Over 1 million tech questions and answers.

Not infected, but this was the closest category I could find

Q: Not infected, but this was the closest category I could find

So, here's the deal. I regularly submit rouge software to malwarebytes taken from machines from where I work, which is a local PC repair shop. Normally I see java exploits and rouge antiviruses, very few botnets/trojans and other "heavier" gauge malwares. I am quite adept at software and hardware troubleshooting, and an advanced windows\linux admin.

I've tried re-tracing steps by setting up a secure environment to monitor how a rouge works and building simple batch files to repair changes made to the registry, file system, MBR, and Windows\system32\drivers folders to make my job easier. Naturally, I've started using programs like OllyDebug to attempt reverse engineering through self-taught methods.

For whatever reason, I can never seem to infect my own test machine, even with outdated browser/windows/java and going to the rouge hotspots. I have yet to reach Malware Hunter status on MWB forums, so I cannot access already submitted files.

I am not asking anyone to post links on this thread, as that could potentially endanger unintentional users, but rather to have any good sources for acquiring malware/virus samples in a PM. Any advise anyone may have is more then welcome

RELEVANCY SCORE 200
Preferred Solution: Not infected, but this was the closest category I could find

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Not infected, but this was the closest category I could find

Check your PM

That site provides large amount of malware samples

good luck

Read other 3 answers
RELEVANCY SCORE 56.4

I need help with my computer because it doesn't have an HDMI port. I had no idea that it didn't have one until I needed it. When I bought it, I figured that all new computers had one so it wasn't even a thought.

I have seen the converters for USB to HDMI but they are a little pricey. I was wondering if there is a cheaper way such as a device similar to a google chromecast that could mirror my computer screen onto my TV instead of only using apps. Or maybe a cord that would work, anything.

I am a college student and was hoping to be able to stay under $30.
The picture of my computer is attached.

Thank you.
 

A:Couldn't find a category for my question, it is about HDMI

What's the complete model number of your HP all-in-one?
What's the exact part/product number(P/N) on it?

It's too bad you bought a HP all-in-one instead of a HP desktop.
If a desktop doesn't already have a HDMI port integrated into its motherboard, having one allows you to install a graphics card which has a HDMI port.

I'm not familiar with USB-To-HDMI converters, so someone else will need to address that.

--------------------------------------------------------------
 

Read other 2 answers
RELEVANCY SCORE 55.6

Years ago i signed up for a microsoft account and didn't do much with it. I've lost all way of getting it back not because anyone stole it but because i don't know what i put in for my information or password to get it back it could be anything. I would
like to get it back i have made the account im sending this in right now so i can get my password back hopefully because i have no other way of sending this to microsoft or wherever i need to go to get it back. I did request a password change on that account
but like i said earlier the info i needed to put in is very old and i don't what it is, so when i sent it in using this email it said i couldn't be verified or reset my password. If someone responds to this who works in that area of microsoft i'll send them
my email of the lost account in a safer way unless its fine it here i don't want to have any security problems by sending it here on the forums just to be safe. Thank you in advance for the help:)

Read other answers
RELEVANCY SCORE 52

Hi

I was wondering if anyone could help me with a problem I am having with our local DNS servers. We currently have 8 sites setup in a 5km range of each other. All sites share the same Active Directory integrated zone, but each site has its own subnet. We are trying to setup a website per site under the same name e.g. name.company.com but with different ip's. Is there any way of setting it up this way, but only letting people in one site connect to the webserver is their local site?

My thanks is advance
 

A:Allow DNS connect to the closest IP?

Read other 6 answers
RELEVANCY SCORE 50.8

Where is the closest dealer in Cambridge Ontario 

A:Where is the closest dealer in Cambridge Ontario

Hello, May be that will help you:- Where to buy -

Read other 1 answers
RELEVANCY SCORE 43.2

Hi you guys!

My PC has been infected with the trojan horse downloader.winshow.AY and I have tried just about everything (ad-aware, spysweeper, spybot) and it nothing works. In times like these, there is just one thing to do, which is rely on you guys.

Here's my hijackthis log:

Logfile of HijackThis v1.97.7
Scan saved at 15:07:53, on 23-10-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\Anvshell.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\program files\steam\steam.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Andre\LOCALS~1\Temp\Rar$EX00.391\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w... Read more

A:"This is the closest thing to crazy I have ever been"

I don't see much fixing here. Try getting the newer version.

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.

Make sure to update Windows and Internet Explorer at http://windowsupdate.microsoft.com.

You have an outdated version of HijackThis. Click here to get the latest version of HijackThis.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Make sure to close any open browsers. Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

O16 - DPF: {11120607-1001-1111-1000-110199901123} - ms-its:mhtml:file://C:\\MAIN.MHT!http://66.199.249.202//index.chm::/server.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - file://c:\x.cab
O16 - DPF: {22222222-2222-2222-2222-222222222222} - file://c:\x.cab

Reboot into Safe Mode (hit F8 key until menu shows up). Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if th... Read more

Read other 1 answers
RELEVANCY SCORE 38

[font=Georgia][size=5]Hi, and thanks for all your help before hand!I have had trouble with my Internet Explorer windows closing on their own. There seems to be no specific site or circumstance under which they close. The newest downloads to the computer were a Wild Games Console and Limewire (I know, but my son didn't ask). That's about the time the trouble started. I cannot now download anything - the information bar to allow Active x controls does not appear. And most pages won't fully load, even after refreshing the page several times, although sometimes this does work. I have tried to go to the Tools menu to check the Add Ons, but when I click on Tools, I have "Mail and News" with an arrow for choices, the next space down is blank, with an arrow that points to two blanks; the third space down is blank; then Synchronize..., Windows Update, Sun Java Console (?) then Internet Options. I have a Dell Dimension 4500 running Windows XP, SP2, and I use IE. Automatic updates are on. I have EZ Firewall by Computer Associates.I have followed your directions before posting my Highjackthis log. These are the things I 've done and problems with not performing all instructions:- Spybot found nothing to remove.- Adaware removed 3 tracking cookies.- ETrust Pest Patrol removed all but: KaZaA - Key: hkey_local_machine (space) \software\magnet- Ran sfc \scannow- Ran cleanmgr and deleted all- Housecall - page will not fully load- Panda AntiVirus - no in... Read more

A:Must Be Infected, But Can't Find It

Hi Ladyrider3,

Our apologies for the delay. If you still require help, please post a new fresh log so I can see if anything has changed. And please post any additional information about what has happened in the meantime that might be helpful.

