Over 1 million tech questions and answers.

How do I fix corrupt file reported in SFC scan results?

Q: How do I fix corrupt file reported in SFC scan results?

I performed an SFC /Scannow and have what appears to be one corrupt file left that needs fixing. However, I'm not sure what the report is telling me. Could a member here who knows about this take a look if I upload the file? Thanks.

RELEVANCY SCORE 200
Preferred Solution: How do I fix corrupt file reported in SFC scan results?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: How do I fix corrupt file reported in SFC scan results?

Hello Bret,

Check to see if the items in the blue Note box at the bottom of OPTION TWO in the tutorial below may be able to help for now.

SFC /SCANNOW Command - System File Checker

Read other 1 answers
RELEVANCY SCORE 72.8

Hello

Please see log for sfcfix. the following is written in the log:

SFCFix version 3.0.0.0 by niemiro.
Start time: 2016-07-18 16:45:07.168
Microsoft Windows 7 Service Pack 1 - amd64
Not using a script file.


AutoAnalysis::
FIXED: Successfully repaired missing store directory C:\Windows\winsxs\x86_microsoft-windows-t..vices-configbackend_31bf3856ad364e35_6.1.7600.16385_none_d66b4dbb52eb8cae.
FIXED: Successfully repaired missing store directory C:\Windows\winsxs\x86_microsoft-windows-t..workspace.resources_31bf3856ad364e35_6.1.7600.16385_he-il_f76464b0cbfb2b4d.


WARNING: Failed to get store name from identity name with return code 2 for component prnca00x.inf and file Amd64\CNBJ3.INI. File is reported as corrupt by SFC.
CORRUPT: Amd64\CNBJ3.INI of component prnca00x.inf.


WARNING: Failed to get store name from identity name with return code 2 for component prnca00x.inf and file Amd64\CNBGRC1.GPD. File is reported as corrupt by SFC.
CORRUPT: Amd64\CNBGRC1.GPD of component prnca00x.inf.


FIXED: Corruption at C:\Windows\winsxs\x86_microsoft-windows-t..vices-configbackend_31bf3856ad364e35_6.1.7600.16385_none_d66b4dbb52eb8cae\cfgbkend.dll has been successfully repaired from C:\Windows\System32\cfgbkend.dll.



SUMMARY: Some corruptions could not be fixed automatically. Seek advice from helper or sysnative.com.
CBS & SFC total detected corruption count: 5
CBS & SFC total unimportant corruption count: 0
CBS & SFC total fixed corruption... Read more

A:CNBJ3.INI + CNBGRC1.GPD File is reported as corrupt by SFC

Both of those files relate to a Canon driver.
Suggest you run the repair option for the printer

Roy

Read other 9 answers
RELEVANCY SCORE 70.8

Hello

My latop has been turned itself off about 8 times today so I did a bit of reading on the forums and one of the things that was suggested was run the sfc /scannow command. The output says that it was unable to fix teh corrupted files that it had found and deposited the results of this scan in the CBS.log file.

This is the CBS.log file:-


Code:
2011-01-14 17:15:27, Info CBS Archived log file: C:\Windows\Logs\CBS\CBS.log to: C:\Windows\Logs\CBS\CBS.persist.log
2011-01-14 17:15:27, Info CBS Loaded Servicing Stack v6.0.6002.18005 with Core: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cbscore.dll
2011-01-14 17:15:27, Info CSI [email protected]/1/14:22:15:27.036 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6a788a50 @0x6c85854e @0x6c8363a1 @0x621392 @0x621ed4 @0x6217cb)
2011-01-14 17:15:27, Info CSI [email protected]/1/14:22:15:27.098 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6a788a50 @0x6c88e7b6 @0x6c870f93 @0x621392 @0x621ed4 @0x6217cb)
2011-01-14 17:15:27, Info CSI [email protected]/1/14:22:15:27.098 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6a788a50 @0x72941a0d @0x72941794 @0x62360b @0x622be3 @0x6217cb)
2011-01-14 17:15:27, Info CBS NonStart: Checking to ensure startup processing was not required.
2011-01-14 17:15:27, Info CSI 000000... Read more

A:results of my sfc /scannow scan saying can't fix corrupt files. Help!

Welcome
To try and correct the shutdown problems
Run the SFC three times if errors are found. If they are not repaired, go to event viewer (type that in search, by the start menu) and go to the left panel, Administrative and look for errors.

Run a full anti virus scan
Download and run a full scan with malwarebytes.


Make sure that you are not overheating, shutting down is a classic symptom.
Download and run speed fan to check tempsl

If that does not help
Test memory
http://www.geekstogo.com/forum/topic...ing-memtest86/


If nothing seems to help a repair install should do the trick, unless it is caused by hardware problems.
Repair Install For Vista[11]=Performance Maintenance

Read other 6 answers
RELEVANCY SCORE 69.2

Hey all, I've been randomly getting computer freezes and BSODs for the past couple weeks now, and I think I've narrowed it down to something dealing with either my hard drive or my windows install. I have a Kingston SV300 SSD with the latest firmware. For some reason my computer isn't saving minidump files so I can't look into the cause of the BSOD, so I figured I'd check hard drive diagnostics and windows diagnostics. My HD tests came back clean, but my SFC scan tells me that iassdo.dll.mui is corrupt and cannot be repaired.

Since I can't post the dump, I'll upload a picture I took of the BSOD along with the SFC results.

A:BSOD STOP:000000xF4; SFC Scan results (iassdo.dll.mui corrupt)

Follow this to configure minidumps:

Dump Files - Configure Windows to Create on BSOD

Then when you next get a BSOD, follow this:

1. Download the DM Log Collector application to your desktop by clicking the link below

DM Log Collector.exe

2. Run it by double-clicking the icon on your desktop, and follow the prompts.
3. Locate the .ZIP file that is created on your desktop, and upload it here in your next reply.

Read other 6 answers
RELEVANCY SCORE 61.2

I just got my McAfee Virus Scan 8.0 CD today andthere seems to be a corrupt file on the disc causing an Internet Explorer Script error as follows:
Line: 1093
Char: 1
Error: Object Expected
Code: 0
URL: mcp://E:\VSC\ENU\VSOINS.UI::default.htm

McAfee Security Application Installer has the following error: The installation cannot continue because some components are missing.

