Over 1 million tech questions and answers.

Cleaned my computer with staff help today. Scan still found virus on my computer.

Q: Cleaned my computer with staff help today. Scan still found virus on my computer.

Went though steps to clean my computer of a Trojan today. ESET scan came back clear. Then I took the advice and began downloading programs to protect myself when I downloaded COMODO free firewall, it did a scan for Malware and found 5 files that were a threat.

One containing the the words 'combofix' and another 'win32' which initially in my alert from windows security center saying 'Win32.Backdoor.DNM'. I chose to remove these files and my computer and restart for the firewall to install and changes to be made. When my computer rebooted I had a message from the firewall saying 'svchost.exe' is trying to connect to the internet, which was also one of the virus's that were ment to be removed when I ran Combofix.

My other thread was closed as I thought my troubles were over. Help would again be much appreciated.


DDS (Ver_09-02-01.01) - NTFSx86
Run by Frankie at 0:51:03.03 on 04/03/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_12
Microsoft Windows XP Home Edition 5.1.2600.2.1252.44.1033.18.510.126 [GMT 0:00]

AV: AVG 7.5.557 *On-access scanning enabled* (Updated)
FW: COMODO Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Silicon Integrated Systems\SiSRaidPackage\SRaid.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\lxcrcoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Frankie\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No File
TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [kdx] c:\program files\kontiki\KHost.exe -all
mRun: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
mRun: [AVG7_CC] c:\progra~1\grisoft\avg7\avgcc.exe /STARTUP
mRun: [lxcrmon.exe] "c:\program files\lexmark 2400 series\lxcrmon.exe"
mRun: [EzPrint] "c:\program files\lexmark 2400 series\ezprint.exe"
mRun: [LXCRCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCRtime.dll,[email protected]
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [SiSRaid] c:\program files\silicon integrated systems\sisraidpackage\SRaid.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [4oD] "c:\program files\kontiki\KHost.exe" -all
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SnoopFreeUI] SnoopFreeUI.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [COMODO SafeSurf] "c:\program files\comodo\safesurf\cssurf.exe" -s
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [AVG7_Run] c:\progra~1\grisoft\avg7\avgw.exe /RUNONCE
StartupFolder: c:\docume~1\frankie\startm~1\programs\startup\imvu.lnk - c:\program files\imvu\IMVUClient.exe
StartupFolder: c:\docume~1\frankie\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 2.0\program\quickstart.exe
StartupFolder: c:\docume~1\frankie\startm~1\programs\startup\regist~1.lnk - c:\program files\ubisoft\tom clancy's splinter cell double agent\support\register\Reg.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe
IE: &Search - http://edits.mywebsearch.com/toolbar...tml?p=ZUfox000
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\frankie\start menu\programs\imvu\Run IMVU.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: softpedia.com\www
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://static.slide.com/uploader/SlideImageUploader.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.systemrequirementslab.com/sysreqlab2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
AppInit_DLLs: c:\windows\system32\cssdll32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\frankie\applic~1\mozilla\firefox\profiles\ggmalt2w.default\

============= SERVICES / DRIVERS ===============

R0 SnoopFree;SnoopFree Driver;c:\windows\system32\drivers\SnopFree.sys [2009-3-3 9472]
R1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys [2007-7-24 821856]
R1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys [2007-7-24 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP;c:\windows\system32\drivers\avg7rsxp.sys [2007-7-24 27776]
R1 AvgClean;AVG7 Clean Driver;c:\windows\system32\drivers\avgclean.sys [2007-7-24 10760]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-3-3 110992]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-3-3 24336]
R2 Avg7Alrt;AVG7 Alert Manager Server;c:\progra~1\grisoft\avg7\avgamsvr.exe [2007-7-24 418816]
R2 Avg7UpdSvc;AVG7 Update Service;c:\progra~1\grisoft\avg7\avgupsvc.exe [2007-7-24 49664]
R2 AVGEMS;AVG E-mail Scanner;c:\progra~1\grisoft\avg7\avgemc.exe [2007-7-24 406528]
R2 AvgTdi;AVG Network Redirector;c:\windows\system32\drivers\avgtdi.sys [2007-7-24 4960]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2009-3-3 700152]
R2 SnoopFreeSvc;Snoop Free Service;System32\SnoopFreeSvc.exe --> System32\SnoopFreeSvc.exe [?]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]

=============== Created Last 30 ================

2009-03-03 23:16 253,688 a------- c:\windows\system32\cssdll32.dll
2009-03-03 23:15 <DIR> --d----- c:\program files\AskBarDis
2009-03-03 23:14 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Comodo
2009-03-03 23:14 155,384 a------- c:\windows\system32\guard32.dll
2009-03-03 23:14 110,992 a------- c:\windows\system32\drivers\cmdguard.sys
2009-03-03 23:14 24,336 a------- c:\windows\system32\drivers\cmdhlp.sys
2009-03-03 23:13 <DIR> --d----- c:\program files\COMODO
2009-03-03 22:40 <DIR> --d----- c:\docume~1\frankie\applic~1\WinPatrol
2009-03-03 22:40 <DIR> --d----- c:\program files\BillP Studios
2009-03-03 22:18 1,071,088 a------- c:\windows\system32\MSCOMCTL.OCX
2009-03-03 22:18 118,784 a------- c:\windows\system32\MSSTDFMT.DLL
2009-03-03 22:18 <DIR> --d----- c:\program files\SpywareBlaster
2009-03-03 22:02 <DIR> --d----- C:\ComboFix
2009-03-03 21:15 <DIR> --d----- c:\program files\EsetOnlineScanner
2009-03-03 21:02 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-03 21:02 73,728 a------- c:\windows\system32\javacpl.cpl
2009-03-03 20:28 221,184 a------- c:\windows\SnoopFreeUI.exe
2009-03-03 20:28 90,112 a------- c:\windows\system32\SnoopFreeSvc.exe
2009-03-03 20:28 45,056 a------- c:\windows\SnoopFreeDll.dll
2009-03-03 20:28 9,472 a------- c:\windows\system32\drivers\SnopFree.sys
2009-03-03 18:19 <DIR> a-dshr-- C:\cmdcons
2009-03-03 03:54 250 a------- c:\windows\gmer.ini
2009-02-24 18:54 212,240 a------- c:\windows\system32\RICHTX32.OCX
2009-02-24 18:54 1,351,392 a------- c:\windows\system32\comctl32.ocx
2009-02-24 18:54 167,683 a------- c:\windows\system32\COMCT232.OCX
2009-02-24 18:54 40,960 a------- c:\windows\system32\ssubtmr6.dll
2009-02-24 18:54 <DIR> --d----- c:\program files\Smarty Uninstaller Pro
2009-02-18 12:52 <DIR> --d----- c:\docume~1\frankie\applic~1\Tesco
2009-02-18 12:47 59,264 ac------ c:\windows\system32\dllcache\usbaudio.sys
2009-02-18 12:47 59,264 a------- c:\windows\system32\drivers\USBAUDIO.sys

==================== Find3M ====================

2008-12-20 23:15 826,368 a------- c:\windows\system32\wininet.dll
2007-10-07 16:16 1 a------- c:\documents and settings\frankie\SI.bin

============= FINISH: 0:51:47.39 ===============

RELEVANCY SCORE 200
Preferred Solution: Cleaned my computer with staff help today. Scan still found virus on my computer.

