Tech Problem Aggregator

I have caught a virus that locks my desktop with a web page

Q: I have caught a virus that locks my desktop with a web page

I have caught a virus that locks my desktop with a web page or impostor that threatens me to pay otherwise my machine will be locked. I cant open task manager or anything, i even try to open windows as safe mode. Don't work.
 
What can i do
 
Thanks in advance
 
NB: The infection seems to be a ransomware with name : Rogue Antispy-AH
 
From a live cd i run ROguekiller. It seems to clean it but another scan by this tool get me a folder not found error in iexplore /shell/
 
 
Update: I finally manage to clean the ransomware buy using rootkiller in Safe mode. Before my first usage of Roguekiller the block existed in the safe mode too.
Thanks anyway. I would write here for people who will suffer the same fate.

More replies
Answer Match 67.62%

Hello
I have an HP desktop that runs Windows 7. It is infected with various viruses and malware.
I had Norton installed until about a week ago (it expired), but it didn't really help me. I recently
found out that in spite of being declared clean, this computer and the USB drives that I back up
to are infected. When I tried to use some files I copied from C: to a USB on another computer,
I got an error message for the USB when it was inserted stating that it was infected and it listed
all of the infected files. Also I notice that Google search now only works some of the time. It is
my default homepage. The computer stalls and takes forever to browse a web page sometimes.
Until recently, if I was not constantly using it, like if I stopped typing for a few minutes, it would
lock up and I would have to reboot to get it going again.

Can you recommend a software for my home PC that will check the USB drives for viruses when
they are inserted in addition to protecting the hard drives.

Thanks very much for any assistance that you can give.

Here is my system info:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 2
RAM: 6050 Mb
Graphics Card: Intel(R) HD Graphics Family, -1262 Mb
Hard Drives: C: Total - 941879 MB, Free - 857139 MB; D: Total - 11886 MB, Free - 1455 MB;
Motherboard: PEGATRON CORPORATION,... Read more

A:Desktop infected with malware; locks up; disables web page

Also, this keeps showing up. Not sure why. I bought a legal copy from the
Norton website.

 

1 more replies
Answer Match 65.52%

I uninstalled adobe reader and reinstalled it, now computer locks up after desktop loads and goes to a blue screen error message. I can get to safe mode but can not uninstall adobe reader.
 

A:Home page loads desktop then locks up with blue screen error mesage

7 more replies
Answer Match 62.16%

My WinXP SP3 laptop started not allowing the destop to work. Then the desktop stopped showing up at all. Now the only way I can run the machine is in safe mode. Tried running Malwarebytes no viruses found. Went through the steps to report a new problem. Attachments included. Any help appreciated.

Yellowjacket 55

A:Virus locks up my desktop

Hi,I don't think this is a malware related issue here though. I think the cause is the multiple Antivirus installed + eventually your Zonealarm. They are clashing up here.Never install more than one Antivirus and Firewall! Rather than giving you extra protection, it will decrease the reliability of it seriously! The reason for this is that if both products have their automatic (Real-Time) protection switched on, your system may lock up due to both software products attempting to access the same file at the same time. Also because more than one Antivirus and Firewall installed are not compatible with eachother, it can cause system performance problems, programs not working properly and a serious system slowdown. So, what we can do here is to temporary uninstall all the ones you are having now. You can reinstall only 1 afterwards again. But we need to uninstall them first to resolve the problem first.Go to add& remove programs and uninstall the following:avast! Free AntivirusAVG Free 8.5Ad-AwareZoneAlarmZoneAlarm Toolbar <== this toolbar is not required anyway.Then REBOOT! Important!After reboot, post a new DDS log in your next reply.

4 more replies
Answer Match 53.76%

I'd appreciate knowing what else should be done to get this cleaned up completely? Thank you.

ADaware removed:

Ad-Aware SE Build 1.05
Logfile Created on:Saturday, November 27, 2004 9:37:03 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R20 25.11.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
180Solutions(TAC index:8):49 total references
AdPlus-SurferBar(TAC index:6):3 total references
Adultlinks Quickbar(TAC index:6):87 total references
BargainBuddy(TAC index:8):2 total references
BroadCastPC(TAC index:7):2 total references
Claria(TAC index:7):32 total references
CommonName(TAC index:7):71 total references
DyFuCA(TAC index:3):32 total references
eAcceleration(TAC index:7):2 total references
Ebates MoneyMaker(TAC index:4):4 total references
Golden Palace Casino(TAC index:4):53 total references
HuntToolBar(TAC index:9):1 total references
IBIS Toolbar(TAC index:5):4 total references
istbar.dotcomToolbar(TAC index:5):5 total references
istbar(TAC index:6):8 total references
iWon(TAC index:5):54 total references
MyWay.Speedbar(TAC index:0):5 total references
NavExcel(TAC index:5):19 total references
NetworkEssentials(TAC index:7):48 total references
Other(TAC index:5):2 total references
OverPro(TAC index:3):4 total references
Possible Browser Hijack attempt(TAC index:3):3 total references
Powerscan(TAC index:5):5 total references
Redirected hostfile entry(TAC index:4):3 total references
Roings(TAC i... Read more

A:Daughter's Desktop caught lots of viri at co

8 more replies
Answer Match 51.24%

Her laptop is going haywire so I'm posting from mine. I don't know if it's wise posting a link to the virus but I have it if needed. Basically, she clicked on a link someone sent her through MSN and accidentally downloaded a file when prompted to. She is now sending messages to other people. Her mouse freezes and a black box appears when it sends messages. The comp is also running very slowly. Any help would be greatly appreciated. ^.^
Hijack this log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:41:18 a.m., on 29/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\Program Files\Common Fil... Read more

A:GF caught an MSN Virus....

The name of the file downloaded from the site is IMAGE46453-facebook.com.JPG.jpg.exe
 

1 more replies
Answer Match 51.24%

I've been having problems with my machine locking up on me and I didn't know what was causing it.

The other day I did a Panda scan and it told me I have the Mitglider.EV virus. My McAfee doesn't find it, so it won't remove it. According to Panda I have to get it removed then do some changes in the registry, which I know ABSOLUTELY nothing about. McAfee said send them the file the virus was in. I don't know what file it's in and their tech support answers my questions like I'm a computer wiz, in terms I don't understand, and I've told them my only expertise in computers is how to turn one on!

Can anyone direct me to a place where I can get this removed and have the registry restored to it's original configuration?
 

A:I've caught a virus!

9 more replies
Answer Match 51.24%

Caught a virus after downloading a malicious program pretending to be useful. Fortunately, now it doesn't change start page in my browser and/or install maliciuos software as it did before, but it still annoys my antivirus. Scanned with Farbar Recovery Scan Tool and received results. They are in the attachments. Error message says:
"Located a threat!
Object:
...
Threat:
... a trojan program
Information:
connection terminated"
    But the problem is that antivirus sends these error messages almost every five minutes. And this message appears only when I use Google Chrome, but it's because I downloaded malicious software from it, I suppose. When I use MS Edge I don't receive this message.
 

 FRST.txt   850.81KB
  0 downloads

 Addition.txt   57.07KB
  0 downloads
 

More replies
Answer Match 51.24%

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01
Ran by Brandon (administrator) on GANSKOW on 24-05-2015 20:08:21
Running from C:\Users\Brandon\Desktop
Loaded Profiles: Brandon (Available Profiles: Brandon)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\APRP\AsusProductRegisterService.exe
() C:\Program Files (x86)\ASUS\Dr. Power\AsusDrPowerService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.22\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation)... Read more

A:Caught a virus

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 20:08 - 2015-05-24 20:08 - 00025584 _____ () C:\Users\Brandon\Desktop\FRST.txt
2015-05-24 20:08 - 2015-05-24 20:08 - 00000000 ____D () C:\FRST
2015-05-24 20:00 - 2015-05-24 20:00 - 02108416 _____ (Farbar) C:\Users\Brandon\Desktop\FRST64.exe
2015-05-24 01:14 - 2015-05-24 01:14 - 00000000 ____D () C:\Users\Brandon\Documents\Klei
2015-05-24 00:03 - 2015-05-24 00:03 - 30920927 _____ () C:\Users\Brandon\Downloads\GPUTweak_2_8_2_0.zip
2015-05-24 00:03 - 2015-05-24 00:03 - 00000000 ____D () C:\Users\Brandon\Downloads\GPUTweak_2_8_2_0
2015-05-23 23:54 - 2015-05-24 00:11 - 00000000 ____D () C:\Users\Brandon\Downloads\installers
2015-05-23 23:54 - 2015-05-23 23:54 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc
2015-05-23 23:53 - 2015-05-24 01:30 - 00000000 ____D () C:\Users\Brandon\AppData\Roaming\Software Informer
2015-05-23 23:53 - 2015-05-23 23:53 - 00003312 _____ () C:\WINDOWS\System32\Tasks\SoftwareInformerService
2015-05-23 23:53 - 2015-05-23 23:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
2015-05-23 23:53 - 2015-05-23 23:53 - 00000000 ____D () C:\Program Files\Software Informer
2015-05-23 23:52 - 2015-05-23 23:52 - 03568824 _____ (Informer Technologies, Inc. ) C:\Users\Brandon\Downloads\siinst.exe
2015-05-23 16:39 - 2015-05-23 17:55 - 00000000 __HDC () C:\ProgramData... Read more

42 more replies
Answer Match 51.24%

Hi everyone,
I think I have caught some kind of virus.I keep getting error message "This program has performed an illegal operation and will be shut down" I have read all the posts I could find so I list a couple of the details that come up when I get this error message. The most common one is " Explorer caused an invalid page fault in module KERNEL 32.DLL at 0167.bff8ac13" or "RUNDLL 32 caused an invalid page fault in module MSACM32.DLL at 0167.7b622f95" It seems to happen randomly but all the error details are similar to those above.
I got a suspicious email some time ago titled Snow white and the seven dwarfs Ha Ha Ha or similar. A friend alerted me that this was a virus that had invaded his address book and spread. Could this be my problem?
I have an Intel Celeron 6 computer with 10gig hard drive and 128 meg ram and use IE 5.5 browser.
 

