Over 1 million tech questions and answers.

Virus blocking multiple anti-spyware programs, windows update and Kaspersky Anti-Viru

Q: Virus blocking multiple anti-spyware programs, windows update and Kaspersky Anti-Viru

Hello,

Firstly thank you for your help - I really do appreciate it.

My HpCompaq laptop is infected with a virus that is blocking multiple anti-spyware software, Vista updates, and even my Kaspersky anti-virus.

1) The virus does not allow me to access websites to download anti-spyware nor access the windows update site.

2) I have downloaded the following programs on another computer, burned on CD and run on my laptop:
- Malwarebytes Anti-Malware - Installed but does not run
- Spybot - Cannot install as access to the website is blocked during installation
- AVG Anti-Virus trial version - Cannot install due to 0x8007013d - Action failed for file avgmfx86.sys

3) I have managed to run CCleaner and clear out all the temp internet files

4) The HiJack This log reads:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:59, on 14/09/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16851)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=74&bd=smb&pf=laptop" target="_blank" class="wLink">http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=74&bd=smb&pf=laptop" target="_blank" class="wLink">http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=74&bd=smb&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=74&bd=smb&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=74&bd=smb&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8- 6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [kdx] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\ REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {35B7E48B-9D81-4C6C-9578-5FD4F620D886} (InstallShield Setup Player 2K2) - http://host1.telechart.tv/tcinstall/setup.exe
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClient Control) - https://ve.ukie.capgemini.com/dana-cached/sc/JuniperSetupClient.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F3FA0A6-0480-43EC-A225-67F0BD07538A}: NameServer = 85.255.112.205,85.255.112.202
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAFEF27A-F508-40A0-8EF5-73DFE2455302}: NameServer = 85.255.112.205,85.255.112.202
O17 - HKLM\System\CCS\Services\Tcpip\..\{D730D584-7003-4F15-99C6-3A27D115AEA9}: NameServer = 85.255.112.205,85.255.112.202
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.205,85.255.112.202
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F3FA0A6-0480-43EC-A225-67F0BD07538A}: NameServer = 85.255.112.205,85.255.112.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.205,85.255.112.202
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O20 - Winlogon Notify: DeviceNP - C:\Windows\SYSTEM32\DeviceNP. dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 10703 bytes
Any help greatly appreciated! Thank you!

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Virus blocking multiple anti-spyware programs, windows update and Kaspersky Anti-Viru

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

RELEVANCY SCORE 113.6

Hello, I consider myself a fairly advanced computer user, but I'm having an issue I'm 99% sure is MalWare related. My laptop freezes CONSTANTLY, sometimes out of nowhere, and sometimes when I walk away for 5 minutes. I have tried numerous times to run AVG, Ad-Aware SE, and both freeze shortly after the scan starts (also tried in SAFE MODE). Now sometimes I can browse the we for hours, but as soon as a start a scan, install, or update, these issues are more common. I am fairly confident that this is not a hardware issue, since I've ran advanced diagnostics on them all, including BIOS. I have a HiJack This Log, and help would be greatly appreciated!

HiJackThis.log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:17:22 AM, on 9/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDO... Read more

A:Unable to Run ANY Anti-Virus or Anti-Spyware programs, Comp freezes every 5 minutes.

BUMP!

--sorry, I'm desperate.
 

Read other 3 answers
RELEVANCY SCORE 113.2

I recently downloaded PC Security Shield (supposedly a good anti virus program) and Spyware Terminator (antispyware) and noticed that their icons sometimes, do not show up in my system tray when I boot up. And it stays like that. I've had no icons for three days now...huh?

I've looked up this problem in the accompanying (Security Shield) help menu and it wasn't any help....but it basically states no icon = no protection....so what the bejeepers can I do to fix this problem?
 

A:Anti virus/anti spyware programs missing from system tray

Just a quick thought, go to start-up options and see if they are listed as due to run on start-up, if you have no suitable programme to view your start-up programmes go to run and type msconfig and check the start-up tab
 

Read other 2 answers
RELEVANCY SCORE 113.2

Please help. I am working on a network and need a corporate anti-virus program and anti-spyware programs? I know McAfee and Symantec offer something, but I know the personal editions I have had a less than nice experience. Any suggestions?

A:Need A Corporate Anti-virus Program And Anti-spyware Programs? Any Suggestions

Take a look at this Spysweeperhttp://www.webroot.com/enterprise/products/

Read other 4 answers
RELEVANCY SCORE 112.8

Sometime back I came across a list of recommended free Firewalls, Anti-Virus and Anti Spyware Programs in one of the BC forums, but I do not remember where I found it.  Would someone point me in the right direction? 
 
Thank you, I appreciate it.

A:List of Firewalls, Anti-Virus and Anti Spyware Programs

Greetings,
 
If this is what you're talking about...
 
Antivirus, Antimalware, And Antispyware Resources
 
Hope this helps!!!

Read other 5 answers
RELEVANCY SCORE 110

Hi everyone,

I have a friend wanting me to help with her computer. She runs an old Windows 98 machine that has become infested with spyware and viruses.

Webpages keep being redirected to bizrate and bizoffers and any attempt to download software such as Ad-Aware or Spybot are being denied by Bad Gateway errors.

She can't download Hijack This or do any online virus scans because she's blocked from doing so by the spyware.

Would installing the MVPS Hosts file prevent the spyware from blocking access to these sites so that we can help her?

Please help.

Thanks.

A:Can't download anti-spyware programs or anti-virus programs

It would definately be a start. Also try this:

Right click on this link http://www.greyknight17.com/spy/DelO15Domains.inf and choose Save As. Save it to your desktop. Right click on that file and choose Install. It will run immediately (you won't be able to see anything happen). You may delete it afterwards. NOTE: This script will delete any sites you may have added to the Trusted Sites. So if you want them back, you have to add them back to the Trusted Sites again.

Next thing to try, is go into Add/Remove and check for the following programs. If you struggle removing, you can reboot to Safe Mode and try again.

