Over 1 million tech questions and answers.

avira virus detection beeps with detection pop ups

Q: avira virus detection beeps with detection pop ups

Okay i have turned my pc on after not having it on in 3 months (due to having to buy a new graphics card) anyway everything was running smooth untill i heard a few beeps only to see that avira has detected few viruses i had a choice to either remove or ignore so i pushed remove 10 minutes later avira is detecting the virus again so i click remove and then do a quick scan with Malwarebytes and it did not detect anything so i did a full scan with my Avira Anti Virus and it found 1 warning 13 hidden files and 30 detections now i would like to know what to do from here to completely get rid of the 30 detections that it has found the two that it has detected look like this: TR/BHO.ZWANGI.Trojan TR/GerVar.EJ Trojan there are 30 of them in my Avira quarantine so what i would like to know is where to go from here thank you.DDS (Ver_10-03-17.01) - NTFSx86 Run by DJ at 19:40:17.32 on Thu 09/09/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.518 [GMT -7:00]AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}============== Running Processes ===============C:\WINDOWS\system32\nvsvc32.exeC:\windows\system32\svchost -k DcomLaunchC:\windows\system32\svchost -k rpcssC:\windows\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\windows\system32\spoolsv.exeC:\Program Files\Avira\AntiVir Desktop\sched.exesvchost.exeC:\windows\RTHDCPL.EXEC:\Program Files\Lexmark X5400 Series\lxdvmon.exeC:\Program Files\Lexmark X5400 Series\lxdvamon.exeC:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files\Avira\AntiVir Desktop\avgnt.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\windows\system32\RUNDLL32.EXEC:\windows\system32\ctfmon.exeC:\Program Files\Avira\AntiVir Desktop\avguard.exeC:\Program Files\Application Updater\ApplicationUpdater.exeC:\Program Files\Flip Video\FlipShare\FlipShareService.exeC:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exeC:\Program Files\Avira\AntiVir Desktop\avshadow.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\windows\System32\spool\DRIVERS\W32X86\3\lxdvserv.exeC:\windows\system32\lxdvcoms.exeC:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exeC:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exeC:\windows\system32\svchost.exe -k imgsvcC:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exeC:\windows\system32\wuauclt.exeC:\windows\explorer.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Documents and Settings\DJ\My Documents\Downloads\dds.scr============== Pseudo HJT Report ===============uStart Page = hxxp://www.google.comuInternet Settings,ProxyOverride = <local>uURLSearchHooks: F.T.A. Toolbar: {f904d379-5b2e-44ee-96c9-3b51bd98696c} - c:\program files\f.t.a\tbF.T1.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllBHO: F.T.A. Toolbar: {f904d379-5b2e-44ee-96c9-3b51bd98696c} - c:\program files\f.t.a\tbF.T1.dllTB: F.T.A. Toolbar: {f904d379-5b2e-44ee-96c9-3b51bd98696c} - c:\program files\f.t.a\tbF.T1.dlluRun: [ctfmon.exe] c:\windows\system32\ctfmon.exemRun: [RTHDCPL] RTHDCPL.EXEmRun: [SkyTel] SkyTel.EXEmRun: [lxdvmon.exe] "c:\program files\lexmark x5400 series\lxdvmon.exe"mRun: [lxdvamon] "c:\program files\lexmark x5400 series\lxdvamon.exe"mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /minmRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [nwiz] nwiz.exe /installquietmRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInitmRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartupStartupFolder: c:\docume~1\dj\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exeIE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.htmlIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLLDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab================= FIREFOX ===================FF - ProfilePath - c:\docume~1\dj\applic~1\mozilla\firefox\profiles\my743j3z.default\FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\update\\npGoogleOneClick8.dllFF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dllFF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dllFF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}---- FIREFOX POLICIES ----FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");============= SERVICES / DRIVERS ===============R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-6-8 11608]R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-6-8 135336]R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-6-8 267432]R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2010-1-8 380928]R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-8-24 60936]R2 lxdv_device;lxdv_device;c:\windows\system32\lxdvcoms.exe -service --> c:\windows\system32\lxdvcoms.exe -service [?]R2 lxdvCATSCustConnectService;lxdvCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdvserv.exe [2009-11-1 98984]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-19 135664]=============== Created Last 30 ================2010-09-10 02:39:05 0 ----a-w- c:\documents and settings\dj\defogger_reenable==================== Find3M ====================2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll2010-06-24 12:15:28 832512 ----a-w- c:\windows\system32\wininet.dll2010-06-24 12:15:26 78336 ----a-w- c:\windows\system32\ieencode.dll2010-06-24 12:15:26 17408 ----a-w- c:\windows\system32\corpol.dll2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll2010-06-08 01:04:54 16384 --sha-w- c:\windows\temp\cookies\index.dat2010-06-08 01:04:54 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat2010-06-08 01:04:54 32768 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat============= FINISH: 19:40:38.04 ===============

Preferred Solution: avira virus detection beeps with detection pop ups

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: avira virus detection beeps with detection pop ups

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEmsconfigsafebootminimalactivexdrivers32netsvcs%SYSTEMDRIVE%\*.exe/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.syseNetHook.dllahcix86.sysKR10N.sysnvstor32.sysahcix86s.sysnvrd32.syssymmpi.sysadp3132.sysmv61xx.sysnvraid.sys/md5stop%systemroot%\*. /mp /s%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%systemroot%\system32\drivers\*.sys /lockedfiles%systemroot%\System32\config\*.sav%systemroot%\system32\drivers\*.sys /90Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt<--Will be minimizedIn the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.regards myrti

