Tech Problem Aggregator

Antivirus Scan. Completed Self-Help But Still Infected

Q: Antivirus Scan. Completed Self-Help But Still Infected

I am running windows vista and a couple months back I got the Antivirus Action and used the guides here to rid the problem successfully. Twice. Thanks for the guides.

I got Antivirus Scan now and I went through the steps in the guide for this issue. Unfortunately I am still infected. I have tried the process again, however RKill and MBAM find nothing. I am able to run in Safe Mode (which I am doing now). When I first start safe mode Firefox does not attempt to use the proxy (and does not need the setting changed) IE does still require the proxy fix.

I'm hoping to avoid completely restoring the system...any advice? Thank you.

More replies
Answer Match 75.18%

Hello Friends

I believe my PC is infected.
Day before Yesterday night I had a complete scan of my PC using AVAST antivirus and it did not show any infection.I keep my antivirus software completely

upto date I have a screensaver which when avtivated, activates the avast antivirus to scan files randomly and ist displayed on the screen. After complete

scanning of my PC later in the day when the screensaver activated the avast antivirus to scan files randomly, it detected the following VIRUS infection -

Win32:Trojan-gen in couple of my installed software application which I had not used last couple of days.I moved the files to the virus vault.
In addition to AVAST AV I have installed the following PC protection softwares and I keep them upto date.

Spybot Search & Destroy
AVG Free 8.5
Ad-Aware
Spyware terminator
Malwarebytes Anti- Malware
Windows Defender

I scanned using the above softwares and the results were negative.

Two days back AVG Free AV reported the software app for playing DVD files on my PC as infected,the infection being Trojan horse Generic14.FPT. I immediately

uninstalled it and tried to do a fresh installation of the same app (HERO DVD player)and during installation I again got the warning saying the installation

file is infected. Is it possible for the only single installation file (Set up file) to get infected if its not touched for a long time. Similarly the main

setup file of some other app were also reported as infected although they h... Read more

A:initial Antivirus scan ok subsequent immediate antivirus scan shows as infected...

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 67.62%

Hello I have been trying to get rid of the malware "Antivirus Scan". It is a fake antivirus software that redirects internet explorer and comes up with fake infection messages. I believe I have gotten rid of the program itself, but my internet is the only problem. It never loads anything! When you go to internet explorer, it just keeps saying "Connecting" but never finishes. I ran Malwarebytes to initially get rid of it and it got me to this point. Now, I ran HijackThis and this is the log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 2:21:54 PM, on 1/22/2011Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exec:\Program Files\Microsoft Security Essentials\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\WLKeeper.exeC:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\... Read more

A:Infected with "Antivirus Scan" (fake antivirus software)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the ... Read more

5 more replies
Answer Match 63.84%

After following the prep guide for removing malware, I couldnt create any of the logs. I can download the programmes but when i try and run them I get this message 'Application cannot be executed. The file cmd.exe is infected. Do you want to activate your antivirus software now?' as I do when i try and run any .exe.

A:Infected with antivirus scan

Hi JoelyHarrison,Welcome to Virus/Trojan/Spyware/Malware Removal (VTSMR) forum. I am going to assist you with your problem.Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. In case of making changes I shall assume my assistance is not needed any more. Thank you.I read from your previous post that you have run Malwarebytes, so you should be able to run .exe? Please tell me the version and edition of your Windows. Also tell me if you have a Windows Vista or Windows 7 whether it is x32 (x86) or x64 bit system.
Please download OTL by OldTimer.Save it to your desktop.Double click on the OTL icon on your desktop.Check the "Scan All Users" checkbox.Check the "Standard Output".Click Run Scan button.Two reports will open, copy and paste them to your reply:
OTL.txt <-- Will be openedExtra.txt <-- Will be minimized[/list]If you need to rename OTL.exe to otl.com or otl.scr to run it please first do the following:Please set your system to show all files: Click Start, open Control Panel, open Folder Options.Select the View Tab. Under the Hidden files and folders heading, check Show hidden files and folders.Uncheck: Hide file extensions for known file typesUncheck: Hide protected operating system files (recommended) option.Click Yes to confirm.

4 more replies
Answer Match 63.84%

I've been trying to get rid of these spyware scams for months now. Each time I think I've gotten rid of one, another one shows up with a different name a few weeks later. This time it's going by the alias of AntiVirus Scan (the last one was HDD Doctor). I can't access the key programs to get rid of it unless I'm in safe mode with networking, but when I am they don't realize there's anything wrong with my computer. I just fixed the computer's dvd-drives yesterday, so I haven't had a chance to install a new anti virus program. I know if I do a system restore it will go away (at least for a while), but I just patched a game yesterday and the last restore point is from the 29th. I'm hoping someone can tell me what to do here. Last, but not least, I have to use the programs for posting in safe mode, as AntiVirus Scan won't allow me to open (it tells me they're infected, like everything else), so I could only scan Services, Registry, Files (C:/), and ADS in GMER. The scan didn't yield any results to post. Thanks for any help with this nasty problem, it is MUCH appreciated!
DDS (Ver_10-12-12.02) - NTFS_AMD64 NETWORK
Run by Teresa & Ronnie at 2:44:01.67 on Sat 01/01/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3839.3124 [GMT -6:00]

AV: Norton Internet Security *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Webroot Internet Security Essentials *Disabl... Read more

A:Infected with AntiVirus Scan

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:

msconfig
safebootminimal
activex
drivers32
netsvcs
%SYSTEMDRIVE%\*.exe
/m... Read more

2 more replies
Answer Match 62.16%

Ok, I think I'm doing something wrong here.

So, I'm "surfing the net" and all of a sudden a windows pops up on my screen that says I have 40 infections! Well, I've been on the internet since 2005 so I'm very experienced and I know that infections are bad. I really appreciate the nice folks at Windows Antivirus 2009 performing a free system scan on my Gateway machine so I called the number to thank them but no one answered. They must be busy solving peoples infection problems.

Fortunately though there was a remove button and all it would cost is 29.95. This is a good deal since it is less than $1 per infection. I bought the service and it said that all infections had been removed! I thought that would be the end of that but I guess I was wrong....

The next day I'm "surfing the net" and again I see that I have 40 infections! Now, I worked in the computer department at Best Buy so I'm usually pretty good about avoiding infections but this time I must not have been very vigilant because I keep on doing something that is getting infections on my machine. I'm definitely gumming up the works.

So, I again had to pay 29.95 to get my infections removed (The windows antivirus people let you do this as many times as you want, they don't only let you remove infections 1 time a year like the people at Norton or McAfee for example) and again my infections were removed.

Wouldn't you know it? The next day when I'm using my Friendster account I again have 40 ... Read more

A:Antivirus system scan keeps on telling me I'm infected!

Hello and Welcome.

I'm not sure where you're surfing, but I suspect it's not always in the safest of places.

You've been had.

http://www.google.com/search?q=Windo...tivirus%202009

These things you've paid for are rogueware or scareware. They pop large warning messages that you've been infected, and of course are more than willing to "help you remove" what they themselves either placed on the machine, or have created false detections for, for a fee.

If you've paid for these with a credit card, you may have some recourse by disputing the charge.

If you want help with removing any current threats, and help protecting the machine against future threats, follow these instructions...

========================

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed. I currently have as many open topics as I can effectively handle; this will have you back in queue with t... Read more

1 more replies
Answer Match 62.16%

I read your guide regarding the Antivirus Scan virus. I am getting all of the messages / popups shown. I ran antimalware bytes but it did not produce any results. Also, I am not able to connect to the Internet to run or submit the scans that you say you need. While in Safe Mode with Networking, I followed the steps you listed but it still will not connect. Please advise how to proceed. Thanks.

A:.exe files infected popups (antivirus scan)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.[b]If you have since resolved the original problem you were having, we would appreciate you letting us know. I see from your post that you are unable to run get the logs we need, so if you still require help, please just post a confirmation here.Thanks!Casey

2 more replies
Answer Match 61.32%

Export SharedTaskScheduler key
------------------------------
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

A:Smitrem And Rogue Scan Completed... Still Need Help.

If your still having problems after using the self-help guide, then please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may have performed some of these steps already. About half way down are instructions for downloading HijackThis and creating a log.When you have done that, post a log in the HijackThis Logs and Analysis Forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and reply with instructions advising you what to fix.Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff ... Read more

1 more replies
Answer Match 60.9%

Granddaughters computer...she asked her Granny for help. Before I went to your website, ran AVG free scan and installed and ran Malware Bytes. Did not realize that IE7 was also infected, so tried to install IE8, but it failed. Once I found your removal guide able to get up to RKill downloan but it won't executed, get blue screen with either "Multiple IRP Requests" or "Driver IRQL Not less or equal than errors." In preparation to submit this request for help ran "Defraggle", CCleaner, Chkdisk, but unable to backup files. Cobian Backup gives 'error message not enough disk space" on my external drive, which has more then enough space. Attempted Window Vista backup, get 'your backup configuration is not valid. review your backup settings (OX8100029), and DriveImage XML asks that your ensure Window Updates are installed, and you guessed it I get 'Windows error code 80072EFE'. Also get Rundll error "Error loading Windows/system32/diskator.dll" when system starts. Since I have not backed up any data, I am concerned as to how to get that done before fixing the other problems. Your help is greatly appreciated, as I feel I may have run to the end of my experience level.Logs/files attached.
DDS (Ver_10-12-12.02) - NTFSx86
Run by Nana at 19:38:41.73 on Wed 01/05/2011
Internet Explorer: 7.0.6002.18005
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3000.1721 [GMT -6:00]

AV: AVG Anti-Virus Free... Read more

A:Infected with Antivirus Scan plus Windows blue screen errors

Hello, and to the Malware Removal forum! My online alias is Blade Zephon, or Blade for short, and I will be assisting you with your malware issues!If you have since resolved the original problem you were having, we would appreciate you letting us know.In the upper right hand corner of the topic you will see a button called Watch Topic. By clicking this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Before we begin cleaning your machine, I'd like to lay out some guidelines for us to follow while we are working together.I will be assisting you with your malware issues. This may or may not resolve other problems you are having with your computer. If you are still having problems after your machine has been determined clean, I will be glad to direct you to the proper forum for assistance.Even if things appear better, that does not mean we are finished. Please continue to follow my instructions until I give you the all clean. Absence of symptoms does not mean that all the malware has been removed. If a piece of the infection is left, it can regenerate and reinfect your machine. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.I ask that you please refrain fro... Read more

25 more replies
Answer Match 60.48%

Due to innactivity - as I have been out of town - my last thread in the Hijackthis forum was closed. My previous thread is located at:

http://www.techsupportforum.com/secu...nctioning.html

Chemist told me that I should clear up unused programs, pictures, and music, and I am going to begin doing this as soon as I finish this post.The last thing that I was told to do was to download and run combofix. I followed all of the instructions and this the log that was displayed following the ComboFix scan:




ComboFix 08-12-23.01 - Owner 2008-12-23 13:53:03.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.959.619 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\ComboFix.exe c:\documents and settings\Owner\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
.
The following files were disabled during the run:
c:\windows\TWF0dCBIdWJlcnR5\asappsrv.dll


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Rabio
c:\documents and settings\LocalService\Application Data\NetMon
c:\documents and settings\LocalService\Application Data\NetMon\domains.txt
c:\documents and settings\LocalService\Application Data\NetMon\log.txt
c:\documents and settings\LocalService\cftmon.exe
c:\documents and settings\Owner\App... Read more

A:Continuing my last thread. Completed Combofix scan...

