Over 1 million tech questions and answers.

how many spyware threats are you finding?

Q: how many spyware threats are you finding?

we're all spending more & more time removing & fixing problems caused by malware/adware & the like.

my question to all is how many threats are you finding when you run adware on a pc the first time after installing it? what about with spybot?

i had a pc yesterday that had been on the internet while running norton internet protection suite (all of it turned on & fully rigged). installed and ran adware. it found 1401 threats. that was a new record for me; previous to that the most i'd ever come across was 685, and that was on a pc that had been completely unprotected.

what kind of numbers are all of you seeing?

RELEVANCY SCORE 200
Preferred Solution: how many spyware threats are you finding?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: how many spyware threats are you finding?

Here is something you may find worth reading http://forums.techguy.org/t208517.html

Read other 2 answers
RELEVANCY SCORE 58.8

Yesterday, I mistakenly opened one shitty website that tried to install addons but failed cuz i got ublock origin, scriptsafe and https everywhere, it managed to block it i think and for the sake of trust i ran adwcleaner which found 4 threats, trovi trovi start up urls and avg... i did everything couldnt remove them and reinstalled windows now i installed google chrome agian ran adwcleaner and found the same things... what to do? help
 

Read other answers
RELEVANCY SCORE 58

HiI've recently had a problem with Avast - a popup keeps coming up telling me that a threat has been blocked, usually two in quick succession, even when I'm not browsing the internet. This happened immediately after I tried to open a torrent-downloaded avi file that my computer later identified as containing a virus. My computer is also sluggish and slow. However, avast cannot find any malware and neither can other cleaning programs I've tried. Can you help?CheersDom(I've included a screenshot so you can see the popup details - bottom left hand of the screen)

Read other answers
RELEVANCY SCORE 52.8

Hello I am posting this on behalf of my partners friend - He has asked me if I can get rid of all the spyware etc but I don't seem to be getting anywhere fast ! Here is the hijack this log from their laptop - Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:53:44 AM, on 1/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe
C:\WINDOWS\system32\ctfmona.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Common Files\SecurePCCleaner\mc.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.co.uk/broadband
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SD... Read more

Read other answers
RELEVANCY SCORE 52.8

Various spyware threats (Common Components for Claria, Advertising, Tracking Cookies) have been detected in my computer and I haven't been able to get rid of them yet. Here is my HijackThis report. Thank you for your time!


Logfile of HijackThis v1.99.1
Scan saved at 12:19:44 PM, on 1/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Norman\NVC\BIN\ZLH.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Norman\NVC\BIN\Zanda.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\... Read more

A:Various spyware threats

Nothing much showing in that log. I see you have Spybot, have you run Adaware? It's very effective against those issues. Let's run some tools and see what lurks.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should 'not' have any open browsers when you are following the procedures below.

Before attacking an adware/spyware problem with hijackthis make sure you have already run the following tools. Download and update the databases on each program before running. Ad-Aware? SE Personal Edition
*Note* For Ad-AwareSE also install the VX2 Addon Cleaner To run this tool once Adaware is updated click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK" , then, if something is found, click "Clean" as in the directions given. Click "Close", and exit Ad-Aware.
Spybot Search & Destroy
CWShredder

Download Ewido Security SuiteInstall Ewido Security Suite
When installing, under "Additional Options" uncheck..Install background guard
Install scan via context menu

Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.On the left hand side of the main screen click update.
Then click on Start Update.
The update will start and a progress bar will show the updat... Read more

Read other 6 answers
RELEVANCY SCORE 52.8

Good day all,

I have been getting trouble with my computer recently

These are the symptoms:
1) Long lags or hangups while using the system
2) An error with Windows Update (error code 80070002)
3) Roxio keeps asking me for a missing dll file called MSVCR71.dll

I have tried running Avast, Ad-Aware, Spybot, and CCcleaner but with no results.

I have some idea what the problem may be but I am a Novice at this and need some help.

there seems to be two possible suspects: something called Mirar and another thing called helpfultipstosave.dll

i am posting my Hijack This log.

Will appreciate the help guys

Thanks
~JM


Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 11:04:52 PM, on 07/02/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program File... Read more

A:Possible Spyware Threats

here are the contents of dds.txt


DDS (Ver_09-12-01.01) - NTFSX64
Run by Javed Mohammed at 22:01:09.51 on 08/02/2010
Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_18
Microsoft? Windows Vista? Ultimate 6.0.6002.2.1252.1.1033.18.6134.3209 [GMT -4:00]

SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
... Read more

Read other 3 answers
RELEVANCY SCORE 52.4

Want to protect my Pc from further internet threats and spyware. What shud i do ? also please check my Hjt log if its all ok please.

Logfile of HijackThis v1.97.7
Scan saved at 22:06:02, on 23/02/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\P331ZI98.EXE
C:\ARCHIVOS DE PROGRAMA\CREATIVE\SHAREDLL\CTNOTIFY.EXE
C:\ARCHIVOS DE PROGRAMA\USB FLASHDISK\UFD UTILITY 2003\UFDTOOL.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\STARTER.EXE
C:\ARCHIVOS DE PROGRAMA\USB FLASHDISK\UFD UTILITY 2003\UFDLMON.EXE
C:\ARCHIVOS DE PROGRAMA\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\ARCHIVOS DE PROGRAMA\CREATIVE\SHAREDLL\MEDIADET.EXE
C:\ARCHIVOS DE PROGRAMA\MICROSOFT OFFICE\OFFICE\FINDFAST.EXE
C:\ARCHIVOS DE PROGRAMA\ESCRITORIO INALáMBRICO LABTEC\MULMOUSE.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\ARCHIVOS DE PROGRAMA\ESCRITORIO INALáMBRICO LABTEC\MAGICKEY.EXE
C:\ARCHIVOS DE PROGRAMA\NETMEETING\CONF.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
F1 - win.ini: run=hpfsched
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 -... Read more

A:protection from net threats&spyware?