Read other 2 answers

Okay i have turned my pc on after not having it on in 3 months (due to having to buy a new graphics card) anyway everything was running smooth untill i heard a few beeps only to see that avira has detected few viruses i had a choice to either remove or ignore so i pushed remove 10 minutes later avira is detecting the virus again so i click remove and then do a quick scan with Malwarebytes and it did not detect anything so i did a full scan with my Avira Anti Virus and it found 1 warning 13 hidden files and 30 detections now i would like to know what to do from here to completely get rid of the 30 detections that it has found the two that it has detected look like this: TR/BHO.ZWANGI.Trojan TR/GerVar.EJ Trojan there are 30 of them in my Avira quarantine so what i would like to know is where to go from here thank you.

A:avira virus detection beeps with detection pop ups

Hello,Please follow the instructions in ==>This Guide<==.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==If you can produce at least some of the logs, then please create the new topic. If you cannot produce any of the logs, then post back here and we will provide you with further instructions.

Read other 2 answers

I have yet another antivirus question as I still haven't decided what antivirus I'm going to install. I was pretty set on Avast until I saw on a few websites that Avira AntiVir has better virus detection than avast as well as less of an impact on system performance. Does anyone out there know if this is actually the case? I would like to go for the most secure option with the least impact on the system. Thank you for any help!

A:Avira AntiVir better virus detection than Avast?

Yes. The information is right. Avira AntiVir PersonalEdition Classic has far higher detection rates than Avast. Also, it is very light on system resources. You can take this for sure. You will never regret your decision of installing Avira Antivir PersonalEdition Classic. Here are two links to support my statement.

Avira vs Avast!

Hope my answers satisfy your doubts. Good Luck.

Read other 3 answers

As i said under some Post i want to make a Thread of it so no off topics anymore

Some people dont believe Avira has multiple detection methods but thats Isnt treu..

As you can see under the screenshot it clearly has Behavior scanner.

A:Avira's detection methods

Well I like Avira very much. It is installed on my Gaming PC since the dinasours age hahahahah.
I hope they get better! New protection technologies are welcome

Read other 9 answers

Windows VistaFirst Discovered the problem when Norton 360 scan stayed at number zero for items scanned...Upon closing scan and restarting, the scan gives a message of already scan in progress....I know, I know. Norton 360...Norton detects a virus...The old lady threw away my note pad...so bear with me while I try to remember the name...it will pop up soon, then I can give correct info.. backdoor.TidservTried system restore...Will not complete...Microsoft? Windows? Malicious Software Removal Tool (KB890830) would not install..Tried emergency disk and wouldnt take...Installed Avira AntiVir Personal....Periodically will give detection of Virus or unwanted program 'TR/Crypt.ZPACK.Gen [trojan]'detected in file 'C:\Windows\System32\drivers\ESQULqnnqxnxcdtojbpifmdxfgwqiihpnfgqe.sys.Action performed: Deny access and scan works. Also everytime I open Explorer it gives me this error message...iexplore.exe Bad image globalroot\systemroot\system32\ESQUL-more letters So thats was removed wrong..Is there anyone that could help me remove this malware or trojan???Or whatever it is out of this bleeping computer......I will be online until fixed,I am sure...and the only thing I downloaded was a WildTangent game from HP..Maybe I need to email those bastards...

A:TR/Crypt.ZPACK.Gen -- Avira Detection

Hello and welcome .. I would like for you to try running both of these and post back the logs,thanks.Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives se... Read more

Read other 8 answers

I don't think it's possible for a security product to have a 99.99% detection rate. What do you think on this matter and do you think Avira is right for saying this?

A:Avira claims to have 99.99% detection rate.

A antivirus alone can't have 99.99% detection.... Whoever put that there had to be drunk.

Read other 48 answers

I recently replaced Avast with Avira free a/v. Regular monitoring and frequent quick scans haven't turned up much. Today I ran the first full scan and Avira detected 6 files associated with what they call a virus named BAT/KillProc.E batch I looked into the source of the files and they are in a users downloads folder. Two files with the exact same name: ENGAGE Theme by X-Generator.7z I have no idea where these files came from and in need of some expert clarification. So far, all I have done is a system back up to a removable hard drive and came straight here. I did not move the files to quarantine per Avira's suggestion. Thank you for your consideration and time. TSG is a great resource and I, for one, greatly appreciate it!

Tech Support Guy System Info Utility version
OS Version: Microsoft Windows 10 Home, 64 bit
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 4008 Mb
Graphics Card: Intel(R) HD Graphics, 1812 Mb
Hard Drives: C: Total - 935859 MB, Free - 834530 MB; F: Total - 476837 MB, Free - 460854 MB;
Motherboard: Dell Inc., 0GDG8Y
Antivirus: Avira Antivirus, Updated and Enabled

A:ENGAGE Theme by X-Generator.7z (Avira detection) clarify ?

