Tech Problem Aggregator

lFor the last couple days I have had problems with windows police pro virus which i was able to fix. Now Protection System virus is attacking me. First it wouldnt let me open any programs, but finally I was able to download and run IObit security 360 which found a large number of threats. It did not really solve the problem though, instead now for just about every program (except microsoft office, and a couple others) it says "Choose a prgram to open this file", basically nothing will run. Also Protection System virus is still there and is doing it's usual thing. I can't use the internet or open regedit, and I have no idea how to fix this. My OS is Windows XP.

does anyone have any ideas? I would really appreciate any help that could be provided

1 more replies

Thanks in advance to the BleepingComputer users for helping me and others with this malware/virus problem: On December 14, 2011, the System Fix Virus & Privacy Protection Virus hijacked and infected my system: WinXP (64-bit). They've caused my default web browser to change frequently (each time I reboot my PC). So I've been having trouble getting rid of all of this malware/viruses from my system, since I use Windows XP x64. The latest version(s) of ComboFix and TDSSKiller don't work on the 64-bit version of Windows XP, but they are compatible with other versions of Windows: 98, XP, VISTA, 2000, 2003, 2008 and Windows 7! The following programs were made for other operating systems, so I need a solution to these 3 problems (listed below)e: ComboFix.exe and TDSSKiller.exe are not compatible with my Windows XP 64-bit system. So how do I get rid of the malware/viruses from this computer without those apps that were made to get rid of the following problems on other Windows OS's?:1. System Fix Virus (reference: http://www.bleepingcomputer.com/forums/topic432547.html)2. Privacy Protection Virus (reference: http://www.bleepingcomputer.com/forums/topic432664.html)3. Google-Redirect Malware (reference: http://www.bleepingcomputer.com/forums/topic416561.html)

A:Infected WinXP 64-bit with "System Fix Virus" & "Privacy Protection Virus" (Malware)

That is coorect they will not.. If you need to remove malware stiil then please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.If Gmer won't run,skip it and move on.Include a link back to this topic.Let me know if that went well.

1 more replies

Hello

This is the first time I've had a virus so I'm a little new to the technical terms and am trying to follow the advice given on this forum.
(BTW - the advice has been v clear and easy to follow - thanks!!)
I have had the 'Protection System' virus since yesterday (the one that masquarades as an anti-virus). I havent accepted anything nor bought it but it keeps putting distasteful shortcuts on my desktop, has cut me off from the internet, disabled some of my own scanware and keeps putting up pop-ups pushing me to buy it.

I read your threads and tried to install the Malwarebyte' Anti-Malware but it won't run and closes after 5 seconds. I then ran a CD with AVG as suggested on one of the threads. After this ran, I still was unable to run the Malware software - even in safemode.

I am using my friends computer and have downloaded the DDS screen saver and have managed to run it on this (healthy) PC and obtain the log files with ease. On my PC I have tried several times and rebooted, but no logs are being produced. Indeed after some time of trying - even that welcome message isnt displayed and it just closes without warning.

I dont really know where to go from here. Im not overly technical so I dont know if there is somewhere I should be looking to start with. Any help would be much appreciated.

PS I am running on Vista.

Thanks

A:'Protection System' virus

Welcome to BCWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.

6 more replies

Logfile of random's system information tool 1.06 (written by random/random)Run by Owner at 2009-09-01 18:01:20Microsoft Windows XP Home Edition Service Pack 2System drive C: has 51 GB (34%) free of 147 GBTotal RAM: 895 MB (21% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:01:42 PM, on 9/1/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16876)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\TGTSoft\StyleXP\StyleXPService.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\CyberLink\Shared Files\RichVideo.exeC:\WINDOWS\system32\svchost.exeC:\PROGRA~1\COMMON~1\Stardock\SDMCP.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system3... Read more

A:protection system virus

4 more replies

I've been infected with the Protection System virus. Computer runs slower than normal. My google searches get redirected to www.searchwebonline.org. Obviouly, I get a ton of Protection System fake popups asking me to register and that it has found various worms/viruses, etc.

Please let me know what steps to take to get rid of this thing. I have downloaded OTL.exe and run the scan based on a previous post but the removal was not successful. Not sure but I guess the removal of malware/spyware is specific to each pc?

Anyway, any help would be greatly appreciated!

tenjed

A:Need help in removing Protection System Virus

Reposted: http://www.bleepingcomputer.com/forums/t/264165/windows-security-center/

1 more replies

Hello, My computer was hit with these viruses maybe 2 weeks ago. I have tried various types of online help, and I have not been able to get rid of the issue. My computer was offline for a few days, and when I went back online today, I was able to search without redirects for a few hours (I actually got to the real google page instead of the redirect one), but the issue is back now. I have read that sometimes, the virus can remain in the router until it is reset. I do not have access to the router to do this, so I hope that this is not the case. I have McAfee on my computer, but it is expired, so I am not sure that I disabled it correctly before running the scans. If I need to do anything over again let me know. Thank you in advance for your expert help.Here are my logs.************************************************************************************************************************************************Checkupresult************************************************************************************************************************************************Results of screen317's Security Check version 0.99.7 Windows Vista Service Pack 2 (UAC is enabled) Internet Explorer 8  Antivirus/Firewall Check: Windows Firewall Disabled! McAfee AntiVirus Plus McAfee Security Scan Plus WMI entry may not exist for antivirus; attempting automatic update. ` Anti-malware/Other Utilities Check: Malwar... Read more

A:System protection and redirect virus

30 more replies

i have a fake anti-virus called 'protection system' on my computer. I have run malware btyes and AVG software. I tried running ad-aware but it didn't to find anything. *when i downloaded malwarebytes and HJT i had to change both the file names before i could install them* Please help!!!

***did a scan this morning, new logs are at bottom of post***
here is the log from malwarebytes

Malwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 5.1.2600 Service Pack 3

8/20/2009 12:42:45 AM
mbam-log-2009-08-20 (00-42-45).txt

Scan type: Full Scan (C:\|)
Objects scanned: 146971
Time elapsed: 31 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
\\?\globalroot\systemroot\system32\UACmosoxtbqlm.dll (Rogue.Agent) -> Delete on reboot.

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
\\?\globalroot\systemroot\system32\UACmosoxtbqlm.dll (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.

and here is the HJT log

Logfile of Trend Micro HijackThis v2.0.2

9 more replies

I have (possibly had if combofix worked correctly) the "System Protection" virus along with it's best friend a search engine redirect virus.
Tried-
-Step by step guide, TDSSKiller, RKill, and Malwarebyte as outlined here http://www.bleepingcomputer.com/virus-removal/remove-security-protection
-AVG and another scanner that I can't remember (has a doctor as a symbol)
-Deleting the host lines through notepad
-Restore prior to infected date
All of them failed miserably, especially the TDSSKiller (didn't find anything). Malwarebyte claimed it deleted about 30 files, however I was still being redirected and Deploymentupdate.exe continues to pop up the processes tab in my task manager. When I force quit the Deploymentupdate, my computer runs a bit more smooth.

I finally decided to run Combofix (no I do not have a mentor/guide) and so far no redirecting but that "Deploymentupdate.exe" still pops up!

I have attached a log. I appreciate any advice!

-Nate

A:System Protection/redirect virus

6 more replies

Hello,

My computer was recently infected by System Progressive Protection virus, which I removed using RKill and Malwarebytes Anti-Malware. In the process, the Antimalware detected and removed several Trojans and Rogues. How do I ensure that my computer is not infected? Any suggestions on additional scans that can be performed?

Thank you so much.

A:System Progressive Protection Virus

Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:

12 more replies

I posted in the "Am I infected? What do I do?" forum and was told to come here. I was told to do steps 6-9 of the Preparation Guide but am having trouble downloading the defrogger. It will let me download it but it will hide it to where I can't get to it. I've gone in the control panel to make sure I am enabled to see hidden files. Can anyone please help? Below is what I posted in the other forum:

I've been trying to kill this virus and I thought I finally got rid of it. It all started a few days ago I noticed i would get redirected to a different website everytime i searched for something. Then i got the privacy protection pop ups and the Vista 2012 Antivirus pop ups that tried to scan my PC.

Well after reading about it on the internet and then finding this lovely website I downloaded aswMBR, fixTDSS and Malwarebytes Anti-Malware which i thought got rid of the virus. I no longer get the popups or the redirects but now when I try to re-enable my virus protection (AVG) and Windows Firewall it will not let me. I also tried to download Microsoft Security Essentials but when I download it and go to the .exe I get an error saying it's not a valid Win32 application.

Also when i tried to view my System Info to try and determine if I had a 32 or 64 bit operating system there is nothing there. It just says Windows Management Files may be moved or missing.

A:Redirect, System Fix, Privacy Protection Virus

***Update***

I was able to get the defrogger downloaded by saving it to a thumbdrive from another computer. I got it to work. I am attaching the 2 DDS logs from step 7 of the guide however when i run GMER (step 8) i get an error saying it stopped working. It runs for about a minute and stops. Not sure what to do now.

51 more replies

2 more replies

I have Vista Home Basic, and I know that Vista prevents viruses from tampering with the System Restore folder. A few days ago I was the lucky recipient of a rootkit/trojan agent, which was able to turn off System Restore and delete/damage/prevent System Protection from working. By turning off System Restore, the virus effectively deleted all restore points, thereby preventing my computer from recovering to a previous state. This seems to negate any benefits of tamper protection.

Is it possible to prevent anything from disabling System Restore? Thanks for any advice.

Michael

PS. Although I was unable to use System Restore I was able to press F8 at startup and select "Last known good configuration." This has not removed all the issues, but it seems to have gotten rid of the really nasty stuff, and System Protection has returned.

More replies

I have been trying to get rid of these/this virus for days and days. They wil allow nothing to run. I can access the internet in safemode and d/l but cannot run TDSSkiller, no matter how I rename it, SmitFraudFix.exe also wil not run, and pretty much everything else locks up. I ran DeFogger and disabled CD Emulation. I will post the DDS log as soon as I can make it work..... any suggestions eagerly and gratefully accepted..... I'm about ready to give the bleeping computer the Very Hard Boot out the window........

Christa

A:System Restore and Privacy Protection Virus

I can't run the dds.scr program, it says I have to be an administrator and I have never had an admin password for this computer (bought it used).

10 more replies

System Progressive Protection is a rogue security software which will report that malware has been detected on your computer in an attempt to scare you into buying this malicious software.
In reality, none of the reported issues are real, and are only used to scare you into buying System Progressive Protection and stealing your personal financial information.

As part of its self-defense mechanism,System Progressive Protection has installed a rootkit on your computer,which will disable the Windows Task Manager and will block you from running any program that could lead to its removal.

System Progressive Protection is a scam and you should ignore any alerts that this malicious software might generate.
Under no circumstance should you buy this rogue security software as this could lead to identity theft,and if you have, you should contact your credit card company and dispute the charge stating that the program is a scam and a computer virus.
Removal instructions for System Progressive Protection virus​This is a self-help guide, use at your own risk.
If you experience problems completing this guide, or the problem persists after following the instructions below or would like to have one of our staff members guide you through the process, please start a new thread in our Malware Removal Assistance forum.
STEP 1 : Start your computer in Safe Mode with Networking

Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer.

Press and hold the F... Read more

More replies

My disc drive is not being recognized and in ie, using google, if I click on a link I get redirected to 2popcorn.net which redirects me somewhere else. It seems a lot of people are having a similar problem. Anyway here is my DDS log:

DDS (Ver_09-07-30.01) - NTFSx86
Run by Christian at 17:10:08.59 on Wed 08/12/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.249 [GMT -7:00]

AV: Windows System Suite *On-access scanning enabled* (Updated) {ADD4C55C-2E4A-4DE1-ACBE-B354C5480485}
FW: Windows System Suite *enabled* {1E0B9FC9-7CCE-4014-93AC-973C2AD1E648}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINDOWS\system32\RUNDLL32.EXE

A:Have Windows System Suite as Virus Protection

14 more replies

I just got both these viruses today, and managed to finally delete them both with malwarebytes antivirus. The thing is, after I used unhide.exe, yes, I got a lot of my icons back, but the things INSIDE of my folders, are all gone. I had many pictures and documents inside those folders, and they're really important too. Is there any way I can get them back?

More replies

I originally had Microsoft Security Essentials for 6 months now.  I had it programed to scan everyday.  All of a sudden everything is removed from icon task bar (I'm sure if that is what it is called)  and I can no longer access those programs even from the start menu which included MSE.  My system restore will not respond.  I keep getting this pop up:  loadmoney.txt - notepad.  I have tried safe mode with networking and I still cannot download anything except Dr. Web's Cure it.  What are my options?  I am running Windows XP  with service pack 3.

I have recently found that Spyhunter4 was able to download and detected 327 problems, which included some antivirus blocking rules.  If I purchase their product will they be able to fix the issues I am having.  I don't want to purchase a product that I am not sure whether that will fix the problem.

Well, spyhunter gives me the option to pay with paypal, but when I select paypal there is an error and I don't think that it would be safe to give my creditcard in formation right now.

Also I have problems deleting Files or Folders.  It says Acess denied, make sure the disk is not full or write protected and that the file is not currently protected.

A:CANNOT INSTALL ANY VIRUS PROTECTION AND SYSTEM RESTORE IS NOT WORKING

G'day cryss962,
I would steer clear of spyhunter 4...it is distributed by enigma software which has a poor rating according to WOT.....it rates the site as misleading and unethical and spammy.

Run the following for me and see what we can do..... if you are unable to download any of these tools please let me know.

Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files

Please Close Firefox before using this tool

Click Go and copy / paste the result (Result.txt).

Extract (unzip) its contents to your desktop.
Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and... Read more

14 more replies

Have run all your recommended programs.... Here is my latest Hijackthis Log File...Logfile of HijackThis v1.99.1Scan saved at 6:25:55 PM, on 22/07/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeE:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exeC:\WINDOWS\system32\qwerty12.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exeC:\Program Files\Canon\CAL\CALMAIN.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\System32&#... Read more

A:Computer Is Getting Pop Ups For System Doctor And Other Virus Protection Software

2 more replies

A:HELP!! PROTECTION SYSTEM ROGUE ANTI-VIRUS MALWARE MAKING ME INSANE!!!

Also here is my Malwarebytes LOG as well:Malwarebytes' Anti-Malware 1.38Database version: 2297Windows 5.1.2600 Service Pack 26/26/2009 3:15:19 AMmbam-log-2009-06-26 (03-15-19).txtScan type: Quick ScanObjects scanned: 116506Time elapsed: 14 minute(s), 27 second(s)Memory Processes Infected: 3Memory Modules Infected: 0Registry Keys Infected: 11Registry Values Infected: 8Registry Data Items Infected: 0Folders Infected: 5Files Infected: 43Memory Processes Infected:C:\WINDOWS\freddy47.exe (Worm.KoobFace) -> Unloaded process successfully.C:\WINDOWS\system32\reader_s.exe (Trojan.Agent) -> Unloaded process successfully.C:\Documents and Settings\Compaq_Owner\reader_s.exe (Trojan.Agent) -> Unloaded process successfully.Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CLASSES_ROOT\CLSID\{b2c7b2a1-00f3-42bd-f434-00aaba2c8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b2c7b2a1-00f3-42bd-f434-00aaba2c8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b2c7b2a1-00f3-42bd-f434-00aaba2c8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall&... Read more

3 more replies

OK. I'll try and explain this as good as i can. This started a couple months ago where i was trying to sync a scanner to laptop on win8 Toshiba, when the CPU started going crazy changed all contrast colors and ease of access settings to where the screen was not legable. ran my virus scan which didn't find anything but it kept happening. so did a full system restore. to no avail started noticing cpu always different  i got on it so i've been trying to run malware and spyware that gets shutdown or computer reboots in middle of scan. to where the laptop has crashed quite a few times when i get to looking deeper into the problem. now ive noticed network problems at home  with so many ports open and established. its gotten so bad as my older asus running win 7 has same problems now and my brand new galaxy s5 cell phone also was doing weird things and finally it too finally crashed. so thinking its something over the network which at first i thought it was the wife spying on me but every now and again i can turn off router and seems like things still happen and couple of my scan logs got changed were i know i saw some alerts on log about not updating but next day it was changed. when laptop was off all night after scan.

im not that tech savy but i try to read and look up as much as i could but shoot it just keeps getting worse and worse. so i would greatly appreciate some help with the matter before the laptop gets thrown in trash. it seems like theres alot of cmd ... Read more

A:Total system problems. files moved around virus protection gets disabled.

5 more replies

I have a windows xp laptop.

A little padlock sign has appeared on the bar along the bottom of my laptop screen, it keeps popping up saying its 'System Tool' and that I need to buy it due to viruses on my computer and I can't find a way to delete it. I keep telling it that i want to continue unprotected. I tried running anti malware scans in normal mode but my computer kept sutting down halfway through scans to a blue screen saying I should run my computer in safe mode. So, I went on to safe mode. Nothing is popping up in safe mode, and I have tried running my Windows Security Essentials scan but it can't find any problems. I got a friend in who helps my family to fix computers and he thought he had fixed it (I'm not sure how) but it had popped up again when I next looked at my computer. So, I went back to safe mode and thats where i am now.

Here is my DDS:

DDS (Ver_10-12-12.02) - NTFSx86 NETWORK
Run by Natasha at 23:04:51.76 on 01/03/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1375 [GMT 0:00]

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

A:Something called 'System Tool' keeps popping up and wanting me to buy virus protection and can't open my actual vir...

Please download OTL from here:Main MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Change the "Extra Registry" option to "Use SafeList"Push the button.Two reports will open, copy and paste them into your reply:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedPlease note: ... Read more

2 more replies

Hello,

It's been a month and a half since my computer first started having issues, so I'll try to be as comprehensive as I can from memory, but can't guarantee that I'd remember everything. That said, here is a list of the symptoms:

I started getting bluescreen. I can't remember what the bluescreens exactly say, but always with "beginning of physical dump", etc.

I did a system restore to a week or two weeks ago. That did not solve the problem.

I ran AVG, Windows Defender, Spybot Search& Destroy. None of these programs resolved the issue.
AVG found nothing of note.
Windows Defender found nothing of note.
Spybot Search& Destroy found the following two items:
-Opachki.ru
Autorun Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Autorun Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
-Win32.ZBot
Data
C:\Users\Public\Documents\Server\hlp.dat
Text file
I could not update my AVG nor Windows Defender.

So, after all this, I decided to do a system restore that goes to a point that's a lot further than before. But this happens:
System Restore informs me that "No restore points have been created on your computer's system disk", when I HAD system restore points before!... Read more

A:Google re-directs. Bluescreens. Can't update virus-protection programs. System restore-gone!

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

20 more replies

i have windows vista and i have norton and i wont have it for long, i cant afford to buy virus protection but i need it. whats the best thats free and has NO trials

A:Solved: whats the best free virus protection and spywhere protection?

16 more replies

The System Fix Virus & Privacy Protection Virus hijacked and infected my system: WinXP (64-bit). They've caused my default web browser to change frequently (each time I reboot my PC). So I've been having trouble getting rid of all of this malware/viruses from my system, since I use Windows XP x64.

ComboFix.exe and TDSSKiller.exe are not compatible with my Windows XP 64-bit system. So how do I get rid of the malware/viruses from this computer without those apps that were made to get rid of the following problems on other Windows OS's?:

The latest version(s) of ComboFix and TDSSKiller don't work on the 64-bit version of Windows XP, but they are compatible with other versions of Windows: 98, XP, VISTA, 2000, 2003, 2008 and Windows 7!

1. System Fix Virus (the first virus that affected my Windows system, 2 days ago.)
2. Privacy Protection Virus (behaves almost exactly like the aforementioned virus)
3. Google-Redirect Malware (redirects all my searches to this site: 63.209.69.107)

Thanks in advance to ANY users for helping me and others with this malware/virus problem: I understand and read the previous pinned-thread about the revelant malware/virus issue that Windows-users solved with the programs I've been unable to install on my system. The aforementioned malware/viruses began to infect my PC on December 14, 2011 (since that day, I haven't found a single anti-virus program that can detect the Google-redirect malware/virus on my system).

More replies

I am a bit unsure of difference between malware protection and anti-virus protection. I have Norton nis which is great for stopping Trojans. I have a company that works on my computer if I have a problem. They wanted me to put in a anti malware program. I have been having problems with computer lately, so I let them do this, could this cause a problem, because I know that you are not supposed to run 2 anti-virus programs?
Anyone?

A:Difference between malware protection and virus protection

Anti-virus and anti-malware programs each perform different tasks as it relates to computer security and threat detection. Essentially, they look for and remove different types of malicious threats. In simplistic terms, an anti-virus program will focus on viruses, worms, Trojans, rootkis and bots while anti-malware programs generally tend to focus more on spyware, adware and PUPS (potentially unwanted programs)?. However, there can be some overlap in functionality and detection features depending on the program's scanning engine, how the vendor defines a specific threat and what Naming Standards are used. Some vendors also add a modifier or additional information after the name that further describes what type of malware it is.The Difference Between Antivirus and Anti-MalwareAntivirus and Antispyware Software: What's The Difference?What Is the Difference Between Antivirus & Antispyware?Use Anti-Virus and Anti-Spyware SoftwareTo fully understand the difference between Anti-virus and Anti-spyware (anti-malware) programs, you need to understand the difference between the various types of malware. Please read the Glossary of Malware Related Terms.

6 more replies

I've had the System Integrity Scan Wizard, PC-Antispyware, and Security System Protection Control Panel popups. They've been very stubborn but after reading some of the posts here and running Spybot, Adaware, SmitfraudFix, Panda Activescan, Housecall, Stinger Avert, Windows Defender, and SDFix, I am now getting only one popup, which shows up as a blank white rectangle in the center of the screen (and now I can't click "Close" to get it off the screen, since the "Close" option is missing). From the size & shape, I believe it's the Security System Protection Control Panel. Would you please review my HijackThis log? Also, in some of the posts I've noticed recommendations to update Java. Is that needed in my case? Thanks very much for your help.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:55:55 PM, on 3/28/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Sh... Read more

A:System Integrity Scan Wizard, Security System Protection Control Panel

The blank popup appeared to be repopulated with information over time...apparently the spyware refreshed itself. I also learned from Task Manager that all of my popups were from the System Integrity Scan Wizard. After some more searching, I found the name (in my case, yzqrqzkp.exe) and told Norton Firewall to block it from accessing the internet. I used HijackThis to fix it and then deleted it and a namesake (YZQRQZKP.EXE-1253B76A.pf) from Windows\Prefetch (not sure that was necessary but deleted it anyway). My only concern is that from what I read, there should have been another copy in \Local Settings\Application Data, which I didn't find. I updated Java per instructions in another post, also turned System Restore off and on. I think the PC is now clean, but would you review my latest HijackThis log to be sure? Thanks very much.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:05:26 AM, on 3/30/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Syman... Read more

14 more replies

A:System Integrity Scan Wizard, Security System Protection Control Panel

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Run Hijackthis again, click scan, and Put a checkmark next to each of the lines listed below. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =O4 - HKLM\..\Run: [e43075dd] rundll32.exe "C:\WINDOWS\system32\qpfrsnow.dll",b================Click Start -> Control Panel -> Add Remove Programs and uninstall these programs:J2SE Runtime Environment 5.0 Update 11 Java? 6 Update 2 Java? 6 Update 3 Java? SE Runtime Environment 6 Update 1Reboot and post a new hijackthis log.

37 more replies

I have windows 7 home premuim 64 bit
I went to create restore point on my new dell and after about an 1/2 hour of waiting for SR to open up I got this:

You have no Restore Points. Use System Protection to create restore point.
When I attempt to turn on System Protection, it doesn't show any drives available when it opens -- it just says that it's searching for available drives and it keeps searching and doesn't stop. Eventually, I'll receive the following Error Message:

"There was an unexpected error in the property page: System Restore encounter an error. Please try to run System Restore again (0x81000203)." also all button are greyed out. I wanted take an image to show you but that's not working either. Is there hope?

Thank you.

A:Windows 7 Home Premuim System Restore and System Protection not working.

16 more replies

My PC is infected with 3 malware popups named Security System Proctection Control Panel, System Integrity Scan Wizard and Security System Warning (the last one telling me I have Abebot). I have tried to get rid of them with Kaspersky Antit-Virus, Adaware, spyware sweeper, and SpybotSD, but they are still running. I didn't run the online scan by Kaspersky because I have the most recent version installed and running on my PC. When I ran a rootkit scan with KAV, it took just over four hours and reported my PC was clean. So for whatever reason Kaspersky is not picking up these three forms of malware. Following all other directions on your preliminary instruction list I used Deckard's System Scanner to make two Hijack This files. They are pasted in below. Please take a look and tell me what I should do to get rid of this malware. Thank you very much for this valuable service you are providing.-- Dark EagleDeckard's System Scanner v20071014.68Run by Perry H. Chesnut on 2008-04-18 23:11:18Computer is in Normal Mode.--------------------------------------------------------------------------------Backed up registry hives.Performed disk cleanup.-- HijackThis (run as Perry H. Chesnut.exe) ------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:47:35 PM, on 4/18/2008Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:F:\WINNT\System32\smss.exeF:\WIN... Read more

A:Security System Protection Control Panel & System Integrity Scan Wizard Popups

2 more replies

Hello,

I have recently just successfully cloned my Old primary 1TB Western Digital HDD onto my new 1TB Samsung EVO SSD to increase hard drive performance to give it a quick boot up and to enable Windows and my programs to load a lot quicker and perform better with multi tasking. My laptop is one of the bigger 17inch Acer models which comes with two hard drive bays. So once I had wiped my older WD HDD I then inserted a new 2 TB Seagate hard drive into the second bay to be able to store it for personal and media files, and any other imprtant data, to keep it the SSD as the primary hard drive and just for OS and programs only. My system runs the Windows 8.1 OS and is 64 bit.

However, I wanted to create a restore point and upon doing so, I found that System protection was turned off for all my both my hard drives.

I thought I had managed to somehow enable system protection on my C:/ Dive (including the partioned / drive on the same hard drive) on my SSD, and yet though it shows them enabled, it shows the word missing next to them, and I am assuming this is telling me the previous restores are missing; whether as a result of cloning I don't know. The other weird thing is further up the properties page it also shows the C\ and D:\ Drive but turned off.

So I thought I would try increasing the disk space usage, since it was showing it at 0, and it would allow me to do so and returned the message: 'There was an unexpected error in the property page: The system ca... Read more

More replies

Hello,

I have recently successfully cloned my Old primary 1TB Western Digital HDD onto my new 1TB Samsung EVO SSD to increase hard drive performance to give it a quick boot up and to enable Windows and my programs to load a lot quicker and perform better with multi tasking. My laptop is one of the bigger 17inch Acer models which comes with two hard drive bays. So once I had wiped my older WD HDD I then inserted a new 2 TB Seagate hard drive into the second bay to be able to store it for personal and media files, and any other imprtant data, to keep it the SSD as the primary hard drive and just for OS and programs only. My system runs the Windows 8.1 OS and is 64 bit.

However, I wanted to create a restore point and upon doing so, I found that System protection was turned off for all my both my hard drives.

I thought I had managed to somehow enable system protection on my C:/ Dive (including the partioned :D/ drive on the same hard drive) on my SSD, and yet though it shows them enabled, it shows the word missing next to them, and I am assuming this is telling me the previous restores are missing; whether as a result of cloning I don't know. The other weird thing is further up the properties page it also shows the C\ and D:\ Drive but turned off.

So I thought I would try increasing the disk space usage, since it was showing it at 0, and it would allow me to do so and returned the message: 'There was an unexpected error in the property page: The system... Read more

More replies

Hello,

I have recently just successfully cloned my Old primary 1TB Western Digital HDD onto my new 1TB Samsung EVO SSD to increase hard drive performance to give it a quick boot up and to enable Windows and my programs to load a lot quicker and perform better with multi tasking. My laptop is one of the bigger 17inch Acer models which comes with two hard drive bays. So once I had wiped my older WD HDD I then inserted a new 2 TB Seagate hard drive into the second bay to be able to store it for personal and media files, and any other imprtant data, to keep it the SSD as the primary hard drive and just for OS and programs only. My system runs the Windows 8.1 OS and is 64 bit.

However, I wanted to create a restore point and upon doing so, I found that System protection was turned off for all my both my hard drives.

I thought I had managed to somehow enable system protection on my C:/ Dive (including the partioned / drive on the same hard drive) on my SSD, and yet though it shows them enabled, it shows the word missing next to them, and I am assuming this is telling me the previous restores are missing; whether as a result of cloning I don't know. The other weird thing is further up the properties page it also shows the C\ and D:\ Drive but turned off.

So I thought I would try increasing the disk space usage, since it was showing it at 0, and it would allow me to do so and returned the message: 'There was an unexpected error in the property page: The system cannot fin... Read more

More replies

Basically after installing some new software for my phone my windows 7 laptop crashed - it flashes a blue screen and restarts on boot up I can get to image 1 page to try a system repair
But then I need to enable system protection.. Image 2
Is there any way I can do this through a command prompt??

A:Enable system protection to preform system restore

9 more replies

I've tried to open System Protection in System in the Control Panel but it will not work. It gives an error of 0x81000203. I've rebooted and attempted but get the same thing each time.

A:System Protection not working in System Control Panel

Scroll to the 2nd answer by Meghmala

6 more replies

Hi Everyone

I went on my laptop this morning and it said I needed to run a system restore. Unfortunately when I try to it says I need to enable system protection on my C drive. I've been searching the web for a solution for the past couple of hours and it seems like quite a common problem. However I've tried all of the suggested solutions and nothing seems to work. I'm not the most computer literate so some of the suggested didn't make the most sense. If anyone has any suggestions to help the matter it would be very much appreciated.

Thanks

A:How do I enable system protection for system restore?

System Protection - Turn On or Off

3 more replies

I have a Win10 Pro and ran MR to create a system image backup.
It went well but it turned of system protection.
A message shows up with a warning yellow triangle that reads.
Using system protection on a drive that contains system image backups will cause other shadow copies to be deleted faster than normal.
--- How do I stop system protection from being turned off?

I have another Win10 computer and created a MR system image backup on that one also.
System protection wasn?t turned off on that one.

I do not use shadow copies: If shadow copies are in use on my computer it doesn?t matter to me if that is the case as I don?t know how to use them anyway. I just don?t want system protection turned off.

A:I don’t want system protection turned off when I do a MR system image

Hi,

The available disk space on the pc with the warning issue is probably too small to store both backup images (MR) and system protection image.

I do not use shadow copies:

Actually you do. System Protection is a form of Shadow Copying.

Furthermore, it's not wise policy to store backups on the same physical drive as your system. Still better than nothing but all in all not sound practice.
Better to store back up on an ext. removable drive.

In the mean time you could reduce the amount of space allocated to System Protection and see if that helps any.

Cheers,

1 more replies

My Toshiba Notebook (x64) (running Windows 7) has stopped being able to open/run programs. I've been using safe mode to try and find a cure, and safe mode works fine. I ran a few antivirus programs that detected a few things, but none of them solved this issue. Using System Restore seems to be the only thing I can really do, but I've been having some troubles with it.

Only one System Restore point shows up, and it's only from a few days ago, which isn't far back enough to fix my problem (I've already tried restoring it to that point). There are no other options as you can see here and here.

I tried to create my own restore point, but ran into some problems. When I go into "System" the "System Protection" option is missing. I only have these three options:

When I use the search bar to find it instead, "Create a restore point" comes up, but when I click and it opens System Properties, the "System Protection" tab is missing.

When I looked it up, someone had suggested running Regedit and checking HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR but I couldn't get that far.

If anyone could help me out, it would be greatly appreciated.

A:Troubles with System Restore/System Protection

Hello esu and welcome to Seven Forums.

Have you verified that System Protection is turned on? (If it is, try turning it off, restarting the computer, turning it back on, and restarting the computer one more time.)

System Protection - Turn On or Off

See if you can manually create a restore point.

System Restore Point - Create

If not, your computer may have damaged or corrupt sytem files. Try running a system file checker scan from an elevated command prompt (option two.) If problems are found, run the scan 3 times and make sure to reboot the computer immediately after each of the scans.

SFC /SCANNOW Command - System File Checker

4 more replies

I need help on how to remove the (system reserved) folder under Available Drives in protection settings. On all my other computers it is not shown. Not sure why it is there as it does not show anywhere else on computer as a drive. I guess it just bugs the hell out of me not knowing why it's there. Any help would be appreciated.

A:In System Protection under Available Drives (System Reserved)

Look in Disk Management and see if the Reserve has a partition letter.

9 more replies

Hi, I defragged my registry (castigate me later, please), and well, my system crashed. I'm running Windows 7 Home Premium 64 bit on a Lenovo laptop, and on startup, I get a blue screen claiming that the OS couldn't boot, and the option to try a system repair. After analysis, it says that it can't repair the system automatically, and offers more advanced options. I can try a system restore, but after selecting a restore point (clearly the one created before defragging the registry), system restore says that I must enable system protection on the drive. I don't remember disabling it, and I don't know how to enable it without access to the desktop.
From those same advanced recovery options, I can use a system image recovery (don't have an image to recover from), the windows memory diagnostic (it claims there's no memory error), or the command prompt. I know very little about using the command prompt, but I can open the task manager at least, though not explorer.exe or msconfig.exe (the prompt claims they're invalid commands).
I've tried booting in safe mode, with the last known good configuration, with boot logging, and everything else from that menu, as well as a Windows 7 recovery disc (though I believe this disc just provides the same options as those installed on the laptop.
If possible, I'd like to know how to enable system protection from the command prompt window so that I can continue with the system restore. I'm quite certain that the error lies in the defragmentation... Read more

A:System Restore - Enabling System Protection

right click my computer/properties/advanced system settings/system protection/ high light your drive, click configure,now click( restore system settings and previous versions of files)
OK and exit

7 more replies

I have a screen shot of it.  There is the Local Disk (C:) listed and then this other.
Capture.PNG   126.43KB

A:Under System Prop, and System Protection what is (C:) Missing ?

Post an Image from Disk Management Screen.

Control Panel / Administration Tools / Computer Management / Disk Management.

This will show all current active drives.

11 more replies

I hope that this is in the right section but I am having a problem with my computer. I can constantly hear programs running in the background. I currently have two anti spyware/malware installed on my computer. One is SpyHunter and the other is CyberDefender. They both are picking up on some virus called Vundo and everytime I delete it, it just comes right back. It is so frustrating surfing the internet because it freezes or moves extra slowly. Figured I'd ask you guys before I take a hammer to it lol.

Thanks

A:Windows XP SP2 running slow, virus protection catches it but the virus keeps coming back

9 more replies

Hello,

It started with search results being redirected, then my Mcafee suite not scanning or being able to update. Any downloaded virus protection, malware blocker, etc WILL NOT RUN. Including HijackThis, Malwarebytes, Superspyblocker, Panda, etc etc.

Then it shut down Internet Explorer, and it prevents me from reloading it (now browsing on Firefox, while it lasts)

Tried Secure2k's boot cd on the mcafee forums - did not help, so came here.

DDS will not run or has been prevented from running.

GMER runs, then crashes, then the blue screen of death, then my computer restarts a few times automatically before its "normal" again.

So I cannot post any logs whatsoever.

A:[SOLVED] Unknown malware/rootkit/virus stpping virus protection and redirecting searc

1 more replies

After logging on to my computer, the Action Centre reports that theFirewall and Virus Protection are turned off, with a red cross appearing on the flag on the bottom right hand corner.
This shows for a good few minutes before disappearing and Mcafee appearing to run normally.
Also, on some occasions, going into certain websites causes considerable keystroke lag (i.e. Facebook), and the only way to stop this is to restart the computer.
On looking at the system configuration startup items, item Appgraffiti appears (which appears online to be malware), but this does not show in the programs list to be able to uninstall.
I tried the Microsoft Fixit facility to uninstall hidden programmes, but although Appgraffiti does not appear there are three items showing "Name not Available"
Trying to uninstall one of these fails.

DDS Log below:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280
Run by FC at 21:07:09 on 2014-10-05
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.6056.3009 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===========... Read more

A:Possible Virus - Delayed Firewall/Virus protection Startup & Keystroke Lag

Also, attempting to make changes to system configuration startup items and saving changes causes computer to freeze up. Please help as we need this for working from home.

38 more replies

For the last few days my McAfee VirusScan Enterprise 8.5.0i features has been disabled and greyed out. My Access Protection, Email Protection and Buffer Protection are absent when I open my Virus Console from my Start menu. I cannot open my Virus Console from my system tray where the icon is. I keep getting an error message that says: Could Not Access the Local Computer. But I AM the local computer. I also have full privileges. I ran services.msc to see if I had access to shut down mcshield and I get another error message Error 5: Access Denied. Now my Microsoft Word isn't working. It's saying that there isn't enough memory or the disk is full. But I know I have enough space. I've also gone into the Administrator account in Safe Mode to look at my Virus Console and, although the options are avaliable, everytime I reenable them it just disables again when I reopen it. I haven't have problems for months since I got this. I've reinstalled this thing a hundred times to no result. And I've scanned my computer multiple times with different recommended devices in and out of safe mode. I am at wits end. I could really use some help.
Deckard's System Scanner v20071014.68
Run by Buni on 2008-05-20 11:51:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enabl... Read more

A:Unknown Virus Or Trojan Or Spyware Attacking My Virus Protection

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3070801
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=3070801
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAf... Read more

2 more replies

I just completely reinstalled my windows and i'm still getting redirecting and i'm also still not able to get onto malwarebytes site and i can't use microsoft update or download.. Is there a chance when i put some stuff on my flash drive that when i took the drivers off that flash drive to update my computer it could have reinfected me? if so what do i need to do to a. clean this off and b. clean my flash driveany help will be greatly appreciatedi've scanned this computer 3 times and gotten the same problems each time.. ill post the most recent first and the other two in following repliesMalwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4095Windows 5.1.2600 Service Pack 2Internet Explorer 6.0.2900.21805/13/2010 3:28:54 AMmbam-log-2010-05-13 (03-28-54).txtScan type: Full scan (C:\|)Objects scanned: 126124Time elapsed: 8 minute(s), 11 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 2Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 93.188.161.105 93.188.166.105 1.2.3.4 -... Read more

A:Online protection tool virus and google redirect virus..

this is the very first scan i did as you can tell by the times these were all done within a relatively short time.. the only reasosn the first one i posted has 3:30 time is because i changed my clock from pacific to eastern in the middle of the scan.. all 3 scans were done within an hour of each other and i haven't been to very many sites to pick up anything at all and all 3 have the same dsnc changerMalwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4095Windows 5.1.2600 Service Pack 2Internet Explorer 6.0.2900.21805/12/2010 11:55:56 PMmbam-log-2010-05-12 (23-55-56).txtScan type: Full scan (C:\|)Objects scanned: 119747Time elapsed: 8 minute(s), 23 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 2Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 93.188.161.105 93.188.166.105 1.2.3.4 -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{648e4f26-bd48-4bda-b906-dd725a4d48d7}\... Read more

10 more replies

For the last few days my McAfee VirusScan Enterprise 8.5.0i features has been disabled and greyed out. My Access Protection, Email Protection and Buffer Protection are absent when I open my Virus Console from my Start menu. I cannot open my Virus Console from my system tray where the icon is. I keep getting an error message that says: Could Not Access the Local Computer. But I AM the local computer. I also have full privileges. I ran services.msc to see if I had access to shut down mcshield and I get another error message Error 5: Access Denied. Now my Microsoft Word isn't working. It's saying that there isn't enough memory or the disk is full. But I know I have enough space. I've also gone into the Administrator account in Safe Mode to look at my Virus Console and, although the options are avaliable, everytime I reenable them it just disables again when I reopen it. I haven't have problems for months since I got this. I've reinstalled this thing a hundred times to no result. And I've scanned my computer multiple times with different recommended devices in and out of safe mode. I am at wits end. I could really use some help.Here is my 'main.txt' information:Deckard's System Scanner v20071014.68Run by Buni on 2008-05-20 11:51:07Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------System Restore is disabled; attempting to re-enable...success.-- L... Read more

A:Unknown Virus Or Trojan Or Spyware Attacking My Virus Protection

"%userprofile%\desktop\dss.exe" /configClose all other open windows.Click OK.A window will now open. Click Check All and then click Scan!.When the scan is complete, two text files wi... Read more

16 more replies

My computer is a very old, very ?full? one running Windows XP Home Edition version 5.1.2600 with Service Pack 2.0. About 6 months ago, my computer quit working, and I had a new hard drive put in, but the technician partitioned it. I am very computer illiterate, so I?ve just been managing with the part of the hard drive that had my files on it so my Drive C has an error message of ?Low Disk Space? flashing on the lower right of my desktop. I also have a 1 TB Maxtor External Hard Drive which we just got a couple of months ago. We attempted to back up my computer to the external hard drive right after we got it, but I?m not sure we did it successfully.I believe I have a virus, but I don't know what it is on my home computer. Several weeks ago, my home computer was attacked repeatedly, but NIS 2009 blocked it over & over again. However, a virus was detected and removed later that day. Also, a week or so later, my son downloaded some stuff from the Internet.My computer began acting up & I couldn't access the Internet. These are the steps I?ve attempted so far:I restarted the computer several times with no change.I attempted to use System Restore, but the computer wouldn?t reset to any of the dates I tried.I attempted to uninstall & then reinstall NIS 2009. I got the following message at one point: The file ?Sym\M.sys? on Symantec Network Driver Disk is needed. Type the path where the file is located, and then click OK. Copy files from: Files\Norto... Read more

A:Can't access Internet, virus protection disabled, think I have a virus

17 more replies

I think I have finally figured out what in the heck is wrong with my computer, it's the PE_Parite A virus. I have no idea where I picked it up from, but it's there and I can't get rid of it. Previously, on my old computer, I didn't have any anti-virus software. With this new computer I purchased Trend Micro's PC-Cillin, which apparently did not pick up this virus. I gave up trying to remove/fix the virus problem and I am reinstalling my windows operating system (2000 Professional). What I really need to know is what anti-virus software should I be using? Apparently I'm not having any luck with PC-Cillin, so what's a better program? Thanks!

A:Solved: Anti-Virus protection against PE_Parite A virus??

7 more replies

Hi
When windows vista starts I get a screen that looks like a virus potection screen saying to run it. Also all files are gone until I run unhide. Cannot run task manager or anything and keep getting many popups. It also erases everything on the start menu. Don't know how to get rid of it. Can you please help.

DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 7.0.6001.18000
Run by Chenille at 9:34:15 on 2011-12-10
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3061.2381 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService

A:Keep sees virus need to scan looks like virus protection may popups

3 more replies

Hi, Im the one with the problem with a green av false security virus. I got a reply telling me to post threes documents on to my new thread after i scan with them and zip two of them. My problem with this virus, is that it puts up 4 pop ups every 30 seconds, and it keeps kicking me out of web sites. Whatever i click on when the pop ups come, it opens my internet to a page asking for my card number to make a purchase. My computer runs on Windows XP. Here is the document that i was told to copy and paste.

DDS (Ver_09-09-29.01) - FAT32x86
Run by personel at 11:12:25.42 on 09/30/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.445.139 [GMT -7:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
SVCHOST.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
SVCHOST.EXE
SVCHOST.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
SVCHOST.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\YAHOO!\browser\ycommon.exe

A:Green AV false virus protection virus reply

Hello, and Welcome to TSF.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper at this forum.

---------------------------------------------------------------------------------------------

I see no AntiVirus application installed. An AntiVirus is a must have for machines connected to the internet today.

Connecting to the Internet without antivirus protectio... Read more

12 more replies

A:Have virus, can't access Internet; virus protection was disabled

Hello and welcome to Bleeping Computer.My name is Syler, I will be helping you to solve your Malware issues. Whilst I am helping you, I wouldbe grateful if you would note the following: Please do not run other tools or scans unless I ask you to and follow all the steps I give you, in order.
Copy and paste all logs requested in you reply, Do not attach them unless asked too.
If you don't know or understand something, please don't hesitate to say or ask before you proceed with my instructions.
Please continue to work with me, until I tell you your machine appears to be clean. Absence of symptoms does not mean that everything is clear.

19 more replies

Hi,
I wanted to start system restore. The window shows: to create a restore point

open System Protection.

When this link is clicked, the System Properties dialog is opened by

SystemPropertiesProtection.exe

But the Tabs "System Protection" and "Remote" are missing in this dialog.

Something is wrong with the installation, but I cannot do new clean installation as many software is installed upon the platform. I have mounted the Vista installation DVD with "GImageX", but I do not know which files or Registry Entries I have to extract.

Any ideas? Thanks in advance for any help.

More replies

Oh i can not get system restore to open but it works in safe mode not in regular mode.

A:Need help system protection not there on system properties

Hi,

Welcome to Seven Forums.

Run Regedit and check the following registry key:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR.

If the key is present and has any value other than 0 then system restore is disabled and the system protection tab will be hidden.

Viruses often disable this by setting this registry key. Often they will also disable the task manager and regedit too.

If you get a message saying regedit has been disabled by your administrator then it's quite possible you have been targeted by a virus, in which case a full scan of your system is a good idea.

As always, before making changes to your registry, back it up.

hth
Tanya

4 more replies

Hi all
I want to disable "hardware, Advanced, System Protection, Remote" tabs from system properties dialog box( screen shot attached).
The user should only able to access change computer name feature. Other feature should be disabled/removed.
I there any way to achieve it?

IMG]https://social.technet.microsoft.com/Forums/getfile/703346[/IMG]

A:disable "hardware, Advanced, System Protection, Remote" tabs in system

I'm inclined to say no, for a very simple reason.
Changing the computer name requires administrator access. Given that, the user already has full control over the entire computer, therefore he can change whatever he wants.
What's the purpose of such "limitation"?

4 more replies

Yesterday I, as always before, was going to do monthly Macrium Reflect system backup. As per usual I did all the AV, HW and software checks, made sure windows and SW was up to date, absolutely everything works as good as ever. At the end of those checks I did sfc /scannow but would not go past 58%. Dism also got stuck at some 20% on or offline, in safe mode too.
All disks are in perfect shape and so are drivers etc.
Before I do something radical like restoring last moth's Macrium backup or doing windows repair I would like to see if there's something less radical to troubleshoot this problem.
I still have W10 on another disk to fall back to if necessary so in no way I could be left without OS on this computer. Willing to try anything. Any ideas ?

A:System protection

Hi Mike,
Personally I don't have a problem with this but some people do with:
The Scoop On KB 3022345 System File Corruption
You might want to uninstall this update if installed.

3 more replies

My System in "System Properties" has its "Protection" as OFF
Start > Control Panel > System > System Protection > System Properties (dlg) > System Protection (tab)

I am trying to clean up my Registry after uninstalling "CutePDF"
- three lots of bundleware with one double negative opt-out that I thought I had outsmarted
- CutePDF do not supply an "uninstaller" any more for their free CutePDF
- Revouninstaller did not detect any registry items
- CCleaner does not find any of the CutePDF registry entries
- a manual trawl/search has found two keys each with 29 data entries
- created a restore point, as insurance
- disabled the "CutePDF" keys by renaming the keys with a "_obs" affix string
- rebooted and no problems
Q1: Should the "System" protection be Off or ON
- my inclination is to change it to ON
- but I would like to check with those who really know first (no guesses)

I know ... I know ... an image would have been simpler
- but I am not "there" yet ... when my busy meter slows down to insane

A:System Protection is OFF

It should be on if you want the protection of system restore.

9 more replies

Hi. I suddenly got a ?Security Center Alert? pop-up in my computer. I have tried what other users tried before. The thing is that now it uninstall Avast antivirus, don?t let me install MBAM (or any program at all), can?t connect to the Internet or access the Windows Task Manager. I also tried to run the Hjack but it simply won?t run.

A:Protection System Again

Welcome to BCTry to run both of these and save the logsWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.

1 more replies

How do I go about turning ON System Protection.

When I go to restore my system from a Restore Point, I get a popup saying "System Protection" is turned OFF and I need to turn it back ON.

A little help please. Thank you.

A:System Protection

Quote: Originally Posted by huffman

How do I go about turning ON System Protection.

When I go to restore my system from a Restore Point, I get a popup saying "System Protection" is turned OFF and I need to turn it back ON.

A little help please. Thank you.

See this tutorial.

System Protection - Turn On or Off

2 more replies

How do I go about turning ON System Protection.

When I go to restore my system from a Restore Point, I get a popup saying "System Protection" is turned OFF and I need to turn it back ON.

A little help please. Thank you.

More replies

Ive noticed every once in a while that my system protection keeps turning it self on, even though I have manually shut it off?

What could be affecting this? (I want it off because I back up regularly)

A:System Protection...

System protection is different than backing up data, system protection backs up critical system registries and other settings normal backups do not, it would be wise to leave this setting On.

.

1 more replies

I have been infected with protection system and the instructions say to run malwarebytes but when I try to run it it just stops. Is there another way to get around this. I work from home and this is ruining my day. I also tried to use spyware doctor but I can download the updates to run the program... I'm hoping somebody can help Edit: Moved topic from XP to the more appropriate forum. ~ Animal

A:protection system

(This is a short scan of files currently running in memory, boot sectors, and targeted folders).If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All.When complete, click Select All, then choose Cure > Move incurable.
(This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)Now put a check next to Comple... Read more

1 more replies

How to turn on System protection using/through Ubuntu?

A:System Protection

Look over here:
The Ubuntu Forum Community - Ubuntu Forums

2 more replies

I am curious I was reading a previous thread which concerned a Teacher, Wendy and her issues with her current computer instructor. When following the thread a program I have never heard of, HijackThis was mentioned several times. Is this a program that just simplly reports problems to the user or is it like Spybot S&D(which I am currently using) in that it can also fix any possible security issues. If HijackThis can do the previous: fix report and whatever else; then what additional advantages does it provide the user that Spybot doesn't support, and would U use this in place of Spybot S&D or something else.

A:system protection?

It is not an automated tool, and provides no judgement or recommendations on removal. It simply shows what is present in several locations of the registry and file system - you have to know what you're looking at to use it to delete entries.
When I think it's preferable that dll's are unregistered etc., I will often recommend that SpyBotSD be run first and then use HJT to look and see if it missed something.

You can see some instructions at http://tomcoyote.org/hjt/ if you want to look at it.

1 more replies

I just finished "cleaning out" an old Dell desktop. I deleted a lot of files. I don't intend to un-delete any of them (couldn't anyway, because I did a wipe of the free space), but the thought occurred to me, what if I wanted to un-delete one of them? In the old DOS days, I could do that without software (like Recuva). But with NTFS file systems, I note that there is a system setting called System Protection that provides a built-in way to recover deleted files, as long as you haven't overwritten them. I checked the settings for this app on my desktop. System Protection is Off for both of my drives, so that's apparently the default.

Question: What are the downsides of turning that On? My guess would be that it burdens the MFT with more entries, thereby slowing drive performance. Is that true and are there any other downsides?

A:System Protection

The only real downside to turning on System Protection is that is consumes some disk space but you can control that. The impact on performance is insignificant.

5 more replies

How does System Protection work...does it save information to a separate partition?

I have a 7gb partition on my drive that I do not know what it is for. I deleted it and was am thinking of adding it to my main C: partition. Did destroy the System Protection partition?

A:System Protection?

That partition was likely put there by the manufacturer to help you restore the PC to factory specs if you ever needed to do that.

If you in fact deleted the partition and do not have "recovery disks", you will have problems restoring to factory specs.

Do you have any install discs at all? What happens if your hard drive fails in 30 minutes?

System protection is not the same as "system restore", which you may be thinking of. System restore returns the operating system to the way it was on the date the restore point was made---typically somewhere in the last couple of weeks-----not to factory specs. System restore points are stored on your C drive along with Windows.

Can you post a screen shot of Disk Management?

9 more replies

Hey all, I've ran into a huge problem... My aunt dropped off her family computer yesterday and I've been working on it for a few hours now and to say the least I'm completely stumped. There's this fake anti virus program called Protection System which does it's thing, I'm sure you know all about it. Anyway, I've done a few hours worth of research, read countless "fix it" articles and forum post and nothing has worked yet. At this point I need to rest my eyes and my mind and ask you all for your help.The biggest problem is no programs that could solve the problem or aid in solving the problem work. The real anti virus was disabled and broken, malwarebytes wouldn't install so I renamed it, it then installed halfway before freezing. I played around with that for a while and I got it to install. Couldn't run the program after that, so I renamed the that. It finally opened but as expected the scan shut the program down. After it crashed during the scan malwarebytes was completely inoperable, couldn't even delete it with out a restart. At that point I had enough, I was preparing to post a topic in the "HijackThis Logs and Virus/Trojan/Spyware/Malware Removal" forum but after several attempts it appears that not even your DDS Tool works. I'm just so frustrated right now...To clear a few things up. I've been trying everything in and out of safe mode, same results. Also, all the games on the computer appear to work, iTunes works, Quickbooks work, AIM works. I'm pretty sure every progr... Read more

A:Protection System

Hi Mike,

do you still have your aunt's PC and do you still need help?

regards _temp_

3 more replies

I was looking around in system properties and under system protection, device updates the top box was checked, I changed it to what it is now and want to make sure this is ok.

A:System Protection

It's far better than just "OK" when you have the system running satisfactorily. It's the only way to avoid the nasty surprises when Windows "updates" to incorrect drivers.

3 more replies

In my system properties under system protection, the c drive sys pro is on but on my d drive (restore) the sys pro is off. Should i turn it on?Is it able to vreate sys restore points when the sys protection is off?

A:my system protection

Hello @hunterm1 Welcome to the HP Support forum. Thank you for your post.Probably you have one HDD drive and C:\, D:\, etc.. - these are not called drives but partitions - part of the whole thing - one HDD. No problem. The D:\ partition is usually your recovery partition and Windows System Restore is off there for a reason - you should not and need not to attempt to turn it on. This drive should have no changes usually - its purpose is to keep the original version of your operating system, settings, drivers, original image and to be able to restore your PC to factory default condition.  Let me know if you have any other questions.

1 more replies

Hello everyone ... Really hoping you can help me.

I use Firefox browser and gmail or yahoo for mail. I have Fix-It Professional 6 which I just ran for any viruses, mal ware, spy ware and ad ware.

For about the past week or so, every time I start my machine, I get a window called Windows PC Defender inside of which is a"My Computer" window. I cannot close this window but I can minimize it and open an additional window.

This address appears in the location window -
hxxp://my-systemprotection.net/?p=WKmimHVl...nBkaF%2FEkKE%3D

In the My Computer it shows the Windows shield logo along with System Folders, My Documents, Hard Drive and Security. Next to each, flashing in red is notification that I have 5 viruses in the System Folders, 7 in My Documents, 12 in my Hard Drive and that "Security has been damaged by virus" in the Security. Additionally, below that is a separate window "Your Computer is Infected" and shows a long list -

W32.Benjamin.Worm Virus High
Trojan virtumonde Virus Critical
[email protected] Virus Medium
Trojan.Qoologic - Key Logger Virus High
SHeur.ZSQ Virus High
Trojan-PSW.Win32.LdPinch.abm Virus Critical
Backdoor.Win32.Haxdoor.gu Virus High
Magic DVD Ripper Virus High

Recommend: Click "Start Protection" button to erase all threats
When I have clicked on "Star... Read more

A:my-system protection

Hi Cailleach Echo, welcome to BC I have moved your topic to the "Am I infected? What Do I Do?" forum since you appear to be infected by a rogue security product. This will allow our members who specialize in malware removal to find your topic more easily.I've always been warned not to open anything that ends with ".exe"Sound advice. You're infected with some sort of rogue security program. These programs falsely warn that your computer is infected (like in the list of baddies you were given) and then prompt the user (you) to download a file to "clean" the computer. Do not download anything it asks you to. Do not purchase any program it recommends. It is a scam and will only serve to make the situation worse.

3 more replies

Why can I not save restore  points when I have it set to restore previous versions of files only?  It shows system protection turned off when set this way. Only way it will show turned on is if I have setting and files turned on.

A:System Protection

Hi -
System Restore is just that - System Restore -
I have not been able to set mine to restore only one file / folder to an earlier time, unless I have a backup made.

However I may have missed a setting that I could not find, but I can only set mine to System Restore -

More general information ..............

What files are changed during a system restore ?

System Restore affects Windows system files, programs, and registry settings. It can also make changes to scripts, batch files, and other types of executable files created under any user account on your computer. System Restore does not affect personal files, such as e-mail, documents, or photos, so it cannot help you restore a deleted file.
NOTE :: If you have backups of your files, you can restore the files from a backup.

Always create a backup of your system prior to doing any System Restore

Open System Restore and follow the links in that area as to what you will restore and what you can do there.
There is a lot of helpfull information listed there -

Thank You -

1 more replies

No matter what I do system protection somehow always manages to turn it self back on

How can I PERMANTLY KILL THIS PROCESS? Is it a service?

I WANT IT GONE FOR GOOD

A:Ive had it with System Protection...

Go to control panel, admin tools, services, volume shadow copy, but that may cause more problems than it solves.

9 more replies

What would be the best antivirus for pc.I need a antivirus that is not slow and that protects my pc very good.I need sugestions!

A:System Protection

Welcome
First forget best, it is subjective.
However, I and many members use the free
Microsoft Security Essentials
Free Malwarebytes and the Windows Firewall
I also use winpatrol. It takes a picuture of your HD. Anything is installed, it asks if you want it. If you say no, it restores what you had. Has other features too.
http://www.av-comparatives.org/
This list is already outdated. Microsoft has just finished testing on 2.0. It is now available.

2 more replies

Hey all, I've ran into a huge problem... My aunt dropped off her family computer yesterday and I've been working on it for a few hours now and to say the least I'm completely stumped. There's this fake anti virus program called Protection System which does it's thing, I'm sure you know all about it. Anyway, I've done a few hours worth of research, read countless "fix it" articles and forum post and nothing has worked yet. At this point I need to rest my eyes and my mind and ask you all for your help.The biggest problem is no programs that could solve the problem or aid in solving the problem work. The real anti virus was disabled and broken, malwarebytes wouldn't install so I renamed it, it then installed halfway before freezing. I played around with that for a while and I got it to install. Couldn't run the program after that, so I renamed the that. It finally opened but as expected the scan shut the program down. After it crashed during the scan malwarebytes was completely inoperable, couldn't even delete it with out a restart. At that point I had enough, I was preparing to post a topic in the "HijackThis Logs and Virus/Trojan/Spyware/Malware Removal" forum but after several attempts it appears that not even your DDS Tool works. I'm just so frustrated right now...To clear a few things up. I've been trying everything in and out of safe mode, same results. Also, all the games on the computer appear to work, iTunes works, Quickbooks work, AIM works. I'm pretty sure every progr... Read more

A:Protection System

We Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.----------------------------------Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighAlso try: right-click on rootrepeal.exe and rename it to tatertot.scr

4 more replies

I am running Vista Home premium, but see no evidence that it is creating restore points automatically every 24 hours. I can create restore points manually but they are the only ones that show under system protection. Should I not be seeing, "system scheduled checkpoint" in system restore? Thanks.

A:System Protection

I suspect that a system setting has been changed that prevents this from occurring - have you changed any of the system settings/services or used a tweaking/protection utility that might have caused this?

1 more replies

Attach.txt   18.76KB
0 downloadsHi - In the answer to my post I was prompted to post these logs here. Thanks for all of the help - it is very much appreciated!Thanks!Natalie.DDS (Ver_11-03-05.01) - NTFSx86 Run by Compaq_Administrator at 9:26:21.17 on Thu 03/10/2011Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.228 [GMT -8:00].AV: Sunbelt VIPRE *Enabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}FW: Norton Internet Worm Protection *Disabled* .============== Running Processes ===============.C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\ehome\ehtray.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\HP\HP Software Update\HPwuSchd2.exeC:\Program Files\Lexmark 5200 series\lxbtbmgr.exeC:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exeC:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Messenger\msmsgs.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFRA.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Compaq Connections\5577497\Program\Compaq Connec... Read more

A:XP Anti-Virus Protection - VIRUS - Logs

2 more replies

help i need to format my usb but i think it is infected with the write protection virus here is the link for my scan Report ⋆ UsbFix

A:Shortcut Virus and Write protection virus

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone.
Please do so and allow the utility to clean up all those drives.
Wait until it has finished scanning and then exit the program.
------------------------------------------------------

Once the Scan is done, select Cleaning
On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[S#].txt
------------------------------------------------------

2 more replies

My desktop states,"Attention! System detected a potential hazard (TrojanSPM/LX) on your computer......." I ran Combofix and received the text file. Please provide further assistance. Thanks.

A:Trojan Virus - Advanced Virus Protection

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

1 more replies

Hello - AntiVirus + is the fake software it is trying to sell me

I have a virus that has taken control of my laptop. It keeps popping up every second with a warning that it has found 32 viruses - it asks for a CC number so I can purchase software to remove the viruses.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:00:43 AM, on 4/27/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=5080708
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.... Read more

More replies

Ok, I have no idea how I got this again... note I said again.... I just erased my harddrive and started anew a month ago... I am not sure what to put down here so I will just guess and put my Hijack this logfile and assume that someone will tell me what all I have missed...

Logfile of HijackThis v1.99.1
Scan saved at 12:31:07 AM, on 9/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
c:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Common Files\AOL\1157302629\ee\AOLSoftware.exe

A:Win Virus 06 protection thingey virus/trojan whatever..

7 more replies

I have W7, 64 bit blah blah blah. when I bought my system, I set it up with a password required in order to be able to sign into windows. can that be bypassed by, say, a computer repair person? I sent my computer in for repair which turned out to needing a mother board replacement. I realized after that diagnosis was made that I'd forgotten to mention nor supply them with the system sign on password.

8 more replies

Hey all,

I've had Windows 7 installed since 2009. Recently I've been getting this warning.

Not really sure why though, as I've never stored System Image backups on this drive. I always keep them on an external drive.
I've tried turning off System Protection then back on, this does remove the warning. But then when I create a new image the warning returns.
I've done various different scans, A/V, diagnostics and can't see anything wrong. Disks are working fine.

Anyone have any ideas as to what may be causing this warning?

A:System Protection Warning.

Backup Images are snapshots... The image process creates a restore point just like what happens when installing software or windows update patches. The restore point itself, so the situation on start of backup will be backed up.

2 more replies

PC is infected with "Protection System" -- apparently it's preventing use of any malware removal tool (including malwarebytes, avg, adaware, weborot), and it won't permit uninstall with Revo Uninstaller. Below (and attached) is the hijackthis log. Any advice would be appreciated!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:30:53 PM, on 7/21/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exeC:\Program Files\LogMeIn\x86\RaMaint.exeC:\Program Files\LogMeIn\x86\LogMeIn.exeC:\Program Files\LogMeIn\x86\LMIGuardian.exeC:\Program Files\MozyHome\mozybackup.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\LogMeIn\x86\LogMeInSystray.exeC:\Program Files\Common Files\Real\Update_O... Read more

A:Hijackthis log - "Protection System"

Hello and welcome to Bleeping Computer.My name is Syler, I will be helping you to solve your Malware issues. Whilst I am helping you, I wouldbe grateful if you would note the following: Please do not run other tools or scans unless I ask you to and follow all the steps I give you, in order.
Copy and paste all logs requested in you reply, Do not attach them unless asked too.
If you don't know or understand something, please don't hesitate to say or ask before you proceed with my instructions.
Please continue to work with me, until I tell you your machine appears to be clean. Absence of symptoms does not mean that everything is clear.

2 more replies

A:Protection System infection

Due to the lack of feedback, this Topic is now closed.In case you still have problems, please send me a Private message to reopen this topic within the next 5 days. Beyond that point, please start a new topic.Orange Blossom

2 more replies

Pretty much any form of antivirus/antispyware programs that are installed have stopped working (IE: malwarebytes, spybot, HiJack This, and Panda) and wheni click some of them it says, "Application cannot be executed. The file is infected. The file is infected. Please activate your antivirus software."

Task manager also does not seem to work and gives the above error message. I also get some popups related to Protection System.

The DDS program/logger didn't work and also gave the above error; however, I was able to get a RootRepeal log and have attached it.

27 more replies

Hello! I have visited the site before and have browsed through the topics and easily removed virus. This time I have this pesky Protection System virus that keeps on appearing after I have scanned using Malware. I also keep getting Security Center Alerts telling me about trojans such as Rootkit.Win32.Agent.pp and it gives me an option to enable protection but have decided not to mess with anything like that. I hope someone can help me please. THANK YOU!
I will paste my MalWare log.
Malwarebytes' Anti-Malware 1.39
Database version: 2421
Windows 5.1.2600 Service Pack 3

9/15/2009 7:21:32 PM
mbam-log-2009-09-15 (19-21-32).txt

Scan type: Full Scan (C:\|)
Objects scanned: 200701
Time elapsed: 1 hour(s), 12 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 13

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{5e2121ee-0300-11d4-8d3b-444553540000} (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\protection system (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfu... Read more

A:need help removing Protection System

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

9 more replies

Hello-
I am trying to fix a friends' laptop that appears to have been infected with Protection System malware. PC Info: Dell Vostro 1500, Windows XP Home, SP2.

At the moment, I cannot seem to get the laptop to access the internet, whether it’s because of the virus or because it is not set up to access my cable modem. I have left it disconnected from our network to avoid any cross infections with my good pc. Can I download programs to a USB stick using the good pc, and transfer them to the sick pc’s desktop- if you don’t see a problem with this method, then I’d prefer to continue using it.

When I try to install Malware Bytes from the .exe on the desktop, the install procedure seems to begin, then disappears completely from view, and doesn’t even appear in Task Manager.

HijackThis seems to install ok from the desktop, but when I try to run the program, I can see it begin to list programs, but the after less than 2 seconds it, too closes and disappears.

Other issues: Restarting/Shut Down gets stuck and I have to hold down the power button to shut off.

More replies

Hey , i need help in order to restore my system . In fact when i open the system properties i realise that System Protection tab was missing. Launching the tab by its executable, SystemProtectionProperties.exe, did not launch the tab, either.

I tried to search in the registry for HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR

I didn't find the SystemRestore Folder .

I only found the Windows File Protection folder and Terminal Services folder

what should i do ?

Thank you

A:Missing System Protection tab HELP

3 more replies

I have no system protection tab in System Properties box, hence I cannot create a restore point. Looking for the answer to get this tab enabled or reinstalled. I am logging in with Admin rights.

A:Missing System Protection Tab

Hello Doc, and welcome to Eight Forums.

Check in your registry at the location below to see if you have a DisableSR DWORD value in the right pane of the SystemRestore key. If you do, then delete the DisableSR DWORD, and restart the PC to see if that does the trick.

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore

5 more replies

Here is my log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:44:04 PM, on 6/30/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exec:\Program Files\Common Files\Symantec Shared\ccProxy.exec:\Program Files\Common Files\Symantec Shared\ccSetMgr.exec:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exec:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\HPZipm12.exec:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Java\jre1.5.0\bin\jusched.exeC:\windows\system\hps... Read more

A:Protection System Malware

2 more replies

Hello,

I just got a new Windows 8.1 64 bit system last week and I have a couple protection questions.

On the system now I am running Kaspersky Pure 3 and Malwarebytes Premium (paid version).
Also My firefox browser has adblock plus installed in it and noscript.

My question is, is there any other protection software I should run in conjunction with the items that I have already installed and listed?

I go to lots of cross stitch site and I know Malwarebytes has save me several times.
But I thought I should have more proyection which I why I ask the question above.

Drauka

A:System Protection question

Spybot S&D 1.62 will protect your host file quite nicely, and, it has an on-demand malware scan.  I had to goto Spybot 2, it's like driving a bus where a Chevy or Ford station wagon would do.  For very good behind-the-scenes browser lprotection, I use SpywareBlaster [I only pay \$10/yr for automatic-update/automatic enable all].
Now, comes an Idea:  you have to balance functionality and security, not so much 50-50, rather, how much functionality and ease would you like, and, how much security would you like?  While they are not mutually exclusive, too much of one can cause problems for the Chair-person.  Not enough of one can cause problems for the Chair-person.  Just last night, I had to roll-back to a Dec 29 image 'cause too too much security attempts led to pretty much Windozzzzzzz and hee-haw in the thin blue line.

20 more replies