Tech Problem Aggregator

Uh oh... I downloaded something with Mal/Generic-A

Q: Uh oh... I downloaded something with Mal/Generic-A

Yeah... Oops.. I scanned it and it was clean, but then I used one of those online scanners (Virustotal etc) and one of the scanners picked up Mal/Generic-A I googled it and from the looks it can be nasty... I'm scanning malwarebytes right now and it's found 1 item, but i'm scared it will still be on my machine somewhere. Help me Oh and I opened the file.. So it is in fact on my machine somewhere.

A: Uh oh... I downloaded something with Mal/Generic-A

9 more replies
Answer Match 54.6%

Please can somebody teach me how to burn avi or MP4 downloaded files to a DVD that can be read by most generic DVD players... and please teach me step by step if you wont mind...Thank you for your help and Godbless...Edit: Moved topic from Photo Albums, Images, and Videos to the more appropriate forum. ~ Animal

A:How to Burn Downloaded Avi Files to DVD that can be read by generic DVD player?

Hello Hello, oliviernaldo.Batanes, and welcome to Bleeping Computer.Here are links to multiple guides to convert the 2 formats to DVD.Some use free programs for the conversions, and some use pay-for programs.AVI to DVD guides (55)MP4 to DVD guides (7)Just glancing over the guides, it looks like DVD Flick will do both conversions, and it's a free program.

2 more replies
Answer Match 45.36%

Hi there! Thanks for taking the time to help me out.

Yesterday, McAfee started detecting trojans in my system: Generic!Artemis, Generic.dx and Generic Rootkit.w

I don't know if these are three different trojans or one and the same. I'm not getting any pop-ups (apart from the mcafee warnings), but it is making my computer run slower and me very worried.

I'm running Windows XP Pro.

Any help most appreciated.

I can post a hijack this log if that's of any use.

A:Trojan: Generic!Artemis, Generic.dx and Generic Rootkit.w infection

Here are some of the details from the McAfee detection log ((I haven't listed all the files here because there are too many, so I'll just provide one example of each):

Detection name: Generic.dx (Trojan), Generic.dx (Trojan)

File: C:\Windows\system32\drivers\109.exe
Process: C:\windows\system32\svchost.exe
process description: generic host process for win 32 services

Detection Name: Generic!Artemis (Trojan)

File: E:\system volume information\_restore{5E0A6BCC-1246-45C3-BBAA-DBEC343BA767}\RP173\A0131417.exe
Process: C:\Program Fioles\Malwarebytes' Anti-Malware\mbam.exe
Process description: Malwarebytes' Anti-Malware

Detection name: Generic Rootkit.w (Trojan), Generic Rootkit.w (Trojan)
File: C:\Windows\system32\drivers\netsik.sys
Process: C:\Docume~1\Mike\Locals~1\Temp\BN7.tmp
Process description: (as process)

The generic.dx has been repaired and removed from 12 files so far by mcafee

The Generic!Artemis one has been quarantined from 7 files so far

The rootkit.w one has been repaired and removed from three files so far

2 more replies
Answer Match 39.9%

I need help. I've been having trouble with my internet connection.

What do you mean that's not enough info to help?

Oh, ok.

Well, to some degree it works ok. On a good day, pages load in my browser fine, and I can even stream video. Steam logs in ok, and if everything's going well, I can use Skype and play games fine. Most days are not good days. Today, for example, Steam and Skype will sign in (just about, takes a while to try, and Skype doesn't seem to load my online contacts properly), web pages will generally load, but voice chat via Steam or Skype is impossible, and no games will connect. Other days voice will be fine, but browsing and/or games will be pretty impossible. Days when everything works perfectly are rare, but so are days when I get absolutely nothing at all (when browsing, pages will generally half load, no matter how bad stuff is).

I was running Windows Vista, I've since upgraded to Windows 7. I've had the same problem with three different routers on two different connections, and on both a USB dongle (tried a few, one was a Belkin if it's relevant) and an internal wifi card (Ralink, drivers up to date). I've tried turning off the power saving setting on the card ("allow my PC to turn this device off to save power"). Sometimes, just after making a change, it seems like I get a small improvement, but such impressions are generally fleeting and I'm guessing down to wishful thinking. Turning Windows Fir... Read more

A:Single Machine Connectivity Issues (Generic Title For a Fairly Generic Problem)

15 more replies
Answer Match 39.9%

I have got a problem with my computer, no matter how i try to get rid of these, they will not go. i am using BitDefender internet security 2009.
which fine these trojan. but when i run my trojan remover it tell me i have no trojan and my computer is free of all..? i have not notice that my computer is not playing up. but when trying to get rid of the three trojan it tells me it cannot because it is part of the system. i tryed in safe mode but it will not let me scan. but i can scan with my trojan remover, and it come up clean, some people say my computer has been kidnap and the trojan is hiding and pretending to be part of the system. the names are....Adware.Generic.44240. Applcation.Generic.26964. Application.Keygen.BD. with thanks Erwin

A:Adware.Generic.44240. Applcation.Generic.26964. Application.Keygen.BD

Hello ..I am moving this from XP to Am I Infected as it is a malware problem.Next run MBAM:Please download Malwarebytes Anti-Malware (v1.34) and save it to your desktop.alternate download link 1alternate download link 2If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives sel... Read more

1 more replies
Answer Match 39.9%

Hello, my husband's computer seemed to contract quite a few trojans lately according to AVG free. I tried to use it to get rid of them, but I just wanted to check if it had done the job and if there is anything still lingering. Also I would like to prevent thhese infections happening again, as it seems a bit weird to me to have 5 different trojans at once. Can anyone say how the following trojans managed to download?

In temp folder: trojan horse generic 14.ABXY & trojan horse SHeur2.APYR

In system volume information _restore: trojan horse Downloader Generic 8.BJPU & another 14.ABXY

In temp internet files: trojan horse generic 13.BUBK

Thanks a lot for your time and please let me know if you need anymore info!! I appreciate it

DDS log:

DDS (Ver_09-07-30.01) - NTFSx86
Run by Gerard Sabapathy at 21:40:44.50 on 25/08/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.319.64 [GMT 2:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin&... Read more

A:Trying to get rid of trojans generic 14.ABXY, SHeur2.APYR, Downloader Generic 8.BJPU

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.??If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine.??Please perform the following scan:Download DDS by sUBs from one of the following links.??Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool.??No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Answer Match 39.9%

Hello all,

McAfee keeps popping up a trojan alert every couple of minutes, and as I've watched them closely for the last few days, they seem to be the same 12 or so - over and over again. I have tried full scans using both McAfee and Spybot, and while they both indicate that they fix the problems, these trojan alerts keep showing up. My comp has become very sluggish, IE in particular.

Also, every time I restart after a scan requires it, I get the error message "Owner.exe - DLL initialization failed". I noticed that this process (Owner.exe) jumps around a bit in the task manager, especially when McAfee pops up with the alerts.

Below is my DDS. Please help!

-Jim

DDS (Ver_09-03-16.01) - NTFSx86
Run by Owner at 20:57:27.90 on Mon 04/20/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2595 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
svchost.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\Photos... Read more

A:repeating trojan alerts - Generic rootkit, Generic!Artemis

Hi,* Please download Malwarebytes' Anti-Malware from Here or HereDouble Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.In case you already used MBAM previously, please update it before proceeding with the scan. To do this, click the "Update" tab and click the "Check For updates" button.Once the program has loaded and updates were downloaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply along with a fresh HijackThis log.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

14 more replies
Answer Match 39.9%

DDS (Ver_09-01-18.01) - NTFSx86
Run by Owner at 8:21:49.90 on Wed 01/21/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.447.141 [GMT -6:00]
============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe
C:\Program Files ... Read more

A:Infected with Win/Heur, Downloader.generic Trojan and Backdoor Generic

Please close this post. Problem has been fixed.

2 more replies
Answer Match 39.9%

To Whom it may concern. On July 9th AVG Free Edition found the virus JS/Psyme which it was unable to heal and since then i have received numerous Trojan horse Generic 10 viruses that AVG states it healed but continue to hamper the performance of my computer. (Generic 10. BDVA, BEIA, BEWK, BAZL, BCCW, BVRB, BCQA, BCPW & Generic 7.SOQ & Agent AHMX. Im totally out of my witts here and i need some help. Thanks in advanceDeckard's System Scanner v20071014.68Run by Jean Marc McLean on 2008-07-27 11:25:15Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 4 Restore Point(s) --4: 2008-07-27 15:25:32 UTC - RP4 - Deckard's System Scanner Restore Point3: 2008-07-26 23:00:59 UTC - RP3 - System Checkpoint2: 2008-07-24 03:36:00 UTC - RP2 - Software Distribution Service 3.01: 2008-07-24 01:23:07 UTC - RP1 - System CheckpointBacked up registry hives.Performed disk cleanup.Percentage of Memory in Use: 81% (more than 75%).Total Physical Memory: 256 MiB (512 MiB recommended).-- HijackThis Clone ------------------------------------------------------------Emulating logfile of Trend Micro HijackThis v2.0.2Scan saved at 2008-07-27 11:31:17Platform: Windows XP Service Pack 2 (5.01.2600)MSIE: Internet Explorer (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\SYSTEM32&... Read more

A:Infected With Trojan Horse Generic 10 Bewk And Other Generic 10 Trojans

Hello, my name is fenzodahl512 and welcome to BC.. Please do the following...Please download ATF Cleaner by Atribune.Double-click ATF-Cleaner.exe to run the program.Under Main choose: Select AllClick the Empty Selected button.If you use Firefox browserClick Firefox at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browserClick Opera at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.NEXTPlease visit below webpage for instructions for downloading and running ComboFixhttp://www.bleepingcomputer.com/combofix/how-to-use-combofixThis includes installing the Windows XP Recovery Console in case you have not installed it yet.For more information on the Windows XP Recovery Console read http://support.microsoft.com/kb/314058.Once you install the Recovery Console, when you reboot your computer, you'll see the option for the Recovery Console now as well. DO NOT select Recovery Console as we don't need it. By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows. That is normal.Post the log from ComboFix (located in C:\combofix.txt) when you've accomplished that, along with a new HijackThis log.Regardsfenzodahl512

2 more replies
Answer Match 39.9%

Hello, PC responsiveness is slowly deteriorating in last 2 weeks with symptoms including - browser (IE7) redirects- slow processing times (usage often pegged at 100% or several activities going on at the same time), - OExpress and IE unable to open occasionally. -Mcafee identified and quarantined: generic.dx!(variants including tdy, tcy), Artemis!D671308b..., Generic Dropp.va, FakeAlert-FakeSpy!env.a, Obfuscated Script.i- Also at start up an apparent MS message says "Error loading JSUSA2.DLL Specified Module not found" (this loads before Mcafee opens)- Have run DDS (log below, attach.txt attached) but GMER crashes system when it runs (in safe mode also).Thanks for your help...DDS (Ver_10-03-17.01) - NTFSx86 Run by Robert at 9:31:27.43 on Sun 07/18/2010Internet Explorer: 7.0.5730.13AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}============== Running Processes ============================= Pseudo HJT Report ===============uStart Page = hxxp://my.yahoo.com/uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8mStart Page = hxxp://www.google.comuInternet Settings,ProxyOverride = *.localuSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%suURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae06... Read more

A:Need help removing stubborn Trojans - artemis, generic.dx, generic dropp

Today another symptom: mcafee identified a buffer overflow in c:\windows\system32\svchost.exe at the same time that a host process error occurred... screen shot of all message alerts are attached. system is detriorating with frequent blue screens while rnning a virus scan or logger (ie MalwareBytes and gmer) I would appreciate a quick response if possible so I can get this one and only family pc up and running again. Thank you.