I wouldn't worry about that at all. Just delete the files found.
If it was in downloads folder, they you or a user on that computer did download it and it is a theme changer. However I wouldn't personally use it or any other theme downloaded from the internet. Any theme change not approved by Microsoft carries the risk of breaking the computer when windows updates.
While it is inside the zip file they are totally harmless and cannot run, so just delete the zip files

BAT/KillProc.E is frequently a false detection and had been often detected in graphics driver updates and other updates that try to replace running files on a computer without rebooting.
It is one of these dual use "programs" where although designed for good & safe use is frequently abused by malware developers to attempt to replace running windows files

Read other 2 answers

Hi, I was a big fan of Avira free antivirus, but since version 15.0.17 (I think) it is no possible to choose interactive action on detection for the Real -Time protection module. It always send the detected file to quarantine.

Anybody knows how to restore the old behavior?

Read other answers

I think I have a virus but malwarebytes nor superantispyware can find it and whenever I try to access some sites it redirect me,I just need someone to check if I am infected or not,tyvm.Here is my hjt log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:41:58 PM, on 10/6/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMob... Read more

A:Virus Detection

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a

Having problems with spyware and pop-ups? First Steps

link at the top of each page.


Please follow our pre-posting process outlined here:


After running through all the steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.


Read other 1 answers

I was able to run an antivirus program I am using (AVG free edition). It came up with a detection that reads:


trojan horse agent_r. BAV

object is white listed (critical/system file that should not be removed)

What does this mean?

A:Virus detection

You need to start a thread in the Virus & Other Malware Removal section of this site.

Before you post though, you need to read THIS guide.

Read other 2 answers

I had did a scan and found these on my computer. Here is the report:

Avira AntiVir Personal
Report file date: Sunday, December 05, 2010 05:06

Scanning for 3110546 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : XP-E

Version information:
BUILD.DAT : 31825 Bytes 11/16/2010 15:57:00
AVSCAN.EXE : 434344 Bytes 11/3/2010 01:06:45
AVSCAN.DLL : 46440 Bytes 4/1/2010 17:57:04
LUKE.DLL : 104296 Bytes 3/7/2010 23:33:04
LUKERES.DLL : 12648 Bytes 2/11/2010 04:40:49
VBASE000.VDF : 19875328 Bytes 11/6/2009 14:05:36
VBASE001.VDF : 1372672 Bytes 11/19/2009 00:27:49
VBASE002.VDF : 3143680 Bytes 1/20/2010 22:37:42
VBASE003.VDF : 996864 Bytes 1/26/2010 21:37:42
VBASE004.VDF : 1579008 Bytes 3/5/2010 16:29:03
VBASE005.VDF : 2494464 Bytes 4/15/2010 13:19:04
VBASE006.VDF : 2294784 Bytes 6/2/2010 13:19:14
VBASE007.VDF : 4840960 Bytes 7/23/2010 13:19:35
VBASE008.VDF : 3454464 Bytes 9/13/2010 13:19:49
VBASE009.VDF : 2265600 Bytes 11/2/2010 01:06:45
VBASE010.VDF : 2048 Bytes 11/2/2010 01:06:45
VBASE011.VDF : 2048 Bytes 11/2/2010 01:06:... Read more

A:Virus detection. Please help me. Anybody

Read other 16 answers

I was informed through e-mail from the [email protected] that a message I had sent to [email protected] contained a virus{ WORM-KLEZ.H} What does this mean? The mail message was (file:III.exe). I have McAfee virusScan. This is the first time I have ever had a virus detected by someone else. Actually as far as I know I have never had a virus. Please advise. Thanks. I'm still kinda new at this.

A:virus detection

Klez is a very smart virus. It may only appear to have been sent by you, because Klez spoofs the from address. THis is the case, unless you sent an email to that person, and you really have the virus.

Read other 1 answers

Hello everyone!

I'm the 'new girl (well granny actually!) on the block!'

Has anybody encountered this virus, detected by AVG free v7, as I can find very little info on it through google searches etc.


It's gone from my system now (I think!) but I am curious as to it's origin and 'popularity'!

A:Virus detection

Hi silverlady This is what Symantec Security Response has to say. See link below for full report.Backdoor.Sdbot is a Backdoor Trojan horse that allows the Trojan's creator to control a computer by using Internet Relay Chat (IRC). Backdoor.Sdbot can update itself by checking for newer versions over the Internet. http://securityresponse.symantec.com/avcen...door.sdbot.html

Read other 1 answers

Hi there,

I clicked on a link in Facebook and I think it has given my machine a virus. I ran MSE which picked up 3 or 4 severe threatss. Have got MSE to remove these threats from my machine but my machine is still running slow. If I have to do a reinstall can windows easy transfer copy and reinstall my drivers. If not does anyone have any good free software links that will backup and reinstall my drivers? Im downloading AVG free just now to see if that can pick up anything. Have ran malwarebytes. I think this could be looking at a reinstall now. Any help is greatly appreciated.

A:Virus detection

Hi clark,

you only need one AV pkg - MSE seems to be favored around here. I don't have a dog in that fight, so since you have MSE, stick with it.

MalwareBytes (MwB) is a good companion to any AV software - keep MwB too. I'm not sure why you think you have to re-install (slowness?) if your system came up clean MSE, MwB). That's an awful big hammer to use, but.....