Also please turn System Restore back on so we have something to fall back on if needed.

Read other 3 answers
RELEVANCY SCORE 38

Important note: I am a very experienced user.

Despite that, I'm having a problem. Several sites that I work on were victimized by the .htaccess exploit.

Given that the sites have one person in common, namely, me, the first thing I did was to run a virus scan. I also ran the latest update of Malwarebytes. Even ran an old copy of Hijack This just to see what came up.

All clean.

After talking to my host, ran combofix. The log looks good to me--it quarantined a couple of files that are definitely not viruses (my putty log, for example, and isRS-000.tmp, which, I believe, is from malwarebytes, and a Citrix go-to-meeting file), but I would appreciate having a more experienced person take a look at it too.

I have made sure I have no shared folders on my network (although that's kind of moot because the only other computer on the network is a chromebook and the network is password protected), I have used the master password protection on Firefox, and as I reset ftp passwords I'm storing them in a password protected excel file and not saving them on the ftp program.

Any additional advice that you can give me for hardening my computer would be very useful, although my tech support person did say that if combofix came up clean as well, the odds were vanishingly small that the problem originated with me.

Thank you in advance for your time.

Edit: The combofix I ran was NOT infected by a virus and hash didn't match known infected version hashes

A:If I'm infected, I cant' find it...

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr <- not recommended if you use Chrome to download this .scr file. Use the other options.DDS.pifDDS.COMDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results.Please note: You may have to disable any script protection running if the scan fails to run.Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.======Please run this security check for my review.Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.===Please download AdwCleaner by Xplode onto your Desktop.Double click on AdwCleaner.exe to run the tool.Click on Search.A log file will automatically open after the ... Read more

Read other 6 answers
RELEVANCY SCORE 38

im running windows 7 32 bit with norton 2010. i keep getting notifications from norton saying email error. its random email addresses, subjects, and in different languages. it keeps popping up about every 5 minutes with different email addresses and subjects. ive ran malwarebytes, super antispyware, and spybot search and destroy and nothing seems to find anything. i recently fought with the winlogon86 virus and thought i had gotten through it but maybe something is left in my system. any help would be appreciated

Read other answers
RELEVANCY SCORE 38

I have a basic OE Emachines computer with Vista that I use for email, Office, and some web research. Recently a few other people have used it and it and now it is slow at Startup, running slow, locks up, and a get redirected in IE. I use Ad-Aware, Spybot, and Avast-Home. None of these detect anything. Any help would be greatly appreciated.

A:Am I infected? I can't find anything.

Welcome to BCIf you use Spybot's TTeatimer function you need to disable it for nowPlease download to your DesktopRkill.scrhttp://download.bleepingcomputer.com/grinler/rkill.scrWhen you double-click on the Desktop icon, a small DOS window will open and the application will run on it's ownIt should only take a few minutes and it will close by itselfDo not reboot the machine=============================Some types of malware will disable Malwarebytes Anti-Malware and other security tools. If MBAM will not install, try renaming it first.Right-click on the mbam-setup.exe file file and rename it to mysetup.exe.Double-click on mysetup.exe to start the installation.If that did not work, then try renaming and changing the file extension. click this link if you do not see the file extensionRight-click on the mbam-setup.exe file, rename it to mysetup and change the .exe extension to .scr, .com, .pif, or .bat.Then double-click on mysetup.scr (or whatever extension you renamed it) to begin installation.If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files.Right-click on mbam.exe, rename it to myscan.exe.Double-click on myscan.exe to launch the program.If that did not work, then try renaming and change the .exe extension in the same way as noted above.Double-click on myscan.scr (or whatever extension you renamed it) to launch the program.If using Windows Vista, refer to How to Change a File Extension in Windows Vista.Be sure to update MBA... Read more

Read other 1 answers
RELEVANCY SCORE 38

Hi, I think my Internet Explorer is hijacked. I only have a problem with IE, when running Firefox I don't have any issues. I know what I did, and it was absolutely stupid on my part! Yesterday, I was curious about a video on the bigfoot baby and when I went to this blog by the guy that had taken the pictures I downloaded what was supposed to be an Active X plugin to view the video. I found out right after that the blog site was a hoax. Here is the information on it:http://www.xomba.com/rick_jacobs_video_blog_hoax_exposedBut it doesn't say what the malicious software is or how to get rid of it. Immediately after downloading what I thought was Active X I got a popup saying I was infected. Now my Internet Explorer pages are hijacked and have porn links on them. If I use google I get only results for porn sites as well no matter what I type in the search box. Here are two screenshots I was able to take of the popup and my AOL page highjacked for reference if it will help. http://aycu19.webshots.com/image/33778/200...70896549_rs.jpghttp://aycu15.webshots.com/image/33214/200...72050626_rs.jpgI am running Windows Vista on a HP Pavilion Slimline. I did everything in the preparation guide with the exception of the updates from Microsoft. I cannot do it in Firefox. And if I use Internet Explorer I'm afraid to update because of the hijacking. I have already caused enough problems, I don't want anymore. But my computer is set to update automatically and it does check daily. It checke... Read more

A:I'm Infected But Don't Know How To Find Out With What

Hi,Please read the instructions here how to remove it:http://www.bleepingcomputer.com/forums/t/114240/how-to-remove-ie-defender-removal-instructions/Let me know if that solved your issue.

Read other 13 answers
RELEVANCY SCORE 38

Hi. About a week ago, all web pages started loading very slowly on my computer. I cannot seem to figure out why. I have a 3Mbps DSL connection, and I have tested the connection speed and it is fine. I tried using Firefox instead of IE, and it also loaded pages very slowly. I went through and performed all the steps and tasks in your "read this before posting a log" page. I also ran MS Windows Defender and ewido anti-malware. All those steps detected and removed a few low danger items, but without any improvement in my browsing speed. I also uninstalled Norton Internet Security to see if that was interfering, but browsing speed did not improve one it was off the system. I am stumped, and frustrated. I would appreciate any help you could give me. Thanks.Here is my Hijack This log:Logfile of HijackThis v1.99.1Scan saved at 10:16:34 PM, on 3/23/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files... Read more

A:Help Please. I Think I Am Infected, But I Cannot Find It.

Hi. Please disregard my post above. I figured out my problem, and it was not malware. I would have deleted my prior post, but I could not figure out how to delete.

Thanks.