180 Search Assistant
180Solutions
Active alert
Ad Service
AdTools
AdTools Service
Alexa toolbar
BargainBuddy
Bullseye Networks
CashBack
cosmi
DH
EasySearchBar
Elite Sidebar
Elite Toolbar
Freeze Clip Art
GAIN
Gator
Hotbar Outlook Tools
Hotbar Web Tools
HuntBar
Internet Optimizer
ISTbar
ISTSvc
MaxiFiles
Media Access
Media Gateway
MySearch
MyWay Search Bar
MyWebSearch
NavExcel Search Toolbar
NavHelper
ncase
Oemji Toolbar
Open Site
Preview AdService
Search Toolbar (HuntBar/WinTools)
ShopperReports by Hotbar
Sidefind
SideSearch
Slotchbar
Software Update Manager
SurfAccuracy
SurfSideKick
Upspiral Toolbar
TurboDownload
VBouncer
Viewpoint
Viewpoint Manager
Viewpoint Media Player
WareOut
WeatherBug
Web Rebates
Web Search Toolbar (WinTools)
Webhancer
WhenU (any entry)
WeirdOnTheWeb
Windows AdService
Windows AdStatus
Windows ServeAd
WinTools
WinTools Easy Installer
WSEM Update... Read more

Read other 15 answers
RELEVANCY SCORE 110

Does anyone know of a good anti-virus program (also need anti-spyware) that does all the scans, updates etc. automatically? I'm helping a friend update her computer. She's just learning about things like this, and not too comfortable with the whole process. If it doesn't update automatically, the next best thing would be if it prompts her to scan on a regular basis, update when needed, and is easy to use.

Of course, if possible, a free program would be ideal, but if it does the updating automatically, she's probably better off paying for it, so we're sure it gets done.

Thanks,

Carol
 

Read other answers
RELEVANCY SCORE 110

Hi everyone,

Just an fyi regarding yesterday's Microsoft KB2823324 update. For those of you running Kaspersky Anti-Virus for Windows Workstations / Server version 6.0.4.1424 and 6.0.4.1611 you will find if you have installed the updated that you either get the message you have a corrupt database or an invalid license. This will cause Kaspersky to stop working.

For more information follow this link: Update KB2823324 - Kaspersky Lab Forum

Thanks,

Sean

A:Kaspersky anti-virus and latest windows update

Also will throw a Blue Screen at you or prompt you with a check disk every time you reboot/cold start. Just uninstall update, reboot and you should be good go. Since the backlash from it, I believe Microsoft has pulled the update.

Thanks for the heads up BSeanD.

Read other 3 answers
RELEVANCY SCORE 108.8

Hi,

I am unable to update any spyware/anti-virus programs. They all fail to connect as though i was not connected to internet. I can access internet just fine. I am able to connect to any website. I am not redirected anywhere. I have run Malwarebytes and super anti-spyware. Malwarebytes found several infections and i was able to delete.

Here is the DDS log:


DDS (Ver_09-10-26.01) - NTFSX64
Run by T E R E at 19:58:23.17 on Thu 10/29/2009
Internet Explorer: 8.0.6001.18828
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.4094.2360 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.... Read more

Read other answers
RELEVANCY SCORE 107.6

I recently got a virus that gave me a bad image error on startup and when opening any program. Also because of this virus I was not able to install any new spyware programs or update any of the existing programs I have now. I ran combofix last week and was able to get rid of a few viruses and it took care of the bad image error.
I believe there are still a few viruses or rootkits left on my machine as I still get an error anytime I try to update my spyware programs. I usually use Windows Defender, SuperAntiSpyware and AVG Free. When trying to update these I get an error saying cannot connect to the server. Also when I tried updating windows, the website will not come up. AVG has been finding a virus about every other day in the system volume information so I'm pretty sure there's still something on my system. Any advice will be much appreciated.

A:Can't Update Windows or Anti-spyware Programs

Hello and Welcome.

A Reminder....

As seen in Post #2 of our sticky topic 'NEW INSTRUCTIONS Read this Before Posting For Malware Removal Help'

Quote:




Why we don't ask you to run ComboFix from the onset

As stated by the author of ComboFix:

ComboFix is a very powerful tool which when improperly used may render your machine to a doorstop.

We first need to verify if there's any rootkits present and how they could affect our tools. DDS & GMER are preliminary scans. We use their logs to map our strategy for attack.

With these logs we can determine the infections present & decide whether to deploy ComboFix




====================

C:\System Volume Information\ is where System Restore's cache is stored. Whatever is in there can't harm you unless you choose to perform a manual restore. Restore points get flushed out and reset at the end of a malwre removal process.

====================

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After ru... Read more

Read other 1 answers
RELEVANCY SCORE 107.6

Antivirus vanished! Can't install ANY new one!Can't access microsoft and any anti virus sites (thus i cannot download or scan my computer from there)I tried to install a copy of avast pro but the set- up immediately close after opening, i also noticed a lot of programs behaving like this just like the bandmaster game from e games and Grand Theft Auto Vice City( once i opened it, it immediately closes)Tried to install that in safe mode, but the computer does not start and reboots back into normal mode.This is the content of DDS logDDS (Ver_10-11-26.01) - NTFSx86 Run by neopc10 at 19:47:12.65 on Fri 11/26/2010Internet Explorer: 6.0.2900.2180Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.353 [GMT -8:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\Acronis\Schedule2\schedul2.exeC:\WINDOWS\System32\svchost.exe -k AkamaiC:\WINDOWS\system32\svchost.exe -k imgsvcC:\WINDOWS\Explorer.EXEC:\Program Files\KGB\Mpk.exeC:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exeC:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exeC:\WINDOWS\PixArt\PAC7302\Monitor.exeC:\Program Files\... Read more

A:anti virus banished.can't install any anti virus programs, can't acces microsoft and anti virus sites!!!...

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the ... Read more

Read other 2 answers
RELEVANCY SCORE 106.8

Hi,

How I got the trojan was a popup that looked exactly like Microsoft windows security program (the one that lets you know if you have firewall/antivirus set up).

Since then, I have run spyware doctor 7 and deleted everything its found. I cannot seem to run or install malwarebyte's anti-malware or superAntispyware or Hijack. I have tried changing the .exe name and even the extension and tried installing in safe mode. I can't seem to do anything. I've run norton antivirus in safe mode and have found nothing. I was able to install CCleaner and MV reg clean if those are helpful.

The only 2 problems i can see with my computer is that
1) it plays random music or ads every 30 min or so
2) when I click on search links from google/yahoo, it brings me to strange websites such as
http://www DOT pcsecurityshield DOT com and http://networkdevices DOT cn

my computer also seems to run a lot slower also and if im watching a movie in full screen, it pops out of full screen once every 5 min or so.