If any one has any suggestions on how to get rid of this problem please let me know. The script error appears after the End User License Agreement screen thus not allowing me to install the application.
 

A:McAfee Virus Scan 8.0 corrupt installation file

Is this xp? If so then uninstall and reboot into safe mode and retry the installation..
 

Read other 1 answers
RELEVANCY SCORE 60.8

I just got my McAfee Virus Scan 2005 ver. 6.0 CD today and there seems to be a corrupt file on the disc causing an Internet Explorer Script error as follows:

Line: 1093
Char: 1
Error: Object Expected
Code: 0
URL: mcp://E:\VSC\ENU\VSOINS.UI::default.htm

McAfee Security Application Installer has the following error: The installation cannot continue because some components are missing.

If any one has any suggestions on how to get rid of this problem please let me know. The script error appears after the End User License Agreement screen thus not allowing me to install the application. Thanks for taking your time to read this, and hopefully help me out.

- Michael
 

A:McAfee Virus Scan 2005 corrupt installation file

Hi epidemic

Welcome to Tech Support Guy Forums!

It's rare, but sometimes a disk has a bad path or omission.
It might be a disk that slipped past the error check.

Looking on their website www.mcafee.com

I found this:
http://ts.mcafeehelp.com/?siteID=1&resolution=1024x768

Under Product Support, Hot Topics, click on the following error:
I receive "an error has occurred while installing" or the installation hangs at 77%

If none of their instructions help, at the bottom of the page is the option for:
I would like help from a live agent

Let us know what happens.
 

Read other 2 answers
RELEVANCY SCORE 60.8

I ran scan disc and after it says i have several corrupt files that it wasnt able to repair.  I have posted below just a few of the entries on the cbs.log.  Can someone please help me to fix these issues??
Thank you
 
Marshall
 
 
2014-10-29 12:57:02, Info                  CSI    00000090 [DIRSD OWNER WARNING] Directory [ml:520{260},l:88{44}]"\??\C:\WINDOWS\Help\Windows\IndexStore\en-US" is not owned but specifies SDDL in component Microsoft-Windows-Assistance-CollectionFiles-Help.Resources, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral
 
2014-10-29 12:57:02, Info                  CSI    00000091 [DIRSD OWNER WARNING] Directory [ml:520{260},l:50{25}]"\??\C:\WINDOWS\Help\en-US" is not owned but specifies SDDL in component Microsoft-Windows-Assistance-CollectionFiles-Help.Resources, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral
 
2014-10-29 12:57:02, Info                  CSI    00000092 [DIRSD OWNER WARNING] Directory [ml:520{260},l:92{46}]"\??\C:\WINDOWS\Help\Windows\ContentStore\en-US" is not owned but spe... Read more

A:Need Help understanding CBS.log file after scan-disc found corrupt files.

I dont see how 42 different  people read this post but not 1 responce.  ???
 
 

Read other 48 answers
RELEVANCY SCORE 60.8

Windows Explorer has stopped working error? I looked up how to fix it and it said to run a SFC scan. It says it cannot fix the error so I did a screen shot of the cmd and attached the cbs.log in rar format. I have Norton 360 for my antivirus and my PC spec are in my profile. Not sure how to fix the error in the cbs.log and as far as these kinds of problems I am a beginner. Any help would be greatly appreciated. This is a cbs.log error and my Windows explorer stops working and restarts. I am dumbfounded.

A:Ran SFC Scan and found a corrupt file . Windows Explorer keeps crashin

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-YG69F-9M66D-PMJBM
Windows Product Key Hash: /kehptF9HHVxM5d8dUnqgcfndXw=
Windows Product ID: 00426-OEM-8992662-00497
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {BEA5ACAB-6EB2-4700-9AFC-DE3A816FC658}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.150316-1654
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Word 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-2... Read more

Read other 2 answers
RELEVANCY SCORE 58

Media Center Component failing to load.

In the thread above it became apparent my install was bad. So, I performed a fresh install. This weekend I recv'd a notice that my backup failed due to corrupt C:\ . I ran sfc /verifyonly. I've attached both logs. I appreciate any insight or direction you can provide as to what may be going wrong.

In my last install I had placed all Users onto another drive. This was reported as a bad idea & I assumed it was at least a part of the issue. On the clean install I left everything as Windows wanted it. I do install programs that I expect to not need forever or ones which I don't care about speed, onto a second hard drive. All windows install related files & setup were left on the C:\ this time.

A:Integrity Violations & Corrupt C:\ reported

Are these after the clean install?

CBS_010912_2.txt

Code:
2012-01-08 21:10:08, Info CSI 000000e0 [SR] Cannot repair member file [l:32{16}]"imagesp1.dll.mui" of Microsoft-Windows-imagesp1.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-01-08 21:10:09, Info CSI 000000e2 [SR] Cannot repair member file [l:32{16}]"imagesp1.dll.mui" of Microsoft-Windows-imagesp1.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"en-US", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2012-01-08 21:10:09, Info CSI 000000e3 [SR] This component was referenced by [l:266{133}]"Microsoft-Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~6.1.7601.17514.Windows Foundation Language Pack"
2012-01-08 21:10:09, Info CSI 000000e6 [SR] Could not reproject corrupted file [ml:520{260},l:58{29}]"\??\C:\Windows\System32\en-US"\[l:32{16}]"imagesp1.dll.mui"; source file in store is also corrupted
CBS_010912_3.txt

Code:
2012-01-09 18:01:15, Info CSI 000000e0 [SR] Cannot r... Read more

Read other 9 answers
RELEVANCY SCORE 56

Since the last 2 days, I have problems on my computer. It began when I noticed while browsing, that 2-3 sites popped by (redirects) with odd server names or ip addresses. I realized right away that there was some problem and tried to find out more. The first thing I noticed was a T.EXE in c:\ drive and I promptly removed it. I then got a free TrendMicro anti-virus scanning done, it came back with a problem file called 0U949.sys in the System32\drives folder. It would keeping popping backeven after anti-virus cleaning or manual deleting. After I did a 'Safe Boot' of Windows, I was able to get rid of it and have not noticed it since then. I do not have that scan log, but the detailed info from trendmicro site lead to webpage which also mentioned TROJ_AGENT.ISZZ as the trojan name and instructions included how to check and correct specific registry entries, which I verified and found them to be okay in first place.However, over the next few hours since that incident, it became clear that this was more thant a simple malware problem. The best consistent indicator of the problem is that the browser search results from Google, Bing etc using IE, Firefox, Chrome, all get hijacked and redirected to different weird websites the second time I come around. The first click on the search results seem to work okay, but an additional browser window/tab is also launched with some unknown site trying to load. Then things get messy for subsequent browsing. Also I have consist... Read more

A:My Browser Search Results are Hijacked. Malware reported. Possible Virus/Trojans??

