Over 1 million tech questions and answers.

Computed infested with Trojans

Q: Computed infested with Trojans

I just want to say know next to nothing about computers. I have symantec and run scans about every other day. It was fine yesterday. Out of nowhere earlier tonight symantec popped up and said I had 15 trojans. Ran it in save mode and it said the same thing. I downloaded malware bytes it found 5 trojans. I downloaded spybot search and destroy it found a few cookies, no trojans though. Each of the scans said "no possible fixes at this time" about the trojans.Now, I'm not getting redirections, pop-ups, and I haven't noticed my laptop running slower or anything like that, so Im not sure whats going on.Anyway, I saw some forums say this is a good resource. So I ran it and I've attached my log. Thanks.Sorry, here is the loganyone?EDIT: Please be patient. There are over 290 unanswered topics in this forum at present and the current average wait time to receive help is 9 days. ~Budapest

RELEVANCY SCORE 200
Preferred Solution: Computed infested with Trojans

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Computed infested with Trojans

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.Download DDS:Please download DDS by sUBs from one of the links below and save it to your desktop:
Download DDS and save it to your desktop

Link1
Link2
Link3

Please disable any anti-malware program that will block scripts from running before running DDS.

Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear:
DDS.txt Attach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyinformation and logs:In your next post I need the following

.logs from DDSlet me know of any problems you may have hadGringo

Read other 3 answers
RELEVANCY SCORE 61.2

Im having a tough time with the trojans who have made their way into my computer(win xp). My AVG shield is constantly throwing up warnings for these but the program doesn't find or remove. Here's some of them: Downloader.rameh.f downloader.rameh.g downloader.funweb.a downloader.onenet.e
I can hardly type a line or two before these pop up.
My yahoo messenger suddenly starts rebooting my whole machine when I open it.
What can i do? I have run alot of popular software to get rid of these things such as:
AVG
SpyHunter
HiJackthis
Ewido
TrojanHunter

Thanks So much for your time and info, Carol Davison ([email protected])or AOL IM: ReDDDMane
 

A:infested with trojans and God knows what else!

Go to www.spywareinfo.com/~merijn/files/HijackThis.exe Click on the Hijackthis.exe.

Click the "Scan" button when the scan is finished the scan button will become "Save Log" click that and save the log.

Go to where you saved the log and click on "Edit > Select All" then click on "Edit > Copy" then Paste the log back here in a reply.

DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required. Someone here will be glad to advise you on what to fix.

*Note: When you download Hijack This Do Not download it to a temp folder or to the desktop. Create a permanent folder somewhere like in My Documents and name it Hijack This and put it in that folder.
__________________
 

Read other 1 answers
RELEVANCY SCORE 61.2

I need serious help. 3 days ago my sister went to a website that I'm assuming downloaded a lot of trojans. My pc kept freezing so I was trying to do some security scans. When I tried all of them would lock up except Kaspersky Internet Security. So I assumed the trojan was stopping my security programs so I rebooted in safe mode and did a ton of scans. First Kaspersky found 9 infections and got rid of them. Malwarebytes AntiMalware found 10 and deleted. Panda active online scan found 1 and deleted. Eset online scanner found 2 and deleted. Bitdefender online scanner found none. F Secure scanner found none. SuperAntiSpyware found none. Adaware found 1 and deleted. Spybot found 2 and deleted but one kept coming back when I rescanned.I scanned again with all of them and Malwarebytes antimalware found 3 more infections. I know a little thing about computers and I assummed it was a trojandropper. After more scans it seemed like my pc was clean so I rebooted in normal mode and had the same problems. My security programs would not start or was very very slow to start. I forgot to mention that I actually got a popup from a rogue program in safemode when I was scanning. Internet speed was normal. I did some scans in normal mode and found nothing. I tried every safe scanner I could find. My current installed programs are Kaspersky,Malwarebytes Anti Malware,Adaware and Spybot search and destroy. I have superantispyware free edition and trojan remover installed. Yesterday Malwarebytes foun... Read more

A:Infested with trojans. Need help

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructio... Read more

Read other 2 answers
RELEVANCY SCORE 60.8

Hi! I've been telling my husband for months that using Ares P2P sharing and streaming online movies from 1channel.ch is going to cause his computer to be full of viruses and what do you know?! He wasn't even using a virus detection software!!! IDIOT! lol Anyways... so when I downloaded MSE and did a scan I wasn't surprised to see the Trojans found on his device. My question is HOW do you rid the computer of these viruses that seem to be cleaned by MSE and then always pop back up... Here is the name of just ONE of the Trojans: Trojan:Win64/Sirefer.B. Any help in cleaning his system will be GREATLY appreciated. 

A:Computer Infested with Trojans

Hello I moved this from WIN 7 to Am I Infectedlets run these and see how it is after.Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:•Flush DNS•Report IE Proxy Settings•Reset IE Proxy Settings•Report FF Proxy Settings•Reset FF Proxy Settings•List content of Hosts•List IP configuration•List Winsock Entries•List last 10 Event Viewer log•List Installed Programs•List Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.Note: When using "Reset FF Proxy Settings" option Firefox should be closed.>>>>>Please Download TDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive)Do not change the default options on scan results.Please download AdwCleaner by Xplode onto your desktop.•Close all open programs and internet browsers.•Double click on adwcleaner.exe to run the tool.•Click on Delete.•Confirm each time with Ok.•You will be prompted to restart your computer. A text file will open after the restart.•Please post the contents of that logfile with your next reply.•You can find the logfile at C:\AdwCleaner[S1].txt as well.>>>>Now I'd like us to scan your machine with ESET OnlineScan1.Hold down Control and click on this ... Read more

Read other 9 answers
RELEVANCY SCORE 60.8

Hi
Its been more than a week my PC is acting crazy. Random text is being typed on its own in textfields and wherever the cursor is. Also its not possible to type some letters for example when you press 'l' the pc logs off.. press 'm' and all windows minimizes... press r and run command opens up and many more. The number keys dont work now and the system is too slow or hung most of the time.I cant type anything on my pc now. Please help. I am typing this from my friends computer.

