Over 1 million tech questions and answers.

cleared files now no sound

Q: cleared files now no sound

I Was Having Problems With My Pc ...asked Aol To Help Me . They Had Me Clear Files And Remove Some Programes ...now I Have No Sound When I Check It I Get A Message That Ther Is No Driver Loaded .... Please Help I Had Sound Before I Did Those Actions

RELEVANCY SCORE 200
Preferred Solution: cleared files now no sound

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: cleared files now no sound

Well sounds like you might have uninstalled your soundcard driver. Try going to the device manager and check if any devices have yellow question marks. If your soundcard does then you will need to reinstall the driver.

Read other 1 answers
RELEVANCY SCORE 58.4

Yikes, the "Clear Log..." and Clear Filter" are so close to each other in the event viewer.
 
Is there any way to recover a cleared event log from C:\Windows\System32\winevt\Logs?
 
I wish it was that easy to clear errors in other areas of life.

Read other answers
RELEVANCY SCORE 53.6

Hi,

Couple of days ago I had a couple of viruses and malware on my laptop (Win32 Banker and Trojan SpyAgent - i think two were called). I used Panda Antivirus and Spybot Search + Destroy and "disinfected" the computer.

I went on last night and I had sound ads (making jello brains and earthquake procedures for children in california, etc) coming through the speakers but there was no applications running and no windows open.

Thinking it was a virus, I updated the Panda antivirus and ran that again and also did the same for spybot, the results showed the computer as clean. But I could still here the sound "ads" and then some pop ups appeared.

Anyone have any idea what is going and how I can get rid of them? Preferable for free!!!

Thanks DuttonD
 

A:Solved: Virus cleared but now have unwanted sound ads

Download HIJACKTHIS

Save the program in a folder on your desktop, execute and "Run a scan and save a logfile". ( DO NOT FIX ANYTHING )

When done, copy and paste the log in the "malware and hijackthis-log forum", and an expert on the field will "diagnose" your computer and help you get rid of anything nasty.

Good luck!
 

Read other 2 answers
RELEVANCY SCORE 52.8

I need to recover a lot of files which I cleared from the recycle bin. There seems to be a lot of software out there which will help me do this. Like most users, I do not want to use unreliable s/w and would be pleased and grateful to hear your recommendations ...
 

A:Best way to recover files cleared from the recycle bin?

Read other 8 answers
RELEVANCY SCORE 52.4

Hi,
The backstory is... I clicked on a close pop-up X on B&H Photo's website and Chrome was quickly covered in ads. I had Kaspersky Internet Security 2015 on my pc but it didn't detect anything before then. I tried system restore to the day before but it didn't solve the issue. After upgrading to KIS 2016 it found Dragon Branch and treated it. After a reboot it was back.

So I went into safe mode, disconnected from the internet and uninstalled it (it looked like it was installed with another program back in April), reset my browsers to their defaults, deleted temp internet files and emptied the recycling bin. I thought it was gone for a while, but then I noticed that files were missing from at least one of my internal hard drives. The files would be gone in a folder, but sub-folders remained (but were empty). For other files, I could see them but they won't open. While others were unaffected.

I saw on one of the forum pages to rebuild the search index. I started that but after 12 hrs, it was still less than 1/3 the way through (I have a lot of photo files). So I paused that and ran Malwarebytes - it found DragonBranch.A, OpenCandy and AceWebExtension.A. It treated them and after a reboot, rerunning Malwarebytes didn't find anything.

I then ran sfc /scannow - it found corrupt files but couldn't repair them all. So I ran it two more times (the post suggested that it may take 3 or more runs). At this point, I went to see if the files were back, but the hard drive ... Read more

A:1st files gone, now the drive - cleared Dragon Branch & ran sfc

Hi all,
Looks like they were two separate events happening at the same time. I starting going down that line of thought thinking the hard drive simply failed. But on some reboots I get an error message that no keyboard is found, even with a usb keyboard. I read in a different post that that is a sign that the motherboard is failing. When I plug the usb keyboard into a usb slot on a pci card, there is no error.
I had tried reboots before and it made no difference with the current issue. Then, when I thought I was taking out the defective drive just now, I took out the boot drive instead. A reboot quickly pointed that out. When I put it back in, the missing drive was back!
So, I'm now thinking its a motherboard issue. I'm copying the files across to another drive, as I type, in case it is the drive and I got a lucky window of access. Its probably time to build a new PC.
Thanks

Read other 1 answers
RELEVANCY SCORE 51.6

I'm running XP pro and Antivirus is AVG 8.0 free edition. It caught a couple fo trojans the other day, but know I get three message boxes that tell me that windows is unable to find modules for these dll files.

c:\windows\system32\lumuheze.dll
c:\windows\system32\dezifamu.dll
c:\windows\system32\hulahake.dll

they are all seprarate message boxes.

The 'puter seems to be running fine, but it is wifes and kids 'puter so they run amok on it and I want to make sure that it works and does not have anything that will steal important info, as wife does the banking on it. there are four total users accounts two are Admin (wife & I), and the other two (the kids) are not.

Thanks for any help

Nate

here is my DDS report

DDS (Ver_09-03-16.01) - NTFSx86
Run by Mayumi at 14:16:51.12 on Sat 04/25/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1422 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PR... Read more

A:want to insure Anti virus has cleared all malware files

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

Read other 2 answers
RELEVANCY SCORE 51.6

Evening TSF!