Read other 2 answers
RELEVANCY SCORE 38

Hi all,
My PC picked up something unpleasant earlier this week and I've been running all sorts to try to clear it (see below). I've cleared a lot of junk off there, but I still have an issue with IE windows opening spontaneously going to random sites such as 'broadcaster.com', 'mydebtrelief.com' and a smaller window with Casale Media.

I already had spybot S&D, and have run AVG antivirus, AVG anti-spyware, plus an older version of ewido, and Brute Force Uninstaller. I've also run adawareSE and just installed Panda Antivirus (as recommended here), and downloaded the outerinfo uninstaller and ran that. They are all now coming up clean.
One of them found smitfraud, there was also an ldcore.dll issue (that took a couple of hours to sort). There was also an outerinfo issue (it was in the 'add/remove programs' list, and it wouldn't allow me to download the uninstaller through IE), but those are now resolved, I think.
I've run HJT a few times, but can't find anything obvious in its logs, and as I mentioned, all the packages above are coming up clean. A fresh install of ZoneAlarm also isn't spotting or stopping these windows from opening.

I'm a bit flummoxed, to say the least, so any help would be appreciated.

A:Infected, But Can't Find The Cause....

Since you have already done the groundwork, I suggest you submit a fresh HJT log to our Team for closer and more detailed review. See the instructions here:http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/Regards,John

Read other 2 answers
RELEVANCY SCORE 38

Last night I was on blogger.com and on a friends page. there was a comment from someone I didn't know but it was in a comment about a friends baby that is sick so I thought it was safe to look at the link. Well when I clicked on it ( I am using Firefox ) all these pop ups came up that my computer could become infected and programs could be damaged. I have no specific details as I closed out of everything right away. I know stupid thing to do. Is there a way to check my computer w/o buy programs? Thank you Heather

A:I May Have Been Infected How Do I Find Out?

Is there a way to check my computer w/o buy programssure is to start you off can you kindly tell us your windows version, what your installed antivirus program is and what other protection programs you have on board; when did you last fully update and run them all and what if anything did the scans say ??

Read other 9 answers
RELEVANCY SCORE 38
A:Infected With Something Can't Find What..

Your hijackthis log is posted here.Now that your log is posted,, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the member assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?".To avoid confusion, I am closing this topic until you are cleared by the HJT Team. If you still need assistance after your log has been reviewed and you have been cleared, please PM me or another moderator and we will re-open this topic.Good luck with your log.

Read other 1 answers
RELEVANCY SCORE 38

I have had computer problems over the last 2 weeks.  It first started with my internet connection showing "limited or no connectivity". Then my 
 
antivirus "Avast" web shield kept turning off and wouldn't turn back on without reinstalling Avast.  Then my firewall "Zonealarm" wouldn't work.  I 
 
searched the internet and found many things to try.  I have the internet connection repaired but think I may be infected by a rootkit.  All virus and malware scans show nothing.  A few scans I tried are Avast, Sophos, Malwarebytes, Kaspersky, Unthreat, IObit Malware Fighter, SuperAntiSpyware, Comodo, RogueKiller, Rkill, Tdsskiller, etc.  I have logs from aswMBR, gmer, Rootkit Hook Analyzer, RootRepeal, RogueKiller and HijackThis.  System keeps freezing requiring a reboot.  It takes a very long time for the icons to appear after restart and sometimes they never do. Browser "Chrome" keeps freezing up.  Start-Programs freezes blank for long time before populating.  
 
I have many logs I can send if they will help.  I have seen some stuff that is HOOKED but not sure if it is okay or not.  Also MBR 2 shows an error. I would really appreciate your help!
 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.5.1
Run by User at 16:16:59 on 2013-02-28
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1023.252 [GMT -6:00]
.
AV: ZoneA... Read more

A:Infected with something but can't find it!

Hello jujube Welcome to The Forums!!Around here they call me Gringo and I'll be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at you... Read more

Read other 43 answers
RELEVANCY SCORE 38

Been having this problem for the past 4-5 days. This is happening once or twice a day, every day. At some point, a new tab opens up in my Firefox, with a strange address, Firefox minimizes and I get a pop-up message saying AV8 scan has found... only with the OK button on it. I never clicked OK, I just killed the firefox process and the restarted my pc, nothing else happened after. I've been using Deep Freeze software for the past months, so every time I think there is something suspicious on my pc, just restart and the system is supposed to be restored to its original saved state. I'm also using Norton internet security paid license and updated everyday. I scanned my system in safe mode with malware bytes and other 2 spyware removers, nothing found, everything looks clean.

I don't worry much about AV8 as long as I can kill the process before AV8 gets installed, but I do worry about the resident piece of malware/rk that tries to load AV8, it could as well load a key logger or even worst.
No suspected processes show up in my task manager.
I will answer any questions or scan/provide any logs you need if you think you can help.

Thank You.

Read other answers
RELEVANCY SCORE 38

my computer is infected but i cant find with what. i think it has come from ie . i cannot turn my updates on i keep getting virus warning from my security programs and some time i loose all my icons on desktop beside my background please helpDeckard's System Scanner v20071014.68Run by jolene&ronnie on 2008-07-28 07:57:59Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --29: 2008-07-27 21:58:09 UTC - RP38 - Deckard's System Scanner Restore Point28: 2008-07-26 23:24:23 UTC - RP37 - Last known good configuration27: 2008-07-26 23:24:18 UTC - RP36 - System Checkpoint26: 2008-07-26 23:24:18 UTC - RP35 - Software Distribution Service 3.025: 2008-07-26 23:24:18 UTC - RP34 - System Checkpoint-- First Restore Point -- 1: 2008-07-26 23:24:16 UTC - RP10 - Update of Auslogics BoostSpeedBacked up registry hives.Performed disk cleanup.Total Physical Memory: 495 MiB (512 MiB recommended).-- HijackThis Clone ------------------------------------------------------------Emulating logfile of Trend Micro HijackThis v2.0.2Scan saved at 2008-07-28 08:02:08Platform: Windows XP Service Pack 3 (5.01.2600)MSIE: Internet Explorer (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\system32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WIN... Read more

A:Infected Cant Find It

Hello aussiegirlWelcome to BleepingComputer ========================Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.First, we need to backup your registry:Please go to Start > RunPaste in the following line:regedit /e c:\registrybackup.regClick OK.It won't appear to be doing anything, that's normal.Your mouse pointer may turn to an hour glass for a minute.Please continue when it no longer has the hour glass. Please open up Notepad and copy all of the items in the code box below.Change the "Save As Type" to "All Files". Save it as fixthis.reg on your Desktop.REGEDIT4

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00Now double-click fixthis.reg.A window will come up asking if you want to let it merge with the registry.Click yes. ============Next:Please go to Start > Run> then copy\paste this in "%userprofile%\desktop\dss.exe" /daft then hit ok.Place a check next to everything and click on fix.Rescan again and it should say all associations ok.===================================================Then:Please download the OTMoveIt2 by OldTimer. Save it to your desktop. Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "R... Read more

Read other 2 answers
RELEVANCY SCORE 38

Hello,
I have a question: I just recently downloaded a program which was apparently a .dae to .3ds model converter from this link: http://www.paulscode.com/forum/index.php?topic=3.0
 
I clicked on the autodesk download link. Webroot came up with a "malware" infection, and promptly removed it. What worries me is that it didn't detect malware until after I had opened it. Webroot said it removed it successfully. I have had worries about malware recently.
 