I scanned my computer using A-Squared Antimalware first and it caught some virus called trojan.generic just the first time. Later on the scans came up with no infections even though my computer was still acting weird. Then I scanned them with Malwarebytes AntiMalware and it also caught some viruses the first time like trojan.dialer.. trojan.DNSChanger and Trojan.Agent. Later all the scans came clean. Its become really unbearable now. I just dont know what to do . Should I go for HijackThis?

Any help would be highly appreciated.Please do help.

Thank you
cheerios121

A:Computer infested with trojans.Please help!!

Did you try SAS?SAS, may take a long time to scanPlease download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.
FirstReboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu w... Read more

Read other 1 answers
RELEVANCY SCORE 60.8

DDS:
DDS (Ver_09-12-01.01) - NTFSx86
Run by Brian at 15:01:37.17 on Wed 12/30/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.38 [GMT -5:00]

AV: The Shield Deluxe Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Brian\Desktop\virus removal\dds.scr

============== Pseudo HJT Report ===========... Read more

A:Trojans are infested on my computer! HELP!!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner ... Read more

Read other 2 answers
RELEVANCY SCORE 60.8

Hi everyone, this is my very first post on this website. It appears my system has been invaded by annoying blinking caution signs in my toolbar as well ads for trojan removal programs that do not seem legit. The problem started just today when I tried to download an active x component. In the meantime I have tried running some of my spyware cleaner software but have had litte to no success. The blinking symbols on the toolbar still remain as well as the popup ads for the bogus software. Can anyone help me rid my system of these problems. Any info is greatly appreciated . Thanks
 

A:Please Help.My system has been infested with trojans!

This is what my latest hijacklog looks like. I really did'nt want to delete anything before one of the more experienced techs had a look at it.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:42:47 AM, on 1/17/2001
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW... Read more

Read other 2 answers
RELEVANCY SCORE 60

I really need help with this one.....I have like 6 trojans on my IE 8. I have tried all types of registry cleaners and spyware removals, when removed, they disable IE8, when I put IE8 back to default, they come back, can amyone help me figure out what to do? Should I install a new browser like foxfire or try to repair IE8?Edit: Moved topic from XP to the more appropriate forum. ~ Animal

A:Internet explorer is infested with trojans

Hello and welcome. Firefox is a more secure browser. As I do not know exactly what you have tried I suggest we start here.Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selecte... Read more

Read other 1 answers
RELEVANCY SCORE 60

My computer is infested with what i believe is trojans or some other type of viruses. Ultimate cleaner 2007 somehow got downloaded onto the computer and its obviously a virus. There are also other fake spyware cleaners that got downloaded. And when i click on start, "control panel" is no longer there, so i cant even go in and remove them myself. Heres is my hijackthis log, so if anyone can please help, that would be awesome! Thanks.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:10:59 PM, on 9/14/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\explore.exeC:\WINDOWS\system32\svchost.exec:\PROGRA~1\mcafee.com\vso\mcvsrte.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\svchost.exec:\PROGRA~1\mcafee.com\vso\mcshield.exeC:\WINDOWS\Explorer.exeC:\WINDOWS\BCMSMMSG.exeC:\Program Files\Dell\Media Experience\PCMSer... Read more

A:Help With Hijackthis Log, Computer Is Infested With Trojans!

Welcome to the BleepingComputer HijackThis Logs and Analysis forum Flyinlowsup My name is Richie and i'll be helping you to fix your problems.Your pc is extremely badly infected to say the least,among the nasties vtr.dll is present which is a Backdoor Trojan A Backdoor is a software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user's knowledge. A Backdoor compromises system integrity by making changes to the system that allow it to by used by the attacker for malicious purposes unknown to the user.They are typically installed without user interaction through security exploits, and may allow an attacker to remotely control the infected machine. Such risks may allow the attacker to install additional malware and use the compromised machine to participate in denial of service attacks, spamming, and bot nets, or to transmit sensitive data to a remote server. The malware may be cloaked and not visible to the user. These risks severely compromise the system by lowering security settings, installing 'backdoors,' infecting system files, or spreading to other networked machines.If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums. You should consider them to be compromised. They should be changed by using a different computer and not the infected one,if not an attacker may get the n... Read more

Read other 22 answers
RELEVANCY SCORE 59.2

I sometimes visit Myspace and whenever I even view a page it seems my computer slows down or has other minor problems, and no antivirus/spyware programs pick anything up. I have an account but I don't even need to log in. I know I can just not visit but I'm looking to start a local group and this seems like the only way to do so in this particular case. Is there a way to prevent this other than having the best protection software? Has anyone else experienced this? I have a hardware firewall, Norton suite, and Adaware and Spybot S&D and am going to upgrade to better protection. Thanks!
 

A:Is Myspace infested with viruses, spyware, trojans, etc.?

Read other 10 answers
RELEVANCY SCORE 59.2

I am totally overrun and no amount of spyware blaster, spybotting or adaware can get rid of it. Nor can any of my virus progs. I am absolutely at my wits end! My system is so slow and I just want to cry! Please help me!

I'm running XP Home if that makes any difference.

Logfile of HijackThis v1.97.7
Scan saved at 10:07:23, on 21/07/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\LckFldService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\gsicon.exe
C:\WINDOWS\System32\dslagent.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program... Read more

Read other answers
RELEVANCY SCORE 59.2

A friend ask me to look at her troubled computer. She was hit by MalwareProtector2008/Antivirus2008 and signed up for and paid for 2 years of protection with her credit card--she said then the popups started. She did not have updated antivirus protection. She had downloaded almost every free ware you can find ie .. games, music. When I turned it on, the popups were so massive that it was impossible to process anything. I could not do a Microsoft Update. I uninstalled all the free downloaded programs that I could find in ControlPanal, AddRemovePrograms. Then,went into safemode and deleted every free download I could find. I used msconfig to stop everything that was not necessary in the Startup and Services. I installed an unused copy of NAV2007. After it finally installed and updated it found numerous virus, trojans, adware and it removed many. It found MalwareProtector2008, Downloader trojan, MSJaun, av2009, Vundo(and its varients). Vundo kept returning because vundo seemed to have an open port and control of the pc any time IE7 was started. I read topics on "bleebingcomputer" and tried some of the hints to remove vundo, ran various programs ie: Norton's FxVundo, FxVundoB, UnHookExec(vundo had control of the registry). Lavasoft's Ad-aware, Spybot, Microsoft Defender, Malwarebytes' Anti-Malware, liveOneCare scan,Trend's Rootkitbuster, many times over(updating the software as needed. After the last time I ran Defender the WindowsUpdates took off and a... Read more

A:Various Malware, Trojans, And Adware Infested Computer

Hello would you please post the latest scan log of Malwarebytes. Here are the full instructions if needed.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and cont... Read more

Read other 1 answers
RELEVANCY SCORE 59.2

Thank you again DASOS for your help I've followed the prep guide before posting the log on this comp as well, here is my HijackThis log.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:55:50 PM, on 12/9/2007Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Support.com\bin\tgcmd.exeC:\Program Files\Java\j2re1.4.2_03\bin\jusched.exeC:\Program Files\Analog Devices\SoundMAX\SMTray.exeC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeC:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\PDF Complete\pdfsty.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\System32\igfxtray.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exeC:\... Read more

A:Infested With Trojans, Adware, Data Miner, Etc.

Hi again! I also need to see a different type of log from Hijackthis: Run Hijackthis.Click on "Open the Misc Tools section".Next click on "Open uninstall manager".Press the button 'save list'. It will open a Notepad file.Place the content of that file here in your next reply.Stelios

Read other 9 answers
RELEVANCY SCORE 59.2

My computer is infested with trojans and malware, my CD ROM is no longer reading any CD's, pop ups are everywhere, and this morning I turned on my computer and all my icons are no longer there I had to wait until a pop up came on so i could use the internet explorer in hopes you guys have replied and still no luck, i really hope one of you can help me get my computer back.
Here is my Log.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:51, on 2008-02-24
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\MESSEN~1\Msmsgs.exe
C:\WINDOWS\SCURIT~1\regedit.exe
C:\Documents and Settings\Owner\Application Data\?ymbols\regedit.exe
C:\Program Files\NoDNS\NoDNS.exe
C:\Documents and Settings\Owner\Desktop\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\RABCO\X_RABCOse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCU... Read more

A:Infested with Trojans/Malware/Popups. CD ROM not running. Help.

Read other 16 answers
RELEVANCY SCORE 58

I am running XP Home on an HP laptop (1.47GHz, 2GB, 80GB HDD) and use Norton Internet Security 2008 for virus protection and Spyware Doctor for spyware, malware, etc. I also run Windows Defender.

My computer "caught" these bugs sometime within the past couple of days, as I have seen its' performance decline steadily. Upon startup, the computer will load the desktop, start menu, and some of the taskbar, but stops short and hangs when loading the notification area icons. I've waited for as long as 20 minutes before shutting the computer down manually and trying again. I am unable to run any programs from the desktop as normal, having to resort to running XP in Safe Mode with Networking in order to follow the procedure as outlined on this site.

Admittedly, I did try a number of other options attempting to locate and/or clean the problems, hence have several other anti-spyware programs, etc. installed but not active. Spyware Doctor's full scan discovered the trojans: Trojan.Lowzone.a, Trojan.PWS.Tanspy, Trojan.Nircmd, and Trojan.Generic. Even though Spyware Doctor "cleaned" the "bugs" they continued to show up in subsequent scans, on Spyware Doctor as well as Spybot, AVG (ex-Ewido), etc. When following another set of steps suggested on a site found during a Google search of my problem specifics, I loaded and attempted to run Combofix, which stopped working and then kept popping up with an error message that it was not a Windows application. ... Read more

A:XP laptop infested with trojans: Lowzones.a, PWS.Tanspy, NirCMD, Generic...so far!

BUMP






please help!

Read other 1 answers
RELEVANCY SCORE 46.4

Hi,

In the past couple of days i've found that all my e-mails and facebook have been hacked, and seemingly remain hacked even though i've changed all the passwords etc. I've ran a full scan of my Microsoft Security Essentials that has found nothing, but i want to make sure that my computer isn't completely compromised (thus rendering password changes useless). I'm slightly concerned about something called "Nethood" that seems to have appeared on my system, and i don't remember seeing it before.

Any help would be appreciated. I'm not the best with computers and this would really put my mind at rest. Thanks.

Below is the result of my Hijack This Scan:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:23:04, on 10/05/2011
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\... Read more

Read other answers
RELEVANCY SCORE 45.2

Windows XP (Home Edition) SP3. I have two USB drives (F) & (G) that show up under My Computer or Device Manager that have nothing connected to them.
All other drive letters are correct. Perhaps the individual who owned the computer prior to me had something connected to these. I would like to remove them from the listings. Please advise.

A:Two USB Drives Listed Under My Computed But Nothing Connected

If there is a letter assignment reflected in My Computer...there is a device attached.

What you call "drives"...may be nothing but partitions.

What USB devices do you currently have attached?

No device equals no letter in My Computer, although some attached devices may not be reflected in My Computer (e.g., an unformatted hard drive). If something is reflected as being present when it's not present...you have a problem I have never seen any data on.

Take a look in Disk Managment and see what's reflected there. You might also take a look in Device Manager and see what is reflected there for drives.

Start/Run...type diskmmgmt.msc and hit Enter for Disk Management.

Start/Run...type devmgmt.msc and hit Enter for Device Manaqer.