Hello dhurandar Welcome to the BC HijackThis Log and Analysis forum. I will be assisting you in cleaning up your system.I ask that you refrain from running tools other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond the your topic and facilitate the cleaning of your machine.Please keep in mind that we have a large backlog of users just like yourself waiting to be helped so try to be as timely as possible in your replies. Since we do this on a part-time voluntary basis we are limited on how many logs we can respond to and keep open due to time restraints. If you have to be away or can't answer for some other reason just let me know. Thank you for your understanding.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.I need for you to perform the following:Download GMER Rootkit Scanner from here to your desktop. Double click the exe file. If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO, then use the following settings for a mor... Read more

Read other 2 answers
RELEVANCY SCORE 56

hello

after scanning, Shields up reported port 443 is open.
I'm hoping to stealth my system.

my system-
xp home sp3
browsers-google chrome-ie8-
kaspersky kis 2010 459.0.0.0 trial edition
wifi internet

let me know if any further info is needed

thanx

A:port 443 reported open-after grc shields up scan completed

Do you not want to connect over SSL?

Read other 2 answers
RELEVANCY SCORE 55.6

I have Avast version 4.7 Home Edition Free installed on my computer.

When I ran a scan today with Avast, it detected a virus and I deleted it. I then ran another scan and there were no viruses reported.

Then I went to Kaspersky's online virus scanner and ran it and it detected 2 viruses on my computer, but of course the only way to get rid of the one's detected is to purchase Kaspersky Anti Virus.

Questions are.
1. How did the virus that Avast detected get on the computer in the first place? I have the on access protection control running with all of the modules activated with the exception of Outlook (I do not have Outlook on my computer).

2. Why is Kaspersky detecting 2 viruses on my computer at the present time and Avast detects none?

Do I need to ditch Avast Free and pay for Kaspersky as a better Virus protector.

Thanks for any ideas and suggestions,

Jerry
 

A:Solved: Avast scan resuts vs Kaspersky scan results

Read other 6 answers
RELEVANCY SCORE 55.6

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD FX(tm)-4100 Quad-Core Processor, AMD64 Family 21 Model 1 Stepping 2
Processor Count: 4
RAM: 8173 Mb
Graphics Card: NVIDIA GeForce GT 430, -2048 Mb
Hard Drives: C: Total - 953766 MB, Free - 645957 MB;
Motherboard: Gigabyte Technology Co., Ltd., GA-970A-D3
Antivirus: avast! Antivirus, Updated and Enabled

After running Avast, it found an infection, "INI: Shortcut-inf [Trj]. Avast has it named as: PC Pitstop.url. Location: C:\Users\Gary\Favorites. I then quarantined it.

After that, I ran System File Checker, and it reported that no integrity violations were found. Is it safe to say that the file can now be deleted?
 

A:Determining scan results after using "System File Checker"

Those two scans really have nothing to do with each other.

And based on what you posted Avast is just finding a bookmark/favorite to a website called PC Pitstop that it wants to remove. It's simply a shortcut to a website so you absolutely can delete it if you want.
 

Read other 1 answers
RELEVANCY SCORE 55.6

This scheduled task starts the Microsoft Transient Multi-Monitor Manager when a user logs on to a Windows user account

Task TMM: The Task image is corrupt or has been tampered with
---Located this one in [Microsoft][windows][mobilPC]
---The actions tab: Custom Handler
--- Attempt to use/view via EDIT: This type of action cannot be edited in this tool.
---so I cannot edit and repair it. I can delete it, but how would I be able to recreate it
---if I do not know where the program file is located and its name, and what switches to
---set on it.
Task GatherWiredInfo: The task image is corrupt or has been tampered with.
Task GatherWierlessInfo: The task image is corrupt or has been tampered with.

I read a thread from about a year ago on just about the same issue and the responders
kept insisting that user was using the taskschd.msc tool wrong. So I also do not want to
be asked "why do I want to do this", there is a problem and I am trying to find a fix.

A:Task Scheduler: Error, custom handlers uneditable and reported corrupt

Welcome to the Seven Forums.

Can you export the task(s) in question?

Read other 3 answers
RELEVANCY SCORE 55.2

OK , having major difficulties getting these fixes to work. I have windows vista premium home, hjt will do the scan but halfway through says for some reason "your system denied write access to the Hosts file" I tried to set hjt to run as administrator but that is grayed out, so when I select "ok" it finishes the scan but no copy is posted in notepad. I did actually select a few known trash and it did remove them. dds appears to do its scan but doesn't post any results in notepad. And rootrepeal gives me a device controller error and wont scan. Does anyone have any suggesting on what to do? I did a system repair back to the 30 of December but that seemed to on reduce the popups.

Gordy

A:corrupt system wont let me run nso when i select "ok" it finnishes it's scan but no copy of scan is posted in noteb...

Welcome to BCPlease try this:Please download RSIT by random/random and save it to your Desktop.Note: You will need to run this tool while connected to the Internet so it can download HijackThis if it is not located on your system. If you get a warning from your firewall or other security programs regarding Rist attempting to contact the Internet, please allow the connection.Close all applications and windows so that you have nothing open and are at your Desktop.Double-click on RSIT.exe to start the program.If using Windows Vista, be sure to Run As Administrator.Click Continue after reading the disclaimer screen.Leave the drop down box set to default: "List/folders created or modified in the last 1 month (30 days).When the scan is complete, a text file named log.txt will automatically open in Notepad.Save the log file to your desktop and copy/paste the contents into a new topic in the HijackThis Logs and Malware Removal forum, NOT here.Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run.If RSIT did not work, then reply back here.