Read other 5 answers

I know i have a virus as i cant view task manager or regedit without renaming them. My search function on the computer wont work either ( i cant view "serch files and folders" or what drive and whatever). also when on the the internet, i click to go to a page, and the progress bar will whizz to completion and say 'done' in the oposite corner but the page doesn't change. I thought i had the msclock.exe virus, but when i followed all instructions to remove it (rename regedit...go thru and find msclock.exe) it wasn't there. I then pressed edit and find, and serched for msclock.ex and it found it so i delted it. i hoped this would fix the probblem but it wouldn't. It also found when i searched for msclock.exe, bling, sasser.worm.e. (or something like that) this [Y E W E Z X] (it wasn't acctually them letters but that what it lookwd like) anyway, i delted al them as well. However this still didn't fix the problem, so i downloaded hijackthis and saved the log for you guys on here to have a look at and hopefully help me out. Can you guys please tell me what (if anything is harmful, and what i dont acctually need e.g. bulleye networking)Thanx xxxLogfile of HijackThis v1.98.2Scan saved at 19:55:26, on 01/09/2004Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system3... Read more

A:Virus detection

Your log shows that you are seriously behind on windows updates. It is essential that you update your windows before we continue to help you as the infections could reoccur. Go to http://www.windowsupdate.com and if it asks to install software, let it. Then click on the Scan link and let it do its thing. When its done you will see on your left a section called critical updates. Click on that section and install everything that you can. When it prompts you to reboot, do so. Then repeat this process again until there are no more critical updates listed. Then post a new log.

Read other 4 answers

A pop-up indicating detected viruses exist on this computer. It is not the installed native Avast Free edition and the pop-up has repeated a 2nd day in a row which is making me suspicious. Unfortunately, I got rid of it by using 'Task manager' both times and didn't pay attention as to what it was trying to sell me on. I know for sure it was nothing to do with Avast.

I ran Ccleaner prior to running the following requested logs.

When attempting to run GMER only 3 lowest boxes were checked above C: drive selection and the others were grayed out - could not select.

GMER did not find any rootkit modifications

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:21:46 AM, on 9/7/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Soft... Read more

Read other answers

Apparently I have a virus that is shutting down any antivirus program that I try to run. The program will start, but just disappear after a minute or so. Any help? Thanks.

A:Cannot Run Any Virus Detection Software

Hello golf71 and to BleepingComputer.Let's try this.Please install RootRepealNote: Vista users ,, right click on desktop icon and select "Run as Administrator."Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorDisconnect from the Internet or physically unplug your Internet cable connection.Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver. Temporarily disable your anti-virus and real-time anti-spyware protection.After starting the scan, do not use the computer until the scan has completed.When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.Extract RootRepeal.exe from the zip archive.Open on your desktop.Click the "Drivers" tab, and then click the button.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.~BladeIn your next reply, please include the following:RootRepeal log

Read other 4 answers

While Macs get fewer viruses than PCs, that doesn't mean your Mac is completely safe; very few Macs have any kind of virus or malware protection installed. And while Mac viruses are rare, there's a plethora of Mac-specific malware lurking in the wild. If you suspect your system is infected with a virus, it's time to learn how to get rid of a virus on a Mac. The method below can help you clean house.

There are some symptoms which will assure you that your system is not safe.

Your Mac suddenly runs far slower than it used to, or your Mac's fans are constantly running.
You see frequent kernel panics or "hangs," where your computer stops responding or suddenly reboots.
You see ads inserted on your desktop, browser homepage, or other websites, including unexpected pop-ups.
You discover browser extensions, toolbars, or plugins you didn't install.
You discover third-party applications you didn't intentionally install.
Your web browser's settings, like your default search engine or homepage, have suddenly and mysteriously changed.
All the free malware detecting antiviruses will not work for long time. At that time you should need to take the help of computer virus removal experts. But, till that time you should kill all the running processes, clear your browser and remove login items. It will help to save your systems life. If you have any query then call me on 803-548-4343 for any help.

Read other answers

As of yesterday, my XP computer is not able to update Spybot, Malwarebytes, or AVG. Won't open IE7. I ran Combofix, but don't know what to do with the log. As instructed, I've attached the two dds text files that give info about my computer. Any suggestions on what to do next?

A:Virus detection and removal help

Hello Dennis,Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you. Also, please include the original ComboFix log, if you still have it. Please do this:1. Download HijackThis? here:http://www.trendsecure.com/portal/en-US/th.../hijackthis.php2. Click 'Do a System Scan and Save log'.The HJT log will open in notepad.Thanks,tea

Read other 2 answers

Hi, Names Rayeann I need some help.
I had a notice come from AVG that a javabyte sun had a virus actually several of them. SOme i oculd heal others I could not. I did a hyjack this and saved. Can some one tell me how to remove the files. Let me warn you that I am pc illiterate. Thanks Muchly

Logfile of HijackThis v1.99.1
Scan saved at 12:25:11 AM, on 3/31/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GDAVC9AN\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Softwar... Read more

A:AVG Virus detection Javabyte HELP

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

This should clear the java byte problem.

Click on the Start menu
Select Settings
Select Control Panels
Select Java Plug-in
Click o... Read more

Read other 5 answers

I ran through all 5 steps, except for the panda scan. It kept closing out midway through the scan. The computer is not having popups anymore, but is still very slow. I detected virtumonde through spybot but am not sure if it is completly removed yet.

Deckard's System Scanner v20071014.68
Run by Owner on 2008-03-09 14:19:47
Computer is in Normal Mode.