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Cleaned my computer with staff help today. Scan still found virus on my computer.

Check your PM inbox. Personally, I don't care for Comodo, and the only firewall I use is my router's hardware firewall and Windows XP's. Too many people don't know how to respond to the notifications from firewalls. I don't care for Comodo's detections, and it's overly intrusive.

If you installed this before you uninstalled ComboFix, that would explain why you were getting some hits from Comodo. It incorrectly sees parts of ComboFix as a threat. Also, there might be some quarantined files left behind if you installed this before uninstalling ComboFix.

Regarding svchost.exe, as long as it's in system32, that's fine

http://forums.comodo.com/frequently_...-t14464.0.html

I see no active infection.

Read other 1 answers
RELEVANCY SCORE 79.6

My computer has been going into a complete freeze lately (starting last weekend and fixed for the rest of the week after updating java, and started back up again today).
 
Each program up with one by one say "not responding". I can sometimes close out some of the programs before they stop responding, but trying to open anything new seems to make the problem worse. Each time the freeze happens, my computer goes to a blank black screen where I than force shut off with the power button.
 
I tried scanning with Malwarebytes Anti-Malware which came up with no results, and then I scanned with Avast! which gave 5 results, but the computer froze again 51% into the scan. I have not been able to do a full scan on Avast! without a freeze.
 
Freeze's seem to happen mostly when using Skype or Minecraft or Eclipse, but has happened other times without those things open as well.
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17126  BrowserJavaVersion: 10.60.2
Run by David at 0:06:23 on 2014-06-17
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7974.5774 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C... Read more

A:Avast found 5 virus's but computer freezes before scan can compete

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Download the correct version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The... Read more

Read other 2 answers
RELEVANCY SCORE 78.8

Hi everyone,Over the past few days, I've found my computer to be running quite slow and just not as well as it usually does.I completed all the steps from the post which explains what to go through before posting a log, and the panda antivirus scan said I was infected with the Gaobot.MJA virus. Here is a copy of my hijack this log:Logfile of HijackThis v1.99.1Scan saved at 2:15:35 PM, on 6/04/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exec:\program files\common files\logitech\lvmvfm\LVPrcSrv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\Program Files\HPQ\Quick Launch Buttons\EabServr.exeC:\... Read more

A:Panda Scan Found Gaobot.mja Virus, Computer Running Slow

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:Preparation Guide For Use Before Posting A Hijackthis LogPlease also post the problems you are having.

Read other 1 answers
RELEVANCY SCORE 76.8

I had recently gotten help from one of the forum admins/tech support, Broni, to remove a powerful and horrible virus that kept playing ads in the background.

but now that its been removed, all my sound is not working on my PC. Rebooting the pc doesnt produce sound, clicking things doesnt produce sound, my headset doesnt produce sound, my microphone doesnt produce sound or transmit it, and videos, along with music on the pc doesnt produce sound.

It seems that all sound has stopped functioning I could use some help!
 

A:No audio at all from computer/headset/microphone after having computer cleaned of virus

Go to your computer manufacturers website, go to the support/download/driver page.

Select which operating system you have.

Go to the audio section, and download the file , run the EXE, restart your machine and sound should work.

It's probably a driver issue..
 

Read other 2 answers
RELEVANCY SCORE 71.2

i decided to open up 21 to allow my nas to be seen on the internet so i could access files. whod notice, right? after all i did have a five letter password. roughly 1/2 hour after i started getting emails from my firewall and my dlink g600 nas was kind of unresponsive. i ran a sniffer and found my laptop with at least 50 open connections through different ip's running udp on a high port (3600k) i've never seen this before and thats really what concerned me the most. I don't run bittorent, but somehow the mini exe package that comes with the new one was running on it (bits.exe) i think. it uninstalled but i still ran avast after i noticed the sniffer had my nas maxed at 5 users from 5 unique ip addresses, each sniffing from god knows where. they hadn't guessed the admin yet and would have been a long way away from it, but i found the bittorent www.bittorrent.com/bits/whatisbits.htm i think is the site. i found js:pdfka in a wkp3.tmp file, and it infected 3 other system files that looked like they got quarantied. I dug around on my other one and found a blank entry running that referenced to nsis and an add/remove that looks like it got it, but i'm scanning it right now. i could use any help out there, i've been worried every computer might be infected. thanksLogfile of Trend Micro HijackThis v2.0.2Scan saved at 12:12:10 AM, on 3/29/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16791)Boot mode: NormalRunning processes:C:\... Read more

A:js:pdfka and nsis installation on an unsecure computer on the lan - malware today found with avast

Hello,I apologize for the delay in response, we get overwhelmed at times but we are trying our best to keep up.If you have since resolved the original problem you were having would appreciate you letting us know. As its been a while since you posted your log, I will need an updated one.Please take a look at the Preparation Guide for a download link to DDS and instructions on how you should ask for help. Thanks and again sorry for the delay.

Read other 2 answers
RELEVANCY SCORE 71.2

Hello everyone.
My parents computer got a virus a couple days ago. My dad started running a virus scan using Sophos Anti Virus, but the computer BSOD'd in the middle of the scan. When I tried booting it back up, an error message came up: "load needed DLLs for kernel" (didn't load in Safe Mode, got stuck after bootvid.dll). Trying to boot off the Windows CD gave a BSOD, but I fixed it by resetting the CMOS. I went into the recovery console and copied/overwrote two files from the Windows CD (kdcom.dll and bootvid.dll). This allowed the computer to boot, but I think the computer is still infected.

All of yesterday I ran some virus/spyware/malware scans to try and fix the issues. So far I've run: MBAM, Spybot, and Sophos. MBAM found a few Trojans, which it was able to remove. Spybot found some issues and fixed them as well. Sophos found 5 infected items and added them to the quarantine, however only some quarantined items could be cleaned up (I think there are 9 or 10 items in the quarantine from previous scans). Everything that wasn't cleaned up is listed as AdWare (but it's in the quarantine folder so they should be inactive).
I thought most of it had been cleaned up, but the machine has been freezing many times lately (the only way to fix it is to hold down the power button). Also, while trying to Google from that machine today, I was redirected to a suspicious page (I closed out of it immediately). What should I do now?
Somewhat off-topic: Whi... Read more

A:Computer got a virus, cleaned it a little, not sure where to go from here...

Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log can also be foun... Read more

Read other 21 answers
RELEVANCY SCORE 70.4

I had a trojan Virus in the computer. I think that I got rid of it, but I am not sure could anyone that can read a log please tell me if there is anything else left in the computer. The computer now doesn't stay on-line it disconnects itself. I called the company that provides me with my internet service, and they said that I need a filter for the phone line. The person told me that, that will take care of the problem of the internet disconnecting. I think that it could be the virus I had in the computer. I wasn't able to get on-line for at least a week, I had gone and checked the disk for errors and finally the anti-virus program was able to find the virus's.

I am posting a log. Can someone please HELP

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:11:38 PM, on 8/14/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\tinySpell\tinyspell.exe
C:\WINDOWS\sys... Read more

A:Is computer cleaned after virus infection?

I suggest that you request this posting be moved to the malware section. There are specially trained people who work with this type of thing. They have a gold shield next to their names.
Vicks
 

Read other 1 answers
RELEVANCY SCORE 69.6

I got a virus last week on my computer it was called Cryp_Xed-22 i managed to delete it and did many different scans spend hours on phone with trend micro and Microsoft pc safety. i usually am pretty good at this buy now in all the years i have never had a problem with my computer running slow and weird . every time i open firefox or explorer they both are slow and shut down also some parts of my computer are just slower than normal. i have checked everything and uninstalled and reinstalled these . here are the logs of hijack this and root kit search as well? does anyone one see something wrong? I appreciate your help thanks!!!Logfile of Trend Micro HijackThis v2.0.3 (BETA)Scan saved at 12:09:57 AM, on 2/22/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16981)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Trend Micro\Internet Security\SfCtlCom.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Trend Micro\BM\TMBMSRV.exeC:\Program F... Read more

A:computer running slow after virus but says it's cleaned!

I got a virus last week on my computer it was called Cryp_Xed-22 i managed to delete it and did many different scans spend hours on phone with trend micro and Microsoft pc safety. i usually am pretty good at this but now in all the years i have never had a problem with my computer running slow and weird . every time i open firefox or explorer they both are slow and shut down also some parts of my computer are just slower than normal. i have checked everything and uninstalled and reinstalled these . here are the logs of hijack this and root kit search as well? does anyone one see something wrong? I appreciate your help thanks!!!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:01:10 AM, on 2/22/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16981)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Trend Micro\Internet Security\SfCtlCom.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Trend Micro\BM\TMBMSRV.exeC:\Program Files ... Read more

Read other 9 answers
RELEVANCY SCORE 68.8

My husbands little sisters computer started acting up, first upon restart a error was popping up saying a file was missing from system tray there was a error, it would then lock the computer for a few minutes. I started task manager to see what was running, upon trying to end process to a few applications it kept telling me error access denied and wouldnt shut anything down. I ran malwarebytes and eset, 9 problems were found on eset and 7 others on malwarebytes, they were cleaned and computer was restarted. After restart the system tray error no longer occured but no internet access, no movie files can be played and the task bar still doesnt work. I went to malwarebytes via safe mode w/ networking and ran the rootkit finder beta version, it found a Alureon VBR rootkit, (It doesnt keep a log so the exact version i'm not sure of) It was cleaned, computer was restarted but is only getting worse. Please Help
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16611
Run by kidd at 21:56:21 on 2013-06-25
Microsoft Windows 7 Home Basic   6.1.7601.1.1252.1.1033.18.8061.5761 [GMT -4:00]
.
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Spybot - Search and Destroy *Disabled/Outdated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Ru... Read more

A:Rootkit Virus detected , cleaned, computer still not working

Hello lilbit2604 and welcome to Bleeping Computer!I am D-FRED-BROWN and I will be helping you. Please print or save this topic. It will make it easier for you to follow the instructions and complete all of the necessary steps.----------Step 1----------------Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Double-click on TDSSKiller.exe to run the tool for known TDSS variants.Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it.To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.----------Step 2----------------Please download Malw... Read more

Read other 12 answers
RELEVANCY SCORE 68.4

Quote:
The Internet may be 40 years old, but one of the most infamous aspects of both the Web and personal computing in general is quite a bit younger. It was 26 years ago when the first known proof of concept code for a computer virus was demonstrated in a public venue, following up on theories and other attempts to produce self-replicating code.


more..

A:The computer virus turns 26 today

Happy Birthday Virus.

Read other 4 answers
RELEVANCY SCORE 68

I have windows vista, and whenever i run my virus scan or spyware scan, my computer locks up when it gets to a specific folder. that folder is program files/common files/microsoft shared/office 12. If i try to go to that folder, the computer locks up as well. I have no idea what to do about it. Any help would be appreciated, thanks.

A:Computer Freezes And Restarts When I Run Virus Scan Or Spyware Scan

Try running your scans in safe mode. The Advanced Boot Options menu lets you start Windows in advanced troubleshooting modes. You can access the menu by turning on your computer and pressing the F8 key before Windows starts. Select safe mode there, and run the scan.

Read other 4 answers
RELEVANCY SCORE 67.6

[i]I am on Microsoft xp home edition PC and have the spysherrif BUG This is the information i posted a day ago:[i]I have a virus that is called SpySherrif. Its hovers on my desktop and has turned the destop black. There is a warning in red that says "WARNING ! SPYWARE DETECTED ON YOUR COMPUTER. install antivirus or antispyware software to clear your computer. View a list of top spyware removers here"I have been using some instructions posted on this website , and downloaded Cleanup! I am just about to use HijackThis but dont want to make a mistake and delete something that will affect the things that are harmless. Please help.ThanksTHIS IS THE REPLY I GOT FROM SOMEONE:Hi There I have read your post and I think it would be wise for you to post a HijackThis log for an expert to review. Do not use HijackThis if you don't really know what you are doing as you will do damage!I recommend you follow the HijackThis preparation guide which can be found here. It is important that you follow the guide closely. A number of scans will be run which may well fix your problem.As the guide says, after you have completed the scans that are recommended, please post your "HijackThis" log in a new topic in the forum found here. Please add your system infomation and also what problems you are having. Please be patient, and a HJT team member will help you to clean up your systemDavidSome of the software i tried to download as the guide advised is as follws1. SPYBOT ... Read more