Read other 6 answers
RELEVANCY SCORE 52.4

Referred here from: http://www.bleepingcomputer.com/forums/t/206726/skfjkhcdcsh/ ~ OB
 attach2log.txt   11.19KB
  7 downloads
 Attach1log.txt   22.96KB
  3 downloadsHello,I have posted several steps in the process of removing antivirus 360, skfjkhcdcsh, stabilityscanonline, remove spyware threats, getveryluckytoday, and other pop-ups warning against virus detection, following your guidance under kat6576 Am I infected forum. I have just completed the latest instructions you provided - backed up data, then ran DDS. Attached are two logs. Please advise as to next steps. Also, a screen "My Computer" pops up repeatedly with "Warning: Your system and files may be damaged. Install a repairing solution to check and prevent crashes". It says "Items processed 18,942 and System Errors found 259" with option to click on Next or Cancel. I Before I can "x" out of pop-up another box appears with "Resident Shield Alert" in top panel, then "Accessed file is infected C:\Windows\system32\userinit.exe" and "Trojan Horse Downloader.21ob.AJYS". Then another pop-up "You have a security problem! Do you want to scan your computer for viruses?" Option buttons given "OK" or "Cancel". I always "x" out of screens. Only one of the pop-ups will not allow me to close out by clicking on "x" and that is the window or pop-up with the "My Computer" as indicated in the first line of this paragraph. Also, another pop-up just occured as I'm writing - it has a web a... Read more

A:Remove Spyware Threats

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for p... Read more

Read other 2 answers
RELEVANCY SCORE 52.4

Hello! I just want to make sure that I don't have any threats because I had some problems with my World of Warcraft account and they told me to secure my computer. Here are my logs:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:58 AM, on 2/17/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
H:\WINDOWS\PixArt\PAC207\Monitor.exe
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\Program Files\Common Files\Java\Java Update\jusched.exe
H:\WINDOWS\system32\rundll32.exe
H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
H:\Program Files\Pando Networks\Media Booster\PMB.exe
H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
H:\Program Files\Gigabyte\EasySaver\ESSVR.E... Read more

A:do I have threats like keyloggers or spyware?

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.



As mentioned in our preposting topic:

http://www.techsupportforum.com/f50/...lp-305963.html


Quote:




3. Uninstall the following via Add or Remove Programs in Control Panel:

p2p programs like uTorrent, Bittorrent, LimeWire, Morpheus, etc., as they are a major conduit for malware and a likely source of your current issues.






P2P - I see you have P2P software ( LimeWire ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, ... Read more

Read other 1 answers
RELEVANCY SCORE 51.6

Can you check my hijackthis log below...I can't tell which file I need to remove....it's driving me absolutely insane.Logfile of HijackThis v1.99.1Scan saved at 10:21:16 PM, on 8/1/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exeC:\Program Files\ewido anti-spyware 4.0\guard.exeC:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\ewido anti-spyware 4.0\ewido.exeC:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exeC:\WINDOWS\system32\devldr32.exeC:\Program Files\Internet Explorer\iexplore.exeC:\WI... Read more

A:Getting All Sorts Of Virus And Spyware Threats.

Hi mjm78mjmUninstall via add/remove programs (control panel)iMeshOpen HijackThis, click do a system scan only and checkmark this:O20 - Winlogon Notify: winpdc32 - C:\WINDOWS\SYSTEM32\winpdc32.dllClose all windows including browser and press fix checked.Please download the Killbox.Unzip it to the desktop.Please run Killbox.Select "Delete on Reboot" and "All files"Copy the file names below to the clipboard by highlighting them and pressing Control-C:C:\WINDOWS\system32\cool.exeC:\WINDOWS\SYSTEM32\winpdc32.dllGo to the File menu, and choose "Paste from Clipboard".Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, click here to download and run missingfilesetup.exe. Then try TheKillbox again..If your computer does not restart automatically, please restart it manually.Empty this folder -> C:\!KillBoxPlease do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes. The program will launch and then start to download the latest definition files.
Once the scanner is installed and the definitions downloaded, click Next.
Now cli... Read more

Read other 2 answers
RELEVANCY SCORE 51.6

Recently got this spyware threats detected. Ultimate defender ad. I don't want to buy that. I have already run AVG FREE scan, CCleaner, Spybot Search & Destroy and now Stinger is running a scan. Hopefully I will be able to extract the hijackthis setup file to run it next. I did not have it installed prior to. Whenever I try to install it, the window automatically closes so I can not continue. Also, google search for hijackthis would cause the explorer window to close. Any suggestions?

A:Windows Xp Pro--"spyware Threats Detected"

Go to the Hijack This file you downloaded. Right click on it and change the name to "Lasthopescan". Now see if it will install.Rogue Remover may get rid of this for you. http://www.malwarebytes.org/rogueremover.php

Read other 1 answers
RELEVANCY SCORE 51.2

I'm very IT literate, but this one has me stumped. Trying to fix my parents' computer. Their Windows wallpaper has been hijacked. It's now blue and says: "Warning: Spyware threat has been detected on your PC." I'm getting all kinds of fake pop-ups that "An Internet Attack was Detected" and that sort of thing. Now I know there are a bunch of messages on the net and in these forums about this problem. Here's my issue: All of the "resolutions" begin with either running SpyBot, or doing a HijackThis log... I can't run SpyBot. When I run the program, it goes to an hourglass and then that's it. I have zero internet access from Firefox, IE, or my Anti-Virus Live Update. But I can go to a command prompt and ping Google no problem. I ran a NAV scan (with the definitions I had) and it came back clean. The Task Manager has been disabled. I was able to install AdAware and run it, but again, I can't do any program updates whatsoever. System Restore was turned off so that's not an option either.