Thanks!

i'm going to copy paste the results from a DSS run and RootRepeal run in case those are helpful.
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/09 11:30
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xED65E000 Size: 9830... Read more

A:Trojan blocking install of hijack and any anti mal/spyware programs

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 12/21/2005 5:48:46 PM
System Uptime: 1/9/2010 10:42:06 AM (1 hours ago)

Motherboard: DELL SYSTEM | | 0RC359
Processor: Intel(R) Pentium(R) M processor 1.70GHz | U1 | 1694/100mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 52 GiB total, 8.649 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP394: 10/9/2009 3:39:53 PM - System Checkpoint
RP395: 10/10/2009 6:33:02 PM - System Checkpoint
RP396: 10/11/2009 6:39:21 PM - System Checkpoint
RP397: 10/14/2009 7:23:17 PM - System Checkpoint
RP398: 10/15/2009 11:58:43 PM - System Checkpoint
RP399: 10/24/2009 7:16:53 PM - System Checkpoint
RP400: 10/25/2009 9:47:17 PM - System Checkpoint
RP401: 10/26/2009 11:49:31 PM - Software Distribution Service 3.0
RP402: 10/28/2009 1:11:12 AM - System Checkpoint
RP403: 10/29/2009 1:20:37 AM - System Checkpoint
RP404: 10/30/2009 12:42:38 PM - System Checkpoint
RP405: 11/1/2009 4:00:16 PM - System Checkpoint
RP406: 11/2/2009 4:01:36 PM - System Checkpoint
RP407: 11/3/2009 6:41:53 PM - System Checkpoint
RP408: 11/5/2009 12:15:49 AM - System Checkpoint
RP409: 11/6/2009 2:49:18 AM - System Checkpoint
RP410: 11/7/2009 3:11:33 AM - System Checkpoint
RP411: 11/8/2009 1:31:53 PM - System Checkpoint
RP412: 11/... Read more

Read other 1 answers
RELEVANCY SCORE 105.6

here is my dds.txt
DDS (Ver_09-05-14.01) - NTFSx86
Run by Kuma at 9:44:17.19 on Tue 05/19/2009
Internet Explorer: 7.0.6000.16711
Microsoft? Windows Vista? Ultimate 6.0.6000.0.1252.1.1033.18.3582.1554 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spo... Read more

A:Can't update anti-spyware or Windows update. Anti-spyware sites blocked

Hello killerkabutoWelcome to Welcome to BleepingComputer =====================Download OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output.Under the Standard Registry box change it to All.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.===========

Read other 1 answers
RELEVANCY SCORE 105.2

My computer has been getting progressively worse...whatever has infected my computer has blocked my anti virus from updating, and it won't even let me download a new anti virus. It redirect web sites to other advertisement sites and is slowing my computer down. Please help
 

A:Multiple viruses - blocking my anti virus

Here is the log after runnting malwarebytes
Malwarebytes' Anti-Malware 1.32
Database version: 1616
Windows 5.1.2600 Service Pack 3

23/03/2009 7:18:03 AM
mbam-log-2009-03-23 (07-18-03).txt

Scan type: Full Scan (C:\|)
Objects scanned: 113796
Time elapsed: 2 hour(s), 8 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 9
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Registry Helper (Rogue.RegistryHelper) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7c946f95-abdf-4a0d-b4ff-41104329d8ae}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.59,85.255.112.77 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{86fce15b-f56d-4783-985c-3735ed4af3e8}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.59,85.255.112.77 ->... Read more

Read other 1 answers
RELEVANCY SCORE 105.2

Hello, I'm not sure when this all started, but recently I've been having troubles in a very generalized area which has led me to believe I have contracted some kind of virus/rootkit.

When I ran a scan with ESET Antivirus 4, I tried to update the virus definitions and found I couldn't. I then tried to access www.eset.com. Firefox gives me a notification that the connection was terminated. I tried getting malwarebytes anti-malware from the official website, but that has the connection terminated as well. windowsupdate.microsoft.com redirects to google.com, but otherwise I haven't noticed much abnormal behavior. I've ran scans with ESET, Malwarebytes, A-squared, Sophos, and the Super antivirus site was terminated but I intended to try a scan with that one. Here's my hijack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:17:25 PM, on 5/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\P... Read more

A:Windows update redirected to google, anti-virus can't update, various anti-virus site connection terminated

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

Read other 2 answers
RELEVANCY SCORE 104

Windows 7 built in anti-virus & spyware programs.
Are they worth keeping?
On my XP, Avira worked just fine, along with some spyware programs.
Your thoughts.

A:Windows 7 built in anti-virus & spyware programs

There are no built in programs. There is Microsoft Secuity Essentials, which you have to download. It is very good. The firewall, which you can use, is ok. Defender will be disabled if you download security essentials, as it is no longer needed.

Read other 9 answers
RELEVANCY SCORE 104

what is best free anti-spyware, anti-virus software for Windows 8?

Read other answers
RELEVANCY SCORE 103.6

hi.. my laptop is having some problems.. when i run some programs, it encounters errors. when i try to close it via ctrl-alt-del, it doesnt work.. so when i restart, it stays on the WINDOWS IS SHUTTING DOWN.. i have to remove the battery so i can open the laptop again.. i tried using online scanner of eset but IE closes as soon as the eset page is loading.. i also tried installing hijackthis application and the window closes as well.. can you please help me..

here is the DDS.txt


DDS (Version 1.0) - NTFSx86
Run by lyzette at 18:17:44.28 on Mon 11/17/2008
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.765.357 [GMT 8:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Dualview Server\dualviewsvc.exe
C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Smart Watchdog\SWDsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\... Read more

A:Computer is blocking anti virus programs

i managed to make gmer.exe run and hijackthis as well...