A:Dear Bleeping Computer Staff I Have Spysheriff Bug

Download smitRem.exe ?noahdfear, and save the file to your desktop.Double click on the file to extract it to it's own folder on the desktop.Place a shortcut to Panda ActiveScan on your desktop.Please download the trial version of ewido anti-malware here:http://www.ewido.net/en/download/Please read Ewido Setup InstructionsInstall it, and update the definitions to the newest files. Do NOT run a scan yet.If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:Ad-Aware SE SetupDon't run it yet!Please click: Start--> Control Panel--> Add or Remove Programs--> Uninstall (if found) any instances of:HotbarNext, please reboot your computer in SafeMode by doing the following:Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, press F8.Instead of Windows loading as normal, a menu should appearSelect the first option, to run Windows in Safe Mode.Now scan with HJT and place a checkmark next to each of the following items and click FIX CHECKED:O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\Program Files\ShopperReports\Bin\1.0.8.0\ShprRprt.dll (file missing)O2 - BHO: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.7.1.0\HbtHostIE.dll (file missing)O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files ... Read more

Read other 3 answers
RELEVANCY SCORE 67.6

I'm wondering if you have reason to believe you have a server and have reason to believe it is infected (for instance a terminal server running Server 2008 R2) if the Bleepingcomputer staff can assist with the removal? 
 
Cheers

A:Question - Does the Bleeping Computer Staff Assist With...

Yes. I believe they assist with OSX and Linux virus' and/or system errors too.

Read other 2 answers
RELEVANCY SCORE 67.6

Hello, I'm back again unfortunately.

Have run Panda online Scan and Bitfinder Scan online I have both the logs if you require them. I think I have deleted the virus etc, in safe mode however I have also lost the use of windows media player Audio in the event , I may have accidentily deleted that file in the Add Remove software feature of windows.

Any help in checking my Logs and the restoration of the Audio component is appreciated.

I also run add aware and CCleaner daily. My Son visited and used the computer for a few hours and that virus showed up redirecting IE to the virus Page.

I normally use Opera as my main Browser. Thank guy's/girls for your help it's much appreciated.

Julles

A:Virus [email protected] infected my computer today.

Logfile of HijackThis v1.99.1
Scan saved at 9:36:38 PM, on 11/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iVideoCodec\isamonitor.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iVideoCodec\isamini.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Deskto... Read more

Read other 15 answers
RELEVANCY SCORE 67.6

Hi.When I do a sweep of my computer with Spysweeper and it gets to file C:\Acer\Empowering Technology\ET-UI-NB-NL.EXE the scan stops/freezes and my computer stops responding.If I do a virus scan with Windows Defender when it gets to file ET-UI-NB-NO.EXE it freezes as well and I have to do a hard reboot each time to get computer running again. However if I run a virus scan with Kaspersky there are NO problems and it does not show up any viruses etc. I have Kaspersky as my main internet security and just like to sweep every so often with the other 2 obviously keeping them updated.Anyone out there have any ideas as I have uninstalled/installed Spysweeper with no fix and have just noticed I have lost all restore backups to try and recover to any earlier date! Here is my HJT LOG for extra info:-

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:53:56, on 21/07/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Users\Taz\AppData\Local\Temp\RtkBtMnt.exe
C:... Read more

A:Computer Freeze during Spysweeper scan & virus scan

Any help would be greatly appreciated!!
 

Read other 1 answers
RELEVANCY SCORE 67.2

Copied and pasted from Windows 7 forum
While browsing the internet last night the above message appeared on screen. I was unsure whether this was a genuine Microsoft alert or a fraud and shut down my computer when the scan started. I have now run a scan with McAfee Internet security which reported no issues detected. My concern now is not knowing whether this was a genuine part of the Windows 7 security or not and would appreciate advice on this. I am 3 days into a 30 day shareware trial of FastStone Capture and wonder if this might have been the cause of the "alert"

Since posting this I have been told that this was a scare tactic. I have uninstalled FastStone Capture in case that was the source of the "activity" and now when I turn on my computer I see an "Open With" screen on my desktop offering several choices to open programs for photos. I had been working a slide show adjusting photos when the warning of "activity" appeared on screen last night. I cannot remove this now and wonder if my security has been bypassed. I have McAfee Internet Security 2011 installed and running, have all the MS and Adobe updates.

Is there any way I can check if I have been attacked?

O.S Windows 7 Home Premium 64bit

A:Windows found activity on this computer and will do a quick scan

Hello, that is a scarware. I want to run this and see what it shows.Next run MBAM (MalwareBytes):Please download Malwarebytes Anti-Malware and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selec... Read more

Read other 13 answers
RELEVANCY SCORE 66.4

Hi everyone,

I have a Vaio VGN-BX760 laptop, running XP and recently ran the vaio recovery to reformat the C: drive since I suspected a virus or trojan. I tried creating recovery disks to reformat the entire system, but I kept getting a blank pop up screen with an "ok" button and when I click it, it exits the Vaio recovery, so I'm not sure if that is already an issue in itself. So instead, I chose to format the C: drive to restore to factory condition.

When I formatted the C: drive to restore it to factory condition, I installed AVG free and ran a scan. It found about 28 rootkits and it's been a while since I've had any issues with internet virus/malware so rootkits are completely new and foreign to me. I just find it odd that it found it on a newly formatted drive.

I was afraid it was a false positive so I searched online and downloaded the TDSSkiller to confirm and that scan gave me 17 infected files. So now I'm not sure what to do and how to verify that I actually have rootkits, what they even are and how to fix it/restore my computer to normal. Is there a fix without requesting the vaio recovery disks from sony to completely restore the entire system?

My IT guy at work said the original virus may have infiltrated to the recovery partition which could be why my recovery disk creation option doesn't work and so restoring just the C: drive may not have gotten rid of any rootkits.

This is the report AVG gave me:
"";"tcpip.sys, hooke... Read more

A:[SOLVED] AVG scan found rootkits on a newly formatted computer

Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

We want all our members to perform the steps outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post/attach the logs in your next reply.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

------------------------------------------------------

Read other 3 answers
RELEVANCY SCORE 66.4

While browsing the internet last night the above message appeared on screen. I was unsure whether this was a genuine Microsoft alert or a fraud and shut down my computer when a scan started. I have now run a scan with McAfee Internet security which reported no issues detected. My concern now is not knowing whether this was a genuine part of the Windows 7 security or not and would appreciate advice on this. I am 3 days into a 30 day shareware trial of FastStone Capture and wonder if this might have been the cause of the "alert"

Please help.

