Over 1 million tech questions and answers.

bad image files after scan with a super anti scan

Q: bad image files after scan with a super anti scan

Ok after I scanned with super antispy software and removed everything, I started getting bad image file errors with .dlls popping on anything opened and on startup. I cant get DDS to run it just pops up a command prompt and never does anything. So I will attach the gmer txt and post my HJT log here.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 951 PM, on 12/3/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\kegan boyd\Desktop\hjt\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.soundblaster.com/MBupgrad...33F340&lg=1033
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {2663DE84-4320-4772-9A2D-DC6FFCCCDC4B} - (no file)
O2 - BHO: (no name) - {4247E69A-0660-47AD-A1E5-3EE5ACB5C116} - (no file)
O2 - BHO: (no name) - {52A194AA-B986-4087-9931-B2E22622687D} - (no file)
O2 - BHO: (no name) - {56528C79-306F-4C3C-98B6-AE69786D571D} - (no file)
O2 - BHO: (no name) - {67438AC2-D04B-4926-A9B1-ED06D876B82F} - (no file)
O2 - BHO: (no name) - {939CE1E2-1B91-4524-9CAE-FE780A6D999A} - (no file)
O2 - BHO: (no name) - {A63E645F-13BD-45ED-B15F-6E8C1BD57279} - (no file)
O2 - BHO: (no name) - {AD7EA94B-C73E-4C92-A3EB-D7DFA171CD1A} - (no file)
O2 - BHO: (no name) - {AE986407-F70C-4991-BC17-A93526D3C5FC} - (no file)
O2 - BHO: (no name) - {F0866023-5A09-46D5-B093-96783DD9C6A1} - (no file)
O2 - BHO: (no name) - {f88a9f83-aa2c-4278-bbb0-2bc1d3f6b118} - C:\WINDOWS\system32\hofalobu.dll
O2 - BHO: (no name) - {FAFEDC30-A7F7-4DA2-AAA4-FB44C3E93A61} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [yarorunayu] Rundll32.exe "C:\WINDOWS\system32\dojevele.dll",s
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [SpybotDeletingD8004] cmd /c del "C:\WINDOWS\system32\rqRJBsRL.dll_old"
O4 - HKUS\S-1-5-19\..\Run: [yarorunayu] Rundll32.exe "C:\WINDOWS\system32\tebudati.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [yarorunayu] Rundll32.exe "C:\WINDOWS\system32\tebudati.dll",s (User 'NETWORK SERVICE')
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: 3Com HomeConnect ADSL Modem Quick View.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/Driver...sysreqlab3.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/actives.../as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {483EB14D-AF1C-4951-81B0-4E2B41829FF6} (QOLCheck Control) - https://www.select2perform.com/cabs/QOLCheck.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/re...s/MSNPUpld.cab
O16 - DPF: {5A9D4578-6649-4692-921B-ACA9ADAB007C} - http://evideo.ufc.com/ufc/cabfiles/UFC_3_6_0_6.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1228263561390
O16 - DPF: {CE7D2BF2-D173-4CE2-9DAF-15EA153B5B43} - http://evideo.ufc.com/ufc/cabfiles/E..._15_Silent.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab
O20 - AppInit_DLLs: karna.dat waurlf.dll efaivg.dll zujjku.dll qtvhtw.dll gzqbby.dll buuwng.dll jbnxco.dll moitrx.dll lxywup.dll gwijed.dll vcjmme.dll acrcde.dll c:\windows\system32\zovudala.dll C:\WINDOWS\system32\pabewisa.dll c:\windows\system32\zosumehu.dll c:\windows\system32\loriwiyu.dll c:\windows\system32\tomipojo.dll c:\windows\system32\dufogawi.dll
O20 - Winlogon Notify: bYOEttss - C:\WINDOWS\
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - C:\WINDOWS\SYSTEM32\DUFOGAWI.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Intel? Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Unknown owner - C:\Program Files\Kontiki\KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: lxbs_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbscoms.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 10487 bytes

RELEVANCY SCORE 200
Preferred Solution: bad image files after scan with a super anti scan

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: bad image files after scan with a super anti scan

bump please.

Read other 4 answers
RELEVANCY SCORE 94

In the past day, my computer has been very tempermental. I am running Vista Home Premium and have been for about 2 months without any issues. I run Avira Antivir and Kaspersky Internet Security in the background. I ran a full Kaspersky scan and have no issues. Antivir has not found anything either, except for HP false positives. When I run Ad-Aware and Spybot scans, nothing shows up. I also ran CCleaner to scrub temp files and registry. Also, a quick scan with MBAM was clean.

But when I try to run a full scan in MBAM or SuperAntiSpyware, the computer hangs. This usually happens when the screen saver kicks in. So I disabled the screen saver, but it still happens. I cannot access anything at that point and have to power off from the power supply (ctl alt delete won't work).

Does anyone have any thoughts?

A:Computer Freezes When Running Full MBAM Scan or Super AntiSpyware Scan

Try disabling your anti-virus for the scans
Just remember to turn it back on
Also disable Spybot's Teatimer function if you use it

Read other 7 answers
RELEVANCY SCORE 82.4

After running XPVet (by Computer Associates) I am told there are no virus files detected BUT there are 50 files not scanned or incompletely scanned. Why is that? What if these are problem files? How can i be sure my PC is virus free?

I have pasted a copy of the latest log file, can anyone please tell me if these files are 'safe'?
Thank You

Mary
Vet Anti-Virus Version 10.63.0.1
Started scanning: 9:35:56 AM, 19/10/2004
Dat file v8661

Scanning boot sectors...
C:\ Master Boot Record matches template, is OK: standard Win2000 (1).
C:\ Partition Boot Record matches template, is OK: standard Win2000 (2).