I'm at a bit of a loss here. Without being able to run any programs, not sure how the heck to begin trouble shooting this problem. Any recommendations?

A:Wallpaper hijacked, fake Spyware threats

Some types of malware will disable security tools. If they will not run, try renaming. Right-click on the program and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If ... Read more

Read other 3 answers
RELEVANCY SCORE 51.2

 DDS LOG.zip   7.16KB
  3 downloads

A:Hacked PC! Possible threats spyware, malware, trojans.

Hi there,
my name is Marius and I will assist you with your malware related problems.
Before we move on, please read the following points carefully.
First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
 
 
 
 
Please post up C:\combofix.txt and add the attach.txt from DDS as well.

Read other 2 answers
RELEVANCY SCORE 51.2

ok first of all im so glad i found your site because searching through glossaries and all that is just too frustrating, its best to talk to a human (even if it is through a computer ). OK... i have Microsft AntiPyware Beta1 installed on my computer which i updated just before because of the new year and all, and i did i deep system scan and it turned up a few threas so i got rid of them and rebooted right. when i rebooted and came to the desktop my hdd file opened up all by itself, why did it do this, i rebooted again and it did the same, i dont know why it is doing it. ok so i updated the components on the anti spyware prgram and did another full system scan because i had pop ups trying to install things on my computer, but it did not find any threats. i know there is some sort of adware or something on my computer because i have links in my favourites bar that i did not add and cannot be deleted, some of them include travel, shopping, online gambling, adult match maker, etc. and when i go to a website or even just start up internet explorer another window pops up with an ad for onlinegamling casinos and stuff, it doesnt look like a pop up because it had a url at the top of the page and it looks like i have just opened it up myself.

another one is when i click on the favourites bar and try to delete the links that i did not add and do not want, a pop up comes up which is blank and it has a yellow bar at the top which says "active-x control is trying to install ....... Read more

A:Anti Spyware Programs Not Detecting Threats!

Hello and welcome to BC.You might want to address this issue to the HJT Team. The HJT Team is very successful in my opinion.Heres the link to get started on the proper procedures to post a HiJack This Log:http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Read other 2 answers
RELEVANCY SCORE 50.8

I am receiving trendmicro pc-cillin alerts of blocked attempts for the following viruses/spyware:

ADW SAHAGENT.M infected file - C:\windows\sahagent-1002.exe
SPW VT BOUNCER A infected file – C\windows\system32\ffinst.exe
ADW GAINJ infected file – C:\windows\downloaded program files\hdplugin1018.dll
ADW VITUMONDO.D infected files C\windows\system32\akcore.dll and C\windows\system32\akupd.dll

PC-Cillin & Microsoft spware scans have detected threats and cleaned them, but these keep reappearing. How can I clean them for good?
Thanks
Here’s the HijackThis log:
Logfile of HijackThis v1.99.0
Scan saved at 10:47:11 AM, on 4/14/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\BCMSMMSG.exe... Read more

A:Multiple spyware/virus threats detected by PC-Cillin

Read other 15 answers
RELEVANCY SCORE 50.8

My comp is spamming internet explorers, and spyware threat notices and i cant stop it and i thought it changed my backround but it was just a picture that poped up and i cant get it to stop and i have run the norton anti spyware from google toolbar 2 times and panda titanim to times and deleted all spyware and anything else that looked threatening but i still cant get it to stop. any ideas of anti spyware stuff or anythign that will get it to stop

sombody told me to run hiackthis and here is what i got from it
Logfile of HijackThis v1.99.1
Scan saved at 8:56:49 PM, on 10/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\lxczcoms.exe
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsCtrls.EXE
C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsr... Read more

A:Getting error messages, spyware threats, and spams of ie i ran hijackthis

Read other 8 answers
RELEVANCY SCORE 49.6

I made an error in judgement yesterday and now my computer seems to have an infection. There is a blinking yellow triangle in my system tray that has an attached bubble claiming,

"System Alert: Malware threats - Your computer is infected with a back door Trojan that allows the remote attacker to perform various malicious actions. Click this baloon to download malware removal software."

This alert pops up every minute or so. I'm also getting a critical Alert saying I'm infected with something called Cyberlog-X. I ran Ad-aware, Norton-Antivirus, Spybot S & D and AVG anti spyware (I ran AVG in safe mode). I also ran ActiveScan and saved the report.

Below, I wil paste my current Hijak This Log, my AVG Anti-Spyware - Scan Report, and my Activescan report.

Reports:

Hijac This:

Logfile of HijackThis v1.99.1
Scan saved at 11:46:14 AM, on 11/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program... Read more

A:Solved: PSW.X-VIR Trojan, Malware Threats, Spyware.cyberlog-X and other Spy/Adware infections

Read other 10 answers
RELEVANCY SCORE 48.8

Can some one please help me out with this problem i woke up this morning and turned on my computer and i started getting these SYSTEM ALERT: MALEWARE THREATS saying that my computer is infected with a back door trojan that allows the remote attacker to perform malicious actions and when i try to go on the internet it goes to this IESECURE web page and it say they ran a scan and i am at risk,also i keep getting these porno pop ups and i dont no were they came from because i have pop up alert when i try to report abuse it say that some body downloaded to watch free videos and i pay with the pop ups

so i went to best buy and bought a spy ware and anti virus program because i didnt have ne protection the program i bought was TREND MICRO internet security and i ran all the scans i caught some trojans then i deleted them and i had like 120 spy ware things infected if some body can please help me out i would really like it

thank you
 

A:HELP:iesecure, maleware threats and constint back door virus threats

Read other 9 answers
RELEVANCY SCORE 47.2

If malwarebytes found threats and i delete all the threats will it broke my pc?