Also...some card readers may be reflected as multiple drives in My Computer.

Louis

Read other 1 answers
RELEVANCY SCORE 45.2

What do I do I have intel i5 750 2.7 gh and I am on windows 7?

Read other answers
RELEVANCY SCORE 45.2

I am running Windows Experience Index (System Rating), but at the middle when the test running, an error message show "The Windows Experience Index for your system could not be computed" "Could not measure video playback performance"....please, anyone can help me what can  I do..???Sorry for my English...I'm used Intel Pentium 4 CPU 3.00 GHz, DDR2 RAM 1GB (Exclude Onboard VGA), OS Windows 7 RC 32-bit, VIA Chrome9 HC IGP - 64MB onboard VGA, Display 1280x1024, and I have free disk space up to 30GB..... And I've been updated all of my driver to the latest version with Windows Update.

A:Windows Experience Index Could not be Computed

Andi, The reason you're seeing this message is because Windows 7 allows for video decoding to be performed by the GPU, but yours is relatively old and does not support the new video acceleration introduced with Windows Vista and Windows 7.-Alex

Read other 27 answers
RELEVANCY SCORE 44.8

Hello,

I am using a work provided laptop with Windows 7 Enterprise (64 bit) installed. I booted up my laptop and in was in classic view and my wireless was not working along with some other features too. I right-clicked and went to "Personalize" and then it said "Troubleshoot problems with transparency and other Aero effects". I click on it and go through the troubleshooter and it says under "Problems found" "The Windows Experience Index has not been computed". Then when I got "My Computer" and go into "Properties" I click "System rating is not available" and then "Rate this computer". When I do that I get this below.

" The Windows Experience Index for your system could not be computed. Cannot complete assessment. The assessment or other operation did not complete successfully. This is due to an error being reported from the operating system, driver, or other component. "

I tried booting into 'Safe Mode' but it wouldn't recognize my password, note this a work laptop and it has a password when I boot normally it lets me through and recognizes my password but in 'Safe Mode' it doesn't.

Could I please have some help. Thank you.

P.S I have included an image of the problem I am having. (If you would like the link go to: http://oi57.tinypic.com/14mylxz.jpg)

A:The Windows Experience Index for your system could not be computed

  
Quote: Originally Posted by Glass


Hello,

I am using a work provided laptop with Windows 7 Enterprise (64 bit) installed. I booted up my laptop and in was in classic view and my wireless was not working along with some other features too. I right-clicked and went to "Personalize" and then it said "Troubleshoot problems with transparency and other Aero effects". I click on it and go through the troubleshooter and it says under "Problems found" "The Windows Experience Index has not been computed". Then when I got "My Computer" and go into "Properties" I click "System rating is not available" and then "Rate this computer". When I do that I get this below.

" The Windows Experience Index for your system could not be computed. Cannot complete assessment. The assessment or other operation did not complete successfully. This is due to an error being reported from the operating system, driver, or other component. "

I tried booting into 'Safe Mode' but it wouldn't recognize my password, note this a work laptop and it has a password when I boot normally it lets me through and recognizes my password but in 'Safe Mode' it doesn't.

Could I please have some help. Thank you.

P.S I have included an image of the problem I am having. (If you would like the link go to: http://oi57.tinypic.com/14mylxz.jpg)



Welcome to the Seven Forums.

It is ... Read more

Read other 6 answers
RELEVANCY SCORE 44.4

So I just overclocked my processor a few points, and upon booting up my computer, the Aero theme was 'busted.' I tried running the troubleshoot, which claimed I had no issues.

I opened up the Windows Color option, and was greeted with only a Windows 94 looking theme option. (images below) Everywhere I look has no information on this issue.

I fail to see how overclocking my processor only a little bit would cause this issue. All of my drivers are up to date, my computer can easily handle the small amount of overclocking I did, and windows is up to date.
I tried going to Performance and Information and Tools and using 'Re-run the assessment,' and I get 'The Windows Experience Index for your system could not be computed.'

I run with a NIVIDIA GeForce GTX 550 Ti and a 990FXA-UD3 motherboard with an AMD FX-4100 Quad-Core Processor now overcloacked to 4.2 GHz with dual monitors.

I have 12 GB of DDR3 RAM and my OS is Windows 7 Home Premium 64bit.

Please help.

Desktop
Windows 94-esc Option Only

A:No Aero theme - Widows Experience Index Not computed

I assume you clicked on the previous theme you built and still no changes ?

There is no reson to OC that cpu.

Read other 8 answers
RELEVANCY SCORE 40

I have a HP dv7-3065dx 4 gig ram and 500 gig HD window 7 home prem 64bit. I pulled the mother board and had the GPU reballed and copper heat sink added for cooling. Now I have put it all back together and it will nor boot from factory disc or from the hard drive. I have tried a couple of hard drives including one new and one from another dv7 that is working. I have also pulled the ram and replaced it twice. I get the file is possibly corrupt. The file header checksum does not match the computed checksum and also got this error also BOOTMGR image is corrupt. The system cannot boot. Is it possible I missinstall the board causing these errors, help help!!
 

Read other answers
RELEVANCY SCORE 40

hello this morning i turned my laptop on and recieved this error message the file is possibly corrupt. the file header checksum does not match the computed checksum. I've tried using the recover cd and alt f10 but the error seems to kick in before i can do anything any ideas??
 

A:the file is possibly corrupt. the file header checksum does not match the computed ch

You need to boot from the CD. Enter BIOS setup and change boot sequence so that the CD/DVD drive is the first boot device. Then you can boot from the recovery CD.

Note, using a recovery CD will erase the entire hard disk and you will lose any documents, emails etc on the hard disk.
 

Read other 2 answers
RELEVANCY SCORE 39.6

"Could not measure system memory performance."

So I did something that made something happen again so I need help, again.
I had changed my CPU, motherboard, and RAM; the CPU needed a different socket (2011-3), and so with that new motherboard required different RAM (DDR4)
I'm pretty sure the sudden change in hardware is the cause of this, and a few other things that I'd like to think I had solved by myself.
I have a feeling this is an easy fix, what did I do wrong and what can I do to fix whatever this is?
Thanks in advance.

A:"The Windows Experience Index for your system could not be computed."

With all the new hardware did you do a Clean Install of Windows 7?

Read other 1 answers
RELEVANCY SCORE 39.6

When I don't mess with the BIOS, I get the error message, "Reboot and Select proper Boot device or Insert Boot Media in selected Boot device and press a key_" If I change HDD priority, I get, "The file is possibly corrupt. The file header checksum does not match the computed checksum."
MoBo: Asus P5e3 Professional (M4A78-E)
Win7 HDD: Western Digital Caviar Blue WD5000AAKS (SATA)
WinXP HDD: Western Digital Caviar Blue WD600JB-00CRA1 (IDE with SATA adapter)


Quote:




Boot Device Priority:
1st: IDE:DVD-ROM DDU164
2nd: HDD:PM-WDC WD600JB or SM-WDC WD5000AAKS

1st HDD: WD600JB
2nd HDD: WD5000A




Outcome: Reboot and Select...



Quote:




Boot Device Priority:
1st: IDE:DVD-ROM DDU164
2nd: HDD:PM-WDC WD600JB or SM-WDC WD5000AAKS

1nd HDD: WD5000A
2st HDD: WD600JB




Outcome: Reached boot selection screen. When OS selected, computer reboots. Screen blank, and computer unresponsive once it reaches the point where the Boot select screen would be.

A:[SOLVED] The file header checksum does not match the computed checksum

I think I know what the problem is. Hopefully, it's just my video card drivers screwing around. If that's the case, I'd just have to enter the OS in safe mode and delete the driver or just format the HDD. The problem is, it won't let me get to any such screen. Either the file is possibly corrupt, or it restarts.

Read other 19 answers
RELEVANCY SCORE 39.6

Hi All,

I have been trying to install Windows 8 64 bit retail version on my PC for the last 6 hours without success . After the 1st part of the install where you choose the disk and partition to install to, then it copies files etc, the PC does a reboot, which is normal for this part of the install. However, I let the boot sequence continue without selecting dvd of course, then it tries to boot from the hard drive but I get an error.

The header checksum for this file doesnt match the computed checksum.
File: \Windows\system32\winload.efi
Error Code: 0xc0000221

My system was previously running Windows 7 Ultimate 64-bit for years without any problems. This is not an upgrade, I am starting from a clean slate with a fresh wiped drive with no partitions.

System specs:

AMD FX-8150
Gigabyte GA-990FXA-D3
8GB DDR3 1333Mhz
XFX Radeon R9 270X
Samsung 840 120GB SSD (Trying to install fresh win8 to this)
Samsung 840 120GB SSD (Unplugged during this install for ease)
WD Black 1TB HDD (Unplugged during this install for ease)

I have tried both SSD's and also another Samsung 500GB HDD all with the same result.

I have tried the following:
- Win8 Install DVD - Automatic repair - fail
- Startup repair - fail
- Bootrec fixboot and fixmbr and BCDBoot commands successfully
- SFC /scannow gets to 100% but reports that its unable to do anything or something like that
- boo... Read more

A:Header checksum of file doesnt match computed checksum

I replaced the Corsair 4x4GB (16GB) DDR3 1333mhz with a set of 2x4gb (8gb) DDR3 1333mhz Elixir ram from my other machine.
The 64-bit DVD booted all the way to the installer this time with bios in AHCI mode and CD/DVD set to Auto/Non-EFI (1st time it has ever worked). The installation went on without a hitch and rebooted fine without a checksum error and I am now using the install to post this message without problems.

The RAM was the problem all along, although worked fine on Win 7 for a couple of years. Just must not like this new system setup.

Thanks to Mike Barnes from tomshardware for the suggestion.

Read other 1 answers
RELEVANCY SCORE 38.8

Hi all...

I have the error "........checksum does not match the computed checksum"
I've been trying to research the problem and it seems i need to do a repair from an xp installation disc.

Unfortunatley, i cannot find my disc. I have XP home edition on an Advent laptop.
I have access to a XP professional disc (Dell).

My question is, will I be able to use the XP pro disc to do a repair on my xp home edition?

Thanks.

Read other answers
RELEVANCY SCORE 37.2

I have removed several problems in the past but I think I met my match on this one. I think it is VX2 maybe more. I think the hosts are ieautosearch, auto.search.com, search. netscape.com. My AVG Free is also unable to keep Trojan Horse Dropper.Small.13.AM and 8.BC away. I keep getting popups from inqwire, clickandtrack,spyspotter,nico mak, and more. Let me know if you can help. Thanks in advance Also the viruses say AppWrap.exe and bw2.com
 

A:Infested I Think. Help Please!!!

Read other 12 answers
RELEVANCY SCORE 37.2

Hello - I have been infested with Spyware/Adware. NAV is detecting the AlwaysUp trojan virus at least twice a day.Can help me get rid of this issue. Below is my HiJackThis log..Thanks,Mike--------------------------------------------------------------------------------- Logfile of HijackThis v1.99.1Scan saved at 11:05:07 AM, on 6/9/2005Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\ibmpmsvc.exeC:\WINNT\system32\svchost.exeC:\Program Files\Perl\bin\Perl.exeC:\WINNT\system32\acs.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\spoolsv.exeC:\PROGRA~1\insight\tools\aiclient.exeC:\PROGRA~1\NavNT\DefWatch.exeC:\WINNT\SYSTEM32\DWRCS.EXEC:\PROGRA~1\insight\tools\AICR.EXEC:\Program Files\Gillette\adm\bin\GillServ.exec:\Program Files\Perl\Bin\perl.exec:\Program Files\Gillette\Adm\bin\GillMesg.exeC:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\LCFD.EXEC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\PROGRA~1\NavNT\Rtv... Read more

A:Infested plz help

Forgot to mention in my original post that I have run Ad-Aware and SpyBot many many times without any luck in removing whatever it is that got me.

Thanks in advance.

Read other 4 answers
RELEVANCY SCORE 37.2

Spysweeper keeps preventing my computer from being redirected to other websites. I have run A squared, Spybot, Adaware, Nod32, AVG antispyware, Windows defender and the spyware scan in Zonealarm Internet security. None of these detect anything. Can someone please help? Thanks.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:31:35 PM, on 12/17/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16574)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exeC:\Program Files\Eset\nod32krn.ex... Read more

A:Infested With Something

crap just saw the thing about not bumping sorry.

Read other 16 answers
RELEVANCY SCORE 37.2

hi,

I've never really posted on here cause i can normally get rid of what ever is infecting my computer but whatever is in my computer is very persistent. I've scanned with quite a few scanners and they come back with nothing.

I've scanned with Nod32, Avira, Microsoft Security Essentials, super anti spyware and something called Malaware (i think its called that). They have all had varied results but i'm still infected.
My current symptoms are firefox randomly opening ads in a new tab, it directing my google search to some other ad search engine. Programs saying i don't have permission to use the program (Super anti spyware said it till i reinstalled it), something is now up with my codecs and i can't watch any videos and a new symptom which is by far the best.. My computer is beeping.. it varies between every 20 seconds to ever 40 seconds.

Help, please for the love of got tell me what i've got to do to kill it!

John
I've been a complete fool and posted this in the completely wrong area.. Sorry for that. How do i delete/move this?

Thanks

A:I'm infested!

I will suggest that it be moved to Am I Infected, await instructions from that forum.

Louis

Read other 1 answers
RELEVANCY SCORE 37.2

Hey everyone, love the site but for once I cannot find an answer to my problem without personally asking.
 
 
Pop-ups have invaded my computer, I have foolishly ignored them for weeks rather than find an actual solution, but now it's gotten so annoying and tedious that I just want to fix it!! 
 
 
I get at least 2 pop ups per page, one in each of the bottom corners ALWAYS, and occasionally one right in the middle of my screen. They range from fake facebook IM's to spanish lessons and camgirl ads. It's so annoying!! I hope you can help me break these horrible popup ad chains, thanks in advance!

A:Infested with pop-ups

Please download TDSSKiller from here and save it to your DesktopDoubleclick on TDSSKiller.exe to run the application, then click on Change parameters
Check Loaded Modules and Detect TDLFS file system. Do not check Verify file digital signatures (even though it is checked in the example)If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now
Click Start Scan and allow the scan process to runIf threats are detected select Skip for all of them unless I instruct you otherwiseClick Continue
Click Reboot computerPlease post the contents of TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your replyDue to forum upgrade you may face issues posting the TDSSkiller log.Just last few lines of log is sufficient===================================================RKILLPlease download Rkill by Grinler from one of the 4 links below (if one of them does not work try another.) and save it to your desktop:Link 1Link 2In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.A black screen will appear and then disappear. Please do not worry, that is normal... Read more

Read other 11 answers
RELEVANCY SCORE 37.2

This is my first attempt at running hijack this. I'm new to the forum. Any help is awesome. thanks jcrump

Logfile of HijackThis v1.99.1
Scan saved at 10:47:36 AM, on 3/12/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\COMMON FILES\ROXIO SHARED\PROJECT SELECTOR\PROJSELECTOR.EXE
C:\PROGRAM FILES\ROXIO\EASY CD CREATOR 6\DRAGTODISC\DRGTODSC.EXE
C:\PROGRAM FILES\ROXIO\EASY CD CREATOR 6\AUDIOCENTRAL\RXMON.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXE
C:\PROGRAM FILES\AIM\AIM.EXE
C:\PROGRAM FILES\ROXIO\EASY CD CREATOR 6\AUDIOCENTRAL\PLAYLIST.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE
C:\PROGRAM FILES\M-AUDIO MOBILEPRE\MPTASK.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\WUAUCLT.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

R1 - HKCU\Softwa... Read more

A:Infested I Think. Help Please!!!

Fix:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\sp.dll/sp.html
O2 - BHO: (no name) - {E8A92E79-52FE-436D-95CF-30C6C88018E7} - C:\WINDOWS\SYSTEM\AAAHME.DLL (file missing)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL (file missing)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
O8 - Extra context menu item: &AIM Search - res://C:\PROGRAM FILES\AIM TOOLBAR\AIMBAR.DLL/aimsearch.htm
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
C:\PROGRAM FILES\M-AUDIO MOBILEPRE\MPTASK.EXE
This is a virus i believe. Scan this virus with your antivirus aswell as the free online scanners which are included in a sticky in this forum. If they pick it up get rid of it, otherwise I reccommend you delete this file in safe mode.
 

Read other 2 answers
RELEVANCY SCORE 37.2

Hi,

I hope you can help me. I seem to have encountered a lot of problems with my computer lately. First it began to move slowly (not literally!), and then today when I logged on using my ym, I can't get online, then I got a message that a third party is trying to use my ym so a changed of password was due, after I did, I was able to get online. Among other things my internet page opens so slow. Sometimes when I close the page, I would get a million pop-ups. I don't see anything 'suspicious' in my task manager either.
waiting in vain...
thanks

A:pc infested

Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The... Read more

Read other 12 answers
RELEVANCY SCORE 37.2

I use firefox. My problem is these annoying little advertising pop-ups see attach. What box do I untick/uninstall etc to be rid of these things?
Is there a FF add-on to protect me in the future?

A:Infested with pop ups.

They are in IE too. They are ads placed there by a-holes who think we want to looks at them. When you see double underlined words like that avoid putting your cursor on it, no pop up then.

Read other 6 answers
RELEVANCY SCORE 37.2

Last week I clicked on a link. Instantly I was infected it seemed. Mcafee kept finding something then eventually became disabled. All virus scan and antiadware software became disabled. Can't "system restore".

Online scanners won't work either.

Found braviax.

Disabled braviax and a couple other things via msconfig selective startup.
Still infected.

Purchased stopzilla. Found several things including win32kstream.

Hijack this even shuts down.

Only trend micro sysclean allowed to scan. Ineffetive.

Un and reinstalled malware anti.

All this even in safemode.

Nothing works.

What's my next move?

Please help.

Sorry. It appears I posted in the wrong forum. Writing via blackberry. Can I move this to the appropriate place? How do I do that?

A:Infested--need help

Hello,I believe this will run.. Also I am moving this to the Am I infected forum from AntiVirus, Firewall.Please download Sophos Anti-rootkit & save it to your desktop.alternate download linkNote: If using the vendor's download site you will be asked to register with MySophos so an email containing an activation link can be sent to your email address.Be sure to print out and read the Sophos Anti-Rookit User Manual and Release Notes.Double-click sar_15_sfx.exe to begin the installation, read the license agreement and click Accept.Allow the default location of C:\Program Files\Sophos\Sophos Anti-Rootkit and click Install.A message will appear "Sophos Anti-Rootkit was successfully installed. Click 'yes' to start it now". Click Yes and allow the driver and its randomly named .tmp file (i.e. F.tmp) to load if asked.If the scan did not start automatically, make sure the following are checked:Running processesWindows RegistryLocal Hard DrivesClick Start scan.Sophos Anti-Rootkit will scan the selected areas and display any suspicious files in the upper panel.When the scan is complete, a pop-up screen will appear with "Rootkit Scan Results". Click OK to continue.Click on the suspicious file to display more information about it in the lower panel which also includes whether the item is recommended for removal.Files tagged as Removable: No are not marked for removal and cannot be removed.Files tagged as Removable: Yes (clean up recommended) are marked for removal by default.Fi... Read more

Read other 27 answers
RELEVANCY SCORE 37.2

my system has been attacked by various virus' and spyware,I have used hijackthis, SmitRem, Adware Pro, and spybot, as per instructions of this forum, still IE doesn't display, my system has slowed down. internet disconnects after time (DSL) Here is my hijackthis log... Thank youLogfile of HijackThis v1.99.1Scan saved at 4:44:32 PM, on 10/12/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.exeC:\WINDOWS\system32\emjnbxk.exeC:\Documents and Settings\New Owner\Desktop\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\ebsph.dll/sp.html#73077R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\ebsph.dll/sp.html#73077R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\ebsph.dll/sp.html#73077R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:�... Read more

A:Infested

Hi,

The forums are really busy, that explains why logs get behind. We start with the oldest logs first. If you still need some help, please start with posting a new hijackthislog in this thread. Don't start with a new thread.
Then I'll take a look.

Read other 2 answers
RELEVANCY SCORE 37.2

Evening All!

Once again my friend has asked me to help in ridding her computer of Adware, Browser hijackers etc.

I have deleted all I recognise, but there are a few persistent ones that I cannot get rid of.

I would be grateful if someone would analyse the HijackThis log below and advise on how best to clean up the comp.

Many thanks (as always) for any help given!
Logfile of HijackThis v1.99.1
Scan saved at 13:55:59, on 23/06/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\AnalogX\CookieWall\cookie.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\newdll.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Pr... Read more

A:Infested Again!

Read other 10 answers
RELEVANCY SCORE 37.2

not sure if this might be infected with spyware or rootkit cause this machine is about 10-15 seconds to run the application after the icon is double clicked. I have scanned it for malware and found nothing. Then again this machine does only have 256mb of memory so I know that is PART of the problem...Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:34:23 AM, on 2/27/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16791)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeC:\Program Files\Executive Software\Diskeeper\DkService.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ALCXMNTR.EXEC:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exeC:\Program Files\GPSoftware\Directory Opus\DOpus.exeC:\Program Files\GPSoftware\Directory Opus\dopusrt.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Trend Micro\HijackThis\HijackThi... Read more

A:is this pc infested?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for p... Read more

Read other 2 answers
RELEVANCY SCORE 37.2

Hello there,

I am helping a mate to get his newly purchased but second hand laptop into shape. It seems the person who sold it had got it full of bugs. I have already run Superantispyware in safe mode and it came up with 36 finds. The second time, it came up clean. Before that we ran an AVG scan and it came up with some 114 bugs. No sorry I didn&#8217;t think to keep the logs.
Since then I ran Superantispyware again in safe mode and it didn&#8217;t find anything. I have also done a CWShredder scan in safe mode whereby nothing was found. He has run CCleaner regularly.
I also, following guidance from TechGuy, removed all but the last system restore points, shadow copies as they are called in Vista.
Here are his stats, it&#8217;s a Compaq C700 running Vista Home Premium with all updates. It has 150gigs of hard drive with 2gigs of memory. He uses Windows firewall, AVG free antivirus, and Superantispyware.
That is all the info I can think of.

Before posting this I read the &#8220;Please read here first BEFORE posting for help in this forum&#8221; sticky. I didn&#8217;t realise HJT only picks up so many bugs.

What happens is AVG keeps flashing up showing Trojans and nasties. I am borrowing his PC for a few days and I will use all the online scanners I can think of to attempt to get it clean. I&#8217;ll also then have a better idea of how its playing up. At the moment I know that it runs very slow and shows a lot of AVG alerts. I&#8217;ll also in... Read more

A:Infested!