The download link said it was an image file, so that seems a bit weird to me. I know the basics of malware removal, and I already have lots of tools from when I removed one about a month ago, but I don't know what order to use them.
 
Webroot also said it was just "malware", and it didn't give any kind of indication what kind of malware it was. It said it removed it, but I just want to make sure.
 
What should I do from here?
 
EDIT: Also, I forgot to mention, I am posting this literally five minutes after the incident, and no messages have popped up or anything like that. The computer is also running at normal speed right now.

A:I don't know if I am infected, how do I find out?

Well, if you're very concerned, head over to Google and search for 'malwarebytes antimalware' and download it. Run an update and then a full scan. If malwarebytes says nothing found, you're clear.  

Read other 7 answers
RELEVANCY SCORE 38

hello
 
 
my computer is doing random porn searches, it is also opening up links to my favourite news and sports websites, it is turning my browsers on and off, it is also opening my picture folders, documents and notepad with thousands of URL links, it is also typing searches in the firefox web browser, i cant turn the computer off unless i unplug and take battery out. sometimes the searches stop and the computer is useable again. this happens once a month, once every three weeks, recently it has been happening once every week.
i dont conduct any business on this laptop or have my important emails registred on it so i decieded to let it go for this long. the thing that has freaked me out is as i shouted across the room, the notepad opened and it typed exactly what i said.
 
ive done a full scan with kaspersky and nothing shows up, ive tried tddskiller, malwarebytes, ive scanned in safe mode, nothing is showing up.
 
my desktop has already been rendered inoperable a few months back and now my laptop is going crazy, ive recently reformatted the laptop twice in the space of 3 days(dont have disk for clean install) the first reformat didnt do the job and the computer was acting strange and slow (probably due to an error on my part) i thought i fixed the problem the second time, but before you know it the problem has come back within days.
 
if i remember correctly, i accepted what i thought was a picture file on two seperate occasions in a social network... Read more

A:I know I am infected but cant find anything.

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Up... Read more

Read other 3 answers
RELEVANCY SCORE 38

Hi, I need help fast! upon start up "common.?" pops up and wont go away. I know there is malware on here but cannot find it. I work from home and use alot of programs for that but lately my sytem has been acting weird. Changing screen sizes, not responding...Any help would be much appreciated! Thanks in advance!
DDS (Ver_09-06-26.01) - NTFSx86
Run by Owner at 21:38:26.99 on Sat 07/11/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.894.217 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\... Read more

A:I know I am infected but can't find it :(

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 5 answers
RELEVANCY SCORE 38

Recently my computer was being used and the person using it got a popup message intimating a possible infection and the requirement for a scan. They had clicked one button, but stopped and called me over before they did anything else. I believe I killed the download in progress, but just have not felt entirely confident since that time. The popup referred to Best Antivirus 2011 and although it did show in the Firefox download area it was greyed out.

I have a Windows 7 Enterprise. Operating system. I currently run NOD32 antivirus and antispyware. I sent an email to ESET regarding my suspicions. ESET sent me a document that said I probably downloaded a new variant of the Virtumonde aka Vundo Trojan and gave me website links to read about the virus. They also sent me a list of several other things I should do.

I have gone through the process of starting the computer in safe mode with networking have run an ESET online scan. Have downloaded ESET's RogueAV cleaner and Malwarebytes, downloaded SuperAntiSpyware and CCleaner and used these to scan in normal Windows and reran a custom scan with NOD32 and reran Malwarebytes. I stopped just short of running ComboFix because I lack the experience to use this.

My computer does not run slow, I can use the internet and both Firefox and Internet Explorer, do not have popups and NOD32 continues to update and scan. Maybe I'm just paranoid, but I'd like to know beyond a shadow of a doubt that my system isn't infected. ... Read more

Read other answers
RELEVANCY SCORE 37.6

I first noticed something strange happen about 2 or 3 weeks ago. Firefox was getting slow to load. Then Microsoft Security Essentials found, and allegedly removed some viruses, (Exploit:Java/CVE-2009-3867.MZ, Exploit:Java/CVE-2008-5353.RP, TrojanDownloader:Win32/Carberp.C). I also got a fake MS Sec Ess report which I ignored.In the last 3 days everything started getting very slow. I ran a full scan with MS Sec Ess, OneCare Online scanner, and Malwarebytes AntiMalware. MBAM found something which it removed (sorry, can't recall the name) and the others find nothing now. However, my computer is using processes when nothing is running, and everything is ridiculously slow now. I think I am getting redirected to bogus sites now in google too, but not sure. I have tried system restore 4 or 5 times now and it refuses to work after taking longer than normal to even attempt a restore. I downloaded DDS and have the logs which will follow. Next step I downloaded GMER to create a log too. It took hours to complete and then when it had completed everything froze. I restarted and tried again. Same thing. I cannot make a log at all but worse than this, now my laptop is in even worse shape. It takes ages to load anything, startup takes forever, there is the constant noise of nasty things running in the background, and sometimes a weird noise that sounds like the audio is echoing and according to anti-virus software everything is fine. Please help me to fix this as I am lost. Thank you in ... Read more

A:Infected with something severe but can't find anything.