Hello again, Tommy1073.

Please copy this page to Notepad and Save it to your Desktop in order to assist you when carrying out the following instructions.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding.
Ensure that there aren't any opened browsers when you are carrying out the procedures below.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

------------------------------------------------------

One or more of the identified infections is a backdoor trojan.

This type of infection allows hackers to remotely control your computer, log keystrokes, steal critical system information, and download and execute files without your knowledge.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Please read this: How Do I Handle Possible Identify Theft, Internet Fraud, and CC Fraud?

------------------------------------------------------

You are using an outdated version of HijackThis. Please uninstall HijackThis 1.99.1 in the Add or Remove Programs section of your Control Panel and delete your current version.

-------------------------------------------------... Read more

2 more replies
Answer Match 60.48%

This a Tiny URL of the 2 mile long link by Symantec and my problem:
http://tinyurl.com/arngx
For some strange reason my NIS 2003--the NAV part of it--is giving me a warning that a complete scan of my hard drive was not completed. I have had WinXP Pro set for automatic scan each Friday since I installed NIS last November on WinXP. Would a System Restore be in order? And if so, how would I do that? I was out of town each of the past 2 Fridays and those scans were not done. A scan would be done tomorrow night but now, of course, that will not be done because of my problem. I have the NIS installation CD but I do not want to have go through that "**((#" uninstall/reinstall routine again. (I had to do that with NIS 2002 just a few days ago for some other reason. Not resolved either so I switched to AVG.)
In addition to this scan problem, my virus definitions were not updated even though automatic updates are set to be done so I went to the Symantec site and downloaded/installed the latest updates so I am not worried about that.
Does anyone have a work around the problem I have posted? And I hope I have described the problem well enough for someone to help me. As usual, TIA.
BTW, I have been using NIS/NAV for several years and all of a sudden I begin having problems. Puzzled!!
EDIT: I have just run Panda and Trend Micro Housecall and both gave me a clean bill of health
 

A:Hard Drive Scan not completed per message

6 more replies
Answer Match 60.48%

Appreciate any help!  FBI virus has PC locked.  Only can run in Safe Mode/prompt.  Download/scan w/ FarBar Recovery Tool. Scan is completed and FRST txt posted below.  What to do next?  Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2013Ran by SYSTEM on 07-05-2013 10:12:43Running from F:\Windows 7 Ultimate (X64) OS Language: English(US)Internet Explorer Version 9Boot Mode: RecoveryThe current controlset is ControlSet002ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.==================== Registry (Whitelisted) ==================HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice [2839840 2010-03-24] (ESET)HKLM-x32\...\RunOnce: [*EvtMgr32] C:\Users\Brian\AppData\Roaming\{34184A35-0401-272E-2D21-1D000D07C131}.exe [326656 2013-05-06] (exono GmbH)HKLM\...\Winlogon: [Shell] C:\Users\Brian\AppData\Roaming\{34184A35-0401-272E-2D21-1D000D07C131}.exe [x ] ()HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$01d4dcc8a2b2cdd91d89f3f95b21d31c\n. ATTENTION! ====> ZeroAccessHKLM-x32\...\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry [x]HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [31016 2006-10-26] (Microsoft Corporation)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Re... Read more

A:FBI - Virus - Already have FRST scan completed and posted

Hello blenny I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", ... Read more

20 more replies
Answer Match 60.06%

hello

after scanning, Shields up reported port 443 is open.
I'm hoping to stealth my system.

my system-
xp home sp3
browsers-google chrome-ie8-
kaspersky kis 2010 459.0.0.0 trial edition
wifi internet

let me know if any further info is needed

thanx

A:port 443 reported open-after grc shields up scan completed

Do you not want to connect over SSL?

2 more replies
Answer Match 58.38%

Almost every time I do quick scan and got nothing and I think it is good. However, I just read online, it says that when quick scan does not find anything then you do deep scan. It confuses me, since it means I should do deep scan all the time. ?
 

A:quick scan vs deep scan/full scan ( antivirus )

the 1000$ question is
which anti-virus
ON windows defender and malwarebytes and many others only a quick scan is necessary
The converse of what you have read is usually the case eg. You do a quick scan and only if that finds something should you then need to follow it with a full scan
For instance a threat scan on Malwarebytes paid for edition or the scan on the free version will scan up to 99% of the system
A full scan also scans the system restore points and other unusual places to detect, or at least try to detect, all possible traces of infection.
As I said it depends on the AV and to some extent the OS which I presume is not Windows 2000 as indeed commented on by my colleague Cookiegal in another of your topics
Also, it appears you're running Windows 7 and if you don't still have your Windows 2000 computer you should visit your profile and change that information so that it's current which makes it easier to help you in some casesClick to expand...
 

13 more replies
Answer Match 55.44%

A neighbor brought over his computer since he knows I help folks with infections.  It appears he already ran and removed infections found with SAS Portable and MBAM.  I can include those logs if you like so let me know.
 
DDS Log
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.25.2
Run by HP_Administrator at 12:32:46 on 2013-08-16
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.958.456 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalS... Read more

A:Infected PC with some Removal Completed

Attached file ...

3 more replies
Answer Match 54.6%

My computer was at a crawl, even step from booting to loading the desktop and beyond took at least 50x as long. But in Safe Mode, it was running only a little slower than usual, so I suspected a virus or malware. Attempts at using AVG antivirus's command line scan in Safe Mode was met with messages such as 'Boot Sector Hidden' or something like 'Processes scanning failed'.
Desperately I tried to run CHKDSK. Seemed to solve the problem, but just after that, AVG antivirus crashed while scanning. Next day, I try again, AVG seems to work detecting no threats, and Malwarebytes detected nothing too.
NOW I want to make sure my computer is virus or malware free. Please help me, this is my only laptop.
I have Hijack this logs, but there is some error message about hosts files, I can post them if you want.. I tried aswmbr anti root kit , but the program always crashes just as it's checking sysmain.dll
Some background: Awhile ago, I accidently installed some malware by not unchecking the right boxes while installing DAEMON tools. Found out it was messing with my browser, so used Spybot Search and Destroy plus Malwarebytes anti-malware, found some malware uninstalled them, also remove them through Control Panel. Seemed fine. until a day later when I accidently turned off the mains power to the laptop, without any battery in. Then the slow down suddenly appeared. I have accidently done this before but it never had this effect.

A:aswmbr can't scan, Antivirus can't scan, Computer at a crawl from startup

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/539424 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

2 more replies
Answer Match 54.18%

Windows XP Home SP3
added some RAM so that it would run a little faster while I'm doing diagnostics

Have done a number of scans, using tools such as MBAM, SuperAntiSpyware, and AVAST

Have done these scans at safe mode, and at boot time (for AVAST)

Several dozen infections and problems removed, including Vundo, several trojans, downloaders, and malware.

Have disabled suspect entries in msconfig.

This system has AT&T Internet Security Suite, which seems to include some McAfee components.

msconfig / startup shows the following (some are not included in my list that I think are not suspect):
Titanshield Antispyware
AT&T Internet Security (3 entries)
McAfee (3 entries)
AOL (5 entries)
GWMDMMSG
GWMDMpi
SK9910DM

I disabled these in msconfig, and still got the 2 popups / problems noted below. After that I re-enabled all of these.

The HD works hard, spins a lot, and does lots of accesses for several minutes on boot.

The system is running a lot better and faster since I've started working on it a few days ago, but . . . .

A number of symptoms have been rectified, but . . . . .

Here are the latest symptoms:

On boot, there have been 2 popups / messages / problems.

Here are the 2 popups / problems I have been getting:

1.
McAfee VirusScan
McAfee ActiveShield has found a suspect file in your computer. McAfee strongly recommends that you scan your computer now.

2.
AT&T Internet Security Suite
The proxy component failed to initiali... Read more

A:Lots of cleanup completed, still infected [Moved]

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

3 more replies
Answer Match 53.34%

***EDIT**** Could someone please look at the info below and let me know if I should be worried about passwords being compromised? I have reformatted the drive, so I don't need help with removal, but I want to make sure I'm not in trouble some other way. ThanksHey guys, I'm hoping you can help me out. I've gone through the prep, however I was not able to activate the windows Firewall. I have unplugged the PC from the internet and I'm using a flash drive to move files and logs back and fourth to another PC to post on here.Initially I was infected with Digital protection and Internet Security XP. I used malwarebytes to remove both of those, but I'm still infected. Sites are re-directing and I received a warning from ATT today that my pc is being used to send spam. I would just reformat my PC but it's about 5 years old Compaq Presario and I've lost the recovery disk, so I don't have an OS. I'm including the DDS log belowCODEDDS (Ver_10-03-17.01) - NTFSx86  Run by Compaq_Owner at 11:31:18.56 on Thu 04/29/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1023.499 [GMT -5:00]AV: Digital Protection *On-access scanning enabled* (Outdated)   {28e00e3b-806e-4533-925c-f4c3d79514b9}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchs... Read more

A:Infected with unknown Rootkit malware, Prep completed

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 53.34%

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by Home at 17:20:04 on 2014-03-08
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7928.5523 [GMT -7:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Flip Video\FlipShareServer... Read more

A:Windows 7 completed infected with malware/trojans/virus

Hello and welcome to Bleeping Computer,please run the following:Please download Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

21 more replies
Answer Match 53.34%

Mark -

Thanks for picking this up.

I successfully ran the DD-scr. Output files are attached.

The RootRepeal, though, had some problems running. Each time I tried to run it, after a couple of minutes ('Initializing, please wait'), I'd get a dialogue box that says: Windows - Virtual Memory Minimum Too Low. Your system is low on virtual memory. Windows is increasing the size of your virtual memory paging file. During this process, memory requests for some applications may be denied. For more information, see Help. OK.

The first time this happened, I waited about 10 minutes. I could not get a task bar, could not open up additional Windows Explorer or My Computer windows, and things froze up. There were partial windows left on the screen. After about 10 minutes I tried a clena shutdown and it stalled with 'An unexpected error has occurred that this application cannot recover from. It will now close. Exception code 3221225477. Exception address 00403E45."