As no one has responded to my post I assume I didn't adhere to the guidelines. Thanks anyway,

Grest
 

Read other 1 answers
RELEVANCY SCORE 37.2

Hi and thanks for taking the time to help me......I've finally joined the ranks of "Oh no, shouldn't have downloaded that file". After ten years as an internet user, I did a REALLY stupid thing and downloaded a file and got infected. It's put all kinds of stuff on my computer. I've used everything, I can think of to get rid of it, but something I'm just not getting.....here is my Hijackthis file....it's a long one. Thanks again for looking this over and offering any help!BigRick!Logfile of HijackThis v1.99.1Scan saved at 5:35:06 PM, on 3/25/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exeC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\WINDOWS\SYSTEM32\GEARSEC.EXEc:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\Secur... Read more

A:Help! I'm Infested

Hi BigRick70!*It is a good idea to print off these instructions - they will be needed later when internet access is not available. You may also like to save these instructions in word/notepad to the desktop where they can be easily found for the same reasons as above. It is important that you complete the following instructions in the correct order, and also that you don't miss anything out! Please download Look2Me-Destroyer.exe to your desktop.Close all windows before continuing.Double-click Look2Me-Destroyer.exe to run it.Put a check next to Run this program as a task.You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 10 seconds. Click OKWhen Look2Me-Destroyer re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.Once it's done scanning, click the Remove L2M button.You will receive a Done Scanning message, click OK.When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.Your computer will then shutdown.Turn your computer back on.Please post the contents of C:\Look2Me-Destroyer.txt and a new HiJackThis log.If Look2Me-Destroyer does not reopen automatically, reboot and try again.If you receive a message from your firewall about this program accessing the internet please allow it.If you receive a runtime error '339' please download MSWINSCK.OCX from the link below and place it in your C:\Windows&#... Read more

Read other 2 answers
RELEVANCY SCORE 37.2

This is another computer on our network that is running incredibly slow. Here is the hijackthis log. Thanks in advance everyone.

Logfile of HijackThis v1.99.1
Scan saved at 7:27:43 AM, on 9/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\program files\softwin\bitdefender9\bdswitch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Softwin\BitDefender9\bdlite.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default... Read more

Read other answers
RELEVANCY SCORE 37.2

Hello all, I think that when I downloaded some free software, I got more than I bargained for. After the download, I noticed that my startpage had been changed and that I could not set it to what I wanted. I did a scan with malwarebytes and it found 3 items. That took care of the startpage problem but I am now getting all kind of pop ups saying that my computer is infected, click here to fix (they look like rogues to me). I am also getting redirected to strange websites when I use the back button on my browser. I did another scan with malwarebytes and avast and both of those scans found nothing. I have windows 7 and Firefox. Thank you

A:I think I am infested

Run the Junkware removal tool.Post the log.http://thisisudax.org/downloads/JRT.exeReboot your machine.Download Adware Cleaner double click it to run it.Click the delete button allow it to runThe program will reboot your machine.This is normal.Post the log it creates.http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
 
 
 
Please download MINITOOLBOX and run it.Checkmark following boxes:Flush DNSReset FF proxy SettingsReset Ie Proxy SettingsReport IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeList Devices (problems only)Click Go and post the result.
 
 
 
Download tdss killerhttp://support.kaspersky.com/downloads/utils/tdsskiller.exe
Right Click it Run As Admin . Click on Change parameters Select TDLFS file system
Hit the Scan button Post the LOG In your next reply
Do not change the default options on scan results
Update and do a quick scan with Malwarebytes remove all that it finds and reboot.http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/
Post the log here,
 
 
Run a scan with Eset. You will need to disable your antivirus during this scan.http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to... Read more

Read other 13 answers
RELEVANCY SCORE 37.2

Hello,i have been refered to here by another forum buddy, my laptop froze friday, which led me to try my mums laptop which worked fine, so i ran a windows scan and clean, this found 2 severe virus's....so i removed these, ran another scan, came back running normal, but was not, im not up on pcs, then found i had avast on my pc, so ran a scan with this, which pulled up 12 items, including virus's and trojans, they went into a chest, i then removed, ran again, clean, ive been infested before, paid someone to clean up laptop, did not know he left a Malwarebytes' Anti-Malware, so i ran this which found 4, removed,ran again, found 2, ran again, again again,all came up clean, but still laptop is dead, takes about 10 minutes to load a website,if im lucky, on thing works fine is my gmail account, ive had some people on a fish forum running through things to do, but does nothing, ive now tried opening this webpage on my laptop,will not load, i was given a link for HiJack This, which has given me a page of results, would not allow somethings, i have taken some snap shots,
I also brought a sandisk memory stick, placed it in the usb..i click on run sandisk then it comes up as not responding, wanted to save all my pictures onto it,,,

A:Help me Please....Think im infested

Boot into safe mode update malwarebytes antimalware and run a full scan and then please post the log

Read other 8 answers
RELEVANCY SCORE 37.2

I have a dual core 2.9mhz
2 Gb Memory
WIN XP Pro
Dual RAID HD 300gb

In the last couple days programs take several minutes to open

I am doing a Malwarebytes scan as we speak

Following is my hijackthis log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:21:34 PM, on 8/25/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHALDCS.EXE
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Program Files\Intel\Inte... Read more

Read other answers
RELEVANCY SCORE 37.2

having a nightmare on my other machine w/ viruses and trojans.

did a NOD scan, it found a trojan fragment or something in IE Temp, that it had found int the past. in an ever-increasing fk-up i downloaded Stopzilla and did some Windows updates. since then, i seem to have been swarmed. SZ found a dozen or so items NOD didn't. next boot/scan it found more. then i noticed NOD wasn't in my system tray, thought it was a SZ conflict, more scans w/ those and malabyteware found a disable.update fkn thing, i downloaded (from googleing) ComboFix (this site says not to, the other page i found metion to it didn't!), that failed to activate, reboot scan and 21 more items. ran CCleaner etc rebooted and the mouse-judder over my system tray has gone but NOD still doesn't appear, i've just fired off a full SZ scan and it's found 2 instances of Cognac, GASF and System Tool 2011 - it supposedly removed Cognac on the last scan, according to the log.

help please!

Read other answers