Over 1 million tech questions and answers.

Trying this one More time - Application infected issue unable to run analysis tools

Q: Trying this one More time - Application infected issue unable to run analysis tools

I previously had a topic opened on this. That post I bumped twice and didn't receive any answer to my questions, so trying once again.

I have an application infected issue that is preventing me from running any EXE files as well as the GMER and DDS applications outlined in the Sticky Thread. I received a response to run the Rkill application but that thread was closed out before I could ask any additional questions.

I'm not well versed when it comes this stuff so I wasn't sure if I was executing the Rkill application correctly because I'm still unable to execute the analysis tools.

Any help on this would be greatly appreciated, If I need to execute the Rkill on the infected machine please let me know and walk me through that process with a little detail if at all possible. Also, I'm not able to connect to the internet or boot up in Safe mode on the infected machine, just an FYI.

Again, any help is greatly appreciated.

Preferred Solution: Trying this one More time - Application infected issue unable to run analysis tools

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Trying this one More time - Application infected issue unable to run analysis tools

Hi -

You've apparently been living with this for quite a long time. It might have been easier and certainly faster to do a restore from recovery disks or recovery partition by now.

It's very difficult for us to assist in this medium without any logs to work from. We just have no way of knowing what's on the machine otherwise. What operating system is this? Your profile indicates XP, but sometimes folks don't always post for the same OS as in their profile.

You said you tried to use rkill. Did you try all 4 versions? If so, what happened when you did so?

amateur's instructions here are really all there is to it


Did you see a black command window open when you ran the rkill tool? Did explorer.exe cycle (all desktop icons disappear and return)? Did you receive a message from the infection that rkill was infected? Did you leave that message open and ignore it, then run rkill again and again?

Does a browser open, such as Firefox ? It doesn't necessarily matter right now if the internet connects, I just want to know if it opens.

Please take your time, and try to answer all the questions as best you can.

Read other 19 answers

Still having an issue executing an applications.

I downloaded the rkill applications and I executed them on the infected machine, but I'm not quite sure what I'm looking for. Any additional help would be appreciated.


A:Still Unable to Execute Analysis Tools

Bump Please.

I had an original post that I was responded on but after performing the steps given I was still unable to execute any of the pre-reqs that are outlined in the sticky posts.

Any help would be appreciated.


Read other 3 answers

Hello,Think I am in trouble. I was infected with Malware that was a fake anti virus software. This has now gone following the running of various removal tools (Spybot S&D to name but 1). The problem now is that my Antivirus software will not run (McAfee). I am also stopped from downloading from a number of website (McAfee included). I was attempting to follow the advice on this site to create DDS and GMER logs but clicking on the links in the instructions did nothing. I hope some one can help point me in the right direction to remove whatever it is that I have on my PC - it is an Acer 5735Z running Vista.Thanks,Brian

A:Infected and unable to download DDS or GMER tools

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 2 answers

I've got a really strange problem, that makes it really difficult to post any diagnostic information about the problem. I've tried running HiJackThis, MalwareBytes anti-malware, Trendnet housecall online scanner, GMER, ad-aware, Spybot S&D, RootRepeal and dds.scr. The results are pretty much the same for all of these programs. The scan/analysis starts, sometimes it gets partway through scanning, and then the application window gets closed. After this happens, in the case of .exe files, the resulting program is rendered useless, in that further attempts to launch it result in a "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item." and you also cannot rename, or delete the file.

Trend-net housecall is also pretty interesting, in that it runs inside the browser, and after it was terminated (part way through the scan) iexplore.exe now exhibits the same error in not being able to launch. This not being able to launch persists across reboots also. I then installed firefox.exe on the system, was using it for a brief period, tried trend-net housecall and now it too is showing the error in not being able to launch.

dds.scr is able to be to be re-launched, and it brings up the black command window type screen, but never brings up the notepad windows. It seems unaffected by the termination behaviour, and is able to be re-launched.

I was able to run A2 anti-trojan, and do have a log of what it... Read more

A:Strange malware issue - unable to use detection tools or virus scanners

Hi Thomas Lovie,Welcome to BC HijackThis forum. I am farbar. I am going to assist you with your problem.Please refrain from making any changes to your system (updating Windows, installing applications, removing files, etc.) from now on as it might prolong handling your log and make the job for both of us more difficult.I share your academic interest. So let's have a go at it.Download and run Win32kDiag: Download Win32kDiag from any of the following locations and save it to your Desktop. Download Win32kDiag (Win32kDiag.exe) - #1 Download Win32kDiag (Win32kDiag.exe) - #2 Download Win32kDiag (Win32kDiag.exe) - #3 Double-click Win32kDiag.exe to run Win32kDiag and let it finish. When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.Next......

Also post the A2 anti-trojan log.

Read other 30 answers

To whoever would be able to help, I've been infected with a virus that won't let me run any programs at all. I get an error saying "Application is infected, do you want to Run anti virus."

Also I have tried to boot in safe mode and it hangs when booting up and doesn't do anything. I'm unable to perform the necessary actions in the sticky thread.

Also, I am unable to connect to the internet on the infected machine. Any help would be appreciated.


A:Application infected issue.

Hello and welcome to TSF.

It's likely that the infection is preventing the programs from running. The following tool will hep running them as well as our analysis tools.