3 more replies
Answer Match 39.9%

Computer Runs very slow..bit defender finds Trojan.Generic 25641 and 1)Generic Peed.Eml.Ea92)Generic.Peed.Eml.AB3)Generic.Peed.Eml.FDO4)Generic.Peed.Eml.Fad..but bit defender cant disinfect or moved these viruses...and nowadays my computer runs really slow

Deckard's System Scanner v20071014.68
Run by Bishakha on 2008-02-23 14:31:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
52: 2008-02-23 20:31:45 UTC - RP164 - Deckard's System Scanner Restore Point
51: 2008-02-23 04:52:49 UTC - RP163 - System Checkpoint
50: 2008-02-22 04:31:29 UTC - RP162 - Software Distribution Service 3.0
49: 2008-02-21 04:33:06 UTC - RP161 - Removed InterVideo DeviceService
48: 2008-02-21 04:27:18 UTC - RP160 - Removed Pando.


-- First Restore Point --
1: 2007-12-24 19:59:33 UTC - RP113 - Installed Windows XP KB899589.


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-02-23 14:33:24
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE... Read more

More replies
Answer Match 39.48%

Hi there Tech Support Guru! my computer has been invaded by these three trojans: generic!Artemis, generic.dx and generic rootkit.w

At least, that's what McAfee is telling me.

I am using Windows XP pro

Here is my Hijack This log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:47 PM, on 18/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\ASUS\Asus Probe\AsusProb.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Prog... Read more

A:Please help! Generic!Artemis, generix.dx and generic rootkit.w have invaded

Here are some of the details from the McAfee detection log ((I haven't listed all the files here because there are too many, so I'll just provide one example of each):

Detection name: Generic.dx (Trojan), Generic.dx (Trojan)

File: C:\Windows\system32\drivers\109.exe
Process: C:\windows\system32\svchost.exe
process description: generic host process for win 32 services

Detection Name: Generic!Artemis (Trojan)

File: E:\system volume information\_restore{5E0A6BCC-1246-45C3-BBAA-DBEC343BA767}\RP173\A0131417.exe
Process: C:\Program Fioles\Malwarebytes' Anti-Malware\mbam.exe
Process description: Malwarebytes' Anti-Malware

Detection name: Generic Rootkit.w (Trojan), Generic Rootkit.w (Trojan)
File: C:\Windows\system32\drivers\netsik.sys
Process: C:\Docume~1\Mike\Locals~1\Temp\BN7.tmp
Process description: (as process)

The generic.dx has been repaired and removed from 12 files so far by mcafee

The Generic!Artemis one has been quarantined from 7 files so far

The rootkit.w one has been repaired and removed from three files so far
 

2 more replies
Answer Match 39.48%

Have Compaq Presario CQ56 laptop running Win7 64bit. I use Norton thru my ISP and so far so good until a few days ago! Norton popped a box saying it had detected a problem and when I expanded the box it showed 3 trojans and only 1 removed. It then began popping up a box telling me to reboot so it could make the needed fix and I did but it didn't I downloaded Housecalls and the scan found nothing. Next I tried AVG and that scan found nothing! Now I can't even get on the web or open any desktop icons.... I get a pop-up stating "There was a problem sending the command to the program" and it refuses to do anything. I can't run any of the diagnostics posted on the self help instructions above... I need HELP Please!!! Thanks,
Jan
 

A:TROJANS: Generic dxlb2rms and Generic Backdoor!1sw - NEED HELP TO REMOVE PLEASE!!!

Please don't forget this post.... I really need help! THANKS!
 

1 more replies
Answer Match 39.48%

Hello, my Dell running XP (SP3) responsiveness is slowly deteriorating in last 2 weeks with symptoms including

- browser (IE7) redirects
- slow processing times (usage often pegged at 100% or several activities going on at the same time),
- OExpress and IE unable to open occasionally.
-Mcafee identified and quarantined: generic.dx!(variants including tdy, tcy), Artemis!D671308b..., Generic Dropp.va, FakeAlert-FakeSpy!env.a, Obfuscated Script.i
- Also at start up an apparent MS message says "Error loading JSUSA2.DLL Specified Module not found" (this loads before Mcafee opens)

- Have run DDS (log below, attach.txt attached) but GMER crashes system when it runs (in safe mode also).

Thanks for your help...
**************************


DDS (Ver_10-03-17.01) - NTFSx86
Run by Robert at 9:31:27.43 on Sun 07/18/2010
Internet Explorer: 7.0.5730.13
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============


============== Pseudo HJT Report ===============

uStart Page = hxxp://my.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p... Read more

A:Need help with Trojans including - artemis, generic.dx, generic dropp

Hello again, obxhockeydad_1. Even though it's been almost a year since the last disinfection, which is ok, it's still a bit disheartening to see you back in the forums with another infection. Please be sure all who access the machine are taking great care when surfing the internet, opening emails, downloading files, etc...

Also, IE7 is not as secure as IE8. IE should be updated once the machine is clean.

I'd like to try to get a log from GMER rootkit scanner.

Let's try this version of gmer.


Download GMER Rootkit Scanner from here to your desktop. Double click the exe file.
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO, then use the following settings for a more complete scan.
In the right panel, you will see several boxes that have been checked. Ensure the following are unchecked IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and attach it in reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

If you still have troubles, try running the scan in Safe Mode.

Restart your computer and boot into Safe ... Read more

19 more replies
Answer Match 39.48%

McAfee found those files and I wondering if they are slowing down my computer. I am also having problems removing programs and installing Microsoft security updates. When ever I try to remove certain programs I get a message that says, "This installation is forbidden by system policy. Contact your system administrator." My computer is a stand alone and I have admin privileges . Here is my log. Any help would be appreciated. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:51:38 PM, on 4/25/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16827)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exeC:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicen... Read more

A:Help removing Generic!Artemis, MK Recorder, and Generic Downloader

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

2 more replies
Answer Match 39.48%

Hi,

I have MacFee Virus Scan copy installed on my laptop. It displays virus detection and deleted messages for Generic.dx, Generic downloder.dx, and Puper Trojons in Temp folder. These messages keeps coming back.

Here is my HJT log file
=========================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:34 PM, on 10/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Cisco Systems\CSAgent\bin\CSAControl.exe
C:\Program Files\Cisco Systems\CSAgent\bin\leventmgr.exe
C:\WINDOWS\system32\CmgShieldSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Funk Software\Odyssey Client\odClientService.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\Altiris\ALTIRI~1\AeXNSAgent.exe
C:\Program Files\Connected\AgentSrv.EXE
C:\WINDOWS\system32\ccsrvc.exe
C:\Program Files\Altiris\Carbon Copy\shellker.exe
C:\PROGRA~1\CISCOS~1\CEPS\CEPSWA~1.EXE
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Credant\Gatekeeper\Gatekeeper.exe
C:\Program Files\Google\Common\Go... Read more

A:Generic downloder.dx, Generic.dx and Puper Trojon on my laptop

I had real time anti spyware enabled for my previous HiJackThis so now I have disabled the same and run HiJackThis again.

The new log is given below.
===================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:46:41 PM, on 10/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Cisco Systems\CSAgent\bin\CSAControl.exe
C:\Program Files\Cisco Systems\CSAgent\bin\leventmgr.exe
C:\WINDOWS\system32\CmgShieldSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Funk Software\Odyssey Client\odClientService.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\Altiris\ALTIRI~1\AeXNSAgent.exe
C:\Program Files\Connected\AgentSrv.EXE
C:\WINDOWS\system32\ccsrvc.exe
C:\Program Files\Altiris\Carbon Copy\shellker.exe
C:\PROGRA~1\CISCOS~1\CEPS\CEPSWA~1.EXE
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Credant\Gatekeeper\Gatekeeper.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateSe... Read more

1 more replies
Answer Match 38.64%

My wife downloaded a file through bearshare and now the computer is lagging bad and avg keeps picking up these 2 trojans. I navigated to and deleted the file that the generic arly was in. I have tried to run malware bytes,trend micro housecall and they lock up before finishing as avg also locks up before finishing. I have run spybot and it removed several things. Also if possible i would like to remove any garbage programs i dont need. Plese let me know what else you will need.