Still wouldn't shutdown. I had to hold power button down to force shutdown.

Restarted, reset the Windows - performance -virtual memory settings to 'Let System Manage the size' (original settings were 'custom size, initial size 384 MB; maximum size 768 MB')

This system currently has 512 MB of RAM.

Rebooted, ran RootRepeal, and got the same msg about Virtual Ram is too low after it ran (Initializing, please wait) for a couple of minutes.

Thanks again for looking at this.

Sorry if I posted in the wrong place initiall... Read more

A:Lots of cleanup completed, still infected [Split topic]

Please close this request for assistance.

Thanks.

d.b

2 more replies
Answer Match 52.92%

Guyz pls help me this time my antivirus stops everytime i scan after few %
this happens everytime and even more pc reacts wierd usually, like stucks without no reason, take hours to do scan disk everytime pc gets restarted & many times delete the files
This is my recent Ewido scan result, as u say to run in safe mode with 3 ticks

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 9:25:14 PM, 9/11/2005
+ Report-Checksum: B1ABE987

+ Scan result:

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{669695BC-A811-4A9D-8CDF-BA8C795F261C} -> Spyware.PowerStrip : Cleaned with backup
HKU\S-1-5-21-2000478354-1682526488-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C} -> Spyware.PowerStrip : Cleaned with backup
C:\WINDOWS\homo.exe -> Backdoor.Rbot : Cleaned with backup
D:\WINDOWS\system32\[email protected]@@k.DLL -> Not-A-Virus.Tool.Game.HotHook : Cleaned with backup
D:\Documents and Settings\Kami\Local Settings\Temporary Internet Files\Content.IE5\HRN7H5GE\mm[2].js -> Spyware.Chitika : Cleaned with backup
D:\Documents and Settings\Kami\Cookies\[email protected][1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
D:\Documents and Settings\Kami\Cookies\[email protected][1].txt -> Spyware.Cookie.Targetnet : Cleaned with backup
D:\Documents and Settings\Kami\Cookies... Read more

A:AntiVirus Scan Stops after few percent Scan

From Norton

“This spyware may include an uninstallation tool named Uninstall.exe , which is located in the installation folder. The default installation folder is C:\Program Files\STAR.”
Fix these with HJT – mark them, close IE, click fix checked

O4 - HKLM\..\Run: [windll] D:\WINDOWS\system32\wsys.exe

DL http://www.downloads.subratam.org/KillBox.zip

Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

D:\WINDOWS\system32\wsys.exe

Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

Exit the Killbox.

Open Windows Explorer. Go to Tools, Folder Options and click on the View tab.
Make sure that "Show hidden files and folders" is checked.
Now click "Apply to all folders", Click "Apply" then "OK"

Delete these folders

C:\Program Files\STAR

START – RUN – type in... Read more

1 more replies
Answer Match 52.5%

Alright so I got this fake anti-virus from tvshack.cc, and have actually contracted it numerous times (what can I say, tv shack is amazing). Since then I have found an awesome add-on for firefox called NoScript, which blocks all the malicious crap from the site while still allowing the scripts that actually stream the videos through. I've been using this program for a couple weeks now and have not had a problem since. So, contracting this malware should no longer be a problem. The malware caused pop-ups showing fake scans, saying "buy our fake product to solve the issue we caused!" (k maybe not those exact words). It blocked me from being able to execute any application, erased my system restore points, interfered and changed the settings of programs, and would give me the Blue Screen of Death ("A problem has been detected and windows has been shut down to prevent damage to your computer"). Every time it happened, including the most recent, I cleared out most of it with updated versions of Malwarebytes Anti-Malware(first in safe mode, then normal mode) and SUPERAntispyware(normal mode only). However I'm still encountering some leftover problems. The Blue Screen of Death still occurs every once in a while (not nearly as much as it use to) resulting in an immediate and 'unexpected' shutdown. Some programs cannot be updated, installed, or activated. Superantispyware tries to update but a message error comes up saying superantispyware.exe i... Read more

A:Antivirus Software Alert (Fake Antivirus scan)

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.Double click DeFogger to run the tool. The ap... Read more

16 more replies
Answer Match 51.66%

Hello,
About a week ago I got some malware on my system by the name of Antivirus Scan. I scaned with Malwarebytes, Clamwin, Trend Micro House Call, and Spybot Search and Destroy. My AVG Pro subscription had just run out, and I was about to install DefenderPro 2010 but all this happened and it would not install. Also, Mirar toolbar was installed arround this time, but I am not sure who did it or exactly when. I was able to remove Antivirus Scan (or so I thought). I started to get Generic Host Services for Win32 Services errors and IE would crash. I later found out that it may have been because Antivirus Scan and Mirar were not completely removed. I forbid anyone in my family to touch the computer until I fixed the problem, but my hubby didn't listen. Today, he downloaded Antivirus .NET and now I can only operated the computer in Safe Mode. I cannot use the account that A. .NET was downloaded on in Safe Mode, only other accounts. I am not very strong with virus removal, and realize that I am now in over my head. I have attached the required documents and would really appreciate some help as soon as possible. My computer is used for my job. I do not have a XP disk, but I do have Recovery Console. I can probably barrow and boot disk if need be though. Thank you very much for your time.
Jessica


DDS (Ver_10-12-12.02) - NTFSx86 NETWORK
Run by Compaq_Owner at 17:59:11.70 on Fri 01/28/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Home Edi... Read more

A:Antivirus Scan, Mirar, and Antivirus .NET Trouble

Hello and welcome to TSF. My name is Taylor and I'll be helping you with your fix.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.

19 more replies
Answer Match 47.04%

Okay, I've been fighting this for a couple weeks now and things keep popping up.It started with Antivirus 2009, which was hijacking my browser windows and making my desktop flicker. I (thought) I'd gotten rid of this but then more issues popped up a week or so later.I had what appeared to be Antivirus 2009/ Antivirus 360 again, but it was coupled with something that was causing my computer to shut down due to "DCOM Server Process Launcher" shutting me down.I'd "mostly" fixed this problem, with the exception that I can no longer defrag my computer.Then today I had a warning pop up in my toolbar that said I was infected, and tried to direct me to real-avg.org, so I immediately shut off my wireless and ran malwarebits, adaware, avg free, Iobit's Advanced System Care and I'm just really paraniod that I can't get rid of this problem.Oh, and I've had a few blue screen's of death here and there in all of this, but I'm not sure what they were specifically warning against.I've ran HijackThis and the DDS thing, and here are the results.. any help would be hugely appreciated!!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:46:30 PM, on 1/12/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:&#... Read more

A:Infected Computer, several problems including Antivirus 2009/Antivirus 360

Hello Angelinazooma and welcome to Bleeping Computer,1. Please download GooredFix and save it to your Desktop.Select "2. Fix Goored" by typing 2 and pressing Enter. Make sure all instances of Firefox are closed at this point. Type y at the prompt and press Enter again. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt).Note: If you receive a message saying that GooredFix needs your system to be restarted, please close all applications and reboot your system. Please also allow any registry changes that may be prompted by any of your security programs.2. Please download ComboFix from one of the locations below, and save it to your Desktop.LinkLinkLinkDouble click the ComboFix icon to run it.If ComboFix askes you to install the Recovery Console, please do so..The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you.Once the Recovery Console is installed, continue with the malware scan.Note: Make sure not to click ComboFix's window while it's running. That may cause it to stall or freeze.Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply. If you have any questions along the way, STOP and ask them before proceeding !!Greetings,Thunder

5 more replies
Answer Match 47.04%

Hi there!

Maybe since I downloaded a file, "holdemindicator161_3019.exe (Trojan.FakeAlert)", as is reported by "Malwarebytes' Anti-Malware 1.33", I am no longer able to update my Anti-virus, AVG 8 Free.

I tried going to the Malwarebytes's site but the access was blocked, and while trying to solve my problem, I realized I couldn't access some anti-virus sites either.

I cannot install SpyBot, since it requires server access, and I could only access Malware's software by reinstalling it (it delivered me the error "vbaccelerator sgrid ii control runtime error '0' ").

Since some of the system files are infected, I don't think I should delete them, but I don't know how to heal them either.

I would appreciate your help.

Telmo
 

More replies
Answer Match 46.62%

My windows vista 64 pc was infected by an antivirus malware. I followed the instructions for removsl posted on how-to geek. I downloaded and ran superanti spyware and malwarebytes. The scans are now clean but I think I'm still infected because I cannot install or uninstall or run any antivirus program. I have avg 2011 and ms security essentials but neither will run or uninstall and I bought McAfee internet security 2012 but it will not load.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by Eric at 11:02:43 on 2012-03-30
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3964.1577 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\A... Read more

A:infected by antivirus malware and can't run legitimate antivirus program

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Nothing suspicious was found on your DDS log.Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofixLink 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopIMPORTANT....1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Do not install any other programs until this if fixed.How to : Disable Anti-virus and Firewall...http://www.bleepingcomputer.com/forums/topic114351.htmlDouble click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt Note:Do not mouse click ComboFix's window while it's running. That may cause it to stallNote: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html===Third party programs if not up to date can be an open door for an infectionPlease run this security check for my review.Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instruction... Read more

8 more replies
Answer Match 46.62%

Hi,I have tried everything that I can think of, and this virus seems to come back whenever I start IE. I thought it was gone but it just reinstalls itself. This is above my knowledge level and I'm pretty good with computers. thank you for your help. I have attached the DDS and gmer files. and for good measure I stuck in the HJT file

A:Infected with Vista Antivirus 2010/Paladin antivirus

Hello, sierrahotel13.My name is aommaster and I will be helping you with your log.I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.ThanksShould you still require assistance, please take note of the points below:Please track this topic by either adding it to your favourites or clicking the Options button at the top of this thread and then Track this topic.The logs that you post should be copied and pasted directly into the reply. Only attach them if requested or if they do not fit into the post.If you do not reply within 5 days, I will have to close your topic. Should you not be able to meet this, please notify me so that I will leave the topic open.Please do not install, update, or run any programs for the duration of the fix.If you do not understand the instructions I provide, please don't hesitate to ask. That's what I'm here for Please continue to reply to this topic until I give you the all clean. Just because there are no symptoms of infection doesn't mean that the computer is clean.If you are running Vista, please run all the fixes as an administrator. This is done by right-clicking the program and clicking "Run as Administrator".Please do the following so I can take a look at the curr... Read more

36 more replies
Answer Match 46.62%

Hi all,I have a PC with a 2.6 GHZ CPU, 1.5 GB RAM, a 250 GB internal C drive, 80 GB internal D drive and 2 external drives which were detached when the virus hit. I am running Windows XP Home with SP2. I use Panda Internet Security and Spybot S&D. Last week, I was hit with Antivirus 2008 Pro which crippled my PC for a couple days until I thought I had gotten rid of it with SpyHunter. It came back the next day and morphed into XPAntivirus, which also took a couple days to get off. Panda and Spybot didn't find anything when I ran them so I ended up using both Spyhunter and Spyware Doctor as well as SmitFraudFix and a couple of websites that listed files, directories, and registry keys that had to be deleted AND doing a complete clean install of XP after transferring all my relevant files over to an external drive. I finally got it off and was clean for almost a week until the night before last. I was trying to find a free PDF converter program for a friend of mine. I found PrimoPDF (not on the maker's website, unfortunately) and when I clicked on the install program, my computer restarted. When it came back on, I had the red alert message from Windows Automatic Updates which said that my updates were not turned on. When I tried to turn them on, the control panel said they were turned on but the red alert wouldn't go away and I couldn't go to the Microsoft update site manually. Also, error messages involving DLL files came up -- ubijcvin.dll and ijjcvslw.dll -- sayi... Read more

A:Infected By Antivirus 2008 Pro, Then Xpantivirus, And Now Antivirus 2009. . .

