Over 1 million tech questions and answers.

I acciedently removed part of my Google tool Bar, for windows vista

Q: I acciedently removed part of my Google tool Bar, for windows vista

So I noticed that, my slideshow on my windows vista google sidebar, that came with my my computer, was viewing pictures that I didn't have in my files. I clicked on the pictures, and noticed they were from photobucket, which I had recently visited. So despritly trying to figure how to delte them, I did a computer scan, but that took to long, and when I went to the web browser to delete the cookies there were none there. With nothing else to do, I clicked the little down facing arrow symbol above the box where my pictures were displayed, and saw one that wasdnt mine. I right clicked it and saw the option "remove", so I clicked it thinking I was removing the picture. Unforrtunetly, I ended up removing the whole picture slide show device. I am so upset, how do I get it back on there? Please!

RELEVANCY SCORE 200
Preferred Solution: I acciedently removed part of my Google tool Bar, for windows vista

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: I acciedently removed part of my Google tool Bar, for windows vista

I don't have it so I'm not exactly sure what you did -- but I don't think you uninstalled it.

In Internet Explorer select Tools > Tool bars and see if it is there.

If not, you can either reinstall it from Google or just try a system restore.

http://toolbar.google.com/T4/index.html

http://www.google.com/ig/directory?synd=toolbar&q=slide+show&btnG=Search

Do do the latter run rstrui.exe and select a date when it was there.

Read other 1 answers
RELEVANCY SCORE 65.2

Hi,

I am new to this site, so would appreciate it if you bear with me with regards to any further information that you may require.

I have recently had the Windows Vista Recovery virus on my computer. As far as I know I have removed the virus from my computer with programmes such as iexplore.exe and malware bytes.

The issue that I am having now is when I type something into Google, the search results come up, but when clicking on the links, they are redirecting to a completely different website.

I would appreciate the help in how to stop this happening as I havent got a clue.
Please make me aware if you require any further info.

Thank you

Read other answers
RELEVANCY SCORE 64.8

I had the same experience as described on this thread:
http://www.bleepingcomputer.com/forums/topic398389.html

So - I followed the same instructions (ran defogger, dds, rkunhooker). Logs attached.

Before I tried this, I went through the steps of removing the fake Windows Vista Recovery program as best I could based on several forums - it seemed to work.
(Steps taken were along the lines of: changed settings to view hidden files, manually removed related files, went into regedit to remove added entries, installed Windows Security Essentials and ran a full scan which found and removed 3 files, and then ran a script to reset all my files and folders to not be hidden anymore.)

After all that, I still get strange behavior clicking on google search results where the page will re-direct several times and end up back in the google search page. (before installing Security Essentials - redirects always landed on some ad page).

Other thing I noticed that seems related is that when I re-installed Adobe Flash for FF/IE, my Flash Access 2.0 module isn't able to individualize the computer (so I am unable to stream encrypted movies from mSpotmovies). I installed Chrome to see if that might work since that uses a different version of Flash but Chrome couldn't even get to the web to display the google search home page. FF/IE could still browse the web. Uninstalled Flash 10.3 and installed 10.2.159 to see if Access 2.0 individualization might work with that but it didn't. (n... Read more

A:Windows Vista Recovery removed but google redirects among other things

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

Read other 19 answers
RELEVANCY SCORE 57.6

Earlier today, I decided to accept the free offer on my Win 7 Samsung laptop to upgrade to Windows 10. The upgrade checker started by telling me that this laptop was compatible but now seems to be in two minds about the subject and won't let me upgrade. Some assistance would be greatly appreciated, as the July 29 deadline is fast approaching.

One screen on the Get Windows 10 dialogue box reads as follows:

This PC works with Windows 10

You won't be able to use the Guest account in Windows 10.

You'll need to uninstall these apps during the upgrade
Samsung Recovery Solution 5
Easy Settings [another Samsung app]

I decided to uninstall the 2 Samsung apps before starting the Win 10 upgrade, but the Get Windows 10 dialogue box still insists that they are there despite a couple of reboots. Those apps no longer appear in Control Panel's Uninstall or Change a Program list. Neither are there any obviously related Services still running.

When I try to proceed with the Win 10 upgrade I am presented with another page of the Get Windows 10 dialogue box:

Unfortunately, this PC is unable to run Windows 10
We're sorry to let you know that this PC can't upgrade to Windows 10 because one of more things are incompatble. See right for details [that takes me back to the other page quoted above, which tells me that my laptop works with Win 10!]

This is very frustrating. Where do I go from here?

David

A:Get Windows 10 tool objects to apps that have already been removed!

Have you tried using ccleaner (thread on this forum) Latest CCleaner Version Released - Windows 10 Forums

and clearing out all the registery entries for the tools.

Read other 0 answers
RELEVANCY SCORE 57.2

I somehow managed to get the Vista 2012 virus. After looking on bleepingcomputer I was able to remove it following the directions, but now all my Google searches are redirected. My McAfee antivirus is up to date but doesn't detect any problems with the computer. GMer also kept crashing in windows, saying it needed to shut down. These are my logs. Thanks!
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Josh at 16:10:07 on 2011-12-16
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3573.1242 [GMT -5:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32 ... Read more

A:Removed Vista 2012 and now Google redirects

Hello and welcome. Please follow these guidelines while we work on your PC:Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I?ve given you the ?All clear.? Absence of symptoms does not mean your machine is clean! Please do not run any scans or install/uninstall any applications without being directed to do so.Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed. Download aswMBR.exe to your desktop.Double click the aswMBR.exe to run itClick the "Scan" button to start scanOn completion of the scan click save log, save it to your desktop and post in your next reply.Please include the following in your next post:aswMBR log

Read other 20 answers
RELEVANCY SCORE 54

Appreciate if anyone can advise of the RPTester tool is a publicly available tool glimpsed in forum question

Delegation Authorization Rules / ActAs removed in ADFS 4.0? (Windows Server 2016)

Read other answers
RELEVANCY SCORE 54

i use the atf cleaner to clean temp files in my pc. but after i used it some parts of bleeping computer was removed do you know how to correct it?

the design of bleeping computer is gone. only letters is present.