Thanks a lot

1. DDS LOG
DDS (Ver_09-06-26.01) - NTFSx86
Run by Jamion at 12:40:26.86 on Mon 07/06/2009
Internet Explorer: 8.0.6001.18783
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3034.1773 [GMT -4:00]

SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.in... Read more

A:Trojan generic 11zne and generic arly

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

7 more replies
Answer Match 38.64%

Hi,My device has been infected with ZeroAccess, which proceeded to bring along the 2 generic trojans. My main problems are that windows is very laggy (most things has to be done through Safe Mode at the moment), my firewall won't stay on (in normal and safe modes) and occasionally a pop-up appears with the title [Web Browser] warning that I should stop a script from running. It looks something like this: (I forgot to take a screenshot when it popped up, so here's the exact same thing that I found through google)Before I start off, here are some details about my machine.Windows 7 SP1McAfee SecurityCenter v11.0McAfee VirusScan v15.0 last updated today (17/6/12)McAfee Personal Firewall v12.0A few days ago, my friend was using my machine when McAfee popped up saying that it had quarantined some trojans and no further action was required.Afterwards, the computer was getting significantly more laggy with each reboot; McAfee Personal Firewall and Real-time protection were also unable to stay on. Looking through the quarantined list of items, there were multiple instances of the same 3 items:ZeroAccessGeneric.Backdoor!1ubGeneric.dx!b2ptAll 3 appeared in C:\Windows\Installer\post:27338360\UMy friend had already deleted the zip file which probably allowed ZeroAccess in. Since McAfee's complete scan of the computer was unable to complete due to the significant lag, I then downloaded and ran Spybot S&D and Ad-Aware Antivirus in Safe Mode, but n... Read more

A:Help with Zeroacess / Generic.Backdoor!1ub / Generic.dx!b2pt

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the ... Read more

50 more replies
Answer Match 37.38%

Here is my HijackThis Log:Logfile of HijackThis v1.99.1Scan saved at 9:07:22 PM, on 10/14/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\windows\System32\smss.exeC:\windows\SYSTEM32\winlogon.exeC:\windows\system32\services.exeC:\windows\system32\lsass.exeC:\windows\system32\svchost.exeC:\windows\System32\svchost.exeC:\windows\system32\spoolsv.exeE:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\windows\Explorer.EXEC:\windows\system32\nvsvc32.exeC:\windows\system32\svchost.exeC:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exeC:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exeC:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exeC:\Program Files\Softwin\BitDefender9\vsserv.exeC:\windows\SOUNDMAN.EXEC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeE:\iTunesHelper.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Softwin\BitDefender9\bdmcon.exeC:\Program Files... Read more

A:Infected With Generic.xpl.iespoof.79e52b4a And Generic.xpl.iespoof.cd88c331, Both Located In My Temporary Internet Files Folder.

Reboot into Safe mode then follow these steps.Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet ExplorerGo to Control Panel > Internet Options > General tabClick the "Delete Cookies" buttonNext to it, Click the "Delete Files" buttonWhen prompted, place a check in: "Delete all offline content", click OK* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu on the left side of the Options window.Click the Clear button located to the right of each option (History, Cookies, Cache).Click OK to close the Options window
Alternatively, you can clear all information stored while browsing by clicking Clear All.
A confirmation dialog box will be shown before clearing the information.* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.Does that remove them?

2 more replies
Answer Match 37.38%

About every week or two McAfee finds either generic.dx or generic downloader.dx. It's installed as a service. I have to run McAfee in safe mode to remove it. My fear is that something is installed on my PC that activates every week or two and re-installs this trojan. I've run a complete McAfee which doesn't find anything. I did the on-line Kapersky primary area scan. I've also run SpyBot and MalwareBytes and they haven't found anything. I also have Windows Defender installed. I run the Windows Xp firewall. I run Secunia PSI and MS Baseline Security so Im pretty up to date on my patches. My fear is that something is installed that hasn't been found that wakes up every week or two and tries to re-install this trojan. I've attached the hijack this log and info below. thanks for looking at this.info.txt logfile of random's system information tool 1.04 2008-12-01 06:58:34======Uninstall list======-->C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe /uninstall-->C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe /uninstall-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}3CIPCalc-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\3Com\3CIPCalc\Uninst.isu&... Read more

A:generic.dx and generic downloader.dx Trojan

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable ... Read more

6 more replies
Answer Match 37.38%

I received notifacation by McAfee on Generic!atr & Generic dx $ DNSChanger.o. Must have gotten them from DVD X Copy pro download, it is the only file download I did. I do not check email on this computer. It is the only thing I can think of unless I got them surfing. I did all the things in log 793721 as It looked identical but I just want to make sure so I am posting a few logs. Thank you very much for looking into this for me.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:01, on 2009-01-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\program files\microsoft corporation\msn remote record service\remoterecordclient.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\e... Read more

More replies
Answer Match 37.38%

I can't get rid of the the Generic Rootkit w. My virus software warning window keeps popping up saying the Trojan is detected even after I ran SDFix.

Generic Rootkit w
File: c\WINDOWS\system32|securetm.sys
Process: c:\Docume~1\Valerie\LOCALS~1|Temp|BNF6FD.tmp

Generic Downloader.x!i
File: c:\Documents & Settings\Valerie\Valerie.exe
Process: c:c:\Documents & Settings\Valerie\Valerie.exe
Thanks for your help,
Valerie
______________________________________

DDS (Ver_09-03-16.01) - NTFSx86
Run by Valerie at 9:30:34.68 on Wed 04/22/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1283 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\V... Read more

A:Generic Rootkit w and Generic Downloader

Hello and welcome to TSF.

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please note that the forum is very busy and if I don?t hear from you in three days this thread will be closed.

2 more replies
Answer Match 37.38%

McAfee installed on computer but was "complaining" that the computer wasn't protected but when clicking fix - nothing changed. Finally tonight was able to get the updates and now it says machine is protected and it quarantined:

Generic Dropper.cx, Generic Downloader.x.

I can see from the logs that on 1/25 it supposedly removed Generic.dx. Obviously, this machine still had a problem so I ran dds and mbam - although in reverse meaning ran mbam first. Logs below. Perhaps MBam has fully resolved but I'd like an expert to confirm. Thank you.
*****************************************************************
Malwarebytes' Anti-Malware 1.33
Database version: 1736
Windows 6.0.6000

2/6/2009 8:39:56 PM
mbam-log-2009-02-06 (20-39-56).txt

Scan type: Quick Scan
Objects scanned: 51894
Time elapsed: 10 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT... Read more

A:Generic Dropper.cx Generic Downloader.x

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until instruc... Read more

2 more replies
Answer Match 37.38%

Hi! McAfee detected two trojans (generic.dx) a few days ago, which I chose to remove. The computer had been running slowly and freezing quickly after booting up. Later during another scan, McAfee detected a generic downloader which really alarmed me because it was in my program files for all my passcodes (?)

I have not seen any pop-ups so far in Firefox, no strange or unusual messages; just a really slow boot-up and a new trojan found every time McAfee runs scans. It doesn't seem to go away =(

If you could help me that would be great!!!! Here is the HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:32:38 PM, on 9/26/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Creative\SBLive 24-Bit External\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\AIM\AIM Pro\aimpro.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Fi... Read more

More replies
Answer Match 37.38%

Hello,

I noticed last week that my browsers (Mozila and IE) were not working properly: all the searches I was doing were redirected. I can't access to some websites as this one or McAfee...
I can't update my McAfee Security Center software nor perform a restore system and Malwarebytes doesn't launch.
McAfee found the following trojans: Generic.dx, JS/Tenia.d and Generic PUP.z and I deleted them. However, my problems are still not solved. I was wondering if someone here could please help me to fix theses issues or if I should just reformat my hard drive (will this get rid of all viruses/trojans for sure?)?

Thanks in advance for all your inputs!
Fanny

You'll find here below the contents of the DDS.txt log:

DDS (Ver_09-01-19.01) - NTFSx86
Run by Fanny at 13:11:49,90 on 26/01/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.509 [GMT -8:00]

AV: McAfee VirusScan *On-access scanning disabled* (Outdated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\... Read more

A:Infected with Generic.dx, JS/Tenia.d and Generic PUP.z

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed. Use the 'Add Reply' and add the new log to this thread. Also please explain your problem as fully as possible. Each little detail will help in getting your system cleaned up and functional again.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scans:Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mba... Read more

3 more replies
Answer Match 36.12%

Hiya! I'd originally come aboard with the intention of asking why I see one or two "Generic volume shadow copy" driver installs EVERY DAY in perfmon/Reliability Monitor. After reading other threads on this topic, I'm now convinced this is related to my leaving a USB drive plugged into my PC 24/7 for ReadyBoost, and ditto for an external USB-attached hard disk (for backups).


My questions have now become:
1. I have 98(!!!) Generic volume shadow copy entries in the "Storage volume shadow copies" element in Device Manager (and my rebuilt Vista install is about 5 weeks old, installed on 8/7/08). Should I be concerned? What can I do to get this number down? How do I keep it down? The obvious bonehead answer appears to me to be "Delete them all, and keep it up every day, or write a script to do likewise." Is this even reasonable?
2. I have 5 "Generic volume" entries in the "Storage Volumes" element in Device Manager. Same questions as before...
3. I can't get any meaningful info from the Properties windows under either heading, though complete coverage of "Storage Volumes" and random sampling of "Generic volume shadow copy" entries all say "The device is working properly"

Any input, ideas, advice, or references that will help me understand how to proceed from here will be greatly appreciated.

TIA for your help and support,

--Ed--

A:Device Mgr: 98 Generic volume shadow copy, 5 Generic volume entries

Just FYI in scanning elsewhere on the Web I've found other posts that report this same behavior. For example: http://www.vistax64.com/vista-genera...talling-s.html (no resolution). This posting may offer some relief, and recommends uninstalled the USB Root Hub drivers so they can be rediscovered upon bootup: http://www.vistax64.com/vista-genera...ecognized.html. Haven't tried this yet, though, so I don't know if it helps or not.

HTH,
--Ed--

3 more replies
Answer Match 35.7%

First off, I'd like to thank everyone who contributes to this forum. I just found it and I've already learned a lot from the stickies and other posts. I really appreciate the time put into it.

Now, I have a problem I was hoping to get some help with. I'm running Windows XP and for the past week my McAfee SecurityCenter has been reporting a lot of trojans/viruses/PUPs that have been removed or quarantined or that could not be repaired. Since this has happened, I've noticed my computer (especially web applications) running incredibly slowly from time to time for no obvious reason. I've also occasionally been redirected from websites that I frequent to websites I've never been to.

Below I've included a list of the items detected by McAfee and the actions it took (minus duplications) and a current HijackThis log. Any help would be appreciated, thanks.

Generic Dropper (quarantined)
Generic.dx (quarantined)
Generic Downloader (quarantined)
Generic.dx (removed)
Generic Dropper (removed)
Adware-PurityScan (cannot be repaired)
Downloader-BCF (removed)
Adware-ISM (removed)
Adware-BHO.gen.c (cannot be repaired)
Generic Pup.d (removed)
W32/Sdbot.worm (quarantined)
FakeAlert-AB!htm (removed)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:59:24 PM, on 11/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winl... Read more

More replies
Answer Match 35.28%

Help,

Nothing seem to work. I tried scanning with BitDefender but beside finding the virus, it cannot put both virus in quarantine.

I tried doing the technic that includes, rebooting in safe mode, using ATF Cleaner then doing a full scan with ewido (ewido 4.0). But ewido cannot spot the virus.

Can anyone help?