A:Caught A Virus

11 more replies
Answer Match 51.24%

Ok earlier i downloaded some program from a Peer 2 peer network. I opened the program and it doesn't work, but it disabled my Norton Antivirus Auto-Protect for some reason. Now i thought something was wrong. So I immedately closed and deleted the program i downloaded and enabled Norton Auto-Protect. I updated my virus definitions and it prompted me for a restart. I use winXP so when i restart it prompts me for a password at the account screen. I type in my password and it enters desktop for maybe a second or even less, then it automatically logs out again (saying logging off...) and returns to the accounts screen. I can't get in!! I've tried restarting it many times and the same thing happens. What should i DO??!??!?!??
 

A:Caught Virus??? PLZ HELP!!!

7 more replies
Answer Match 51.24%

hey guys, you've heard it before but i can't get rid of this bug. can't update avg, or install or upgrade any spyware . some spyware websites won't even connect. i also can't view pics on IE. i've read through the forums as suggested but a lot of this is way beyond me . i did a dss log and hjt log . please help!!!!

A:caught a bad virus need help

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructio... Read more

2 more replies
Answer Match 51.24%

Caught a virus this evening. Now, my computer can reboot but I can't get past the Windows XP login screen. As soon as I click on the user name, the CPU logs off almost immediately. I've tried starting in safe mode too.

Is there a way that I can retrieve my files? I'm running Windows XP SP3 currently. I know ultimately, I'm going to have to reformat my hard drive but I would like to try to save some of these files if possible before I do so.

Thanks

Fozzy40

A:Caught a Virus!

Someone please help!

7 more replies
Answer Match 51.24%

I tried running kaspersky but the trojan keeps returning after it removes it. IT started with my task manager being disabled, and then firefox kept crashing. I followed a tutorial and fixed the task manager thing in regedit. But now all my google search results are being redirected. Firefox keeps crashing when im working on a clients webpage and i have a huge deadline. PLease help. here is my dds logDDS (Ver_09-12-01.01) - NTFSx86 Run by shaun at 2:12:00.62 on Thu 01/14/2010Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_14Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1311 [GMT -6:00]AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\Ahead\InCD\InCDsrv.exesvchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG ... Read more

A:caught a virus! PLEASE HeLP

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand cor... Read more

2 more replies
Answer Match 51.24%

Hi everyone. i think i caught a virus just yesterday. i didnt have an anti-virus program. after i caught it, all my programs seemed to be uninstalled. All my files and programs are still there, but i have to install every program over in order to use it. everytime i restart the laptop, the appearance setting goes back to the classic view. all my quick launchs are gone and the whole laptop is slow. i installed spybot and ad aware, and it seems to catch something that disables my windows security. i deleted it, restart the laptop. searched again, and it's still there. i cant seem to remove it. i installed symantec anti-virus program, but it doesn't work. it causes an error when i run the program. i need help.

-frankie
 

More replies
Answer Match 51.24%

Hello and thank you for helping me in advance.

I think I have Virus Yesterday. Ad Aware detected something called Antivirus 2009.

I'm not sure if i caught anything else, would someone have a look at my logs to make sure. Thanks.

Here is my DDS Log and the Attached Files.


DDS (Ver_09-05-14.01) - NTFSx86
Run by WinXP at 19:33:40.21 on Tue 06/09/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.403 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Razer\Diamondback\razerhid.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Ahead\li... Read more

A:I think I caught a Virus

bump....

8 more replies
Answer Match 51.24%

Hi all,

I have had a lot of problems with this pc in the last month re logging onto BT Yahoo browser and various other things such as BT desktop help update.

The result of all this is that I think I have got a virus or something. The pc will fire up ok and I will be typing away as now and then "bits" of text fall away. If I notice it quickly enough and re start it comes back ok but if I let the problem progress for a minute or more I finish up with BSOD and I can get A,C.D screen up but it just sits there and won't shut down. A mains off starts me back fine.

All I have is a system recovery dvd that I made the day I bought the pc(PCWorld will not give or sell me jack!). If I run that disc I assume it will set my C drive back to day 1. I have a physical 2nd 160G D drive, will the Sys RD leave that alone please?

If it helps with an answer I have a second pc netted to this one with XPpr on it.
Dave.

A:Win med c e caught virus?

Go to nanoscan.com, download the activex and run the scan. Show details and locate and delete any files it finds. If you can't delete, rename it. If you want, you could put it in a rar archive and send it to me at *****.

Hamish :D



Manager Edit

Hamish ... It's wise to never give your email out in an open forum, as email harvesters will pick up on it and next thing you know, here comes the spam!

Also, please do not encourage folks to work off-forum, as it takes away from one of our main services - a repository of good info. Also, the only folks at TSF that are authorized to analyze malware reports are our Security team members. If you have a knack for this, please check out our ASAP accredited training program.

2 more replies
Answer Match 51.24%

Hello,

My problem is whenever I open up a page that has either a video or music being played on an embedded Windows Media Player, my whole browser freezes up...

At first i thought that maybe it was one of my Firefox add ons acting up, but it happens in regular internet explorer as well

sometimes I will even get a message that says something like: "can not create directshow player"
when i get that message though, the browser doesn't freeze up
can anyone help me out here?
 

A:Web Browser Locks when WMP is on a page

Try this:
Start> Run> type regsvr32 jscript.dll and then click OK.
Next type regsvr32 vbscript.dll and then click OK.
You should receive a message after each that the dll was successfully registered.
 

3 more replies
Answer Match 51.24%

Hello,

After having a birthday party for my 9 year old son, whose friends were all using the computer, Internet Explorer opens up and tried to load the initial web page but never finishes loading and becomes unresponsive. I upgraded to IE7 but the same thing is still happening. Thank god I have firefox already loaded, because that is the only way I can access the inter now.
I have done a hijackthis log and will post below, if anyone can help me get IE working again I would greatly appreciate this.

Logfile of HijackThis v1.99.1
Scan saved at 5:14:54 PM, on 10/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Ahead\InCD\InCDsrv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
F:\WINDOWS\BCMSMMSG.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
F:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
F:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
F:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
F:\WINDOWS\System32\svchost.exe
F:\PROGRA~1\SYMANT~1\SYMANT~1\bak\vptray.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\WINDOWS\system32\wscntfy.exe
F:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI... Read more

More replies
Answer Match 50.82%

I recently caught a virus i think i hear it mentioned some were in this forum but all of a sudden random windows begin to pop up mostly mentioning to install this program called Winantispyware IT constanly kept coming out so i ran my antivirus (which isnt at all that great) saids it finds it and removes it but it continues to come out. I than ran an online scan with the panda antivirus also said it removed virus but left a bunch of spyware so finally i ran Hjt maybe this way i can remove it thru here.

Here is HJT LOG :
Logfile of HijackThis v1.99.1
Scan saved at 8:09:48 PM, on 8/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\EarthLink\EarthLink Protection Control Center\BIN\elnk_pcc2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\EarthLink\EarthLink Protection Control Center\bin\Upda... Read more

A:Solved: Caught a virus pls help with HJT

16 more replies
Answer Match 50.82%

hey guys, thanks for all the tips on this site. it has been invaluable.

i just caught a virus trying to install itself. for the record, i was installing the latest update of youtubeDownloader 2.9.6. i have a registry monitor called WinPatrol running at all times and it pops up anytime a program is trying to do some funny stuff. it alerted me of a program called Sendori trying to attach itself to random places. i clicked "No" for 6 or 7 times, which seemed to halt the virus from entirely manifesting. all references were to "Sendori". a little googling says the virus hijacks your dns server settings.

my ip4/6 interface settings are still the same, they didn't change including dns. i ran hijackThis and found 4 references to the Sendori directory (not hidden; simply program files directory).

we all know some uninstalls actually kick off a deeper configuration of the virus, but after some checkups i decided it would be ok to uninstall normally from control panel.

after the uninstall, the program's entries in the hijackThis log did disappear. i checked the registry for Run and RunOnce and there are no entries for the program (neither obvious or non-obvious) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and RunOnce

my question is, after the uninstall it prompted me i needed to restart my computer to complete. i clicked X (neither yes or no) and now i'm curious if there's anywhere else ... Read more

A:caught a virus, wants me to reboot, should i?

If you want to be sure go ahead and run a malwarebytes full scan before you restart your computer, it can't hurt.How do I remove, turn off, or uninstall Sendori?

2 more replies
Answer Match 50.82%

Hello,This site opens everytime when i start computer this is my FRST log please help me
 

 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Win7 (administrator) on WIN7-BILGISAYAR on 14-09-2014 20:31:47
Running from C:\Users\Win7\Downloads
Platform: Windows 7 Ultimate (X64) OS Language: Türkçe (Türkiye)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Skillbrains) C:\Users\Win7\AppData\Local\Skillbrains\lightshot\5.1.2.5\Lightshot.exe
(Microsoft Corporatio... Read more

A:Gameharbor virus caught me too :(

Hello  Dogusmen and to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.
 
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.
Before we move on, please read the following points carefully.
 
Please complete all steps in the specified order.
Even if tools don't find malware, I want you to post the logfiles anyway.
Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
Don't install or uninstall software during the cleanup unless you are told to do so.
If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
Please reply to this thread. Do not start a new topic
As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
 
Please open as administrator  the computer. How is open as administrator  the computer?
Disable your AntiVirus and AntiSpyware applications, as they will  interfere wit... Read more

15 more replies
Answer Match 50.82%

I am going try to explain my problem....
Last friday I caught a virus via messenger, I do not remember well its name, but some like photo0009.zip....ok. I have McAfee virusScan installed in my laptop and it detected viruses and showed that they were cleaned and deleted, but inmediatly after this more messages were sent to my contacts and in my lap Task Manager, execute command,defragment of disc and even the Mcafee virusscan itself were disabled; I made some procedures with another virusscaners online while mine was disbled, to eliminate this "virus", and after this my Mcafee "works" again but I am not really sure if my lap is totally cleaned because sometimes it functions slowly and mcafee has the option Desable analisis in real time in grey color, obvioulsy i do not want to disable but before all these problems that option was in black color...