A:If malwarebytes found threats and i delete all the threats will it bro

Hi,
Depends it doesn't look like it did yet ?
See this,
Malwarebytes Anti-Malware Free

Read other 7 answers
RELEVANCY SCORE 46.4

4/15/11 6:34 AM On April 14 2011 , at 4:57 am an email was sent from a gmail account of mine to my contacts, this email was spam. Luckily that account is only used to sync my android contacts so i only had 15 emails in it. But the problem is that i last logged into gmail on April first and prior to that in February. I logged in using my laptop. Google gave me the ip from where the account was accessed and sent the spam (Mobile United States (24.184.227.216) Apr 14 (1 day ago) Browser United States (24.184.227.216) Apr 14 (1 day ago) ). But i dont understand how this could have happened, i do not go on un-trusted sites, i dont do anything that would give me a virus, and i scan regularly. Ive never had a virus in 3 years.Ive scanned my laptop with over 5 anti-virus and spyware etc software and the only thing that was found was a java security threat (http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Exploit%3aJava%2fCVE-2010-0094.AF&threatid=2147640413) that Microsoft essentials found and removed..since yesterday morning, ive changed all my passwords using my mobile phone and have not logged in on anything on this laptop other than cnet.What do i do now to make sure nothing is left and is there a way to find out if it was my laptop that was the security risk..Also to note, the spam was only sent to 10 out of 15 people..Why? And if this person did get a hold of my gmail password from that one login, why did he not send spam using my facebook or hot... Read more

A:help with finding malware,spyware

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 32 answers
RELEVANCY SCORE 46.4

Over the last few weeks I've had issues with system performance and recurring spyware. I posted a request for help under the heading of "Catroot". I was led through a series of actions and at first the problem didn't seem fixed but after 5 minutes of tweaks it seemed to return to normal.

Yesterday some of the problems that I originally had returned; most notable are mouse skips, slow keyboard response and repetitive SUPERAntiSpyware scans reveal new spyware. The scan finds any ware from 2 to 3 hits to as many as 20+. I remove, reboot, and rescan and I'll get a clean report. If I scan an hour later it will return new hits if I've returned to the net but won't find anything if I've remained off the net.

I've run misc tools I've found in the download section of this website but I guess I don't know as much about their use as I thought, because I still have the problem.

Could someone please take me through some basic steps to help identify my problem?

Thank you!
-Beans

A:SUPERAntiSpyware keeps finding spyware

Can you post Super log so we can see what's there?

Read other 5 answers
RELEVANCY SCORE 46.4

Hi,

I'm fairly certain I've got Spyware as storyboarded with .jpgs in the attached Word document. (Doesn't look like Doc will attach - "Generic Host Process for Win32 Services has encountered a problem" followed by a countdown to shutdown on account DCOM Server Process. There is also a similar error on account of LSASS.exe) My IT department are threatening to remove my PC which I really don't need. Would love to get it sorted if anyone can help? A scan with Symantec and Adaware uncovers nothing. Here's a posting from hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 15:43:19, on 26/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskswitch.ex... Read more

Read other answers
RELEVANCY SCORE 46.4

This is my moms computer, and this is what she's told me. She can't get any webpages to work because they stop responding, so I have to post for her.

"nothing responds like excel, outlook, word, AIM. have to keep shuttin down and trying again. nothing works. Outlook i can read maybe 2 -3 emails then it doesn't respond.Ewido has done the most as far as the adware and spyware. MS sucks. still can't run SpyBot in regular mode. "

She's going crazy, and neither of us can find whats wrong. Please help!!
Logfile of HijackThis v1.99.1
Scan saved at 9:38:27 PM, on 4/25/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\wfxsnt40.exe
C:\PROGRA~1\WinFax\WFXSWTCH.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\WinFax\WFXCTL32.EXE
C:\Program Files\U.S. Robotics\ControlCenter\Reminder.exe
C:\Program Files\Kodak\Kodak EasyShare s... Read more

A:Programs keep finding spyware, They won't go away!! HJ Log

Read other 9 answers
RELEVANCY SCORE 46.4

i have some good up to date anti spy / virus programs, but my question is if there is anything out there that will tell me what causes the spyware, even if i have to manually run each program or mp3 and then it will flag it saying that mp3 releases a spyware cookie or something... i hope i explained that well enough, if anyone knows of a program that has similar features please let me know, thank you
 

Read other answers
RELEVANCY SCORE 45.6

I am working on a computer next door to my home, and that computer is on dialup. It is relatively new, but has become infected with much spyware/many programs that open automatically when the computer opens. Many popups.What is a good program taht I can download here on my high speed connection and take over there to see what needs to be removed?Also, I have been on some of these forums that people have run a program and it copied the entire registry, and then they would post the registry online and someone would tell them what would need to happen. If you give hte name of that program as well, I'll copy that registry and put it up here for y'all do discect.Thanks.JeremyMod Edit: Topic moved to a more appropriate forum.

A:Need Help Finding Spyware On Next Door Computer

Have you tried Ad-Aware SE by Lavasoft? Might also want to check out Spy-Bot SD. This will help remove a lot of the spyware that might be there. My wife inadvertantly installed a program that secondarily installed a whole bunch of crap on her computer, I was able to run both of these programs in Safe-Mode and get rid of a bunch of it. I believe the registry program that you are referring to is Highjackthis. Which can be found here:http://www.spywareinfo.com/~merijn/programs.phpAnother good resource that you might want to run is a Panda Active Scan which can be found here:http://www.pandasoftware.com/activescan/cj/ascan_2.aspHopefully this will get you started. Good luck, Let us know how you make out..

Read other 10 answers
RELEVANCY SCORE 45.6

I have a friend's laptop Gateway running XP PRO - 1 meg RAM.

I have scanned it several times with Avast and there are over 2000 items I cannot remove because they are are in password protected files or folders. I know the gal who owns the computer very well and she couldn't begin to protect a folder.

the computer runs very slow, especially when on the Internet. I have tried to access Trend Micro Housecall & the computer will not complete the initial install. This is true for several others files I have tried to download. They get about 95% complete and stop.