Hello Stacy and welcome to BleepingComputer,1. * Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer Go to Control Panel > Internet Options > General tabUnder Browsing History, click Delete. Click Delete Files, Delete cookies and Delete historyClick Close below.* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu..Click the Clear now button below.. A new window will popup what to clear.Select all and click the Clear button again.Click OK to close the Options window* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.2. Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first (not for Windows Vista users !).The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you. (WinXP SP3 users, please download the appropriate SP2 file, Home or Pro, to install the RC)In the event you already have Combofix, delete your current version and download the latest ... Read more

8 more replies
Answer Match 46.62%

Hi, there
Yesterday my dad asked me to take a look at the computer because for some reason it wasn't working and so i did, but the problem is a lot worse than i originally thought. Theres a program on the computer that doesnt let you use the internet, open task manager, or open almost any kind of program whatsoever. This program is called antivirus scan and whenever you try to do almost anything it sends up messages saying that your computer is infected and whatever file you just tried to open is infected as well and it sends you to http://afantispy.com/shop to buy the program, i've tried every way i could think of (which isnt very many) but i cant do a thing, in order to post on this site i have to use a different computer. Please help if you can.
Thank You

A:antivirus scan

My wife's computer has this too. I can not start in safe mode, all I get is a black screen with "safe mode" in each corner. Everything I try and open is blocked, regedit, delete temp file, etc. Only thing I haven't been able to try is superantispayware portable because I have no way of moving it at this location. I am in NC tonight but go back to FL tomorrow, so she will be on her own. Should I have her buy a flash drive and try Super? any other suggestions, or should she take it to someone? and if so who? I will monitor this post closely.

2 more replies
Answer Match 46.62%

Hello everyone,

I've used malwarebytes a few times to try to clear up this reoccuring issue, but to no avail. I still get two instances of Internet explorer running everytime I run it, as well as notifications that I am being attacked by my Norton Internet Security Suite 2010 everytime I load a webpage. I attempted to follow the tutorial for Antivirus Scan on these forums, since this is the program that autoloaded itself while I was in safe mode, but that didn't solve the current issues. Since I couldn't obtain any GMER logs initially since even in safe mode, I was getting BSOD immediately upon running, I system restored to about a week ago, and did everything over. I finally was able to get the GMER logs. Here is my DDS log below. Thanks for your assistance

DDS (Ver_10-12-12.02) - NTFSx86
Run by FrozEnFyRE at 9:39:32.24 on Tue 12/28/2010
Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_22
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.1015.136 [GMT -8:00]
============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvc... Read more

A:Antivirus Scan + More??

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

19 more replies
Answer Match 46.62%

well i have panda antivirus+firewall 2008 when i go to scam my pc i choose all my computer
the scan stars it scan only one file and then it stops i try to re installed it but the same keep happening
 

A:my antivirus do not want to scan my pc

16 more replies
Answer Match 46.62%

Anyone have any information on Antivirus scan Removal, Its like the Wireshark and a few others that say your computers infected and want you to buy their antivirus to get rid of the infections. Im running xp and i cant seem to get rid of it.at times it appears to be gone but then its back again.the main thing i notice is it wont let let me go to windows updates, and when i try it changes IE settings so i cant connect to IE. Any Help would be appreciated

A:Antivirus scan

This info should help.Please follow our Removal Guide here Remove Antivirus Scan (Uninstall Guide) .You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

5 more replies
Answer Match 46.62%

Hello....I am so grateful I can go on the internet.....Basically I donno why... I just opened computer and bang, theres virus...

It is called antivirus scan with "protecting every second" under it. It has green shield symbol. I tried running MBABM and super anti spyware, but they didnt detect anything!!....or maybe they are out of date?

Oh no....please help! I cannot open most things, such as mbam and updating it to the latest one.... ><"

:'(

A:No...help me with antivirus scan!

Hello and welcome. Please tell us your Antivirus application and Operating System.Please follow our Removal Guide here Remove Antivirus Scan .You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

17 more replies
Answer Match 46.62%

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:39:26 AM, on 1/17/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Safe mode with network support

Running processes:
C:\Users\Derek.durka222\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derek.durka222\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derek.durka222\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z039&form=ZGAPHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explo... Read more

A:AntiVirus Scan

Please download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.Download DDS and save it to your desktop.Disable any script blocker, and then double click dds.scr to run the tool. When done, DDS.txt will open. Click Yes at the next prompt for Optional Scan. Save both reports to your desktop.-----------------------------------------------------... Read more

1 more replies
Answer Match 46.62%

Hi my mom had it said antivirus scan and was at the bottom of the page it wont delete -we cant find it anywhere in programs etc to delete
it wont' let her into the internet explorer or paltalk
her yahoo and other messengers work though
does anyone know what this is an dhow to get it off her computer
she has norton antivirus
dont know what this other is
Thank you for your help
Tina
 

A:antivirus scan

follow advice here and post the logs those programs make
 

1 more replies
Answer Match 46.2%

Please Help....My computer seems to be infected with a thing called Anitvirus Scan that is popping up all sorts of alerts saying I need to fix this and that, and I cannot access the internet or anything else unless I am in Safe/Networking mode which im currently in. Can someone help me out?DDS (Ver_10-12-12.02) - NTFSx86 NETWORK Run by Owner at 23:52:15.54 on Sat 01/22/2011Internet Explorer: 8.0.6001.18999Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.2038.1539 [GMT -5:00]AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\SYSTEM32\WISPTIS.EXEC:\Program Files\Common Files\microsoft shared\ink\TabTip.exeC:\Windows\... Read more

A:Antivirus Scan Infection

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available.If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply'... Read more

2 more replies
Answer Match 46.2%

So my little sister's computer has gotten a bad case of Antivirus Scan and I can't seem to get rid of it even after following the guide on this site.

I booted up in Safe Mode with Networking and did everything like the guide suggested, but when I restarted in regular mode Antivirus Scan was back. I tried following the same procedure but Malwarebytes doesn't seem to find anything even though everytime we restart the computer the malware is back.

After I run Rkill the problem seems to disappear; attached are the DDS logs, I also tried running GMER a couple times, but the program didn't catch anything at all (like Malwarebytes) so the log was blank. If I try to run DDS and GMER before I run Rkill than the malware won't allow either to start up.

I can also post the Rkill log and Malwarebytes log if needed.

A:"Antivirus Scan" Malware

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

12 more replies
Answer Match 46.2%

Hi, hopefully someone can help please. I have had Avira installed for a couple of years and attempted to do a virus scan and scan got to the C:\windows\winsxs section & froze whole computer. Then I tried a scan with Malawarebytes, same thing. Also tried online scans with Panda, eset & Kaspersky. Finally downloaded a trial version of Nortons 2010 and still the same result. Please help! I have attached required reports.THANK YOU.DDS (Ver_09-12-01.01) - NTFSx86 Run by IRMA at 21:07:45.05 on Sun 14/02/2010Internet Explorer: 8.0.6001.18882Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.61.1033.18.3069.1807 [GMT 11:00]SP: MalwareRemovalBot *disabled* (Updated) {A91B331C-2291-45DC-A2D6-21EBEA71CFE2}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Wind... Read more

A:cannot complete ANY ANTIVIRUS SCAN

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

78 more replies
Answer Match 46.2%

Was I supposed to check AutoClean before running it(I didn't)?? How do I get rid of the things it found? Do I check AutoClean and run it again?
 

A:RAV AntiVirus Online Scan???

Hello Trtlgrl2_78. IMO Rav is a good report tool. I think it would be better to run this one. Click Here it'll clean them out. Let us know anything it finds that it can't clean. Be sure to write them down.

You can copy the Rav things into notepad and post them here if you want.
 

1 more replies
Answer Match 46.2%

Hello guys,

what e-mail scan solution would you recommend for retrieving mails trough IMAP, port 143, since the antivirus scanner that we use is scanning only trough the standard ports 25 / 110

regards,
John
 

A:Mail antivirus scan

6 more replies
Answer Match 46.2%

I'm stuck with that Antivirus Scan that contains those popups saying that my computer is infected and to scan my computer with the software. The virus first showed up New Years but I had believed that I got rid of it that day (although in the back of my mind I had a feeling I didn't since all I did was a System Restore) when it stopped coming up but apparently I didn't. Of course. I had tried to use the guide here (http://www.bleepingcomputer.com/virus-removal/remove-antivirus-scan) to rid my computer of it today but that didn't seem to work. I followed the instructions perfectly except for the fixing the proxy issue because I don't have Internet Explorer activated so I used Firefox. I scanned with MBAM and removed the malware yet after I rebooted and tried to see if it was gone, I found out it wasn't and that I couldn't open MBAM anymore without safe mode (I had been able to).
DDS (Ver_10-12-12.02) - NTFS_AMD64 NETWORK
Run by Reece at 20:48:22.94 on Thu 01/20/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4056.3331 [GMT -5:00]

AV: McAfee VirusScan *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Personal Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

============== Running Proc... Read more

A:Can't Seem to Get Rid of Antivirus Scan Infection

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available.If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply'... Read more

16 more replies
Answer Match 46.2%

So, I've got Zone Alarm Anti Virus (ZA Pro Suite). When I run AV, my PC crashes and I get a BSOD, which vaires.

I've tried scanning with GRI Softs free AVG, Online Norton Scanner, and they all crash my pc and bring up the BSOD.

I'm running an external SATA hard drive, as my base HD, which hasn't had any problems for over 2 years.

System is winXP.

Your comments, suggestions are appreciated.

Thanks!

~BB
 

A:Antivirus Scan Crashes PC...