Scanning file(s)...
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp - error in scanning - scan abandoned.
C:\Documents and Settings\Jass\Local Settings\Temporary Internet Files\Content.IE5\M1IDW5G5\image005[1].wmz - scan incomplete.
C:\Documents and Settings\Kids\My Documents\My Pictures\New Folder\Scrap (2).shs - unable to open file - not scanned.
C:\Documents and Settings\Kids\My Documents\My Pictures\New Folder\Scrap.shs - unable to open file - not scanned.
C:\Documents and Settings\Kids\My Documents\My Pictures\Scrap.shs - unable to open file - not scanned.
C:\Documents and Settings\LocalService\Cookies\index.dat - unable to open file - not scanned.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - unable to open file - not scanned.
C:\Documents and Settings\LocalService\Loc... Read more

A:What about files that anti virus software doesn't scan?

Try booting to safe mode and then re-running your full system scan - sometimes an anti-virus program cannot access files in normal mode as they are in use and access to them is protected by Windows, as I understand it.

In safe mode, only the minimum set of system files are launched so some that cannot be accessed in normal mode may be now able to scanned.

Some of the files that you list below may just be temporary files created by Windows and Internet Explorer that can safely be deleted - there are various cleanup programs that can do this for you, but it's always safe to use the built-in tools in Windows to do this. For instance, if you open Internet Explorer, then select Tools > Options > General, you can click on the "Delete Cookies," "Delete Temporary Files," and "Clear History" tabs and this will clear out a lot of stuff. Also you can use the Start > Programs > Accessories > System Tools > Disk Cleanup tool to clear out more stuff safely.

Also, as I understand it, even if a file cannot be scanned when you initiate a user virus scan (also known as an "on-demand scan") - there is usually another line of defence built into anti-virus programs called the "memory-resident scanner" - this normally automatically monitors any applications running in memory (i.e. active applications) and detects if any known viral processes are trying to run. If detected these are shut down and you will usually see an al... Read more

Read other 1 answers
RELEVANCY SCORE 82

I have been having an issue with Symantec Leaving my logs full with scan Omissions 99% of which are compressed. After doing considerable research I find symantec gives a nice list of possabilities and things to look into. Personally none of these fixed my issue, but it may yours. If Anyone has any Ideas to add to Symantec's offical list of reasons for scan omissions please do.---------------------------------------------The following is From Symantec @ http://service1.symantec.com/SUPPORT/ent-s...002073015235648Event ID 6Solution:This event is typically encountered when any of the following occurs: You scan a compressed file that contains a password-protected file. The decomposer engine cannot provide the password required to gain access to the file, so it will be omitted during a scan. You scan files that have been locked for access by the operating system and access cannot be released to the scanner because the file is in use. You scan files that are recursively compressed to a depth that is more than the scan engine is set to scan. By default, the scan engine is set to scan a maximum depth of three levels (for example, a zip file contained within a zip file contained within another zip file). You scan files with LH7 compression, which is not a supported format. These compressed files commonly have an .lzh extension, and they are omitted by the scan. You scan files that are in use by another user. This is most commonly seen when you scan user directories and shared folders... Read more

Read other answers
RELEVANCY SCORE 81.6

OK so there already seems to be athread about the same problem I am having but i tried the solution and it said that the file could not be found here is a link to said thread, http://forums.techguy.org/virus-other-malware-removal/941616-trojan-removal.html, and here is the OTS scan info
I did the paste fix here and it didnt work any help would be appreciated.
 

A:Malwarebytes anti malware couldnt find anything here is the OTS scan Files

bump
 

Read other 3 answers
RELEVANCY SCORE 81.2

Greetings,

My McAfee Real-Time Scan will not remain enabled. When I try to run either Quick Scan or Full Scan, an error message comes up, telling me to return to the McAfee Internet Security Home and to try to run the scan again.

I have followed their instructions for re-enabling the Real-Time Scan to the best of my abilities, by trying to restart the McShield Service, and by running the oas-disabled-fix.cmd utility that they instructed me to download. The oas-disabled-fix.cmd utility will not run.

I have contacted McAfee and they have told me that it is a problem with Windows Update. I have contacted Microsoft and told them that as well, but they seem to be trying to rule out any other possible cause, than what McAfee says is the actual cause of the problem, thereby dragging this out even longer.

Microsoft is supposed to be getting back to me again tomorrow, but any other help would be appreciated.

Thank you for your time.

Read other answers
RELEVANCY SCORE 80.8

So I ran avast and it found a virus in the windows files and I deleted it so I ran sfc /scannow and this is what I'm missing sfcdetails.txt I don't know how to replace them yet or where to find them. I have Windows 7 Professional 64bit and I can't find the disc at the moment. I'd really appreciate any and all help because I do NOT want a clean install, thank you for even taking your time to read this.

Read other answers
RELEVANCY SCORE 79.2

Hello, first thing, I am extremely new to this. This is my first time consulting personal online help.

I was hit by a string of fake security/anti-virus scams, or "scareware". Among them were "Desktop Security 2010" and "Program Compability Assistant". There was one more before Desktop Security 2010, but I forget the name and can't find it in my search history either, but I believe Malwarebytes took care of that and Desktop Security 2010.
Program Compability Assistant on the other hand, is still around, but not to a full extent which I will explain later. This thing disallows me to open any video files, claiming that I'm missing codecs and directs me to a presumed fake scam website.
Program Compability Assistant, note the spelling error, I discovered to be a recently new scareware as my searches for it on google kept insisting I had a spelling error of the legit program Program Compatibility Assistant and the ppl experiencing the same thing all posted about it in May. I've been continuously updating Malwarebytes, hoping to take care of it, but to no avail.
I then foolishly followed a guide for another person dealing w/ Program Compability Assistant (I regret this so much. I was unaware of the dangers of following someone else's problems and guides as outlined in this forum). hxxp://www.nucia.eu/forum/showthread.php?t=57431
I translated it and followed it and now, although I do not get a pop-up of Program Compability Assistant, there are st... Read more

A:Fake Anti-Viruses -> Can't Open Video Files (comp restarts during GMER scan)

Howdy there and welcome to TSF Forums

I'm Steve and I will be helping you throughout this fix.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. It is IMPORTANT that you don't miss a step. Please perform everything in the correct order/sequence.

Vista users please make sure you all run commands with administrator rights (right click icon - run as administrator)

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription

Please note that the forum is very busy and if I don't hear from you within three days from this initial posting then the thread will be closed.

Download this version of GMER Rootkit Scanner from here to your desktop. It will be a randomly named executable.
Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed.
Do not use your computer for anything else during the scan.
Double click the exe file.
The program will begin to run, and perform an initial scan. If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click No.

In any case, after the initial scan is complete, click on the Save button, and save the ... Read more

Read other 19 answers
RELEVANCY SCORE 78.4

Almost every time I do quick scan and got nothing and I think it is good. However, I just read online, it says that when quick scan does not find anything then you do deep scan. It confuses me, since it means I should do deep scan all the time. ?
 

A:quick scan vs deep scan/full scan ( antivirus )

the 1000$ question is
which anti-virus
ON windows defender and malwarebytes and many others only a quick scan is necessary
The converse of what you have read is usually the case eg. You do a quick scan and only if that finds something should you then need to follow it with a full scan
For instance a threat scan on Malwarebytes paid for edition or the scan on the free version will scan up to 99% of the system
A full scan also scans the system restore points and other unusual places to detect, or at least try to detect, all possible traces of infection.
As I said it depends on the AV and to some extent the OS which I presume is not Windows 2000 as indeed commented on by my colleague Cookiegal in another of your topics
Also, it appears you're running Windows 7 and if you don't still have your Windows 2000 computer you should visit your profile and change that information so that it's current which makes it easier to help you in some casesClick to expand...
 

Read other 13 answers
RELEVANCY SCORE 76.8

Good afternoon,

I have been experencing really low internet speeds on my computer. I have ran many tools such as HiJack this, ComboFix, AVG (Including rootkit) and Malwarebytes. Several of these tools found things here and there which seemed to have been removed.

I have set my computer up to dual boot WIN XP/WIN 7. I only experience the low speeds while using Win 7 which seems to make me thing that something is taking the majority of my bandwidth usage.

Could any take a look at my logs and see if there is anything going on before I decide to reinstall the os.

P.S I have also included my HijackThis log file.

Thanks in advance!

A:DDS scan and GMER scan log files.

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===This process looks suspicious.C:\Users\James\Desktop\Security Tools\mb9soxkz.exeDo you know what it is?Did you installed this driver or do you know which application needs it.R1 enport;enport;c:\windows\system32\drivers\enport.sysIt may be valid but I cannot find sufficient information on it.===Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofixLink 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopIMPORTANT....1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Do not install any other programs until this if fixed.How to : Disable Anti-virus and Firewall...http://www.bleepingcomputer.com/forums/topic114351.htmlDouble click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt Note:Do not mouse click ComboFix's window while it's running. That may cause it to stallNote: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleeping... Read more

Read other 2 answers
RELEVANCY SCORE 75.6

i tried to do the on-line Panda scan a few times, once my dial-up connection disconnected it, and i couldnt get it back, and I tried it 2 more times and it stalled about 3/4 of the way thru, even tho i was still connected. When i do Spybot S&D scan it stalls midway too, several times, i have to keep moving my mouse around for a while to get it to start again. Why do u think this keeps happening on my computer?( Virus scan was negative, and i deleted some adware with a scan i did a day before.) I know the Panda scan used Actixe X which i had to download to do the scan. Should i delete it now? What would it look like and where would it be on the computer.?
I have an old Dell OptiPlex GX1 Pentium 2 with 350 MHZ, with 256 RAM and WIN ME O.S. with 10 G. storage with a slow dial-up connection. Thank in advance. ZUZU2
 

A:Panda scan and Spybot-S&D scan stalls mid-scan

This is my HJT log after running (sluggishly) Sbybot-S&D and finding no problem:
Logfile of HijackThis v1.99.1
Scan saved at 9:56:31 PM, on 2/2/2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCTSKSHD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\DOWNLOAD\CONKEEPM.EXE
C:\PROGRAM FILES\NETSCAPE INTERNET SERVICE\DIALER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\NETSCAPE INTERNET SERVICE\NETSCAPE WEB ACCELERATOR\NSACCEL.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\NETSCAPE INTERNET SERVICE\CSS.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: I... Read more

Read other 1 answers
RELEVANCY SCORE 75.6

Below are Bazooka scanner, dds and gmer scan results. Exe files are not working properly. Any executable I open immediately asks for a file to open the program. I can run some programs by browsing for the executable again but does not work for everything. Some programs won't work or install. here is my latest scan results using bazooka / dds / and gmer.BAZOOKA SCAN--------------------------------------------------------------------------------------------------------------------------------********************************************************************************************************************************************Result when scanning:SystemDir.explorer 545.505.000 %SystemDir%\explorer.exeC:\Windows\system32\\explorer.exehttp://www.kephyr.com/spywarescanner/library/systemdir.explorer/index.phtmlSystemDir.regedit 544.500.000 %SystemDir%\regedit.exeC:\Windows\system32\\regedit.exehttp://www.kephyr.com/spywarescanner/library/systemdir.regedit/index.phtml********************************************************************************************************************************************DDS SCAN------------------------------------------------------------------------------------------------------------------------------------********************************************************************************************************************************************.DDS (Ver_2011-06-23.01) - NTFSAMD64 Internet Ex... Read more

A:Virus - Bazooka Scan / DDS scan / GMER scan - %#^#%^#

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this post fresh dds logs, please.

Read other 2 answers
RELEVANCY SCORE 74.8

I did a factory reset and put boot settings back to default after I corrupted my windows 10 by shutting down before it updated.  Tried USB ms tool for W10 reload, but didn't work.  Computer running ok, but just wanted to make sure all was ok and opened solutions center for a scan.  ...quick random pattern test has been stuck at 1% waaaay too long and a box comes up saying "this operation is taking longer then expected"...abort or keep waiting.   Computer came with W8 and I upgraded to 10 about 3 years ago..I assume reset put back W8 (?)....greatly appreciate any help!!!!!! Thanks!!!

Read other answers
RELEVANCY SCORE 74.4

Running Windows XP, Home Edition, Version 2002, Service Pack 3, MSI Motherboard, 512MB Ram, Pentium 4 - 2.4GHz CPU.I used to have Spybot, but after some point whenever I tried to run it the computer would reset. Now, I've gotten a few messages from Windows Defender that there is a trojan on the computer. I can run a quick scan and remove what shows up, but when I try to run a full scan, the computer resets. I try to scan the computer with McAfee anti-virus, I can run a quick scan no problems, but when I try to run a full scan, the computer resets. I know there is at least 1 trojan/virus, but any program I try to run to get rid of the problem makes the computer reset. The latest software I installed is a-squared, and I can do a quick scan and find/fix a few problems, but when I do a full scan (in safe mode as administrator) a message pops up saying that the computer is going to shut down, NT AUTHORITY/SYSTEM.Please help before I tear out what's left of my hair.Pasted and attached.DDS.txt============DDS (Ver_09-01-07.01) - NTFSx86 NETWORK Run by Administrator at 22:34:33.51 on Fri 01/16/2009Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.175 [GMT -5:00]============== Running Processes ===============C:\WINXP\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINXP\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:�... Read more

A:Multiple Trojans, PC resets when full-scan anti-virus or anti-malware is run

Hello AdamLinn13Welcome to Bleeping Computer. =====================Please re-open Hijackthis and click on "Do a system scan only"Then place a check mark next to these entries below:R3 - Default URLSearchHook is missingO2 - BHO: CMVideoPlugin - {08DEA348-F510-45FD-A6EC-CF3BE0917C5E} - C:\WINXP\system32\CMVideo.dllO2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dllO4 - HKLM\..\Run: [Framework Windows] frmwrk32.exeO4 - HKLM\..\Run: [Rrokuwip] rundll32.exe "C:\WINXP\Gxizahopira.dll",eO4 - HKLM\..\Run: [Ngewok] rundll32.exe "C:\WINXP\exufijocifalut.dll",eO18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dllNow click on Fix Checked and then close Hijackthis.====================================================Download ComboFix from one of these locations:Link 1Link 2Link 3* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

Double click on ComboFix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine be... Read more

Read other 90 answers
RELEVANCY SCORE 71.6

Hello and hopefully someone can help. I have spent some time searching and cant find the answer.
 
I ran AVG and scanned whole system. 4 Trojan Horses were found.
1 was a false positive
1 was secured
and 2 said take action, couldnt remove(something like that)(still have report result)
 
Now I update avg, rescan whole computer 2 times and nothing is found.
I scaned each file seperatly and it said pass.
 
Where the other 2 trojans removed or not being detected now?
They were called Trojan Horse Generic32.EGL
 
Please help me understand the result and what to do
 
these were the two results in question

"";"Trojan horse Generic32.EGL, C:\Windows\Installer\7883.msi";"Infected"
"";"Trojan horse Generic32.EGL, C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}\HP Support Assistant.msi";"Infected"

A:AVG Scan found Trojan first scan, second scan none

I just addressed the very same issue on another board.
Definitely false positives as it happens with AVG too often.

Read other 1 answers
RELEVANCY SCORE 69.2

Hello All,

I have been working really hard on removing a virus that is on a computer. I believe that it is called Anti-Virus scan or scanner. I have found numerous articles on the internet on how to get rid of it but I am unsucessful.

Here are some things that I have already tried.
1) I downloaded Rkill and ran that both in safe mode and normal
2) Downloaded Malwarebytes and ran it in both modes
3) Updated Malwarebytes
4) Ran Mrt.exe with no luck

Okay here is what is going on. These different tools work well however whenever the computer is rebooted, the virus seems to load back on. I believe that it somehow found out that the computer was not fully updated which made it really easy to attack. When reading about different causes, appartently there was a virus that was unleashed that attacked many computers that were not up to date. Now when I try to update windows, it displays page not found, meaning that it won't allow me to view the page.
I am not sure if this information will be of use to you however if you would like Hijackthis or any other things that will at least give me an understanding on what infact this virus is, please let me know.
Cathy, I need a little help =)

Thanks for reading this and any assistance would be greatly appreicated,

Paul Lintner

A:Anti Virus Scan

Hi and welcome to BleepingComputer. I'll be helping you to clean the PC up. As a first step I'll need to know whether the PC is still connected to other infected PCs or if it has been isolated. If the PC has not been isolated yet, could you please do that now and let me know if the infection still returns on startup?Next, please tell me if this is the guide you have been following: remove antivirus scan. Did you follow the steps 4-7? If not please do so now and flush the DNS cache. Does that get you online?Can you please clarify what MRT.exe is.regards myrti

Read other 16 answers
RELEVANCY SCORE 69.2

I did a full scan using Anti-Malware by Malwarebytes. The results showed 75 Entries that were marked as PUP. What should I do with them? I'm reluctant to delete them until I know what they are.

A:What to do with PUP's after Anti-malware scan

  
Quote: Originally Posted by blockie


I did a full scan using Anti-Malware by Malwarebytes. The results showed 75 Entries that were marked as PUP. What should I do with them? I'm reluctant to delete them until I know what they are.


Hello Blockie,

PUP detection are Potentially Unwanted Programs , don't be reluctant to delete them because these entries aren't safe.

Read other 6 answers
RELEVANCY SCORE 68.8

no scan options-you need to install hp software for features-hp officejet 6110xi; dell e6500 laptop; O.S=windows 7 pro 64 bit. hp support directs me to use windows 7 drivers and then i still get this error; there no viruses/malware ect on the computer. how may i obtain the software/driver needed to resolve this problem. thank-you
does anyone have the cd-rom with the firmware and drivers for the hp officejet 6110 all-in one printer?
 

A:hp officejet 6110 no scan options after engaging start scan button on printer

Have you tried scanning the way HP has recommended: http://h10025.www1.hp.com/ewfrf/wc/...=en&lc=en&os=4063&product=79477&sw_lang=#N385

Expand the "How do I scan, fax, print, or use a memory card?" section, then expand the "How do I scan with an in-OS driver?" to see the HP recommended way to scan.
 

Read other 1 answers
RELEVANCY SCORE 68.8

I'm fixing my aunt's computer and I just find this out that formatting the partition isn't going to work out due to the fact that that they unfortunately lost all recovery cd's.... I do not wanna go through the trouble of special ordering them so I was wondering if anyone could help. So the problems with the computer are these: McAfee virus scan and all options are disabled, when I tried running Malwarebyte's it said that I have no permission and to contact the administrator, and when I try uninstalling something, it just says "cannot run plug in. please try again later" I'm starting to get frustarted because i scanned the HDD through another computer and it deleted all visible trojans and what now but it still has the same problems. Someone help!

A:All Permissions Blocked! Virus scan, System restore, malware scan, all are off!

please bump

Read other 19 answers
RELEVANCY SCORE 68.8

My computer was infected by SpywareQuake awhile ago, i followed the instruction step by step and the SpyQuake was removed, it was gone. And now it appears again in my active scan again (but i dont see any windows pop up in the bottom right of the screen saying that "my computer is seriously infected" like before). So im just wondering that there are something that i missed or my computer is infecting again. I greatly appreciate you guys can help me out, thank you so very much
Here is my Activescan log:

Incident Status Location

Potentially unwanted tool:Application/SpywareQuake Not disinfected C:\Documents and Settings\DJ Empty\Local Settings\Application Data\Mozilla\Firefox\Profiles\m60uft4t.default\Cache\551FE075d01
Adware:Adware/DollarRevenue Not disinfected C:\Documents and Settings\DJ Empty\Local Settings\Temporary Internet Files\Content.IE5\L1IC6IGI\drsmartload[1].exe
Adware:Adware/BrowserAid Not disinfected E:\RECYCLER\S-1-5-21-1644491937-1972579041-839522115-1003\De27\Temp\_ps_inst_exe.vir[rundll16.exe]
Adware:Adware/BrowserAid Not disinfected E:\RECYCLER\S-1-5-21-1644491937-1972579041-839522115-1003\De27\Temp\_ps_inst_exe.vir[rundll16.dll]


And Hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 6:44:24 AM, on 4/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\s... Read more

A:Scan found Spyware Quake in my system! (HJT and Active scan included)

Read other 16 answers
RELEVANCY SCORE 68.8

Receive bad pool caller when attempting to run registry scan and norton full/quick scan.

Latest dump error:

0x000000c2 (0x00000040, 0x00000000, 0x80000000, 0x00000000)
Thought it might have been problem with linksys software - pc locked up on a linksysfile. Removed/unistalled product; rebooted machine. Attempted Norton full scan - still received 0c2 abend. Approximately 5900 files are successfully scanned before it tanks.

Machine: Gateway GT5228
OS: Windows XP SP3

Any help would be greatly appreciated.

If you need additional information, let me know.

Best Regards
 

A:bad pool caller during registry scan and norton full/quick scan

Leafs22 said:


Receive bad pool caller when attempting to run registry scan and norton full/quick scan.

Latest dump error:

0x000000c2 (0x00000040, 0x00000000, 0x80000000, 0x00000000)
Thought it might have been problem with linksys software - pc locked up on a linksysfile. Removed/unistalled product; rebooted machine. Attempted Norton full scan - still received 0c2 abend. Approximately 5900 files are successfully scanned before it tanks.

Machine: Gateway GT5228
OS: Windows XP SP3

Any help would be greatly appreciated.

If you need additional information, let me know.

Best RegardsClick to expand...

Hi Leafs22,

This is Mike from the Norton Authorized Support Team.

Which Norton product and version do you currently have installed?

It sounds like there is a problem with the drivers on your system. Please follow the steps below to properly remove Norton. After you remove Norton, update all of the drivers on your system and then install the latest version of the Norton product for which you have a valid license.

1. Click on the following link to download the Norton Removal Tool:

Norton Removal Tool and Instructions

2. After you run the tool, please restart your computer. Log into Windows again and run the removal tool again. Restart your computer after it is finished running the second time as well.

3. Update all of the drivers on your system.

4. Click on the link below and then select the "Download" button under the Norton product that you own. This ... Read more

Read other 1 answers
RELEVANCY SCORE 68.4

Just thought I would share this bit of info.. I have run my first scan with Microsoft's new Beta. Um.. I am a bit stunned to see what it found. the list goes like this..1. Incredifind ~ classified as adware and I will remove that one. Rated High.2. KaZZa (ad-ware bundler). I would remove this too. Rated Moderate3. Ok.. this one is a complete surprise.. VX2 transponder(browser plug-in). Rated Severe. 4. iLookup(browser hijacker) rated Severe5. NewDotNet (browser plug-in) Rates high6. PowerReg Scheduler(spyware) rated moderate.. I think this one has some legitimate programs running in it. It lists HjT and something on my son's desktop.7. Ezula.TopText(adware) Rated High8.WhenU.SaveNow(adware) Rated High9. AltNet P2P Networking(adware) Rated Elevated10. FunWebProducts... yeah it's a blast.. (adware) Rated Elevated11. CoolWebSearch.StartPage(browser Hijacker)Rated severe of course.. this is located in IE of course. 12. SeachSquire(adware) rated elevated13. MywaySearchBar(browser plug-in) adware rated moderate14. IST SlotchBar (toolbar) Rated High15. ActualNames (browser hijacker) rated elevated.How did all this get here? I am stunned. Here I though I was doing well staying on top of things and I find this stuff. I am just a bit blind-sided.. specially by that VX2.. where the bleeping bleep did that come from?? Like I said... just thought I would share. I have every sort of tool you can imagine.. Ad-aware SE.. Spy-bot..Spyware blaster.. AVG... A squar... Read more

A:Microsoft Anti-Spyware 1st Scan

Pandy.
I am shocked.However did you acquire that rubbish.Please keep us informed.
Thanks.
Philip

Read other 10 answers
RELEVANCY SCORE 68.4

Hi,

Was wondering whether you could help - Super anti-malware gets stuck when it gets to a particular folder during scan (C:WINDOWS\$hf_mig$\KB980195\update...)

I tried to scan with Malwarebytes anti-malware and the same happened when it reached that folder. I'm guessing it's too important to just delete. Any advice, pls?

I've backed up what I want from my docs and downloaded hijackthis.

Cheers

Read other answers
RELEVANCY SCORE 68.4

I have run the scans and posted them on the wrong section. I was told to post them here. I copy/paste them to here. Here ya go.

--------------------------------------------------------------------------------

Hi
I hope I am doing this right. I have a custom made computer. I was on the internet and a pop up came up that said Windows Anti Virus ! You may have a virus, scan now ! It looked just like a Windows pop up so I hit "scan". Bad move. I now have a computer that freezes, stops, locks up or just won't do anything.
I have Windows XP Pro ser. pac. #3
2 hard drives, one is 60 GB and one is 80 GB
512 Ram


DDS (Ver_09-07-30.01) - NTFSx86 NETWORK
Run by Terry at 15:18:41.64 on 2009-09-10
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.244 [GMT -5:00]

AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSv... Read more

Read other answers
RELEVANCY SCORE 68.4

I have Norton anti-virus 2003 installed on my computer. I read somewhere that a virus scan will not look at files that are being used by the computer at that time. Is this true and if it is true how can you be sure your computer is virus free if the results of the scan say no problems detected?
I have a friend who is running Windows XP and she has the NNCORE.DLL Trogan Virus. I looked at the list of known viruses on my Norton (it is up to date) and this virus is not even listed. How can a uitility be effective if a known virus is not in its data base.
Thanks
 

A:How Anti-Virus Programs Scan

Read other 16 answers
RELEVANCY SCORE 68.4

Hello everybody,

My ZoneAlarm was working great for a few months. Recently, if I try to run the AV scan, I get this security alert:

SUSPICIOUS BEHAVIOR
C:\WINDOWS\sytem32\ZoneLabs\avsys\
ScanningProcess.exe
(ScanningProcess.exe) event=0
subevent=0 class=1 ("system", '''','''')

I click "Allow", the scan runs for about 2 seconds, but the security alert pops up again. And again. Eternally.

I have a Windows 2000 SP2.

Thanks so much for any advice you can give!

A:Zonealarm Can't Run It's Anti-virus Scan!

Suspicious behavior popup with virus scanhttp://forum.zonealarm.com/zonelabs/board/...essage.id=27078

Read other 7 answers
RELEVANCY SCORE 68.4

Hello, my PC got infected by a spyware called system-defender.com and I used the google to search for a cure and came across a posting on your site.

After following the instruction shown on this site I down loaded the Malware bytes' Anti-Malware.

I used the Malwarebytes' Anti-Malware to scan the PC and rebooted the PC and again scanned the PC with Malwarebytes' Anti-Malware

Thats where I stopped as I did not know what to do with the log created by mbam.

I am posting the mbam log below:

Malwarebytes' Anti-Malware 1.17
Database version: 856

17:05:32 15/06/2008
mbam-log-6-15-2008 (17-05-32).txt

Scan type: Quick Scan
Objects scanned: 36871
Time elapsed: 8 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 6
Registry Keys Infected: 18
Registry Values Infected: 7
Registry Data Items Infected: 2
Folders Infected: 6
Files Infected: 15

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\fxculenw.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\iifecbxv.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\{1468f445-b90d-dca4-691e-b3979fcb7f03}.dll (Trojan.Agent) -> Unloaded module successfully.
C:\WINDOWS\system32\byXPFYPg.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\xkefqtgs.dll (Trojan.FakeAlert) -> Unloaded module successfully.
C:\WINDOWS\rtsplg... Read more

A:What Do I Do After Using The Malwarebytes' Anti-malware To Scan The Pc?

Hello Aashish and welcome to BleepingComputer,1. * Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer Go to Control Panel > Internet Options > General tabUnder Browsing History, click Delete. Click Delete Files, Delete cookies and Delete historyClick Close below.* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu..Click the Clear now button below.. A new window will popup what to clear.Select all and click the Clear button again.Click OK to close the Options window* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.2. Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully and install the Recovery Console first (not for Windows Vista users !).The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you. (WinXP SP3 users, please download the appropriate SP2 file, Home or Pro, to install the RC)In the event you already have Combofix, delete your current version and download the lates... Read more

Read other 20 answers
RELEVANCY SCORE 68.4

Hi
I hope I am doing this right. I have a custom made computer. I was on the internet and a pop up came up that said Windows Anti Virus ! You may have a virus, scan now ! It looked just like a Windows pop up so I hit "scan". Bad move. I now have a computer that freezes, stops, locks up or just won't do anything.
I have Windows XP Pro ser. pac. #3
2 hard drives, one is 60 GB and one is 80 GB
512 Ram


DDS (Ver_09-07-30.01) - NTFSx86 NETWORK
Run by Terry at 15:18:41.64 on 2009-09-10
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.244 [GMT -5:00]

AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated) {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet explorer\... Read more

A:Windows Anti Virus scan

The site you were on was the initiator of this malware. It's a bad site.

The "warning window" was the malware itself, and it tricked you into allowing it to install itself.

It has had several different names that I know of. AntiVir2010, Anti Virus 2009 are a couple.

It's not difficult to remove, but the longer you wait, the more malware it will install on your computer.

Forum rules prohibit non-experts from helping to removal malware.

Read the stickies in the Securities forum and follow the directions.

Read other 5 answers
RELEVANCY SCORE 68.4

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

A:Anti virus scan does not complete

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Read other 2 answers
RELEVANCY SCORE 68.4

I was having problems prior to this one with my computer and installed a different antivirus software (AVG) to try and find the problem, and it must have quarantined and/or deleted a file crucial to booting windows. Everytime I turn on my computer, right after the windows startup screen, the computer crashes.

I've tried the auto-repair option, I don't have a previous system image to revert to, I can't do a system restore without logging into windows (to my knowledge), and the same goes for updating windows with the installation disc. I even tried formatting my primary HDD so I could reinstall windows and just get my data from my backup hard drive, but when I tried installing it couldn't find the necessary drivers.

If anyone has a fix for the BSOD that would be preferred as I could just switch my secondary drive to primary and it's all fine.

A:BSOD After Anti-virus Scan

:/ anyone?

Read other 2 answers
RELEVANCY SCORE 68.4

Hello Experts. Need some help in figuring out what is lurking in my computer. Every time I run a scan with Spybot or Ad-Aware, I get one or two hits on my anti-virus (Trend Micro 2005) that says that it has detected an infected file in (C:\Windows\downloaded program files\mediagatewayX.DLL) and it says the virus name is (ADW WINAD.BD) Scan result: Denied Access. I tried a google search on the virus name with very little luck. Searching on the DLL was a little better and with all of the topics starting off with talk about HiJack This logs, I finally installed the program and ran a log today (my first, very good tutorial on your site) and found the reference to the mediagatewayX.DLL and also a pointer to (O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Seekmo/ie/bridge-c24.cab)Could you please let me know what this is and how I get rid of it. Any and all help will be greatly appreciated.

A:Anti-virus Reacts On Every Scan

ZangoCash appears to be adware (read popups or directed advertising) that is installed on your computer along with some games or videos you watch and without your knowledge usually. To delete that file open Internet Explorer and go to Tools>Internet Options. Under the General tab Click Settings then click View Objects. mediagatewayX.DLL should be in there and you can right click and delete. Thats a really weird place for a .dll file as this folder should only contain ActiveX controls.

Let us know if that works for you.

Read other 7 answers
RELEVANCY SCORE 68.4

I did a sophos anti-rootkit scan and it found this

Hidden registry key \HKEY_USERS\S-1-5-18\Software\Microsoft\Office\Outlook\Addins\BitDefender
Hidden registry key \HKEY_USERS\S-1-5-18\Software\SetID
Anyone familiar what are those?

Also, I stopped using BitDefender 2 months ago and a scan with hijackthis still shows this line

O20 - AppInit_DLLs: sockspy.dll

I've searched for it, and found it's from bitdefender.. shall I fix it since I'm not using BitDefender anymore?

Read other answers
RELEVANCY SCORE 68.4

can someone tell me if this scan is any good. the microsoft anti spyware scan. also when i ran it. it says i have one spyware-kontike(browser plug-in) is this bad.
 

A:microsoft new anti spyware scan

Check out this thread...
http://forums.techguy.org/t316073.html
 

Read other 1 answers
RELEVANCY SCORE 68.4

I have recently tried a new Anti-Virus program and am surprised at the infections it listed on it's first scan. Can the log be analysed for false positives?
My OS is Win98SE, I have the following Anti-Virus programs installed:
SpyBot S&D 1.3 Ad-Aware PE 1.05 IE-Spyads and Spyware Blaster 3.2, all are up to date. I also have Panda Anti-Virus & Firewall.
Any advice would be appreciated. rim rim
 

A:Can an Anti-Spyware scan log be analysed?

Read other 6 answers
RELEVANCY SCORE 68.4

If I schedule a scan when I'm not on the computer, will it be done or do you have to have your computeron.
 

A:Running anti-virus scan

It must be ON.
 

Read other 1 answers
RELEVANCY SCORE 68.4

OK , having major difficulties getting these fixes to work. I have windows vista premium home, hjt will do the scan but halfway through says for some reason "your system denied write access to the Hosts file" I tried to set hjt to run as administrator but that is grayed out, so when I select "ok" it finishes the scan but no copy is posted in notepad. I did actually select a few known trash and it did remove them. dds appears to do its scan but doesn't post any results in notepad. And rootrepeal gives me a device controller error and wont scan. Does anyone have any suggesting on what to do? I did a system repair back to the 30 of December but that seemed to on reduce the popups.

Gordy

A:corrupt system wont let me run nso when i select "ok" it finnishes it's scan but no copy of scan is posted in noteb...

Welcome to BCPlease try this:Please download RSIT by random/random and save it to your Desktop.Note: You will need to run this tool while connected to the Internet so it can download HijackThis if it is not located on your system. If you get a warning from your firewall or other security programs regarding Rist attempting to contact the Internet, please allow the connection.Close all applications and windows so that you have nothing open and are at your Desktop.Double-click on RSIT.exe to start the program.If using Windows Vista, be sure to Run As Administrator.Click Continue after reading the disclaimer screen.Leave the drop down box set to default: "List/folders created or modified in the last 1 month (30 days).When the scan is complete, a text file named log.txt will automatically open in Notepad.Save the log file to your desktop and copy/paste the contents into a new topic in the HijackThis Logs and Malware Removal forum, NOT here.Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run.If RSIT did not work, then reply back here.

Read other 1 answers
RELEVANCY SCORE 68.4

The Intel Driver & Support Assistant said that it had an update: Intel® Graphics Driver for Windows* [15.40]. When I did a scan with the Lenovo Companion app, it said there were no updates available. Why the difference of opinion betwee the two apps?

Read other answers
RELEVANCY SCORE 68.4

Was working on the computer yesterday, running Firefox and suddenly went offline. Could not go online again with Firefox, IE or anything else. Did a system restore, didn't help. McAfee AV+ won't run a scan and real-time AV protection keeps turning itself off. I was able to connect to the 'net when I installed a wireless USB adapter and disconnected the ethernet cable.Now Ad-Aware has shut down too

A:McAfee AV+ scan won't run and real-time scan keeps turning off; browsers stopped working, Ad-Aware quit too

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the ... Read more

Read other 3 answers
RELEVANCY SCORE 68.4

My computer was at a crawl, even step from booting to loading the desktop and beyond took at least 50x as long. But in Safe Mode, it was running only a little slower than usual, so I suspected a virus or malware. Attempts at using AVG antivirus's command line scan in Safe Mode was met with messages such as 'Boot Sector Hidden' or something like 'Processes scanning failed'.
Desperately I tried to run CHKDSK. Seemed to solve the problem, but just after that, AVG antivirus crashed while scanning. Next day, I try again, AVG seems to work detecting no threats, and Malwarebytes detected nothing too.
NOW I want to make sure my computer is virus or malware free. Please help me, this is my only laptop.
I have Hijack this logs, but there is some error message about hosts files, I can post them if you want.. I tried aswmbr anti root kit , but the program always crashes just as it's checking sysmain.dll
Some background: Awhile ago, I accidently installed some malware by not unchecking the right boxes while installing DAEMON tools. Found out it was messing with my browser, so used Spybot Search and Destroy plus Malwarebytes anti-malware, found some malware uninstalled them, also remove them through Control Panel. Seemed fine. until a day later when I accidently turned off the mains power to the laptop, without any battery in. Then the slow down suddenly appeared. I have accidently done this before but it never had this effect.

A:aswmbr can't scan, Antivirus can't scan, Computer at a crawl from startup

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/539424 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 2 answers
RELEVANCY SCORE 68.4

I have windows vista, and whenever i run my virus scan or spyware scan, my computer locks up when it gets to a specific folder. that folder is program files/common files/microsoft shared/office 12. If i try to go to that folder, the computer locks up as well. I have no idea what to do about it. Any help would be appreciated, thanks.

A:Computer Freezes And Restarts When I Run Virus Scan Or Spyware Scan

Try running your scans in safe mode. The Advanced Boot Options menu lets you start Windows in advanced troubleshooting modes. You can access the menu by turning on your computer and pressing the F8 key before Windows starts. Select safe mode there, and run the scan.

Read other 4 answers
RELEVANCY SCORE 68.4

Hey all.
 
I was running a full scan on my Win8 system using Defender.  After 15 minutes, scan was three-quarters completed with no problems, so  I left the computer for five minutes.  When I returned, Defender had switched over to a Quick Scan in order to finish up. 
 
No threats found, either by Defender or by MBam, which I ran afterwards.  But is it unusual for Defender to switch from Full to Quick scan mid-operations? 

A:Windows Defender Full Scan Switches Over To Quick Scan

I never heard of that happening before so I'm not sure how it occurred.There are three types of scans offered by Windows 8/10 Defender and most other anti-virus/anti-malware programs:Quick Scan only checks the areas of your computer most likely to contain malware...the most prevalent and common places where malware typically hides. The length of time for performing a Quick scan will vary but it generally takes about 15-30 minutes so they can be performed daily.Full Scan is much more comprehensive since it scans the entire hard drive (all folders/files) which can number in the thousands. The length of time for performing a Full scan will also vary but because it is so comprehensive, this type of scan can take several hours. Most Full Scans can be scheduled to run late at night when not using the computer so you can perform a weekly scan without having to monitor it.Custom Scan allows the user to select any files and folders on the hard drive to be scanned.In most cases when performing routine security checks, only a Quick Scan is needed since it checks the areas of your computer most likely to contain malware...the most prevalent and common places where malware typically hides. A Full scan is generally recommended only for heavily infected systems.

Read other 1 answers
RELEVANCY SCORE 68.4

I did a scan 3 days ago with pctools and was told there was a virus trojan Backdoor.Retro64 but I had to pay to remove it.

I came across HijackThis tonight and have followed instructions.

This is my logfile:-

Logfile of HijackThis v1.99.1
Scan saved at 21:28:33, on 24/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VoipCheapCom\VoipCheapCom.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTa... Read more

A:Did scan before and was told virus backdoor.retro64 on pc. This is Hijackthis scan.

Hello, and welcome to the HijackThis Help Forum.

Apologies for any delay in replying, but we have been rather busy lately.

Since it has been a few days since you first posted, please post a fresh HijackThis Log if you still need assistance.

Thank you.

Read other 1 answers
RELEVANCY SCORE 68.4

I have Avast version 4.7 Home Edition Free installed on my computer.

When I ran a scan today with Avast, it detected a virus and I deleted it. I then ran another scan and there were no viruses reported.

Then I went to Kaspersky's online virus scanner and ran it and it detected 2 viruses on my computer, but of course the only way to get rid of the one's detected is to purchase Kaspersky Anti Virus.

Questions are.
1. How did the virus that Avast detected get on the computer in the first place? I have the on access protection control running with all of the modules activated with the exception of Outlook (I do not have Outlook on my computer).

2. Why is Kaspersky detecting 2 viruses on my computer at the present time and Avast detects none?

Do I need to ditch Avast Free and pay for Kaspersky as a better Virus protector.

Thanks for any ideas and suggestions,

Jerry
 

A:Solved: Avast scan resuts vs Kaspersky scan results

Read other 6 answers
RELEVANCY SCORE 68

Whenever I try to scan metallic objects like jewelry with my Canon Lide35, the image always turns out blurry. Are there any settings to get a clear,crisp image? Especially for when the lid is slightly elevated.
 

A:Blurry Scan image

The scan will only be focussed for items that are in contact with the glass - the surface of the glass is the point of focus for a scanner, not the area above it.
 

Read other 2 answers
RELEVANCY SCORE 68

I'm having some problems with a Canon DR-2080C scanner. I have it hooked up to a Dell Computer running Windows XP, and it's only giving me a partial image (about 25% of the image). I got the scanner used, so there might be a problem with the scanner itself. I'm not sure. The computer has 1.00 GB RAM and I unloaded everything out of memory that i could, so I don't think it's out of memory (I'm scanning a single sheet of text, no graphics). I set the scan to 300 DPI thinking that might help, but that didn't make any difference either. I'm thinking this might be a hardware issue, but am looking for any input any ideas anyone else might have. Thanks!
 

A:Scan Gives Partial Image

Read other 7 answers