Any suggestions? Sure would appreciate some assistance here!

TIA for you help,

Mark

In the meantime I will attempt to get a HJT log
 

A:Difficulty finding Malware & spyware - Help

HJT Log:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 4:22:15 PM, on 10/4/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system3... Read more

Read other 2 answers
RELEVANCY SCORE 45.6

hi, i'm new here, i have read the guidelines but i still might miss something i should include. i have used spybot to clean up spyware for years now. within the last few months, the program stopped finding problems at all. at first i thought it just meant my internet practices were good. it just seems suspicious to me that it stopped working, and i have used ad aware in its place-but that doesn't find any problems either. i stream video and download torrent files regularly, i am just wondering if someone can help me find a way to check my computer to make sure it's ok. i will post my logfile and if anyone needs me to explain or add information..just write back. thanks in advance!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:19:26 PM, on 10/02/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v7.00 (7.00.6001.18000)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\system32\taskeng.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Windows\OEM02Mon.exeC:\Windows\System32\WLTRAY.EXEC:\Program Files\Dell\MediaDirect\PCMService.exeC:\Program Files\Winamp\winampa.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exeC:\Progra... Read more

A:spyware programs not finding any problems...ever?

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until instruc... Read more

Read other 2 answers
RELEVANCY SCORE 45.6

Ok, here is the hijackthis logfile.Thanks!Logfile of HijackThis v1.99.1Scan saved at 2:04:38 PM, on 2/28/2007Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\windows\system\hpsysdrv.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\wanmpsvc.exeC:\WINDOWS\System32\hkcmd.exeC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeC:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exeC:\HP\KBD\KBD.EXEC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\QuickTime\qttask.exeC:\PROGRA~1\VISION~1\OneTouchMon.exeC:\WINDOWS\System32\c8d97391.exeC:\WINDOWS\System32\rundll32.exeC:\Program Files\Real\RealPlayer&#... Read more

A:Need Help Finding Spyware On Next Door Computer

Welcome Jeremy James Download ATF Cleaner by Atribune:http://www.atribune.org/ccount/click.php?id=1Double-click ATF-Cleaner.exe to run the program.Click 'Select All' found at the bottom of the list.Click the 'Empty Selected' button.If you use Firefox browser, do this also:Click Firefox at the top and choose 'Select All' from the list.Click the 'Empty Selected' button.NOTE: If you would like to keep your saved passwords,please click 'No' at the prompt.If you use Opera browser,do this also:Click Opera at the top and choose 'Select All' from the list.Click the 'Empty Selected' button.NOTE: If you would like to keep your saved passwords,please click 'No' at the prompt.Click 'Exit' on the Main menu to close the program.*****************************Download and run Fixwareout from the link below: http://www.bleepingcomputer.com/files/lonny/Fixwareout.exeAfter the reboot post the contents of the logfile C:\fixwareout\report.txt in your next reply.Also post a new Hijackthis log please.

Read other 12 answers
RELEVANCY SCORE 45.6

I am running Vista and my virus protection is CA Anti-Virus and CA Anti-Spyware.
A day or 2 ago, I got a message pop up (think it was through Windows security, but not sure) saying that a program had stopped running and it was due to a known trojan and suggested I run a virus scan asap. I closed everything and ran the Anti-Spyware which found and removed a number of items, then I did a complete system scan using CA Anti-Virus but nothing was found.
Now, however, when I start up the computer my security center is not in the task bar at the bottom as usual and when I open it up it says it needs attention and that I need to Enable Anti-Spyware Real-time protection. I enable this straight away and it seems to stay enabled until the computer is shut down again ? obviously something is disabling it on start-up.

When I do a scan with Anti-Spyware it keeps finding SillyDl EWW, which it says is a medium threat downloader. It also finds a number of other items that vary, usually low threat tracking cookies ? some of the names are MyGeek and DoubleClick. The program quarantines them and then deletes them, but it only quarantines the SillyDl and I have to delete it from quarantine myself, but it seems to keep reappearing each time I do a scan.
I am also getting a pop up occasionally saying that A.exe has stopped working and as this has only been happening since the original pop up, I'm assuming it is related.

*edit* just restarted the computer again and as well as Anti-Spyware fi... Read more

A:Anti-Spyware keeps finding SillyDl EWW

We Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

Read other 7 answers
RELEVANCY SCORE 45.6

I run:
AMD Athlon 64 2.40 GB
512MB RAM
Windows XP (SP2)
80 GB hard disk

It's been intermittently running slow. Crtl-Alt-Delete > Performance will show CPU usage at 99%-100%. I ran XoftSpy which came up with the following threats or high threats.
Vendor / Type / Category / Object

CWS.Googlems / Registry Value / Malware / Software\Microsoft\Internet Explorer\main/search bar

VX2 / Registry Value / BHO / Software\Microsoft\Internet Explorer\toolbar\webbrowser

1st Alert 1.3 / File / Carding / C:\File_Id.diz

Haxdoor / File / Trojan / C\WINDOWS\system32\w32tm.exe (High Threat)

EPS E-Mail Password / Sender File / Password Capture / C:\What’sNew.txt

Tracking Cookie File / Data Miner / C:\Documents and settings\first user\cookies\first [email protected]

What is the best way to deal with them? I could buy a XoftSpy licence for $40, but I am asking this question because every anti-virus or spyware programme seems to pick up different issues, so will any one safeguard me? Can I get rid of these without buying a licence, and what is my way forward? Thanks.
 