A:Message "Windows found activity on this computer and will do a quick scan"

No, this is not a normal window ... it's scareware. Follow the instructions and post a new topic explaining your problem here --> http://www.bleepingcomputer.com/forums/forum103.html

Read other 3 answers
RELEVANCY SCORE 66.4

My computer was found with a virus just now and I cleaned it using AVG Free Edition. I just wanted to know if I got rid of everything.
Logfile of HijackThis v1.99.1
Scan saved at 2:53:12 PM, on 5/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\ITE\Smart Guardian\ITESmart.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\HiJackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System... Read more

A:Solved: Virus found and cleaned, I think, HJT Log

Read other 7 answers
RELEVANCY SCORE 65.6

I have AVG Free installed and I am running Windows XP SP 3. Earlier today, AVG found "Win32/Heur" in three locations on my computer. One of the locations indicated was a program file for one my applications, Pro Tools LE.exe

AVG has quarantined the virus... now Pro Tools is not only nonfunctional, I get error messages trying to play music, as my Mbox acts as my sound card... being that the Mbox drivers were installed with the Pro Tools software, I am assuming this is the connection.

My question is: do I need to reinstall Pro Tools?

A:Virus found and cleaned, now some programs not working

Have not used AVG in years.

How ever most AV`s move things to quarantine. You should be able to have it return the file to the proper location. Then you will need to tell it to ignore that file from future scans.

Just reinstalling the program(s) will likely lead to AVG quarantining it again.

Read other 4 answers
RELEVANCY SCORE 65.6

Hi,
Thanks for the time. I consider myself VERY careful when it comes to what I download and what sites I visit with my PC. So I was a little shocked when I found a virus on my machine. I was the same day trying out a couple twitter programs called Hootsuite and tweetdeck. Other than that I really didn't visit what I would consider an ify site.

Was visiting some sites and my browser stared acting funny so I scanned with McAfee and It found 2 Trojans. I removed both of them.

After that I ran McAfee 3 additional times and it picked up nothing. After looking around here for a bit to have a look at what I should do next I downloaded Malwarebytes Anti-Malwere and ran it. It found nothing.

I still didn't feel safe so I ran Housecall and it did find something. 2 Root kit files. I didn't know what they were but did some reading and found out the could be really nasty. So after removing those 2 files I ran hijackthis so I could post it here.

My question as I post this is am I safe now? What should I do to make sure that the Root kit files didn't leave open a back door? I just want to be as safe as I can be. I cant stand knowing my system was compromised!

Any help or info on what I should do next would be a great help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:18:54 AM, on 11/15/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18319)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\... Read more

A:Found a virus and cleaned. Am I safe now? Whats next?

bump
 

Read other 2 answers
RELEVANCY SCORE 65.2

Had the day from hell with my computer, antivirus stopped working and my computer got infected. On safe mode with networking, I ran malwarebyte a couple times, cleaned most all of it out. When rebooting to windows, computer became super slow, like 5 minutes to open a window, etc. I had to force reboot a few times. But then I started getting a screen that demanded a reboot disk. Only one I have is. a windows vista disc. I had windows 7. It won't let me even get that blue startup screen where I can push f keys.
Can anyone give me some advice, or do I need to just get a new hard drive.

A:computer infected , cleaned, bsod, freezing, now computer wants boot disk

Welcme,
The problem isn't the hard drive, it's that you are still infected.
I'm going to ask a moderator to move this thread into Am I Infected so that you can work with one of the expert volunteers there to get your system cleaned correctly.
 
Dick

Read other 7 answers
RELEVANCY SCORE 65.2

Initially I had noticed that something was up as it started locking up randomly; ran a scan using Ad-Aware Anniversary Edition and it found the machine to be infected with WIN32.TROJANDOWNLOADER.AGENT. So it cleaned it up and... the machine started acting even crazier. A bunch of application profiles (like for Firefox) became corrupt, dragging files from one folder to another did not work (but copy/pasting them did; what the heck), my graphics drivers went haywire, the system refused to download any files (per some security policy) and then Windows found that the registry was amazingly corrupt. Most of these issues have been addressed in one form or another (turns out a fair number of system DLLs were not properly registered); is this just an instance of the cure being worse than the disease? Or did I not get everything cleaned up?One thing that caught my attention is that file indexing was apparently turned on; I know I disabled that for performance reasons when I first set this machine up.I have since run both Bitdefender Online Scanner and TrendMicro Sysclean and they both came up clean.If you're looking in the attached log there is one file that comes up as gibberish (comes up as 3D??????); that is just a Japanese program where the name got mangled in the scanning program.DDS (Ver_09-03-16.01) - NTFSx86 Run by Duppy at 14:20:30.25 on Thu 04/23/2009Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13============== Running Processes ============================= Pse... Read more

A:Computer had WIN32.TROJANDOWNLOADER.AGENT; cleaned but computer acting even crazier

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

Read other 2 answers
RELEVANCY SCORE 62.4

Hi all,
 
I am a very big newbie to this site although I've read a few posts about removing spyware/viruses.
This is where I have hit a brick wall.
 
I have some sort of spyware ad thing probably amongst other viruses that have slipped past the virus checker and need to do a cleanup. However, I have tried my bullguard scanner which seems useless, then I tried antimalware plus a few other free online scanner downloads, all of which have resulted in my laptop being shut down during the scan. Sometimes it won't turn back on for 10 minutes, doesn't even show the charge indication lights then all of a sudden it's fine again. It should probably be noted that the laptop gets hotter than it should do - another sign of some sort of virus.
 
I would really appreciate some help, I have limited knowledge and have gone as far as I can using google!
 
Thanks
 

A:Computer virus/spyware - laptop shuts down during virus scan

Hello and welcome 
 
I don't think that your problems are just because of malware, but we will try to help.
 
-----
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
§  Flush DNS
§  Report IE Proxy Settings
§  Reset IE Proxy Settings
§  Report FF Proxy Settings
§  Reset FF Proxy Settings
§  List content of Hosts
§  List IP configuration
§  List Winsock Entries
§  List last 10 Event Viewer log
§  List Installed Programs
§  List Devices
§  List Users, Partitions and Memory size.
§  List Minidump Files
§  List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
 
-----
Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.
 
§  Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
§  At the end, be sure a checkmark is placed next to the following:
 
o    Launch Malwarebytes Anti-Malware
o    A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
 
§  Click Fini... Read more

Read other 2 answers
RELEVANCY SCORE 62.4

I wanted to know what the best way to scan for any virus or malware you might have on your system. Any tools or anything that I should use to check for intrusions. I recently was infected and also wanted to make sure that everything was gone.