A:Infected With Generic.xpl.iespoof.79e52b4a And Generic.xpl.iespoof.cd88c331

I just updated to AVG Anti-Spyware 7.5

2 more replies
Answer Match 34.44%

Received this computer with numerous issues.
1. Cannont install programs - receive error 1306.
2. Microsoft FIXIT programs "Failed to process"
3. Malwarbytes Generates errors on install (both with mbam-exe and 3f34l3faa.exe). Program gives error: "CoCreateInstance failed; code 0x080040154. Class not registered." 5 times, but then is able to run, update and scan. Finds no problems. This is both in normal and safe mode. In addition. removed hard drive from PC and scanned from another computer, no virus found. Also manually updated virus definition files from usb drive, nothing found on both quick and full scans.
4. Sophos Virus Removal Tool finds 2 infections: "Mal/Generic-L" and "Mal/Generic-S", but fails on removal: "Virus removal failed".
5. IE opens and immediately closes. Uninstalled IE8, IE7, and reinstalled, no help. Firefox works (using Firefox to post this message).
6. When plugging in flash drive, get windows dialog box with one option to open folder to view files. Clicking on that does nothing. Have to open drive through my computer or windows explorer.
8. start>search fails to run.
7. Ran GMER without incident, log attached.

DDS log below.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Owner at 19:42:12 on 2012-08-15
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1983.1351 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD... Read more

A:Damage to XP After MAL/Generic-L and MAL/Generic-S

Update: Ran Sophos again, and here is the log. it shows 3 different scans I have run.

34 more replies
Answer Match 34.44%

Downloaded AVG?.

Found:
Trojan horse Collected Z C:\Windows\toolbar.exe
Trojan horse Downloader.Generic.FCB C:\Windows\tool1exe

Updated AVG files?.

Found:
Trojan horse Downloader.Generic.ITN C:\Windows\loadnew.exe
Trojan horse PSW.Generic.DYD C:\Windows\kl.exe
Trojan horse Downloader.Generic.ITN C:\Windows\1sv22cb9.exe
Trojan horse PSW.Generic.DYD C:\Windows\ibm00001.exe
Trojan horse PSW.Generic.DYD C:\Windows\ibm00001.dll
Trojan horse PSW.Generic.DYD C:\Windows\ibm00002.dll
Trojan horse Startpage.UN C:\Windows\paytime.exe

I then Rebooted?..

AVG Boot-up Scanner (ver 7.1)
Detected a virus
C:\Winstall.exe spyware spytrooper.G
Recommend reboot and restart system from virus free diskette then use AVG Rescue Disk and remove the virus by healing.

Did this and it found nothing.
Ran AVG found nothing.

Still detects [C:\Winstall.exe spyware spytrooper.G] on boot-up


HJT Log:
Logfile of HijackThis v1.99.1
Scan saved at 12:05:23 AM, on 11/18/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\OFFICE51\SOINTGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FI... Read more

A:Downloader.Generic.FCB + PSW.Generic.DYD + others

just a bump

14 more replies
Answer Match 34.44%

Hi,

I can't get rid of either or these trojans. Please help!!!!

I ran the HiJackThis and here is the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:04:34 PM, on 1/16/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\PackethSvc.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\COMPAQ\Compaq Advisor\bin\compaq-rba.exe
C:\WINDOWS\System32\CTsvcCDA.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\WINDOWS\System32\nvsvc32.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WgaTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\lanmanwrk.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:... Read more

A:Generic.dx and generic RookKit.a

Hi, niki804

Welcome.

We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP, or Service Pack 4 if you are running Win2k. Without this update, you're wide open to re-infection, and we're both just wasting our time. Click here Apply the update, reboot, and post a fresh Hijackthis log.
 

2 more replies
Answer Match 34.02%

Trojan Horse Generic7.VWR, Adware Generic.ANL, Trojan Horse generic 10.BDQU, YLG & ARQZ, Backdoor Generic9.UXL, Trojan Horse SHeur.AZUV & JS/PsymeMy wifes freind complained that her computer was too slow and needed some new hardware. She wanted me to have a look> I was thinking check for RAM, Vid card, Sound card kind of stuff. What I found instead was a computer that was so slow it was near unusable and virus/ad/mal/spyware infested. Further research found that this was one of the Packard Bell's that was shipped with Norton Internet Security 2004, but she had not updated the license. So basicaly, since 2006, she has been online with no protection at all. I wwent to the Packard Bell site and got the application to uninstall Norton and replaced it with AVG (Free version) and Sygate Personal Firewall (Free version) and turned off Windows Firewall.I have scanned with AVG, installed and ran ad-aware, Spybot S&D, Bit Defender, Mcafee Stinger, Updated the OS and installed HiJack this. Here is the log:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:27:20, on 03/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS ... Read more

A:Trojan Horse Generic7.vwr, Adware Generic.anl, Trojan Horse Generic 10.bdqu, Ylg & Arqz, Backdoor Generic9.uxl, Trojan Hors...

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please reply to this topic stating that you still need help and I will work with you on resolving your computer problems.

Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, feel free to create a new one.

Once again, I apologize for the delay in responding to this topic.

1 more replies
Answer Match 33.6%

Hi. I am hoping you may be able to help. I was using Youruninstaller (which I now think was infected) to uninstall a programme. I noticed the CPU usage and processor were working overtime. I did a scan with Spyware Doctor and it detected Email-worm.Zhelatin which I removed and thought I was in the clear.

I then tried to uninstall Youruninstaller with Revo Uninstaller. When doing this Kaspersky internet security quarantined riskware Trojan.generic.

I did another Spyware doctor scan which detected no further virsuses. However, the processor is still working overtime and often spikes, making the computer slow. Also, I cannot install new programmes without getting a error message.

What should I do to restore the system? I have deleted TEMP and TIF files and enabled Show Hidden Files & Folders. Thank you for any help.

Here is my DSS report

DDS (Ver_09-01-07.01) - NTFSx86
Run by Family at 18:40:26.73 on 08/01/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.44.1033.18.1790.1181 [GMT 0:00]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated)
FW: Kaspersky Internet Security *enabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2e... Read more

A:Riskware Trojan.generic & riskware worm.P2P.Generic

Howdy, my name is Hoov, and I will be helping you with your dilemma. I appologize for the delay in getting you help.Please make sure you watch this thread for responses. If you click the options tab at the top of your first post, you can select to track this thread. Here is what I am asking you to do during the repair of your computer*Tell me everything that you have done, if anything, to try and fix this problem.*Please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.*Follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go. Don't install anything, even other programs that have nothing to do with security or malware, it could cause things to change, and I would never know it. *Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try. *Stick with me to the end. My aim is to fix your problems, and give you the tools and knowledge to keep this from happening again.Now onto trying to fix your computer.It has been a while since you posted your log, if you still want help could you please post a new one?Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to ... Read more

3 more replies
Answer Match 32.76%

Hi, I keep getting the following message "Generic Host Process for Win32 Services has encountered a problems and needs to close." Short after that I lose my Internet connection. I went to the chat and was asked to post a HijackThis log here. I ran Adaware and Spybot and deleted what it found.Below please find my HijackThis logLogfile of HijackThis v1.99.1Scan saved at 19:12:56, on 04.09.2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Programme\AntiVir PersonalEdition Classic\sched.exeC:\Programme\AntiVir PersonalEdition Classic\avguard.exeC:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\RunDLL32.exeC:\WINDOWS\SOUNDMAN.EXEC:\Programme\AntiVir PersonalEdition Classic\avgnt.exeC:\Programme\Java\jre1.5.0_06\bin\jusched.exeC:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exeC:\WINDOWS ... Read more

A:Generic Host Problem - Loosing Internet Connection / Generic Host Problem

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. I apologize for the delay getting to your log, the helpers here are very busy.Your log is clean, so I don't think the issue is malware related. But let's see if we can figure it out for you.Click Start -> Run -> eventvwr.mscLook in SYSTEM and APPLICATIONS for anything around the time you are getting the error.Double click on anything you see with a red X, press the Copy button, and then paste it here in your next reply.

4 more replies
Answer Match 31.5%

Hello everyone. I had a problem with my PC once in the past & someone here was really nice & showed me how to fix it so here I am again with another problem hoping that someone can help me again.

I got a result in my AVG Anti-Virus scan that had 10 infected files that were not removed.
These are the files:

C:\System Volume Information\_restore{6C78443-313E-4C28-8F15-6B7C41ECCE60}\RP43\A0038541.exe
Trojan horse Generic11.AV
C:\System Volume Information\_restore{6C78443-313E-4C28-8F15-6B7C41ECCE60}\RP43\A0038541.exe:\IMKKZI~1.EXE
Trojan horse Generic11.AV
C:\System Volume Information\_restore{6C78443-313E-4C28-8F15-6B7C41ECCE60}\RP43\A0038544.exe
Trojan horse Dropper.Generic.AAMD
C:\System Volume Information\_restore{6C78443-313E-4C28-8F15-6B7C41ECCE60}\RP43\A0038544.exe:\setup.exe
Trojan horse Dropper.Generic.AAMD
C:\System Volume Information\_restore{6C78443-313E-4C28-8F15-6B7C41ECCE60}\RP43\A0038549.exe
Trojan horse Generic11.AV
C:\System Volume Information\_restore{6C78443-313E-4C28-8F15-6B7C41ECCE60}\RP43\A0038549.exe:\IMKKZI~1.EXE
Trojan horse Generic11.AV
C:\System Volume Information\_restore{6C78443-313E-4C28-8F15-6B7C41ECCE60}\RP43\A0038551.exe
Trojan horse Dropper.Generic.AAMD
C:\System Volume Information\_restore{6C78443-313E-4C28-8F15-6B7C41ECCE60}\RP43\A003851.exe:\setup.exe
Trojan horse Dropper.Generic.AAMD
C:\System Volume Information\_restore{6C78443-313E-4C28-8F15-6B7C41ECCE60}\RP43\A0038556.exe
Trojan horse Generic11.AV
C:\System Volum... Read more

A:Trojan horse Generic 11.AV & Trojan horse Dropper.Generic.AAMD

9 more replies
Answer Match 31.5%

System - Windows 7 Home Premium - 64 bit
After Mcafee scan shows: 2 "unresolved issues". They are 1. Generic PUP.x!ct 2. Generic PUP.z!ca. Mcafee says under "potentially unwanted programs" that they were "unable to delete" these malware programs. What are they and are they harmful to my system? How do I remove them if necessary? I am a bit of a novice so thanks for the help. THX, SK
 

A:"Generic PUP.z!ca" & "Generic PUP.x!ct" Mcafee - "unable to delete" after scan

Hi there.

Those are most probably false positives. What files are being detected as such?

When something is labeled "Generic" it means that McAfee doesn't know what it is but that it looks like something else it knows about.
 