A:Threats and High Threats on XoftSpy

Read other 9 answers
RELEVANCY SCORE 45.2

Below is a copy of my Hijack This log. I have ran spybot, ad-aware, and trend micro virus software and none of those is finding anything, but I am getting pop-ups and IE is erroring out with unexpected errors causing me to believe something funny is going on here. Any help you could give would be very much appreciated Thanks.Logfile of HijackThis v1.99.1Scan saved at 12:11:49 PM, on 10/11/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\igfxtray.exeC:\WINDOWS\System32\hkcmd.exeC:\WINDOWS\system32\ps2.exeC:\Program Files\iWare\iWare Mouse\3.2\MOUSE32A.EXEC:\Program Files\HP\hpcoretech\hpcmpmgr.exeC:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\BroadJ... Read more

A:Hjt Log Spybot/adaware Not Finding Anything But Spyware Is Here Somehwere

Please download SmitfraudFix (by S!Ri)Extract the content (a folder named SmitfraudFix) to your Desktop.Open the SmitfraudFix folder and double-click smitfraudfix.cmdSelect option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present). We?ll get them next step.Please copy/paste the content of that report into your next reply.Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.http://www.beyondlogic.org/consulting/proc...processutil.htm============================Download AVG Anti-Spyware from http://www.ewido.net/en/download/ and save that file to your desktop.When the trial period expires it becomes feature-limited freeware but is still worth keeping as a good on-demand scanner.1. Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double click it to launch the set up program.2. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.3. On the main screen select the icon "Update" then select the "Update now" link.o Next select the "Start Update" button. The update will start and a progress bar will show the updates being installed.4. Once the update... Read more

Read other 5 answers
RELEVANCY SCORE 44.8

Super-Anti Spyware has been freezing..my computer is running slow.  Have ran Malwarebytes, It finds nothing.  

Read other answers
RELEVANCY SCORE 44

i had just recently had a virus on my computer. i believe the name of it was av security suite. i had a hard time getting rid of it because i had no idea what to do, but i looked it up on the internet and i figured it out:) anyways i'm just writing because i need to find a good virus/trojan/spyware program that is free and don't have any viruses. i need some recommendations because if i do a search on the internet i wouldn't have no clue which one to download. thanks.

A:[SOLVED] i need help finding a good virus/trojan/spyware program for my xp computer??

If you are looking for a free anti-virus -

Avira
http://www.free-av.com/

AVG
http://free.avg.com/us-en/homepage

Avast
http://www.avast.com/free-antivirus-download

As for a subscription one where you have to pay.. I have to recommend ESET.
http://www.eset.com/

I personally use Avira.

Hope that helps,

-Coolfreak

Read other 14 answers
RELEVANCY SCORE 42

As the title said, AVG 2014 (free version) detected 10 threats, but I'm pretty sure they are not threats, so I want to check with someone who actually knows what he/she's doing. I tried to google them, came up with no results. I have Windows 8.1. The report is below. Thank you!
 

Scheduled Scan

 

 

 

 

 

 

 

High priority;"10";"0";"10"

 

 

 

 

 

 

Folders selected for scanning:;"Scan whole computer"

 

 

 

Started:;"2014-02-27, 11:14:00 AM"

 

 

 

 

 

Finished:;"2014-02-27, 11:33:26 AM"

 

 

 

 

 

Total object scanned:;"352504"

 

 

 

 

 

User who launched the scan:;"SYSTEM"

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Name;"Description";"Result";"Status";"Priority"

 

 

 

 

C:\Program Files\WindowsApps\Deleted\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe51269377-c1e2-42d0-ad49-aa267... Read more

A:AVG detected threats, but I'm not sure they are really threats

The JS file type is primarily associated with JavaScript.When a browser runs an applet, the Java Runtime Environment (JRE) stores the downloaded files into its cache folder for quick execution later and better performance. Both legitimate and malicious applets (malicious Java class files) are stored in the Java cache directory and your anti-virus may detect them as threats. The detection can indicate the presence of malicious code which could attempt to exploit a vulnerability in Java which could be used to allow adware, phishing programs or other types of fraudulent software to be installed on a computer. For more information about Java exploits, please refer to Anti-Virus has detected a virus. Is it related to Java?.In your case, these .js files appear to be stored in the WindowsApps folder found on Windows 8.Notification of these files as a threat does not always mean that a machine has been infected; it indicates that a program included the viral class file but this does not mean that it used the malicious functionality.

Read other 4 answers
RELEVANCY SCORE 37.2

I have PeoplePC as my dial-up ISP and as of late there have been problems that have been happening more and more frequently that have made my surfing experience very unfriendly.

Half the time I go to send an email using my Outlook Express there will be a delay of anywhere from 15 to 30 or more seconds while it says something about CONNECTING or FINDING host. Eventually... It will send the email.

Same thing when surfing. Sometimes I will click on a link and NOTHING will happen. No hourglass... absolutely nothing and then finally, the page will start to load in.

Now... It's not a case where the page is slow to load after it is found. It seems like my PC has all this damn searching to do to find the damn site. I am very frustrated over this.

Some would suggest that this is part of the reality of having a dial-up connection but I have had dial-up for over 7 years and have had nothing like this occur nor as often.

Does this sound like it's an ISP issue? Or my PC? especially the email issue where it waits for sometimes up to 45 seconds while it looks for the host.

Just wondering if changing my ISP will fix this?

Thanks in advance

DAVID
 

A:Finding Server... Finding host (enough already)!

Most likely changing your ISP will be the best solution. Is Broadband available in your area??
 