Read other 1 answers
RELEVANCY SCORE 55.2

After computer froze after trend microwest reported virus. before the blue screen of death arrived it showed the virus name P_ (something) .exe as the virus. Can force reboot the computer and work partially from one user profile. Other user profiles including safe mode has screen flashing and the start and task bar and all shortcuts disappear. ran trendmicrowest av scan which satted it found a virus and rebootec. had to leave scan running while at work. Have backups of everything except for a LARGe am ount of music and video. Please help.

thanks so much for such a cool site.

daniel

Whenever I try click an arrow or letter it shuts down
I am running windows XP service pack 3.

A:After executing files from bit torrent download AV scan reported Virus

Hello well you obviously learned a great place to get malware is from P2P and torrent downloads. Can you run MBam and get us a log. Run in either mode but normal is stronger.Please download Malwarebytes Anti-Malware (v1.32) and save it to your desktop.alternate download link 1alternate download link 2If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click... Read more

Read other 25 answers
RELEVANCY SCORE 54

Hi,

I'm sorry I'm not very good with computers and last year you guys helped me so much. I think I have the same problem again: viruses, malware, etc..

My system info:

Microsoft Windows XP
Version 2002
Service pack 2
Intel Celeron 2.13GHz
768 MB RAM

Hijackthis scan results:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:20:58 PM, on 9/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files... Read more

A:Scan results for Hijackthis/panda scan please help thank you

Hello,

I am concerned about the trojan viruses that I got from Limewire. I have since removed this unsafe program from my computer but would like help in getting my computer to be clean again.

Below is the updated hijackthis and panda scans of my computer.

Thank you for your time,

Danna


My system info:

Microsoft Windows XP
Version 2002
Service pack 2
Intel Celeron 2.13GHz
768 MB RAM


Panda Scan Results:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-10-20 16:45:43
PROTECTIONS: 1
MALWARE: 5
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Zone Alarm Security Suite 7.0.483.000 No No
;===================================================================================================================================================================================
MALWARE
Id Description Type ... Read more

Read other 10 answers
RELEVANCY SCORE 49.6

Here is the report and what I did:

2012-03-28 07:45:57, Info CSI 0000019e [SR] Cannot repair member file [l:24{12}]"nvlddmkm.sys" of nv_lh.inf, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, file is missing
2012-03-28 07:45:58, Info CSI 0000019f [SR] Cannot repair member file [l:24{12}]"nvlddmkm.sys" of nv_lh.inf, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, file is missing
2012-03-28 07:45:58, Info CSI 000001a0 [SR] This component was referenced by [l:178{89}]"Microsoft-Windows-Client-Drivers-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.INF_nv_lh"

Now, I tried restoring the file in the WinSXS folder from the correct Ultimate image in the W7 image. I basically put the file back.
I also took ownership and permissions of the folder so that I can overwrite the files.
In the image, the version 6.1.7600.16385 does not exist.

In my attempt to resolve the nvlddmkm error, I deleted (stupidddd!) all nvlddmkm.sys files in the system, and left only the actual one made by the actual driver.

Now, my system i... Read more

A:How to repair a file that is reported in the SFC /SCANNOW

As a future reference, the nvlddmkm.sys files are the Nvidia graphics drivers files that are initially stored in the Windows local driver repository that comes when you install Windows. These are not crucial kernel files for Windows, and you can easily find an update of them by going to the Nvidia or any appropriate website and downloading and installing an update of the drivers. Better yet, it's recommended you do so, since the local driver cache for Windows is old.

Read other 4 answers
RELEVANCY SCORE 49.6

Running xp pro sp1 NTFS. I use an external usb2 box and in that box i have a maxtor 200 gig hard drive. I use this for archives. I put files into one large folder until its around 4.5 gigs. Then i burn a copy of that as well so i have a copy on dvd and a copy on this hard drive.
All is well except that the folder reports around 2 to 3 gigs when it should be around 4 to 4.5 gigs. But when i go inside the folder and use edit\select all, right click and go to properties, then the true size is properly listed as i mentioned above, around 4.5 gigs, give or take a few hundred mbs.
The usb 2.0 box is about a year old, so i dont think its the technology inside the box doing this, and its also a name brand, "Ads". I believe its the os doing this so, after a search failed, i am posting in win xp, but i have no proof that its an os problem and my expertise ends right about here, so if anyone can help me out with fixing this or explain why this cant be fixed, i would appreciate it.

Thanks

And merry whatever holiday is coming up for you. For me, its xmas.

A:Wrong file size reported in win xp

Am I reading this correctly? If the USB drive is drive E: ...

right-click/properties on e:\folder results in 2.0GB or so

open e:\folder, select all, right-click properties results in 4.5GB or so

?

Read other 2 answers
RELEVANCY SCORE 49.2

Things slowed to a crawl and SSL websites wouldn't open so I went through 4 System Restores unitl I was actually granted a successful one! Afterwards, I could see Bitdefender running in Task Manager but no icon in the systray and couldn't open the program. I tried uninstalling, but it would uninstall. So when I went to look for an uninstaller from their website, I discovered Chrome was no longer working. Next I ran sfc /scannow and it reported errors in a CBS log that I can't decypher. Can someone please help? I have attached the CBS log. Nothing came up on malware scans. Many Thanks!

A:Win 8.1 restored but errors reported on Sys File Checker?

Execute following command:

Dism /online  /cleanup-image  /restorehealth
When this command finish executing, execute Sfc /Scannow command to make sure corrupted system files are repaired.

Read other 8 answers
RELEVANCY SCORE 48.8

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Judy\Cookies\[email protected][1].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Judy\Cookies\[email protected][1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Judy\Cookies\[email protected][2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Judy\Cookies\[email protected][2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Judy\Cookies\[email protected][2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Judy\Cookies\[email protected][1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Judy\Cookies\[email protected][1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Judy\Cookies\[email protected][2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes ... Read more

A:Scan Results

Hello, JudyCarter
Welcome to TSF

My name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)
Please give me some time to look over your computer's log(s).
Please take note of the following:In the meantime, please refrain from making any changes to your computer.
Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. :)
If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
Finally, please reply using the button in the lower left hand corner of your screen.
Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave, and if there is no contact for that amount of time I will have to assume you have "vanished" .
We need to run a Scan with DDSPlease download DDS, and save it to your desktop, from one of the following mirrors:This is a mirror
This is another mirror

Disable any type of "Script Blockers" or "Script Protection" installed on yo... Read more

Read other 2 answers
RELEVANCY SCORE 48.8

I just installed PSI 2.0 and started updating according to it's scan results, but I ran into two snags. Firstly, there were several .NET updates called for, but when I updated Imgburn, all of those .NET listing disappeared, and now show as being patched. I'm guessing that Imgburn must have done this, but is that correct?

Secondly, there is a listing for Aurigma Image Uploader, but I have never heard of it before, and it is not listed in Programs And Features. The only program that I do have installed that is for working with photos, is Nero Photo Express. Is Aurigma associated with it?

When I went to the Aurigma website to see about updating, the only things that I found were paid programs, which I'm not inclined to pop for. I would simply uninstall Aurigma, if it were listed as such in Programs And Features, but as I said, it is not. I would simply ignore it, except that PSI lists it as a security vulnerability, so how do I determine what is what?

A:PSI Scan Results

Hi,
I don't think Imgburn have done that.
What is the path for Aurigma Image Uploader? You can find it under "Scan Results > dubble click on Aurigma Image Uploader. Tell me what is the version of "Aurigma Image Uploader" and what is the path of the file.

Read other 7 answers
RELEVANCY SCORE 48.8

HiI would appreciate help with this. i recently ran a scan on my second deck top pc using A-SQUARED Free. The reults showed up an infection Virus.Win32.Virut.q!IT . I have quarantined this item along with eleven other traces that were found during the scan. Please see Log below. Can I remove this Virus.Win32.Virut.q!IT infection from my pc by simply deleting it or is there some other proceedure I need to follow to completely remove it. Also, can I delete the other eleven traces without causing problems ? The operating system on this pc is Windows XP Pro SP3.Thank you NONICa-squared free v. 4.0.0.46© 2003-2009 Emsi Software GmbH - www.emsisoft.comID Object0 c:\windows\system32\cgziplibrary.dll Trace.File.Max Net Shield!A21 Value: HKEY_CLASSES_ROOT\CLSID\{293364BA-43F8-11D3-BC2D-4000000A2806}\InprocServer32 --> ThreadingModel Trace.Registry.Max Net Shield!A22 Value: HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-1010\Software\VB and VBA Program Settings\Registry Patrol\Version --> Application Trace.Registry.RegistryPatrol3.0!A23 Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{293364BA-43F8-11D3-BC2D-4000000A2806}\InprocServer32 --> ThreadingModel Trace.Registry.Max Net Shield!A24 Value: HKEY_USERS\S-1-5-21-1708537768-1284227242-725345543-1010\Software\VB and VBA Program Settings\Registry Patrol\LiveUpdate ... Read more

A:What to do with Scan Results

If this is a confirmed infection, be aware that Virut (Virtob) / Virux are polymorphic file infectors with IRCBot functionality which infects .exe, .scr files, downloads more malicious files to your system, and opens a back door that compromises your computer. Virux is an even more complex file infector which also infects script files (.php, .asp, and .html). When Virut creates infected files, it also creates non-functional files that are corrupted beyond repair. In many cases the infected files cannot be disinfected properly by your anti-virus. When disinfection is attempted, the files become corrupted and the system may become irreparable.The virus has a number of bugs in its code, and as a result it may misinfect a proportion of executable files....some W32/Virut.h infections are corrupted beyond repair.McAfee Risk Assessment and Overview of W32/Virutmiekiemoes' Blog on Virut.Virut and other File infectors - Throwing in the Towel?This kind of infection is contracted and spread by visiting remote, crack and keygen sites. These type of sites are infested with a sm?rg?sbord of malware and an increasing source of system infection. However, the CA Security Advisor Research Blog says they have found MySpace user pages carrying the malicious Virut URL. Either way you can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS....warez and ... Read more

Read other 5 answers
RELEVANCY SCORE 48.8

Logfile of HijackThis v1.99.1
Scan saved at 7:21:55 PM, on 10/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\VideoKeyCodec\isamonitor.exe
C:\Program Files\VideoKeyCodec\pmsngr.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\VideoKeyCodec\pmmon.exe
C:\Program Files\VideoKeyCodec\isamini.exe
C:\Program Files\SystemDoctor 2006 Free\startmon.exe
C:\Program Files\SystemDoctor 2006 Free\USDR6cw.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com... Read more

A:these are my scan results can i please get help

Hi and welcome

I have split your post off into your own thread. In the future if you have a Question/Problem please start a "New Thread".
It gets too confusing trying to address two different people's problem in the same thread and you may get overlooked.

Please continue in this thread.

Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm
 

Read other 1 answers
RELEVANCY SCORE 48.8

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-04-16 04:16:16
PROTECTIONS: 1
MALWARE: 38
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG 7.5.516 7.5.516 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
00139060 Co... Read more

Read other answers
RELEVANCY SCORE 48.8

    I started cmd. Proceeded with >sfc /scannow.  The results:  "Windows resource protection found corrupt files, but was unable to fix some of them.... Details in C:\Windows\Logs\CBS\CBS.Log.  It also added, Not that logging
 ids currently not supported in offline scenerios.
    My questions are 1. Will the address listed above, as details, fix the files that Windows Resource Protection was unable to fix..... Well I mean to say, fix?
    Qeustion #2 What is all this added stuff and how do I get logging supported in offline service scenerios?
   Thank you so much for your time and info.
     

Read other answers
RELEVANCY SCORE 48.8

I have attached the files as asked. I was told I have a
SYN Flood Virus
 Bleeping Computer log.txt   15.51KB
  4 downloads

A:Results from Scan

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for postin... Read more

Read other 2 answers
RELEVANCY SCORE 48.8

I have been having problems with Internet Explorer and AIM. They do not respond when opened. The Internet Explorer error says 'hungapp' and the AIM error says 'wininet.dll'. I downloaded a program called PC Rescue that is supposed to dix dll errors but it only fixed the problem temporarily. I ran a scan through Hijack This and here are the results. If someone has any idea which ones are bad, please let me know.

Logfile of HijackThis v1.99.1
Scan saved at 1:08:51 PM, on 11/19/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator.CARON\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ... Read more

A:scan results

Hello ren4207,

Please print out or copy this page to Notepad since you will not have any of browsers open while you are fixing this. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.

Download, install & launch - Webroot SpySweeper (Trial) (8.3 MB)
When SpySweeper starts, please accept any prompts to update definitions. Exit the program after you have updated.

Before we begin, let's move HiJackThis to it's own folder; like c:\HJT. When we're done 'cleaning' off your system, we're going to 'flush' the temporary folders which, with HiJackThis in it's current location, we'll lose both the program and the backups it creates. These backups are important in case we need to restore any 'fixed' entry(s) later. To do this:

Click My Computer, then C:\
Right click in the right-hand panel.
In the menu that opens, click New>Folder.
That will create a folder named New Folder.
Rename it"HJT"

---------------------------

Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading:
* select Show hidden files and folders.
* Uncheck Hide protected operating system files (recommended) option.
* Click Yes to confirm and then click OK.

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep... Read more

Read other 19 answers
RELEVANCY SCORE 48.8

Mod Edit:  Split from  http://www.bleepingcomputer.com/forums/t/272337/false-positives-in-antivirus-programs - Hamluis.
 
Thanks for the advice!
 

Hitman Pro shows svchost as a suspicious program, but it is codesigned by Microsoft. It is considered "suspicious" because it runs at startup, and most programs can not detect them. It is a false positive. (It started showing svchost when I upgraded to Windows 10)
 
There are many Microsoft processes that are often false positives, yet one must be aware that Malware can disguise itself as such processes. It's best to go to the process folder & check it with VirusTotal. 
 
https://www.virustotal.com/en/documentation/desktop-applications/virustotal-uploader
 
You may also install System Explorer & when it installs, will offer to run a default scan, you should run it, the results will show in your default browser (if you're running Firefox with the NoScript add-on, be sure to allow the page). It's often referred to as a Task Manager on steroids because it shows a lot more detail. Just click the Download tab for the latest version, and be sure to select the installer (top link). Runs on Windows 2000 through Windows 10. 
 
http://systemexplorer.net/
 
When you run a scan with System Explorer, there's a link to the right of each file, that you can check with VirusTotal & when closing, it'll show in the notification area, one can monitor some items with this... Read more

A:Scan Results

You may wish to download the Emsisoft Emergency Kit & run a Custom scan. This software will sniff out things that AV software & some AM software misses. 
 
https://www.emsisoft.com/en/software/eek/
 
For your convenience, you can download & install this to a folder in a USB Flash drive, that way you have it to scan other computers with. After the software downloads, extract to a folder of your choice (if a USB drive), the default is fine if not, it's great to have to perform a monthly maintenance scan with. I extract it in my Documents, to a folder called EEK, that way I can update it & copy to Flash drive if someone's computer needs a scan. 
 
Once extracted & installed, click onto the shortcut provided, and it starts the process by updating, once updated, you have your choice of scan. The Malware scan is shorter in time, the Custom is a deep scan. if selecting it, make sure to include all drives. What you can do is run the Malware scan & see what turns up in the places where Malware often resides, then the Custom one. This can take a few hours on a drive (or more) with a lot of data. Regardless, if the Malware (about 10 minute) scan turns up anything, then surely you want to run the Custom (formerly known as the Deep scan) afterwards. Quarantine any threats found & follow any instructions given, usually a reboot, after either scan. 
 
Cat

Read other 5 answers
RELEVANCY SCORE 48.8

Have you received the log contining the scan results from hijackthis? Im so anxious about fixing all the problems, but I'll do as you suggested and wait for an answer. I hope it'll be soon
 

A:Scan results

they are all bogged down with high jack logs hun.
 

Read other 2 answers
RELEVANCY SCORE 48.8

DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16561Run by Ian at 13:10:16 on 2014-07-15Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.1012.116 [GMT -4:00].AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\SLsvc.exeC:\Program Files\Alwil Software\Avast5\AvastSvc.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Motorola\MotoHelper\MotoHelperService.exeC:\Windows\system32\PSIService.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\DRIVERS\xaudio.exeC:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\schtasks.exeC:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\RtHDVCpl.exeC:\hp\support\hpsysdrv.exeC:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exeC:\Windo... Read more

A:DDS scan results

I guess I forgot to put the issues I'm having in the topic or description : \
After running several tests and reports I'm still having slow, lagging and crashing issues. Oftentimes it's a Flash problem or the webpage will crash.
I initially saw a result from avast! that said "Spigot Search Protection" was installed and should be removed. I've attempted to remove it but after restarting it would appear again. There's been no sign of it since, but as I said, still slow.. still lagging.. still crashing.
Thank you for the help!

Read other 15 answers
RELEVANCY SCORE 48.8

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:55:40 AM, on 12/17/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\TGTSoft\StyleXP\StyleXPService.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Google\Google Talk\googletalk.exeC:\Program Files\A4Tech\Mouse\Amoumain.exeC:\WINDOWS\VM303_STI.EXEC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\Program Files\Common Files\ACD Systems\EN\DevDetect.exeC:\WINDOWS\system32\wuauclt.exeC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\Program Files\gAlwaysIdle\gidle.exeC:\Program File... Read more

A:Scan Results Of Pc

Hello and welcome to BC.I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.When posting your logs please post them directly into the reply. Do not attach them.Thank you for your patience.

Read other 2 answers
RELEVANCY SCORE 48.8

Logfile of HijackThis v1.99.1
Scan saved at 3:27:32 PM, on 4/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\GWMDMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINNT\System32\hkcmd.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb06.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINNT\SM1BG.EXE
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM\aim.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Cl... Read more

A:Results of HJT scan

This should go in your oringal thread. Keeps the forum tidy, and helps the person assisting you organise their work.

Please post this log in your original thread... And a mod will come and close and rmeove this thread.

Thank you.

Read other 1 answers
RELEVANCY SCORE 48.8

panda scan results:
Incident Status Location

Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Spywa... Read more

A:scan results

bump.

Read other 7 answers
RELEVANCY SCORE 48.8

Hi Nic,
These are the results of my scan;

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-06-27 12:59:43
PROTECTIONS: 1
MALWARE: 15
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG Anti-Virus Free 8.0 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\ravi... Read more

A:My Scan results

Hi GeekGirl,
The main problems are the computer has slowed drastically and the following keep popping up:

fp.gad-network.com-last softwares-microsoft internet explorer
fp.pc-on-internet.com-windows security centre-microsoft internet explorer
Other adware through Microsoft internet explorer
I used to, and still sometimes do, get pop-ups from the e-group, and Crazygirls. The computer has come to a blue screen saying it had to close to prevent damage and beginning dump of physical memory or something.....this happened 4 times in the past but not recently.

I had done a disc cleanup and defrag a few days back too...still very little change. Thats all the additional info I can give you at the moment.........

Read other 1 answers
RELEVANCY SCORE 48.8

i am new here and here is my log. this **** sad. aparently what i have is Troj/Rustok-N. im almost a total nub. but i am willing to fully pay back anyone that helps me...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:25:59 PM, on 2/22/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\AIM6\aim6.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Windows.old\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Vuze\Azureus.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwli... Read more

A:My scan results! HELP ME PLEASE! :'(

did a few system changes and redid the log. someone please help.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:07:19 AM, on 2/26/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\AIM6\aim6.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Windows.old\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Vuze\Azureus.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\PROGRA~1... Read more

Read other 3 answers
RELEVANCY SCORE 48.8

for some reason i never get any replies to my questions anymore
i hope someone can help with this issue

i ran the TDS scan and it found NTFS alternate data stream ADS hidden stream detected

anyone know what this means?
 

Read other answers
RELEVANCY SCORE 48.8

hello,
so i was scanning my PC today because i downloaded a virus a few months ago so i need to run my PC in safe mode but mcafee cannot delete all the viruses but i felt like checking it 1 more time and i got these results.....
12/4/2008 4:46:10 PM Scan Started: 12/04/2008 04:46:10 PM
12/8/2008 7:53:24 PM Scan Started: 12/08/2008 07:53:24 PM
12/8/2008 7:57:05 PM "C:\DOCUMENTS AND SETTINGS\TAY\LOCAL SETTINGS\TEMP\.TT3.TMP.VBS" "VBS/FakeAlert-AB" "5"
12/8/2008 7:57:06 PM "C:\Documents and Settings\Tay\Local Settings\Temp\.tt3.tmp.vbs" "VBS/FakeAlert-AB" "5"
12/8/2008 9:42:03 PM "C:\WINDOWS\SYSTEM32\BLPHCRSPJ0E949.SCR" "Generic Downloader.x" "5"
12/8/2008 9:42:03 PM "C:\WINDOWS\system32\blphcrspj0e949.scr" "Generic Downloader.x" "5"
12/8/2008 9:43:40 PM "C:\WINDOWS\system32\phcrspj0e949.bmp" "Fakealert!bmp" "5"
12/8/2008 9:52:57 PM Total objects scanned: 101035
12/8/2008 9:52:57 PM Objects detected: 3
12/8/2008 9:52:57 PM Scan Done: 12/08/2008 09:52:57 PM
12/14/2008 8:41:32 PM Scan Started: 12/14/2008 08:41:32 PM
12/14/2008 8:43:40 PM "HKCR\interface\{95b92d92-8b7d-4a19-a3f1-43113b4dbcaf}" "Adware-CWS" "14"
12/14/2008 8:47:47 PM Total objects scanned: 24116
12/14/2008 8:47:47 PM Objects detected: 1
12/14/2008 8:47:47 PM Scan Done: 12/14/2008 08:47:47 PM
12/14/2008 8:49:24 PM Scan Started: 12/14/2008... Read more

A:My Scan results!!!!!

lol oh and the 12/8/2008 9:43:40 PM "C:\WINDOWS\system32\phcrspj0e949.bmp" "Fakealert!bmp" "5" makes me have a background that says WARNIG YOUR COMPUTER IS IN DANGER (looks like a scanning software) so i edited =)
 

Read other 3 answers
RELEVANCY SCORE 48

I have windows XP installed on a ASUS laptop
I was starting a game ( call of duty 2) when it suddenly stopped... I've tryed to terminate it with the task manager but than the whole computer became blocked.
Then I decided ( after waiting 3 minuts , but nothing changed) to force shutdown with the button.
As usual , when I restarted the laptop, The scan disk screen appeard , and I let it to scan the disk...
The first part was OK
But in the second
( I'll try to translate what the computer sayd, because I'm italian , not english)
Elimination of a voice from the index $0 of the file 18352
Elimination of a voice from the index $0 of the file 18352
Elimination of a voice from the index $0 of the file 18352
Creating of a index's voice of the index $0 of the file 18352

Then the scan disk finished very fast , and I coldn't read anymore ...
I waited windows to load and then I turned it off ( but in the normal mode ) because I was afraid to lose data.

1) By what I've said you , Have I lost some files?
2) Could you know how much files I've lost?
3) how can I take the scan disk's report screen to Windows? ( to examinate it and to let you to eximinate it)

Thanks you for helping; if you need more informations , tell me.
 

A:Scan disk results

Now it's too late.
I close the thread, from this moment I won't look if someone has answered my question. Then don't waste time to answer.
 

Read other 2 answers
RELEVANCY SCORE 48

Hello!

I would be very grateful to receive an expert analysis of my HiJackThis scan report. I downloaded HiJackThis and SpyBot to remove Second Thought and myPCsearch.exe from my computer both of which mysteriously appeared on my computer last weekend.

Using those programs helped me get rid of those applications. Now, however, when I launch Internet Explorer a second window usually opens simultaneously. Usually it's pointing to zestyfind.com but other times it's one of several questionable downloadable PC analysis software offers.

Here is the report. Thanks in advance for your assistance!