9 more replies
Answer Match 46.2%

This is what it found...how do I get rid of the things it found...it didn't/couldn't AutoClean

Scan started at 9/15/2004 3:31:13 PM

Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\Tyler\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\data-flyordie2.zip-50f93c25-4a16bd6a.zip->data-flyordie2.zip->fx/tank/web/temp20.sfx - Type_Trojan -> Suspicious
C:\WINDOWS\SYSTEM32\d1g1m0s.dll - TrojanDownloader:Win32/Rameh.A -> Infected

Scanned
============================
Objects: 83438
Directories: 5966
Archives: 4550
Size(Kb): -213078
Infected files: 1

Found
============================
Viruses found: 1
Suspicious files: 1
Disinfected files: 0
Mail files: 258
 

A:RAV Antivirus Online Scan...help

Do you have any installed anti-virus programs? If so, what does it say about these files and deleting them?
 

3 more replies
Answer Match 46.2%

I got this antivirus scan spyware or virus wtever is called. It won't let me open any program or even use the internet. I got rid of it once but for some reason it came back after a reboot. Then I deleted it again using combofix and this is my second reboot. I didn't get anything so far but sometimes when I get to google and search for something it always redirects me to another link that I don't want to. Like I'll search walgreens click on the page but it won't get me to the right page. Some crazy ads. The computer its also running much slower.
 

More replies
Answer Match 46.2%

Hi, I have a laptop that was originally running Vista.  Several years ago it was upgraded to Win 7-64 Ultimate.  I think I've gotten something that my Symantec Endpoint Protection let slip by.  Symantec itself keeps saying that the proactive threat protection is not functioning correctly due to an internal configuration error.  If I reboot it says all is ok for a while and then gives the error.
 
I've tried using the linux based rescue discs from Kaspersky, AVG, F-Secure and others but every time I run them they get part way through scanning the system and then the PC just suddenly & instantly turns off.  No BSOD, no message, just total shutdown!
 
I've also tried the Sophos scanner, Malwarebytes, Spybot S&D and none find anything either.  When I run them in safe mode they either find nothing or the system shuts down.
 
Any suggestions on what to try next?  Are there any good programs I can run from a CD to try & bypass windows that might have better luck?
 
I asked a friend who fixes computers who is baffled....

A:PC shuts down DURING antivirus scan??

Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

3 more replies
Answer Match 46.2%

I'm trying again, was finally able to run the scans on the infected laptop from a flash drive and save reports.

Got some kind of Antivirus Pro Scan Alert virus ? almost nothing works. took me a while to run GMER from a flash drive (I?m on a different computer)

Sony PCG-TR3AP with Windows XP, SP3
just purchased used and loaded service packs, no security yet

I have a Sony Recovery DVD, for the functioning laptop, but when I tried to use it on another once, it didn?t work, I think it needed specific laptop key. Otherwise, I don?t have a windows install or boot cd.

Popups:
-Security Warning Application cannot be executed file wuauclt.exe is infected, do ;you want to activate your antivrus software
-In a system tray popup: Antivirus System Pro alert; computer is being attacked?..bunch of stuff and code
-Popup: Spiware Alert! Vulnerabilities found; 34 serious threats?.Link: ?Why do you need Spyware Protection?
-IE starts up: www.porno.com (man I?ve never been there), but it?s had other addresses; one sounding like a virus protection site.

When I did the zip of Ark.txt and Attach.txt, it automatically saved it to ?Ark.zip? not ?Attach.txt?


DDS (Ver_09-10-26.01) - NTFSx86 MINIMAL
Run by mb at 13:29:03.52 on Wed 11/11/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.506.387 [GMT -6:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WI... Read more

A:Antivirus Pro Scan Alert

I hadn't even accessed a web page or email when I got this virus, I merely logged into my wireless in a new area and the popups began immediately before I was able to do anything.

2 more replies
Answer Match 46.2%

I have a Dell Inspiron with Windows 7. It now has the Antivirus Scan Virus on it. This is basically what it does:

While Antivirus Scan Virus has started, it will cease the ability to run any programs as a procedure to scare you into thinking that your PC is affected with spyware.

The below fake warnings will be shown

Windows Security Alert
Windows reports that computer is infected. Antivirus software helps to protect your computer against viruses and other security threats. Click here for the scan your computer. Your system might be at risk now.

Antivirus software alert
Infiltration alert
Your computer is being attacked by an Internet virus. It could be password-stealing attack, a trojan-dropper or similar.

Internet Explorer Warning ? visiting this web site may harm your computer!
Most likely causes:
- The website contains exploits that can launch a malicious code on your computer
- Suspicious network activity detected
- There might be an active spyware running on your computer

Understand these are all scam alerts and make sure you do not take any action on these warning messages. Follow the below instructions to clean up these fake antivirus messages
It will nt let me do a system restore, start in safe mode, end processes or anything. I ran a scan with Malwarebyte's anti malware & avg scan, showed no infections, but I know its there. Can someone please help!??????? Thanks

A:Antivirus Scan Virus

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

1 more replies
Answer Match 46.2%

alright so im new on here but i need some good help. about a week ago my laptop started running really slow upon start up and then just the entire time it is on. it would take a few minutes to open up any program (my documents, firefox, or even the start menu itself). i figured id run an antivirus scan, i use avast since its what ive always used and never had problems with. well about 20 minutes into the scan it blue screened and restarted the computer. i was a bit confused so i tried again and obtained the same result. i know my family has had problems with their computer having viruses so i put on malwarebytes since it worked for them, ran it in safe mode the first time and then in normal mode. both runs ended in the bsod. getting frustrated with it i looked online for a solution to my specific problem and ive came across a number of them, i updated all of my drivers, i ran ccleaner, i cant run defrag because it keeps telling me i have to remove special settings before i can and it never lets me remove them. i came across a forum post where a user had roughly the same problem as me and i tried the solutions listed to him ( http://answers.yahoo...23092135AAGLFnb ) the first solution didnt work, the scan didnt even run. then i used a registry cleaner and it blue screened in the middle of it, i did the disk clean up. i dont have a system restore date to restore to or i would. i have not checked the ram for defects and i have tried the virus scan several times. so any advice th... Read more

A:BSOD when antivirus scan is run

Firstly, your link hasn't posted correctly; could you please make sure that we have the entire address. It sounds as though the advice on that thread may not have been very good at all, but it's important that we know what has been done to your machine.
Most people on this forum and others advise against the use of registry cleaners. They do nothing to improve the speed of your computer, and are prone to delete critical registry information which Windows and your other software needs to run correctly. While CCleaner is a very good temporary file cleaner, the registry cleaner built in is just as dangerous as any other.

Now, let's see what's on your computer that might be causing these issues.
Please go here to download HijackThis.

To the right of the green arrow under HijackThis downloads click on the Executable button and download the HijackThis.exe file to your desktop.
Double-click the HijackThis.exe file on your desktop to launch the program. If you get a security warning asking if you want to run this software because the publisher couldn't be verified click on Run to allow it.
Click on the Scan button. The scan will not take long and when it's finished the resulting log will open automatically in Notepad.
Save the log file to your desktop. Copy and paste the contents of the log in your post.
Please do not fix anything with HijackThis unless you are instructed to do so. Most of what appears in the log will be harmless and/or necessary.
&... Read more

1 more replies
Answer Match 46.2%

Hi All,

I'm a newbie to computers - I'm using McAfee virusScan 10 for my antivirus program -- can anybody tell me where on my computer I can find the virus scan logs -- this is not the most user friendly of AV's that I have used -- normally in the console there would be a button or selection where you would click here to view scanned logs but not on my version -- Can anybody help please

Thanx

A:Antivirus Scan Logs

I don't use McAfee but I would tend to suspect the log may be located in the C:\Program Files\McAfee folder - probably a subfolder named reports, logs, or something similar. You should be able to view logs through the application itself. See Viewing the scanned log.

3 more replies
Answer Match 46.2%

My computer picked up the Antivirus Scan malware. As per the spyware removal tab on the site, I downloaded and used rKill, and then used malwarebytes which removed the virus. I picked up the virus again. rKill is allowing me to use the computer, but many full scans of malwarebytes (is normal and safe mode) havent been able to find the virus again, even though the virus is still on the computer.
Does anyone have any suggestions as to how to completely delete the virus from my computer?
Thanks in advance!

A:Antivirus Scan Malware

Hello and to BleepingComputer.Let's try this.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it.To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.~BladeIn your next reply, please include the following:TDSSKiller Log

1 more replies
Answer Match 46.2%

Okay, I think this is where I need to post. Thank you for getting me oriented Orange Blossom. The problem encountered, is that a fake Antivirus Scan pops up, named only "Antivirus Scan", states that it has found multiple threats, and for a nominal fee will get rid of them (how nice of them). However, not only has this virus become annoying, it has disabled Window's Defender, which now can not update. I have hijack this installed, but I am not familiar with reading the logs. However, I have re-read how to make a proper post (hopefully I got it right), and will post the D.D.S.txt log and attach the dds attach and gmer log. attach.txt
 Attach.txt   12.58KB
  0 downloads and gmer ark.txt
 ark.txt   11.4KB
  1 downloads.
DDS LOG


DDS (Ver_10-12-12.02) - NTFSx86 NETWORK
Run by MISSD at 14:21:35.49 on Fri 01/21/2011
Internet Explorer: 8.0.6001.18999
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.2010.1107 [GMT -5:00]

AV: Microsoft Security Essentials *Enabled/Updated* {2E6C4BAB-3371-CD46-62DC-0E0A86B42619}
SP: Microsoft Security Essentials *Enabled/Updated* {950DAA4F-154B-C2C8-586C-3578FD336CA4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows&... Read more

A:Antivirus Scan Virus

Hi,Please do the followingRefer to the ComboFix User's Guide Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Place ComboFix.exe on your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
You can get help on disabling your protection programs here
Double click on ComboFix.exe & follow the prompts.
Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

---------------------------------------------------------------------------------------------
Ensure your AntiVirus and AntiSpyware applications are re-enabled.

---------------------------------------------------------------------------------------------

2 more replies
Answer Match 46.2%

Hi,Here is the hijack this output. Please help me get rid of this problem.Thanks,maypo52Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:02:26 PM, on 4/23/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\atievxx.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeC:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exeC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\antiviirus.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC: ... Read more

A:Xp Antivirus Scan Pop-ups Onlinexpscanner.com

Hello maypo52,Welcome to Bleeping Computer Download SDFix and save it to your Desktop.Double click SDFix.exe and it will extract the files to %systemdrive%(Drive that contains the Windows Directory, typically C:\SDFix)Please then reboot your computer in Safe Mode by doing the following :Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;Instead of Windows loading as normal, the Advanced Options Menu should appear;Select the first option, to run Windows in Safe Mode, then press Enter.Choose your usual account. Open the extracted SDFix folder and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum). Finally paste the contents of the Report.txt back on the forum with a new HijackThis logThanks,tea

8 more replies
Answer Match 46.2%

Hello, I have an Inspiron 1420. My internet is suddenly super slow and can barely have two pages open at the same time, much less browse fast within the site. According to both my internet provider and my computer it shows that the signal strength is excellent. I also reset the router just to be sure and it still didnt fix anything.

The computer itself is fast outside of web browsing so I'm not sure what's causing it to be slow and my McAfee scan doesn't find anything after a full scan. I was wondering what one scan or action would you suggest? Since that computer is slow I dont think it will be able to download multiple programs so I can post the logs here so I wanted some simple suggestions to try to figure out if its some sort of virus that is affecting my web browsing.
 

A:Antivirus scan suggestions

So this morning I noticed the computer restarted without me doing so and a Microsoft Malicious Software Removal Tool box popped up. Says I have BackdoorLWin32/Cybot B but that it couldnt remove it.

How do I remove this and would this cause my internet problems?

Ive seen online suggestions to download Microsoft Security Essentials but is it good enough to disable my McAfee as it asks me to do? Don't want to ditch my antivirus for a horrible one.
 

1 more replies
Answer Match 46.2%

i managed to get this virus trying to fool me into buying their antivirus program. It has competly crippled my computer. I cannot access the internet, run files, or open anything from the control panel. I can only do things in safe mode. I hope people can help, my hijack code is attached.
 hijackthis.log   7.53KB
  4 downloads

A:antivirus scan virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.We need to create a New FULL OTL ReportPlease download OTL from here if you have not done so already:
Main MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Change the "Extra Registry" option to "SafeList"Push the button.Two reports will open, copy and paste them in a reply here:
OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedAfter downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconne... Read more

3 more replies
Answer Match 46.2%

I had this suddenly, and I mean suddenly, run some sort of scan on my computer then told me my computer was in dire danger and that I'd better quickly download the program to get rid of all the stuff it detected. I think there was around 500 and some things it detected.

Well I didn't click on it... I've become a bit suspicious of such things, but I did run my kaspersky and it only detected 8 things.

I then googled the lite antivirus pro scan and it led me to a site that said

Quote:




Lite-anti-virus-scanner.com is the typical Antivirus 360 fake scan page. It generates fake security warnings to trick you into downloading and buying full version of Antivirus 360 (or Antivirus 2009) rogue anti-spyware. Lite-anti-virus-scanner.com may slow your computer and disable some Windows features. We recommend to remove it using Spyware Doctor with antivirus.




As far as I know that thing didn't actually download onto my computer. I just kept x'ing out of it until it disappeared.

But I don't know if I'd trust this Spyware Doctor either.

Any advice for me?

A:lite-antivirus-pro-scan

Hello and Welcome to TSF.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through allthe steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

------------------------------------------------------

1 more replies
Answer Match 46.2%

I always received this error when I try to start the AntiVirus Personal (scan)
THE AVGNT.EXE cannot be started.
Please check your installation!
 

A:AntiVirus won"t scan

Hi and welcome

Have you tried to uninstall/reinstall the program?

I believe it used to have a repair option too. If you locate the installation directory, double click on the file "setup.exe".
Then Select "Repair program" as installation option and follow the installation instructions.
 

3 more replies
Answer Match 46.2%

Hi,

Thanks so much in advance for helping me with this problem. Its almost hard to believe that amazing forums like this exist!

I have been infected with the AntiVirus Scan virus. I following all of the steps outlined here: http://www.bleepingcomputer.com/virus-removal/remove-antivirus-scan
Everything looked promising but unfortunately when I rebooted it in "normal mode" it was still there. I tried following the steps a second time: This time RKill did not detect or shut down any malicious processes and Malwarebytes didn't find anything after a full scan.

So here I am... Should I run DDS and GMER in safemode? AntiVirus will not allow me to execute any programs (including variations of Rkill) in normal mode. It's not clear to me how I should "disable any script-blocking programs" as outlined in the instructions for new posts.

Thanks again!

Handle

A:AntiVirus Scan Infection

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

12 more replies
Answer Match 46.2%

Long story short, my dad's computer has been infected with a antivirus scan (virus). Makes up fake threats, disables internet and has not allowed me to update windows defender. I found the post on how to remove this virus here http://www.myantispyware.com/2010/12/18/how-to-remove-antivirus-scan-virus-uninstall-instructions/

I am on the hijackthis step of the instructions, however I am completely new to using that program and I'm not sure what needs to be deleted using it, and I don't want to delete anything that is critical to the operating system. I'm really not even sure how to post the Highjack This log results on to this forum to let those with more experience help decipher what needs to taken out. I would like to say in advance to anyone that can help with problem or just point me in the direction that I need to start looking, a sincere thank you.
I do think I'm in the right forum, Windows Vista though.

A:Antivirus scan virus

Hello!I'm in the exact same situation, I would also need some help, i've posted the Log here.

4 more replies
Answer Match 46.2%

I downloaded Comodo Anti-Virus and did 1st scan that came up with "(86x)\Yontoo Layers\YontooIEClient.dll" as a low threat, but I believe it should not be deleted as suggested? Am I correct or is it an actual Threat to my computer?

A:Using Comodo Antivirus Scan

[B]ANSWER TO: yontooieclient.dllyontooieclient.dll

What is yontooieclient.dll?

Internet Explorer Yontoo Layers Browser Helper Object (Browser Helper Object (BHO)) DLL file.

Is yontooieclient.dll safe?

This yontooieclient.dll file is safe and should not be considered threat to your computer.

Overall threat: No
Spyware: No
Trojan: No
Virus: No

1 more replies
Answer Match 46.2%

My computer (Pentium 4, 2.66 GHz, 1 GB RAM running XP pro) has recently started rebooting itself for what I first thought was no apparent reason.

However on closer examination I have noticed that it seems to reboot everytime I try to run adaware or any antivirus scanner. Sometimes it will scan for a good 5 - 10 mins before rebooting other times it will be more like 1 - 2 mins.

I have turned of the automatic reboot on error function. It still reboots. (Without giving an error message of any sort).

When I leave the computer doing nothing it doesn't seem to reboot itself (so far) or when I do light activities such as send an email or look at webpages.

It is a very hot day today (no airconditioning where the computer is located and it has been hot for the past week or so also) does this have anything to do with it?

Any help or suggestions much appreciated thank you.
 

A:Rebooting during antivirus scan

7 more replies
Answer Match 46.2%

Thought I had removed Antivirus Action using Malwarebytes and step by step instructions on this site, but now I've got Antivirus Action coming up, and firefox and IE are being redirected. Please let me know what I can do, thanks!

More replies
Answer Match 46.2%

i need to get rid of the antivirus scan that downloaded itself to my computer...can anyone tell me howEdit: Moved topic from Introductions to the more appropriate forum. ~ Animal

A:antivirus scan virus

Hi melissa, try this and let me know.Please follow our Removal Guide here Remove Antivirus Scan .You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

1 more replies
Answer Match 46.2%

Hi

I need assistance in reading the log from hijack this so that i can remove the virus antivirus scan from my computer...
 hijackthis.log   9.79KB
  3 downloads

Please help!! i cant do anything with my computer because all these 'security warnings' keep popping up!!!

Thank you

A:Antivirus scan removal log

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:

msconfig
safebootminimal
activex
drivers32
netsvcs
%SYSTEMDRIVE%\*.exe
/m... Read more

2 more replies
Answer Match 46.2%

Hi
My computer was infected with the AntiVirus Scan and I had all the usual problems. I turned the computer off for 5 days and when I restarted the malware seems to have disappeared.I have run rKill and MBAM which did not find anything. Am I safe?

More replies
Answer Match 45.36%

helo i m hoping that some one here will solve my problem recently i found that my system keep restart when i run antiviru scan avira or even i go run online virus scan same thing happen computer keep restart i don't know how to figure out the problem may be it's because virus, malware or etc.. plz need ur help thank you

A:Computer Restarting Once I Run Scan Antivirus

Hello edimaxz and welcome to BC What operating system do you have: Windows XP, Vista etc.?Have you tried scanning with your AV in Safe Mode?Are you experiencing any other issues with your computer?Orange Blossom

1 more replies
Answer Match 45.36%

I am looking for a virus scan that does not require administrator privileges. It would need to be able to be ran without having to be installed. Would be for Windows 7 x86.

A:Non-Admin Antivirus Scan Tool

Most anti-malware scanners will work on both 32-bit or 64-bit versions of Windows.There is a list of free Scan & Disinfection Tools in this topic. Many of these tools are stand-alone applications contained within zipped files...meaning they require no installation so after extraction, they can be copied to and run from usb drives.However, a Limited User Account may reduce your ability to perform effective security scans as removing some malware requires admin rights and other user accounts may not be scanned.

4 more replies
Answer Match 45.36%

Hi,
I have an infected windows XP SP2 pc.
I do not have any active antivirus software on this pc ( ESET NOD32 is expired).
1. I tried downloading a few free antivirus softwares like avira/avg/avast/MSE but was unsuccessful as -
a) either they do not support sp2 or
b) on clicking download the page does not load
2. I have tried running online antivirus softwares like bitdefender (cannot load) and ESET (after running the activeX control tried downloading the .cab file but nothing happened)

Following is the info from SysInfo -

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 2, 32 bit
Processor: Intel(R) Pentium(R) D CPU 2.66GHz, x86 Family 15 Model 4 Stepping 7
Processor Count: 2
RAM: 501 Mb
Graphics Card: Intel(R) G33/G31 Express Chipset Family, 256 Mb
Hard Drives: C: Total - 39997 MB, Free - 24258 MB; D: Total - 39997 MB, Free - 218 MB; E: Total - 39997 MB, Free - 222 MB; F: Total - 32624 MB, Free - 398 MB;
Motherboard: Gigabyte Technology Co., Ltd., G31M-S2L
Antivirus: ESET NOD32 Antivirus 4.0, Updated: No, On-Demand Scanner: Enabled
 

A:Cannot run antivirus scan even in safe mode

-----------------------------------------------------------
Be sure to read the information in these threads about Windows XP risks and options:
Derek's post here is a view of the risks : End of Support For Windows XP
You have already taken this risk with an SP2 machine, and lost the bet.
My post concentrates on software options for saving the machine: Windows XP - The Elephant In The Room
Read it very carefully.
Your machine will support the simplest of Linux systems, but really will not be satisfactory with ANY of the newer Windows.
I don't think trying to Fix this will produce a good result.
Almost all of our Fixing tools actually require XP Service Pack 3 to work, and installing Service pack 3 on an infected machine will usually fail or produce an unstable system.
This may be why the programs you are trying to use don't work.
Windows SP3 came out in 2008, and Support for SP2 ended in 2010.
 

2 more replies
Answer Match 45.36%

I obviously have a problem with my computer. My Norton Antivirus runs every Friday, well for the past month, on Fridays, the scan would just run forever, until I have to stop it manually because I work on my computer. So a couple of days ago, I updated my Norton Antivirus to 2005, thinking that was the problem.
I installed the 2005 and still get many problems. I have a lot of errors just running the one button check. And still when it scans, I let it go for hours and hours and nothing gets completed.
I don't even know where to go with this or where to start. Any suggestions?

I'm running windows 98, and I'm not sure what else I need to let you know.
Thanks,Melissa
 

A:Antivirus scan running for days.......

8 more replies
Answer Match 45.36%

Someone asked me to look at their computer because they felt that it may be infected. I looked at it, and indeed it was infected with Antivirus Scan. I ran Malwarebytes on it, and it found multiple instances, and upon completion of the removal process, it needed to reboot the computer. Now it gets a BSOD every time it boots back up, regardless if I start it normally, safe mode, safe mode with networking, safe mode with command prompt, last known good config, or anything else. The BSOD is STOP: c000021a {Fatal System Error} The windows logon process system system process terminated unexpectedly with a status of 0xc0000005 (0x00000000 0x00000000). The system has been shut down.

Please help with this.

Matt

A:Removing Antivirus Scan, Now BSOD

What version of Windows is this and do you have the Windows CD/DVD at hand?

20 more replies
Answer Match 45.36%

Hi,I have been getting Antivirus 2009 pop ups, windows defender messages and my Internet Explorer always freezes.DDS (Ver_09-01-07.01) - NTFSx86 Run by Jelena at 19:57:26.28 on 07/01/2009Internet Explorer: 8.0.6001.18241Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.2.1033.18.1917.949 [GMT -5:00]AV: AVG Anti-Virus *On-access scanning enabled* (Updated)AV: avast! antivirus 4.8.1201 [VPS 080815-0] *On-access scanning enabled* (Updated)============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\Ati2evxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\Ati2evxx.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\WLTRYSVC.EXEC:\Windows\System32\bcmwltry.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalService... Read more

A:Windows Pop Ups and Automatic Antivirus Scan

Howdy, my name is Hoov, and I will be helping you with your dilemma. I appologize for the delay in getting you help.Please make sure you watch this thread for responses. If you click the options tab at the top of your first post, you can select to track this thread. Here is what I am asking you to do during the repair of your computer*Tell me everything that you have done, if anything, to try and fix this problem.*Please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.*Follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go. Don't install anything, even other programs that have nothing to do with security or malware, it could cause things to change, and I would never know it. *Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try. *Stick with me to the end. My aim is to fix your problems, and give you the tools and knowledge to keep this from happening again.Now onto trying to fix your computer.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, f... Read more

2 more replies
Answer Match 45.36%

My PC crashes in the middle of antivirus scan and then keeps shutting down and rebooting forever. It can only start up normaly after I pull out the power plug for 10-15 minutes.

It is XP Professional with SP2. P4, 3Mhz, 1Gig RAM

Please help!!!

A:PC keeps rebooting and shutting down after antivirus scan

Which program do you use to scan for viruses? Try a free online virus scan such as panda activescan and then please report back with the results. Also, right click on "My computer" and go to properties->"Advanced" tab -> Startup and Recovery Settings and uncheck "Automatically restart" and see if this stops the rebooting forever problem. If you see an error when Windows would normally start the endless rebooting cycle, please include the text of the error. Thanks!

7 more replies
Answer Match 45.36%

Panda antivirus wont scan my pc hardrives it only scan the memory and it stops at them say full pc scan done i really need help

heres the hijack log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:17 AM, on 4/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\pavsrv51.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\lxdccoms.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
C:\Program Files\iConc... Read more

A:Panda antivirus wont scan my pc

11 more replies
Answer Match 45.36%

Having some problems with a bit of malware that keeps hijacking my IE and giving the usual "Buy me or suffer" popups. Would really appreciate the help.
Here's my DDS.txt (Attach.txt and ark.txt are attached)
DDS (Ver_10-12-12.02) - NTFSx86 NETWORK
Run by Sean at 18:24:41.68 on Fri 01/21/2011
Internet Explorer: 8.0.6001.18904 BrowserJavaVersion: 1.6.0_22
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.2047.1401 [GMT -6:00]
============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
... Read more

A:"Antivirus Scan" hijack/scareware

Hello CCSpeed6, Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.1.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change th... Read more

5 more replies
Answer Match 45.36%

Hey guys, so basically I have been referred here from the norton forum for more specialist advice for removing malware. Somebody posted a link (http://www.bleepingcomputer.com/virus-removal/remove-antivirus-scan) to a guide for removing this particular malware although I got to step 16, scanning in MBAM (in safe mode) when my laptop suddenly turned off, not shut down just simply turned off instantly. Upon this happening I tried again it turned off during the scan. I have also tried leaving it for a while without MBAM open and it still turned itself off. I have tried editing power options and before I am asked, YES it IS plugged in and didn't run out of battery. Is this turning off caused by the malware itself or am I facing even more problems? Any help would be appreciated, thanks.

A:Removing "antivirus scan" malware

It is likely that the laptop CPU is overheating: When that happens, the laptop simply turns itself off as a self-protection measure.Make sure there is plenty of ventilation around the laptop. Check that the fan(s) inside is working properly. It may be that you need to dismantle the outside enclosure to access the CPU heatsink, and blow it out using a can of compressed air. A lot of fluff and dust tends to accumulate over time.There's plenty of information on the subject to be found by googling laptop over heat ... or something similar, and if you include your laptop brand and model, you may find specific instructions for dismantling and cleaning it.That is the most likely cause of your laptop switching off unexpectedly, and the first thing you should check.

8 more replies
Answer Match 45.36%

Hi there! I'm new and I've been dealing with a pesky problem for quite some time now.

I'm currently running on a Window's Vista Home Basic on a 32-bit operating system with a Dell Inspiron 1525 model. Lately, whenever I run a virus scan, it always freezes my computer at "D:\Tools\PCRestore.exe". If I try to click anything, it freezes the program (including the start menu). Also, clicking or right-clicking on PCRestore.exe also causes the computer to freeze. I've tried several different antivirus softwares including Webroot Spysweeper, AVG, Avira, and Microsoft Security Essentials. I've tried running it on Safe Mode and the computer still freezes. I'm not sure if this is the cause of a virus or not since my computer is unable to complete a full scan. However, if I do a Quick Scan on any antivirus software, it scans fine without detecting a thing. I currently only have Microsoft Security Essentials installed. A week ago, I was able to run a successful FULL scan using MSE in Safe Mode and discovered 4 viruses with Java and had them all removed. I'm not sure how it scanned past PCRestore, but when I tried to scan today, the same problem occured.

Here is a HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:04:10 AM, on 7/12/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\syste... Read more

More replies
Answer Match 45.36%

Hi!
I've been infected with "Antivirus Scan" Virus, and following the Guide to remove it i've reach the step that in need use HijackThis but I really don't have clue on what I need to fix. Anyone would please help me?

Here's the Log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:22, on 16-01-2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\helppane.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Users\Pedro\Downloads\Nova pasta\HiJackThis.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_pt&c=83&bd=Pavilion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_pt&c=83&bd=Pavilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/sv... Read more

A:HijackThis Logfile for "Antivirus Scan"

Please download Malwarebytes' Anti-Malware from HERE or HERENote: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.Download DDS by sUBs and save it to your desktop from here or here or here.Disable any script blocker, and then double click dds.scr to run the tool. When done, DDS will open two (2) logs: DDS.txt Attach.txtSave both reports to your Desktop and post them in your next reply

1 more replies
Answer Match 45.36%

I recently was in a technical forum and saw an interesting reference link posted. Both the forum and the poster are very credible. The link was to a YouTube video which played normally. I saw another related video and clicked on it and then Firefox froze up and I had to close it down. When I reopened Firefox I did a Google search for the forum, clicked on the Google link I was redirected to Anti Virus Pro Scan 2009 fortunately script blocking prevented the page from loading. Normally I just type the name in the URL bar to bring up the page. Other Google searches and clicking on link load without redirection.

I have run a normal mode full scan with SuperAntiSpyware, safe mode full scans with Malwarebytes and Antivir. All have been negative.

I still get a redirection from a Google search for the forum and clicking on the forum link. I do run WOT with Firefox the forum has a safe green rating, and right clicking on the link to display properties shows the legit link but a redirection to Antivirus Pro Scan continues to occur. If I manually put the forum link in the URL bar I get routed to the correct site every time.

I am running Antivir and Comodo firewall actively, on demand Malwarebytes and SuperAntiSpyware. I had run full scans a few days before the problem and always update before scanning. I also have SpywareBlaster installed and current. I am running XP Home SP3 32 bit version.

I don?t know what to do next. If anyone understands what the heck is going ... Read more

A:Redirection to Antivirus Pro Scan Page

Hi Justa,Please download ServiceLookup: http://blackbird.8tt.org/antimalware/Servi...rviceLookup.zipRun it on the infected PC. A logfile will open.E-mail the contents of that logfile to the e-mailaddress I sent you by PM.

12 more replies
Answer Match 45.36%

Greetings!

Working on removing the Antivirus Scan on my daughters Toshiba/Satellite running Vista. On regular start-up I can connect to the internet but get the general redirection to the rogue antivirus site. Also, unable to run any programs.

I am following the directions from Bleeping Computer to boot up in SafeMode Networking. My wireless connection indicates that I am connected but I am unable to connect to IE in either SafeMode or Safe Mode Networking. In SafeMode it indicates I can not diagnose connection problems. The signal is showing excellent and even when I try to establish a new connection it idicates I'm already connected but no webpage comes up.

Any suggestions on where to go from here?

Thanks!

A:Stuck in Antivirus Scan Removel

Ok I messed around with the proxy settings and I'm able to connect to IE. Proceeding with the Antivirus Scan directions.

2 more replies
Answer Match 45.36%

just yesterday my uncles computer contracted this malware called antivirus scan. i went to another site on information on how to get rid of it. i tried to do everything that was in the removal log but very little seemed to work. i tried downloading malwarebytes so that i could scan the system for what malware was left behind from the malware program. the program downloaded(malwarebytes) and was just updating when a blue screen popped up and then the computer rebooted itself.
i tried to redownload it but the malware prevented me from using the web, so i shut down the computer and left. later that day my uncle tried to trun his computer on but it wouldnt load past the main loading screen.
im doing a diagnostics on it at the moment to see what comes up and see if that might help with my problem if at all.
the computer is a dell and has windows xp.

im sending this from my computer in hopes of getting any information to help me in fixing this problem. thanks for any help that you can give.