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
44: 2008-03-09 21:20:05 UTC - RP51 - Deckard's System Scanner Restore Point
43: 2008-03-08 04:23:17 UTC - RP50 - System Checkpoint
42: 2008-03-07 03:58:18 UTC - RP49 - Software Distribution Service 3.0
41: 2008-03-06 11:05:28 UTC - RP48 - System Checkpoint
40: 2008-03-05 10:20:19 UTC - RP47 - Software Distribution Service 3.0

-- First Restore Point --
1: 2008-02-02 01:53:13 UTC - RP8 - Software Distribution Service 3.0

Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 448 MiB (512 MiB recommended).

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-09 14:22:18
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\sys... Read more

A:Virtumonde detection + Other possible virus'

Just got Kaspersky to run all the way through. Here is the log from that run.

Sunday, March 09, 2008 06:55:23 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version:
Kaspersky Anti-Virus database last update: 9/03/2008
Kaspersky Anti-Virus database records: 620192

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:

Scan Statistics:
Total number of scanned objects: 98835
Number of viruses found: 6
Number of infected objects: 12
Number of suspicious objects: 0
Duration of the scan process: 01:55:38

Infected Object Name / Virus Name / Last Action
C:\Deckard\System Scanner\backup\DOCUME~1\Owner\LOCALS~1\Temp\UE.exe Infected: not-a-virus:AdWare.Win32.PurityScan.gn skipped
C:\Deckard\System Scanner\backup\DOCUME~1\Owner\LOCALS~1\Temp\~cdsf3kj09u.tmp Infected: Trojan.Win32.Qhost.zv skipped
C:\Documents and Settings\All Users\Application Data\Avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Da... Read more

Read other 16 answers

Everytime I run AdWare or Microsoft AntiSpyware, my McAffe virus scan always reports that Trojan Exploit Btye Verify is detected, somtimes in the local settings temp folder, sometimes in the AdWare folder....its always three files...loaderclass, installer class. WHy does it keep showing up, even though it says it has deleted it each time. And also, my computer is kinda slow, is there anything else that looks bad that could be causing problems. Thank you in advance.

Logfile of HijackThis v1.99.1
Scan saved at 2:22:51 PM, on 3/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Documents and Settings\Richard Alves\My Documents\Common Framework\FrameworkService.exe
C:\Documents and Settings\Richard Alves\My Documents\McAfee\mcshield.exe
C:\Documents and Settings\Richard Alves\My Documents\McAfee\vstskmgr.exe
C:\Documents and Settings\Richard Alves\My Documents\EMS Free Surfer\Free Surfer\fs20.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOS... Read more

A:Help With Recurring Virus Detection, Please.


Read other 1 answers

Hi ya,
Im running windows xp, and using avg free ed. antivirus program, the resident shield has detected a virus but when I run the program it says no virus detected there are several files that it cannot open. What do I do about this? I also have ad aware and spybot. and there are several items on ad aware that can not be removed and some on spybot also.
Help please!

A:problems with virus detection

Read other 12 answers

I have the exact same problem. Every ten minutes or so my AVG Internet Security find that same file, ""

my browser also trieds to open page that AVG reacts to and calls the file "searchaddca.org/cgi-bin/103". I don't know if it's connected in any way.

Malware bytes does not find anything, nor AVG. I hope someone knows of some way to get rid if this. It's so annoying.

Read other answers

It started of a week ago. I was checking my mail then I got a warning. WARNING VIRUS DETECTED: file : http//: Win32/TrojanClicker.Delf.NBX trojan after that I got another one WARNING VIRUS DETECTED:file: http://moviefact.com/install.52032.exethreat: Win32/Kryptik.DOR trojanNow it's repeating that warning every 10 minutes when I'm browsing on the internet. I scanned the pc with NOD32 and Ad-Aware. They found nothing. I don't know what it is and what to do about it. Can some-one help me. If you don't understand, I'm sorry my english is not that good. Just reply

A:Virus detection every 10 minutes. What do I do ?

Frituurkonijn,SAS, may take a long time to scanPlease download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.FirstReboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear wit... Read more

Read other 2 answers

My father-in-law recently manager to contract the fake FBI/DOJ virus that locked up his computer. Using HitmanPro and Malwarebytes Antimalware, I've managed to get the computer operational again. However, I believe I still have the virus that started it all on. The reason I believe that is because when I type something into google and click on a link in chrome, I'm often redirected to another page - one of which already tried to download something. However, I can't find the virus. I checked the proxy settings and the hosts file, but they both look good. Bitdefender, Panda, and MBAM all say the computer is clean, but something is causing those redirects.
Thank you,
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16576
Run by Larry at 2:04:06 on 2013-06-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4061.1897 [GMT -4:00]
AV: Panda Internet Security 2013 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2013 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Win... Read more

A:Redirect virus detection

Hello BE0921 I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", ... Read more

Read other 3 answers

I don't think the DDS worked properly, but it is attached. Also, RootRepeal wouldn't run again, so all I have is the drivers from what Blaze had me run previously; it is attached as well. Thanks.