Read other 1 answers
RELEVANCY SCORE 33.6

Ive ran almost every anti malware. Ive ran malwarebytes, tdsskiller, and superanti spyware none of them found any threats. I know the malware is there on the pc because its vista sheild is still on top of all of the antimalware that I have. I ran a essetscan to make sure it wasnt just me and this is the results it came back with. Could someone please take a look at this and tell me what I need to do. Thank you

C:\Program Files (x86)\HP Games\Farm Mania\Farm-WT.exe a variant of Win32/Kryptik.SH trojan
C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll Win32/Toolbar.Zugo application
C:\ProgramData\WildTangent\528821fe-58e4-439c-81de-49f36a16aa12-extr.exe a variant of Win32/Kryptik.SH trojan
C:\Users\All Users\WildTangent\528821fe-58e4-439c-81de-49f36a16aa12-extr.exe a variant of Win32/Kryptik.SH trojan
C:\Users\Wykia\AppData\Local\Temp\0.9499783313487915.exe a variant of Win32/Kryptik.PIG trojan
C:\Users\Wykia\AppData\Local\Temp\is1972027439\zgInstaller.exe Win32/Toolbar.Zugo application
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\116c51d8-64fac990 a variant of Java/TrojanDownloader.Agent.NAD trojan
C:\Users\Wykia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\64414e83-3a6f3963 a variant of Java/Agent.BR troj... Read more

A:HELP!!!! How Do I get rid of these threats

Hello, what is your Operating System? What version of JAVA,if any, is running?Go into Control Panel>Add Remove Programs. Be sure the 'Show Updates' box is checked. Go down the list and tell me what Java applications are installed and their version. (Highlight the program to see this).VISTAWhat version of JAVA is running?Go into Control Panel> Programs > Uninstall a Program. Go down the list and tell me what Java applications are installed and their version.

Read other 4 answers
RELEVANCY SCORE 33.6

bought a laptop and have d/l spybot and ad aware and super anti spyware done scans found nothing ..
i would like someone to assess my log of hijack this to check for nastys please.
can u answer even if nothing to worry about many thanks in advance

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:37:35, on 27/04/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thetechguys.com/welcome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fw... Read more

A:need help please with threats

Its fine.No problems seen.

Read other 1 answers
RELEVANCY SCORE 33.6

Hi,
 
I tried to download Backyard Baseball from the internet and ended up downloading a bunch of virus's. Can someone help me scan my computer and fix my computer.
 
Thanks

A:1,500+ Threats

Please download and use the following tools (in the order listed) which will search for and remove many potentially unwanted programs (PUPs), adware, toolbars, browser hijackers, extensions, add-ons and other junkware as well as related registry entries (values, keys) and remnants.RKill created by Grinler (aka Lawrence Abrams), the site owner of BleepingComputer.AdwCleaner created by Xplode.Junkware Removal Tool created by thisisu.1. Double-click on RKill to launch the tool. A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully. A log file will be created and saved to the root directory, C:\RKill.log. Copy and paste the contents of RKill.log in your next reply.Important: Do not reboot your computer until you complete the next step.2. Double-click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select Run As Administrator.Click on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.After reviewing the log, click on the Clean button.Press OK when asked to close all programs and follow the onscreen prompts.Press OK again to allow AdwCleaner to restart the computer and complete the removal process.After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.Copy and paste the contents of that logfile in your next reply.A ... Read more

Read other 4 answers
RELEVANCY SCORE 33.6
Q: threats

I downloaded jigsaws puzzles from a site called softonic site and while i was half way downloading got a message error. so i deleted it and tried again same thing happen.

i then deleted it completely since then i got problems with my computer .

I have full computer security with avg, they came up after my scaning whole computer alot threats which have been put in a vault.name of threats are
corrupted executable file .. c:\users\marianne\appdata\local\threat its EID_PE_is corrupted ( x2)
unknown .. c:\marianne\appdata\local threat
adware adinstaller.astrome .. c;\adwcleaner\quarantine\c\ users\ adminstaller astromenda
Found Malsign.open candy 7..c:adwcleaner\quarantine\c\user its open candy
potentially harmful program..c:\marianne\appdata\local\threat its downloader

also there is c:\program files (x86) with my other list of files i have never seen before.
my computer is not working properly .
is there anyone who can tell me how ro get rid of all these threats and get my computer back to it normal working
thanks
 

A:threats

Downloading and using software from the Softonic site is a good way to infest your computer with malware, spyware, etc..

------------------------------------------------------------

Go here, then click the large blue "Download Now @ Bleeping Computer" button to download and save AdwCleaner.exe to your desktop.

Close all open windows first, then double-click AdwCleaner.exe to load its main window.

Click the "Scan" button, then allow the scanning process to finish.
(Note: There may be several seconds delay before the progress bar appears, so be patient.)

Click the "Clean" button, then click "OK".

Allow the cleaning process to finish.

When it's finished, click "OK" in each window that appears.

The computer will restart.

When the log appears during restart, save it.

Return here to your thread, then copy-and-paste the ENTIRE log here.

------------------------------------------------------------
 

Read other 3 answers
RELEVANCY SCORE 33.6

Hi guys well three days ago i noticed that the gals computer was getting loads of pop ups so i thought i would remove them so that the computer was back to a good state of health. Well i started to do this so i ran ADAWARE, SPYBOT, HIJACKTHIS and even my antivirus. ALL of the programs were updated before i executed them. I got loads of reports so i clicked on the fix button on each. Then when i rescaned the PC using all utilities every report was shown again. None of the programs removed any of these threats. So i booted into safe mode without networking and ran the scans again and all of the reports were still there, so i removed them again whilst in safe mode. I rebooted the PC back into safe mode and ran them again and everyone of the threats appeared again in each program. I Have done this fro three days now and none of them will remove from my computer and i was wondering of anyone could help me please. Here is a log from HIJACKTHIS, ADAWARE AND SPYBOT. Hope this helps.

WINXP HOME SP2

here is the HIJACKTHIS LOG

Logfile of HijackThis v1.97.7
Scan saved at 09:30:17, on 07/12/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsof... Read more

A:PC Threats????

Read other 16 answers
RELEVANCY SCORE 33.6

Hi,

My PC is infected with the following.

Email-Worm.Brontok.Q
Backdoor.Hupigon.GEN
Trojan-Downloader.Agent.BNZ
Exploit.Java.ByteVerify

Iam new to fixing spyware etc.
Please help me out.