A:antivirus scan and computer not booting

close this topic please. i did a system recovery to get it to boot up.

2 more replies
Answer Match 45.36%

Hi I'm new around here, and this seems like a great site. Hoping someone may be able to help me.

I am running Windows XP Home Edition with Norton Antivirus 2007. I have been unable to complete a full system scan for several weeks now.

With the help of Symantec online support, I have used the Norton removal tool, reinstalled my antivirus & run Intelligent Updater, which says my antivirus is completely up to date. I ran the full system scan in Safe Mode & it completed!! Only found 1 cookie, nothing major.

Then I restarted the computer & tried to run a full system scan. No luck!!

I have used Windows Live OneCare safety scanner & it apparently fixed some problems.

After spending many hours on this problem I am beginning to think there may be a system error that my antivirus gets to, then can't go any further.

This is the spot it stops at "HKEY_CLASSES_ROOT\TypeLib\{0B1DF4A9-C114-48A2-BE0A-6DC5973EB157}\1.0\0\win32->".

Would anyone have any idea?? I am going mental!!

A:Xp Problem Won't Let My Antivirus Complete Scan.

Upon searching for {0B1DF4A9-C114-48A2-BE0A-6DC5973EB157} I found out that CLSID is classified as Adware.IEHelper.A by TrendMicro. it is a low-threat distructive program... I would suggest deleting it, but not before backing up your registry and creating a restore point.

Are you having any problems with Internet Explorer by any chance? It looks like Adware.IEHelper.A registers itself into BHO.dll as a BHO for IE.

2 more replies
Answer Match 45.36%

First I have installed on my system Win. XP SP2 Home ZA Pro. version 5.5.094.000, (current) AVG Free Edition 0.0.323, virus base 267.9.0 as of today AdAware SE Personal, Build 1.06r1 (current) MSAntispyware version 5731 (current) CWShredder version 2.15 (current) iespyad (also current) ERUNT NTREGOPT HijackThis Things were going great with this protection/security setup untill July 8th when I updated the AVG 6.0 to AVG 7.0. After this one software update each time I ran the AVG 7.0 the system would crash and lose all power from the UPS to tower. To reboot I had to disconnect the power cord from the UPS and tower, reconnect to each and then use power button to start. I tried using the errior check disk and AVG ran alright one time. Next runinng and it repeated the crash/loss of power cycle. I have tried testing in safe mode with same results, Online/offline w/ same results. Now my settings for two web sites will not stay as set. I have checked the firewall settings. Today I uninstalled AVG 7.0 completly, reinstalled what is show as AVG 0.0.323. After installing this version I was able to run one scan immediatly after installation and it showed as "clean-no viruses". Now when I run AVG the system repeats the crash/loss of power cycle. I also downloaded the Ravantivirus from www.ravantivirus.com site and it also crashed/loss of power. Befor posting a HJT log I thought I will try this forum first. Can anyone help? Thank you. Carl(moderator edit: clarified topic and mo... Read more

More replies
Answer Match 45.36%

Hi. I believe I have malware on my computer that is stopping me from opening any .exe files and urging me to buy 'Antivirus scan'. I cant use internet explorer but I use firefox anyway. Running malwarebytes produces no viruses and when i try and reboot safe mode with networking it wont work and my laptop just boots as it normally would. I would appreciate any help to remove this thing. Thanks

A:Antivirus Scan/Live/2010

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

3 more replies
Answer Match 45.36%

Well Today I instaled a new antivirus on my laptop.
Every time I run the scan, a blue screen and crashes. When I reboot it again it shows a pop up saying that my windows crashed and if I want to send the report or not. I already sent it but I would like to fix it has quick as I can.. So the code it's following.

BCCode: 24
BCP1: 00000000001904FB
BCP2: FFFFF8800C0C74A8
BCP3: FFFFF8800C0C6D10
BCP4: FFFFF80002EA7711
OS Version: 6_1_7600
Service Pack: 0_0
Product: 768_1

Attachment 78437

Thanks for the attention.

A:Crash runing antivirus scan

[1 - Novice] How to ask for help with a BSOD problem

9 more replies
Answer Match 45.36%

Yesterday my desktop started acting weird. The entire screen went blue and wouldn't display anything, so I shut it completely off for a few minutes, then I turned it back on, Windows didn't load normally the way it usually does.So I then assumed that I could probably have a possible infection. So I ran MalwareBytes, but it didn't detect anything. I then ran SuperAntiSpyware, but it didn't detect anything either except a few tracking cookies. So I then decided to run TDSSKiller for precautionary measures, and it actually detected one rootkit infection, so I allowed TDSSkiller to "cure" the infection, but it wouldn't allow me to cure it. An error message popped up saying "Can't cure MBR. Write standard boot code? Yes or No?". So I selected "No", then it said it would be cured after reboot. So I then rebooted the computer, then shut it down, and went to sleep being that it was so late last night.So today, to furthermore make sure my computer wasn't infected, I tried to run my antivirus program, but at the start of the scan, my antivirus program gave me this message below...I didn't have this issue until after I allowed TDSSKiller to cure the rootkit infection that it detected. So what do I do about this? Does this mean the rootkit is still infecting my computer? It's now preventing my antivirus program from running and scanning the way it usually does. I don't like this. Can you help me fix this pr... Read more

A:Rootkit is interfering with my antivirus scan

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) An error message popped up saying "Can't cure MBR. Write standard boot code? Click on YES Please download GMER from here(doesnot work on 64 bit OS)http://www2.gmer.net/download.phpTemporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply. DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here

75 more replies
Answer Match 45.36%

Wifey's laptop is very slow. HP, 4 years old, Windows XP. I have run defrag, Regcure, I often run Spyware Doctor, and I have run chkdsk frequently.
Running AVG Home, free version, and I set it to Scan Whole Computer. It has been running for over 10 hours now. Is this ok? Any suggestions?
Thank you, all help is greatly appreciated.
 

A:Solved: 10 hours to run antivirus scan?

15 more replies
Answer Match 45.36%

Hi there, computer has just been infected, I need some help with the Hijack Log. I will post DDS below. I think my laptop is 64-bit, so hopefully GMER is not required? It does however say something about infected rootkits in the DDS so I've posted it anyway... Thanks in advance, Emma

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:52:45, on 15/01/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Administrator\Downloads\HiJackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Ma... Read more

A:Help needed with removal of Antivirus Scan

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for post... Read more

2 more replies
Answer Match 45.36%

I've been looking everywhere to find solutions for this error: "Could not scan. Scan engine returned error 0x2", but I can't find any nor can I find what it means. It pops up whenever I press the scan button for Custom, Quick, and Full Scans.

I'm using the Symantec AntiVirus 2006 v10.1.0.401 and it would be great if someone knew how to fix it.
 

A:Solved: Can't scan in Symantec Antivirus!

8 more replies
Answer Match 45.36%

IE redirects to mostly ad sites! Malwarebytes like other anti-virus programs I have tried will either not down load or stop scanning 3 seconds after they start. Cumputer will not restore to a earlier date either. Also can not remove some of the anti-virus programs that I tried to down load and use (Spynomore). Purchased Spyware Dr. and upon running it cant find search engine? And to top it all off I just burnt my dinner!!

Here's the Logs. Thanks
DDS (Ver_09-07-30.01) - NTFSx86
Run by William Stallings at 19:18:03.68 on Wed 09/16/2009
Internet Explorer: 8.0.6001.18702
AV: *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============
============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
mSearchAssistant = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program ... Read more

A:IE redirect/Antivirus programs won't scan!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 45.36%

I was browsing emulator sites earlier on my laptop, a year old Toshiba Satellite L505 running Windows 7 home edition, when several administrator permission windows popped up, asking for permission to install a program I had not attempted to download. Fearing a virus attack, I shut down my system, and upon restart a window opened called "Antivirus Scan." The window has a blue header containing the program name and a sub-header saying "Protecting every second", There is a large link on the same line aligned to the right that says "Get Full Protection with Antivirus Scan."

Below the header is a gray-blue area comprised of 5 tabs, reading from left to right "Performing Scan", "Adjust Settings", "Get Updates", "Activate Now", and "Help&Support."

In the "Performing Scan" tab there is a white area listing several dozen "threats", the adjust settings tab has another link to activate the program, as does Get Updates, Activate Now, and Help&Support.

I am currently locked out of opening any program aside from Internet Explorer, as the "Antivirus Scan" blocks all other applications with a pop-up from my tool bar that says "Application cannot be executed. The file [insert file name here] is infected. Do you want to activate your antivirus software now?"

When clicking one of the "Activate Now" links an Internet Explorer windows opens up, but all exte... Read more

A:Antivirus Scan fake program?

Update: Restarted computer in Safe Mode with Networking, Antivirus Scan program did not start.

1 more replies
Answer Match 45.36%

Hey all, i am having some serious problems with my CA Anti virus. Have googled around but can't find much info on a fix, does anyone know of what might be causing it?

I'm running a 2.8 P4 processor with 1024mb ram, 2x WD 120gb hard drives but only about 130gb of space is used combined between the two. There are no errors on the hard drives, the system doesn't hang and its using hardly any processor at all. The scan just seems to stall. It starts off fine then if i leave it for half an hour or so it will have stalled and is only scanning 1 file every 2-3 seconds. I've already run a spydoctor full scan and it only came up with cookies, no spyware. Also ran online scans of housecall and panda, neither of which picked up anything.

Does anyone have any ideas short of uninstalling/reinstalling?

A:Ca Antivirus Takes Over 24 Hours To Scan.

The speed of an anti-virus or anti-malware scan depends on a variety of factors.The program itself and how its scanning engine is designed to scan.Deep scanning or quick scanning.What action has to be performed when malware is detected.Competition between the scanner and other applications for system resources.Your computer's hard drive size.Disk used capacity (number of files to include temporary files) that have to be scanned.Other running processes and programs in the background.Interference from malware.Interference from the user.To speed up your scans, try cleaning out your temporary files or using ATF Cleaner first, and perform your scans in "Safe Mode".

1 more replies
Answer Match 45.36%

It has been long time since i used antivirus on my pc, my pc has been functioning extremely slow recently when i decided to purchase enetfix online antivirus, they showed on free scan which found a number of virus and malware. How do i know if the scan has performed genuinely and the report is correct?

A:Is the free Antivirus scan really genuine

I'm a little puzzled as to why after being content to use no antivirus (definitely not wise) you would then suddenly consider paying for an unknown quantity, when you could use known free offerings such as Avast Free or Microsoft Security Essentials.
 
However to double-check the status of your system as it stands, you could try a scan from another dependable online source, such as BitDefender:
 
http://quickscan.bitdefender.com/

3 more replies