A:Cannot Run Any Virus Detection Software

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers

I am running Windows ME and suffered a crash earlier this summer. I reinstalled everything, including upgrades to AOL 9.0 and RealPlayer 10. I think I might have a virus. When I try to burn CDs placed in my internal drive to an external burner, RealPlayer gives me an error that reads "CD drive not detected." Strangely, my internal drive still reads DVDs fine, which leads me to believe it is a program virus. I am also running Selective Startup, since I got two error messages: one that says my system has caused an "SMC error" and the other that reads "msxml3.dll." Are these viruses? How can I get rid of them? Thanks.

A:RealPlayer CD detection -- virus?

For a start, what antivirus program do you run. If you don't have an av program, try one of these online scans.

Housecall : http://housecall.antivirus.com/housecall/start_frame.asp
Panda: http://www.pandasoftware.com/activescan/

Read other 1 answers

My avg anit virus program listed 14 programs which were locked and it was associated wih microsoft office and some windows messages about setting/documents etx stated field were lock and could not be tested is this a normal message or is there something wrong?

Read other answers

Machine is so slow I can't stand it any more. Don't know what to do!!

A:virus detection and removal

It would help you if you would list your system specs (Chip, Ram, Video card and MoBo at least) and a few details as to how long you've had the problem and some behavioral specifics.

Read other 3 answers

My anti-virus caught a bunch of viruses and quarantined but the internet is running really slow now. I've updated all software on the pc and it's still really slow. Sometimes not working at all.

Here is a copy of the virus log:

Verizon Internet Security Suite Anti-Virus
3/22/2009 7:27:14 PM
File Name Virus Action Date
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\XKX3VGQC\alla[1].htm Trojan-Downloader.JS.LuckySploit.e Quarantined 3/9/2009 10:29:04 PM
C:\Documents and Settings\Owner\Local Settings\Temp\jopaxx_1237399261.exe Net-Worm.Win32.Koobface.fd Quarantined 3/18/2009 2:01:25 PM
C:\Documents and Settings\Owner\Local Settings\Temp\jopaxx_1237399264.exe Trojan-Downloader.Win32.Zlob.bcgj Quarantined 3/18/2009 2:01:26 PM
C:\WINDOWS\tt_1237399266.exe Trojan-Dropper.Win32.Agent.ajnc Quarantined 3/18/2009 2:01:26 PM
C:\WINDOWS\tt_1237399268.exe Trojan-Dropper.Win32.Agent.ajcj Quarantined 3/18/2009 2:01:26 PM
C:\WINDOWS\tt_1237464188.exe Trojan-Dropper.Win32.Agent.ajnc Quarantined 3/19/2009 8:03:14 AM
C:\WINDOWS\tt_1237464190.exe Trojan-Dropper.Win32.Agent.ajcj Quarantined 3/19/2009 8:03:15 AM
C:\WINDOWS\ld02.exe Backdoor.Win32.Lithium.dw Quarantined 3/20/2009 8:07:11 AM
C:\WINDOWS\pp03.exe Trojan.Win32.Small.bvv Quarantined 3/20/2009 8:07:48 AM
C:\System Volume Information\_restore{68BEAC7D-A23E-4C77-8990-D95D2F47A75F}\RP144\A0034248.exe Backdoor.Win32.Lithium.dw Quarantined 3/20/2009 2:46:25 PM
C:\System Volume Inform... Read more

A:slow internet after virus detection


Read other 2 answers

I am trying to fix my teenage sister in-laws computer. I have tried to run Ad-Aware, Malwarebytes (but it hangs on installation) and nothing cleans it.

Here are the requested log files.


DDS (Ver_09-07-30.01) - NTFSx86
Run by Lindsey M at 11:28:30.81 on Tue 09/08/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1406.686 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmo... Read more

A:Personal Virus Detection? PVD.exe and demoscan4free.com

Download this tool to desktop:http://www2.gmer.net/mbr/mbr.exeDouble click it & post the log it creates on desktop. (mbr.log)

Read other 2 answers

Sana plans stand-alone antivirus product News Story by Robert McMillanSEPTEMBER 20, 2005Most antivirus products identify malicious software by comparing the software being run to pieces of known worm and virus code, called signatures. Primary Response, however, determines whether software is malicious based on a mathematical analysis of what it's trying to do.This means that, unlike other products, Primary Response can protect users even from unreported viruses,...computerworld.com/securitytopics

Read other answers

I am trying to run an online virus scan from symantec at http://security.symantec.com. I click the virus detection button and the scanning screen opens. The scan does not start. I receive an error message "unable to run virus detection"-In order to run Virus Detection you must be using Microsoft Internet Explorer 5.0 or higher with ActiveX and Scripting enabled.
I have checked my internet options under the security tab. I defaulted my options and made sure activeX and scripting is enabled. I have windows xp pro with Internet Explorer version 6.0
I have tried reinstalling IE6.0

I have an antivirus program and I am not at risk. How can I fix this problem? thanks.

Site of the message i receive:

Read other answers


My PC has been running much slower than normal lately and I think I know why. I have Avira Antivir and it keeps detecting a certain virus called TR/Crypt.ZPACK.200907. I keep hitting remove but the infection keeps coming back. Please help!

My specs: Windows 8 64 bit

I went to run DDS, but it said that I could not run it in compatibility mode. Therefore I used Farbar Recovery Scan Tool because I saw someone else had the same problem in another thread. TSF advised them to use this tool.

Please let me know if I should post anything else. THanks!

A:PC Slow Down and Constant Virus Detection

Bump! Please!

Read other 12 answers

I'm not sure I'm going to ask this question correctly. I have a IBM Laptop that I was just given to me. It might have a bad HD because it clicks and will not load OP system, however someone stated that a virus might cause the same problem. It there a way to use a start up floppy to check for a virus


A:Solved: Virus? Detection Question

Turns out it was the Hard Drive

Read other 1 answers

Is it possible to know when a virus entered your system, are there any anti-malware programs that will tell you when it got there?

I'm going to use a continous backup software (like Genie Timeline, Acronis True Image, etc) so that if I get a virus, I can restore the system to before it happened (I would use system restore, but I've had that fail on me sometimes)

But, suppose I set it to make backups of my system once a day, then a month later I my virus definitions have been updated and it can now detect a virus that entered my system 2 weeks ago. Then, I could set my computer back to the point before it happened. This would mean that I'd lose anything else that had been installed on my computer since then, and would need to be reinstalled, but I suppose that's the best I can do.

Though, it would help if there was a program which could also reinstall everything except the virus that was installed since then.

A:Question about virus detection (I don't need removal help)

No program I know that can do that if u get a virus use a normal antivirus to remove the infected file then restore to a point before the virus was detected, hope this helps

Read other 4 answers

A window keeps popping up trying to "scan" my computer. It keeps trying to act like a spyware removal for windows but I can tell it's fake. It shuts down windows task manager every time I try to open it. Pop ups will fill my screen and then disappear suddenly. I have run MalwareBytes and it has detected over 600 trojans and supposedly deleted them all, but IT WON'T GO AWAY. I have copied and pasted my log from MalwareBytes below in hopes that you can identify the problem. Please help, I'm afraid it might be keylogging and stealing passwords and various info, thanks. *NEW INFO*: It has apparently erased all of my files on my desktop, and my pictures and other documents. Are these retrievable? this a fairly new computer, so I haven't backed up anything

Malwarebytes' Anti-Malware

Database version: 7868

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

10/4/2011 2:32:42 PM
mbam-log-2011-10-04 (14-32-42).txt

Scan type: Full scan (C:\|D:\|E:\|Q:\|)
Objects scanned: 380422
Time elapsed: 36 minute(s), 20 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 260
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 400

Memory Processes Infected:
c:\Users\Sidney\AppData\Roaming\ftwub1vo3mqd8lh\iuebzy0si3gq6.exe (Backdoor.Bot) -> 6544 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items d... Read more

A:Fake Spyware Detection Virus

Download the following program to your desktop:

Unhide tool

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.
Please be patient as this may take several minutes to run, it will scan and fix all Hard drives on your system. You will see a new window with the drive being processed, typically C:\ as below:

Changing as the next drive is processed as below:

You will get a success alert at the end.

Re-boot and see if your files are present.


Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

Link 1
Link 2
Ensure that Combofix is saved directly to the Desktop <--- Very important

Before saving Combofix to the Desktop re-name to Gotcha.exe as below:

Disable all security programs as they will have a negative effect on Combofix, instructions available Here if required. Be aware the list may not have all programs listed, if you need more help please ask.

Close any open browsers and any other programs you might have running

Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)

Instructions for running Combofix available Here if required.

If you ... Read more

Read other 1 answers

Referred from here: http://www.bleepingcomputer.com/forums/t/299284/removal-of-huhugafedll/ ~ OBHello,I have been posting for the past few days about the huhugafe.dll virus on my friend's computer. SAS reported the presence of Vundo variant and cleaned it, but the huhugafe.dll virus was still present on the computer. I am attaching the logs and asking for any advice on how to clean this computer.Thanks,AaronHere is DDS.txtDDS (Ver_09-12-01.01) - NTFSx86 Run by Owner at 19:03:54.26 on Mon 03/08/2010Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_18Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.1075 [GMT -5:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\AVG\AVG9\avgcsrvx.exesvchost.exeC:\WINDOWS\Explorer.EXEsvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\windows\system\hpsysdrv.exeC:\WINDOWS\system32\ps2.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\QuickTime\qttask.exeC:\WINDOWS\system32\ctfmon.exesvchost.exeC:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\Program Files\AVG\AVG9\avgnsx.exeC:\Program F... Read more

A:Logs for detection of possible rootkit virus

Hi Aaron,Please visit this webpage for download links, and instructions for running ComboFix tool:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully first.Please continue as follows:Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, linkRemember to re-enable them afterwards.Click Yes to allow ComboFix to continue scanning for malware.When the tool is finished, it will produce a report for you. Please include the following reports for further review, and so we may continue cleansing the system:C:\ComboFix.txtNew dds log.A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

Read other 17 answers


Recently I faced a virus problem, It costs me too much

Reformat my HD, Windows XP sp3 installing, Avira anti virus setup.

I have backup for main programs, a few of these programs are activated by using KeyGen, such as ShareMax and SpiderShare for Sat receiver and Sat sharing and Magnitude for ANSYS graphic simulator.
Avira antivirus gives me alarm that it contains Trojan Virus
Please see attached photos.

Program suppliers said to me it is not virus, and by pass the setup.
Please your advice is required

Sorry for my poor English.
Your reply will be too much appreciated.

Best regards

A:Ignore alarm of virus detection!

Please read this!


This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Before posting for help, uninstall any such applications.