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 32 answers
RELEVANCY SCORE 37.6

My boss's computer was recently infected by the Infostealer.phax virus and after I got rid of them, I ran Kaspersky's online scanner to check and this is what it came up with:

C:\Documents and Settings\desk9\Local Settings\Application Data\Microsoft\Outlook\outlook.pst/Personal Folders/Deleted Items/15 Jan 2006 10:30 from [email protected]/[From "Chase Support" ][Date Sun, 15 Jan 2006 19:25:44 +0900]/html Infected: Trojan-Spy.HTML.Chasfraud.c skipped

C:\Documents and Settings\desk9\Local Settings\Application Data\Microsoft\Outlook\outlook.pst/Personal Folders/Deleted Items/15 Jan 2006 10:30 from [email protected] Infected: Trojan-Spy.HTML.Chasfraud.c skipped

C:\Documents and Settings\desk9\Local Settings\Application Data\Microsoft\Outlook\outlook.pst/Personal Folders/Deleted Items/12 Jan 2006 04:31 from [email protected]ayPal Account Suspens.html Infected: Trojan-Spy.HTML.Paylap.je skipped

C:\Documents and Settings\desk9\Local Settings\Application Data\Microsoft\Outlook\outlook.pst Mail MS Mail: infected - 3 skipped
I looked in the folders where they're supposed to be but can't find them. How do I find these files?
 

A:Cannot Find Infected Files?

Just purge the deleted items folder in Outlook as that's where they are all located.
 

Read other 1 answers
RELEVANCY SCORE 37.6

My computer has become sluggish, and I'm getting popups like never before. Symantic AntiVirus AVG Anti-Spyware took care of some nasties, but it needs a closer inspection. Log provided below. Thank you for taking a look.

Logfile of HijackThis v1.99.1
Scan saved at 1:33:27 AM, on 6/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPT... Read more

A:Infected, cannot find cure

Read other 14 answers
RELEVANCY SCORE 37.6

Just come from the 'Am I infected' forum and was sent over here, so hi all. I've got a nutty one here. My PC picked up a whole load of malware earlier this week that set random processes running (fgmamgmk.exe being one that I couldn't find a reference to on the web). I already have Zonealarm installed, but this lot stopped it running at startup. The long and short of it is that I've removed a lot of junk, but still have something that's causing IE windows to pop up sending me to 'drivecleaner.com', 'mydebtsolution.com', 'revenueloop.com' and Casale Media, without tripping ZoneAlarm or Panda guard. In no particular order, I've run AdAwareSE, AVG antivirus, AVG Antispyware, the earlier version of ewido (v3.5), BruteForce Uninstaller, Panda Antivirus, Spybot S&D, Norton(?) Sting and OIUninstaller. These have picked up smitfraud, a series of ldcore.dll issues, a lot of 'v3.exe' and similar apps, and I think there was an outerinfo issue too (IE wouldn't let me download the OIUninstaller, and OI came up in the add/remove programs list on control panel). All of these are now clean, and showing no results when scanned, and yet I still have the issue mentioned above. I'm a bit stumped, and any help is much appreciated. ThanksHJT log:Logfile of HijackThis v1.99.1Scan saved at 16:29:00, on 24/03/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\SYSTEM32 ... Read more

A:Infected, But Can't Find A (n Obvious) Cause

Hi,

The forums are really busy, that explains why logs get behind. If you still need some help, please start with posting a new hijackthislog in this thread. Don't start with a new thread.
Then I'll take a look.

Read other 31 answers
RELEVANCY SCORE 37.6

My boyfriend was browsing the internet last night, as far as I Know everything was fine. This morning when i try to logon to the internet Nortons informs me that it has detected a new network. Upon further investigation I notice that My dial Up Number and my logon details have been changed, I changed them back to what they should be and save but everytime I dial Up It goes back to the offending number.
Nortons did detect and fix a virus last night called Trojan.textcash.
I have run a check with Spybot, Nortons and Ad-aware they all come up with nothing.
I did notice when I Checked My start up Programmes with Spybot that there were to new Entries that I Did not recognize are these relevant C:\windows\system 32\Itunesff.exe.-go-c99-w and
Rundll32.exe Ptipmf.dll set writecachemode
Please help me find the source Thank You

A:Think I Am Infected Can't Find The Source

Haaa looks like your boyfriend had fun with porn last night (^_^)Use http://www.pandasoftware.com ActiveScan Pro, it will detect what and how much bad things your boyfriend aggroed while browsing porn...

Read other 8 answers
RELEVANCY SCORE 37.6

I'm having problems getting Norton Anti Virus 2003 installed. Install works fine until it comes to reboot. The Wizard that is supposed to come up does not. When I try to OPEN NAV from my desktop nothing happens.

Troubleshooting says to run the web virus scan, which finds 17 files infected with a Trojan Horse, (no indication of which variant).

All the files are 'tray.exe' but when I attempt to delete them I
can't find the directory that NAV says they are in, ("c:/WINDOWS/Downloaded Program Files\CONFLICT.01....02...03, etc,etc").

I use MS Explorer to 'find' them but it can't see them.

I right-click on the WINDOWS subdirectory, 'Downloaded Program Files' and select 'scan with Norton Anti Virus' and it see's them.

I'm running Win98se and I've got 'show all files' selected in the VIEW options.

Where do I go from here?
 

A:can't find infected files

Read other 16 answers
RELEVANCY SCORE 37.6

Hey Guys,
 
I've been a system admin for 14 years now and I'm pretty decent at what I do, but for some reason I can't get rid of this stupid infection. Basically when I'm surfing the net (it could be any site) a popup will come up saying some bull about "You're infected! Call 1-888-xxx-xxxx to remove it. I have to click "ok" like 15 times before it goes away. I don't notice any slowdown of my computer or anything and no redirects for the browser either. And occasionally a video want to download itself onto my computer. I'll be doing nothing, just booted up my PC and IDM (which I use for downloading) pops up and says that a video it going to be downloaded something from memecentral.com. It's bugging the hell outta me. I have ran MalwareBytes Anti-Malware, SuperAntiSpyware, Spybot Search & Destroy, (fully updated and latest version) TDSSKiller and Combofix. I have Comodo Anti-Virus running and I have unistalled Firefox and Chrome and reinstalled them but still to no avail. Also I'm running Windows 7 Ultimate x64 (fully updated)
 
So I have turned to you guys for help.
 
Thanks in advance for any help. 
 

A:I am infected but I can't find the infection

Hello circaalHaving run ComboFix we now need to see that log. repost your info with that log in a new topic here... Virus, Trojan, Spyware, and Malware Removal Logs  Let me know if that went well.