Somebody can tell me What can I do or What I have to do to make sure my laptop is really cleaned....

Thanks in advance...and I will be waitting your help...

PS...Sorry my english is not good!
 

A:Virus caught by msn messenger!!!!!

7 more replies
Answer Match 50.82%

PLEASE Help, something bed happening to my computer,working so slow IE try to open but taking minns.
Please look at my HiJackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:07:22 PM, on 1/23/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\SK9910DM.EXE
C:\WINDOWS\GWMDMMSG.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcaf... Read more

A:I think I caught some virus on my komputer:

7 more replies
Answer Match 50.82%

Norton alerted me of this bugger whilst I was browsing the forum. Norton has quarantined it. But I wonder whether anybody ever saw this bugger and whether it could have further consequences. It seems to originate from my home country Germany - which does not make it more likeable.

A:I caught the Neuroquila virus

that's interesting you were browsing the forum when you caught it? hope i dont get it

9 more replies
Answer Match 50.82%

Hello everyone, I got a virus on Windows xp, which unfortunately does not allow me to see even more of the taskbar below. I proceeded to disable services and all that is in msconfig startup, but as attached image, even if I remove those highlighted as soon as I close and restart or shut alone, you grow back on their own. I wanted to try combofix, but I can not in any way to get it started. I've done scans with nod32, VirIT and malwarebytes, but I have not even solved the problem by putting the hd on a pc running. There is also to say that if I click something on the desktop, it tells me: Can not access C: \ -------. access denied. how can I fix ??ps I can not format .: otherwise I would have already done.http://postimg.org/image/z9juprhep/

A:I caught a virus that does not delete

Hello, please do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. If neded we will ask for it.Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

1 more replies
Answer Match 50.82%

Hi everyone;

Since some days, my computer doesn't work as it used to anymore.
I think it's a virus or a worm or whatever...
Whenever I tried to install an antivirus program, the program just wouldn't work.
I think this ''thing''(virus) is anti-antivirus!

I've tried Norton, Mcafee, Kasper,and Solo. But none of them wouldn't work.

Would you help me please.

My OS is windows 2000 Pro.

Thanks a lot
 

A:I've caught a virus,worm or whatever

Hi Gregpi,try running this online scan.
www.housecall.antivirus.com
 

3 more replies
Answer Match 50.82%

Hi, I have a little problem and I want to make sure my system is okay. I already had some help over here in a thread that was initially related to something totally different.

So taken from that thread, the steps I've done so far were:

Ran rkill - didn't help
ran unhide
was able to run rkill finally, it did something but the problem wasn't corrected
ran Malwarebytes and tdss and it found nothing
was able to run Fakerean removal tool (thanks to writhziden)
ran Malwarebytes again, didn't find anything
Ran sfc /scannow several times and it did not find any integrity violations

So at this point I am just wondering if I should run anything else, to make sure my system is clear of any further problems?

Looks like most of my icons are back but I want to make sure, but maybe some other scan will help remove any possible left over issues.

Thanks to whoever ends up helping me.

A:Caught a fakerean virus...

Well your System appears to be OK for now.

However if you want to make 200% sure that all traces of the virus are gone then do a clean reinstall of Windows.

9 more replies
Answer Match 50.82%

I downloaded a file, and opened it. Then I realized that the file was a virus, and the virus is now in the hard drive somewhere. I installed Spybot to do a scan, but Spybot won't even open! I double clicked it so many time, but it won't open. I tried to download AVG, but the virus blocked my download. Now I can't do much...

I downloaded Spybot on a different computer (I tried downloading Spybot on a the infected computer, but it didn't work) and then transfered it to the infected computer. I don't know if this will work with AVG too. I want to use the Ultimate Boot CD I downloaded, but the infected computer is a laptop, and I can't change the boot settings, so it boots the hard drive first, before booting the CD drive. I don't know what to do!

Anyone have any advice on what I should do? Thanks!
 

A:My computer caught a virus. Need some help!

Hi,
I think you need to post a HijackThis Log, instructions at this TSG 'sticky':
http://forums.techguy.org/malware-re...st-before.html

What's the make/model of the laptop? Someone might be able to help you try to boot in to safe mode and/or change boot order.

You'll need to 'report' this thread to ask for it to be moved to the Malware forum.
Please be patient as there aren't that many qualified Malware experts but there are loads of people seeking their help.

I see from your other 2 posts that you had malware on your PC as well, have you become more cautious since?!

Richard.
 

2 more replies
Answer Match 50.82%

Hi,
I basically picked a virus up from Facebook from one of their annoying apps. My anti-virus (AVAST) started going mental, so I quickly closed down the Facebook page.
I kept geting the fake virus alert that tries to get you to click on it.....and kept shutting it down. I then got a stream of pop-ups (some were not very nice!)
I checked on AVAST to see if it had picked up these viruses but it said it couldn't find the files.
I decided to switch my anti-virus software to AVG, as it has always served me well (but my free trial had ran out - hence the switch to AVAST!!). My computer will not allow me to go anywhere near the AVG site. Everytime I go to use a link on google I get redirected to some random site, and everytime I go directly to AVG i get "Oops! This link appears to be broken." I could connect to the download cnet website but everytime I tried to download AVG from there it kept saying it couldn't establish a connection. It's almost like the virus knows i'm trying to get rid of it so it's preventing me from doing so.

Please help. My OS is Vista

Thank you in advance

EDIT: Sorry, forgot to mention, I managed to install 'Stopzilla' which informed me I had 15 infected files, but it didn't seem to help much more beyond that!
Here's the HJT......

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:03:58, on 16/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.188... Read more

More replies
Answer Match 50.82%

I've been enjoying gmail for months, but suddenly, my computer locks when it reaches the loading page, just after I sign in. I've gone to troubleshooting help, and followed directions to uncheck enable third party browsers, and clear cache, to no avail. I am unable to reach my gmail account on this computer.
 

More replies
Answer Match 50.4%

Hello, I recently caught a virus on my pc. Microsoft Security Essentials says labels it as Trojan:WIN32/Sirefef.AB. It claims to have removed the Trojan and it no longer detects it during a scan, but my computer randomly shuts down now with no warning. If I enter safe mode it will shut down VERY fast. Any help with this would be greatly appreciated. I'm not very computer savvy, but I can follow directions pretty well. Thanks.

A:I caught a virus and now my pc randomly shuts down

I would suggest you repost this in Am I Infected

3 more replies
Answer Match 50.4%

Hello,

I have been reading some forums and looking for an answer but I thought I should just start fresh. I am having a problem with google redirect and firefox. IE doesn't seem to be and issue, but both are still running verrrrrrry slow. With firefox, clicking on links in google will direct me to random sites, sometimes dealing wtih my original google search but cleary not what I clicked on. I can only go back to google search if a double click really fast. No other problems besides that and super slow internet. In my frusteration I un-installed firefox and having been using a super slow IE, telling me the virus or whatever is most likely still here.

I tried malwarebytes and have even updated and scanned agained. I also tryed tdss killer and nothing was found with that either either. Help would be greatly appriciated!

Thanks
Tara

A:I have caught a Google redirect virus..

Download this file and save it to your desktop:http://download.bleepingcomputer.com/grinler/rkill.scrDouble-click the file to run it. A command window will open briefly. Then run a quick scan with Malwarebytes. Post the Malwarebytes log.

1 more replies
Answer Match 50.4%

A short while back I had the fake "scanner" site popup. Got out w/o going to any other site, at least not knowingly . On my next boot up I noticed a bunch of ave.exe processes opening up! Nooooooo!!! Tried to run run Malwarebytes scan, the mbam.exe file was blocked from opening. Renamed to mbam.com, ran, and found some malware and deleted (log below). Then my Google and Yahoo searches began to be redirected, so I guess I have a rootkit? More Malwarebytes, Zonealarm, and Hitman 3.5 scans show nothing so here I am. Logs follow:Malwarebytes:Malwarebytes' Anti-Malware 1.45www.malwarebytes.orgDatabase version: 4034Windows 5.1.2600 Service Pack 3Internet Explorer 7.0.5730.114/25/2010 8:27:51 AMmbam-log-2010-04-25 (08-27-51).txtScan type: Quick scanObjects scanned: 118075Time elapsed: 20 minute(s), 42 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 2Registry Data Items Infected: 7Folders Infected: 0Files Infected: 1Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully.Registry Data ... Read more

A:Caught ave.exe and Google redirect virus

Hello and welcome to Bleeping Computer.My name is km2357 and I will be helping you to remove any infection(s) that you may have.I will be giving you a series of instructions that need to be followed in the order in which I give them to you.If for any reason you do not understand an instruction or are just unsure then please do not guess, simply post back with your questions/concerns and we will go through it again.Please do not start another thread or topic, I will assist you at this thread until we solve your problems.Lastly the fix may take several attempts and my replies may take some time but I will stick with it if you do the same.Sorry for the delay in replying, the forum is very busy. If you still need help, please post a fresh DDS and Attach Log

48 more replies
Answer Match 50.4%

I know something is wrong with my computer, every program I run gets stuck. Symantec and Windows Defender are not been able to find anything. The first time I ran Symantec antivirus, it discovered two files infested with Winfi virus which it reported cleaned.
I discovered your forum, greatly impressed, decided to post for expert comments.




Logfile of HijackThis v1.99.1
Scan saved at 1238 AM, on 4/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\tibco\bf\5.0\db\bin\ttsrv51.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\Navnt\DefWatch.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\tibco\bf\5.0\db\bin\ttsub51.exe
c:\tibco\bf\5.0\db\bin\ttsub51.exe
c:\tibco\bf\5.0\db\bin\ttsub51.exe
c:\tibco\bf\5.0\db\bin\ttsub51.exe
C:\PROGRA~1\Navnt\Rtvscan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
c:\toshiba\ivp\swupdate\swupdtmr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Pr... Read more

A:Suspected virus not caught by Symantec AV

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to Subscribe to this thread (Thread Tools) so that you are notified when you receive a reply.

Please be patient with me during this time.