Download the tools from another machine, and transfer them to the affected machine via USB flash drive, if you don't have internet access.

There are 4 different versions. If one of them won't run then download and try to run the other one. You only need to get one of them to run, not all of them.

Vista and Win7 users need to right click and choose Run as Administrator


Note: You will likely see a message from this rogue telling you the file is infected. Ignore the message. Leave the message OPEN, do not close the message. Run rkill repeatedly until it's able to do it's job. This may take a few tries. You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.

At this point, you should now be able to run analysis tools.

Once the tool has run, do NOT reboot the machine, and then try once again to run DDS and GMER as instructed in our First Steps and post them in a new thread as this one shall be closed to put you back in the queue.

If for some reason the machine reboots, repeat the process. Again, try not to restar... Read more

Read other 1 answers

Frequent crashes, STOP: Ox0000000A, with physical memory dump to file Mini<date>.dmp in the C:\WINNT\Minidump folder.

What tools are available for analyzing these dumpfiles, since my event log file is not providing information?

Tools for dumpfiles (*.dmp) analysis

A:Tools for dumpfiles (*.dmp) analysis

Help Diagnosing BSODs And Crashes (BC) - http://www.bleepingcomputer.com/forums/t/176011/how-to-receive-help-diagnosing-blue-screens-and-windows-crashes/ Louis

Read other 1 answers

Frequent crashes, STOP: Ox0000000A, with physical memory dump to file Mini<date>.dmp in the C:\WINNT\Minidump folder.

What tools are available for analyzing these dumpfiles, since my event log file is not providing information?

Tools for dumpfiles (*.dmp) analysis

A:Tools for dumpfiles (*.dmp) analysis

I use Debugwiz which can be downloaded here: http://www.windowsbbs.com/general-discussions/33471-dump-data-collection-tool-instructions.html

You also need to download the Microsoft debugging tools using the link on the same site. Pay attention to the version requried is Newer versions will not work.

Read other 2 answers

I've been having a lot of problems recently and have narrowed it down to either a hard-drive issue or memory issue.

What tools can I use to deduce if either of these are the root issue?

Maxtor DiamondMax 45 Plus HD and

2 sticks Crucial 256mb DDR pc2100n (bought from friend)
1 stick unknown 256mb DDR pc2100 (original)

-- Any ideas?

If you want background, read on:

Had a couple system crashes, narrowly restored 3 or 4 times. Reformatted HD, windows would not re-install, hung at 23% copying files. Played around with it awhile, moved the HD to my other PC and ran chdsk on it...found lots of crap on it, fixed most of it. After that, windows installed.

Windows was still running slow (like pre-crash) so i pulled out my two used memory chips and it feels fine now...so i wanna figure out what it was.

A:Tools for memory and harddrive analysis

Read other 16 answers


Thanks for the help.

I need to load the "add-in", of the "data analysis tool pack", for Excel 2000, in order to run Histograms and the like.

I have no idea where to find this, and both a net search and this site search turned up nothing I could use.

Please advise.

Much thanks,
J. Smith

A:Solved: Where do I get Data Analysis Tools, for Excel 2000

Read other 6 answers

I have just done a clean install of 8.1 on my old MacBook Pro as I broke the screen on my normal laptop. I could only afford to give 40GB to this new installation so I'm quite tight for space.

I've always used https://windirstat.info/ to check for disk usage but in my case it is not helpful as it shows size of items not the size on disk. I have to keep my OneDrive files on-line only to save space but as they are reported as part of used disk space I am seeing 150% of my disk space is used which isn't helpful really. In Disk Management I can see it is only 59%.

Does anyone know a utility like WinDirStat that shows size on disk?

A:Disk Space Analysis tools compatible with OneDrive?

It seems this works better TreeSize Free - Quickly Scan Directory Sizes and Find Space Hogs

Read other 1 answers

New breed of products calculates risk ratings of PCs based on what files they contain

Risk-analysis tools provide the big security picture | Security Central - InfoWorld

Read other answers

Still cant get rid of spyfalconi followed all the instructons on automatic bleeping computer, It appeared to do everything but when scanned with panda active scan pro there were still 5 spyware and 1 hacking tool there. How do i get rid of this?The log files produced by hijackthis is Logfile of HijackThis v1.99.1Scan saved at 22:10:57, on 19/05/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exeC:\Program Files&#... Read more

A:Infected With Spyfalcon And Hacking Tools And Unwanted Tools

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Download SmitfraudFix (by S!Ri) to your Desktop.Extract all the files to your Destop. A folder named SmitfraudFix will be created on your Desktop.______________________________Please download the trial version of Ewido Anti-malware 3.5 from here:Install Ewido anti-malware.When installing, under Additional Options uncheck Install background guard and Install scan via context menu.When you run Ewido for the first time, you could get a warning "Database could not be found!". Click Ok.The program will prompt you to update. Click the Ok button.The program will now go to the main screen.You will need to update Ewido to the latest definition files.On the left-hand side of the main screen click the Update Button.Click on Start.The update will start and a progress bar will show the updates being installed.Once finished updating, close Ewido.If you are having problems with the updater, you can use this link to manually update ewido.Ewido manual updates. Make sure to close Ewido before installing the update.______________________________Open the SmitfraudFix folder and double-click smitfraudfix.cmdSelect option #1 - Search by typing 1 and press EnterThis program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your... Read more

Read other 2 answers

Hi everybody -- I'm a new user to these forums and have a bad problem with my computer that I hope someone can help with. Thank you in advance for any and all help. A few nights ago, I started getting the fake anti-virus pop-up ads (HDD Tools and System Tool 2011) and fake warnings on the bottom right of the taskbar along with a changed desktop background with the usual fake warning. I immediately ran Malwarebytes and a Symantec scans (w/o updates since I could not do that) from safe mode. Symantec found 12 trojan.gen, trojan horse, and trojan.mijapt entries that it said it quarantined. After that, I was able to access updates for Malwarebytes and Spybot S&D and ran those scans again. They both found and fixed quite a few things. Over the next day or so, I ran more scans, including using SuperAntiSpyware, which found more trojans (including trojan.hiloti) and fixed them. I also followed instructions on removing registry keys and .dll files and folders for the HDD Tools and System Tool viruses that I found online (under supervision of a relative in IT). I am still having problems with my computer -- "Windows needs to close" when accessing Desktop in Windows Explorer and gives me the following message (I clicked Quit, btw):"unhandled exception has occurred in your application. If you click Continue, the application will ignore this error and attempt to continue. If you click Quit, the application will close immediately.Attempted to read or writ... Read more

A:Infected w/ HDD Tools, System Tools 2011 (and others?)

Hi trapperj19,Welcome to Malware Removal (VTSMR) forum. I am going to assist you with your problem.Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. In case of making changes I shall assume my assistance is not needed any more. Thank you.If the issue is not resolved please update me on the current condition of your computer. Also post a fresh DDS.txt, no need for the Attach.txt.

Read other 62 answers

I am building an utility using C#, that would parse my application logs. There are around 20-25 log files, which would be listed in config.xml along with the Keywords to search in each of the log file (Example: "C:\Transaction Log.txt" Keywords:
"object reference not set to an instance"). This config would go as an input to my program. As an output/Result, I need all log lines that contains the keyword mentioned, in a separate output file.
I can think below two approaches to achieve this.
 1. Importing Microsoft Log Parser library into my program and make use of it.
 2. Writing my own C# code that searches the given keywords in all listed files.
Which one is the recommended design practice and pros/cons please. Thanks so much! 

Read other answers

I have tried using malware antibytes which usually does the job, even eset online virus-scanner doesn't help here.
My screen gets black and I'm forced to reboot as nothing else works. I used Malware antibytes, eset, Junkremoval, adwcleaner and it removed infected files but still the same issue reappearing.
Help please! I will follow your procedures step by step.

A:Infected, screen goes black, unable to fix issue. HELP please!!

Anyone? The issue seems to happen over and over and it's exam time

Read other 8 answers

ccleaner and Revo Uninstaller seem to be relatively proficient at their advertised job...

I'm lookin for a tune-up utility that will do more than just ruin my registry and create fatal errors in windows.

Does anyone have a decent go-to program for benchmarking their system, and identifying redundant applications?

Additionally,does anyone have a good application for force killing processes in taskmanager?

I need one of each of the following:

Memory toolkit
System Benchmark and/or Analysis application
Tune-up Utility that will not create unnecessary registry discrepencies
Any ideas?

A:Looking for a decent no-gimick system analysis / utility application

Read other 8 answers

I've had an ongoing problem with application errors that say the following:

<app name.exe> - Application Error
The instruction at "0x036...." referenced memory at "0x00000ba0". The memory could not be "read". Click on OK to terminate the program.

I've run HJT before and others couldn't find anything. I've significantly cleaned up my PC, currently uninstalled about 4-5 different spyware/adware programs (at the instruction of a MS tech support person who's trying to help me integrate SP2 back into my c:/ with no luck ). But, someone on the XP forum suggested I run HJT again and copy the log so here it is. If anyone has any other ideas I'm open to listening. I get this error message when exiting out of almost every application or browser I have. Can't seem to figure this one out. Thanks!

Logfile of HijackThis v1.99.1
Scan saved at 9:00:09 AM, on 5/31/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.e... Read more

A:Application error message every time I exit application

I don't see major here...Did you install anything before this happened? Perhaps IE 7.0?

Go to Start->Run and type in sfc /scannow and hit OK. Let it scan. If it finds any files missing/corrupted, it may ask for the Windows CD.

Download LSPFix http://www.greyknight17.com/spy/LSPFix.exe and run it. Check the box that says 'I know what I'm doing'. Click on inetcntrl.dll on the left window and then click on the arrow pointing to the right. Click Finish and follow the prompts.

Run a scan in HijackThis. Check each of the following if they still exist and hit 'Fix Checked' after you checked the last one:

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com

Make sure you turn off any antivirus programs you have running while performing the online scan below. Using Internet Explorer, run a virus scan at http://www.kaspersky.com/virusscanner Click on 'Launch Kaspersky Anti-Virus Web Scanner' and install the ActiveX component from Kaspersky. Click Yes and it will begin downloading the latest definition files. Once that's done, click on 'Scan Settings' and make sure the following are selected:

Scan using the following Anti-Virus database:
- Extended

Scan Options:
- Scan Archives
- Scan Mail Bases

Click OK. Now under select a target to scan, select 'My Computer'. It will ... Read more

Read other 3 answers

I am currently helping a friend install Pro-Tools Essential 8 on their computer but upon attempting to run it an error occurs, stating:

"The application failed to initialize properly (0xc000001d). Click on OK to terminate the application."

System Information
Operating System: Windows XP Professional (5.1, Build 2600) Service Pack 3 (2600.xpsp.080413-2111)
System Manufacturer: HP Pavilion 061
System Model: DW233A-ABA A520N
BIOS: BIOS Date: 03/19/04 17:30:05 Ver: 08.00.08
Processor: AMD Athlon(tm) XP 3200+, MMX, 3DNow, ~2.2GHz
Memory: 1216MB RAM
Page File: 205MB used, 2791MB available
DirectX Version: DirectX 9.0c (4.09.0000.0904)

This is on a completely fresh install of windows, there is no anti-virus or such of the nature installed (except for flash).

A:Pro-Tools Application Error

Mentioned here -> http://www.techsupportforum.com/f217...05-375363.html that IE8 and Silverlight had some impact.

Read other 4 answers

cmd.exe application error - application was unable to start correctly (0x0000142). Click ok to close the application

Anyone know why it happened?

I got this error when I tried to restart to install an update. However, in windows update, it showed I had nothing to update. There was the little yellow shield by the shut down button to indicate it was installing an update when I would shutdown.

I rebooted fine, and CMD works fine. Is it possible windows thought it had to install something, and the installer had already installed the update (I went onto windows update earlier myself to install the windows and silverlight updates) and it bugged because maybe it had to use cmd to execute the update or something?

A:cmd.exe application error - application was unable to start correctly

It seems to be happening again, but only when I shutdown when explorer is open. I tried and tested his multiple times. It has only happened after the new silverlight update and kb 30247777 (sorry if the number is wrong) update.

What is causing this?

Read other 3 answers

When we run ACT in windows 10,Its not showing compatibility result. Deployment column continuously showing not reviewed. Is this tool checks for compatibility of applications in the system?. If Yes,Please give the procedure to this. 

Read other answers

Hi -

My 4 year old Dell Inspiron E1505 with Windows Vista OS has been running slow when I boot up (5 to 6 minutes before start up is complete). Once the start up is complete, connecting to the Wi-Fi in the house, takes a while to connect (another 5-6 minutes).

After the computer is booted up, I can close the laptop, and when I open it back up, it gets going without any hesitation. I have run the spyware (Ad-ware) and anti-virus (AVG) and receive a clean bill of health. When I ran HJT, I noticed some items that were considered suspect when researched. I cannot be for sure though, and it would be great if someone can identify what needs/can be moved to possibly help clean up the laptop.

Any help would be great. Thanks.
Logfile of HijackThis v1.99.1
Scan saved at 9:27:21 PM, on 5/9/2011
Platform: Unknown Windows (WinNT 6.00.1906 SP2)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Running processes:
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:... Read more

Read other answers

My problem: I used this tool some time ago that unregistered application dlls in XP. I'm aware of the 'regsvr32 /u' but this isn't what I'm looking for. I tried one popular tool called emsa but it apparently only works for ActiveX dlls which isn't the same.

If you know of one or a list of tools that will do the job then please post. Hopefully I can gather my memory to recall the name of the program I used once a while back.

Read other answers

I am getting a message 'The application was unable to start correctly (0xc0000143). Click OK to close the application.' when i open any app on my Laptop. This is happening when i restart / unlock my system. Once i click on OK on this message.. system becomes very slow in response. its taking time even to open browser or Word or Excel. Please help me fix this.

Read other answers

Please take a look at my Hijack This log file and let me know if you see anything that needs to be fixed.Thank you.Logfile of HijackThis v1.99.1Scan saved at 11:16:48 AM, on 8/12/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:E:\WINDOWS\System32\smss.exeE:\WINDOWS\system32\winlogon.exeE:\WINDOWS\system32\services.exeE:\WINDOWS\system32\lsass.exeE:\WINDOWS\system32\svchost.exeE:\WINDOWS\System32\svchost.exeE:\WINDOWS\system32\spoolsv.exeE:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exeE:\WINDOWS\LogWatNT.exeE:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exeE:\WINDOWS\Explorer.EXEE:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exeE:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exeE:\WINDOWS\SYSTEM32\USRmlnkA.exeE:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exeE:\Program Files\Java\jre1.5.0_06\bin\jusched.exeE:\Program Files\SpywareGuard\sgmain.exeE:\WINDOWS\SYSTEM32\USRshutA.exeE:\WINDOWS\SYSTEM32\USRmlnkA.exeE:\Program Files\SpywareGuard\sgbhp.exeC:\Program Files\Mozilla Firefox\firefox.exeE:\Docu... Read more

A:Abnormal Response Time - Hijackthis Log Analysis Request

Why no response in 5 hours?

Read other 2 answers

in this video Laura E. Hunter from Microsoft describes behavior analytics: https://youtu.be/hNZdboDvnuU?t=1251
She says that ATA will analyze the behavior in a domain for 21 days and declare this as normal behavior. After the 21 days ATA will report unusual user behavior based on the 21 days analysis.
I have two questions about this:
1. Can we see the progress of the analysis somewhere? I searched through the ATA-center but there is nothing. Is it possible to see it in some kind of logfile or the Mongo-DB?
2. We have started ATA with one DC. What happens if we add our other DCs later? Will the analysis recognize behavior from those, also when the 21 days are already over?
I did not find anything about this 21 days analys period in the documentation. I'm more than happy with a hint if I have overseen something there.
Thanks in advance

Read other answers

Hi All,


I am not able to inspect/debug the my adf elements in IE11.(DOM parser is not loading with elements)

But where as I am able to inspect the elements of any other web applications in IE11. (DOM parser is loading with elements)

My web application has been developed using ADF11g version:

The OS which has been installed on my system is: Windows 10


Kindly help if anybody across the solution.

Read other answers

Completed Steps 1-5!

I have had trouble staying connected to the internet being disconnected every few minutes until I go to IE 'Options' and reset my 'Security' settings 'all to default', IE7 webpages not loading/errors on them w/popups on various pages saying script errors/cannot find/display webpage etc. Computer is slow, hangs, and frequently does nothing. Excel dissapeared, so I had to install Excel Reader/Viewer! Believe hacker(s) have hacked into my system. Also, I may have programs on my PC that I do not need or that was put there by someone unknown. May have hardware conflicts! Deleted Trillian when trying to get rid of unwanted programs, then tried using DataNuker to get rid of the trillian file, but it would not disappear. This was done before I realized Trillian was a corrupt program! I know I need more RAM....will adjusting my Virtual Memory settings help my PC to speed up any?

Deckard's System Scanner v20070807.62
Run by Tim on 2007-08-08 at 00:30:47
Computer is in Normal Mode.

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
17: 2007-08-08 05:31:10 UTC - RP1013 - Deckard's System Scanner Restore Point
16: 2007-08-07 17:10:52 UTC - RP1012 - System Checkpoint
15: 2007-08-06 1753 UTC - RP1011 - Installed Ad-Aware 2007
14: 2007-0... Read more

Read other answers

Hello,We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up.My name is Syler and I will be helping you to solve your Malware issues. If you have since resolved your issues I would appreciate if youwould let me no so I can close this topic, if you still need help please let me no what issues you are still having, in your next reply.Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)Then please post back here with the following: log.txt info.txtThanks

A:infected with something. need analysis and help. thanks.

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending me a PM
with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Read other 2 answers

See attachment for this popup that comes up EVERY time I boot up windows, not once, not twice, but thrice!

I recall when I would do a reinstall of windows that it would happen once but now this thing comes up every single time, not sure why.

A:PC tools irritating popup every time I bootup

As a test try..
Under settings in PcTools Firewall>click on Network>untick 'prompt on new network detection'
Set 'default profile for new network' to Home.

See if that helps - you can always reset it back to the original setting.

Read other 3 answers

HelloMy probleme is that i have a lot of pop up and massages alerthere is my HijackThis Logs after execution of the steps in "Preparation Guide for use before posting a HijackThis Log" on http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/Logfile of HijackThis v1.99.1Scan saved at 19:20:51, on 29/07/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exec:\program files\mcafee.com\agent\mcdetect.exec:\PROGRA~1\mcafee.com\vso\mcshield.exec:\PROGRA~1\mcafee.com\agent\mctskshd.exeC:\mysql\bin\mysqld-nt.exeC:\oracle\ora92\bin\omtsreco.exeC:\oracle\ora92\bin\agntsrvc.exeC:\oracle\ora92\Apache\Apache\apache.exeC:\oracle\ora92\BIN\TNSLSNR.exeC:\WINDOWS\system32\cmd.exec:\oracle\ora92\bin\ORACLE.EXEC:\oracle\ora92\bin\dbsnmp.exec:\oracle\ora92\bin\ORACLE.EXEC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exeC:\oracle\ora92\Apache\Apache\apache.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\ctfmon.exeC:\oracle\ora92\jdk\bin\java.exeC:\oracle\ora92\jdk\bin\java.exec:\oracle\ora92\bin\isqlplusC:\WINDOWS\System32\MsPMSPSv.exeC:\WINDOWS\Sys... Read more

A:I'm Infected Hijackthis Logs And Analysis

Hello,My probleme is that i have a lot of pop up and massages alertmassages alert? I wish I had these too Ok, let's get rid of this..It's better to print out the next instructions or save them in notepad, because you also have to work in safe mode without networking support, so this page wouldn't be available then.It is also important you don't miss a step and perform everything in the right order!!I note in your log that you have FlashGet the download manager - Be aware that the trial copy bundles Cydoor adware, but when you register the Ads disappear.To remove the program: Go to Start > Settings > Control Panel > Add/Remove Programs and remove it. * Open notepad and copy and paste next present in the quotebox below in it:(don't forget to copy and paste REGEDIT4)REGEDIT4[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]Save this as fix.reg Choose to save as *all files and place it on your desktop.It should look like this: Doubleclick on it and when it asks you if you want to merge the contents to the registry, click yes/ok.(In case you are unsure how to create a reg file, take a look here with screenshots.)* Download smitRem and save the file to your desktop.Doubleclick it and choose install. This will create a new folder on your desktop with the name smitrem.* Go to start > controlpanel > software > add and remove programs and uninstall next programs if present ( don't worry if yo... Read more

Read other 4 answers

Ive tried everything. from AVg to Malwarebytes and I am only left with one infection....
Log Below:
Malwarebytes' Anti-Malware 1.39
Database version: 2482
Windows 5.1.2600 Service Pack 3

7/22/2009 9:34:14 PM
mbam-log-2009-07-22 (21-34-11).txt

Scan type: Quick Scan
Objects scanned: 4767
Time elapsed: 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
\\?\globalroot\systemroot\system32\geyekrwiwwoixv.dll (Trojan.TDSS) -> No action taken.

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
\\?\globalroot\systemroot\system32\geyekrwiwwoixv.dll (Trojan.TDSS) -> No action taken.

A:infected with trojan.tdss log included need analysis

Hello and welcome to Bleeping Computer.Please subscribe to your topic so that you will be notified as soon as I post a reply, instead of you having to check the topic all of the time. This will allow you to get an email notification when I reply.To subscribe, go to your topic, and at the top right hand corner by your first post, click the Options button and then click Track this topic. The bullet the immediate notification bubble. Then press submit.Ok, let's run RootRepeal, it looks like you have a rootkit.Please install RootRepealGo HERE, and download RootRepeal.zip to your Desktop. Tutorial with images ,if needed >> [email protected]@KUnzip that to your Desktop and then click RootRepeal.exe to open the scanner. *Open the folder and double-click on RootRepeal.exe to launch it. If using Vista, right-click and Run as Administrator...* Click on the Files tab, then click the Scan button.* In the Select Drives, dialog Please select drives to scan: select all drives showing, then click OK.* When the scan has completed, a list of files will be generated in the RootRepeal window.* Click on the Save Report button and save it as rootrepeal.txt to your desktop or the same location where you ran the tool from.* Open rootrepeal.txt in Notepad and copy/paste its contents in your next reply.* Exit RootRepeal and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the... Read more

Read other 3 answers

Hello,i cant seem to get rid of the malware on my computer.it seemed to start with spywarequake, and toolbar888, i ran the smitfraud fix, and it seemed to get rid of some of it. I ran updated adaware and spybot and that seemed to get rid of toolbar888.now i'm getting an annoying little tray icon that says:security alertsystem encountered spyware that collects your personal information without your consetn. this information includes passwrods, credit card details and other private date. click the icon to learn more ways to protect your files.and i'm getting periodic popups that look like sysytem generated popups, etc.just now i got a notification from spyware bot that notified me of an attempted registry entry change: from a program called: ipwins.exe - of course I did NOT allow the registry change.here is my hijackthis log:Logfile of HijackThis v1.99.1Scan saved at 2:40:01 PM, on 7/23/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\TPSrv.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\... Read more

A:Infected With Various Malware: Hijackthis Log Analysis Needed

Uninstall ProgramsClick Start ? Control Panel ? Add/Remove ProgramsFind and remove the following program(s) (if present):


Close Add/Remove Programs window after uninstalling.If there are no entries listed on Add/Remove programs, please download and run this uninstaller: OiUninstaller.exe=====================================Locate and delete the following folder(s), if present : C:\Program Files\PurityScan =====================================Please download SmitfraudFix (by S!Ri)If you happen to have this already, then please download it again, it's a new version. Extract the content (a folder named SmitfraudFix) to your Desktop. Open the SmitfraudFix folder and double-click smitfraudfix.cmd Select option #1 - Search by typing 1, and press Enter. A text file will appear, which lists infected files (if present). Please copy/paste the content of that report into your next reply.NOTES : process.exe is detected by some antivirus programs as a "RiskTool"; it is not a virus, but a program used to stop system processes.Do not run the other options of this tool yet until you are asked to do so.

Read other 6 answers

howdy all,

I came in this morning from the weekend. Tried to logon but I received the following error message:
"current time on this computer and the current time on the network are different."

I checked the time on our server and it was off by about 10 minutes. I changed the local time on my machine to reflect the same time on our server but still no avail.

Is there a fix to my predicament? Do I need to have the local time be updated by our server every time I logon? Any ideas?

Thanks a bunch!


A:Unable to logon - Local time and network time are different

Network setup problem. See your network system administrator, unless that is you.

We use free time clock software available by download. TClockex, and others.
They set your time by reference to an atomic clock online, and you never have to worry about it.

You can also set your desktop to synchronise with the network time automatically at boot, but my memory is not what it used to be.

Read other 4 answers

When I try to access the Tools option in IE6 I get a message saying: Unable to enter due to restrctions see your administrator. I am the administrator!! what has happened? any ideas. I've tried looking in Control panel Internet Options and that allows me to get to the Tools tabs but not in IE.

A:Unable to access tools options

Read other 7 answers

Trying to start defrag from anywhere gives me "not enough storage is available to complete this operation."
This is true running it from
start : programs:accessories
control panel:administrative tools

Diskkeeper 9 generates the same error.

I find I also cannot run the device manager - in fact most things relating to the Management console generate the same error.

System is:
Windows XP, Service Pack 2
Pentium III, 733 Mhz
640 Ram

Checkdisk turns up nothing.

I can't see that my swap should be an issue - I've got it set to 3x the installed memory.

I cant' find this error listed much except for NT or 2000 - where they suggest that the MFT size might need adjusting. I thought that issue went away with XP.

Any ideas? Or shall I start lining up my various software media and plunge into a system reinstall?


A:XP unable to run defrag or other admin tools

How much free-space is there on the drive? You need 15% to be able to run defrag.

Set the page file to system managed for a while, and delete all but the last System Restore point, and any old C:\Windows\$NTUninstallers$ , remove any screen savers and wallpapers which you never use.

Read other 3 answers

Thanks for any help that can be provided. Malwarebytes and hijack this cannot find this. I am unable to use any system recovery functions, whether through windows 7 or through Dell's built in tools and hidden disk image.
 Attach.txt   11.55KB

DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Redden at 20:41:39 on 2011-12-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2549 [GMT -5:00]
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C... Read more

A:Unable to use system recovery tools

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. [/b]If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about y... Read more

Read other 11 answers

I have worked as a PC tech for 3 years, and i have come up against a problem that i am unable to solve on my wife's computer. She has a piece of spyware that is disabling any scan software i run, and making it a hidden, read-only file that even the admin account of the machine does not have access to. It has disabled:
Spybot S&D
Symantec Corporate Edition
Windows Defender
Lavasoft Ad-Aware
and HijackThis

I have found braviax.exe on the machine and got rid of that in addition to a group of processes that call themselves debug.exe, win.exe, notepad.exe, login.exe, lsass.exe, amd csrss.exe. manually deleting all of these files in safe mode has had little effect. in addition there is a dns hijack that causes all google search results to go to other pages. finally, it disables viewing of hidden files, and registry editing, though i have found ways around those restrictions.

Any help would be greatly appreciated.

ps. smitfraudfix has been slightly effective. (it does not shut down and lock up), but it says that the process list and the dns fix tools are access denied.

A:Unable to run any spyware removal tools

pps. DDS.scr that this site uses as a scanning tool just hangs when it should scan. i let it run for over 10 mins and it did nothing.
i actually had to use cmd in order to open it because it would only open in notepad otherwise.

Read other 2 answers

Hey there,

I'm working on my dad's computer and am having a helluva time trying to fix whatever is wrong with it.

Its not letting me run and malware programs. For example, if I run Malwarebytes (or TDSSkiller, Spybot, GMER) I get: Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item. I am logged in as Admin and get the same result if I right click > run as admin.

I was able to get DDS to run and heres the log:
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_20
Run by <removed> at 8:21:53 on 2011-07-28
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.2557.1192 [GMT -4:00]
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Window... Read more

A:Redirect and Unable to run malware tools

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resouce! To tell me this, please click on http://www.bleepingcomputer.com/logreply/411710 and follow the instructions there. If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following inf... Read more

Read other 30 answers

About a month ago I was printing documents when suddenly, I got a message saying something about the printer not being connected/available. At the time, I had to leave and couldn't deal with it. So now I need to print something and I can't. The first message indicated that the print spooler wasn't running. So I manually started the service. Still no printing. So then I ran a program called cleanspl and removed the existing printers and got a log file. Then I reinstalled the driver for my printer. Still no printing. When I ran cleanspl, I got message saying I might have to reinstall TCP/IP. From what I have read TCP/IP is now an integral piece of the OS. In W2K, you could install and reinstall it. The procedure for WXP is very involved and possibly risky. When I look at the properties of the Print Spooler, the description is a corrupted string of characters. I went into the registry and changed it, but the Windows File Protection service has restored it again. So I decided to run the WinsockxpFix and see if that would fix it. No luck. Then I remembered HJT and decided to see what was going on. So I'm looking for help deciphering the output. In particular there is an "Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll". I would like to reinstall TCP/IP, but I'm concerned I might end up trashing WXP. Currently, I can still use the Internet.
Any help would be appreciated.

Spooler configuration on computer '\\CCD'.

Printers: No printers. &#... Read more

A:Printing/spooler service issue DDS logfile analysis.

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/517595 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 20 answers

See attachment for this popup that comes up EVERY time I boot up windows, not once, not twice, but thrice!

I recall when I would do a reinstall of windows that it would happen once but now this thing comes up every single time, not sure why.


A:[SOLVED] PC tools irritating popup every time I bootup[MOVED]

Looks like you have the free PC Tools Firewall Plus installed.

I would simply remove that if you did not want it to be your firewall.

Additionally, this is the XP forum, this thread should have been dropped in the Vista forum - So you know for future.


Read other 10 answers

A few days ago, my laptop was severely infected with worms, trojans, and malware. I know my registry has been altered because the printer spool service has been disabled somehow. Several of my google searches get redirected to different sites, I receive excessive hacked Vimax ads, I cannot access my hard drive (the error reads "Windows cannot find resycled/boot.com'....). I have tried using Spyware Doctor, CC Cleaner, and Norton but I have had no luck. The following is my hijackthis log. Please let me know how I can resolve this ASAP. Thanks. UPDATE: THE FOLLOWING IS DETECTED with Norton: Backdoor.Tidserv!inf. The action says, "Reboot Required - Partial" 8 infections. Filename: tmp2E3.tmp. Norton detects this but does not remove it? How can I remove it?Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:17:13 AM, on 1/7/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Nero\Nero 7\InCD\InCDsrv.exeC:\WIND... Read more

A:HijackThis Log Analysis - Infected with Worms, Trojans, & Malware

come on....any help?

Read other 3 answers

Hello,Last night while using my Toshiba Portege R705 laptop, I began to get various warnings implying a hard drive failure. I did not suspect anything until "Windows 7 Recovery" required me to go to a website which was not part of the microsoft.com domain to purchase the "advanced" module. I then researched this issue and discovered that it was a virus/malware. I discovered some advice on the issue, including bleepingcomputer. After trying to vain to shut down the offending processes, I discovered that I would have to use Rkill to stop the program before I could start the cleaning process. After killing the program, I ran Malwarebytes anti-malware program, which eliminated some problems and generated the attached logs. I ran unhide.exe so that I could again view my files. I then downloaded an ran Combofix (unknowing that I wasn't supposed to run this without first being asked). I was forced to uninstall Webroot to get Combofix to complete. Once completed, it generated the log attached. Finally, I downloaded and installed Avira Free antivirus so that I could reconnect to the internet and create this post. I would like someone to help me determine: 1. Have I sufficiently cleaned my system, as best can be told from the attached logs? 2. What will I need to do to get my computer back to its preinfected state? My desktop seems back to normal but other settings and my start menu have not returned to normal.3. What steps do I need to take to preve... Read more

A:Infected with Windows 7 Recovery, Need MBAM, Combofix Log analysis

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

Read other 3 answers

For the last few weeks, I (my daughter) has been unable to update her anti-virus program which was AVG Free. She told me of the issue about a week ago and I have been working on it since. She recently moved her computer in her room and didn't really notice that the wireless reception was poor. She needed to adjsut her antennae (802.11n). Unfortunatetly, her automatic updates were failing so her AVG was about 2 weeks out of date.

When I tried to update AVG, I would get a message indicating that update computer was unavailable. I searched the AVG website and found what looked like a solution but it did not work. I tried to download a new version of AVG and install it knowing that it would be the most update. This was unscessful. I unistalled AVG and installed Avast Anti-Virus program. I was also unable to update Avast with an 'update package broken' message.

I next trid SpyBot Search and Destroy (Free). It found a few things as did Avast as the scan ran but it did not fixe the issue.

I next ran MalwareByte Malware product. In the past, this has been successful but this time not so much.

I next ran the Avira boot disk. This was the first time I had used the product. It found no threats.

I next ran Hijack This and this is where I'm at. I uploaded the log file to TrendSecure. I am assuming that you can access it there.

My daughter informs me that a few times the pc has just shut down when she rebooted it. I have also found that I cannot bring up the ... Read more

Read other answers

The computer was receiving bsod.   It had stopped already but I am unable to access Event viewer, task scheduler, and etc.
Malware byes, spybot, and frst works.
The computer still has access to the internet.
Error is "MMC could not create the snap-in. "
Thank you.
Windows 7 64 Bit
Service Pack 1
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Stephanie (administrator) on STEPHANIE-PC on 11-07-2014 18:34:16
Running from C:\Users\Stephanie\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program File... Read more

A:BSOD and unable to access administrative tools

Please remove Spybot Search and Destroy. It wont protect your computer, but it will intervene with our tools.
Reset your browsers to default. For instructions, please read here.
Download the enclosed file. 
 fixlist.txt   3.25KB
Save it in the same location FRST is saved.
Run FRST, except that this time around, click on the Fix button and wait.
The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.
Re-scan with FRST and post its report.

Read other 2 answers

So I use Firefox and all Google searches are redirected. I also am unable to download any tools, anti-virus pages are redirected, as well as bleeping computer and any other page I have tried to use to scan for this problem. I in turn can not download the tools that you request we use before we post, so I'm at a loss for where I should start. I suspect the redirect problem is a common one, but as for why I can't do the anti-virus. I have been trying to find different things for days and just now came onto this site. I have not tried posting on any other forum but have been reading them looking for the solution still to no avail.

Thank you in advance,

A:Search redirect and unable to download tools

Hello and welcome to TSF.

It's virtually impossible to offer any help without the required logs. Use another machine to download, and transfer them to the affected machine, and provide the logs as outlined in our pre-posting sticky.


After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers

Hello. Here is my issue short and sweet.

When I use ANY of the web based emails (Yahoo, Gmail, Comcast) on computer A, all of my emails are stamped an hour earlier than real time. By real time, I mean the clock on the computer AND the analog tick-tock clock on my kitchen wall. Both display the correct time accurately.

When I use ANY of the web based emails (Yahoo, Gmail, Comcast) on computer B (or C or D), all of my emails are stamped with real/correct time that matches my kitchen and computer. These computers ALSO reflect correct time.

With either computer, any file created or saved has a date and time stamp that is correct and reflects real time. Whether saved with a web app, a windows app or a cmd line app.

On all computers my time zone is set correctly. The "adjust for DST" box is checked. I also ran TZEDIT to confirm that my DST dates are correct.

One revelation (and I believe herein lies the key). If I look on computer A at the bottom of the "Date and Time Properties box: the current time zone says : Eastern *STANDARD* time. If I look at computers B, C or D. The "Date and Time Properties box says: current time zone: Eastern *DAYLIGHT* time. I can not find any way to change the "STANDARD" to "DAYLIGHT".

Now for the big question. How is this resolved?

Thank you.

PS. As mentioned in other posts, Adjusting the clock on computer A an hour ahead resolves the email issue, but now any file created or modified has the incorrec... Read more

A:Web based email Time zone issue wrong time stamp

Double click your clock, click on "Timezone" tab and tick the box for 'Daylight savings'. If need be adjust your timezone from there.

Read other 2 answers