I've just done a giant clear out of my dads PC, 3600 virus/trojan/threat count! COME ON! it was so bad I had to slave his HDD into mine and clean it that way. When AVG scanned the HDD it detected that explorer.exe along with some other system files were trojans and therefore put them in the vault. I now need to restore these system files but I dont have a disk for it "Microsoft Windows XP Media Centre Edition 2005 Retail" I tried to just restore the files with bootfix but there is a password on the admin account which he doesnt know so I tried the full repair option (looks like a fresh install but isnt) When it came to the serial code... sure enough it was wrong, i had tried using XP pro disk... Im not able to get a copy of the disk so I presume I've half installed the OS and therefore rendered it usless.

Couple of things, does anyone know if i can restore the HDD either by putting it back as a slave and doing something to it or am I going to have to find a disk that suits his serial code. failing that, any other ideas?

peace always!

Purehatred0

Read other answers
RELEVANCY SCORE 50.4

Hi all,
This has since been resolved the lazy way(reformat and reinstall out of my hands and into the hands of those folken here at college who only know to reformat and reinstall), but there was one night when a friend of mine came to me and asked me for some assistance with some issues she was having. I knew immediately that at least some adware was running on her computer for there were crazy ads popping up, strange and unrecognizable processes running in her task manager, as well as just slow performance. I believe that my mistake was running a quick scan instead of a full scan with MBAM, for when the program got finished with it's routine, there were still some adware installation entries in her control panel. I told her to remove them, plus some of the other silly Dell stuff that Dell puts on their latitude models. (she has a Latitude D620). Due to her impatience and just plain lack of knowledge, she was going faster than I could speak it seemed like, and when I told her to leave Spybot alone, she uninstalled it anyway. I begin to wonder what actually started to happen at this point. Her computer called for a reboot, and after it had restarted, that's when her .exe file association was no longer associated correctly. I know that the fix for that is really quick. Does anyone know what key that is that has to be added into the registry? I ask so that I can hand-create that particular .reg script so that if this ever happens again to either myself or anyo... Read more

A:Friend's XP computer, cleared of malware for the most part, but then files associations got messed up

<<...cleared of malware for the most part, but...>> Statements like that...always intrigue me .Malware is a disruptive, annoying fact of life. A system is either clean...or it is infected.<<I know that it was the trojan that did that, though why did it happen after the MBAM scan? I don't get it..>>Mistakenly...many users think that there is some application that can be used to eliminate all forms of malware. Many seem to think of Malwarebytes in the same manner that you seem to...as something capable of detecting/eliminating/neutralizing all forms of malware.It just ain't so.Protection from malware starts with installation of critical updates...is aided by installation/updating/usage of a reliable AV program...and is aided by the usage of any number of programs which address malware but which are not AV programs.Malwarebytes is one of the latter type of programs...it doesn't detect all forms of malware, nothing does. It's merely an additional step which users can take to protect their systems. And...it's not necessarily the only step that should be taken, even in conjunction with a reliable AV program.In fact...if you visit the Malwarebytes forums or our own forums which address known infected systems...you will see that a variety of other tools are used in order to attempt to correct systems which are infected.You might like to take a look at some suggestions for avoiding infection, How did I get infected - http://www.bleepingc... Read more

Read other 3 answers
RELEVANCY SCORE 46.4

Heya,
I have cleared my history, deleted my temp files and cookies and still I have a couple of sites that, when I type in the address bar, are still there and come up when I type in the first letter of that site . Please can someone tell me how to get rid of the damn things.
Ta very much
Jonbo.
 

A:How to delete sites from history - already cleared history, cookies and temp files

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs in registry contains the typed-in addresses. Delete all the "url" entries.
 

Read other 5 answers
RELEVANCY SCORE 41.6

My husband and i are in a band and are trying to upload our music to a local site. It said we needed mp3 files so we tried coverting our wave file to an mp3 file ( my husband downloaded something that said it could do this) and now we have no sound. The speakers still make little crackling noises like they are still live but we get no sound.

HELP!
 

A:Tried to convert music files from wave files to mp3 files and no NO SOUND WHATSOEVER

Try a different program.

Are you converting from CD, or a wave file on the hard drive?

.
 

Read other 3 answers
RELEVANCY SCORE 39.2

I've tried a lot of things to figure this out and it's been going on for quite awhile, still if anyone can post any reason why it won't stream sound, please do so, I want help badly.

I tried an instill of a new hard drive and made it the master drive, however I couldn't install windows from a disc (pci.sys) so instead i copied my os off of the old hard drive but everything had to be copied. (If you can tell me an install process to help me with my sound that'll work too)

youtube doesn't work.. etc
absolutely everything from the internet = no sound except if it caches a file and plays that file instead.
checked volumes, "play sound in webages", downloaded codecs, flash, updates.
post anything, please?

Read other answers
RELEVANCY SCORE 38.4

I am running Audacity on a new 64 bit computer, running Vista. I had got my sound really good, good enough to do voice auditions, but now when I convert my Wav file to mp3 and send it to myself, the sound is awful. Why is there such a difference, when it sounds so good in Audacity or on my file converter?
 

A:Crappy Sound after emailing sound files

Read other 13 answers
RELEVANCY SCORE 38.4

I was trying to clear space from a small hard drive "C:" and put my folders and documents into my 1.7 TB hard drive "D:". When doing so, it asked me to delete the documents/folders/bytes because they couldn't be recycled. Figuring that meant it wouldn't be deleted from the PC altogether, I clicked confirm, and now I can't access my videos, pictures, documents, music (I never use this folder), and downloads folders. I can't even re-download software such as Steam because I can't locate a space for said software. I can't even download the SysInfo utility software because there's no folders to locate it to.
 

A:I think I cleared my PC

It asked you to delete the folders but you didn't think it meant it would delete them? Yes, it absolutely meant it would delete them. Putting them in the recycle bin is also deleting them but with a safety net.

Depending on how much you deleted, you my just have to right click and create a new folder with the proper name, ie. Documents, Music, Pictures. If you still have problems then see this article; https://scottiestech.info/2014/11/11/repair-missing-user-folders-in-windows-7/

Then if you want to move those folders to another drive you need to move their location properly using this method: https://www.howtogeek.com/howto/win...l-data-folders-in-windows-vista-the-easy-way/
 

Read other 1 answers
RELEVANCY SCORE 38.4

Hi. Can you please look at these logs and tell me if there are any further virus' or malware etc.?

I have already removed over 300 pieces of malware/virus' etc. using Ad-Aware, Malwarebytes and Trend Micro house call. I did a full scan with Avast but it came up with nothing.

I haven't done the GMER scan as it said on the instrctions that it was for 32 bit system only and this is a 64 bit system. If you need me do it or any other then please feel free to say.

Here are the logs:


DDS (Ver_10-11-08.01) - NTFS_AMD64
Run by user at 1:41:50.20 on 09/11/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2815.1463 [GMT 0:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\W... Read more

A:Already cleared 300+ but I think there is more!

Bump, please

Read other 16 answers
RELEVANCY SCORE 38

Whenever i type my password on the logon screen. 
I always need to get my token for 2 factor authentication.
This is not really a problem however if it takes me about 30 seconds to get my token then my password field gets cleared and i have to type it again.
Now i don't mind passwords being cleared as a security measure but i would like to set the timeout to 60 seconds.
I've been testing this on different windows 8/8.1 pc's and they all have the same "problem" without anyone on google seeming to know the answer.

Here's a simple test case so you know what i'm talking about:
- Go to the login screen
- Enter some text in the password field
- Wait 30 seconds
- The password field get cleared

Read other answers
RELEVANCY SCORE 38

I have Windows XP. Everything in my bookmark disapeared and I can not add anything to it. I don't know what happened or how to fix it.
 

Read other answers
RELEVANCY SCORE 38

Dear Fabulous Beepingcomputer.com Saviours, My parents called me to ask me to investigate why their (and I admit it, very old) computer was extremely slow. I duly investigated, and it turned out they had six viruses! They deny all knowledge of how they obtained them, but I know for a fact they will click on anything with a button. Anyway, I ran the usual Spybot S&D, Rootkill and Malware Bytes scans and got rid of most of them, sweeping up the last remnants with a safe mode scan and everything appeared fine. However the computer (and internet) is running extremely slow again, almost as if something is throttling the internet after about 10 minutes and the firewall keeps being turned off.  I'm concerned that I may have missed something during the virus removal process, as I seriously doubt my parents use the computer enough to incur the wrath of the ISP and its specified usage limits!  I have updated Java, Firefox, Adobe etc as far as I can, and have eliminated several unnecessary automatic start-ups (Apple Tech etc) cleared the cache and cookies in Firefox, but to no avail. Any help will be gratefully received ! DDS log attached. Best Wishes, EmmaDDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 8.0.6001.18702Run by Main at 23:37:42 on 2014-04-08Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1047 [GMT 1:00].AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee F... Read more

A:I thought I'd cleared it, but now I'm not so sure !!

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/530416 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 45 answers
RELEVANCY SCORE 38

I have Win 7 Pro 64 bit SP1 and use Adobe Photoshop CS5.1, and have done for a long time without problems. All my software is fully updated.
In the last two weeks I've encountered a problem where images won't display in Photoshop if I've closed it and done something else for a couple of hours or so. The images show in the Open Recent list in Photoshop as though they have been opened but do not appear on screen. When this happens I cannot access the Color Settings in Photoshop either.
The only way I have found to resolve it is to log off then log back in. After that everything is OK with Photoshop again.
I have tried everything I can, made sure my graphics card driver is up to date, tried older graphics drivers. Removed then re-installed Photoshop. Then I completely re-installed Windows and started from fresh.
I have posted on the Adobe forums but nothing anyone has suggested has worked, though two other people have reported they have started to get the same issue.
So my question is, can someone tell me what is getting cleared, changed, at log off that they think could be connected to this.
I use CCleaner to clean up my temp files etc on a daily basis; but using it when I encounter this problem doesn't fix it.

A:What Gets Cleared At Log Off & Re-Boot?

Welcome to Windows Seven Forums.

In all honesty, I think your problem lies with Adobe Photoshop, and not Windows.

I'm currently using Adobe Design Premium CS5 and after an intensive period of photo editing the application freezes for a few minutes.

I've tried getting answers from Adobe and all they can suggest is upgrading to version CS5.5, which I refuse to do.

All I can suggest is you try and find an answer through Adobe's forums or raise a case with Adobe directly.

Read other 4 answers
RELEVANCY SCORE 38

First of all - WONDERFUL site, I'm glad I found it. My husband got a PSW.Generic6.AEY trojan & his online gaming account was stolen. I have gone thru MANY of your threads & I "think" I've cleaned his PC up. Can someone take a look & see if I need to clean anything else off this machine? Thanks in advance!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:27:00 PM, on 3/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
... Read more

Read other answers
RELEVANCY SCORE 38

I have just cleared the ZeroAccess trojan from my system using RougueKiller.
 
I just want to be sure im totally clean of any infection
 
Just going thru the steps to post here and Im stuck on DDS. I get the error about not supposed to be run in 'compatibility mode'. Any idea how to get around this?
Ive seen on another post that FRST was run. I have run FRST and get the error 'Exception EAccessViolation in module ERUNT.exe.....'. Although it did let me run the scan:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-12-2013
Ran by Calin (administrator) on OSIRIS on 04-12-2013 17:49:06
Running from C:\Users\Calin\Downloads
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(Cypress Semiconductor Corporation) C:\Program Files\Cypress\TrackPad\CyTpService.exe
() C:\Windows\System32\DptfPa... Read more

A:Just Cleared ZeroAccess. Or so I think...

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===I have reviewed your log and it's clean.Let me know if you have any issues with this computer.p.s.The DDS tool is not compatible with windows 8.1 that is the reason you are getting this error.

Read other 3 answers
RELEVANCY SCORE 38

First, thanks to all of you who take the time and effort to help people disinfect their systems. It is a generous and noble thing to be doing.

I believe that my computer still is infected with something(s). I believe that the initial infection came on or about 12/24/2008. Before coming to this site, I downloaded and ran combofix. I now know this was not a good thing. My computer still runs, but there are numerous times (almost always) when it runs much slower than it did before I got infected. Before running combofix, superantispyware and some other bits of software, I was getting random pop-ups sending me to a variety of websites. Now, my computer is just slow, and the sysinternals rootkit revealer comes up with numerous lines of stuff that were not there before I got infected (output available on request if useful). The other odd symptom, is that when I am trying to install the latest update from Microsoft (the perm copy of the package installer hxxp://support.microsoft.com/kb/KB898461), it fails everytime and I end up with corruption to my filesystem that requires chkdsk to do some work. Anyway, from here down is the log that the instructions say to post.


DDS (Ver_09-01-19.01) - NTFSx86
Run by rms at 22:22:15.57 on Sun 01/25/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.830 [GMT -5:00]

AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)

========... Read more

A:Infection May Not Yet be Cleared

Hello Ray,

I'm not seeing any malware in the log. Let's get an online scan to search for remnants that may be lying around.

Using Internet Explorer or Firefox, visit http://www.kaspersky.com/kos/eng/par...avwebscan.html

1. Click Accept, when prompted to download and install the program files and database of malware definitions.


2. To optimize scanning time and produce a more sensible report for review:Close any open programs
Turn off the real time scanner of any existing antivirus program while performing the online scan

3. Click Run at the Security prompt. The program will then begin downloading and installing and will also update the database. Please be patient as this can take several minutes.Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
Click View scan report at the bottom.



Click the Save as Text button to save the file to your desktop so that you may post it in your next reply

Read other 3 answers
RELEVANCY SCORE 38

I have been told by Blizzard that I had a trojan or keylogger on my PC, so I have done the following:

- Run ATF Cleaner
- Run Ad-Aware 2008 (which detected something called WinWorm, which I deleted)
- Ran Spybot S&D
- Ran MalwareBytes Anti-Malware
- Ran full AVG virus scan
- Ran HijackThis.

My Malware log showed the following:

Malwarebytes' Anti-Malware 1.31
Database version: 1540
Windows 6.0.6001 Service Pack 1
24/12/2008 22:46:24
mbam-log-2008-12-24 (22-46-24).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 229387
Time elapsed: 1 hour(s), 30 minute(s), 17 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
My Hijackthis log shows the followin... Read more

Read other answers
RELEVANCY SCORE 38

Hi,

A few days ago, my spyware told me I had a trojan could allow someone unlimited access to my system whenever I was on-line. The spyware deleted (and sorry I can't remember the name of it) I ran my anti-virus and downloaded a couple other spyware software to run as well. The thing that has me concerned is my modem light is blinking even when I am not on the internet and even when I hit SHUTDOWN on my firewall.

If someone could take a look at my Hijack log, I would really appreciate it. I am afraid someone might still have access to my system.

Thanks!
deb

Logfile of HijackThis v1.99.1
Scan saved at 2:37:57 PM, on 10/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\... Read more

Read other answers
RELEVANCY SCORE 38

For some reason today I turned on my computer and all my quick addresses(Internet Explorer) are gone from the drop down menu. I still have everything in the history folder. I didn't clear/delete anything. What happened? Are they lost?
 

A:History got cleared??

That isn't a good way to store your favorite sites. Use the favorites, that's what it's there for. Those do get overwritten and deleted if yout history settings have been reached.
 

Read other 1 answers
RELEVANCY SCORE 38

Infested!

Trojans; foop, peacomm, downloader-warevenue, akella, backdr-qho, agent winlockon, phister-bzub, zero, rustok-r, girlfriend, small-eja, backdoor-lev,
countofe. dorf-f

Adware amaena.com fake alert, purityscan, virtumonde, and 5 spy cookies.

All (possibly) removed, but something still has its claws in my PC 'cos I get regular system locks :-(

Also on loading get a RUNDLL error "Error loading c:\windows\system32\riadaxis.dll" ~ perhaps I was a bit keen in deleting files, but I have no idea which program to reinstall!

Any help please only use words of up to two sylables. 'cos this is my first experience of these waters.

Thanks Paul

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:29:12, on 03/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Thomson SpeedTouch\ST330\service\st330service.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\tppaldr.exe
C:\Program Files\Samsung\Samsung Media Studio\SamsungMediaStudioAgent.exe
C:\WINDOWS\system32\WService.EX... Read more

A:Infestation, mostly cleared?

Hi Guys, a week has passed ~ am I being impatient by bumping this?

Read other 19 answers
RELEVANCY SCORE 38

I cleared the Cmos on my computer and now nothing works. The monitor light stays amber. Am I done for?
 

A:Cleared Cmos

Did you remove the battery or use a jumper to do it?

Be sure you replaced the battery, and parked the jumper in it's original position when you finished.
 

Read other 3 answers
RELEVANCY SCORE 38

Found an extra DNS service running and my browsers were set to 127.0.0.1:9090. A little research led me here (thanks for all the info posted) and I believe I've removed it all, but would like to confirm.This is a brand new XP install, so there shouldn't be too much flotsam.Logfile of random's system information tool 1.04 (written by random/random)Run by bensor at 2008-11-12 21:55:19Microsoft Windows XP Professional Service Pack 3System drive C: has 202 GB (71%) free of 286 GBTotal RAM: 3072 MB (77% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:55:32 PM, on 11/12/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\nvsvc32.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\WINDOWS\system32\rundll32.e... Read more

A:Cleared tinyproxy, hopefully

Hello Tripper,Your log looks clean! Please read and follow How did I get infected?, With steps so it does not happen again!as well asHow to prevent Malware' by miekiemoes If you want to improve speed/system performance after malware removal, take a look here.

Read other 2 answers
RELEVANCY SCORE 37.6

I got infected with a Ramnit virus, after lots of research I was gonna wipe and reformate, because trough scans from various different anit malware (such as Emsisoft, malwarebytes, and my AV F secure) came up with over 20,000 infected files.

Before I went to wipe, I did a system restore, back to 2008. After a further scan it only found 2 infected files which I have been keeping in quarantine. The computer feels much more stable, and 'normal', I have done all my updates.

Emsisoft informs me from time to time that my browser is attempting to connect to a suspisoin host, (which I deffo have not directed my explore to) which seem not to be visible to me, nor directed by me.
Example sites, userplane.com , mediaplex.com, chitika.net and so on..

I mainly use Firefox, really dont like IE (which always runs slow).

Few things

The files in quarantine are
C:\WINDOWSsystem32\drivers\tec\hosts.0 (Trojan.Win32.Qhost!E2)
C:\WINDOWSsystem32\drivers\tec\hosts.1 (Email-Worm.Win32.Anker.n!E2)

** Should I delete these or leave them ? **
I downloaded HJT, heres there log.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:18:33, on 15/12/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Sys... Read more

A:Ramnit virus, nearly cleared

Read other 16 answers
RELEVANCY SCORE 37.6

I have an unusual question posed to me by a customer. The customer has two employees in her office - one of them cleared cache and cookies in IE (something
she relies on heavily). Both employees state it was not them; she wants to find out who is being dishonest. She is looking to determine the exact date/time this was done. I am looking at Event Logs, but don't believe they record that action. Just curious if
any of you have ever encountered this, or have found a way (either through logs or programmatically) to determine when the cache/cookies were cleared.

Read other answers
RELEVANCY SCORE 37.6

Started experiencing extreme slow time in system. Zonealarm warned of a worm (Blaster). Performed all corrective actions I knew. System still acting odd.

Below is the HiJack Result Log. Any help is appreciated.

*********************************************************

===========================================================================================================================
Log was analyzed using HijackThis Analyzer - Updated on 1/7/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] c:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [CookiePatrol] c:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.0
Scan saved at 1:34:44 PM, on 2/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\PROGRA~1\A... Read more

A:Verifying System Has Been Cleared

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://69.50.191.51/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://69.50.191.51/hp.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://69.50.191.51/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://autosearch.cc/search.php?qq=
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab


Reboot. Any problems now?

Read other 4 answers
RELEVANCY SCORE 37.6

So I'll tell you guys the story :
My little sister started up my laptop 5 minutes before I got home. I get home and see on the screen dat my recovery is repairing and that I still got to wait 5 more minutes before everything was repared.
My laptop is a Medion Akoya MD 97110..
I don't know what buttons my little sister pushed when starting up, she claims she only pushed the startup button.

After reparing, the laptop rebooted and prepared itself for first use.. Now I lost all my music all my documents regarding school, everything!

I have Recover drive (D:) and there are files there : Factory.000 ; Factory.001 and so on..

Can you guys help me get all my stuff back?

Thanks in advance, Yannick.

A:Laptop started up & cleared everything

Hi have you tried system restore to a point when it was working previously

Read other 2 answers
RELEVANCY SCORE 37.6

I'm a dabbler so when I found my Wife's computer had been infected I set to work clearing it off. Initially I thought I had a hosts file problem (since I was being redirected and manual attempts to get to sites received 404 errors) but quickly learned my hosts file was fine. It didn;t take much from there to decide it was a DNS issue. I manually changed the DNS entries for the adapter to the comcast addresses but problem remained so at that point I knew I had something not fun at all.

I had a heck of a time getting anything done. MBAM wouldn't install, nor would a number of other utilities. I was able to finally get one (http://www.prevx.com/freescan.asp) to install and it found the rootkit/trojan but charged me 16 bucks for a one month license to get it to remove it. So, I had it remove the files.

After doing this I was able to actually install MBAM and ran it and it found more vestiges. I also ran ComboFix and I believe it found something as well since removed.

Because it was late and I was frustrated I went and deleted out the quarantine folders and everything still seems fine.

When I then went to return my wife's machine to pull the DNS automatically, she wouldn't have access to the Internet. I went ahead and re-entered the manual values I pulled from the router for the DNS settings and it works but I would prefer to be using automatic in case Comcast decides to change up their DNS servers.

Does anyone know the answer or is there someth... Read more

A:Cleared TDSS (I Think) But have new DNS issues

If you have problems again, try downloading LSPFix.This can be found at http://www.cexx.org/LSPFix.exe and will look for and bad bits in your Layer Socket Providers. When i messed around with some registry keys, i used this and it solved the problem.

Read other 2 answers
RELEVANCY SCORE 37.6

Hi

I was having trouble with the Bo:Heap virus about a week ago, I successfully cleaned the computer with the help of the lovely Ried. Now this morning, I have tried to boot up, and I am getting constant blue screens in normal mode. I tried to launch the recovery console, but cannot, I can only have access in Safe Mode, which is how I can get online now.
This is a works computer which I have on loan for the Easter Holidays, so obviously I want it to go back to work in the same condition I brought it home in.
Not sure if this is the correct forum, but I'm sure someone can point me in the right direction.
Attached are DDS logs for your perusal
Edited because I forgot my manners; help me please xx

A:Cleared Virus, Now Bluescreens!

since you are able to go into safemode, try to do a system restore to a restore point just after getting the computer clean and before the current problem.

Read other 19 answers
RELEVANCY SCORE 37.6

Every time I try to log in it goes back to the page you see when logged out, unless I clear the TSF cookie, then it does it, but it doesn't stay logged in. Every time I leave I have to do the process over again.

I tried it on IE and it works fine there.

A:FF will not let me log into TSF site unless I have cleared it's cookies.

Did you make any recent changes, like an update?

Read other 7 answers
RELEVANCY SCORE 37.6

Hello, I use CCleaner which lets me save certain cookies so I don't have to login forums I visit this being one of them.Every time I reboot the cookies are cleared. I s there a setting in IE10 that will prevent that? Thanks

Read other answers
RELEVANCY SCORE 37.6

Hi,

My computer was acting very strangely and AVG/Emisoft found Trojans, said it couldn't move them to the vault or delete...believe they are still there.
Tried to boot my XP Win into safe mode and there is no safe mode.....so couldn't re-run with less services.
Can you see if I have anything here and what do you recommend to get rid of it?
DDS (Ver_11-03-05.01) - NTFSx86
Run by at 1:30:59.78 on Sun 05/08/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2009.866 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\drivers\audio\r211990\stacsv.exe
svchost.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\DRIVERS\o2flash.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft\Search Enhancement Pack&#... Read more

A:Trojans not cleared by antivirus?

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

Read other 2 answers
RELEVANCY SCORE 37.6

Hello,I just finished doing a number of scans on this computer after a bunch of trojans/malware was found but I'd like to make sure they are all gone. Here is a quick rundown of what has happened so far:1) Someone visited a website (don't know the site) that seems to have caused this infection. This resulted in mass popups when I had Firefox open.2) I used Internet Explorer to run the following online scanners:Eset Nod-32 http://www.eset.com/onlinescan/F-Secure http://support.f-secure.com/enu/home/ols.shtmlTrend Micro Housecall http://housecall.trendmicro.com/ (this one didn't work for some reason, wouldn't load)3) I then used MalwareBytes' Anti-Malware (http://www.malwarebytes.org/mbam.php) to scan and removed a few things.4) This computer previously had an outdated version of AVG that I replaced with Avira AntiVir.5) I tried installing Zone Alarm firewall but the installation would stall at 97% and then upon computer restarting the computer would simply hang after signing in with nothing but the mouse cursor and wallpaper visible. Only after going into Safe Mode and uninstalling the failed Zone Alarm installation would the computer be able to get to the desktop again. I instead installed Comodo firewall.I'm not sure when it started but when I was going through the above steps another symptom showed up. When clicking on Google search results I would be redirected to ads. When hovering the mouse over these links and looking for the url in the bottom of Firefox it instea... Read more

A:Just cleared a ton of trojans, am I clean?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the ... Read more

Read other 2 answers
RELEVANCY SCORE 37.6

Hey everyone,I had the following infections removed via Kaspersky and I'm trying to determine if there is still a trojan or otherwise harmful virus living on my computer. I have to pay bills today and I'm nervous! I have attached a hijack this log at the bottom. Thanks in advance for the help!BMP.8BIAdobe Photoshop BMP.8BI Bitmap File Handling Buffer Overflow (http://www.viruslist.com/en/advisories/25023)Flash9e.ocxAdobe Flash Player Multiple Vulnerabilities(http://www.viruslist.com/en/advisories/28083)java.exeSun Java JDK / JRE Multiple Vulnerabilities(http://www.viruslist.com/en/advisories/31010)procexp.exeProcess Explorer "CompanyName" Buffer Overflow(http://www.viruslist.com/en/advisories/16525)mia.lib7-zip Unspecified Vulnerability(http://www.viruslist.com/en/advisories/29434)WINZIP32.exeWinzip Unspecified Multiple Buffer Overflow Vulnerabilities(http://www.viruslist.com/en/advisories/12430)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:03:03 PM, on 11/5/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32... Read more

A:Several viruses cleared - any remaining?

Hi,I had the following infections removed via Kaspersky and I'm trying to determine if there is still a trojan or otherwise harmful virus living on my computer. I have to pay bills today and I'm nervous! I have attached a hijack this log at the bottom. Thanks in advance for the help!BMP.8BIAdobe Photoshop BMP.8BI Bitmap File Handling Buffer Overflow (http://www.viruslist.com/en/advisories/25023)Flash9e.ocxAdobe Flash Player Multiple Vulnerabilities(http://www.viruslist.com/en/advisories/28083)java.exeSun Java JDK / JRE Multiple Vulnerabilities(http://www.viruslist.com/en/advisories/31010)procexp.exeProcess Explorer "CompanyName" Buffer Overflow(http://www.viruslist.com/en/advisories/16525)mia.lib7-zip Unspecified Vulnerability(http://www.viruslist.com/en/advisories/29434)WINZIP32.exeWinzip Unspecified Multiple Buffer Overflow Vulnerabilities(http://www.viruslist.com/en/advisories/12430)Not sure what you have removed, because what Kaspersky displayed here are notifications of programs you have installed that needs to be updated since they contain security leaks. These alerts doesn't mean that they are infected.So, the programs you have to update are 7-zip, Process Explorer, Sun Java, Adobe Flash Player and Adobe Photoshop.Or, you can run the Secunia Software Inspector Scan to find out what programs need to be updated. You'll also get links where you can download the latest versions.Extra note... I notice from your log that there's more than 1 Antivirus instal... Read more

Read other 4 answers
RELEVANCY SCORE 37.6

About a week ago, my laptop (Lenovo Thinkpad) was infected by spyware (the PC Defender thing) and then various viruses (Win32 virus?). I tried to follow various instructions on how to get rid of these things, but was not able to for good.

Finally, I used the Thinkpad's ThinkVantage to reinstall the operating system and restore the laptop to factory settings. I then installed AVG Anti-Virus and Malwarebytes and ran scans, and my computer comes out clean and it has been running well with no trace of the viruses.

Does this mean I am in the clear, or could the viruses be lurking in my hard drive somewhere and is there more I need to do?

A:Is my laptop cleared of viruses now?

Hi -

If you restored to factory condition and all your scans are coming up clean, you should be fine.

That said, to be able to say with more certainty, I'd need logs from our analysis tools.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 2 answers
RELEVANCY SCORE 37.6

Hi.
Scenario:
Recently I was asked to help a friend clean a virus from his PC(Security Tool). He was using Avast Free & Windows Defender. I installed Logmein on it the last time he had a problem so I could try to fix it remotely.
After logging onto his PC I saw I couldn't help. Everything was disabled as usual. He is not computer literate so I couldn't talk him through a Safe Start to possibly get control back. I told him I will need the PC to scan the HD with my PC's virus scanner(Kaspersky). Question 1 for TSF, what are your thoughts on removing a HD & using another PC to clean it? I have done this in the past with moderate success. My success on other PCs, I reinstalled the HD, now I have control & rescan with Malwarebytes which removes more infections. I also run Avast Free & it comes up clean.
On this PC while trying to enter Safe Mode I found it would not work so I went into the BIOS & found that the time & date were wrong. He had always had an issue with the time & I researched that the battery probably needed to be replaced. I reset the time & date, rebooted & when WindowsXP Home started there were no signs of a virus.
I immediately started scanning with Malwarebytes & when finished it found 3 infections: Security Tool & 2 rootkits. They were deleted & everything is fine now. I replaced the battery & it is up to date. Question 2: Could the fact that the BIOS was out of date cause the virus not to ac... Read more

Read other answers
RELEVANCY SCORE 37.6

I picked up another lovely variant of that damn Ukash virus that's all the rage recently and rebooted my computer to safe mode with networking and ran Malwarebytes AM and ESET's scanner to clean it up (logs to follow in the post) but I'm not entirely sure I'm clean. Microsoft security essentials won't turn on (it claims not to exist as an installed service, despite being in the control panel in Installed programs) and every so often a tab to some unsafe site or another will open in firefox without my input.

Since these things seem pretty hinky, I think I'm still infected with something, can anyone offer me some help in finishing clean up?

Malwarebytes log (I asked it to remove all detected items)

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.30.06

Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.7601.17514
Lauren :: LAUREN-PC [administrator]

31/08/2012 00:05:11
mbam-log-2012-08-31 (00-05-11).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 342673
Time elapsed: 39 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Windo... Read more

A:Cleared a virus off my Computer...don't think it's entirely gone?

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

Read other 9 answers
RELEVANCY SCORE 37.6

A warm reboot restarts a computer without loss of power to the motherboard. If it's a forced reboot (not sure this is the right way to call it), that is: a reboot produced by a kernel panic, BSOD or by pressing the reset button, what happens to memory?.

During a warm reboot (for example the reboot produced by a BSD, kernel panic or pressing the reset button): is the RAM emptied then refilled again?. I say because, since the motherboard isn't powered off in any moment, does the RAM keep data?. I heard that sometimes it's necessary to actually do a cold reboot to clear memory after a warm boot.
 

A:Is RAM cleared after a warm reboot?

BOOT never clears ram - - while hibernate and shutdown can be so configured.
This is a security exposure if/only if the intruder has physical access to the machine, strips the chips from the box and proceeds to examine the content.

Consider what you know of the difference between HD Quick Format and a Low Level format.

Quick format only writes the free and allocated lists and gives up, assuming the actual sectors are present from the initial Low Level
A Low Level fmt, writes every block in the partition with a sector number, rereads it to verify and if bad, places that sector on the bad list.
Boot does as little memory management as possible - - akin to the hd quick fmt.

Your concern that leftover information in memory contaminates the boot process implies that memory IS being read without ever being written first - - Not during boot!

Just to complete this saga, there is a software bug known as Use After Free, where

a program allocates a block of memory for dynamic use,

saves the pointer to it,
uses it for awhile, usuallin in subroutines

and then gives it back but,
forgets to zero the pointer to it, and being non-zero,then attempts to reuse that same block again. Frequently that block is in-use elsewhere.

Use After Free is nasty to find and the consequences are indeterminable - - corruption of data and/or program failure are typical.
 

Read other 1 answers
RELEVANCY SCORE 37.6

I started seeing raunchy ads on a site I knew would not use them. I complained to the web operator, and they suggested I had a trojan horse, and suggested AdAware to clear them. I downloaded and ran AdAware, which identified three trojan horses. I quarantined them and deleted them.

However, now I'm getting strange things -- my "C" drive in My Computer is inaccessable -- the error message says "RECYCLER\S-8-5-63-100025149-100030188-100025449-9422.com" isn't accessable when you double click on the C drive. I don't use a screen saver, preferring instead to set the power control to blank the screen after about five minutes. This no longer works. None of my programs will update themselves, returning a message saying that connection to the server is not available. Even my UPS connection to the PC isn't recognized.

I'm using Firefox as a browser. I've run several AVG and AdAware scans, as well as Norton Anti-virus, CCleaner and The Ultimate Troubleshooter. Other than some medium-risk cookies, they find nothing amiss.

Here is a Hijack this log:
Logfile of HijackThis v1.99.1
Scan saved at 1:04:45 AM, on 2/24/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lava... Read more

Read other answers
RELEVANCY SCORE 37.6

for some inexplicable reason..my cpu usage spiked and stayed consistently at 25% tonight.. I identified the offending process as 'system' under windows processes and ran a malware scan and virus scan..clean across the board. I'm rather confused..as all I have open is vlc media player, skype, yahoo and chrome, not really doing anything that could be remotely considered cpu intensive. did one reboot that made it go away and then scanned my system...clean as stated above.

what I was doing at the time was chatting with a friend(on skype) and listening to transformers revenge of the fallen(score), and I had just unpaused the music..wasnt expecting the audio to stutter, which is when I pulled task manager up and noted the unusual cpu usage.

not really sure where to put this..so its under general.

Read other answers
RELEVANCY SCORE 37.6

Hi, all day today in Google Chrome (not firefox) whenever I tried to search for a youtube video I would get a blank search result page (litterly nothing there) but when I cleared my 1 day old history/cache/cookies it magically displayed the results? Odd...

A:How come when I cleared Chrome's history...

Corrupted cache and or cookie, possibly. It's happened to me more than once. In all my browsers at one time or another. If it becomes a chronic and or multiple site issue then you might want to look into it. But the random single site issue. I wouldn't be that concerned.

Read other 2 answers
RELEVANCY SCORE 37.6

Hello everyone!
so i am having a problem.
whenever i download anything, and i do mean ANYTHING, it saves to my downloads folder then gets deleted from my computer (not even moved to recycle bin, and my delete properties are set to move to recycle bin) after it gets scanned for viruses.
even pictures that are saved off of websites get deleted
does anyone know how to fix this?
I can download an fixes/software to fix this so I'm stuck.
please help me!
thanks a lot in advanced.

A:Downloads Cleared Instantly

Welcome
Sounds like malware trying to protect itself. Update your anti virus and make a full scan.
Then, I would suggest downloading Malwarebytes and making a full scan, but I know that you cant do that.
Try to install, its not a download, eset online anti virus.
Free Online Virus Scanner | ESET
Then make a full scan.

Read other 4 answers