroAccess.C, Trojan.Gen.2, and Trojan.Gen.3 -- Google/Desktop/Install

please post the ComboFix log for me to review,Please run the following:Please download Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

17 more replies
Answer Match 38.64%

I just build my own comp and I put in the xp 64 bit edition disk, it came up on the screen, I choose the unpartitioned space and formatted/installed windows into it. It says setup will continue after restarting, so it restarts, but then when it comes back up its back at the beginning of setup again, i've reinstalled it 3 times now, but I cant get to the screen where you select options etc...

I believe this maybe be a problem with my Bios, because it always says "Boot from CD: " then starts up installation. When I take out the cd, it says that and doesn't do anything at all. I'm stuck in a loop here. Please help!
 

More replies
Answer Match 38.64%

lately everything from aim mail to comcast shows a error saying

Firefox can't establish a connection to the server at

and i don't know what it is.
i know my internet is working and i know the sites working and i took down all my firewalls.

and other idea on what it could be?
 

A:Not letting me on

12 more replies
Answer Match 38.64%

I was recently on my windows 7 xp, when out of no where a letter pops up telling me I have low memory and that I should close all my tabs. I did so, and nothing happened! I began deleting lots of pictures and so on. I checked my laptops status and the bar was blue saying I had a good amount of gbs left.i tried restarting my computer and so, the worst thing is. I can't even get onto the Internet. Google chromes tab doesn't open only Internet explorer does and only for 5 ,minutes before another pop up shows that I need to close the tabs. Then my sound stops working, my speakers work fine because, when I pull out my charger it makes a beep and that sound must come from the speakers. Please help! it is very upsetting and really starting to get annoying! I can't download the new version of adobe so that unable me to watch videos and so on. Please help!
 

A:low RAM, not letting me do anything!

11 more replies
Answer Match 38.64%

hi
i wonder if anyone could shed light on my problem, my browser, firefox 2, won't connect to any web site with the , .co.uk, domain. it has just started doing this tonight, .com etc are all ok.
celron 2.7
win xp
256 mb
pac bel laptop
 

A:not letting me into.co.uk

7 more replies
Answer Match 38.64%

Alright, So what's happening is my mums computer's mobo went and it has tons of pictures on it so I hooked it up to my build and it boots to the login screen my Keyboard and mouse work in my Bios but they go "dead" in the login screen What to do?
 

A:Win XP not letting me use USB

No sensible detail in your question. Which PC is the XP one, and what OS is the other? When you 'hooked it up' what do you mean? USB attached drive, drive direct to motherboard or what? If you have directly connected the old HDD to your m/b, have you disconnected your own HDD, or not? I dont yet understand why it would boot to the login screen - you dont want that to happen, and when it doesnt you will be fine.
 

2 more replies
Answer Match 38.22%

Recently when I tried running the setup for a couple game demos I downloaded I got an error message saying it wasn't validated as a win32 app. Hope thats enough info, Im new to vista so this might be a simple problem.

thx
 

More replies
Answer Match 38.22%

Hey!
I want to be able to use two screens in stretch (DualView) mode. When installing a new driver everything works out fine, and I can use both screens as I want them. But after every driver install you have to remember to turn SLI back on (its disables when a new driver is installed), so I turned it back on, and then my option of running two screens dissapeared. If I turn SLI back off again, the option reappers....???

WHat can I do about this?
Anybody else having/used to have these problems?

Thank you very much
 

A:SLI not letting me use my two screens!

I think that's normal operation isn't it? There may be or could be a driver written to cover stretch mode it seems like but since that's not the purpose of SLI maybe no one bothers? Or maybe there's some other function of SLI that precludes using two monitors.

I've seen a possible solution to run two monitors with SLI enabled involving a third pci video card that is not the same make as the SLI cards so the SLI driver can't take control of it and disable output.
 

1 more replies
Answer Match 38.22%

My laptop wont let me delete any files at all not pictures music anything, how do i get it to delete things
 

A:Not Letting Me Delete

Try giving a bit more information. Where are the files that you try to delete, how are you trying to do so and what (if any) messages you get.

Also, you can always try to disable UAC (Control Panel\User Accounts and Family Safety\User Accounts --> Turn User Account Control On or Off).
 

1 more replies
Answer Match 38.22%

I am working on a friends laptop that boots up, but then the screen goes blank and won't let us in the OS. I am sure this is a virus. This happened a few weeks ago and I was able to finally get in and run Windows Security Essentials. But he just called and said it is doing the same thing again. any ideas on what kind of virus this is and how to remove it from the PC? Or will I have to simply clear the HDD and reload everything?

I found software called ComboFix. Any ideas on how well this works?

Thanks

A:A virus not letting me in

Hi first don't use combofix you need to be guided when using it or you can brick a system,next did you try running a start up repair as some issue with the mbr or os corruption can cause a similar issue, if your certain about a infection please follow the instructions here NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum
then make a new thread in the virus,trojan and malware section with the ifno you can gather if your unable to complete any of the steps I would reinstall the os

2 more replies
Answer Match 38.22%

Ran Malwarebytes, AVG, avast and vundofix and nothing works. Now I can't logon to the computer. It will take me to the user selection screen (which it never did before) and when I chose the one and only user, it will say "loading settings" then will immediately say"logging off". There must be something in my operating system. Please help!!!

A:Virus not letting me log on

the user selection screen ....... when I chose the one and only user, it will say "loading settings" then will immediately say"logging off".You are experiencing what is commonly called the Logon/Logoff Loop, usually induced by an anti-malware program removing an infected but necessary Windows system file.The procedure at the following link will most likely get your system back up and running again ...Fix Windows XP Logon/Logoff Loop ..... thinkinginpixelshttp://thinkinginpixels.com/quick-fixes/fi...onlog-off-loop/Good luck.

5 more replies
Answer Match 38.22%

Hello I know a lot of you are gonna think that it is an easy fix, but it seems that my problem is a little more complicated than others. First off I have a acer laptop with specs as follows.. Vista 32bit home premium..intel dual core 2.0...3 gb ddr2....320gb hard drive....the acer model - aspire 4730Z...

Ok so I have tried to fix this problem many times and none have worked including this site.. The User Profile Service failed the logon. User profile cannot be loaded.... Im having that same problem where i cant logon ... The guest account is disabled and the admin account is disabled... When i try booting in safe mode it gives me this error...the user profile service failed the logon.
the remote procedure call failed and did not execute.. I googled that and nothing came back... I let it sit in that screen for a minute the computer rebooted and i tried to login again and it gave me this error...the user profile service failed the logon.
the server endpoint cannot perform the operation... I know a little bit more than average about computers.. this one is actually my friends he wanted me to fix for him... So any help will be appreciated because I think i have tried everything and im lost... Thanx so much.

A:System not letting me log on.

Hello Christian, and welcome to Vista Forums.

Have you already tried the items in the yellow tip box at the top of that link in the tutorial?

8 more replies
Answer Match 38.22%

I have the newest version of AIM installed, ver.7.3, and XP w/ SP3 installed. Everything was working perfectly up till a couple days ago. Now I have no clue how to fix it! It will sign me in and display my buddy list, but it won't even let me click on a person to chat with! Even if I do manage to, I can't type.
There are black corners to all boxes in the frame...Also, I was trying out AIM Express, and it worked the first couple of times just perfectly, but now everytime I sign in, a second later it freezes my Firefox and causes excessive memory leakage! I mean, 170k and up sometimes. I end up having to restart it...It too is the newest version, 3.6.8 and everything is perfect. Any help would be greatly appreciated. Thank you.

A:My AIM isn't letting me type...and more

Remove both versions completely and all their registry keys if you can find them. (Keep the logs if you want) Then I'd say reinstall them, if that doesn't work try a program like Pidgin or an older version of AIM. You may find more support on the AOL website.

1 more replies