A:Computer virus scan

Hi -Wihout knowing of your previus infection, on a deneral basis your best opyions are Fukk scans with your Antivirus.You would follow with Full scans by Malwarebytes Anti-Malware Free and SuperantiSpyware Free.You could also use ESET Online ScannerDisable your antivirus program - Information on A/V control (temp disable) HERE if neededTick the box next to YES, I accept the Terms of UseClick StartAccept any security warnings from your browser.Check Scan archivesClick StartESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.If you had certain odd infections there are some other tools, but. the above are your "general" response -Thank You -

Read other 2 answers
RELEVANCY SCORE 62.4

So I was on my computer doing my normal thing when my computer closed internet explorer and all hell broke loose. Through save mode I was able to lose 3 trojans, they were called trojan.tibs.itand one pup uploaderand two PUM.Hijack.startid post up the logs but i cant fins them after i did a system restore once all the viruses were gone, I scanned with malwarebytes, tdss killer, and superantispyware. My computer is running fine now and my only problem is, the virus seemed to get rid of everything. All my icons, pictures, etc were gone, so I system restored it and got all my programs back, but now all my essays and whatnot are gone. Is it safe to use my computer?(Moderator Edit: moved post to more appropriate forum.jgw)

A:Cleaned out 5 viruses today

You may be infectedDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Please download GMER from here(doesnot work on 64 bit OS)http://www2.gmer.net/download.phpTemporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply. DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here

Read other 5 answers
RELEVANCY SCORE 61.6

Hey Guys,

i've been working for a rather big company in the client infrastructure management and we're currently struggling with the offline scanning functionality on Windows 7 devices.

First some basic information about our environment:
We have Lenovo as our Desktop and Laptop vendor.

We are using the X1, X2xx, T4xx, T5xx and P50 Laptops as well as
the M9xx, P5xx Desktops.


Some time ago Lenovo introduced the NVMe drives with the M900, the P50 and the X1 Carbon and thats were the problems began.

If a device gets a positive virus detection the device is taken off the network and is not allowed to join back in until a offline virus scan from two different companys has run on the system. With the new NVMe drives, the so called rescue cd's lost their
functionality. They won't detect the drives.

We then tried to find another AV company which brings support for NVMe drives but we found out that none out of ~15 tested rescue cds (even Microsoft Offline) has such support.

We're now planning to just delete and reinstall suspicious devices until we find a better way of not leaving the user 1-2 days without a device or giving them a new one.
For Windows 10 it will get a bit easier because of the built-in offline scan functionality but why doesn't the stand-alone version from Microsoft support NVMe drives?
I had to manually import the drivers into the WinPE (?) so that the harddrive was at least detected. Then we have the problem, that you have to update the ... Read more

Read other answers
RELEVANCY SCORE 61.6

I use Avast, Malwarebytes and Super Anti-spyware. When doing any scan with any of these, the computer freezes up when a scan reaches this file C:\SWSETUP\InetSec06\US\Setup\asCore|AnitSpam\asAddBK.dll and will go no further. I then must hard shut down and restart my computer. I also tried doing a file search with no success. Any help would be appreciated. I'm using XP home on my laptop.

Thankyou

A:computer freezes during Virus Scan

Looks like malware to me, Google Hits .I will move this to the Am I Infected forum for a deeper look by the more knowledgeable .Louis

Read other 1 answers
RELEVANCY SCORE 61.6

Hello:

I am posting for a friend. She has a computer and it had the Windows 360 virus from who knows where. A system restore was done because she couldn't get anywhere else on the computer. Once that was done, it seemed fine and now it won't boot up. It goes to the Windows screen and its blank/blue then it goes to the desktop screensaver with NO icons or start button/bar. She cannot right click the desktop, it just shows the hour glass and never finishes. She can use Ctrl+Alt+Delete and the CPU Usage is low, around 2%.

The System Idle process is at 99% in the CPU column and all the rest are very low.

How can she scan this computer for virus' etc if its freezing up etc?

Thank you for your help!

Katica

A:Can't boot computer to scan for virus'

well I know you shouldn't really take advice from people that aren't from this site, but I would say you get into task manager, then click new task, type in

"explorer.exe"

without the quotes
Windows should start working from there.
But then again I dont know what virus's and all the sorts you have.
Who knows what they will do when you get windows to work.

Maybe you should check if explorer.exe is already listed in the task bar
If it is then this wont help you I guess.

Read other 1 answers
RELEVANCY SCORE 61.6

Hello all...this is my first post to this forum, so if I seem like a n00b, it's because I am. My computer had/s a virus. I ran a scan using McAfee 8.0i Corporate Edition, and was able to delete one: Exploit-MhtRedir.gen However, the scan did not complete. At a certain point in the scan, the computer shuts off. This would lead me to believe I have ANOTHER virus, or that the virus that was supposedly deleted, wasn't. I have run HijackThis! just to make sure I am covering all the bases. Below is a copy of the log file: ----------------------------------------------------------------------------------- Logfile of HijackThis v1.99.1Scan saved at 12:27:19 PM, on 12/4/2005Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeD:\Program Files\Sygate\smc.exeC:\WINDOWS\system32\spoolsv.exeD:\Program Files\Common Framework\FrameworkService.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\RunDll32.exeD:\Program Files\Java\bin\jusched.exeD:\Program Files\Virus Scan\SHSTAT.EXED:\Program Files\Common Framework\UpdaterUI.exeC:\Program Files ... Read more

A:Computer Crashes During Virus Scan

Hi --AuRyn-- and Welcome to the Bleeping Computer!Download WinPFind: http://www.bleepingcomputer.com/files/winpfind.phpRight Click the Zip Folder and Select "Extract All"Don't use it yetDownload Pocket KillBox from here:http://www.atribune.org/downloads/KillBox.exeHighlight the list below and press Ctrl+C to CopyC:\WINDOWS\System32\r5uhaq3.exeC:\WINDOWS\System32\0tp06.exeOpen Pocket Killbox-> Click File-> Click Paste from ClipboardPlace a tick by Delete on Reboot->Select Options-> Place a check by Process all in List Click the Red Circle to DeleteClick Yes to the Prompts that follow and let Killbox Reboot the PCReboot into SAFE MODE(Tap F8 when restarting)Here is a link on how to boot into Safe Mode:http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_namOpen HijackThis and put a check by these but DO NOT hit the Fix Checked button yetO4 - HKLM\..\RunOnce: [0tp06.exe] C:\WINDOWS\System32\0tp06.exe /kO4 - HKCU\..\RunOnce: [0tp06.exe] C:\WINDOWS\System32\0tp06.exe /kNow Make sure ALL WINDOWS and BROWSERS are CLOSED and hit the Fix Checked ButtonFrom the WinPFind folder-> Doubleclick WinPFind.exe and Click "Start Scan"It will scan the entire System, so please be patientOne you see "Scan Complete"-> a log (WinPFind.txt) will be automatically generated in the WinPFind folderRun MSCONFIG and enable everything in the startup area. To get to MSCONFIG... Read more

Read other 2 answers
RELEVANCY SCORE 61.6

My computer shuts down at random times, often disconnects from the internet repeatedly, and it always shuts down without warning during virus scans with avg, avast, and some other programs.Here's the DDS log:DDS (Ver_09-12-01.01) - NTFSx86 Run by comp at 14:42:58.08 on Mon 02/22/2010Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_18Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3000.1642 [GMT -5:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Wi... Read more

A:Computer shuts down during virus scan

Hi bluescreenedagain,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.----------------------------------------------Let's run some checks on just how locked the malware has made your PC.Please download ComboFix from one of these locations:BleepingcomputerForoSpywareGeeksToGo* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exeDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)Double click on Combofix.exe & follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this p... Read more

Read other 7 answers
RELEVANCY SCORE 61.6

I'm a noob and a friend told me about bit torrent. I tried it a little, and...well, I have a virus. Dumb, I know.