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:20:53 PM, on 11/17/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Dualview Server\dualviewsvc.exe
C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Smart Watchdog\SWDsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\vsnp2uvc.exe
C:\Program Files\Smart Battery\SMBTray.exe
C:\Program Files\Wireless Select Switch\WLSS.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Atheros\ACU.exe
C:\WINDOWS\system32\wuauclt.exe
d:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no... Read more

Read other 3 answers
RELEVANCY SCORE 103.6

I managed to get some sort of virus onto my computer and could really use some help. I'm far from an expert so please bare with me. I've been looking around for a few days now to try and find a solution with no luck. My operating system is Windows XP. The main issues its causing is blocking any internet connection, anti-spyware programs and the sound will not work. When I open the Task Manager I can see the process IPCONFIG.exe continuosly appearing and then disappearing. I tried Malwarebytes only to get "Run-time Error 372 Failed to load control 'vbalGrid' from vbalsgrid6.ocx. Your version of vbalsgrid6.ocx may be outdated. Make sure you are using the version of the control that was provided with your application." That error shows up even after trying to rename the .exe file and uninstalling and reinstalling multiple times. I tried both HijackThis and RootRepeal but they will both scan for a minute and then close. I have ComboFix on my desktop but haven't run it since it says elsewhere on the forums not to. I don't really know what my next step should be. Any help is very appreciated. Thanks.

Read other answers
RELEVANCY SCORE 103.6

Hi Im new here this is my first post also my first problem

Well everything was going great no virus getting detected

I use ESET nod32, malwarebytes and SpyBot

Now my problem is that all of my protection applications wont Update

Also I can't access any protection site like Microsoft.com, Eset.com, the website of malwarebytes and Spybot
and last is that sometime (happens sometimes) computer auto shutsdown
with a timer of 60 seconds before shutdown (please save all works...)

all other applications and websites works great except for those I mentioned

HOPE u could help me if possible ASAP because I'm using my CPU for business purposes and advance thanks

sorry forgot my HJT Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:32:38 PM, on 2/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\I... Read more

A:Anti-Virus Anti-Malware and Anti-spyware not updating

Hi, welcome to TSF!

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

Read other 4 answers
RELEVANCY SCORE 103.6

Have bad infection...need best free Anti-virus, Anti-spyware, and Anti-malware software please....

THANX

Running Windows XP
 

Read other answers
RELEVANCY SCORE 103.6

Hi Im new here this is my first post also my first problem

Well everything was going great no virus getting detected

I use ESET nod32, malwarebytes and SpyBot

Now my problem is that all of my protection applications wont Update

Also I can't access any protection site like Microsoft.com, Eset.com, the website of malwarebytes and Spybot
and last is that sometime (happens sometimes) computer auto shutsdown
with a timer of 60 seconds before shutdown (please save all works...)

all other applications and websites works great except for those I mentioned

HOPE u could help me if possible ASAP because I'm using my CPU for business purposes and advance thanks

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:32:38 PM, on 2/4/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\... Read more

Read other answers
RELEVANCY SCORE 102.8

This is my first post, and although I've read the introduction thread, bare with me.I use Windows XP home edition, with Norton Anti-Virus as my AV.A few days back, I was attacked my the Antimalware Doctor Virus, and went through the steps to remove it, but, my problem didn't end there. While the program has been removed (though I am still seeing it's signature mediafixblahblah files in various places in my Registry Editor), My AV is still alerting me of various attacks upon my computer. This attacks happen about every 5-10 minutes. While they all say they were blocked, and no action is required, obviously something is wrong.I've seen two people thus far with the similar problem ( http://www.bleepingcomputer.com/forums/topic344409.html was one), but felt I should create my own thread, as it seemed that each was case specific.With the Anti-malware Doctor, I went through and deleted the files within the Registry editor (those that I found) and searched my hard-drive for any of the others, though, not all of the ones I was told to look for were found, such as the enemies-list.txt. I ended up successfully removing the program from my computer, but the other errors remained.The reports from each of the attacks are: Risk Name: HTTPS Tidserv Request 2Attacking Computer: nyewrika.in (91.188.60.21, 443)Summary: Network traffic from nyewrika.in matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM... Read more

A:Norton Anti-Virus blocking multiple attempted attacks.

Hello and welcime. I am quite certain the infection is in your router.Is this PC on a network?Run a full system scan in safe mode with the latest Norton definitions. Then unplug the network connection and reboot the computer. Does the backdoor.tidserv detection come up again? If so, then we need to search for another undetected process on your computer. Now run TDDS Killer Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.... Read more

Read other 5 answers
RELEVANCY SCORE 101.2

Hello all, I am unable to update windows, when i go to the windows update site i get redirected to msn.com. I am unable to download updates for any spware software ive downloaded except spybot-it says there are no new updates, im not sure if it ever actually updated however.With ad-aware it says - no connection to download server.With Malwarbytes it says - update failed. make sure you are connected to the internet and your firewall is set to allow malwarebytes anti-malware to access the interenet.With spware doctor it says - error downloading the list of updates. please try again laterI am unable to run live update in norton anti virus - it says unable to connect to norton live live update server. Please check your internet connection.When i search for things in google or yahoo, when i click the links i get redirected to sites such as info.com and smartbizsearch.comThose are my problems, im thinking they are all connected somehow as they are all very similar. Ive ran all the spyware programs i have listed above without updating them as i am unable to except spyware doctor, i am unable to run that one at all without first updating.I recently formatted my computer, the problems were there before and after the format.Im all out of ideas, ive always been able to fix any problems ive had until now. This is also my 1st time using hijack this so this is all new to me.Thanks in advance for any help and suggestionsLogfile of Trend Micro HijackThis v2.0.2Scan saved at 12:49:35 AM, o... Read more

A:Can't update windows/anti virus/spyware software

Hello Jimmy Farmer,This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.1. Download this file - combofix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe2. Double click combofix.exe & follow the prompts.3. When finished, it will produce a log for you. Post that log in your next reply please, along with a new HijackThis log.Note:Do not mouseclick combofix's window while it's running. That may cause it to stall.Thanks,tea