A:help! some part of bleeping com was removed

probably u saved these images and files from BC to your PC (in your cache), your browser does this to load websites faster (it downloads these files and saves them, so it doesnt have to download them every time you visit bleepingcomputer.com). Generally restarting your browser (or your PC) will do, if not please reply.

Read other 18 answers
RELEVANCY SCORE 53.2

I have yet another problem. For a couple of days I had been bombarded with a virus. Well, I got that taken care of, but now I have lost part of my top tool bar on my yahoo page. (I think that is what you call it). It was just under the address area for Yahoo. It had the bookmarks, search, yahoo and google search boxes. Does anyone know what I am talking about? If so, can you tell me how to get it back? Thanks, Wrenie
 

A:Lost Part of Top Tool Bar

Read other 9 answers
RELEVANCY SCORE 52.4

A few days ago my computer was infected with a "ms removal tool" virus, following the instructions on a Google search i ran malwarebytes in safmode, and removed two infections. it appeared to be gone, but a few days later it pops up again out of no where, and after trying running malware bytes, and other similar programs in safemode, the virus still persists. the virus does not let me run any programs when im not in safe mode, so i am operating entirely out of safe mode right now. i will post logs, and hope that someone will be able to help me get rid of this once and for all.DDS (Ver_11-03-05.01) - NTFSx86 NETWORK Run by Administrator at 18:33:34.71 on Sun 04/10/2011Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_23Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2569 [GMT -4:00].AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ===============.C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Google\Chrome\Application\chrome.exeC:\Program Files\Mozilla F... Read more

A:MS REMOVAL TOOL PART DEUX

i found a suspicious folder with files in it, idk what it is but ill leave it alone until someone replies. the folder is called aJk31001mOlAn31001 with a 2 files with similar names, located in the all users application data folder.

Read other 9 answers
RELEVANCY SCORE 51.2

Hello! I've been reading around, as I've seen this virus has been hitting a lot of people recently. I was first hit with the Windows XP Recovery Virus yesterday, ran MBAM and Spybot S&D and completely removed it, among other things, from my computer. I am running Windows XP SP3. I decided to make a topic because I wasn't sure if my case was any different, so I figured I'd rather be safe than sorry.

However, even after that fact, I noticed there was still a Google Redirection virus, along with a rogue "iexplore.exe" process that would return after being killed. I believe the two are connected, and I ended up changing the name of iexplore.exe to _iexplore.exe, killed the process, and it has yet to return, but I am still having the redirection problem. I've run searches through MBAM, Spybot, and Trojan Hunter (both in and out of safe mode), nothing has come up. TDSS Killer will not run. Any help would be appreciated!

Not sure where to start, but I have a few logs from MBAM and Hijack this, if needed, let me know. Thank you very much!

Read other answers
RELEVANCY SCORE 50

My son's computer came down with the Windows 7 Repair virus. I used the removal guide on this site and the virus *seems* to be gone and I can see all the files. Everything seems to be running smoothly, except that Google search results in Firefox and IE are redirecting various meaningless sites.

I have three computers on this network and only the one has this issue.

Of note before I install the logs.... I went to my account on this same computer and tried to launch Chrome. I got this odd message:

"An administrator has installed Google Chrome on this system, and it is available for all users. The system-level Google Chrome will replace you user-level installation now. "

When I ran gmer, the screen did not look like the screen in the "getting started" page of this site. Many items that were shown as being checked were grayed out in my gmer and not available to check -- e.g. systems, sections, IAT/EAT, devices, modules, processes, threads, libraries. I was able to check Services, Registry and Files.

Also, the computer has a D: partition but only C: showed up. "Show All" was grayed out. There was also a thumb drive plugged in but gmer did not find that either. It did scan but when I went to save it the only option was to save as a log file, not a txt file. I saved as a log file but it shows as being 0 kb. So I have not attached it and will await any help to get the log done right. Below is the DDS info.

Many thanks for any help... Read more

A:Already removed windows 7 repair (I hope) but Google search is redirecting

Have I done something wrong? I see many similar issues posted after mine that have received replies.

Read other 17 answers
RELEVANCY SCORE 50

Hello all, This is my first post here and im glad I found this community. I have been working on a family members dell desktop to remove the Google redirect rootkit virus. After trying to remove it for about a week I think I finally took care of it with Hitman pro 3.6 except that after restarting the PC after running hitman, windows wont start now. It is running windows 7. Im hoping someone here can help me out with getting me back on track. All help is GREATLY appreciated, Thanks

A:Had Google Redirect, removed with Hitman Pro, Windows wont start. Please help

ttt

Read other 38 answers
RELEVANCY SCORE 49.6

Yesterday afternoon, I was infected with the SecurityTool virus, which I got by clicking on a link in a Google search (so potentially it could be the Google redirect virus as well). When it popped up, I immediately began running a Malwarebytes scan, and since this appeared to be working fine, I continued with what I was doing. However, a few minutes into the scan, the computer crashed, showing a blue screen error, the text of which I don't remember. When I tried to turn the computer back on, Windows would not boot, even in safe mode. I was able to boot from the installation CD (Window XP sp1), and I ran malwarebytes again, as well as a superantivirus scan. I also replaced the host files with the defaults. There are still a few problems. The computer is running slow. It's fairly old (7 years?) and it probably needs all sorts of cleaning, but this is unusually slow. Windows now takes about 1-2 minutes to boot, as opposed to its usual 1-10 seconds. I was going to say that I couldn't access Add or Remove Programs, but just as I was about to type that, it showed up (it took about 2 minutes). I also can't access the internet (I have been downloading things on this computer and transferring them with a usb stick). It is not a problem with the network, as all the other computers are running fine. I also tried basic things like restarting the modem, restarting the computer, and uninstalling and reinstalling Firefox. I am still getting "can't find... Read more

A:Security Tool (mostly?) removed

Since it has been over a week, I just wanted to post to say that I am still interested in receiving help. Nothing has changed with the computer.

Read other 16 answers
RELEVANCY SCORE 49.6

Can anyone share how to re-install the snipping tool? I must have installed something that had a conflict with it and its gone now, nowhere to be found.

The same happened with my right click>new>text document notepad

I've tried searching the forums and a place to download and install but couldn't find anything.


Thank you for your time and help.

A:Snipping Tool removed

A system restore will bring everything back to the way it was.

or download here
http://microsoft-snipping-tool.software.informer.com/

Be sure to make a system restore point, first.

Read other 8 answers
RELEVANCY SCORE 49.6

I recently had my email account compromised, and was not running antivirus at the time. I installed antivirus and found one file, described by AVG (free) as a potentially harmful hack tool.flz. I removed this tool and then also scanned with Adaware (free) in which case no malware was found. Now I want to make sure no trojan was installed. Any help would be greatly appreciated.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:14:39 PM, on 12/21/2009Platform: Unknown Windows (WinNT 6.01.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16385)Boot mode: NormalRunning processes:C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtcmd.exeC:\Program Files (x86)\AVG\AVG9\avgtray.exeC:\Program Files (x86)\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exeC:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exeC:\Program Files (x86)\Trillian\trillian.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - ... Read more

A:Tool.flz found, removed

Hi, I re-read the instructions and realized that I needed to post the DDS log and the Attach.txt, so here they are. I could not run rootrepeal as I have a 64 bit operating system (Windows 7). Thanks.
DDS (Ver_09-12-01.01) - NTFSX64
Run by Derrick at 15:39:29.14 on Mon 12/21/2009
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4094.1204 [GMT -8:00]
============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Windows\system32\lsm.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Pr... Read more

Read other 3 answers
RELEVANCY SCORE 49.6

It Started last night with Windows XP Recovery. I was not able to access internet so I went to this computer and downloaded rkill and MalWareBytes. I ran rkill and MalWareBytes. MalWareBytes was stopped in mid scan so I ran them both again but in safe mode. I had the following show up when I ran Rkill: On the black screen after ?Please be patience? was ?Access Denied? but it had seem to stop everything. I ran the MBAM and it had 4 or 5 infections that I removed. I rebooted the computer and I started seeing MS Removal Tool. It was late and I was tired and missed seeing the part about running TDSSKILLER. I looked it up on Bleeping Computer and ran Rkill and MalWareBytes again access Denied msg on Rkill. MBAM found virus again and removed them. Tried to do a google search to fix the Windows HOSTS file but was unable to go anywhere because kept redirecting me. Stopped for the night. Woke up and saw I missed the TDSSKILLER and redid everything and ran it./ The TDSSKILLER found one item and cured it. I looked up google redirect and followed steps on that. Now it seems I got rid of everything but the google redirect. Can you help me? This is my son?s computer and he needs it to finish up the school year.
DSS Log

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Parent at 14:18:17.43 on Mon 05/16/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.113 [GMT -6:00]
.
AV: My Security Engine *Enabled/Updated* {6FDA9831-3BC4-4DF7-A6AC-18659B6... Read more

A:Windows recovery, MS removal tool and google redirect

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 3 answers
RELEVANCY SCORE 49.2

I had a tough time removing windows vista recovery WVR, but managed. I used mbam in safe mode and it would stop scanning after 15 minutes or so several times. I finally ended it early to get rid of about 200 or so infections. it still would stall midway through. I tried rkill. mbam would still stall midway in both safe and normal modes. but after running rkill i was able to identify 2 random running files, 1 of which i noted killed the WVR. So i manually went in and deleted both random files. Yahoo!! it got rid of the WVR. now I need to restore the start menu icons and desktop icons. I did use unhide several times but they don't gome back, I did temporarly remove the AV and Mbam to run the unhide as stated at the end of the program, but that don't seem to work either, do I need to manually put them back. Thanks for the help

Read other answers
RELEVANCY SCORE 49.2

We had the dreaded Ms Removal Tool which blocked Internet access and constant problems. Eventually my wife (her computer doesn't let me change anything although she's a PC novice) used Safe Mode with Networking and Malwarebyte Anti-malware and removed it. But I don't know how we picked it up in the first place since it definitely wasn't there a few days ago (surreptious anti-malware scan by me) and I didn't install anything I am pretty sure. Can out of date Java let it in? Update 20 only partly due to nuisance update failure and wife wouldn't let it be fixed another way at my urging.
By the way have Win7 (japanese) with security software.

A:Ms Removal Tool removed but how did I pick it up

Quote:
This infection is categorized as a rogue anti-spyware program. It pretends to be an anti-virus program, but is actually a program that displays fake security alerts and scan results in order to make you think your computer is infected. MS Removal Tool is installed through the use of malware that will install the program onto your computer without your knowledge or permission.


Source

Is it possible that Java 6u20 let it in? Yes. Most Java updates fix security holes. But it's also possible that you visited a website running Flash advertisements and one of those ads was the source of infection. Especially if you have an outdated Adobe Flash Player.

It's really a good idea to keep Java and Adobe updated. You can go into Control Panel > Programs and Features to uninstall the old Java before installing the latest version. Or you could use JavaRa as an alternative. If you need to uninstall Adobe Flash, use their official uninstaller to make sure all of the old Flash is removed. And if you install the latest Flash, make sure to UNcheck the free Google toolbar before installation (unless you want the toolbar.)

Read other 9 answers
RELEVANCY SCORE 49.2

I hope I can explain how I did it.

My mom's computer was infected with Security tool, 2 days ago. I couldn't run anything (malwarebytes, SAS). I had MBAM and SAS already installed in this computer. Couldn't run commands, couldn't open system restore, I felt sick to my stomach.

I knew I had to stop Security Tool from loading, if I was going to be able to remove it. It took 3 tries, to stop it from loading at startup. I would turn the computer on and as soon as the horrible Security tool loaded and started scanning, I would click ctrl,alt and delete. Taskmanager would flash up and go away. The 3rd try , there was the little window(taskmanager) in the background and I was able to quickly, click (end task). I had stopped Security tool. I emediately clicked on system restore and chose an earlier date and it went thru the process. The message said incomplete, did I want to restart. I knew if I restarted, Security tool would be back up and running, couldn't do that. So I clicked, Home, on System restore and chose another restore point, ran it and got the same message, Incomplete. I was sick and thought all I can do now is restart. So I did and low and behold, Security Tool didn't startup. So I quickly, updated MBAM and ran a quick scan. It found and removed a trojan. Then I updated SAS and ran it and it removed a bunch of cookies.
I then made sure that MS critical updates were up to date. Also my Avast 5.0 was up to date too. I then ran a complete MBA... Read more

A:I removed Security Tool (solved)

Forgot to mention, the infected computer was Windows xp home, 64bit
 

Read other 2 answers
RELEVANCY SCORE 49.2

While on Firefox, I clicked on a facebook link which brought to a site. I didn't see anything worth while and clicked very fast (so I am not sure if I had actually downloaded something by mistake), but left all my firefox tabs open(probably about 20). I then stepped away from the computer for awhile. When I returned, I had this Security Tool virus appearing. I was able to find out where this virus was (c:\documents and settings\all users\application data\99076940\99076940.exe) It wouldn't let me go into msconfig (to delete) because this was running, so I changed the name and reboot. I was able to delete the file, however security tool still is in my programs (at startup), programs are crashing (firefox and others) and malwarebytes cannot seem to remove the problems it shows. I tried to restore to several different dates within MS accessories system tools, but it wouldn't restore to any of those dates saying nothing has changed. Further, it disabled my NOD anti virus software and even after I reinstall and reregister it, it will not run. I have an XP Media Center SP2 version 2002. Any help would be greatly appreciated!

A:Security Tool not removed via instructions

Hello hwgWelcome to BleepingComputer ==========================Download OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output.Under the Standard Registry box change it to All.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.===========Download This file. Note its name and save it to your root folder, such as C:\.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.Click on this link to see a list of programs that should be disabled.Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")Allow the driver to load if asked.You may be prompted to scan immediately if it detects rootkit activity.If you are prompted to scan your system click "Yes" to begin the scan.If not prompted, click the "Rootkit/Malware" tab.On the right-side, all items to be scanned should be checked by defau... Read more

Read other 25 answers
RELEVANCY SCORE 48.8

Hello all!

I am working on a computer for someone that has Windows Mail on Windows Vista Home Basic. I noticed that it did not have the option (at least, not that I could find) to display a quick-to-get-to contacts in the lower-left corner of Outlook like my old Windows 98SE version of Outlook Express does. With mine I can just double-click on a contact name to create a new mail for that person. I can't find a way to display contacts on Vista's version of Windows Mail... On my 98SE it resides in:
"View" > "Layout" > "Contacts"
Am I overlooking it somewhere? Help! Please?
 

Read other answers
RELEVANCY SCORE 48.8

Hello all,I am a new member here. I was got trapped by security tool on my windows XP professional. I had removed security tool from my computer using malware removal log instructions but at the end my system volume is also removed.The system volume appears ok in all settings as i had reinstalled the audio drivers as well but the sound is not coming, so i was thinking may be while removing security tool one of my audio file is also removed. Please help me to sort out this problem.Thank u.

A:security tool removed my system voulme.

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

Read other 2 answers
RELEVANCY SCORE 48.8

I have run my CA spyware program on my pc several times today and I seem to be having a problem removing NUWAR B spyware. When I choose to quarentine it, it looks like it works, but when I restart my computer and run the spyware program again, it's still there. I have also done a complete superantispyware scan on my computer and it's still there. I have done the panda scan and the hijackthis scan. Here is my logfile for the Hijackthis scan...


Logfile of HijackThis v1.99.1
Scan saved at 629 PM, on 9/21/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program... Read more

A:NUWAR B detected on CA spyware tool, but cannot be removed

Bump please - still looking for help

Read other 1 answers
RELEVANCY SCORE 48.8

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Will at 22:14:02.79 on 09/03/2011
Internet Explorer: 8.0.6001.19019 BrowserJavaVersion: 1.6.0_18
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.44.1033.18.3070.1452 [GMT 0:00]
.
AV: BitDefender *Enabled/Updated* {5988F8C3-A12C-B8DD-7291-D5248C8353F8}
SP: BitDefender *Enabled/Updated* {E2E91927-8716-B753-4821-EE56F7041945}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spyware Doctor *Enabled/Updated* {F008AB3A-52B9-2B13-3681-4ED4FDA86549}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k Loca... Read more

A:System Tool removed but laptop "very" slow...

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!These instru... Read more

Read other 2 answers
RELEVANCY SCORE 48.4

friend of mine told me i coul get it for free
Anyone knows how
Thanks a lot
 

A:Solved: vista tool bar on windows xp

Read other 14 answers
RELEVANCY SCORE 48.4

New to this site, so thanks in advance for any help offered.
Older Acer laptop running Vista HP SP2
Trying to remove Windows antibreach tool. Followed the instructions but it still exists after executing remvines.exe in safe mode and rebooting so I can't open a browser to download and run MBAM.
Any suggestions?

Read other answers
RELEVANCY SCORE 48

I found a worm & a virus on this computer and did an automatic fix using Trend Micro's House Call. It seems I can't update windows, or turn on critical protection for this computer. When I try, it becomes unresponsive and eventually I need to re-boot. Downloaded Vista recovery and made it bootable, still doesn't seem to fix the problems. When I1st looked at this computer the desktop wouldn't even show up, just a black screen. In safe mode it would. Did repairs to startup with recovery cd and now the desktop shows up, but still I can't get windows updates, etc. HiJack this log below.If you can help out, or if you have suggestions, I really appreciate it.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 3:09:30 PM, on 10/4/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18904)Boot mode: Safe mode with network supportRunning processes:C:\Windows\Explorer.EXEC:\Windows\helppane.exeC:\Program Files\Windows Media Player\wmpnscfg.exeE:\HijackThis.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = PreserveR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h... Read more

A:Windows Vista SP2 Laptop - Worm & Virus Removed but.......

Update:
Worm was KUBFACE.SMF
Virus A9INST~2.exe

Read other 1 answers
RELEVANCY SCORE 48

Hey everyone. I obtained a student copy of Windows 7 back in October like many of us did, and like many of us, I installed as a clean install, not an upgrade. Or so I thought.

I was running Windows 7 for months before I decided to finally remove the Vista harddrive (I installed Windows 7 on the Intel 80GB X25M.) Apparently, when I removed the drive, I wasn't able to boot into Windows 7. Now I thought I had done a clean install of Windows 7.

I think I should mention that during bootup, my Bios gives me two OS's to choose from, and they both say Windows 7. But, only one actually worked. The second choice would just bring me back to my Bios rebooting and brought me back to the OS choice screen.

So for now, I have reconnected my Vista harddrive so I am able to use my install of Windows 7.

Why would this happen if I did a clean install (installed by burning the upgrade setup to the DVD, then onto a clean new drive, and activated it successfully.) And why would it show my two Windows 7 choices at bootup?

I hope you guys can answer these questions for me. Can't seem to understand what went wrong.

A:Removed my Vista hard drive, now Windows 7 won't Boot?

Please post back a screenshot of your full Disk Management drive map with listings, using Snipping Tool in Start Menu, attach file using paper clip in Reply box. Label or explain the drive contents.

Then we can advise you the exact steps.

You likely have a Dual Boot which needs the MBR recovered into 7 - we help do it every day here.

Read other 6 answers
RELEVANCY SCORE 48

first of all thanks for your time

i came here for help with another problem which happened to be in my regedit, that had to do with programs brining up the "open with" menu..but i've fixed it with xp_exe_fix, so i think that is all taken care of. I recently recovered from/deleted from my computer the Windows Police Pro / desote virus, with spyware doctor and y manually deleting the files in safemode. Now my new problem is that my computer is running a lot slower, and on startup (heres the big one) spyware doctor detects and blocks a Rootkit.tdss which wont show up in my scans, and i can't find it. Heres my hjt file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:38:48 PM, on 9/1/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Users\CrabMang\Desktop\iexplore.exe
C:\Users\CrabMang\Desktop\iexplore.exe
C:\Users\CrabMang\Desktop\iexplore.exe
C:\Users\CrabMang\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/Mothership...%&ai=636E3D34343436393426706F3D35353339333641
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Searc... Read more

A:Rootkit.tdss after windows police pro removed - vista

Update: didn't mean to bump so early but have some significant news

Last night i turned my computer off and this morning it would freeze after imputting my password and trying to sign on. it did this 3 times before i restarted in safe mode. In safe mode i ran a spyware doctor scan and it actually found the rootkit.tdss. I clicked to fix it, and it said it was removed and needed to reboot to completely remove the virus. So i rebooted and thankfully, it started normally without a problem, not in safe mode. So for the first time Spyware Doctor didn't give me a pop up that it had blocked Rootkit.tdss on startup but when i ran a scan, the rootkit.tdss was still there, and somehow spyware doctor had found it again (not in safe mode). So i clicked to fix it, and spyware doctor said it deleted it (no reboot required). now everything i think is running fine, of course i can't be sure, so the question is should i still be worried or can i just forget the whole mess now? How can i know if it's really gone? Thanks very much for your time
 

Read other 1 answers
RELEVANCY SCORE 48

All... A laptop here got the System Tool 2011 (or System Tools) malware....

It seems as though i got rid of 'most' of it, but the pc still locks up after about 5 min of booting up (thus, i can't get through a full gmer scan)

also, safe mode seems to lock up during the boot as well... it's stable enough that i was able to generate the dds log and a hijackthis

dds
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Heine2011 at 19:40:47.36 on Wed 01/19/2011
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_17
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3070.1263 [GMT -6:00]

AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalService... Read more

A:Had System Tool 2011, removed, now random lockups

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the ... Read more

Read other 4 answers
RELEVANCY SCORE 48

I just got done removing the "security tool" virus using the guide here at BC. The last step of the guide (Remove Security Tool and Security Tool uninstall guide) said that I needed to delete the System 32 Hosts file as it was corrupted and then download new Hosts file.
The download link provided in the removal guide only shows me an example of what they look like and doesn't actually download anything I'm wondering if there is somwhere else that I can find a download for the Vista Hosts file. Am working on an Acer laptop running windows vista and have allready deleted the old file per the instructions. I'm not having any luck finding anywhere to replace it. Any help would be greatly appreciated!

A:Removed "Security Tool"- can't replace HOSTS file

will this be of help to youhttp://www.tech-pro.net/how-to-check-repair-hosts-file.html

Read other 2 answers
RELEVANCY SCORE 48

This is a friends computer. She brought it to me with a security tool virus. I used malwarebytes to finally remove it, after trying adaware, spybot, superantispyware. They suposedly had a macfee firewall that had expired. I currently have avg on and it has found some issues and quarenteened them. I also just installed zonealarm. at one point the virus had turned off plug and play, so when I went to device manager it was blank. It does get an ip address from my router, and can connect to the internal network, however it will not connect to any website that I try. Both times I run gmer I get the blue screen of death.DDS (Ver_09-12-01.01) - NTFSx86 Run by Jill at 21:53:42.42 on Thu 03/04/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.94 [GMT -6:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}FW: McAfee Personal Firewall Plus *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exesvchost.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\WINDOWS\Expl... Read more

A:had security tool virus, removed with malwarebytes, now no internet

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 48

I was having Security Tool pop-ups and used the bleepingcomputer.com virus removal thrillead and followed all the steps. I still have pop-ups for informationgetter.com. I have used malwarebytes anti-malware and still have problems. Please help.DDS (Ver_09-12-01.01) - NTFSx86 Run by Jessica Garza at 14:43:28.79 on Wed 03/03/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1011 [GMT -6:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\Intel\Wireless\Bin\S24EvMon.exesvchost.exesvchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\PROGRA~1\AVG\AVG8\avgnsx.exeC:\Documents and Settings\All Users\Desktop\Support\connection_mon\ConnectionMonitor.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\WINDOWS\system32\svchost.exe -k HPServiceC:\WINDOWS\System32\svchost.exe -k HPZ12C:\WINDOWS\System32\svchost... Read more

A:Removed Security Tool malvare using guide now with Informationgetter.com pop-up

Please download TDSSKiller.zip and unzip it to your DesktopRun the TDSSKiller and wait until it finishes (should be just a few seconds or below a minute).. Then find the log at your %systemdrive% (drive that contains Windows)The log shall be named something like this one..(TDSSKiller.version_date_time_log) for example.. (TDSSKiller.2.1.1_22.12.2009_19.33.44_log)Please download ComboFix by sUBs from HERE or HERE and save it to your Desktop.During the download, rename Combofix to Combo-Fix as follows:It is important you rename Combofix during the download, but not after.**NOTE: If you are using Firefox, make sure that your download settings are as follows:Tools->Options->Main tabSet to "Always ask me where to Save the files".After that, double-click and run Combo-Fix. Let it finish its job and post the log hereIf ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..Note: DON'T do anything with your computer while ComboFix is running.. Let ComboFix finishes its job..

Read other 8 answers
RELEVANCY SCORE 48

Been trying out vLite, It's looking pretty cool. Basically it allows you to configure Vista before it's even installed. You extract an ISO, customize the features you want in your install, and add extra drivers etc, then recontruct it and burn it. From there you can install your own custom Vista.

I've managed to get my install down to 800mb after stripping out loads of crap and it sure does run sweet :P

I'm going to post some tutorials and instructions etc on my site as soon as I've played with it some more.

Read other answers
RELEVANCY SCORE 48

Hi all,

I have a nasty nasty virus. I think the process is ave.exe. As soon as I try to get into windows, even in safe mode, it just restarts my computer. If I'm somehow able to get into windows before it restarts, i can't run any executables, so it's been impossible to scan for.

Do you guys have any idea on where I should start to try to remove this thing? The machine is a mac that runs vista, if that helps.

Thanks in advance,

Drew

A:ave.exe / "windows security tool" virus in Vista

Ok, so after a little work, I was able to kill some processes, and change back a couple infected registry entries, namely: HKCR\.exe\shell\open\command and HKCR\secfile\shell\open\command. If you have the ave.exe infection, find these registries, and change the %1 extension to %*. This will give you control back of your machine, and allow you to run executable files again.

Hope this helps!

-Drew

Read other 2 answers
RELEVANCY SCORE 48

Hello
My computer which runs on vista has become infected with system tool which is telling me there are numerous problems & keeps opening a pop up. I see there is someone else with the same problem earlier today so I will go ahead & use the instructions to remove system tool & post the logs back here.
Wonderful to find a step by step guide to help!
Thanks.

A:Windows vista infected with system tool

I've worked my way through the suggestions & it seems to be cleared up. Computer is functioning now, if a bit slowly. Thanks for having the instructions available on your website. Copy of MBAM log follows:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5475

Windows 6.0.6000 (Safe Mode)
Internet Explorer 7.0.6000.17037

7/01/2011 10:13:03 PM
mbam-log-2011-01-07 (22-13-03).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 252631
Time elapsed: 46 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 22
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 4
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes&... Read more

Read other 2 answers
RELEVANCY SCORE 47.6

i ran junkware removal tool and it deleted two registry keys. how can i restore these keys?
 
thank you all
 
 

A:junkware removal tool - how can i restore registry keys removed

Hi,
 
The tool includes a program to restore the registry prior to use of JRT.
 
It can be found at C:\Users\[yourusername]\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable
Once in this folder, open TweakingRegistryBackup.exe
Click on the "Restore Registry" tab
Use the drop down arrow at "Select Backup to restore:" to find JRT's regback entry.
Then click the Restore Now button at the bottom left of the program.
Regards

Read other 1 answers
RELEVANCY SCORE 47.6

Hi, I recently had the 'security tool' virus on my laptop. I managed to remove it, but after doing that, I was no longer able to use the internet despite being connected. Thanks to Etaf in another thread, I was able to get the internet working again by removing my expired norton antivirus. But now I'm wondering if there was any other problems or malware left behind by the virus, or if I haven't completely removed it or something like that. My laptop is running rather slow, and I've also noticed that it can no longer find our printer to send documents to.

here is a HiJackThis log I have done just now:
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 12:04:57 a.m., on 2/03/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\syste... Read more

A:'Security Tool' virus removed, but now wondering if there are any remaining problems

Read other 16 answers
RELEVANCY SCORE 47.6

Hi, my laptop recently got infected with the 'security tool' virus. It was a real pain, but I managed to get rid of it, however now I can no longer use the internet on my laptop. It says that I'm connected to the internet, but nothing that uses the internet (msn, internet explorer, mozilla) seems to work. If I do the msn connection troubleshooter it says there are problems with 'hosts file' and 'key ports', but is unable to repair them. I did a virus scan that found a couple trojans and removed them and that seemed to fix the problem and I was able to use the internet fine, but then the next day I found that the problem had come back. I did another virus scan but didn't find anything.

My laptop is a Compaq Presario V3000 and runs on windows vista.

any help would be greatly appreciated. Let me know if you need me to post any more info.

thanks in advance!
 

A:Solved: Internet not working after 'security tool' virus removed

Read other 13 answers
RELEVANCY SCORE 47.2

Windows Vista and 7 have a great, easy to use image snipping tool, Snipping Tool. No such included tool comes with Windows XP, or earlier Windows. I just found and tried a good (so far) alternative, tried on Windows XP: FastStone Capture, which comes in a portable form in a zip file. http://www.faststone.org/FSCapturerDownload.htmhttp://www.faststone.org/(Their site pages)The pages there shows FSCapture as shareware with a fee, but the find through internet search was for freeware snipping, and the documentation that comes with the package does not specifically indicate that it's either commercialware or freeware.

A:alternative to Snipping Tool found in Windows Vista

Check out this XP Snipping Tool 1.0.0.0 Beta.

Read other 3 answers
RELEVANCY SCORE 47.2

So i tried to remove digital protection with malwarebyte, while I also had total vista security rogue anti virus as well. The problem was that total vista messed up some of my legit files so i deleted them such as a win32 file. After mawarebyte scan, I deleted some files, but then when i restarted my computer, I got some window saying i lost some data or something like that and windows will attempt to restore last date that my computer worked. So i let my computer restore my computer settings to an earlier date and then when I log back in, total vista and digital protection was removed?

I don't know if they are removed just from a system recovery, so i need some advice. After the recovery, I tried the instructions on deleting total vista, but when I renamed process explorer to iexplorer.exe, it doesn't open up, because my computer recognized it as illegal instructions.

EDIT:

So far i am having no pop ups of the rogue anti virus software, but are they hiding??

A:total vista rogue anti virus removed after windows recovery??!!!

Hi Vay,I would suspect that the malware is still there, but hasn't had a chance to run yet. Unfortunately, it will probably pop up some time in the near future. However, if you aren't currently having any symptoms, that makes it easier to do the common scans that will probably remove the rogue for you.Start off by using TFC by Old Timer which will clean out any temp files that might be left over from the pre-restore infection.Follow this guide here on how to remove Digital Protection.Then:Please download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" t... Read more

Read other 7 answers
RELEVANCY SCORE 47.2

I followed the directions to remove windows vista security 2012 using the tutorial on your website. I believe that worked but I'm still getting a "Resident Shield Alert" saying I have multiple infections. While this has the AVG symbol (the antivirus software I use) it doesn't say AVG on it and I'm pretty sure it's bogus. I'm also being redirected from websites and a little window pops up saying "windows prevented some start up programs". My computer is running a little slow and sometimes freezes. I appreciate any help you can give me. Thank you.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19170 BrowserJavaVersion: 1.6.0_26
Run by Logan at 8:12:53 on 2011-12-26
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.2038.675 [GMT -8:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}
SP: AVG Anti-Virus Free *Enabled/Updated* {B7F27160-B86D-C455-D0D1-307E04E5E53F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows... Read more

A:removed windows vista 2012 and now redirects and "resident sheild alert"

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/434539 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 47.2

Hello

My problems started a few days ago when i noticed a fake anti spyware scanner called security tool. I booted into safe mode and used malwarebytes, spybot and norton to remove it. It was very persistent, so i downloaded lots of anti spyware programs like adaware, spysweeper and so on. Finally i used a tool called security master AV removal tool to kill virus processes before scanning with norton. At that point it found alot of virusses/spyware and removed it succesfully.

Since then i noticed that my internet is slow and when i click on a google result it loads very very slow. Sometimes it gives a nginx error. Sometimes when i click on a result i get a different website.

I don't know what software can help me now at this point. So i searched for this problem with google and found this forum. I hope someone can help me fix this.

Thanks in advance.
Bart

edit : My norton endpoint security gave a warning today : http redirect detected. It blocked this redirect and i did a full scan yesterday. I seems it can't find the virus or spyware that's causing this.

Read other answers
RELEVANCY SCORE 47.2

It started with a massive Security Tool invasion here:http://www.bleepingcomputer.com/forums/t/335759/security-tool-is-killing-me/You can tell clearly when I went over to the other forum, as instructed:http://www.bleepingcomputer.com/forums/t/336194/cant-get-on-the-net/At the end of this thread, you can tell that I went back to the original topic and continued from where we left off.Reading these will be more accurate than me attempting to tell you all of it. It is long and halfway complicated to me, but I'm sure it is not to you. It ends with me being ready to throw my computer out the window because MBAM scans and everything until today make it appear that I am free of the plague that is Security Tool, but I still have no internet. If I open network connections, everything appears normal including that I am connected to our wireless network. However, when I open Firefox it states that the server is not found. If I open Thunderbird, it will not connect to my accounts. No programs will update. No internet, period. Logs below and attached. Thanks in advance for your expertise and help. My husband and children thank you in advance for me being in a better mood when this is resolved, and my students thank you in advance for me being able to get their assignments handled without the dreaded pen and paper.--DDS (Ver_10-03-17.01) - NTFSx86 Run by Administrator at 14:27:48.75 on Sat 08/07/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15Microsoft Windows X... Read more

A:Security Tool thought to be removed, still no internet, DDS and GMER logs included

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 59 answers
RELEVANCY SCORE 46.8

Platform:
Windows 7 64bit
Internet Explorer 9

Suddenly today, I am unable to access Google search. I have the Google tool bar but when entering anything in it (eve, just one keystroke) it causes IE9 to crash

Likewise, when I enter any of the google urls, the google page loads but immediately crashes and displays the popup advisory.


Quote:




Problem Event Name: APPCRASH
Application Name: iexplore.exe
Application Version: 9.0.8112.16421
Application Timestamp: 4d76255d
Fault Module Name: jscript9.dll
Fault Module Version: 9.0.8112.16440
Fault Module Timestamp: 4eb31a04
Exception Code: c0000005
Exception Offset: 00043a88
OS Version: 6.1.7601.2.1.0.768.3
Locale ID: 2057
Additional Information 1: abcd
Additional Information 2: abcd8a770b0c5c3dfefc48829c129e1e
Additional Information 3: 0185
Additional Information 4: 018560d7b8b933999f7b848d0d423ce4




It only crashes when I try to access a Google home page (.com or .co.uk) or enter anything in the Google tool bar. Other than that all seems well. I have performed a Systems restore to 3 days ago but the effect is still there.

I have un-installed the tool bar and reinstalled it. Likwise reset IE Options but the problem persists.

(I have no problems with Firefox, also with the Google toolbar)

A:IE9 - Cannot access Google home page or use the Google tool bar

Got the same problem myself today - tried reinstalling Java 6 runtimes but still wouldn't work.

Went to Oracle site and installed Java 7 JDK Java SE Downloads

Google homepage now loads fine.

Read other 10 answers
RELEVANCY SCORE 46.8

Hello. I am going to ask a question. I could ask this same question in the Windows 7 forum as well. I'll start with this Windows Vista forum because the question because the function for what I am about to ask is the same in both Windows 7 as in Windows Vista. Since Vista has been around a bit longer, users and experts here may know more. This concerns System File Checker (SFC) tool within Windows operating systems. I know with Windows XP, you can use SFC in combination with Windows File Protection to repair many Windows files. I know it needs to reference the Microsoft factory CD-ROM of Windows XP to access files within the disk, especially the I386 folder. I understand that Windows Vista & Windows 7 integrate the System File Checker within the Windows File Protection. When you run SFC at a command prompt in Windows Vista & 7 with administrator access (type: sfc /scannow), you do NOT need the Microsoft factory DVD-ROM. It is an internal process in Windows Vista or 7 that functions on its own. I have a question: Is there a way to get Windows Vista or 7 TO HAVE TO USE THE FACTORY DVD-ROM like in Wndows XP when you want to manually run SFC tool? What needs to be done? Any registry changes (I would think there is where it would be done.)? Add a script? Programs to install?

Any thoughts, opinions, or facts are appreciated.
Please provide detailed steps that are elementary to understand, especially if modifying the registry.

Thank you!
 

A:RE: System File Checker Tool Run By Disk ONLY in Windows Vista & 7?

Read other 9 answers