My computer freezes and slows, stops completely when I run a virus or malware scan. I have Norton 2009, tried to run spybot and malwarebytes. System restore doesn't work, nor does going to safe mode.

Scan stops at c:\WINDOWS\system32\duser.dll and computer freezes completely.

Computer shuts down with this error message

A process or thread crucial to system operation has unexpectedly exited or been terminated.
***STOP: 0x000000F4 (0x00000003, 0x89365558,0x805D297C

Beginning dump of physical memory
Physical memory dump complete
Can only turn it off manually. I downloaded Hijack This to get a log...will post if requested. I'm using XP, a Dell Inspiron

Please help!

A:Computer freezes on virus scan

Hi and welcome to BleepingComputer The process of cleaning your computer may require temporarily disabliling some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Result... Read more

Read other 5 answers
RELEVANCY SCORE 61.6

Hey everyone. My laptop keeps shutting down when I run any virus or malware scans, and get an error message when trying to go to an earlier date on system restore.

Here's my laptop info:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz, Intel64 Family 6 Model 37 Stepping 5
Processor Count: 4
RAM: 3892 Mb
Graphics Card: Intel(R) HD Graphics, 1722 Mb
Hard Drives: C: Total - 102399 MB, Free - 35667 MB; D: Total - 359076 MB, Free - 285052 MB;
Motherboard: SAMSUNG ELECTRONICS CO., LTD., R580
Antivirus: Kaspersky Total Security, Updated and Enabled

Any help is appreciated, thank you.
 

Read other answers
RELEVANCY SCORE 61.6

i am running windows xp media edition and virgin media pc guard every time i try to do a virus scan the computer turns its self off, this happens at varying degrees of scanning does anyone know how i can resolve this?
 

A:Computer turns off during virus scan

Read other 7 answers
RELEVANCY SCORE 61.6

hi this is my first post

the problem:
while trying to do a full system scan using Mcafee SecurityCenter my computer froze - after resetting and trying a few more times i realized that it always froze while scaning the same file: system.windows.forms.dll
i then downloaded Avast antivirus and tried it - it too got stuck on the same file
after checking this forum i installed Hijack this - here is the log file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:36, on 04/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Program Files\Dell DataSafe Local Backup\Components\scheduler\STService.exe
C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Dell\DellComms\bin\sprtcmd.exe
C:\Pr... Read more

A:my computer keeps freezing during virus scan

heres an update :

i tried scanning in safe mode
first i tried scanning in safe mode with networking
the mcafee scan froze the coputer like the rest of the times
the avast scan got stuck on the system.windows.forms.dll file but except for the fact that i couldnt open taskmanager the rest of the computer seemed to be working fine

then i tried safe mode without networking
the mcafee scan finishe without error and didnt find any viruses
the avast scan finished but the system.windows.forms.dll file came up with the files that could not be scanned the reason being:
"the system cannot read from the specified device"

i had the option to quarantine the file - should i do that ?

i dont know what this file is for and i realized that i have seven of these files on my computer but the scans only seem to get stuck on one of them.
 

Read other 3 answers
RELEVANCY SCORE 61.6

I have 2 user accounts on this laptop and I wanna scan the WHOLE computer.
HOW DO I DO THAT?

A:How do i scan my WHOLE computer for virus using AVAST?

Start avast! antivirus by clicking on the desktop shortcut.1. Click on the hard disk icon in right. This will select all local hard disks to scan.2. Click on the play icon on left to start scanningI assumed that you are using the default skin.

Read other 3 answers
RELEVANCY SCORE 61.6

Hello, I have recently removed the vurtumondo virus and the jkhfe.dll but i'm still having lag trouble with my machine, I havent installed anything for quite a while but my C: Drive went from a couple of gigs of space to around 400mb, which i suspect to come from malware. Adaware, Ewido, and Bitdefender find malware, but they keep coming back after deletion.

Here's my Log as of 10-01
Logfile of HijackThis v1.99.1
Scan saved at 11:00:22 AM, on 10/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Executive Software\Diskeeper\DkService.exe
D:\Program Files\ewido anti-spyware 4.0\guard.exe
D:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
D:\Program Files\Prevx Home\PXAgent.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Sony&... Read more

A:Computer Still Slow After Virus Scan

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download ComboFix and save it to your desktop.Double click combofix.exe and follow the prompts.When it's done running it will produce a log for you. Please post that log in your next reply.Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Read other 15 answers
RELEVANCY SCORE 61.6

I am running Windows Vista Home Premium, Service Pack 2. HP Pavilion

I have run Kaspersky Online, Malwarebytes, and Windows Defender. With all three of these scan, my computer freezes and has to be restarted. This is the file name that it freezes on: C:\windows\system32\lgfxrheb.lrc

Help Please

A:Computer freezes during virus scan

Run Root Repeal but only select the Drivers box and Files boxPlease download RootRepeal.zip and save it to your Desktop.alternate download link 1alternate download link 2Unzip the file on your Desktop or create a new folder on the hard drive called RootRepeal (C:\RootRepeal) and extract it there.
(click here if you're not sure how to do this. Vista users refer to these instructions.)Disconnect from the Internet as your system will be unprotected while using this tool.Close all programs and temporarily disable your anti-virus, Firewall and any anti-malware real-time protection before performing a scan.
This will ensure more accurate results and avoid common issues that may cause false detections. Click this link to see a list of such programs and how to disable them.Open the RootRepeal folder and double-click on RootRepeal.exe to launch it. If using Vista, right-click and Run as Administrator...When the program opens, click the Report tab at the bottom, then click the Scan button.In the Select Scan, dialog which asks What do you want to include in the scan?, check all the boxes.DriversFilesProcessesSSDTStealth ObjectsHidden ServicesShadow SSDTClick OK.In the Select Drives, dialog Please select drives to scan: select all drives showing, then click OK.The scan can take some time to finish. Do not use the computer while the scan is running.When the scan has completed, a list of files will be generated in the RootRepeal window.Click on the Save Report button and save it as rootrep... Read more

Read other 3 answers
RELEVANCY SCORE 61.6

Hi all, I discovered the forum after trying to find help searching on google. Any and all help is appreciated!I had noticed a few months ago (but didn't think anything of it...whoops) that my norton AV never finished it's run, it'd get to 100000 files or so and then continue running, but the file counter wouldn't go up and it would never finish. Recently I have been having crashes, so I tried scanning again, both with norton and AVG, and both caused crashes. I then tried to do the same in safe mode. They'd run for a while, then disappear. I had found another post which recommended dr. web and was able to run that in safe mode. However, I'm still having crashes when I run Norton and AVG. Included is my most recent HiJack this Logfile. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:51:19 PM, on 6/20/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\... Read more

A:Virus Scan Causes Computer To Crash

Guess I should post what Dr. Web found as far as viruses...