Read other 25 answers
RELEVANCY SCORE 101.2

help me please, it always failed to update my kaspersky 7and I can't open kaspersky website or other anti-virus websites, it happened after I install Bittorrent (with ask.com inside the installation)this is the log file from combo fix :ComboFix 09-01-21.04 - ExcaflownE 2009-01-28 9:41:37.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.950.1.1028.18.959.586 [GMT 8:00]執行位置: e:\downloads\ComboFix.exeAV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) * 成功創造新還原點.((((((((((((((((((((((((((((((((((((((( 被刪除的檔案 ))))))))))))))))))))))))))))))))))))))))))))))))).c:\windows\system32\dyepvfbb.dllc:\windows\system32\hjilTvut.inic:\windows\system32\hjilTvut.ini2c:\windows\system32\mcrh.tmpc:\windows\system32\tuvTlijh.dllc:\windows\Tasks\tdllnqhz.job.((((((((((((((((((((((((( 2008-12-28 至 2009-01-28 的新的檔案 ))))))))))))))))))))))))))))))).2009-01-27 17:03 . 2009-01-27 17:04 1,529,386 --ahs---- c:\windows\system32\bbfvpeyd.ini2009-01-26 17:03 . 2009-01-26 17:03 1,438,325 --ahs---- c:\windows\system32\xlpfyixj.ini2009-01-26 04:40 . 2009-01-26 04:40 <DIR> d---s---- c:\documents and settings\ExcaflownE\UserData2009-01-23 16:32 . 2009-01-25 19:34 1,4... Read more

A:can't update my kaspersky, can't browse to anti-virus website

Hello ExcaflownE and welcome to BC Please note the message text in blue at the top of the Am I infected? What do I do? forum.ComboFix logs should not to be posted outside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.If needed, we will direct you to our HJT Preparation Guide.Thank you for using BleepingComputer as your malware removal source.This topic is now closed. If you have any questions, please PM me or another Moderator.The BC Staff

Read other 1 answers
RELEVANCY SCORE 100.8

Hey guys! I hope you guys can help me out. I cant update windows 7 (error code 80072efe) or any of the various anti virus programs I have tried. Also occasionally I get a pop-up window that never loads with the address http:gugle-analytics.com.

What do you guys need?

Ian

Read other answers
RELEVANCY SCORE 100.4

First of all i would like to apologize if this topic is in wrong category, or it should not even be asked on this site. And second of all, please be patience i'm a noob looking for answers So whats all about? Well i'm meeting new terms here and i have no idea what they mean and what they do. And as anyone else i wanna be safe in this era of cyber-crime. So basically i know whats a anti-virus and a anti-spyware and that they can run together. Also i heard that 2 anti-virus don't do good but 2 anti-spyware do. So what i'm asking is, what is a anti-malware? Can a anti-malware, anti-virus, and anti-spyware run together? Could you suggest some good+free of those 3? Sorry for my bad English and being such a noob

A:Anti-malware, Anti-virus, Anti-spyware

Florin, you might take interest in this thread, though it may be quite a bit of reading: What's the Best Anti-virus?

It is there that they discuss all kinds of different antiviruses and coupled security software. I personally only use Microsoft Security Essentials, but I have used it along with Malwarebytes for added security in the past.

Basically, you could have your system completely locked down with lots of extra security, but in some cases it becomes a hassle because of how much your computer becomes protected and overly secured. If you prefer a speedy computer over security, generally you use less security software, but if it is the other way around, you will want beefier security software which may slow things down slightly. That link I've provided will have most everything you will need.

Read other 9 answers
RELEVANCY SCORE 100

can someone help me?? what kind of software I should download??
I can't update my Kaspersky anti virus or browse to the website or any kind of anti virus websites, it blocked my browser automatically
maybe I infected by this kind of spyware after installing Bittorent (that including ask.com toolbar in the installation)
many thanks for the help..

A:can't update kaspersky 7 and browse any kind of anti-virus websites

Hi and welcome to BleepingComputer The process of cleaning your computer may require temporarily disabliling some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Result... Read more

Read other 1 answers
RELEVANCY SCORE 99.6

I'm always trying to keep up with the latest and greatest anti-spyware and anti-malware programs. I use Avast as my anti-virus program and for my main anti-spyware/anti-malware programs I use:

Malwarebytes' Anti-Malware
Spybot - Search & Destroy
SpywareBlaster
SUPERAntiSpyware

I also sometimes use:

Ad-Aware
a-squared
RogueRemover

Are there any other good programs I should know about? I figure the more the better!

Thanks!

A:Are there any good new anti-spyware/anti-malware programs?

Spyware Terminator.-- Web Security Guard is included in the download but not required. After installation you will be prompted to Enable Web Security Guard Toolbar. This browser add-on (similar to Site Advisor) is enabled by default so be sure to uncheck the box if you do not want it installed. If you install WSG by mistake, it can easily be removed later via Add/Remove Programs in Control Panel.-- If you already have an anti-virus application, there is no need to install the optional Clam AntiVirus integration. ClamAV does not have a real time scanning engine but you can integrate it into ST's Realtime Shield to include virus scanning support.However, you can overkill your system with resource heavy security programs that will drain your resources and slow down performance. Sometimes you just have to experiment to get the right combo for your particular system as there is no universal solution that works for everyone. mvps.org is no longer recommending Spybot S&D or Ad-Aware due to poor testing results. See here - (scroll down and read under Freeware Antispyware Products) Further, most people don't understand Spybot's TeaTimer or how to use it and that feature can cause more problems than it's worth.While not free, I recommend using Malwarebytes Anti-Malware and taking advantage of the Protection Module which uses advanced heuristic scanning technology to monitor your system and provide real-time protection to prevent the installation of most new malware. This technology... Read more

Read other 10 answers
RELEVANCY SCORE 99.6

Recently, I noticed that my AVG anit-v program would not update, even tried the manual update, no success...so I uninstalled and reinstalled, same problem. I even went as far as downloading a completely different anti-v program (Avast) and I am having the same problem??? I am sooo upset! And, to make matters worse, now my Adaware program is giving me an error upon updating also! I've uninstalled and reinstalled it too, same problem. What is going on? Why am i having these issues with only these security programs?

Just to be sure, I have visited the online scanner (housecall) by PCCillin (clean) and downloaded and ran the avast tool from www.download.com (clean).

If anyone has any clue as to what the problem may be, pls advise...it is beyond me.

Somebody pls help!
 

A:Cannot update anti-v, spyware, & various programs?

Welcome to TSG

Please download Hijackthis Here
Let it Place Hijackthis in C:\Program Files\Hijackthis
Open Hijackthis
Click on Do a System Scan and Save log file
Don't Fix any Items!!!
Just copy and paste the contents of the log file to your reply.
 

Read other 3 answers
RELEVANCY SCORE 99.6

I have a computer that belongs to a friends kids. XP Home with SP2 installed. Has Morpheus and that kind of stuff on it. Runs very sluggish. Trying to clean it up.

Ran msconfig -- got a lot of crap to stop loading.
Ran SpyBot, AdAware, MS Anti-spyware, Norton Anti-Virus, AVG Anti-Virus. Got rid of about 30 virus and about 100 spyware programs and crap. Still runs slow.

The main issue at this point is -- then I try to update either AdAware or SpyBot -- computer freeze while trying to connect to their update server. Same thing happens with AVG and Norton.

I can connect to the internet and do Windows updates and MS Anti-Spyware updates. So I'm guessing something is still running somewhere. Task Manager shows no applications running, but lots of processes that don't look familiar.

Also when going to "Add or Remove Programs" in Control Panel, the list of programs installed will usually not "populate".

Any Suggestions ??
 

A:Can't Update Anti-Spyware Programs

Hi,

Suggest you go to the Security forum in these forums. There's a Sticky thread there named "Security Help Tools" with instructions for installing and running HiJackThis. Post your log there and I'm sure one of the resident gurus will be along son to assist you.
 

Read other 2 answers
RELEVANCY SCORE 99.6

I'm running Windows XP.

About a week ago I got a virus, I believe it was called Antivir Software Pro, that claimed my computer was infected and I needed to give them money to fix it. That virus blocked websites and all other anti-virus programs from being downloaded, installed or used. My friend tried to wipe my computer and re-install Windows, but the virus stopped that as well. It wouldn't let me re-install windows claiming it couldn't find a harddrive.

We finally got Malwarebytes to run in safe mode and and then Spybot. It helped some, I can reach websites now. However it's gradually getting worse again. I get re-directed to other sites, some sites are becoming blocked again and I can no longer run any anti-virus software.

Any help would be greatly appreciated. I am not very good with this stuff, but I can get a hijack this log if that helps. I would mainly just like to wipe and start fresh.

Read other answers
RELEVANCY SCORE 98.8

I have at least 2 anti virus programs installed on my pcsymantec and avg freecan this be the source of its insanity?how many anti virus programs are good to run at the same timewhich one should I remove? if anyEdit: Moved topic from XP to the more appropriate forum. ~ Animal

A:multiple anti virus programs

You should only use one anti virus program, I would dump the symantec to be honest, it's a bit of a system hog.I have used Avast for a long time and have had no cause for complaint at all. There is a tutorial here at Bleeping Computer if you would like to take a look. How to Install, Configure, and Use Avast Antivirus.

Read other 6 answers
RELEVANCY SCORE 98

Hi,

I have just spent two nights removing the "Fake System Restore" virus from my girlfriends laptop
by following the guide on this site, so a big thankyou to whoever wrote the guide.

Now I want to make sure her laptop is protected as well as I can with free software.

I have installed; AVAST anti virus, Zone Alarm firewall and MalwareBytes onto the laptop,
but I now wonder if there are any other reccomended programs that I should install
to help avoid spyware, malware and viruses?

Thanks in advance,

Mark

A:Which are the best Anti Spyware and Anti Malware programs?

I recommend taking advantage of the Malwarebytes Anti-Malware (Pro) Protection Module in the full version which uses advanced heuristic scanning technology to monitor your system and provide real-time protection to prevent the installation of most new malware. This technology runs at startup where it monitors every process and helps stop malicious processes before they can infect your computer. Keep in mind that this feature does not guarantee something will not slip through as no product can detect and prevent every type of malware. The database that defines the heuristics is updated as often as there is something to add to it. Also keep in mind that Malwarebytes does not act as a real-time protection scanner for every file like an anti-virus program so it is intended to be a supplement, not a substitute. IP Protection (malicious website blocking) is part of the Protection Module and works after it is enabled. When attempting to go to a potential malicious website, Malwarebytes will block the attempt and provide an alert. IP Protection is also designed to block incoming connections it determines to be malicious. Enabling the Protection Module feature feature requires registration and purchase of a license key that includes free lifetime upgrades and support. After activation, Malwarebytes can be set to update itself and schedule scans automatically on a daily basis. The Protection Module is not intrusive as the program utilizes few system resources and should not conflict wi... Read more

Read other 5 answers
RELEVANCY SCORE 97.6

Running Windows XP, Home Edition, Version 2002, Service Pack 3, MSI Motherboard, 512MB Ram, Pentium 4 - 2.4GHz CPU.I used to have Spybot, but after some point whenever I tried to run it the computer would reset. Now, I've gotten a few messages from Windows Defender that there is a trojan on the computer. I can run a quick scan and remove what shows up, but when I try to run a full scan, the computer resets. I try to scan the computer with McAfee anti-virus, I can run a quick scan no problems, but when I try to run a full scan, the computer resets. I know there is at least 1 trojan/virus, but any program I try to run to get rid of the problem makes the computer reset. The latest software I installed is a-squared, and I can do a quick scan and find/fix a few problems, but when I do a full scan (in safe mode as administrator) a message pops up saying that the computer is going to shut down, NT AUTHORITY/SYSTEM.Please help before I tear out what's left of my hair.Pasted and attached.DDS.txt============DDS (Ver_09-01-07.01) - NTFSx86 NETWORK Run by Administrator at 22:34:33.51 on Fri 01/16/2009Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.175 [GMT -5:00]============== Running Processes ===============C:\WINXP\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINXP\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:�... Read more

A:Multiple Trojans, PC resets when full-scan anti-virus or anti-malware is run

Hello AdamLinn13Welcome to Bleeping Computer. =====================Please re-open Hijackthis and click on "Do a system scan only"Then place a check mark next to these entries below:R3 - Default URLSearchHook is missingO2 - BHO: CMVideoPlugin - {08DEA348-F510-45FD-A6EC-CF3BE0917C5E} - C:\WINXP\system32\CMVideo.dllO2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dllO4 - HKLM\..\Run: [Framework Windows] frmwrk32.exeO4 - HKLM\..\Run: [Rrokuwip] rundll32.exe "C:\WINXP\Gxizahopira.dll",eO4 - HKLM\..\Run: [Ngewok] rundll32.exe "C:\WINXP\exufijocifalut.dll",eO18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dllNow click on Fix Checked and then close Hijackthis.====================================================Download ComboFix from one of these locations:Link 1Link 2Link 3* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine be... Read more

Read other 90 answers
RELEVANCY SCORE 97.6

hello e1, is it ok to use more than one anti-virus programs on one pc. if so, please recommend some good combinations. tyvm . i have windows 7 home premium
 

A:Solved: using multiple anti-virus programs

Read other 7 answers
RELEVANCY SCORE 97.2

Camera Wizard not poping up after removing Total Security/Antivirus Pro_2010 I have a PC with Windows XP SP3 with Avast, SuperAnti-Spyware and MBAM while browsing I got a yellow virus warning (something win32 I believe) from Avast pop up near the bottom tray and within seconds the Total Security pop-ups started. My PC slowed to a stop so I rebooted and saw that Antivirus Pro_2010 had installed itself on my PC. All my Anti Virus programs would not start (ie MBAM) so I ended up following forums to end some processes, delete some .dll files that were known to be malicious and rename the .exe's to get Anti Virus programs to run. I installed and used AVG which found a couple things. Then I used ComboFix, and finally I got MBAM to run which found a good 40+ trojans etc. I believe I got the virus off but I tried to restore to before I got the virus but was unable to. I have since run scans with MBAM and SuperAnti-Spyware which have found nothing. Avast also finds nothing but it has a list of 44 files (mostly in WINDOWS\ folder with the last path part of file doubled) that it is unable to scan: because "The system cannot find the specified path". When I look on my C: drive and follow the file path, the second to last part is always missing (ie. WINDOWS\addins\addins) addins is not there. When I plug in my camera, the camera wizard does not pop up anymore as it use to before I had and removed the virus. I also saw on the unscanable list that there was a WINDOWS\Connecti... Read more

A:Help to remove Total Security and Anti-Virus Pro_2010 rogue anti-virus programs

Can someone please help me?
 

Read other 1 answers
RELEVANCY SCORE 96.4

Hello,

I have a problem that is far beyond my limited skills. One of our people has a laptop that has either malware or a virus infecting it. Two symptoms are present: first, when using firefox web pages get redirected to advertising or to unrelated google searches; second, the machine seems more sluggish than usual.

I have tried to download anti-spyware software (e.g. Spy Sweeper, CounterSpy, MalwareBytes, Superantispyware, PC Doctor) and nothing works. In some cases such as Counterspy and PC Doctor, the executable will run but the program will not update (and thus, not allow for a scan). In other cases such as MalwareBytes, the executable simply will not run.

I have run a Trend Micro anti-virus scan. It seems to detect something but it crashes before the scan can complete. The same thing happens with Panda Activescan. Last night, I ran Panda Activescan for over 8 hours. When I woke up, the scan had frozen at the 52% point and had found 1 infected file, which it didn't appear to clean up.

Anyway, I'd really appreciate any help.
Best regards,
Jordan

A:HELP! -- Anti-spyware / Anti-virus doesn't work; malware crippling our machine

Uninstall all of the programs but Super Antispyware, Trend Micro and MalwareBytes AntiMalware.Find the MBAM.exe and rename it BAMM.com by right clicking on the file and choosing rename.Download the manual updates for MBAM from the link below. Double click on it to install. http://www.malwarebytes.org/mbam/database/mbam-rules.exeINSTRUCTIONS FOR USING MBAM:http://www.bleepingcomputer.com/forums/ind...t&p=1100727

Read other 1 answers
RELEVANCY SCORE 96.4

Hello!

I've been doing a springclean for my PC, and I would be grateful if someone would check my hijack this log for problems.

I've run all of my anti-spyware and AVG programes first. But, I have a question: after my programes have scanned for problems and put all the bad stuff into quarentine, do I need to do anything else with them?

I'm not sure if I should be trying to find ways of removing trojans etc. or if it is ok to just leave them in the quarentine area indefinatly.

Thanks for your help!

-------------

Logfile of HijackThis v1.98.2
Scan saved at 13:43:41, on 24/04/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\AntiVirusKit\AVKService.exe
C:\Program Files\AntiVirusKit\AVKWCtl.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\pctspk.exe
C:\Program Files\AntiVirusKit\AVKPOP.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\WINDOWS\System32\ctfmon.exe
C:\freeserve\freeserveconnectionkit\atdialler1.exe
C:\Pro... Read more

A:Solved: A hijack this log, and a quick question re: anti-spyware and anti-virus programes

Read other 7 answers
RELEVANCY SCORE 96.4

According to a story at Washingtonpost.com, the latest definitions for Microsoft's Anti-Spy flags Symantec's Norton Antivirus as a trojan and prompts users to delete essentials of the program. Users who follow the instructions hose their installation of Norton, requiring Windows registry edits and complete removal/reinstallation of Norton.

Microsoft's support forum is filling up with complaints, many from businesses that have been hard hit. This should be a cautionary note about deploying beta products in production environments.
 

A:READ!!!Microsoft Anti-Spyware Deleting Parts of Norton Anti-Virus

Read other 8 answers
RELEVANCY SCORE 96.4

Good morning everyone,
Frequent visitor, first time poster of this forum. I want to thank anyone in advance for committing any amount of time to my problem. I'm hoping someone has some experience with this issue. Allow me to explain:

Yesterday, I woke-up my computer and opened up my browser (I use Google Chrome). As soon as I clicked to open the browser, I noticed a Windows Explorer Pop-up. I have attached a picture of what this box looks like, but to describe it for those who are not able to open the attachment: The windows header said "Mod Info" and the Content said "BC LOADED" the only available options for me to click were "OK" or the "Close" button at the top right. Without clicking anything the box then disappeared and Google Chrome opened as usual. This behavior was unexpected, I've never seen this before. Worrying I had some kind of Spyware or Malware, I decided to try running my AV program. I use Avast Free.

I went to look for the process in the hidden icons list on my taskbar, where it usually resides. I didn't see it there, which was concerning. I tried running the program from the start menu, but after clicking it, nothing opened. This was also a red flag that something must be wrong. So I decided to try and run Malwarebytes Anti-Malware. This program would also not open when prompted.

I decided to scan google for my symptoms to look for recommended fixes. Several tech support forums suggested to those who presented simil... Read more

A:Anti-Virus/Anti-Malware Programs Blocked Even in Safe Mode

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Press the Windows "logo" key and "R" key then copy/paste the following into the Run box and click OK:

%temp%\dds.txt

A text file should open. Please copy/paste the contents of that file in your next reply.