Doug

Logfile of HijackThis v1.97.7
Scan saved at 4:32:10 PM, on 5/9/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\S3apphk.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Common Fil... Read more

A:HiJackThis Scan Results

Hi and welcome. I'm going to move you to security for better assistance.
 

Read other 1 answers
RELEVANCY SCORE 48

I'm having trouble zipped/archived the attach.txt, ark.txt, how? i followed the directions on this http://www.techsupportforum.com/f50/...lp-305963.html when i put my mouse over *send to* what do i click next? i click compressed (zipped) folder but the icon that would appear is a brown folder named attach, inside it has those 2 files. what should i do?

A:help trying to zip/archived scan results

*bump* help please

Read other 3 answers
RELEVANCY SCORE 48

WDC WD10S21X-24R1BT0-SSHD-8GB - 931.51 GBs , smart status test failed, final result code:W1QXNCAL8-NXLHWBFailedSaturday, September 17, 2016 9:38:54 PMHardware scan has detected one or more failures.Reference the error code below when contacting Lenovo support at http://www.lenovo.com/eticketDate run: 9/17/2016 9:38 PMDevice: WDC WD10S21X-24R1BT0-SSHD-8GB - 931.51 GBsProcessor can anyone help on this? Thank You.

Read other answers
RELEVANCY SCORE 48

Just scanned my computer today and received warnings that did not appear when i scanned the day before. I am personally not very keen with computers and i was wondering if it was possible that someone on these forums could help me decipher this foreign language and tell me what to do.
 
Thanks
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.11.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
ptbradley :: PTBRADLEY-HP [administrator]
 
1/11/2014 10:38:55 PM
MBAM-log-2014-01-11 (23-06-47).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218246
Time elapsed: 9 minute(s), 46 second(s)
 
Memory Processes Detected: 1
C:\Users\ptbradley\AppData\Roaming\Search Protection\SearchProtection.exe (PUP.Optional.SearchProtection.A) -> 3816 -> No action taken.
 
Memory Modules Detected: 1
C:\Users\ptbradley\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> No action taken.
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SearchProtection (PUP.Optional.SearchProtection.A) -> Data: "C:\Users\ptbradley\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\Cur... Read more

A:Scan results confuse me

Greetings and welcome to BleepingComputer.Those entries are of no real concern and you can safely have Malwarebytes remove them. They are not virus related but rather are more of an annoyance you and your computer can do without. PUP stands for Potentially Unwanted Program. Often times these are programs that are bundled with legitimate downloads and are automatically installed on your computer unless you opt out. Many times you will not even notice the opt out section.Does this make sense?

Read other 4 answers
RELEVANCY SCORE 48

Deckard's System Scanner v20071014.68
Run by Josh on 2008-01-31 01:21:32
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
13: 2008-01-30 02:32:00 UTC - RP85 - Removed Vongo.
12: 2008-01-30 00:25:42 UTC - RP84 - Windows Update
11: 2008-01-29 10:42:34 UTC - RP83 - Scheduled Checkpoint
10: 2008-01-28 08:56:30 UTC - RP82 - Windows Update
9: 2008-01-28 03:47:21 UTC - RP81 - Installed .


-- First Restore Point --
1: 2008-01-22 13:41:09 UTC - RP72 - Scheduled Checkpoint


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 80% (more than 75%).
Total Physical Memory: 1014 MiB (1024 MiB recommended).


-- HijackThis (run as Josh.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:24:44 AM, on 1/31/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless ... Read more

Read other answers
RELEVANCY SCORE 48

Hi guys,
My housemate was complaining about how bad his laptop was running so I took a look and found tons of badness lurking on his machine. I ran Superantispyware and Malwarebytes which found and removed so many horrible things. I removed AVG (I think) and installed Avast and in general, things seem a whole lot better.
My experience is very good from a beginners perspective but I am by no means sure that this laptop is now free of all the badies. I stuggled to get rid of safesearch.net but got there in the end and decided I could maybe do a hijackthis scan and ask one of you kind souls to have a quick look to see if theres anything else that can go, maybe even give me a score out of 10 for my efforts.
Thanks in advance for your help.
Here is the HJT log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:18:16, on 22/02/2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16533)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Mic... Read more

A:Hijackthis scan results

Looks pretty good - Let's just do this too....

Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted
NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:

You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.

 

Read other 3 answers
RELEVANCY SCORE 48

I took advantage of a free system scan offered by Stopsign today. The scan results reveals the usual tracking cookies (I'm guessing Ad-Aware will take care of those) however, it also said that I was infected with a trojan called Isbar.191 and that it was located within C:\Windows\Downloaded Program Files\YSBactivex.dll I spoke with an online Tech at McAfee - he said that it represented "no threat". I did a search at Trend-Micro, no results for Isbar.191 My question is: Does Isbar.191 represent a threat, and if so, why is there no information about it at 2 of the 3 major AV internet sites? Or, could this be a marketing ploy by Stopsign to gain customers? My os is Win 98SE.
 

A:Stopsign Scan Results

Welcome to TSG

eAcceleration's Stop-Sign anti-malware scanner primarily because of the company's history of employing deceptive advertising and drive-by-downloads (1, 2, 3, 4). The company was also known for removing and/or disabling competing apps. These objectionable business practices were employed primarily during the years 2002-2003.

Sometime during 2004 the company underwent reorganization. Not only have the worst of the company's download and installation practices been halted, but the company has completely overhauled its stub installer application, giving users much more control over the software modules to be installed on their systems (1, 2).

While testing indicates that the "threat scanner" is still slow and has occasional problems with false positives -- in large part because of the use of heuristics, which cannot be turned off by the user -- we can no longer classify this application as "rogue/suspect." Nonetheless, this anti-malware application -- at least in its current state -- cannot be recommended, given the many excellent competing anti-virus, anti-trojan, and anti-spyware applications that are available (some for free).

Go to http://www.thespykiller.co.uk/downloads.htm and download 'Hijack This!'.

First make a folder on your computer in my documents called Hijackthis and then Unzip it to that folder.
Then doubleclick the Hijackthis.exe.

Click the "Scan" button, when the scan is finished the sca... Read more

Read other 3 answers