Thanks.

A:Pc Threats

It says, the path of the file is
C:\DOCUMENTS AND SETTINGS:\NETWORKSERVICE\MYDOCUMENTS\My Pictures\about.Brontok.A.html

Read other 15 answers
RELEVANCY SCORE 33.6

I finally got around to doing a full system scan with Avast last night (I normally just use Trend Micro's Housecall) and it lists the following possible Malware Threats which Avast cannot repair:
[...]\AppData\roaming\iexplore.exe
[...]\AppData\Roaming\AL3LMLANQKR9Ysxchost.exe
[...]\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\26cf1eb5-7155df9b

I got Kaspersky's TDSSKiller to get try to get rid of them, but it has detected 0 threats the 3 times I've run it. Is Avast just being over-protective, or is this something beyond TDSSKiller's capabilities?

Here is my system info:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 6040 Mb
Graphics Card: Radeon (TM) HD 7670M, 1024 Mb
Hard Drives: C: Total - 692402 MB, Free - 18129 MB; D: Total - 22697 MB, Free - 2412 MB; G: Total - 98 MB, Free - 72 MB;
Motherboard: Hewlett-Packard, 1840
Antivirus: avast! Antivirus, Updated and Enabled
 

A:Possible Threats

Read other 16 answers
RELEVANCY SCORE 33.6

I'm helping some friends with their computer that they did NOT have anti virus software running on and the free virus scan from Symantec returned the following list of threats:

C:\WINDOWS\snbho.exe is infected with Adware.IEPlugin
C:\WINDOWS\systb.dll_tobedeleted is infected with Adware.IEPlugin
C:\WINDOWS\SYSTEM32\exul3.exe is infected with Adware.BargainBuddy
C:\WINDOWS\SYSTEM32\msbe.dll is infected with Adware.Bullseye
C:\WINDOWS\SYSTEM32\mscb.dll is infected with Adware.CashBackBuddy
C:\WINDOWS\SYSTEM32\nvms.dll is infected with Adware.NaviSearch
C:\WINDOWS\Downloaded Program Files\imgSizer.ocx is infected with Adware.DelFin
C:\Program Files\HomelandNetwork\HomelandNetwork.exe is infected with Download.Adware
C:\Documents and Settings\Jason Melendez\Local Settings\Temp\upd2C9.tmp is infected with Download.Adware
C:\Documents and Settings\Jason Melendez\Local Settings\Temp\UpdatedUpdaterInstall.exe is infected with Adware.Incredifind
C:\Documents and Settings\Jason Melendez\Local Settings\Temp\~DlfnTmp0\imgSizer.ocx is infected with Adware.DelFin

Can someone assist me in ridding their computer of these threats? I installed an anti virus program since and have updated it for virus definitions.
I would put HJT on their computer but it is pitifully slow at the moment, probably due to all the garbage on it, so wanted to wait until some of the junk has been cleaned up first.
Thanks to all of you at this fantastic help site.
 

A:11 threats I need to get rid of

goto website below and download AD-AWARE SE , SPYBOT , SPYWARE BLASTER.
http://www.majorgeeks.com/
 

Read other 2 answers
RELEVANCY SCORE 33.6

i get a popup from limewire and java when i dont even have limewire or java installed...here is my latest hjt logfile:



Logfile of HijackThis v1.99.1
Scan saved at 7:05:32 PM, on 7/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Documents and Settings\Compaq_Owner\Desktop\Spyware tools\ewido anti-spyware 4.0\ewido.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Documents and Settings\Compaq_Owner\Desktop\Spyware tools\ewido anti-spyware 4.0\guard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\outlook\outlook.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:... Read more

A:possible threats...

Hi and welcome to TSF.

My handle is TexRanger, and I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to Subscribe to this thread by clicking Thread Tools then subscribe to this thread so that you are notified when you receive a reply.

Please be patient with me during this time.

Read other 4 answers
RELEVANCY SCORE 33.6

I am using Windows Vista Home Premium

I was scanning my computer with NOD32 and soon it gave me a message saying that my computer is infected by Win32/GreyBird Trojan. I read the description and I beleive it was one of the System Volume Information\_restore..... .DLL that was infected so I deleted it. However, those infected DLL's just keep coming and soon I was too afraid to continue to delete these DLL and stopped.

Here is a Log of the NOD32 before I stopped it and a Log of HiJack This
Please help....how may I fix this?

NOD32 Log

Scan performed at: 20/01/2008 10:28:12 AM
Scanning Log
NOD32 version 2807 (20080119) NT
Operating memory - error opening [4]
Operating memory - error opening [4]
Operating memory - is OK

Date: 20.1.2008 Time: 10:29:10
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:
C:\hiberfil.sys - error opening (File locked) [4]
C:\pagefile.sys - error opening (File locked) [4]
C:\Boot\BCD - error opening (File locked) [4]
C:\Boot\BCD.LOG - error opening (File locked) [4]
C:\Downloads\NBA Live 08 [English][PS2DVD][WwW.GamesTorrents.CoM]\st2-nbal08.rar »RAR - next archive volume not found
C:\Downloads\SimCity.Societies.Update.Patch-TBS\simssoc.nfo.rar »RAR »SCS_10016_DP1.exe - next archive volume not found
C:\Downloads\The Sims Carnival SnapCity [English][PC][WwW.GamesTorrents.CoM]\rld-snap.rar »RAR »rld-snap.bin - next archive volume not found
C:\Downloads\The_Simpsons_Game-USA-WII-PreCiSiON\pcn-simp.part001.rar »RAR ... Read more

A:AVG scanned over 90 threats! Please Help

Read other 12 answers
RELEVANCY SCORE 33.6

Hi all,

Im wandering if after a factory restore of my laptop running XP if viruses and adware would still be on the drive after the restore?
 

Read other answers