------------------------------------------------------

Read other 14 answers
RELEVANCY SCORE 96.4

Good morning everyone,
Frequent visitor, first time poster of this forum. I want to thank anyone in advance for committing any amount of time to my problem. I'm hoping someone has some experience with this issue. Allow me to explain:

Yesterday, I woke-up my computer and opened up my browser (I use Google Chrome). As soon as I clicked to open the browser, I noticed a Windows Explorer Pop-up. I have attached a picture of what this box looks like, but to describe it for those who are not able to open the attachment: The windows header said "Mod Info" and the Content said "BC LOADED" the only available options for me to click were "OK" or the "Close" button at the top right. Without clicking anything the box then disappeared and Google Chrome opened as usual. This behavior was unexpected, I've never seen this before. Worrying I had some kind of Spyware or Malware, I decided to try running my AV program. I use Avast Free.

I went to look for the process in the hidden icons list on my taskbar, where it usually resides. I didn't see it there, which was concerning. I tried running the program from the start menu, but after clicking it, nothing opened. This was also a red flag that something must be wrong. So I decided to try and run Malwarebytes Anti-Malware. This program would also not open when prompted.

I decided to scan google for my symptoms to look for recommended fixes. Several tech support forums suggested to those who presented simil... Read more

Read other answers
RELEVANCY SCORE 96.4

My subscription for Macafee ran out and I never got around to downloading AVG or some other antivirus freeware on my netbook. I experienced some obvious signs of a virus/malware not long after (I would do a google search on Chrome and would get redirected to some very odd sites when I clicked on something safe-looking). So I attempted to download AVG and others with no luck. I then restored my system to an earlier date hoping this would be good enough to remove whatever virus/malware was affecting it. No such luck as I am still unable to download said freeware (although now I am able to surf the net with no issues). So, I happened across your lovely website and am crossing my fingers that you may be able to save the day!

Thanks so much for your time!

Here is the following info you request with each new post...
From Hijackthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:51:14 AM, on 11/9/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe... Read more

A:I cannot download anti-virus or anti-malware programs...(logs included)

I solved it.

Used ninite.com in safe mode to download AVG and Spybot. Rebooted. Ran both of them. Still couldn't download Malwarebytes. Ran online scanner from Microsoft. Rebooted. Was able to install Malwarebytes. Ran it. System is clean now.
 

Read other 1 answers
RELEVANCY SCORE 96.4

How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)





Quote:
If your PC is infected with the Win 7 Anti-Spyware 2011 malware or something similar, you?ve come to the right place, because we?re going to show you how to get rid of it, and free your PC from the awful clutches of this insidious malware (and many others)
Win 7 Anti-Spyware 2011 is just one of many fake antivirus applications like Antivirus Live, Advanced Virus Remover, Internet Security 2010, Security Tool, and others that hold your computer hostage until you pay their ransom money. They tell you that your PC is infected with fake viruses, and prevent you from doing anything to remove them.
This particular virus goes by a lot of names, including XP Antispyware, Win 7 Antispyware, Win 7 Internet Security 2011, Win 7 Guard, Win 7 Security, Vista Internet Security 2011, and many, many others. It?s all the same virus, but renames itself depending on your system and which strain you get infected with.


Source ...

A:How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)

Thanks for the information. I hope I never have to use it.

Read other 2 answers
RELEVANCY SCORE 96.4

Hello All,I am not able to update my Zone Alarm Internet security suite for some weeks now. I was directed here from the Zone Alarm Forum. Although I can browse through most of the websites, I am not allowed to access Zone Alarm update, Microsoft update. I also tried http://www.malwarebytes.org/mbam.php and also http://downloads.superantispyware.com/down...AntiSpyware.exe but was denied access both on IE and FirexFox.Further Filemon and RootkitRevealer do not work any on my machinePlease help.Thanks

A:Unable to access Anti-virus updates / Anti-spyware website

Thanks guys,
All problems solved Thanks to SuperAntiSpyware.

Read other 2 answers
RELEVANCY SCORE 96.4

I have just finished with my original support and probably have to reformat. However, I would like to find out what is going on or at least in some contribute to helping someone in the future so I have come here.Despite good computer hygiene, Adaware, Spybot, McAfee-now Kasperskey, CCleaner, HijackThis, updating (wondering if this might have brought in some problems), and Zone Alarm firewall, I have problems which I first noticed when I was hijacked from Paypal. This showed on my first HJT scan but disappeared without treatment shortly thereafter. My antivirus, etc., have been disabled although they LOOK as if they are working but don't so much as find a cookie anymore--except for CCleaner. Spybot doesn't find About:Blank but it showed up on the browser scan. I tried to delete it and it doesn't show on any scans but I still see it fly by the bottom of my screen as IE pages are loaded. When I go to my history or temporary files, when I can see them, they are mostly ad pages. I have tried all the usual CWShredder, etc., and they don't find anything.MWAV is the only scan that has shown much. When I submit some suspicious files from comboscan to either VirusScan or Jotti, more often than not they jam VirusScan and I get error messages from Jotti that it is either the wrong stream or the file is empty. Sometime the folders are empty. I have tried to rename them but many times I am not allowed. Sometimes when I explore I can see the folders have information but when I go... Read more

A:Anti-spyware & Anti-virus Disabled, Keylogger, Hijack, Worms

Download this program:submit files packerHighlight the files listed below in bold and right-click and selecting copy.C:\WINDOWS\zts2.exeC:\WINDOWS\system32\vcmgcd32.dllC:\WINDOWS\system32\iifgfgf.dllC:\WINDOWS\rundll16.exeC:\WINDOWS\rundl132.dllC:\WINDOWS\logo1_.exeC:\WINDOWS\system32\TASKMGR.COMC:\WINDOWS\REGEDIT.COMC:\WINDOWS\system32\T.COMC:\WINDOWS\R.COMC:\WINDOWS\system32\tmp.regThen start the file packer program and right click in the white box and select paste to paste the copied file names in the field.Then press the Continue button.I will create an archive with these files and a small log on your Desktop that starts with a name like requested-file[date].cab.Rename this file to yourmembername.cab (for example grinler.cab).Then go to:http://www.bleepingcomputer.com/submit-malware.phpand fill in the required fields and browse to this file on your desktop. Finally click on the Send File button.

Read other 54 answers