2 more replies
Answer Match 50.4%

I caught the virus while using msn (windows live messager), a friend of mine just sent me a message saying "was it you that took this pic?" and then followed with a file called "img1756.zip"... without even thinking i downloaded the file and opened it only to realise that it was a virus...

the virus automatically sents out the virus to all my contacts, each with a different "catch line"... i have performed a number of virus scans and adware/spyware scans... i dont know even i still got the virus... can someone please help and tell me if i still got it?

PS - i am using window vista... and Thank you for your time!
=======================================

Logfile of HijackThis v1.99.1
Scan saved at 7:17:07 PM, on 9/08/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live... Read more

A:Please Help...Caught a MSN virus... HijackThis log included...

Everytime when i run HijackThis and try to use it.. there is a warning box that pops up saying that i have a problem with a file hosts - C:\Windows\system32\drivers\etc\hosts... i have tried manually deleting the file but the problem still exists...

Also when i run the AVG virus scan, the scan detects that there is a reading error to that same file...

i have no idea what is going on and i hope someone can help me!!

Thanks!!~~
 

1 more replies
Answer Match 50.4%

THIS HAS BEEN RESOLVED.thank you.System:Win7 Ultimate 32bit (x86)Installer: File Name: Oburaa.exeSize: 220 KB (225,280b)Description: Daniels Original File Name: Daniels.exeVersion: 1.2.7.0Worm Files installed: File Names:<Random>.SYSLocation: %Windows%\ServiceProfiles\NetworkService\AppData\LocalSize: 61.7KB (63,232b) (62KB in folder details view)Effect:installer copies worm files to the system.the worm files are repeatedly copied under new names.Originally it was displaying pop-ups (defeated that).Problem still remains that it hijacked my google clicks - it redirects me to spam sites.typing in a URL will have the proper result. but visiting google.com and clicking on a search result will get me directed to a spam site or simply not load the next page.Suggestions?All .SYS and .EXE files have been manually quarantined. All created registry entries have been removed.oddly enough - also can't start Malware Bytes or use the default Super Anti-Spyware startup.Super Anti-Spyware fails to detect this virus.I've restored my FFox About:Config and restored my IE settings to default.

A:I finaly caught one i can't beat (virus)

never mind - i found a tool that works.http://www.review-buddy.com/spyware-remove...rect-virus.htmlTDSSkillerthe final piece of infection was a .sys file i missed - NETBT.SYS found in c:\windows\system32\Driverswas being loaded up as a driver during boot up so it didn't show up on processes, tasks, or msconfig.

1 more replies
Answer Match 50.4%

I was able to locate this virus in the "all users" folder. I read that I have to change the name of the file, before I deleted it. Otherwise, the virus would prevent me from deleting the folder. So, I changed the name of the file, then deleted it and restarted my computer. When I started my computer, I wasn't getting all the annoying popups from Security Tool saying that my computer was infected, ect. However, my screensaver is still gone, my desktop is still all blue, and I cannot surf the internet. Every time I click on a link on a random website, it redirects me to random sites. I know I still have this virus on my computer, but cannot track it down since I "thought" I deleted it.I already had Malwarebytes on my computer and tried to run a scan, but the virus prevents it from running a full system scan. I also had Ad-Ware by Lavasoft on my computer, and ran a scan, but it didn't do anything to get rid of this virus. So, yesterday I decided to download Avast to my computer and I ran a "Thorough" scan that took close to 8 hours. Avast detected 15 infected items and deleted them, but that didn't do anything to get rid of this virus. I just uninstalled Malwarebytes and Ad-Ware by Lavasoft, because I heard that I will need to reinstall them since they do not recognize the virus. I am planning on reinstalling Malwarebytes and Ad-Ware and running the scan again. Do you think this will help?Also, I have just installed a program called HiJa... Read more

A:I've caught the "Security Tool" virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results.Follo... Read more

2 more replies
Answer Match 50.4%

hey..
this is really weird but today i brought my laptop from my computer tech and the first thing my cousin did was plug her usb to check out some photos..
and unfortunately it was infected
its fooool.exe
what should i do to remove it,,
thx in advance
 

More replies
Answer Match 50.4%

Hello, I am looking for help in removing these program which have malware in them.
I posted a similar thread in the other forum around last week but it never got a response:
 
 
http://www.bleepingcomputer.com/forums/t/504642/unable-to-remove-savenshare-and-searchnewtab/
 
 
 
thanks

A:caught the savenshare and searchnewtab virus

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Rn].txt (n is a number). Please downloadJunkware Removal Tool to your Desktop.Please close your security software to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.The tool will open and start scanning your system.... Read more

16 more replies
Answer Match 50.4%

Good morning. This morning my Avira popped up with a notification. It was Virus or unwanted program 'EXP/Pidief.GI [exploit]'
detected in file 'C:\Users\Sandy\AppData\Local\Mozilla\Firefox\Profiles\cd6ze7t3.default\Cache\91792C4Bd01.
Action performed: Deny access.

Should I be worried? What steps should I now take?
Thank you!

A:My Anti-Virus caught something, should I be worried?

From what I can find this is pointing to installation of Antivirus Live via an exploit in Adobe PDF documents. For your safety, I would recommend running at least Malwarebytes on your computer.Scan for Spyware/Adware Malwarebytes' Anti-Malware a.k.a. MBAM - Download Free Version - HomepageWhy? Malwarebytes' Anti-Malware is very good at removing the zlob trojan, virtumonde, and most other current infections. This single tool has replaced multiple tools that have been required in the past. 1. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, confirm a check mark is placed next to the following:
Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-Malware2. At the end, confirm a check mark is placed next to the following:3. Then click Finish.4. If an update is found, it will download and install the latest version.5. Once the program has loaded, select Perform quick scan, then click Scan.6. When the scan is complete, click OK, then Show Results to view the results.7. Be sure that everything is checked, and click Remove Selected.8. When completed, a log will open in Notepad. The rogue application should now be gone.Note: Some infections will prevent MBAM from running. If MBAM won't run, try renaming the file mbam-setup.exe to a random name, and then try again.Note:Reinstall MBAM if you installed and ran a scan in safe mode. Doing this is usually not advised as MBAM is designed to be at full power when running in normal mode and loses ... Read more

5 more replies
Answer Match 50.4%

I seemed to have caught the redirect virus. I've tried everything, scanned with Malwarebytes, McAffee, Hitman Pro, TDSSKiller, and have searched on the internet for other solutions and tried to no avail. Would really appreciate the help. I will be posting my logs.First here's my HijackThis log:ogfile of Trend Micro HijackThis v2.0.4Scan saved at 12:40:54 PM, on 5/1/2011Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v9.00 (9.00.8112.16421)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Program Files\Dell\DellDock\DellDock.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\System32\igfxpers.exeC:\Program Files\Dell\MediaDirect\PCMService.exeC:\Windows\System32\igfxtray.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\WLTRAY.EXEC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exeC:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Ja... Read more

A:"Google Redirect Virus" - seem to have caught and can't get rid of

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available.If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply'... Read more

12 more replies
Answer Match 50.4%

hey guys

i was stupid enough to click a link in msn chat window without considering if the user had actually sent it to me or if it was an automated message. (my brother always tells me to double check)

mayhem ensued and a thing called Yinstall along with other files was installed on my desktop and my anti virus software went all alarms blazing!!!

ive tried antivirus scanning but it wont work....
ive tried manually deleting the files but it wont let me =(

I run AdAware SE2 and it located and deleted alot of files and prompted me to do so on start up to, but i think its still there.

various things are randomly installed like toolbar on my browser for instance.

I read on another post in these forums that a techie asked for log file for hijack this so i allready to the liberty of making one
Logfile of HijackThis v1.99.1
Scan saved at 1:26:42 AM, on 4/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSv... Read more

A:Solved: Yinstall virus help (caught through msn)

11 more replies
Answer Match 49.56%

My abtivirus said that I have a virus called TR/spy carberp and when ran a malware scan the first time it pulled 3 trojans and I removed them, but after that my antivirus keeps pulling up the same thing and when i scanned it again through malware its says I have no infections.
 

A:> My computer caught a virus called: TR/spy carberp

16 more replies
Answer Match 49.56%

Unfortunately, I seem to have the Internet Security 2010 virus, with fake virus checking software, bells, whistles popping up everywhere. If you could please help me out, I'd appreciate it!

Thanks
Mtnbkrlts

A:Caught the Internet Security 2010 Virus

I have moved (split away) your DDS/HijackThis log to the HijackThis Logs and Malware Removal forum as they are not permitted in this forum and we cannot continue here. Please go here, click on the Options button in the upper right corner of that thread and choose Track this topic. Subscribe to that topic to ensure you are notified when a helper replies.Now that your log is posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to ... Read more

1 more replies
Answer Match 49.56%

Just as the topic indicates. I noticed a thread someone else was infected as well. Looked like the resolution involved user specific variables so any help would be appreciated!!

Windows 7 64bit

A:Caught the "trojan sirefef" virus -- Need help removing

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

45 more replies
Answer Match 49.56%

Back in July, my computer caught a virus and I've had to reboot my computer. When I finally got it fixed today, I've been trying to re-install some programs to my computer. My Acer came with a Microsoft product key code, so I thought that meant I owned the software for Office 2010, and that I could put this code in today and it would load the program back on the computer. When I opened the activation wizard, it wouldn't accept my product key like the last time. Do I need to purchase Microsoft again, or can I still use this code and how.

A:My hardware caught a virus, need to re-install Microsoft

As far as I know your Office activation code should still work unless it was a trial version of Office and the time period has expired.

3 more replies
Answer Match 49.56%

Here's my Hijack This logfile:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:55:37 AM, on 1/16/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Cobian Backup 8\cbService.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Java\jre6\bin&... Read more

A:Caught the Internet Security 2010 Virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

17 more replies
Answer Match 49.56%

Hey all,

I'm new here, so pleas excuse me if I posted in the wrong place.

A friend lent me his netbook, an HP Mini 110-1129NR. It caught a huge system virus, don't know how, but I do know what. The OS is XP Home SP3, I'm able to get as far as the login screen in both regular and safe mode. After I log onto a user account, only the wallpaper shows up. Apparently explorer.exe is missing, I'm able to go into task manager, but that's it, even in safe mode. My first thought is the best option is a re-install. So, I burned a XP Home SP3 disc, then booted into it from an external DVD/CD drive. Everything was fine, except when I started setup. I got a an error message, saying that it couldn't detect any hard drives. It then said to press "S" in order to specify a SCSI driver, but I don't have one.

Obviously the hard drive is there because I can boot into Windows.

Is there a fix for this?

Thanks a ton for the help !

A:HP Mini 110-1129NR caught a virus, can't reinstall

Noticed that nobody's replied yet.....if there's any more info that you need, then please let me know, I'd be more than happy to provide it

8 more replies
Answer Match 49.56%

Hope someone can tell me if this file has a virus. my anti virus does not see it, but my pc is stopping and freezing up, It may be related to Iexplore.eve also.    C:\windows\system32\iavlsp.dll

A:Is this a virus?, hijack this caught it 3 times and i cannot remove it?

Update the file is on a older HP Pavilion Lap top, Widows XP i deleted Goggle chrome to speed up my system but now since i am Windows explorer its seems to be worst. Thanks I am a rookie at this.

6 more replies
Answer Match 49.56%

Here is my HJT log, hoping someone can help; and thanks in advance


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:40:30 PM, on 7/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Digital Media Reader\shwicon2k.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\qwerty12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://sear... Read more

A:Solved: PLease check out my HJT log, caught some kind of virus

10 more replies
Answer Match 49.56%

Please help. I was looking for PIA PRO, a property investment program and was stung by this virus. 
My home page has changed, when I click on something, another page will open then lock with a warning message with a voice letting me know that my private details are at risk.
 
Thanks in advance.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Silvana (administrator) on LENOVO-PC (11-09-2016 11:29:52)
Running from C:\Users\Silvana\Downloads
Loaded Profiles: Silvana (Available Profiles: Silvana & aurif_000)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\windows\System32\igfxCUIService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Microsoft Corporation) C:\windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\Eps... Read more

More replies
Answer Match 49.14%

My computer has been running slow. Everytime I run Java it says Java not working or installed and then when it does work it takes forever to load or just don't finish loading. I have run Avira and Verizon internet security suite. Avira detects a TR/Agent.16384.CX everytime and I delete everytime, but it keeps picking it up. My computer tends to shut down on its own and sometimes I get popups even with my popup blocker on. I've tried DatRemover and even SmitFraud. My computer keeps saying I have a run dll error in my scanner so I reinstall it. It works maybe a day or 2 and I get the same error again. So I'm not sure whats wrong. Any help is greatly appreciated.
HiJack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:29:06, on 2/3/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Verizon\Verizon Internet Security Suite\Fws.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Verizon\Verizon Internet Security Suite\rps.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common File... Read more

A:I think I have a virus that is not being caught by virus scan. Please Help!

Please do not create multiple threads for the same problem.
Continue here: http://forums.techguy.org/malware-removal-hijackthis-logs/797211-need-help-my-computer.html
 

1 more replies
Answer Match 49.14%

It finish scanning and I clicked on finished. I they were quarantened though. That what it said.
 

A:Solved: My computer caught a virus called: TR/spy carberp

7 more replies
Answer Match 49.14%

Hi, this is my first post in this forum. As the title says, when I turned on my computer, the taskbar would not show the windows that I had opened. Also, the location of the quick launch icons is messed up as well. I first used my own norton antivirus and scanned 3 viruses. I deleted 2 of them and quarantined the other one. But that didn't solve the taskbar problem. Then I tried to use the symantec online virus scanner but for some unknown reason the scanning refused to start. Therefore, I then used trend micro online scanner and deleted 2 more viruses. However, the taskbar still doesn't not show the windows that I have currently opened. What's going on?

My OS is winXP.
 

A:Solved: Caught virus and taskbar items became invisible

16 more replies
Answer Match 49.14%

Hey guys. I recently cleaned out a virus with your help but after installing AVG 2011 on two computers both went down to the BSOD and the error message "we apologize for the inconvenience ,but windows did not start successfully. a recent hardware or software change might have caused this. ..." I did a clean install on one computer but am hoping to avoid this on the other. I've noticed that an AVG 11 update has been wrecking havoc on Windows 7 users and am wondering if it could have done the same to Windows XP Pro? Any help would be appreciated.

Best,

Steve

A:Windows XP Pro Caught in Boot Loop after cleaning out virus

Sit tight: An experienced member of the Malware Response Team will be along to assist you.

7 more replies
Answer Match 49.14%

Thanks to having been a longtime reader here at Bleepingcomputer, I think I'm a pretty tech-savvy and malware-smart kind of guy.
 
I normally laugh at virii and malware. I sort of enjoy finding them and removing them. I'm good at it. This one has me stumped.
It looks like a Chrome process, but here's the thing: I completely uninstalled Chrome from my system. Yet, look:
Now, I know that Chrome runs multiple processes in the system as part of its normal operation. These processes though are tagged as Chrome in the lefthand column, not some crazy random 8-letter thing .exe
Also, that .exe tries to call out multiple times per day. Malwarebytes and Emisoft Antimalware catch it each time. Sometimes it wants an IP address to dial out to, sometimes it's actual domain names to sites that are real, but which I've never visited (like spammy app sites and stuff.)
 
That weird process .exe sits in AppData/LocalLow. It jumps around folders there. It was under Microsoft. I deleted the whole folder. It jumped to Apple.
How the heck do I remove it? I know where this exe is. I've tried manually killing it. If you end the process, it pops back up again like a hydra. If I go to where this file is on my computer--in safe mode--and delete it, it pops back up the next time I start Windows normally.
I've so far run deep scans with MBam, EmiSoft, MBAR (Malwarebytes anti-rootkit beta), and TDSSkiller. No dice.
So. Any thoughts or ideas are appreciated! I'm loathe to just reinstall Windows...... Read more

A:I caught the fake Chrome.exe virus. This sucker is nasty. Any help?

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware to your desktop.NOTE. If you already have MBAM 2.0 installed scroll dow... Read more

6 more replies
Answer Match 48.72%

I loaded the Farbar Recovery Scan Tool for the 64 bit and this was the text document after the scan - Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2013 01Ran by SYSTEM on 25-05-2013 17:46:11Running from I:\Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 9Boot Mode: RecoveryThe current controlset is ControlSet001ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.==================== Registry (Whitelisted) ==================HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10920552 2010-06-22] (Realtek Semiconductor)HKLM\...\Run: [RunDLLEntry_THXCfg] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 [17920 2009-10-15] (Creative Technology Ltd.)HKLM\...\Run: [RunDLLEntry_EptMon] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64 [21504 2009-10-15] (Creative Technology Ltd.)HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [483424 2012-02-01] ()HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)HKLM-x32\...\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor ... Read more

A:ICE Moneypak virus has 3 three Safe Modes caught in a restart loop

Hi therooster42,
 
Welocme to the forum.
 
Please download
 fixlist.txt   1.21KB
  23 downloads
Save it to your flash drive.
Boot to System Recovery Options and select "Command Prompt".
Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
 
Also restart, let it boot normally and tell me how it went.
 

8 more replies
Answer Match 48.3%

My AVG caught this anti-virus, I need help safely removing it, and whatever may have brought it into my computer. Everything has been running very slow, and when i restarted my comp earlier, it scared me, the background came up, but no desktop icons...took about 5 minuets for them to show up. I ran the scans from your 5 step process, but when I ran the DSS, I could only get it to give me main.txt.
So heres what I have, please help if you can, and thanks.

Deckard's System Scanner v20071014.68
Run by Sylverkitti on 2008-01-12 21:02:54
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 510 MiB (512 MiB recommended).


-- HijackThis (run as Sylverkitti.exe) -----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:03, on 2008-01-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PRO... Read more

A:Computer Dragging, very slow Anti virus caught: Trojan horse VB.CEC

bump.

1 more replies
Answer Match 47.88%

Hey, I got a desktop from cyberpowerpc about a month ago. However, I'm having a very odd problem. The computer runs brilliantly 95% of the time, but sometimes it just locks up for no apparent reason. I could be watching a video or just browsing the web, and suddenly it just makes this very odd noise (brrrrr), well its hard to describe the noise, but basically it just completely freezes on whatever screen I had up. I can't do anything, including move my mouse or bring up task manager, I just have to do a hard restart of the computer. The first time it happened, maybe a few days into using the computer, I got a BSOD. I restarted it, and it worked fine for a while. Now it happens on an every-other day basis, but I never get a BSOD anymore, just freezes as described. Sometimes after I restart it, it will freeze on me a few more times, others after restarting it, it won't happen again for days. I really have no idea what's wrong. I don't think its a virus/trojan or any program because it started happening quite randomly, not after some kind of installation. I'll post full computer specs and speedfan info:

CAS: Sigma Gaming Orca Mid-Tower 400W Case
CASUPGRADE: NONE
CS_FAN: Default case fans
CPU: AMD Phenom(TM) X4 9950 Black Edition Quad-Core CPU w/ HyperTransport Technology
CD: LG 20X DVD+/-R/+/-RW + CD-R/RW DRIVE DUAL LAYER (BLACK COLOR)
FLASHMEDIA: INTERNAL 12in1 Flash Media Reader/Writer (BLACK COLOR)
FAN: CoolerMaster Hyper TX2 Gaming CPU Cooling ... Read more

A:New desktop locks up periodically

I assume you are using VISTA?
Is the noise you mention like the hard drive accessing all of the time - does it display a constant red light for example? If you leave the computer for a few minutes without rebooting see if it unfreezes.
Have you tried rolling back to an earlier time when it worked fine using System Restore?
Have you updated the BIOS to the latest version?
Have you updated all the latest VISTA patches and drivers for your kit?
If all of these dont work are you using McAfee Antivirus? some have reported problems with it and VISTA
 

1 more replies
Answer Match 47.88%

HOW DO I change the logon idle time before it locks the computer and the only one who can unlock the desktop is that user or an administrator... students will not log out then it locks the desktop. Or can I force a log off if left idle?? There must be a place in win2003 server to change this perhaps in policies???

THIS IS NOT a screen saver question. This happens only the computer is idle. The workstations are running xp pro but they are authenicating on a new 2003 server. Not many default setting were touched. Infact, I only changed 1 or 2 small items with internet explorer. any help please!!
janet
 

A:desktop locks when idle

I know and have used a product called deepfreeze. This product automatically shuts down a computer after a set period of idle time and then reboots the system with the original settings and programs that were installed. Students can't change desktops or backgrounds, install programs, etc...if they do the program deepfreeze reboots computer to original configuration.

As for settings what happens when windows standby thereby requiring reentering of password, that might be able to change in the power management section. Keep looking for other more intelligent help
 

1 more replies
Answer Match 47.88%

Hello everyone, I am new to forums and have always relied on others to fix things for me, this seems like a much better option

I recently had a new vid card installed, an nvdia9800 gt . also had to put in a new power supply supply to support it. When my desk top is idle for 20 minutes or so it freezes. I can use my mouse but cannot open anything and have to manually restart. If I am idle in a game or program I have no trouble. My screen saver is diabled, but makes no difference. PLease help I am tired of having to keep turning my computer off when I leave the room, as I cannot shut it down the proper way when it freezes up.

Thank you

A:desktop locks up while idle

I have the exact same problem! I have to keep counter strike (a game) running 24/7 so my computer doesn't lock up. I also put in a new power supply so that might be the problem. Someone help!

1 more replies
Answer Match 47.88%

Hey, the previous thread on this expired, but I have new information so I'll repost it.

New desktop locks up periodically
Hey, I got a desktop from cyberpowerpc about a month ago. However, I'm having a very odd problem. The computer runs brilliantly 95% of the time, but sometimes it just locks up for no apparent reason. I could be watching a video or just browsing the web, and suddenly it just makes this very odd noise (brrrrr), well its hard to describe the noise, but basically it just completely freezes on whatever screen I had up. I can't do anything, including move my mouse or bring up task manager, I just have to do a hard restart of the computer. The first time it happened, maybe a few days into using the computer, I got a BSOD. I restarted it, and it worked fine for a while. Now it happens on an every-other day basis, but I never get a BSOD anymore, just freezes as described. Sometimes after I restart it, it will freeze on me a few more times, others after restarting it, it won't happen again for days. I really have no idea what's wrong. I don't think its a virus/trojan or any program because it started happening quite randomly, not after some kind of installation. I'll post full computer specs and speedfan info:

CAS: Sigma Gaming Orca Mid-Tower 400W Case
CASUPGRADE: NONE
CS_FAN: Default case fans
CPU: AMD Phenom(TM) X4 9950 Black Edition Quad-Core CPU w/ HyperTransport Technology
CD: LG 20X DVD+/-R/+/-RW + CD-R/RW DRIVE DUAL LAYER... Read more

A:New desktop locks up periodically

You can do some troubleshooting however if this system is only 1 month old, you might want to send it back.

If you want to troubleshoot the system, do the following;

1 Download and run memtest for at least 2~3hr. If it returns one error, that is too many.

2 Download and run the hard drive maker's diagnostic utility for checking the drives.
Note both of the above run from bootable media so no os even needs to be loaded.

3 Download HWMonitor and let that run for a while. See if your 12V rail is going up and down. If it is, then you probably have found your problem.

BTW it would help if you posted the brand of pw supply. 580W means next to nothing.
 

1 more replies
Answer Match 47.46%

Hello, I have been having problems with my cpu lately. Upon loading when the cpu gets to the desktop it freezes entirely. I can move the mouse but cannot click on anything and alt cntrl del does not work either, i can only reboot. I have eset nod32 and malware bytes, both negative except for malware bytes says something is in my system restore points. I have went into msconfig and was able to write to you guys here by booting in diagnostic mode with just essential services enabled. Strange thing is that I have windows xp sp3 and when I change something in msconfig it says I need administrative privlidges to change something...but it changes what I do anyway....strange. I really hope you guys can help me, im out of ideas and not sure what do do, thanks..ps: my log is from when i booted up with some services disabled or it would lock uppps : I had a virus"antivirus live" a few weeks ago, eset told me to system restore and I did, it worked, theni ran malware bytes and it detected a few things and deleted them.DDS (Ver_09-12-01.01) - NTFSx86 Run by Valued Customer at 15:42:06.10 on Wed 01/06/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1504 [GMT -5:00]AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\s... Read more

A:system locks upon startup at desktop

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand cor... Read more

2 more replies
Answer Match 47.46%

Not sure if this is the right place to post this but here is a description of my problem.
While playing games or playing video my computer sometimes locks up. It becomes non-responsive to any input, if there was sound playing it loops, and the monitor displays the last frame, sometimes there are purple or green artifacts but usually the screen just remains the same.
It seems to happen more or less with different games, I rarely get this problem with Diablo 3, but get it quite frequently in Skyrim, and sometimes during Arma 2. It happens from time to time while watching video, whether it be Youtube, some other stream or even playing .mkv on VLC media player.


Here are my specs:

OS: Windows XP Home Edition SP3
Motherboard: EVGA nForce 790i SLI Ultra, 132-CK-NF79
Processor: Intel Core2 Q9550 @ 2.83 GHz (4 CPUs)
Memory: Patriot Signature 4GB DDR3 PC10600 1333MHz CL9/HS (PSD34G13332H) (I realize xp home only recognizes 3 gigs)
GPU: EVGA Nvidia GeFore GTX 260
PSU: Coolermaster 850w, product no. RS-850-EMBA

I've already tried reformatting my harddrive, and reinstalling Windows to no avail. Installing drivers, rolling back drivers to no avail.
Since I don't have extra parts to swap out with, I'm not really sure what could be causing these problems.
Also I ran memtest a couple times with no problem, will consider running for an extended period just to make sure. I also checked system temps and voltages, which seem to be in acceptable ranges, so I don't think t... Read more

A:Desktop Locks Up During Video or Gaming

Hi Welcome to TSF

Is your computer or Graphics card overclocked?

Go into your BIOS > Under Health Section can you provide the voltages on 12v rail

12 more replies
Answer Match 47.46%

I have a gigabyte ga-7ixe4 mobo with 1.2 athlon cpu and with latest bios updates and a tnt2 vid card with latest drivers . lots of ram (256) with 85% free a sb sound card with latest drivers. Nascar4 crashes to desktop about 20-30 seconds after i get in the car or while watcing a replay. I have tried every update and driver known to man and can not get the game to run properly.
 

A:nascar4 crashes to desktop or locks up

Try a lower screen resolution, sometimes it's as simple as that...Rhett
 

1 more replies
Answer Match 47.46%

First, Hello,
This is my First Post, I just found your forums here during a search for Tech chat rooms.. (kinda weird looking for a chat and finding this forum )
But I feel this is a blessing in disgiuse.

Now for the problem, My Freind was online playing a turn based game, last night. There was a power outage at his house, lasted less than a second he said, but long enough to shut his computer down, when he tried to reboot, it did, but once it gets to his desktop the computer freezes up..
This happens everytime, my freind just started his own small computer company and has access to some programs and things that I don't, he says he has program that runsoff of 6 floppy diskettes, that scan's the hard drive for errors and virus's, and he used it and since you run it by booting the pc with diskette #1 and then run thru the disks as they ask for them, and it does this before the computer boots-up that it worked, but to no avail it found no problems with the hard drive and no virus's.

So can anyone help us??
Thanks in advance to all those who try
Also I hope this is in the right Topic as I said this is my first post
 

A:Computer Locks up after booting to Desktop

Possibly a single corrupted file, what OS is your friend using? It may be the case that a simple "over the top" install will solve the problem if the errors lie within the OS startup files.
 

2 more replies
Answer Match 47.04%

Hello,

I recently started getting intermittent freezes at the welcome screen or desktop (No new programs had been installed for weeks). At first, they happened every few reboots, and progressed to the point of happening after each reboot.

A few days ago I decided to perform a clean install in an attempt to track down the issue. After the installation completed, I installed the motherboard drivers and let Windows begin the automatic updating process. The computer worked fine until this morning, when I encountered my first freeze. Aside from the windows installation, here are the programs I have installed:

Mozilla
Google Chrome
Steam
Deathadder (drivers)
Nvidia Experience (drivers)
Filezilla
CCleaner
Origin (for BF3)
Core Temp (Monitor CPU Temp)
Itunes
TeamSpeak 3
Microsoft Office 2010
MSI Afterburner (Monitor GPU Temp)

The only programs installed today were MSI, Nvidia Experience and Itunes.
My computer loads safe mode w/networking each attempt. It also loads Windows when I perform a selective start using no services or start items, and when only Microsoft services are de-selected.
I use CCleaner for the purposes of clearing temp. files and do not utilize the registry cleaning portion.

Should I assume a Microsoft service is the culprit?

How should I go about troubleshooting this issue?

Thanks,
Daniel

A:Computer Freezes/Locks at welcome screen or desktop

  
Quote: Originally Posted by dewviking




My computer loads safe mode w/networking each attempt.


Hi dewviking.

Boot into Safe mode with networking and post it following the Blue Screen of Death (BSOD) Posting Instructions.

It will help us to answer your question properly.

9 more replies
Answer Match 47.04%

Hello. I was sent here from my previous thread http://www.techsupportforum.com/forums/f10/pc-desktop-sometimes-freezes-up-800034.html#post4911298
to see if my PC desktop's constant freezing is from malware.

Here's DDS:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Dashel R at 5:16:01 on 2014-02-22
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.285 [GMT -8:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.e... Read more

A:Desktop Frequently Locks Up Malware Check

Bump, please; it has been four days.

3 more replies
Answer Match 47.04%

Alright so, i am usin Win xp SP2 32 bit, to start it off. I bought this pc off a friend, it runs good other than the random freezing/locking up (sometimes) and random pc restarts. It mainly does it when im playing games, or i can just be on the desktop browsing the web or anything and it'll lock up sometimes. When i mean lock up i mean totally lock up as in cant move the mouse, cant ctrl alt delete, nothing everything is frozen solid. Also a day or 2 ago, my PC got 2 bluescreen errors in game and pc restarted. Any help is appreciated, and if you need any more information i'll be gladly to post
 

A:Desktop randomly freezes/locks up and restarts PC

What did the errors say and how much ram is in your gaming pc and what graphics card are you using.
 

12 more replies
Answer Match 47.04%

Computer starts bootup and passes HP logo screens and gets to user selection boxes and freezes. Touch pad won't move pointer. Have tried in safe mode and same result. Tried Fn F7 no result. Tried old restore disk and cd drive works but does not show any files. Don't have old Win XP disks. Have tried holding down power button and that does not work. Am hoping to find a boot disk that will work without screen pointer to try and fix problem without any action by user until fix is made. Thanks for help. 

More replies
Answer Match 46.62%

All of a sudden , my desktop shortcuts wont work for web sites such as google,IE explorer,redhatsociety etc
the only short cuts that work are those related to programs i have installed
when I click shortcut for google..it says opening and has an IP addy and thats it
I did download Hijack this and have a copy of what is listed

Logfile of Trend Micro HijackThis v2.0.0

(BETA)
Scan saved at 10:48:42 AM, on 5/27/2007
Platform: Windows XP SP2 (WinNT

5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Common Files\Symantec

Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec

Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\WIDCOMM\Bluetooth

Software\bin\btwdins.exe
C:\Program Files\Common Files\Creative

Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft

Shared\Media Manager\airsvcu.exe
C:\Program

Files... Read more

A:IE Explorer locks on desktop wont open google

7 more replies
Answer Match 46.62%

We have several new Lenovo Thinkpad T450 laptops running Win 7, 64bit, 8gb ram, with the Lenovo Thinkpad Ultra Dock. Here's the scenario. I login to these T450's from another location using RDP from another Windows 7 pc\laptop. When finishned I disconnect the RDP session or logout. Now I'm back at the host laptop and the keyboard\mouse connected to the Ultra dock are non-responsive. So not locked out, they don't respond. The only way in is by restart of the laptop or occasionally I can unlpug and re-connect the keyboard and mouse. I've been hunting online and have had little luck. At first remote desktop didn't like to consistantly work so i found an artticle that had me update drives, network, vid card. Then another artilce that said to 'Do not play' audio during the RDP session. This helped so I can now consistantly RDP to the laptop. Still can't find information on why the keyboard become non-responsive. I'm not seeing drivers for the Ultra dock as I thought that could be the issue. Any assitance is appreciated. Thank you, Jim

A:Remote Desktop locks the keyboard\mouse after term...

We have multiple users complaining about this issue in our organization. We have T450s laptops running Windows 7 x64, 12 GB ram and with Lenovo Thinkpad Ultra Dock. It usually works to wait a few minutes (sometimes up to 10 min) before the keyboard and mouse that is attached to the dock starts working again. It would be great to get a solution to this problem. Thanks, Andri

3 more replies
Answer Match 46.2%

A virus or malware turns off scan and also won't let my computer start in normal mode, only in safe mode. Once an anti virus or spyware program has been stopped it will give me an error message that I don't havev permisson to run the program if I try to restart it. I couldn't run hijack this for the same reason. Got a scan gmer before it was shut down.
Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz, x86 Family 15 Model 6 Stepping 2
Processor Count: 2
RAM: 2036 Mb
Graphics Card: Intel(R) 82945G Express Chipset Family, 1 Mb
Hard Drives: C: Total - 131061 MB, Free - 92358 MB;
Motherboard: IBM, IBM, ,
Antivirus: System Shield, Updated: Yes, On-Demand Scanner: Disabled
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-08-29 20:29:27
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-c ST3160212A rev.3.AAE
Running: h743u4dp.exe; Driver: C:\DOCUME~1\Michael\LOCALS~1\Temp\pxtdypow.sys
---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Tcp aswRdr.SYS (avast! TDI RDR Driver/AVAST Software)

---- Threads - GMER 1.0.15 ----

Thread System [4:492] F753F105
Thread System [4:496] F753F105

---- EOF - GMER 1.0.15 ----
 

A:virus turns off and locks anti virus program

I've requested that your thread be moved to the proper forum, the Virus & Other Malware Removal forum.
 

1 more replies
Answer Match 45.78%

I was having issues with a virus removal and inability to remove files from the original hard drive in my Dell Vostro 1500, but needed a working laptop. so I replaced the hard drive with a 250 GB Western Digital Scorpio Blue drive (SATA 8MB/5400 RPM).

Installation and formatting went fine. I installed XP and then required drivers from the resource disk from Dell, followed by a few hours of updates from Windows Update. I then installed Kaspersky Internet Security, Carbonite, Adobe Reader, Flash, Shockwave, Evernote, OpenOffice, Malwarebytes, Ccleaner, Picasa, and started to download iTunes.

While everything was working fine, and I was rebuilding my software library, I noticed that the system locked up. I couldn't even shut down or stop running processes. I've tried disabling startup menu items like Bluetooth (which I don't need) and nuisance programs like Adobe and Google updater. I tried to do a selective startup to isolate the issue but can't determine if one particular thing is at fault. I ran diagnostics on the whole system and all systems, hard drive, etc checked out.

I started it in safe mode with networking and was able to keep it running that way, but still wonder if this is a hardware issue since there is nothing on this system other than some basic programs that ran just fine together on the older hard drive. One process that was running in the background was the download of backed up files from the Carbonite server.

Does this seem like it ... Read more

A:Replaced hard drive, now it locks up shortly after desktop appears

jjmn said:


Edited to add: It's been running just fine all day in Safe Mode with Networking. How can I isolate what is causing the lockup?

Thanks!Click to expand...

With a Clean Boot troubleshooting procedure. Run it for both Services and Startup items.
 

1 more replies
Answer Match 45.36%

 Attach.txt   11.47KB
  0 downloads
 ark.txt   3.01KB
  0 downloadsSo far I've managed to contract a couple different types of viruses (half of them from antivirus programs or cleaners), failed miserably at a system restore (Backup just threw everything in with no rhyme or reason-unrelated files together in same folder and some even in a folder, files and folders put in places they don't belong, duplicates, etc. The COMPUTER doesn't even know where it put them), deleted vital files and folders, restored the registry to the last good, which happened to be a day when I had the Avira desktop virus AND my keyboard didn't work due to IDVault, and restored the registry to around the time dinosaurs roamed the earth.Last night, after a failed installation of installer files, most of my drivers stopped working. I'm getting Errors 3, 31,0x80004005 and some I can't remember and when I go into Microsoft Defrag, the bar is almost completely red. My CPU's are at 100%. . I tried lowering priority of winlogon and csrss, but it says "access denied." It also says that when I try to do anything with Avira in Services. I can't find any form of the word "Avira" when I search, but you see on the log that it's there's a file called "avgio" and a couple others. I tried to run system restore again this morning, but it kept saying nothing was changed when I logged back on. My compu... Read more

A:Google Redirect, Antivir Desktop Virus, Windows Update Virus, Lost Desktop, Failed System Restore (twice), Drivers/ Installer N...

There was a glitch when I was posting this so it doubled. How do I delete a post?

2 more replies
Answer Match 45.36%

So far I've managed to contract a couple different types of viruses (half of them from antivirus programs or cleaners), failed miserably at a system restore (Backup just threw everything in with no rhyme or reason-unrelated files together in same folder and some even in a folder, files and folders put in places they don't belong, duplicates, etc. The COMPUTER doesn't even know where it put them), deleted vital files and folders, restored the registry to the last good, which happened to be a day when I had the Avira desktop virus AND my keyboard didn't work due to IDVault, and restored the registry to around the time dinosaurs roamed the earth.Last night, after a failed installation of installer files, most of my drivers stopped working. I'm getting Errors 3, 31,0x80004005 and some I can't remember and when I go into Microsoft Defrag, the bar is almost completely red. My CPU's are at 100%. . I tried lowering priority of winlogon and csrss, but it says "access denied." It also says that when I try to do anything with Avira in Services. I can't find any form of the word "Avira" when I search, but you see on the log that it's there's a file called "avgio" and a couple others. I tried to run system restore again this morning, but it kept saying nothing was changed when I logged back on. My computer has been very slow, files are missing, in the wrong place or corrupt, several drives and msiexec won't work, ... Read more

A:Google Redirect, Antivir Desktop Virus, Windows Update Virus, Lost Desktop, Failed System Restore (twice), Drivers/ Installer N...

Someone is helping me go through all the neccessary steps to remove whatever is infecting my IS. I will update when the issue has been resolved. Thank you

3 more replies
Answer Match 44.94%

I have a fake antivirus that pops up and locks the system. When this happens, nothing would work, not even Ctrl, Alt,Delete

Somehow I was able to access Add/Remove programs and deleted it. However, when I connect to the internet, it starts up again.

Also now there are the following icon shortcuts on desktop : pornotube.com nudetube.com youporn.com
Even after deleting these shortcuts, they reappear after turning computer on.

There may be other hidden things as well, like key-loggers.

I have no idea what to do, please help.

Here are the logs:
DDS (Ver_09-10-13.01) - NTFSx86
Run by Jude at 22:47:25.76 on Thu 10/22/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.529 [GMT -4:00]

AV: Active Security *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system... Read more

A:Fake antivirus locks the system, youporn.com appears on desktop. LOGS ATTACHED, Please Help

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

16 more replies
Answer Match 44.1%

I seem to have the "System Fix" virus. While my browser was open to both facebook and an economics website that I don't have an address for, a warning came on my screen about malicious software and then my screen went black except for two folder icons, Homegroup and Libraries, both of which appear to be empty. I then got a window called "System Fix" which appeared to be searching my computer for problems, found some, then asked me to buy software to remove it. I did not. After that, many windows popped up on quick succession titles "Windows - Delayed Write Fail." And I also get a window popping up that is titled "Files indexation process failed." Additionally, I get numerous assorted messages popping up that make it sound like my hard drive is failing, but an internet search revealed that these are produced by the virus.

My pc is useless right now. The log files I've posted here disappear within minutes of creating them.

I'm desparate for some help. Thanks in advance.
Jim

DDS - Notepad

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Jim at 15:26:16 on 2011-12-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8190.5290 [GMT -5:00]
.
AV: Spyware Doctor with AntiVirus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spyware Doctor *Enabled/Updated* {94076BB2-F... Read more

A:caught "system fix" virus - posting logs separately because they disappear

Attach - Notepad

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/21/2009 11:31:45 AM
System Uptime: 12/3/2011 3:10:46 PM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA770T-UD3P
Processor: AMD Phenom(tm) II X4 965 Processor | Socket M2 | 3415/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 932 GiB total, 717.462 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 932 GiB total, 412.145 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP339: 11/8/2011 6:19:20 PM - Windows Update
RP340: 11/9/2011 3:00:26 AM - Windows Update
RP341: 11/11/2011 3:00:27 AM - Windows Update
RP342: 11/11/2011 11:07:22 AM - Installed Steam
RP343: 11/11/2011 11:22:32 AM - Installed DirectX
RP344: 11/12/2011 3:00:24 AM - Windows Update
RP345: 11/15/2011 6:19:39 AM - Windows Update
RP346: 11/22/2011 3:31:52 PM - Windows Update
RP347: 11/29/2011 3:18:52 PM - Windows Update
RP348: 12/2/2011 4:02:42 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Ph... Read more

3 more replies
Answer Match 43.68%

ok, my artners sister phoned me last week about her notebook laptop saying it wont go to her desktop and only shows a metropolitan police thing saying illigal activity saying you have been downloading illigal music pay ?50 to get you computer unlocked, and now it just loads up to a white screen saying....

"please wait while the connection is beeing established" and something in another language underneath that

i read that its a virus and scam to get money out of people so i backed up what she wanted to keep and then tried to boot into safe mode and that just loads to a white screen and every other option accept 1 option that said repair your computer so whent there and tried to do a re install of windows but i get a error message on the second step of installing windows i cant tell you the error as i cant get into it now as it keeps booting upto startup repaire...

done a start up repair and the root cause was...

root cause found
the operating system version is incompatible with startup repair


i even tried using this trojen killer but get error when trying to run it http://remove-malwares.blogspot.co.u...ow-to-fix.html

what i normaly do when i access the files on the computer is start it up then press F8 and then select repair computer and go on command prompt and type notepad then enter then notepad starts up click file/open and then change it to all from .txt and i can access files on the computer but i cant now as it keeps booting to s... Read more

A:virus locks computer

See the article on this particular "Ransomware" Encyclopedia entry: Trojan&#58;Win32&#47;Ransirac.G - Learn more about malware - Microsoft Malware Protection Center

8 more replies
Answer Match 43.68%

Seemed to have caught the redirect virus. It redirects to other websites from google, it doesn't do it on every one so sometimes I think I get rid of it but then it will come back. I've tried everything I could find posted by other people on the internet. Tried Malwarebytes, Hitman Pro 3.5, Avast, TDDsKiller, McAfee (my usual virus protection), Microsoft Security Essentials, SpyDoctor, etc. etc.. I uninstalled McAfee and tried the Microsoft to see if that would catch something. At times the programs have caught stuff but it just seems to come back. I've tried other things that I've seen online about it like resetting the router, flushing DNS, etc. Nothing seems to be working. Any help is greatly appreciated.

Here is the HijackThis log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:40:54 PM, on 5/1/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\... Read more

A:"google redirect virus" - caught this and can't get rid of it-PLEASE HELP

Here is my DDS log and attached is the attach log:

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Matthew at 9:56:38.78 on Mon 05/02/2011
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.1187 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C... Read more

3 more replies
Answer Match 43.26%

So i purchased Ad-aware and ran a full scan before i went to bed last night. Woke up and it was frozen after running for 11hours straight...That's actually the farthest it made it. Not sure how to post a hijackthis log?

Edit: Figured out how to use hijackthis.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:29:05 AM, on 1/6/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Users\BATT\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Users\BATT\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1... Read more

A:Computer Locks Up During Virus Scan

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/436617 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

74 more replies
Answer Match 43.26%

Whatever it is it doesn't like HiJackThis.exe. It keeps modifying what I have on the USB drive as well as the system.This is the log I got:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:37:31 PM, on 12/16/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\brss01a.exeC:\WINDOWS\system32\Brmfrmps.exeC:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYSC:\WINDOWS\system32\svchost.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\ScanSoft\PaperPort\pptd40nt.exeC:\Program Files\Brother\Brmfcmon\BrMfcWnd.exeC:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exeC:\Program Files\Java\jre1.6.0_01\bin\jusched.exeC:\Program Files\Co... Read more

A:New Virus that locks taskmgr, registry

Hmmm, I have had no response on this.

I tried installing a fresh copy of XP Home on a separate disk, but somewhere along the line it got infected by something.

The only things I did were:

1. Install XP from CD
2. Run windows update three times to get all the updates.
3. Download Malware Antibytes from their web site, install it and run it.
4. Install HijackThis and run it.
5. Install Firefox 3.0.4 which I happened to have on a flash drive (which had been previously infected).

I am reinstalling again to see which of those steps cause the infection. I hope it is not MalwareAntibytes or HiJackThis.

3 more replies
Answer Match 43.26%

I've been trying to get rid of this virus LiveSecurityCenter or SpyMAxx or AntiSpystorm 2008 . It has hijaked my task manager so I cann't stop the exe file. I have changed the registry files but that has been no help. Not sure how to find the virus either. Here is an attachment of my main and extra files. I use the Microsoft firewall so I hope you may have a better rec on a fire wall. Thanks!!!

A:Virus That Locks Task Manager

Here is HiJackThis LogLogfile of Trend Micro HijackThis v2.0.2Scan saved at 8:01:12 AM, on 4/28/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\wmsdkns.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeC:\WINDOWS\stsystra.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\Program Files\Java\jre1.6.0_05\bin\ju... Read more

2 more replies
Answer Match 43.26%

So, my ex as a parting blow downloaded some fun virus for me. I managed to get rid of some of it, but now I'm stuck so I turn to the pros. I used Malwarebytes to remove it, but now the laptop locks up after a period of time. I also get a bluescreen when I run GMER. The last error was PFN-List-Corrupt. Here is the rest of the information, thanks for the help pros!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:07:23 PM, on 1/5/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18542)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\ju... Read more

A:Laptop locks up after virus removal

*bump* any help is appreciated.
 

1 more replies
Answer Match 43.26%

Having all sorts of weird problems including the screen going yellow and locking-up. Any help is greatly appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:47:10 PM, on 10/27/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\LTMSG.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Updater.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\av... Read more

More replies
Answer Match 42.84%

Hello,

My computer locks up while using internet explorer. It also locks up during shutdown. It seems to run fine if I am doing anything else.

So far, I have tried:
Clean up
Spybot
Ad Aware
Avast virus scan

Here is my HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:05:44 PM, on 4/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGR... Read more

More replies
Answer Match 42.84%

In windows Security Center the Virus protection NOT FOUND. Click here to get Antivirus Pro 2009 License. But it will not respond it lock up the computer. I tried to delete it in add/remove program and cannot find . also my computer only operates in windows XP safe mode only. If I try to use it the regulator way it keeps running antivirus pro 2009 update pop up windows and nothing else.
 

A:anti virus protection locks up computer

9 more replies
Answer Match 42.84%

I am unable to complete a virus scan. After running to a certain point the following error message appears and the scan stops:"NAVW32 has caused an error in MSVCRT.DLL. NAVW will now close".
Using NortonSystemworks 2002 with Windows ME. I have reloaded Norton several times and have restored several times. Please HELP !
 

A:Norton virus scan locks up with error msg.

7 more replies
Answer Match 42.84%

Last 2 days Thursday and Friday, I have been having problems with TSG.
Every time I get on, my computer locks up and I have to hit the reset switch.
Today (Friday) it locked up, and when I reset the computer & things began to reload it stopped and said there was a "CMOS Checksum" error, and the date had reset to Jan. 1 1998 in the CMOS settings.
I reset the clock, restarted the comp, and while loading, Windows put a box onscreen to effect it was rebuilding a driver database (but not which one).
Is this caused by a Virus or perhaps something in one of the Java0type ads that IE5.5 can't handle correctly.
The problem first showed up when the ad re "Catch the Bouncing Ball!" showed up.
:
Time its taken me to type this in is longest time I've been able to use TSG since Wednesday nite.....
 

A:TSG SITE Locks up computer ... is this due to Virus... or Java Ads??

6 more replies
Answer Match 42.84%

I'm on a XPpro SP3 laptop. Got infected by a fake antivirus software. Cleaned it with mbam. Worked for a day, immediately infected by a DIFFERENT fake antivirus software. Cleaned it with mbam also. I noticed that all my google links were redirecting to fake or attack sites. Read the forums, downloaded and ran Ccleaner, Free Window Registry Repair. Downloaded DDS and Combofix. Tried to run DDS for the log, but it locks up the computer.What next?MOD EDIT: Do this ,when done I will clean thos a bit.~~ boopmeHello, try to use OTL instead of DDS. 1. Please download OTL from one of the following mirrors: This is THE Mirror
2. Save it to your desktop.
3. Double click on the icon on your desktop.
4. Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
5. Push the Quick Scan button.
6. Two reports will open, copy and paste them in a reply here: OTL.txt <-- Will be opened Extra.txt <-- Will be minimizedThis is the log after restoring a ... Read more

A:Google redirect virus. DDS locks up, can't get logs.

Clear your Java Cacheclick on Start-> Control Panel (Classic View)-> Java (looks like a coffee cup)
On the General tab, under Temporary Internet Files, click the Settings button.Next, click on the Delete Files buttonThere are two options in the window to clear the cache - Leave BOTH Checked
Applications and Applets
Trace and Log FilesClick OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.Click OK to leave the Temporary Files WindowClick OK to leave the Java Control Panel.TFC(Temp File Cleaner):Please download TFC to your desktop, Save any unsaved work. TFC will close all open application windows.Double-click TFC.exe to run the program.If prompted, click "Yes" to reboot.Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.: Malwarebytes' Anti-Malware :Please download Malwarebytes' Anti-Malware to your desktop.
Double-click mbam-setup.exe and follow the prompts to install the program.At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select Perform quick scan, then click Scan.When the scan is complete, click OK, then Show R... Read more

16 more replies