Referring to the Forum Rules which you should have read at the time of Registering at this forum, TSF does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if cracked (illegal) software is present on the machine


We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a

Having problems with spyware and pop-ups? First Steps

link at the top of each page.


Please follow our pre-posting pro... Read more

Read other 1 answers

Windows XP Home edition. Got the Fake "Windows" threat detection bug. Rkill then Malwarebytes then Combofix finally got it. Can't access files on only one drive. All other drives have their content accessible. This one drive shows to have contents when clicking on properties but will not open when clicking on a specific folder in the drive. Just blank. But again will show the folder/file to have something under properties. Any help is appreciated. Thanks.

A:Fake Windows Virus Detection

O.K. I found if I go to TOOLS>Folder Options - View - "show hidden files and folders" I can see them but they are like ghost files that I can open. They are not normal in appearance. So there is still something awry. I will keep hacking at it. If someone else has anything to offer...Thanks again.

Read other 2 answers

I was referred to you by a friend of mine who is very knowledgable about computers. He linked a forum which contained info about getting rid of the same virus that someone else had problems with called the Trojan. My friend recommended I follow your advice so I downloaded the Hijack This program and it came up with this:

Logfile of HijackThis v1.99.1
Scan saved at 10:43:15 AM, on 6/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Belkin\PCI F5D700F\Wireless Utility\Belkinwcui.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\... Read more

A:Virus detection (and hopeful deletion)

Read other 16 answers


My PC has been running much slower than normal lately and I think I know why. I have Avira Antivir and it keeps detecting a certain virus called TR/Crypt.ZPACK.200907. I keep hitting remove but the infection keeps coming back. Please help!

My specs: Windows 8 64 bit

I went to run DDS, but it said that I could not run it in compatibility mode. Therefore I used Farbar Recovery Scan Tool because I saw someone else had the same problem in another thread. TSF advised them to use this tool.

Please let me know if I should post anything else. THanks!

Read other answers

Malware Detection TechniquesSignature Based or Pattern Matching or String or Mask or Fingerprinting TechniqueA signature is an algorithm or hash (a number derived from a string of text) that uniquely identifies a specific virus. Depending on the type of scanner being used, it may be a static hash which, in its simplest form, is a calculated numerical value of a snippet of code unique to the virus. Or, less commonly, the algorithm may be behavior-based. A single signature may be consistent among a large number of viruses. A virus signature is the viral code. To identify viruses and other malware, antivirus software compares the contents of a file to a dictionary of virus signatures.Heuristic Analysis or Pro-Active DefenseRest of content can be seen here: http://forum.kaspersky.com/index.php?showtopic=234997&view=findpost&p=1845013Topic edited to conform to fair use laws and avoid copyright infringement. ~ Animal

A:Malware/Virus Detection Techniques

There are other malware checks which are not discussed in public to safeguard the program from malware writers who would use that information for nefarious purposes.

Read other 1 answers

Hi I am pretty new to viruses, trojans etc... usually very careful online but it seems a clever virus has tricked me somehow... must be only the last week as recently i cant turn on user account control in windows security centre.

i cant open google chrome, i can use internet explorer and firefox. i can google search programs like malwarebytes but cant actually get there browser just says problem loading page.

cant boot spybot

I have ran malwarebytes it found one trojan and deleted it but no difference problems are still there. ran it again and found no threats.

trojan it found was called trojan.zbot.gen

had to run malwarebytes using the chameleon dos booter that came with it.

computer not running slow. had problems updating itunes. can't visit microsoft website either.

hope this is a thorough description of my problems and would be very grateful of any assistance...


A:virus i think cant run spybot or view virus detection progam web pages

Hello and welcome to TSF.

Thanks for the description but we want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and

Having problems with spyware and pop-ups? First Steps

a link at the top of each page.

Please follow our pre-posting process outlined below. Use a USB flash drive to download and transfer the tools to the affected machine, if necessary. You might like to run the Flash_Disinfector.exe on the clean machine and the flash drive first to protect against any possible transfer of infection via USB.

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers

in my start menu on the right of the clock it says VIRUS ALERT!

I believe the virus came from a bad file brought out by the disk defragmentor. When I ran the Disk Defragmentor, a file showed up on my computer called, Antiviruspro 2008, I looked it up online and noticed it was a spyware virus. I had McAfee 5.0 before running it, after running the Defragmentor, The Antivirus got deleted, my Windows Automatic Update won't work anymore, and while i'm on the administrator name my registery has been blocked by the administrator. I fixed that by getting RED (Registry Enabler & Disabler) and got it working, when I click on My Computer I can't find the file Local c: Drive, When I try to search for files or folders I can't press enter or click the search box nothing happens, Now. I'm not sure. I have on my add/remove programs alot of SP1 Hotfix (i honestly don't know what they are) And 1 XP SP2 Hotfix, but i don't believe i have sp1 or 2 and I can't get them because my Automatic Update doesn't work or because the website won't be displayed. I've tried to download numerous antiviruses and my browser wont let me go to the download site (I suspect that to be the Virus too), and I can't find any System Recovery, Application Recovery disks at the store or online that will support my system. I don't know what advice you could give me but any would help, I don't have much money. The System Info says it was made in 2001... Read more

A:Virus HELP!! Automatic Updates won't work, Virus detection can't be installed, etc.

Read other 6 answers