Read other 1 answers
RELEVANCY SCORE 37.6

Hello folksThis is my first post here and I'm really stuck. My PC is running very slow. Takes about 15 min to boot up and is slow when using the internet. Actually is sometimes so slow that the mouse arrow on the screen flashes and lags across the screen. I'v run Windows Live antivirus and Malware-Bytes as well as Lavasoft Adaware. The last two found things but delete/quarentine and rebooting several times didn't solve the problem. I've run HijackThis and below is the log. Please if anyone can give me a hand I would really like it.ThanksStephenLogfile of Trend Micro HijackThis v2.0.2Scan saved at 7:46:24 PM, on 26/05/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\brsvc01a.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\brss01a.exeC:\WINDOWS\Explorer.... Read more

A:Help. I think puter is infected but can't find it.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 37.6

I know a good amount about computer security, and I am usually able to find and get rid of any infections/malware I may get, but this time I can't seem to find it. I found an autorun.inf file in my C:\ directory, which I got rid of, in addition to the file it was telling to run. I cannot run Spybot or Microsoft Windows Malicious Software Removal Tool unless I rename them. I even did a manual update of Spybot since I cannot access its website, but it only found cookies. Updated Ad-aware also found nothing. My browser is often trying to redirect. Even in safe mode, which I'm currently in, the problems continue. Thanks.
DDS (Ver_09-02-01.01) - NTFSx86 NETWORK
Run by Administrator at 11:15:21.51 on Fri 02/13/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_03
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2014.1646 [GMT -5:00]

AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.go... Read more

A:infected, but not able to find source

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this post a fresh dds log, please.

Read other 15 answers
RELEVANCY SCORE 37.6

Hi,Each time I restart my machine I keep receiving popup's from my system tray icon, a browser window opens and I am directed to the following sites://gomyron.com/MTc0NjE=/2/6253/ax=1/ed=1/ex=1/2559///privacy.pcprivacytool.com/MTg2NDc=/2/6253/2559///clean.systemerrorfixer.com/MTg3Mjk=/2/6253/2559/I have pc-cillin internet security 2005 installed with the latest updates.Regards,JohnLogfile of Trend Micro HijackThis v2.0.2Scan saved at 6:17:41 PM, on 11/23/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exeC:\Program Files\Microsoft SQL Server\MSSQL$VIDATABASE\Binn\sqlservr.exeC:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exec:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsr... Read more

A:Infected But Unable To Find It

Hello hairry_p0tter,Sorry for the late reply, but as you can see we handle more than our fair share of logs. If you still have problems please post a fresh HijackThis log and we can begin the cleaning process.Regards,

Read other 4 answers
RELEVANCY SCORE 37.6

Please help!

I have scanned my pc with the latest avg 8.5 db, malware bytes, spybot and find nothing. however my browsers are hijacked and my computer freezes after about 20 mins of use on average. is there any way you can help me please? i will post a log of anything needed to help diagnose the problem. I am pretty desperate this is my only PC.

I have pentium 4 desktop

Please reply and start my thread going and i will post any Logs needed

Thank you
 

A:Infected with virus i cannot find!

I have tried making a thread with a full description, one without like this thread you are reading, what am i doing wrong why am i getting no replies to my thread? Please can someone atleast let me know what is going on with these threads, if you are too busy or only help long term members atleast tell me so i can go join another site. ive never seen a site where u make threads and get 0 replies. even a Hi would be nice at this point!
 

Read other 1 answers
RELEVANCY SCORE 37.6

Can't find anything on computer or regedit, Malware and spybot won't find anything either, i suspect i'm still infected, but i'm not sure, what should i do? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:38:26, on 19/01/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Logitech\SetPoint\SetPoi... Read more

A:Can't find Orz.exe anywhere, think i'm still infected! pleas help?

Read other 7 answers
RELEVANCY SCORE 37.6

hello all,I caught a virus and I'm not sure how to get rid of it. I've run r-kill.exe, vundofix, catchme.exe, NOD32 anti virus, spybot, and Hijack this. All came up negative except Hijack This because I'm not sure how to single out a virus on it. Results are below. The virus wiped my desktop clean as if all the files were deleted along with an external hard drive I have. When I check the free space on the drive it has not changed so I know the files are there somewhere. In addition I try to start task manager and it says it not allowed by the administrator. I've logged in as administrator and run these scan there but again they come up negative (as far as I know). Does anyone know what to do about this?ThanksLogfile of Trend Micro HijackThis v2.0.2Scan saved at 3:20:04 PM, on 4/21/2011Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.17055)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Belkin\Router Se... Read more

A:I'm infected but can't find the virus

Hi,Please do the following:Please download Unhide.exe to your desktop:Double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the hidden attributes from all the files on your system. Note: If you had purposely hidden any files, then you will need to hide them again after this tool has run.NEXTPlease download DDS from either of these linksLINK 1 LINK 2and save it to your desktop.Disable any script blocking protection Double click dds to run the tool. When done, two DDS.txt's will open. Save both reports to your desktop.---------------------------------------------------Please include the contents of the following in your next reply:DDS.txtAttach.txt. NEXTDownload GMER Rootkit Scanner from here to your desktop. It will be a randomly named executable. Double click the exe file. If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO, then use the following settings for a more complete scan.
Click the image to enlarge it
In the right panel, you will see several boxes that have been checked. Ensure the following are unchecked IAT/EAT Drives/Partition other than Systemdrive (typically C:\) Show All (don't miss this one) Then click the Scan button & wait for it to finish. Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can ... Read more

Read other 2 answers
RELEVANCY SCORE 37.6

Hey Guys,
 
I've been a system admin for 14 years now and I'm pretty decent at what I do, but for some reason I can't get rid of this stupid infection. Basically when I'm surfing the net (it could be any site) a popup will come up saying some bull about "You're infected! Call 1-888-xxx-xxxx to remove it. I have to click "ok" like 15 times before it goes away. I don't notice any slowdown of my computer or anything and no redirects for the browser either. And occasionally a video want to download itself onto my computer. I'll be doing nothing, just booted up my PC and IDM (which I use for downloading) pops up and says that a video it going to be downloaded something from memecentral.com. It's bugging the hell outta me. I have ran MalwareBytes Anti-Malware, SuperAntiSpyware, Spybot Search & Destroy, (fully updated and latest version) TDSSKiller and Combofix. I have Comodo Anti-Virus running and I have unistalled Firefox and Chrome and reinstalled them but still to no avail. Also I'm running Windows 7 Ultimate x64 (fully updated)
 
So I have turned to you guys for help.
 
Thanks in advance for any help.
 
 
 ComboFix.txt   42.78KB
  4 downloads

A:Infected but I can't find the infection...

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Download the version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first t... Read more

Read other 8 answers
RELEVANCY SCORE 37.6

i am redirected here by crytodan previous topic post http://www.bleepingcomputer.com/forums/topic451906.html and here are my scan logs. so far I ran malwarebytes, securitycheck, DDS, have run defogger as I did have cd emulator "deamon tools" and rebooted. Had an issue with SAS on install this message ""Description:Faulting application superantispyware.exe, version 5.0.0.1148, faulting module superantispyware.exe, version 5.0.0.1148, fault address 0x0007712c. "" the complete event info is in the previous topic above. redownloaded tweice and reinstalled a few times same error. Still able to run SAS however, it is running now. log will be posted when it finishes below.DDS.scr downloaded it and followed instructions however my son uses autocad and this file type is used by autocad the file just opened as a exe would open via notepad. So i renamed it to DDS.exe from DDS.scr double clicked on it and it ran and did it's thing. these logs are also below.To start things rolling here are the logs so farMalwarebytes just shows protection logs ??? here they arefrom 2012-04-18 2012/04/18 23:48:57 -0400 D820LIVINGSTON admin1 MESSAGE Starting protection2012/04/18 23:49:07 -0400 D820LIVINGSTON admin1 MESSAGE Protection started successfully2012/04/18 23:49:10 -0400 D820LIVINGSTON admin1 MESSAGE Starting IP protection2012/04/18 23:49:17 -0400 D820LIVINGSTON admin1 MESSAGE IP Protection started successfully2012/04/18 23:52:54 -0400 D820LIVINGSTON ... Read more

A:infected? lets find out!

Gmer ran overnight in the morning I was presented with a window that indicated that a fault had occurred this a paste of the event log entry. I have no idea if it was GMER or some other thing.***paste from event logEvent Type: InformationEvent Source: Application PopupEvent Category: NoneEvent ID: 26Date: 02/05/2012Time: 7:16:49 AMUser: N/AComputer: D820LIVINGSTONDescription:Application popup: Windows - Application Error : The application failed to initialize properly (0xc0000017). Click on OK to terminate the application. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.I was able to save the GMER log and it is posted at the bottom of this post.Right after saving the log my PC seemed locked, I lost the function of the mouse, here are some event log entries that occurred just before the entry above and just after. Event Type: ErrorEvent Source: atapiEvent Category: NoneEvent ID: 9Date: 02/05/2012Time: 5:33:47 AMUser: N/AComputer: D820LIVINGSTONDescription:The device, \Device\Ide\IdePort1, did not respond within the timeout period.For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.Data:0000: 0f 00 50 00 01 00 a4 00 ..P...?.0008: 00 00 00 00 09 00 04 c0 .......?0010: 00 01 00 00 00 00 00 00 ........0018: 00 00 00 00 00 00 00 00 ........0020: 00 00 00 00 00 00 00 00 ........0028: 00 00 00 00 00 00 00 00 ........0030: 00 00 00 00 07 00 00 00 ........0038: ... Read more

Read other 42 answers
RELEVANCY SCORE 37.6

Hi!,
I`m posting this here in the hope that someone can give me some advice, or at least some peace of mind,
after doing a spyware/Virus check with with different scanners, Norton detected a known keylogger inside a deleted file inside my recycle bin.
It said it was called SmartKeystrRecPro.exe.
Now I know I opened this file, but as usual nothing was amiss at the time.
Ive since done a check with various progs but it only ever spots the deleted file in the bin and not one in my system anywhere,
Is it hiding somewhere?
I`m presuming it excecuted when I opened the file and installed itself somewhere, but I cant find the thing!
Can anyone please recommend a scan to mke sure it isn`t my system somewhere?
Why can my scanners spot the deleted threat but not the installed one?
Please help, I`m totally stuck this time!

I`m running Vista Home Premimum.

I`d really appreciate any advice at all on this, thanks.

A:Think im infected by a keylogger, but cant find it!

Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list ... Read more

Read other 5 answers
RELEVANCY SCORE 37.6

Hi
My website was hacked over the weekend and someone from the hosting company who helped to restore it back to normal, advised that I need to scan and clean up all local machines. He said that in 9 out of 10 cases malware on a local machine steals the ftp access details from a computer. He also suggested running Microsoft Security Essentials, which is what I am currently doing.
My search on Google brought me to this forum and I would like to kindly request your help with identifying if there is any trojans or other malware on my computer. I have Windows 7 64 bit installed on a Dell laptop. As far as I can tell there are no particular symptoms to suggest it is infected but I need to be 100% sure. Microsoft Security Essentials have found and removed 2 potential threats so far and it is still running.
I have to admit that I always disable the Windows Firewall as I find it blocks absolutely everything! I have followed your instructions and the firewall is now enabled, as a result I can't even send an email! Is there a link to a guide on how to set up a firewall to do its job without blocking all my activities?

Please find my DDS log below and many thanks in advance:
.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by dell at 16:18:04 on 2012-01-30
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.6007.1835 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-91... Read more

A:Help me find our if my computer is infected

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 2Make sure you are connected to the Internet.Double-click on Download_mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:[list]Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'S... Read more

Read other 1 answers
RELEVANCY SCORE 37.6

Hi, I posted about the problem I'm having with my computer in the 'Am I infected' section of the forum, but thought I should post here with a DDS log to see if anyone can see anything wrong.
 
Here is the description of my problem from my other post:
 

I've been having some problems with my computer ever since I got some alerts from Norton internet security that intrusion attempts had been made.
For example when I go to the hotmail log in page in IE8 there is just a blank white screen, and youtube videos just show as a black box. Other web sites have similar problems. My broadband speed has also become very slow, at only 0.19 mbps when it should be at least 2 mbps (although this might not be related, could be a separate fault on the phone line). I have also noticed that software I've installed recently is not listed in the add/remove programs list in the control panel, so I can't uninstall it.
I have Norton internet security running with live update, I have Spywareblaster installed, and I have run scans with AdAware, Malwarebytes Anti-Malware, Super Antispyware, Windows Defender, and online virus scanners from Panda, trend micro housecall, ESET, Kaspersky and probably some others I've forgotten now!
None of the scans have found anything except some tracking cookies, so what can I do now? Should I do a Hijack this log or some other advanced stuff? Could someone guide me through what to do?
The computer is an old desktop with Intel pentium 4 3.06Ghz CPU, 512mb RAM an... Read more

A:Maybe infected, but scans can't find anything. My DDS log.

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/502773 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 16 answers
RELEVANCY SCORE 37.6

Hello smart people of MyBleepingComputer,

I just got rid of the dang podmena, feedyard backdoor trojan-I think. I hear that if once infected always, but I don't know. Well my computer is slow starting up. Surfing the internet is slow as well. I had something from NOXZ0ES9 that I deleted. But anyway can you please help me find out if I'm still infected. thanks for your time and patience, it is greatly appreciated.

A:Awww man, I think I'm infected. What do I do to find out?

Hello and welcome. First some info on these backdoors.One or more of the identified infections is a backdoor trojan.This allows hackers to remotely control your computer, steal critical system information and download and execute files.I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I ReinstallWe can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 2MBAM may "make changes to your re... Read more

Read other 5 answers
RELEVANCY SCORE 37.6

Since the 21th December I started to be unable to use my computer properly. Each time I would type something on yahoo, it would take more time than usual and when I want to click on some result, instead of taking me to the page that is displayed I would be taken to some random spam site such as porntube.

Also aside from BitDefender and AVG Anti-Spyware, I am unable to use now Spybot, Malewarebytes and SUPERAntispyware, they just would either crash (SUPERAntispyware) or not boot at all (Spybot and Malewarebytes).

Since BitDefender still worked, I ran a scan and found the following viruses:

C:\WINDOWS\system32\ActiveScan\pskavs.dll Trojan.Generic.1020738 Deleted

C:\Documents and Settings\XXX\Local Settings\Temp\wJQs.exe Trojan.Retapu.D Deleted

C:\Documents and Settings\XXX\Local Settings\Temp\Acr85D2.tmp=](JAVASCRIPT) JS.Obfuscated.Gen Deleted manually in safe mode

AVG Anti-Spyware, hasn't been updated since June 2008 and I can't seem to be able to update it since it says "can't connect to server, same goes for the BitDefender. I think the reason for that is, when I tried to run Panda Active Scan Pro, BitDefender asked me if I would allow or block regsrv32, I used the option block whitout knowing it was not a virus. Now I am seem tp be unable to update any of my anti-virus...

Still, I ran 2 scans with BitDefender, the full system scan found 3 viruses listed earlier which I have gotte... Read more

A:Infected with something that Bitdefender can't seem to find.

Hello and welcome. Please perform all the steps you can to post an HJT log from this guide,thanks. Avoid running ComboFix until the HJT team member asks for it.Preparation Guide For Use Before Posting A Hijackthis Log

Read other 3 answers
RELEVANCY SCORE 37.6

Logfile of Trend Micro HijackThis v2.0.4Scan saved at 9:18:04 AM, on 10/12/2010Platform: Windows 7 (WinNT 6.00.3504)MSIE: Internet Explorer v9.00 (9.00.7930.16406)Boot mode: NormalRunning processes:C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Program Files (x86)\IPFax\FaxMonitor.exeC:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exeC:\Windows\SysWOW64\DllHost.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://drudgereport.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQDSK/1R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQDSK/1R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)... Read more

A:Infected with something, but unable to find it??

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 3 answers
RELEVANCY SCORE 37.6

After clicking on a download link recommended to me Chrome froze and a box came up saying I needed to ring an 0800 number immediately. It said that I shouldn't turn off my pc or restart or anything as my computer is infected. I've just spent the last hour plus on the phone to an man who told me my computer is heinously infected with malware, spyware, and god knows what else. Freaking me out ... he accessed my computer and ran all these programs showing all my passwords and god knows what else ... proof he said its been hacked. Right now I feel like chucking my computer out I'm so freaked out! Close to tears frankly. At the end of it all he was pushing for money to fix it all, pushing for my credit card number etc. I explained I had no money, so he asked when I would have money! I told him when I win lotto, trying to get him to accept I haven't got any, but he kept pushing. He said my computer is open to all sorts of shyte now unless I pay to get it cleaned. He opened piles of windows, talking really fast, showed me all the places my computer is infected. How do I find out if it is really infected, and if so, what do I do to clean it all up? Thank you in advance for any help, I'm totally at a loss. The computer is only 2 months old and running Windows 10. 

A:How do I find out if my computer is infected?

That was a criminal you were talking to. Good that you did not give him any credit card number or other such as PayPal.
Your mentioning the criminal viewed your passwords could be a serious problem if recorded those in some way.
Suggest you change passwords especially for emails, shopping sites, banking and other financial sites. It is important to
change the secret words for those accounts, too.
 
You can check for any adware, crapware and malware that may of been left on your computer using the programs below.
 
Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the
Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.
After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.
CCleaner - PC Optimization and Cleaning - Free Download
 
Download Malwarebytes' Anti-Malware from Here
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
Click the Scan tab at the top of the prog... Read more

Read other 5 answers
RELEVANCY SCORE 37.2

The firewall of my Windows 7 Ultimate computer does not respond and answers only with error Ox6D9.

Read other answers
RELEVANCY SCORE 37.2

I have a Lenovo laptop with Windows 8. The laptop screen cracked terribly a while back, and the cheapest solution was to keep using the laptop but buy a monitor to hook it up to, so now I have basically a desktop computer. I also got an external keyboard and handheld mouse.
Last night, my boyfriend was typing in a website address on the external keyboard but the keys came out all jumbled- not numlock, as numbers, but instead pressing a letter would result in a long stream of letters. Two buttons on the keyboard were lit up (it's a Dynex)- an A in a square and an upside down T in a square. I turned the computer off, it didn't help. Then the mouse arrow on the screen began flickering, the volume button popped up on the screen and wouldn't disappear, and all text on the page became highlighted in blue. I unplugged the external keyboard, but my laptop keyboard wouldn't work! It was as if pressing the keys on it didn't even register.
Scared that I had a virus, I powered off my computer. I unplugged the external mouse and keyboard, but kept the display monitor on because the laptop screen is so severely cracked. I went to sleep and decided to deal with it this morning.
When I turned on my computer this morning I had the external keyboard unplugged- and everything worked fine! First I backed up all of my important files on a 32GB USB, and then I ran a full scan of my computer with Avast! Anti-virus. Everything is clean and up-to-date. I plugged in the extern... Read more

A:I hope this is the right category?

I think the most likely cause is the external keyboard. Try to borrow another to test.

Is the laptop a touch-screen type ?

EDIT : forgot to say 'welcome to TSG' !
 

Read other 2 answers