Trojan.muldrop.420
trojan.click.1487

There were a couple other trojans that it found on my first partial run, but I didn't save that log

Read other 51 answers
RELEVANCY SCORE 61.6

Lately I noticed a considerable drop in performance and frame rates(constant lag spikes) when playing video games,so I decided to scan my PC for malware and such.Just to be sure,I did that in safe mode.But just after I start scanning,my PC shuts down abruptly.It does not restart or give me a blue screen.This happens when I scan with either Avast or Malwarebytes,but only in safe mode.

I scanned for malware like this before,and it worked,Malwarebytes being able to do it's job and delete some bad stuff in my WINDOWS folder.Now it doesn't work anymore.

I do NOT see an overall performance drop in my PC,this only happens in video games.My graphics drivers are up to date,so what could be wrong.

Read other answers
RELEVANCY SCORE 61.6

So i purchased Ad-aware and ran a full scan before i went to bed last night. Woke up and it was frozen after running for 11hours straight...That's actually the farthest it made it. Not sure how to post a hijackthis log?

Edit: Figured out how to use hijackthis.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:29:05 AM, on 1/6/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Users\BATT\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hotkey\Hotkey.exe
C:\Users\BATT\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1... Read more

A:Computer Locks Up During Virus Scan

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/436617 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 74 answers
RELEVANCY SCORE 61.6

When running a comprehensive virus scan with Norton 360 the scan gets stuck on a particular file (not the same file every time) and windows freezes, when ctrl+alt+del is pressed the screen goes black and an error message about security comes up - I know more detail on this error message would be good but as my computer is important for my work I don't want to deliberately cause it to happen again, the only solution to this problem seems to be to unplug the computer. I'm sorry I cannot provide more details but I'm not the most computer literate and any help would be very much appreciated.DDS (Ver_10-03-17.01) - NTFSx86 Run by user at 8:14:18.32 on 05/10/2010Internet Explorer: 8.0.6001.18943Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.353.1033.18.3038.1634 [GMT 1:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exeC:\Windows\system32\Ati2evxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\sy... Read more

A:Computer Freezes During Virus Scan

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

Read other 2 answers
RELEVANCY SCORE 61.6

I have an ASUS K50ij-rx05 running Windows 7 64-bit. I recently started getting pop ups on my computer including My Computer Online Scan and AV8 Scan. I know these are a part of mulitple viruses, but I am not sure how to get rid of them. I have tried running Malwarebytes and Kaspersky, and they find viruses and things, but they just come back after I remove them. I have run them in safe mode as well and nothing has changed. I ran all the programs you requested and I am pasting and attaching the log files. Any help removing these will be greatly appreciated.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:41:47 AM, on 9/23/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Users\Brian\Desktop\Virus Removal Tool\setup_9.0.0.722_22.09.2010_14-25[1]\setup_9.0.0.722_22.09.2010_14-25[1].exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C... Read more

A:My Computer Online Scan and AV8 pop ups virus

Not sure why other people who are posting after me are getting help, but I can't get help. Please help me with the horrible virus!!!
 

Read other 2 answers
RELEVANCY SCORE 61.6

My computer freezes on virus scans and watching videos on youtube. I did a scan with hijackthis. Please help
1 0.2% O16 {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
2 0.1% O16 {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
3 0.1% O16 {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
4 0.1% O16 {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
5 0.0% O16 {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
6 0.0% O16 {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab
7 0.0% O16 {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by127fd.bay127.hotmail.msn.com/resources/MsnPUpld.cab
8 0.0% O16 {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/WebfettiInitialSetup1.0.0.15-3.cab
9 5.8% O2 (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
10 3.0% O2 Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
11 2.6% O2 Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLo... Read more

A:computer freezes on virus scan

Closing duplicate thread, please continue here: http://forums.techguy.org/malware-removal-hijackthis-logs/622280-i-did-check-should-i.html
 

Read other 1 answers
RELEVANCY SCORE 61.6

This just started happening yesterday. I came home and saw that my computer was frozen and I could see it happened while AVG was doing a scheduled scan, I could not bring up the Task Manager, nothing worked so I held down the power button on my computer to shut down. Everything seems to work fine, Task Manager doesn't show anything running that seems unfamiliar. I'm using AVG, but after running it again it locked up.I downloaded avast, disabled AVG and ran it, the same thing happened. I then tried Pandascan online, same thing. Each time when it locks up only the mouse will move. The computer is not making any sounds, and I've not installed anything new the last week (besides today HijackThis on the computer). I also decided after this happened to run windows update and installed important/security updates.I'm not certain if this is virus related or not.Here is what I have from HijackThis:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:58:30 AM, on 10/9/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18294)Boot mode: NormalRunning processes:C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Users\tommy\Program Files (x86)\DNA\btdna.exeC:\Program Files (x86)\Ralink\Common\RaUI.exeC:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exeC:\Windows\ModLEDKey.exeC:\Program Files (x86)\Linksys\WUSB6... Read more

A:Any virus scan is locking my computer

I've tried watching to see where it locks up but it doesn't appear to be at anything specific, I can't find a log file to show or anything.Hello loki87,We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.Thank you for understanding.Regards,The weatherman (Moderator)

Read other 3 answers
RELEVANCY SCORE 61.6

Got this last night. Spybot does not remove. Computer pop ups every 10 minutes trying to get me to pay for removal. Would appreciate a kind soul to tell me what should be removed in the HJ log.Thanks in advance.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:48:33 AM, on 10/16/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exeC:\Program Files\ewido anti-spyware 4.0\guard.exeC:\Program Files\Citrix\GoToMyPC\g2svc.exeC:\Program Files\Sound Devices\USBPre\Services\jjtAutoLaunch.exeC:\Program Files\Kaseya\Agent\AgentMon.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Citrix\GoToMyPC\g2comm.exeC:&#... Read more

A:Pop Up Virus "My Computer Online Scan"

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers