Over 1 million tech questions and answers.

Malwarebytes scan & result ... what action to take?

Q: Malwarebytes scan & result ... what action to take?

I have just run a Malwarebytes (free version) scan, and get one potential problem as per the image below.

It refers to a tool I downloaded & used to display the Windows key for my Win 8.1 installation

Is this tool a potential security threat?

Preferred Solution: Malwarebytes scan & result ... what action to take?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Malwarebytes scan & result ... what action to take?

If it is this one:
ProduKey - Recover lost product key (CD-Key) of Windows/MS-Office/SQL Server

don't worry. Nirsoft produces some of the best small Windows utilities around. The developer has an excellent reputation. I have used many of them for years without issues.

Read other 3 answers

Hiya All

Happy Easter.

I ran Malwarebytes yesterday as PC not right.Results of 15 objects found.Can someone please explain them or advise further?

Malwarebytes' Anti-Malware 1.36
Database version: 1966
Windows 5.1.2600 Service Pack 3

11/04/2009 20:23:50
mbam-log-2009-04-11 (20-23-50).txt

Scan type: Full Scan (C:\|F:\|)
Objects scanned: 130528
Time elapsed: 1 hour(s), 17 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 11
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

A:Malwarebytes scan result


We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a

Having problems with spyware and pop-ups? First Steps

link at the top of each page.


Please follow our pre-posting process outlined here:


After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please start a new thread in our Virus/Trojan/Spyware forum along with the required logs

Read other 1 answers

Every time I run a Malwarebytes scan I get the same result, as per the attached screenshot.

Can anyone advise me (1) if there is a problem, and (2) how to get rid of the offending result permanently?
(I have blanked the XXXXXX part of the result - it is just my PC user name)

A:MalwareBytes: Same result every time I run the scan

See this::
Remove PUP.Optional.DownloadSponsor.A (Removal Guide)

Read other 4 answers


This is the second time I've been hit with one of these rogue trojan dealies. I vanquished the "Security Suite" one a few months ago buy following the instructions (Rkill, malwarebytes) and those worked like a charm!

I've been following the instructions on how to get rid of "Anti Virus Action"

1. I went into Safe Mode.
2. I downloaded Rkill and ran that (no results for stopping anything, but thats what happened the first time I used it to get rid of the "security suite" trojan)
3. Then I uninstalled and reinstalled and updated Malwarebytes. I have run the full scan 3 times today. Each time it comes up with "no results"!!

I am not sure where to go from here. Are there other steps I need to take? Or are there other programs I can use?

A:Anti-Virus Action: Malwarebytes scan comes up with no results!

Have you run steps 18,19 & 20 ?? Very important.Is this XP??Please post the MBAM log.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Next run ATF and SAS: If you cannot access Safe Mode,run in normal ,but let me know.Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the a... Read more

Read other 3 answers

The Intel Driver & Support Assistant said that it had an update: Intel® Graphics Driver for Windows* [15.40]. When I did a scan with the Lenovo Companion app, it said there were no updates available. Why the difference of opinion betwee the two apps?

Read other answers

The past few days, I have been having problems with my disk going to 100% usage (with little or no read/write activity) and then eventually the entire system crashes. This morning I unplugged the drive and plugged it into a different SATA port, and so far things seem to have been running fine.

However, I've found an additional issue. The action center is giving me a message that says "We found potential errors on a drive, and need to scan it.", and it accompanies this message with a "Run Scan" button. The problem, however, is that when I click the button, nothing happens. And the Task Manager is showing disk read/write activity at 0-1%, so it's not just failing to provide feedback.

A:Action Center Prompts for Scan, Won't Perform Scan

Are you talking about check disk? if so try option two: CHKDSK - Check a Drive for Errors in Windows 8

Read other 1 answers

Hi!This is my first post and I really appreciate bleeping computer team for providing such a wonderful service to people in need. I am using Windows 7 Ultimate. I have Symantec Norton Antivirus 2011, Avast Free Antivirus and Comodo Firewall installed. I update my system (windows, antivirus, firewall, acrobat etc) regularly. Off late my system has been running slowly. The two antivirus catch infections every now and then (pendrives, malicious links). I run regular scans (both Norton and Avast), all of which almost never detect any infection and assure that my system is clean.Yesterday I installed Malwarebytes Anti Malware just to be sure that my computer doesn't have any infection. It was constantly (every 2-3 seconds) blocking outgoing connections from BitComet to different IPs located in China. Believing that the problem is in BitComet, I started utorrent, and the result was same for it as well, MBAM blocked outbound connections, albeit at a lower frequency. Then it blocked an inbound connection from svchost.exe. I just quit both the torrent clients and the notifications stopped. I then quit MBAB.I started Malwarebytes scan and while it was still running, it showed two infections. During the scan itself a blue screen came and my windows crashed. Ignoring it, after a while I again started the scan and the same thing happened. Now I am not sure whether whether its because of scan or infection, but during the 2 years life of my laptop, it was 2nd and 3rd time when Blue ... Read more

A:Bluescreen during malwarebytes scan, slow computer, malwarebytes blocking outgoing connections

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Please download GMER from one of the following locations and save it to your desktop:Main Mirror
This version will download a randomly named file (Recommended)Zipped Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
GMER will open to the Rootkit/Malware tab a... Read more

Read other 18 answers

Hey guys,
I posted this originally on May 2nd and have never gotten a response. If I don't have anything to be concerned about, please, just let me know. I have always gotten very good assistance with my troubles and questions before. Maybe I just posted my question in the wrong place.

Question about scan
I am not really having a problem but I am curious about the results of a scan by AVG Free. When my scan is complete, I get the results shown in Attach. #1. I click on "remove all unhealed infections and I get the results shown in Attach. #2. Also enclosed is the results from my HiJackThis scan. Thanks for the help.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:18:31 PM, on 5/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\A... Read more

Read other answers


Can anyone tell me if this file is harmful, it was picked up while scanning with AVG software, status read at the top of the it said it had been changed, this is the file:


Is this whats called a kernal, this is not in my virus vault but keeps coming up on the scan each time.


A:AVG scan result

See post #4 in this thread: http://forums.techguy.org/security/554221-solved-avg-finds-ntoskrnl-exe.html

Read other 2 answers

When I run a virus scan using AVG I get the message C:\windows\system32\drivers\etc\hosts change result: changed. I have attached Kappersky and DSS scan results. Do I have something to worry about? besides AVG I have SpyBot which I update and run every couple of days. Thanks in advance for your help.

A:Avg Scan Result

Hello StalagmiteWelcome to the Bleeping Computer Malware Removal Forum, sorry about the delay, but the amount of people posting with infected computers is through the roof and sometimes we can't get to logs as fast as we would like to. If you have not resolved your issue and still need assistance, download and install Hijackthis by Trendmicro and post a log, copy and paste it into the thread by using the Add Reply button, please do not attach it. I am looking at a possible trojan on your system.Download Trendmicros Hijackthis to your desktop.Double click it to installFollow the prompts and by default it will install in C:\Program Files\Trendmicro\Hijackthis\Highjackthis.exeOpen HJT Scan and Save a Log File, it will open in Notepad Go to Format and make sure Wordwrap is UncheckedGo to Edit> Select All.....Edit > Copy and Paste the new log into this thread by using the Post Reply and not start a New Thread.DO NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required.

Read other 2 answers

I have been having some problems as of late with my internet connection... various sites not being found, timeouts, cannot find server etc....

I call me EARTHLINK TECH support... and they suggested I make some cahnges in my dial-up networking, etc... and suggested I do a HIJACK-THIS scan.

I did the scan... and here are the results. I was wondering if anyone would look at the results and maybe make some reccomendations.....

Thank you.

Logfile of HijackThis v1.97.7
Scan saved at 2:14:06 AM, on 1/18/2004
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = DAVIDS' INTERNET BROWSER
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Ma... Read more

A:Can someone help me with this HIJACK THIS scan result.

Read other 7 answers

Hi guys,

I just finished running a scan with spybot search & destroy and it came back with the following result (attached a pic). The problem is that I have heard the name before coolwwwsearch which is what was picked up and I thought it must be bad but just to be sure I checked the particular files in my registry. The files all belong to a program I just recently installed called Zero popup pro which as you can guess from the name is a popup blocker. I'm not sure what to do now and was hoping someone can advise whether to ignore what spybot has found or could that popup blocker program be some type of spyware?

A:Spybot scan result

Read other 9 answers

I have Windows XP and an AdAware scan hit on this as malware[Windows Reg Data Malware HKEY -Classes-Root:regfi Possi]. Can anyone tell me what this is? AdAware can seem to do anything with it and SpyBot doesn't recognize it . Please help.

A:AdAware scan Result

This could possibly be a sign of a possible browser hijack attempt. If ad-aware has found it, remove it. Download, update and run spybot, post your log and I'm sure someone will be along to help you with any problem soon. Nothing to worry about though, I have had lots of possible hijack attempts.

Read other 3 answers

I found following items with earthlink protection virus scanner.
Winmovieplugin homepage hijacker, dialer
Coolwebsearch bho, adware
Pornmagpass adware, homepage hijacker, Trojan M
Elitemediapopup adware, driveby download
Transponder.bloger adware bho
Searchsquire adware, searchpage hijacker
spywareQuake thiefware
SafetyBar adware,Bho

I deleted the items but I cannot update avg spyscanner, but can still scan with it. Should I take any other steps to ensure that my system has really gotten rid of these things. Thanks in advance.

A:I got following in one virus scan result

G'Day hes4l,


Should I take any other steps to ensure that my system has really gotten rid of these things.

Yes indeed there are!

Go to the link "The 5 Steps", in my signature; read the instructions carefully; then, post a HJT Log in the HJT Forum, where one of the trained analysts will help you 'clean' your machine.

Now once you have posted your HJT log, there are two things you need to do....

Firstly, subscribed to your posting, so that you can receive instant email notification about any replies.

The other thing is; please be patient with receiving your first reply, as the HJT analysts are usually very busy.
So, I recommend if after say, 48 hours, you have not received any response to your request, go back into your thread, and type in "bump"; this will bring your post back to the front page, and to the attention of an available analyst.

Good luck with it!

If you have any other queries/concerns, feel free to post back.

Read other 1 answers

Anyone know what this result means?

My windows processes are running really slow and was wondering if this is causing the problem.

A:AVG Virus Scan Result Help

Hi and welcome to TSG.
It should only concern you if it says it was infected.
Quote from Avg help forum.
"It is normal that AVG shows that files, the MBR or Boot record to have changed.
These are done during normal maintainance, when you or windows updates files or have had to correct errors on the drive.
The only time that you should worry is if they also show as infected."

Check link below for suggestions on Pc Maintenance.
List includes..
Scan For Viruses.
Scan for Spyware.
Microsoft updates.
Disk Cleanup.
Check Hard Drive for Errors.
Defragment Your Hard Drive.
Registry Cleanup is in their list but
Cleaning the registry may cause you more problem than you started with..
so it would be best to skip that one.

Read other 2 answers

Windows RegData Malware HKEY_Classes_Root:refi Possi This is what I get as malware. What is it. Adaware won't remove it and Spybot doesn't recognize it as a problem. Please help.

A:Adaware scan result


Read other 1 answers

Any Malaware experts out there to take a look at these results and let me know what to do next ????

Refers to my earlier thread this morning about desktop startup errors.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:52:35, on 11/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\TOSHIBA\TOSHIBA RAID\Service\kraidsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\NORTON~4\... Read more

A:DLL Error HJT Scan result

This is a duplicate post.
Original thread and HJT log are here
AND has been moved to the MalWare forum,

Read other 1 answers

Thought I may have got an infection (sonar.heuristic.130).  So I ran numerous scans.  
Norton Internet Security A/V, Norton Power Eraser, MS Safety Scanner, ESET Online Scanner, Super-Antispyware, Malwarebytes, ADW, TDS Killer, and R Kill.
All my scans ok, less the ADW find.  Wasn't sure to delete the registry key, so I didn't.  I took a screen shot of LAN settings but couldn't figure how to attach, if I was supposed to.
The result of ADW scan:
# AdwCleaner v4.110 - Logfile created 16/02/2015 at 01:37:05
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Fred - ATHEIST
# Running from : C:\Users\Fred\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - localhost:8080
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
AdwCleaner[R0].txt - [679 bytes] - [16/02/2015 01:37:05]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [737 bytes] ##########
Screen I tried to attach
Internet Options/Connections/LAN Settings
   Automatic configuration heading........only Automatically detect settings is checked
   Proxy server heading..........................box is un... Read more

Read other answers

Hello everyone, I have no clue how to distinguish virus from essential files???

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:26:54 AM, on 22/11/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5742z&r=27361110x915l04g4z155v47j2134s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5742z&r=27361110x915l04g4z155v47j2134s
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&m=aspire_5742z&r=27361110x915l04g4z155v47j2134s
R1 - HKLM\Software\Microsoft&... Read more

A:Need help with "hijack this" scan result PLEASE!!!

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the ... Read more

Read other 2 answers

So I recently fell victim to what a Google search told me is the "FBI Moneypack" "ransom" virus that's been going around. It wasn't this exact screenshot for me but it looked something like it:
I booted my computer in safe mode, read some literature, downloaded the free version of Malwarebytes, and ran a scan which found some files it deleted. I rebooted normally and, thank god, everything's fine now, the screen's gone and I'm typing this from said malware'd computer. My question is, do you advise anything I do anything else? I just ran another malwarebytes scan, which turned up negative, and I'm currently running another standard MS Security Essentials system scan. In the event that everything seems fine and ends up back to normal, should I still take any other actions or consult a (real-life) tech help pro? Thanks a lot!

A:Removed FBI Moneypak virus with Malwarebytes - further action needed?

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

Read other 9 answers

So I recently fell victim to what a Google search told me is the "FBI Moneypack" "ransom" virus that's been going around. It wasn't this exact screenshot for me but it looked something like it:
I booted my computer in safe mode, read some literature, downloaded the free version of Malwarebytes, and ran a scan which found some files it deleted. I rebooted normally and, thank god, everything's fine now, the screen's gone and I'm typing this from said malware'd computer. My question is, do you advise anything I do anything else? I just ran another malwarebytes scan, which turned up negative, and I'm currently running another standard MS Security Essentials system scan. In the event that everything seems fine and ends up back to normal, should I still take any other actions or consult a (real-life) tech help pro? Thanks a lot!

A:Removed FBI Moneypak virus with Malwarebytes - further action needed?

Sorry, I realized that I should've posted this over in the security section, here:
So someone can delete this thread, thanks.

Read other 3 answers

This will be my first time posting to this site. I am pretty stuck with a computer at work that I am as of yet unable to fix.The symptoms are these:The browsers (both IE and Firefox) take you to URLs when they are typed directly into the Address field, but when you click on a link within a page, you are redirected to one of many different seemingly random advertisement sites. I am not getting pop-up windows, however.The computer is not allowing a log-in script to map network drives on the computer; the same log-in script worked recently in the past, and the same network shares can be navigated to using start>run>\\path\folderAt unpredictable times, and somewhat rarely, there is a standard Windows error message pop-up saying something about a Win32 app has experienced problems and needs to close (send report, don't send, etc.). I will get the exact message if it is needed.I have used Spybot S&D, Malwarebytes, SUPERAntiSpyware, none of which have removed the infection completely, if at all. I have switched from McAfee to free avast! AV software and run a full scan and it finds no malware. I have tried all of this from both standard bootup and while in safe mode; same problems occur.I humbly request some help from your experts. Please advise how to proceed (i.e. what software logs you need first, etc). Thank you!-Aaron

A:Malwarebytes Ineffective; Win32 Error; Search Result Links Redirecting; etc.

Welcome to BCSince you say this a work computer, have you contacted and advised your IT Department? In most work environments, the IT staff implement specific policies and procedures for the use of computer equipment and related resources. In fact, many companies will require you to read those policies and sign a statement of understanding. These official procedures are designed and implemented to provide security and certain restrictions to protect the network. This allows all users to safely use business resources with minimum risk of malware infection, illegal software, and exposure to inappropriate Internet sites or other prohibited activity. We will not assist with attempts to circumvent those policies or security measures.Our forums are set up to help the home computer user deal with issues and questions relating to personal computers. We are not equipped to involve ourselves in any legal issues that may arise due to loss of business data and loss of revenue as a result of malware infection or the disinfection process which in some instances require reformatting and reinstallation of the operating system. Further, many helpers are not familiar with Servers and many of the tools we use are restricted to non-commercial use by their creators.A business IT staff generally has established procedures in place to deal with issues and infections on client machines on the network. As such, they may not approve of employees seeking help at an online forum or outside the business ... Read more

Read other 1 answers

Here's the result after I scanned the computer. I hope this would help to solve my problem. I also want to thank you all for helping me.

DDS (Version 1.0) - NTFSx86
Run by Aaron Tran at 22:08:32.39 on Mon 11/24/2008
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2038.1501 [GMT -5:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Viewpoint\... Read more

A:Rootkit, Gmer and DDS scan result

I Have A Message Saying" Error In:c\windows\system32\caewqgeycilvoe.dll
Missing Entry:dllstart:".
I Currently Run On Xp Home Edition. After I logged in, everything on the desktop disappeared. The only left to see is the screen saver. Results shown above after the Gmer and DDS scan. Please advise of what to do and how to fix this. Thank you!

Read other 3 answers

I just ran a full system scan with Avast 5.0. I got the result "Threat Detected". Avast found the following:


The file was moved to the Avast Virus Chest (quarantine) with the following information:

Threat: Win32: Malware-Gen Location: C:\Windows

I ran a general web search and also searched several Virus Libraries with no results found. Since it's in quarantine I can restore it if needed. Has anyone heard of this file or infection?

Thanks for your help and input.

Read other answers

can someone review a highjack this txt and provide info on system???
there are a number of 023 dll's & exe listed unknown owners..

I trying to establish if the laptop cureenetly has / or has been infected with any spyware enabling backdoor hack / keyloggers.

A:Please review highjack this scan result

Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log can also be foun... Read more

Read other 1 answers

I have the following output from a ComboFix scan and need help with interpreting the results. I recently purchased this machine used and do not know much history on it. Thanks for any help.((((((((((((((((((((((((((((( [email protected]_06.29.10 ))))))))))))))))))))))))))))))))))))))))).+ 2009-05-23 06:30 . 2009-05-23 06:30 16384 c:\windows\Temp\Perflib_Perfdata_3a4.dat.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-17 1947928]c:\documents and settings\Administrator\Start Menu\Programs\Startup\mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-7 27136]c:\documents and settings\Owner\Start Menu\Programs\Startup\spamsubtract.lnk - c:\program files\interMute\SpamSubtract\SpamSubtract.exe [2003-7-26 552960]c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - c: ... Read more

A:ComboFix Scan Result Interpretation

ComboFix logs should not be posted outside the HijackThis forums, and then ONLY WHEN REQUESTED. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert." It is NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.Running ComboFix by yourself is like performing open heart surgery on yourself--the scalpel and other surgical tools that is ComboFix is meant to be wielded by a highly trained surgeon only in emergencies or dire circumstances. When the surgeon is thru s/he leaves the room. So combofix should be removed from a system once it has accomplished its job, unlike an AV that is there to protect you from future infections.. . . CF does make some alterations to your system if you run it. Even if you had no malware removed and run the uninstall command, some things may be different now on your system. I can tell you that one thing is that all your restore points will be flushed out and a new one created. There is a good reason to do that when you have a severe infection--but if you aren't infected you might need those restore points.Read and abide by the disclaimer people. It's there for a reason. Stick to running and protecting yourself with a good AV and firewall and ... Read more

Read other 1 answers

Is this Ok now?

Logfile of HijackThis v1.99.1
Scan saved at 6:56:47 PM, on 1/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\BenQ\QMusic2\QMAgent.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Pro... Read more

A:Hijack log and Ewido scan result

Hi and welcome.

You need to reply back to this thread instead of creating a new one. I'd merge, but the site appears to be having problems right now.


Read other 1 answers

I recently loaded my os vis recovery disc I downloaded Avast free version. All seems ok until I looked at the scan log for this scan and it has 15 files that could not be scanned explaining it witht he message after each one Error: Archive is password Protect... Nothing should be password protected on the machine yet asd I haven set any.
The path indicated is the same except for the ending;
C: User\user2\...|>download.js

IS the usual procedure of hijackthis, necessary here or can someone explain this?


A:Solved: Avast scan result is odd

Read other 8 answers

Hi there!

I just recently got my system put back together and I have been slowly running a few online scans to make sure everything was clean while I was downloading security updates over this last weekend.

I ran one recommended to me called BitDefender last night, and it came up absolutely clean. I also ran another earlier called ewido, which also came up clean, other than a few tracking cookies which were no problem getting rid of.

I just ran Panda's free online scan and it brought up something...

C:/Windows/system32/Tools/Restart.exe It says that files is "Potentionally Unwanted Tool"

I did a search on these forums and found somebody else had this file come up in a Panda scan, so I followed one of the instructions listed, and uploaded it to a site to run several scans. Here are those results:
File: Restart.exe
Status: POSSIBLY INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) (Note: this file was only classified as malware by scanners known to generate more false positives than the average scanner. Do not consider these results definately accurate. Also, because of this, results of this scan will not be recorded in the database.)
MD5 eb1b125ee5d2022cbf5e2f7226f47638
Packers detected: -
Scanner results
AntiVir Found SecurityPrivacyRisk/Destart.A riskware
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found... Read more

A:Panda Scan Result.. Restart.exe

Read other 9 answers

Installed Emsi AM & did a quick scan.
It found few threats & to me it all seems FPs.
Like it mention disabletaskmanager but taskmanager opens fine. Disablecmd but cmd opens fine too. Disable registry tools but regedit opens fine too.
What I could make out of the detection have mentioned.
Attached is the screenshot

Value: HKEY_USERS\S-1-5-21-191019590-2606562261-3006609305-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)

A:Emsisoft Antimalware Scan Result

Search Emsi support forum. Fabian Wosar discusses this in some threads. If I recall correctly he stated that there are cases where legitimate\safe security or other softs will create the above keys.

Since you have been installing various security softs maybe they are just left over - and are very unlikely an indication of any kind of serious infection...

Read other 11 answers

My computer is really messed up right now - it's running slow and freezing and I ran this scan but I don't know what any of it means -
Thank you!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:17:17 PM, on 9/19/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17099)
Boot mode: Normal

Running processes:
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\... Read more

A:Can someone analyze this hijackthis scan result for me?

According to your HiJackThis log, your computer is infected.

I'm not authorized to assist you in this section without the approval of a Moderator or gold shield member, so you need to wait until one replies.

You also need to read here.


Read other 2 answers

I have an HP Precision Scan LTX and it was working just fine the last time I used it. Today it will not work properly and no matter what I scan I just get an all black page with no picture or text.

Any suggestions? Thanks.

A:Scanner will not scan - result is all blacked out

Is the scanner lamp operating?

Read other 2 answers

I the log seems to only provide the following code (no explanation I can find) for a warning associated with the Quadro M1000M videl memory test. How/where do I determine the significance/explanation of the result code to determine if the problem is sufficient to contact warranty support? Quadro M1000MResult Code: WVC007000-UM7V1E  Mark   

Log.PNG ?69 KB

Read other answers

When i tried to scan my computer using Malwarebytes, it closes. This also occurs when i tried it in Safe Mode.
Whenever i try to scan with McAfee, there is an "On Demand Scan Error"

I know my computer must be infected with sumthing

Im usin an Acer 5536, Vista Home Premium, Laptop is less than a month old

Any Help is appreciated

BTW, RootRepeal caused my computer to crash and the DDS doesnt really work, the black box appears and closes within 3 secs

A:MalwareBytes Closes During Scan, Cant Scan, Help?

Welcome to BCWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.----------------------------------Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighAlso try: right-click on rootrepeal.exe and rename it to tatertot.scr=======================Please download Win32kDiag.exe by AD and save it to your desktop.alternate download 1alternate download 2This tool will create a diagnostic report Double-click on Win32kDiag.exe to run and let it finish. When it states Finished! Press any key to exit..., press any key on you... Read more

Read other 11 answers

Can you tell me what this is for please?  I need to assess the potential cost of repair/replacement of pieces/parts vs new computer.  Thanks a bunch!

Read other answers

i need help.my pc keeps crashing and im trying to figure out why.im running windows 10 updated from windows 8 latelyi im currently defragging my harddisc and updating driversthe problem is that after half an hour or two my pc freezes and the only way to restart is to hold down the power button or pull out  the battery. afteer restart i have another half an hour or something.  

A:Lenovo z50 result code from error scan of storage ...

I'm having the exact same issue but my Code is: WHD01V011-DL7C8J What does this mean?  Does it mean my HDD is knackered?  I run a Lenovo Diagnostics Test and it passed all barring a few - Smart Drive etc failed. I'm concerned my laptops faulty and wondering if it's quick, easy and CHEAP to repair. ThanksAsh.

Read other 1 answers

During a hardware scan, the USB test Failed. I got a result code: WMB01A008-WL7A8I.Why did my computer fail the USB test? and how can I fix this probem??

Read other answers

Please help me with the  below result code of Hardware Scan Result Code: WHD01V002-UL7AGH 300-15ISK LAPTOP (IDEAPAD)

Read other answers

trend micro was the only product to score 100% in scan section conducted by avtest with win 7

A:Trend Micro scan result Scores 100% in AVTest

Myself alongside others take that result with a grain of salt so to say

Read other 1 answers

Hi again,,,just getting ready to install vista,, hopefully tomorrow,,,read loads just need a little advice on the last things before i go for it,,, Ran a vista scan to check software as i guessed i should be ok on the hardware and i am,,,,ran the scan from here,,,, http://www.microsoft.com/windowsvist...r/default.mspx ,,,, and heres the result of it as i need some advice on what some of these things are and where's the best place to get them from please
1,,,System Devices,,,,,,, AMD Special Tools Driver,,,,,,,,, Advanced Micro Devices,,,,,
2,,, System Devices,,,,,,,Silicon Image's Pseudo Processor Device,,,,, Silicon Image,,,
3,,,Network Adapters,,,,,, NVIDIA nForce Networking Controller,,,,,, Nvidia,,,,
4,,,Universal Serial Bus Controllers,,Maxtor OneTouch II ,,,,,,,,Maxtor,,,,
5,, Other Devices,,,,,,,,, Patin Couffin engine,,,,,,,,, VSO Software,,,,,
6,SCSI and RAID Controllers,, Silicon Image SiI 3114 SoftRaid 5 Controller,, Silicon Image
They come under 3 sections ,,,,,Category,,,,Model,,,,,,and,,Manufacturer,,,
I know it sounds really lazy not going to look for them and read about them but i have started and i am not quite sure about everything and a lot of you here know a lot more than me and would like to go for installing tomorrow but i would be greatful if you all could give a little bit of information please

A:Solved: vista scan result and information needed please

Read other 9 answers

I scanned my laptop with gmer, and I was suprised because it showed lots of malware / rootkit. Are these result reliable ?

A:Shocking "Rootkit" result from results from GMER scan

Actually that log looks clean. What do you think is an indication of malware in this log? It just looks like you have Comodo or something similar installed which explains what you see in the log.

Read other 5 answers

Recently my computer was infected with adware or a virus. My search results through search engines such as Google get redirected to random ad pages. I am unable to use HijackThis, MBAM, or SUPERAntiSpyware to scan my system or create log files. After I install any of the above programs and attempt to scan my computer, the programs simply shut down; when I attempt to re-open the programs I get the following message:

"Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."

This message makes no sense because this is a personal computer, I get the same message when I try to run the programs directly - not using a shortcut. I am also unable to open my Symantec AntiVirus although it is running and it's definitions still update. Furthermore, my Windows Live Messenger shuts down right after I log-in. Safe Mode does not work, although Safe Mode with Networking can be accessed.

I'm able to access everything else on the computer and all other programs work as they should. I've attempted to read other threads to find the solution, but no other problems seem to be quite like mine. Any help is greatly, greatly appreciated, I've tried everything that I know to do.

A:Search result redirect, unable to scan with/use anti-spyware

Read other 16 answers

I get the following failed result code when I perform a hardware scan via Lenovo Solution Center on the SanDisk SSD U110 16GB: WHD00V00S-UL7XVG. Does anyone know why I keep getting this error and how to fix it? I don't even know if this drive is being used for anything. It does not show up under my computer in windows explorer.Thank you! Here are details from the log file:Display name: SanDisk SSD U110 16GB - 14.91 GBs Manufacturer: SandiskModel: SanDisk SSD U110 16GBSerial: 134610403527 Firmware: U21A001 Size: 14.91 GBsPhysical sector size: 512 Logical sector size: 512 Logical sectors: 31277232 Supported standards: ATA8-ACS, ATA7-ATAPI, ATA6-ATAPI, ATA5-ATAPI, ATA4-ATAPI, ATA8-ACS, ATA7-ATAPI, ATA6-ATAPI, ATA5-ATAPI, ATA4-ATAPI Spec version: Unrecognized Version Partition schema: GPT UNALLOCATED: 1.09 MBs Index 1 Size: 14.91 GBs-----Diagnostics SMART Status Test: PassedTargeted Read Test: Passed Random Seek Test: Failed Funnel Seek Test: Failed SMART Short Self Test: Failed-----

A:Lenovo T440s Hardware Scan Failure Result code: WH...

The device is a 16GB Solid State Drive (SSD) that is used by the Lenovo box to speed performance by caching frequently-used areas from the main hard disk. The error indicates a fault with the SSD (I have had the same problem on 2 different SSDs after using them for about a year each). I'm not sure why the SSDs seem to keep doing this - perhaps the write cycle count of certain blocks is reached too quickly in this environment, or maybe the ExpressCache software used for this function is not completely bug-free. You can continue to use the SSD as it seems from my experience that it continues to work, but not quite as efficiently as the faulty block(s) would mean the data there would be fetched from the Hard Disk after all. It would be good to hear more on this from Lenovo so that we can figure out the best course of action.

Read other 1 answers

HelloJust recieved a hardware scan results witht he following failure.Result code: WHD00V000-UL7XKHDevice: Intel (R) HD Graphics 520please advice...

Read other answers

Can't seem to find this in support or forum. The only known regular issue I have is graphics stop/reset while browsing, don't know if it's related.THX!

A:Y700 Hardware scan fail, result code WCP03E000-UL7

WCP03E000-UL7BWG, got cut off

Read other 1 answers