3 more replies
Answer Match 29.82%

I downloaded a program yesterday and ran it but nothing happened. Then I read comments on a video of it and someone said it was most likely a RAT and another guy saying it was probably a virus. I can provide the file if that will help. I don't want a RAT.

A:May have downloaded a RAT. Don't know what to do.

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

1 more replies
Answer Match 29.82%

Is there any utility that will tell me after the fact who downloaded anything to me? In my case, it's probably an update of some kind. But it has already happened because I see in Networx > General > Today that sometime this morning about 600 mb was downloaded to my computer. Is there any record of the source of this download in Win7, Firefox or some utility I can use to discover today's download, and to maintain a log in the future?

A:who downloaded to me?

Hello -It may not be unusual for a program to update itself if you are subscribed to it, like many Adobe products that Auto Update -Thank You - Detals of what Networx Can ShowText edited to show link to programs base

4 more replies
Answer Match 29.82%

I was working trying to fix my DVDFab express tonight, and I was using a keygenerator... bad I know... but anyways, I ended up downloading and installing something that made my desktop wallpaper go to white and flicker... THe program initiated a msdos looking window with an error message that asked me if I wanted to abort... I couldn't choose anything and had to reboot... that's when I found it had erased my wallpaper and I couldn't get it fixed.. i knew it was some kind of malicious program...

so i came to you guys and I have followed all your steps... My wallpaper is back and I think I have gotten rid of most stuf, but my computer is still running kind of weird, slow, just not the same....

I have ran Adaware SE Personal, Spybot, Notron Anti-Virus, Kapersky Online Scanner, CWShredder, and Spyware Blaster... Please see if something else is on there...

Thanks Guys!!!!

Here is my HijackThis log...



Logfile of HijackThis v1.99.1
Scan saved at 12:32:05 AM, on 12/31/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Intern... Read more

A:I Downloaded Something Bad!!!!

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Please download Ewido Security Suite at http://www.ewido.net/en/download/.

1. Install Ewido Security Suite.
2. When installing, under 'Additional Options' uncheck:
* Install background guard
* Install scan via context menu
3. Launch Ewido, there should be an icon on your desktop, double click it.
4. The program will now open to the main screen.
5. When you run Ewido for the first time, you will get a warning 'Database could not be found!'. Click OK. We will fix this in a moment.
6. You will need to update Ewido to the latest definition files.
* On the left hand side of the main screen click update.
* Then click on Start Update.
7. The update will start and a progress bar will show the updates being installed. The status bar at the bottom will display 'Update successful'.
8. Exit Ewido. DO NOT scan yet.

If you are having problems with the updater, you can go to http://www.ewido.net/en/download/updates/ to update manually.

Download CleanUp! http://cleanup.stevengould.org/ (Alternate Link if main link don't work - http://www.greyknight17.com/spy/CleanUp.exe ) and install it. Don't run it yet.

Restart your computer and boot into Safe Mode (if you d... Read more

1 more replies
Answer Match 29.82%

downloaded IE9, but cant find it did search, found an empty folder but that all thats marked IE, toshiba laptop running mozilla firefox 3.6

A:ie downloaded but not there

When you say downloaded, if you've kept your Vista updates up to date you should have SP2 and IE9. Go to your Windows Updates and install and check in restore hidden updates for more installations.

3 more replies
Answer Match 29.82%

I took advantage of the student offer of Windows 7 and last night downloaded windows 7. I thought that because my laptop was 64 bit capable I could do a clean install to it from the download, which I now obviously realise was a mistake.

Does anyone know how I can change this download for a 32 bit version?

Thanks

A:Downloaded 64 bit but need 32 bit

Why can't you install 64bit? Have you tried and got an error?

2 more replies
Answer Match 29.82%

Think i accidently downloaded something or not, Over the past week it has been getting slower and ie has now been hanging up. here is a dss log and thank you:Deckard's System Scanner v20071014.68Run by Gil on 2008-06-09 22:07:02Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --28: 2008-06-10 02:07:21 UTC - RP513 - Deckard's System Scanner Restore Point27: 2008-06-10 00:51:33 UTC - RP512 - System Checkpoint26: 2008-06-04 03:16:24 UTC - RP511 - Software Distribution Service 3.025: 2008-06-03 21:13:28 UTC - RP510 - Software Distribution Service 3.024: 2008-06-03 02:32:27 UTC - RP509 - Software Distribution Service 3.0-- First Restore Point -- 1: 2008-03-13 20:18:23 UTC - RP486 - System CheckpointBacked up registry hives.Performed disk cleanup.Total Physical Memory: 448 MiB (512 MiB recommended).-- HijackThis (run as Gil.exe) -------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:10:47 PM, on 6/9/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16640)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC: ... Read more

A:Think I Downloaded Something, Help

Hello and welcome to BleepingComputer I don't see any malware there.Some points:Do you have a bought license for Norton? Or did you get it for free? The reason I'm asking is, it's a really heavy app for an antivirus. You can install a better antivirus that's waaaay lighter and easier for the computer, and takes less ram and actually is more efficient too.So, I recommend uninstalling Symantec's products and installing AntiVir (That's the promotion license for AntiVir Premium -- 6 months for free. You can get their free edition here) or Avast! instead.Another valid point: when did you install Service Pack 3? There has been several flaws with it.. Some people have really bad problems with SP3, I seem to be one of the lucky ones with no issues. Did you notice the problems after installing it?Also have a read through THIS TOPIC.Finally.....Click Start >> Run and paste in:"%userprofile%\desktop\dss.exe" /daftClick OK.Click OK to the prompt from Deckard's System Scanner.Click Scan.Checkmark every entry found.Click Fix.Let me know how you get on.

2 more replies
Answer Match 29.82%

Is there a way to find out just how much in total the Get Windows 10 app has downloaded it so far?

A:How much of W10 downloaded?

There's no way to know that when Windows 10 hasn't been officially released yet. Maybe at a later date.

41 more replies
Answer Match 29.82%

alright so i would say i am pretty computer literate at least for 16 you put me in my whole high school i would pry be second best, here is my HJT file i cant find nothing but i can tell you my problem the quick launch bar is messed up i open it an nothing is there it opens but just lines come and regedit says its in use by another program and task manager wont open

View attachment 32453
 

A:Downloaded something bad help please

Clear these three items in HJT and rescan:

O2 - BHO: (no name) - {3745D43B-4A84-485D-8EE9-BC6D0401DBF6} - C:\WINDOWS\system32\vtUkIBqR.dll
O2 - BHO: (no name) - {4F96CCB9-01EC-419E-AAEA-C2C913F2A236} - C:\WINDOWS\system32\byXRkIYS.dll
O20 - Winlogon Notify: byXRkIYS - C:\WINDOWS\SYSTEM32\byXRkIYS.dll

If they are still present, then download MalwareBytes Anti-Malware and while you are there grab the RogueRemoverFree as well. FileASSASSIN is under More Tools in Anti-Malware, and can actually delete the files while in use. Run that if the files wont delete or keep showing up in HJT. Make sure you update MalwareBytes before you do a full scan
 

7 more replies
Answer Match 29.82%

hello my coputer is windos vista and the problem is everery time that i try to downloading anything i cant because there is a box that say "you current security setting do not allow this file to be downloaded" plis i really need help michael

More replies
Answer Match 29.82%

Hey.
I have had some problems with my computer, and know I have tried my best. Someone told me to download Hijack and then post my log here. Could someone please take a look at it-, If there's something more to be done, please let me know.

Thanks

Logfile of HijackThis v1.98.2
Scan saved at 21:57:56, on 11.10.2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe
C:\Programfiler\Norton AntiVirus\navapsvc.exe
C:\Programfiler\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programfiler\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Programfiler\Nokia\Nokia PC Suite 5\DataLayer.exe
C:\Programfiler\Fellesfiler\Nokia\NCLTools\NclTray.exe
C:\PROGRA~1\ELEKTR~1\OPTISK~1\Amoumain.exe
C:\Programfiler\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe
C:\Programfiler\Fellesfiler\Nokia\Services\ServiceLayer.exe
C:\Programfiler\Musikk\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\bcmwltry.exe
C:\Programfi... Read more

A:Just downloaded HJ.

Download LSP Fix

LSP Fix download link

It's a program that can restore your internet connection if it's lost after the NewDotNet uninstall.

Uninstall NewDotNet via Start-Control Panel-Add or Remove Programs.

Restart your computer.

If that fails, then follow the instructions below:
PROCEDURE 4 (Download Uninstall from New.net):

From a computer that has Internet access, click on the following link:

NewDotNet uninstaller
Download and save uninstall6_22.exe to a 3- floppy disk.

Insert the floppy disk into the floppy drive of the computer that needs to have our software uninstalled from.

Click on Start.

Click on Run.

In the Open window type, A:\uninstall6_22.exe.

Click on the OK button.

Re-start the computer.

http://www.newdotnet.com/


Uninstall:

MyWay or MyWebSearch

Twaintech

Restart the computer.

Download and save these freeware/donationware programs to a permanent folder. Remember to check for updates and run them weekly.
***NOTE***A new version of Ad-aware has been released.
***ALSO***A new version of SpyBot's been released (v1.3...it's no longer in beta). If you have been using 1.2 you can install right over it. If you downloaded and used 1.3 beta it is suggested you remove it and reboot prior to installing.
Ad-aware SE download

Configure Ad-aware
First in the main window look in the bottom right corner and click on "Check for updates now." then click Connect and download the latest reference files.... Read more

1 more replies
Answer Match 29.82%

Hello. I downloaded the new sp3 update yesterday and followed all the instructions and i was ready to restart my computer. When i did, everything went fine until after the loading screen it gave me a blue error screen. Since i needed the computer in working order, I used a pc recovery tool (pressed F10 when it started up) and did a non-destructive recovery which took about 20 minutes. Then after that was done i had to restart and do the windows first start up thing. Then i finally finished and saw that all of my custom features and files were no where to be found! All my applications and games that i downloaded are still in shape, but all of the custom features (like background, WMP playlists, Updates) were all gone. so is there any whay which i can restore my old settings? I need to have all my original settings as soon as i can please .

Thanks

A:I really need help, downloaded SP3...

Hi cloud366, it sounds like you have done a repair install. When you pressed F10, did you choose Last Known Good Configuration from the boot menu?

Also, check in C:\Documents and Settings for a duplicate profile. It could be that your original profile has corrupted and Windows built you a new one.

All those type of "custom features" live in your local profile.

3 more replies
Answer Match 29.82%

I opened a file from AIM, and now all these programs are trying to modify my computer. All help would be appreciated.

Logfile of HijackThis v1.99.1
Scan saved at 8:10:06 PM, on 9/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\system\wcisvc.exe
C:\Program Files\AIM\aim.exe
C:\Documents and Settings\Yolkavich\Desktop\HijackThis.exe

R3 - URLSearchHook: AOLTBSearch ... Read more

More replies
Answer Match 29.82%

i downloaded a thing i thought was safe but turns out my mcafee site advisor and mcafee software let a trojan get on my computer. it the TrojanDownloader:WIN32/zlob.ZWC. microsoft malicious software tool detects it but wont remove it. mcafee dont detect it at all.
 

A:HELP PLEASE i downloaded and cant get rid of it

* Click here to download HJTsetup.exe.
Save HJTsetup.exe to your desktop.

Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
 

1 more replies
Answer Match 29.82%

I just purchased a new HP desktop, INtel core 2 Quad processor, 64 bit performance with 8gb of ram, 1 Terrabyte hard drive. It came with Vista home premium 64 bit edition. I had previously purchased Vista Ultimate for a laptop that no longer works. When I downloaded Vista Ultimate I put in the 32 bit instead of the 64.....I am not able to do a restore to go back to the way I purchased it. I am not very computer savvy. Can anyone please help??? Thank you. And what would be the down fall for keeping the 32 bit installed (somone had told me I wouldn't be using the full capicity of the computer) Thanks again.

A:Downloaded 32 bit instead of 64 bit HELP

Originally Posted by cmb1966


I just purchased a new HP desktop, INtel core 2 Quad processor, 64 bit performance with 8gb of ram, 1 Terrabyte hard drive. It came with Vista home premium 64 bit edition. I had previously purchased Vista Ultimate for a laptop that no longer works. When I downloaded Vista Ultimate I put in the 32 bit instead of the 64.....I am not able to do a restore to go back to the way I purchased it. I am not very computer savvy. Can anyone please help??? Thank you. And what would be the down fall for keeping the 32 bit installed (somone had told me I wouldn't be using the full capicity of the computer) Thanks again.



32bit will only see 4gigs of ram and usually only be able to use abt 3.3 its also a bit slower depending on how you use it. when changing from one OS format (32bit) to another (64bit) it has to be a clean install.

Now about restoring you may have a backup there and available but since you are 32 bit and it isnt you cant use it. If you were to reinstall vista 64 it probably be available

7 more replies
Answer Match 29.82%

system running : windows XP professional with sp3

okay, as the title implies, while surfing the internet a tab appeared in the firefox window that said "Updating..." but never showed/displayed anything. After that, I noticed the windows start/tool bar had changed from the XP theme version to the classic version. Then i noticed that there was no network connectivity. When I tried to look up what was wrong, the properties, rename, and delete options have been disabled from the right-click menu.
I received a message that there was attempt to update registry but whatever was done was restored, then my PC reboot.
what I've done so far:
I tried to boot using the windows xp CD but nothing happens. Windows eventually boots up, but I don't get any options to run repair or anything.
Used CA anti-virus for scan and found nothing (did this again in safe mode and still found nothing)
I did a search to see if I could find what was modified, it shows that all user accounts including a Helpassist?? account have been updated in some form or fashion so i don't know what else to do

I see svchost.exe, services.exe, and system taking up 50% of CPU occasionally but not sure what to make of that.

to get the internet started I tried to turn on some network services but all failed due to 'timeout'

Please let me know any ideas, or how to get started on trying to fix this problem.

thanks,
homero
other pcs are connected to the internet just fine.

A:pop up downloaded something

any ideas? anyone? a starting point?

2 more replies
Answer Match 29.82%

Hello

I have setup every application to "ask me before checking for updates",

Even when I am not using any brower, email or any opther application, I notice that my lights on my modem are blinking quite fast... that is something is being downloded. It has been going on for quite sometime.

How do I find out what is being downloded (or uploaded)?

I use
toshiba laptop
window 7 prof
IE9
MS office 2010
Internet secuirity (antivirus, etc ...) from Bell
Thank you very much
 

A:How do I know what is being downloaded?

And you have no browser open? And check for new email only infrequently?

You could try disconnecting from the modem and see if any program complains.

In Network Connections right click on your connection and select Status. Watch the Bytes sent and received to get an idea of the upload vs download and how much.
 

3 more replies
Answer Match 29.82%

So far I like it. However, I do a lot of photos and cannot figure out how to set up a new folder and organize them. Any advice ? Thank you
 

A:Just downloaded W10.

10 more replies
Answer Match 29.82%

So I downloaded something and although avast said it blocked a trojan/virus, I just want to sure my PC is safe/clean. Think you guys can help me out? 
 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 7:10:11 PM, on 2/5/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18163)
 
FIREFOX: 42.0 (x86 en-US)
Boot mode: Normal
 
Running processes:
C:\Users\Gene\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gene\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Softwar... Read more

A:downloaded something...

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Download Malwarebytes' Anti-Malware from HereDouble-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).The scan may take some time to finish,so please be patient.If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Log... Read more

2 more replies
Answer Match 29.82%

i downloaded the Quick Lanch Button but everytime after full download completed, it says network error...

More replies
Answer Match 29.4%

Hi!
 
I`ve downloaded and registered program but can`t find it anywhere on computer
need help

A:downloaded program

What's the program?

1 more replies
Answer Match 29.4%

Okay, I did a dumb thing. I actually wanted to transfer my Carbonite account to a new computer. It is a laptop with a 40 Gig of HD. I realized (perhaps too late) that I selected "Reinstall" instead of Transfer My Account" and that my Carbonite files were larger than the laptop could handle. Well I stopped the downloading of files when the computer said that it had no more room. Later the computer screen went black (actually light gray) and the lights were lit up showing that it was reading or trying to read the files it had. It never completed it's boot up.

I tried to go in and reboot it into a Safe mode, but it won't let me. Says it can't go into the Safe Mode.

So, is there ANY way to save my hide and get this back?
 

A:Downloaded too much... now won't boot.

I don't have an answer for you (yet) but I did go ahead and mark it unsolved for you.
 

3 more replies
Answer Match 29.4%

ComboFix 09-08-10.06 - nancy bernal 16/08/2009 22:07.1.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.228 [GMT -7:00]Running from: c:\documents and settings\nancy bernal\Desktop\combofix.exeAV: CA Anti-Virus *On-access scanning disabled* (Updated) {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}FW: CA Personal Firewall *disabled* {14CB4B80-8E52-45EA-905E-67C1267B4160}.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\docume~1\NANCYB~1\APPLIC~1\alotc:\docume~1\NANCYB~1\APPLIC~1\DriveCleaner 2006 Freec:\docume~1\NANCYB~1\APPLIC~1\DriveCleaner 2006 Free\Logs\update.logc:\docume~1\NANCYB~1\APPLIC~1\FunWebProductsc:\documents and settings\angel\Application Data\SpamBlockerc:\documents and settings\nancy bernal\err.logc:\documents and settings\nancy bernal\ResErrors.logc:\documents and settings\scareface\Application Data\SpamBlockerc:\documents and settings\scareface\Start Menu\Programs\InternetGameBoxc:\documents and settings\scareface\Start Menu\Programs\InternetGameBox\InternetGameBox.lnkc:\documents and settings\scareface\Start Menu\Programs\InternetGameBox\Uninstall.lnkc:\documents and settings\scareface\Start Men... Read more

A:Downloaded ComboFix

ComboFix logs should not be posted outside the HijackThis forums. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert." It is NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.If needed, we will direct you to our HJT Preparation Guide.Thank you for using BleepingComputer as your malware removal source.This topic is now closed. The BC Staff

1 more replies
Answer Match 29.4%

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz, x86 Family 15 Model 4 Stepping 1
Processor Count: 1
RAM: 765 Mb
Graphics Card: Intel(R) 82865G Graphics Controller, 96 Mb
Hard Drives: C: Total - 76308 MB, Free - 45249 MB; E: Total - 381551 MB, Free - 274164 MB;
Motherboard: Dell Computer Corp., 0WC297, , ..CN70821551008X.
Antivirus: AVG Anti-Virus Free Edition 2011, Updated: Yes, On-Demand Scanner: Enabled I cannot play any games such as mass effect 1or2 without nvida wich will not work on my little pc? what do i need to download to enhance my graphics package ed
 

A:downloaded to death.

You can't download anything that will help. That PC will not run Mass Effect 2; it would need a faster processor, which would require a new motherboard, and more RAM, and a better graphics card, which would require a new motherboard and new power supply to meet the requirements. So you actually need a whole new computer, one built/designed for gaming.

System Requirements for ME 2: http://www.game-debate.com/games/index.php?g_id=518&game=Mass Effect 2
 

1 more replies
Answer Match 29.4%

I downloaded Accelerator software and problems ensued. I removed the program, deleted files from Cache, did a Norton and a Spybot scan, thought it was going to go away. Didn't. I have since downloaded Prevx software, Ad-Aware SE, Hijack This and run these. Still problems. I get the c/documents and settings message and the about:blank message and the Prevx intercepts a ton of attempts from something called Terrabyte. Maybe I'm not doing the software right. Attached is my log of the Ad-aware scan. Please help:

Logfile of HijackThis v1.98.2
Scan saved at 6:26:18 AM, on 9/22/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\NavNT\rtvscan.exe
C:\Program Files\PREVX\Prevx Home\PXAgent.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NavNT\vptray.exe
C:\WINDOWS\System32\S3tray2.exe
C:\WINDOWS\System32\MsgSys.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\WINDOWS\System32\IEHost.exe
C:\PROGRA~1\INTERN~2\inetmgr.exe
C:\WINDOWS\system32\pcs\pcsvc.exe
C:\Program Files\Messenger\msmsgs... Read more

A:Downloaded a problem

6 more replies
Answer Match 29.4%

Hi:
Wondering if you can help me with this. When i am trying to run WinZip.exe which i dowloaded from the net, i get the following message:
"Winzip Self-Extractor Header corrupt.Possible cause:bad disk or file transfer error."
I tried running another downloaded version but still get the same message.

There is another program that i downloaded and trying to install.I get the message:
"Installer CRC invalid". I feel this error is only with installation of any new downloaded software. What could be the problem?
Would appreciate your help.
Thanks.
Op : Win98
 

A:Running Downloaded Exe. {cih}

16 more replies
Answer Match 29.4%

I downloaded a wolf3d from utorrent it is resident on my desk top and when I click on it a command box apears and at the top it says C:\docume~1\minemi~1\desktop\wolf3d.exe. I try to delete it ands it says cannot delete wolf3d:it is being used by another person or program. Close any programsthat might be using the file and try again. here is the log from dss Deckard's System Scanner v20071014.68
Run by Mine Mine on 2008-06-13 08:00:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Mine Mine.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:01:17 AM, on 6/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Godlike Developers\RAM Saver Pro\ramsaverpro.exe
C:\Program Files\Spybot - Search & D... Read more

A:downloaded program

Thanks but i figured it out myself. Just took me a while to figure it out after being up for almost 48 hours. Brain wasn't functioning. But I got it.

1 more replies
Answer Match 29.4%

I was sent a file that was spose to be a APP on playstation burning, stay away from this file. Now I cant get into to my control panel I cant remove programs, my zip files are unreadable....... nothin! It doesnt seem like a virus. Its like a nonremoveable .EXE Can someone help me!!!!!!!!
 

A:downloaded bullsh*t please help

6 more replies
Answer Match 29.4%

We have upgraded Internet explorer to version 11. now we are not able to download pdf files from our internal web application. Error message :
****.pdf couldn't be downloaded. There is not issue while we try from IE 8.

More replies
Answer Match 29.4%

I have some kind of software been downloaded on my computer I didn't do
the software is WinPcap 4.1.2 CACE Technologies does this need to be on my computer
 

A:downloaded software

6 more replies
Answer Match 29.4%

I have a problem with a slow running pc (XP) the only thing which I can see whilst running scans for problems is Starware, I cannot see this in any programmes, cannot find this in any file search through the whole C drive. I have used Mcafee, AVG free and Spywarebot, which can all see Starware but do not see it as a problem. I have tried spyhunter but this does not find Starware either.

I have run Hijackthis and the log file is detailed below:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:31:14, on 25/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.... Read more

More replies
Answer Match 29.4%

I just finished downloading the rc but when I double click it I only get a readme.txt but the rar archive says 2.35gb I need help how do I uncompress it plz help... I was told ysterday that I could download it and install it by autorun I did thia with the beta and it worked I need help!

A:I just downloaded the rc but how do I get the autorun!

  
Quote: Originally Posted by yadielfeliciano


I just finished downloading the rc but when I double click it I only get a readme.txt but the rar archive says 2.35gb I need help how do I uncompress it plz help... I was told ysterday that I could download it and install it by autorun I did thia with the beta and it worked I need help!



We need more info on how you download the RC, Do you have a program to unpack it, then you can install it ????

5 more replies
Answer Match 29.4%

Okay, somebody please correct me if I'm wrong. My main goal is I want to burn avi files onto blank DVDs files I have on my computer. If I'm not mistaken, based on all the information I've read from lots of people on this site, I assume the following is correct, but if not, somebody with experience in this subject please help!
1. i have a downloaded .avi movie from the internet around 700,000Kb or so
2. I'm thinking that I'm supposed to use VirtualDub to capture and make a file of JUST the audio from the file and make it a .WAV
3. Then I use TMPGEnc to convert ONLY the video of the original downloaded file to mpeg-2.
4. Now I'm confused. Somehow or another I guess I'm supposed to fuse the two separate files together and "shrink" the newly created mpeg-2 file. And since the complete file is going to be really big, do I have to "compress" it somehow so it will fit onto the standard DVD+R? And can I do all this with Ulead Movie Factory 2E? That's the program that came with my DVD burner.
5. If I'm leaving something out PLEASE tell me, folks! You all have helped me every time in the past, and I am really grateful for that.
 

A:downloaded avi-->mpeg-2-->DVD+R

Originally posted by NYCaztecDC:
Okay, somebody please correct me if I'm wrong. My main goal is I want to burn avi files onto blank DVDs files I have on my computer. If I'm not mistaken, based on all the information I've read from lots of people on this site, I assume the following is correct, but if not, somebody with experience in this subject please help!
1. i have a downloaded .avi movie from the internet around 700,000Kb or so
2. I'm thinking that I'm supposed to use VirtualDub to capture and make a file of JUST the audio from the file and make it a .WAV
3. Then I use TMPGEnc to convert ONLY the video of the original downloaded file to mpeg-2.
4. Now I'm confused. Somehow or another I guess I'm supposed to fuse the two separate files together and "shrink" the newly created mpeg-2 file. And since the complete file is going to be really big, do I have to "compress" it somehow so it will fit onto the standard DVD+R? And can I do all this with Ulead Movie Factory 2E? That's the program that came with my DVD burner.
5. If I'm leaving something out PLEASE tell me, folks! You all have helped me every time in the past, and I am really grateful for that. Click to expand...


"Minimum wage is just another way of saying, 'If I could pay you less, I would!' "Click to expand...
 

1 more replies
Answer Match 29.4%

Hi,I downloaded Privitize Vpn a couple of days ago not realizing what it was. I tried uninstalling it but now my computer's acting really slow and there are ad links on my web page text trying to take me to random places. I'm pasting and attaching the DDS logs. Any help would be greatly appreciated.-JCDDS LOGDDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16453Run by jorgecruz at 18:05:07 on 2013-02-01Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3941.1971 [GMT -5:00].AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Outdated* {16C7C823-5972-5907-58FA-0004E2F9422F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}.============== Running Processes ===============.C:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\system32\dwm.exeC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k LocalServiceC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k NetworkServiceC:\windows\System32\s... Read more

A:Downloaded Privitize VPN

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top o... Read more

12 more replies
Answer Match 29.4%

hi i downloaded a demo of family feud party online i tryed to play it for an hour and could not get into a game. then my free trial was up . i tryed downloading it again but it wont let me play, is there any way of deleting all the data so that i can try again thx
 

A:downloaded demo

11 more replies
Answer Match 29.4%

I have Media Player 11. When I decided to put my new system up here in my bedroom, is there any way to backup the DMR to my new system. I've done some searching but haven't been able to find anything.

Patrick

A:Downloaded Music

I'm guessing this is just the wrong question to ask?

Thank You
Patrick

1 more replies
Answer Match 29.4%

Hello, I have an HP laptop running Vista Home Premium 64-bit. It's actually been relatively fine for me until the last few days. I was having some problems editing video files and couldn't figure out why, so I updated to service pack 2. Around the same time, although I honestly cannot be sure that it was because of the update, none of my downloads will work. I believe it happened once or twice before I updated my sp but now I can't download ANYTHING. It's bizarre. The entire file will download and the file will show download progress just like normal. But, once complete the file shows up as 0 kb and doesn't open. I've tried using firefox 3.5.3 and IE 8...both do the same thing. I have also checked my permissions and made sure that I am allowed access to all of the folders that the documents are saved in. Nothing seems to help.

I really don't want to have to format/reinstall windows since I have quite a bit of stuff I would need to backup. Any help would be EXTREMELY appreciated. Thanks.

A:Downloaded Files are 0 KB...Need help

What antivirus are you running?

29 more replies
Answer Match 29.4%

I just downgraded from Vista SP2 to Vista SP1 and by doing so, have somehow screwed up my downloads in both Firefox and IE8. Whenever I download in either one, the download results in a file that is 0 kb.

The strange thing is, Google Chrome somehow wasn't affected by this downgrade (if that's what caused this) and I can download files fine in that browser.

Can someone tell me what's going on here and how to fix this in IE8 and FF 3.5? I've already tried reinstalling FF and it didn't help at all.

A:Downloaded Files Are 0 KB

Why did you downgrade form SP2 to SP1? Try reinstalling SP2.

2 more replies
Answer Match 29.4%

Hi ,I downloaded a movie and can't seem to get it to work on quick time player. Can anyone tell me the best utlity to watch a movie on.

Thanks
 

A:downloaded movies(what is the best...

7 more replies
Answer Match 29.4%

I made the stupid mistake of downloading "trial" version of PCMightyMax that I saw referenced in forums. At the end of the download it told me I had 309 problems but it wouldn't "fix" them without ordering it. Which is ok; however, now I'm getting a constant popup telling me about my numerous problems and the "PC ambulance" is parked on my start bar. I hunted an uninstall (Add/Remove programs) and in Windows Explorer Programs file and it didn't have one so I just "deleted" it out of window explorer programs file. But I still have the popup and the ambulance parked on my desktop. Anyone know how to get rid of this? Did the CWS thing and it says my computer is clean. Here is my HJT file:
Logfile of HijackThis v1.97.7
Scan saved at 2:20:28 PM, on 8/31/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\SXGDSENU.EXE
C:\MOUSE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\REGPROT\REGPROT.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\REALTIME.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\UNZIPPED\HIJACKTHIS[1]\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Windows\CurrentVer... Read more

A:Downloaded PCMightMax

As far as the CD-Rom goes.. Try installing a new ASPI layer.. Forceaspi is probably the easiest way to do this.. http://radified.com/ASPI/forceaspi.htm

Check the run statement in you win.ini file in your windows directory for a call to the unwanted program.. I don't see it in your log..
 

1 more replies
Answer Match 29.4%

Hello, I have just purchased HP 15-ac149tx. I installed Windows 7 32 bit. And, I am looking for all drivers. I searched so much on google but can't find anything. I downloaded around 2-3 GB different drivers one by one to test but all wasted. This link is not showing any download option:http://support.hp.com/in-en/drivers/selfservice/hp-15-ac100-notebook-pc-series/8499326/model/8960419...

More replies
Answer Match 29.4%

Hi everyone - hope this is posted in the right area

I am trying to download a file from this page -

http://www.futuresmag.com/industry/downloads/downloads.html

when I click on the blue text of my choice, a box pops up asking me whether I want to open it from its present location or save it to disk. If I choose open it, a box comes up showing the download in process - at the end, I get a WinZip box, which says that this is an 'evaluation copy' and asks me what I want to do - agree to the evaluation conditions, quit, or get ordering info. I click agree, and I get a Winzip Wizard. I start trying to click my way through this process - I get screens like - 'Would you like to Unzip or Install from optr_por[1].zip' (I say yes) and then "Click now to unzip to selected folder, C:/unzipped/optf_por[1]. I say yes - a box comes up which says the files have been successfully unzipped to this location, and then a Windows Folder called TEMP pops up with an file inside it - the file is a Winzip icon, and seems to be the file I have just downloaded - it is called "optf por"....

Seems good so far. Then I click on it, hoping to see the document I have attempted to download. But I get a small box that says 'WinZip self extractor' at the top, and which says 'To Unzip all files in optf_por.exe to the specified folder, press the unzip button'. The specified folder is C:/WINNT/TEMP. I press Unzip and... a tiny box comes up which shows the p... Read more

A:where is my downloaded file?

mset
It can be confusing trying to keep track of where downloaded programs unzip to especially using winzip. I think your first step should be to clean out the default folder winnt temp. I don't believe there is anything needed there but just to be on the safe side don't delete anything from the recycle bin until you're sure you can reboot and run programs without error messages. Next instead of letting the program run itself without installing on your hard drive create a new floder on the C drive tree or whatever your hard drive letter is and save it to that folder (save to disk, browse, choose that folder C:temp that you created.) That way if it unzips to the winnt folder it should be the only program in there, plus you have the original download on your computer so you won't have to keep downloading each time . As to what program to use to open the file that depends on what kind of program it is. Good luck
 

1 more replies
Answer Match 29.4%

I went to yahoo images and downloaded a new wallpaper. i saved the image in the my pictures folder. i set the image as my wallpaper and everything was working fine. this was last week. a couple of days ago i boot up and there is no real wallpaper, just a green screen. all of my icons are there are and the computer still functions properly, there's just no wallpaper. i re boot and my wallpaper is back again. is there something wrong with my computer or is it the image. iv'e done this with a couple of wallpapers that i've gotten online.

any help will be much appreciated.

-thank you for your time.

More replies
Answer Match 29.4%

Hi allvery frustrating as I've trawled the forums and also tried everything but nothing happenslong story short,I have windows 8.1 on my laptop,did all the critical/updates,restarted etc..no problemsthe windows 10 pop up appears fine as well..so i follow the prompts etc ,since i don't want to wait i downloaded the windows creation tool from the official page,that downloaded fine and also ran fine..but then nothing happens,even after restartingwhat am i missing here?appreciate any help because i have run out of ideas herecheers

A:windows 10 downloaded but nothing happens..

also i forgot to add.i receive NO error messages whatsoever...

9 more replies
Answer Match 29.4%

I mistakenly downloaded something that I think is "privitize vpn" that keeps showing up when I try to search, and there are weird adds on sites that didn't have ads before. I tried to uninstall the program but I'm stilling having those issues.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 1.6.0_32
Run by linda at 16:27:04 on 2013-01-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.2086 [GMT -8:00]
.
AV: Panda Internet Security 2011 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Internet Security 2011 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2011 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Panda Security\Panda Internet Security 2011\PskSvc.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2011\WebProxy.exe
C:\windows\system32\... Read more

A:seem to have downloaded "privitize vpn"

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top o... Read more

7 more replies
Answer Match 29.4%

I writing from my kids computer. Stupid me downloaded a bug.
Now I get, A problem has been detected and windows has been shut down
to prevent damage to your computer.
Tech info:
STOP 0X0000007E (0XC0000005,0X804E37EE, 0XF899591C, 0XF8995618)

I can get to safe mode, but the arrow keys won't work, so I can't navigate.

I am not very techy, but can follow instruction.

Windows xp home IE 7

Help please,
IJ

More replies
Answer Match 29.4%

Hi,

I downloaded Windows 7 RC 64 bit and I'd love to install in on a partition on my PC ... only ... how do I make a bootable image of it?

I've downloaded ISOBuster as suggested at the Microsoft site, I also have MagicISO free version and Nero 8 Ultra, none of these seems to want to work for me.

I did a Nero copy of the image which apparently has nothing to do with a bootable image ... duh.

The MagicISO seems like it will work if I purchase it ... first things first ... can I do it for free?

The ISOBuster seems absolutely impossible to decipher it's "Simplicity"?

Can Nero make a bootable image?

Can anyone pray tell me what I don't know. I'm really eager to hear it.

Thanks,

John

PS I hope my dumbness is only temporary!

A:OK, I got Windows 7 RC 64 bit downloaded.

Have you tried Imgburn?

10 more replies
Answer Match 29.4%

My brother downloaded codec.exe onto his laptop, and now it is running slowly. Firefox and Internet Explorer redirects when I go on google, and click on the first link that appears. Help sort this out, I'm taking exams next year and I need this laptop to revise from!

Regards, GG

P.S. What do you want me to post, virus scan log wise?

A:codec.exe downloaded - help?

Hello and Welcome to TSF.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Answer Match 29.4%

I have managed to get a-hold of something that is messing with my system. I'm hoping someone can help me. The first sign something was wrong was with McAfee. It notified me I wasn't protected. When I tried to turn it on it would turn off on it's own. I have downloaded several security packages since and scanned but none have found the problem. Now the computer is becoming more and more sluggish.

I have an Acer Tablet with Intel and Atom, CPU N450 @1.66 GHz, 0.99GHz Ram, running Windows XP Home Edition 2002 Service pack 3

I will post my logs from HijackThis and GMER. I downloaded DDS onto my desktop and ran it 3 times but no logs are popping up. I know directions said to disable any script blockers but I don't think I'm running any and if I am I don't know where to go to find and disable them.

Thank you in advance for whatever help you can give.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:15:59 PM, on 6/8/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program... Read more

More replies
Answer Match 29.4%

Last nite something tried downloading to my system. I THOUGHT I denied it permission, but immediately A squared IDE started popping alerts whenever I opened any browsers or Outlook Express. (Since I thought I had denied it access to download, I didnt really pay attention to the warning).

So far nothing has tried accessing the internet (i.e., no Zone Alarm requests) but I do assume something "wrong" is here. Here is my Hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 5:17:48 AM, on 6/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\a2\a2guard.exe
C:\Program Files\WinAlarm\WinAlarm.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C... Read more

A:Help! Something downloaded and Cant find it

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem a.s.a.p

Please be patient with me during this time.

9 more replies
Answer Match 29.4%

Please look at my hjt log. I'm hoping you will be able to see what's wrong with my pc.

Thank you!

Logfile of HijackThis v1.99.1
Scan saved at 4:38:46 PM, on 11.24.06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Progr... Read more

A:I think my son downloaded somthing bad!

Run HJT again and put a check in the following:

O2 - BHO: (no name) - {F6788382-65D4-44BB-B375-63E2C38F03C2} - (no file)
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZN
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/2470c8c2e5b304b...p/RdxIE601.cab
O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} - http://install.wildtangent.com/bgn/p...im/install.cab
O16 - DPF: {666DDE35-E955-11D0-A707-000000521958} - http://69.56.176.227/webplugin.cab
O16 - DPF: {886DDE35-E955-11D0-A707-000000521958} - http://69.56.176.78/webplugin.cab

Close all applications and browser windows before you click "fix checked".
 

2 more replies
Answer Match 29.4%

Hi All,I have downloaded a few software like Java, openoffice 3.1 but not able to install. As soon as the install window/wizard comes up, it hangs right where it is. I have done a diagnostic and found the following information;DescriptionService LiveShare P2P Server 9 hung on starting.Problem signatureProblem Event Name: ServiceHangService Name: RoxLiveShare9Image Name: RoxLiveShare9.exe"Image Version: 0.0.0.0Service Type: 110Start Type: 2OS Version: 6.0.6002.2.2.0.768.3Locale ID: 18441Files that help describe the problemVersion.txtminidump.mdmpI then downloaded the combofix as per instruction from bleeping computer and pls find my log as follows. Will appreciate you help.ComboFix 09-07-19.04 - robin 20/07/2009 11:59.1.2 - NTFSx86Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.65.1033.18.2908.1664 [GMT 8:00]Running from: c:\users\robin\Desktop\ComboFix.exeAV: Windows Live OneCare *On-access scanning enabled* (Outdated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}FW: Norman Security Suite *disabled* {83B29CE9-9DE2-2CB5-9AB3-780D70FF12B0}FW: Windows Live OneCare Firewall *enabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: Windows Live OneCare *enabled* (Outdated) {CC7E50BA-BA8C-4DDE-B5AC-EA53BC38D01B}.((((((((((((((((((((((((( Files Created from 2009-06-20 to 2009-07-20 )))))))))))))))))))... Read more

A:downloaded but not able to install

Hello lost locksPlease note the message text in blue at the top of the Am I infected? What do I do? forum. ComboFix logs should not to be posted outside the HijackThis Logs and Malware Removal forum and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. That's the decision by the creator and we will abide by that decision.Please read the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". When you have done that, post your combofix and DDS/HijackThis log in the HijackThis Logs and Malware Removal forum for assistance by the HJT Team Experts.Alternatively you can start a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results but do not repost your combofix log. Then if needed, we will direct you to our HJT Preparation Guide.Thank you for using BleepingComputer as your malware removal source.This topic is now closed. If you have any q... Read more

1 more replies
Answer Match 29.4%

Have tried to download rkill after reading all about how to rid your computer of av security suite, and all four links will not work. Computer says security options will not allow download. Wondering how to get past that??

Thanks a bunch!!

Kristy

A:cant get rkill downloaded

Hello KristyFrom normal mode, have them download rkill.com to C:\Then click on start, run, and type c:\rkill.com to kill the security tool process, which blocks the exes.>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.Next run MBAM (MalwareBytes):Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.Before you save it rename it to say zztoy.exe alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab... Read more

3 more replies
Answer Match 29.4%

Hello-I have a windows xp (version 2002) Asus EeePC and I think I might have downloaded a virus accidentally whilst on a music radio website. I found that it messed up my internet browser and it would directly open to a website called "partner12.mydomainadvisor.com" Please advise what I should do to clean this up! I have changed the default from the wierd website to "google.com" but it still will default to this website "partner12..." if the domain name does not exist. i used to have norton antivirus but the subscription ran out and i did not renew...I know I should probably get something to protect my computer as well from now on. Thank you
 

More replies
Answer Match 29.4%

I have a 'flash gear' card reader which works with my old SanDisk Ultra II 2.0GB camera card. My new Sony HC 4GB card returns I/O error and crashes the reader. How can I cure this please guys or do I have to upgrade the reader which i have had for years?
 

A:SD card cannot be downloaded

mazda said:


do I have to upgrade the reader which i have had for years?Click to expand...

Unless it is an SDHC compatible reader that you've had for years, the answer is yes,

I just bought an SD card reader for $7.99 this morning.
 

1 more replies
Answer Match 29.4%

I'm tearing my hair out!

It's an intermittent problem and I have not yet seen a pattern.

I can work for 30 mins with no problem then phhht, the only way out is to hit the restart button on the case. Sometimes it's only minutes and then phhht.
All unsaved info is lost.

As an example I was replying to a post in this forum and it froze 4 times in the process.

After I have hit the restart button, most times it reboots normally but sometimes it says windows was unable to open and offers the safe mode.

There must be a conflict of some sort, has any body else had this problem?

Help me please before I lose the will to live!!!!

TGHC

A:Downloaded SP2 now PC is freezing

check it in safe mode
check the event log and see what is listed as a problem,you probably have some software that needs updating,have a check through this list ms put out
http://support.microsoft.com/default...t=windowsxpsp2

1 more replies