Over 1 million tech questions and answers.

Dangerous Error! Attention (users Name) Some Dangerous Viruses Detected In Your System. Microsoft Windows Xp Files Corrupted.

Q: Dangerous Error! Attention (users Name) Some Dangerous Viruses Detected In Your System. Microsoft Windows Xp Files Corrupted.

DANGEROUS ERROR! Attention (users name) Some dangerous viruses detected in your system. Microsoft Windows XP files corrupted.This may lead to the destruction of important files in C:\WindowsDownload Protection Software now!Click OK to download the antispyware (Recommended)Yes / NoClicking either brings me to a website, with this message popping up again. Clicking no seems to produce another tab and another message, while yes brings me to another website without a popup. I get this message when I move around (ie go between folders) in My Computer.Scanned with TrendMicro (normal antivirus), found nothing. Trend was updated.I can't scan using online scanners I cannot access the internet without being shifted to the websites they want me to download from.My home page is still the same, on internet options, just that they keep intercepting me. Trusted Sites are empty. I have been downloading several anti viruses and shifting them over on a thumbdrive. (Thus, Step 5 in the preparation guide has been skipped, but I have Stinger, and Step 4)My HJ logs are Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:26:04 AM, on 9/6/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16705)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\system32\nvsvc32.exeC:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exeC:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exeC:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exeC:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exeC:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exeC:\WINDOWS\system32\ctfmon.exeC:\PROGRA~1\TRENDM~1\INTERN~2\PccGuide.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\WINDOWS\system32\WF2K.EXEC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exeC:\Program Files\DAEMON Tools Lite\daemon.exeC:\Program Files\Veoh Networks\Veoh\VeohClient.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\system32\taskmgr.exeC:\Program Files\Java\jre1.6.0_05\bin\jucheck.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exeC:\WINDOWS\explorer.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: AFS plugin - {8EF40C36-293F-4749-8EA0-94FB3AD83FA1} - C:\WINDOWS\system32\lpax32i.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.5470\swg.dllO3 - Toolbar: &Hans TTS - {4647E382-520B-11D2-A0D0-004033D0645D} - C:\Program Files\Creative\HansVision\HansTools\HansTTS\plugin\mybands.dllO3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dllO3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dllO4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startupO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [SkyTel] SkyTel.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [WinFoxV2] C:\WINDOWS\system32\WF2K.EXE InitialO4 - HKLM\..\Run: [WinFast2KLoadDefault] rundll32.exe C:\WINDOWS\system32\wf2kcpl.dll,DllLoadDefaultSettingsO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNCO4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorunO4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHideO4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXEO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)O15 - ESC Trusted Zone: http://*.update.microsoft.comO16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cabO16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cabO16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-SG/a-UNO1/GAME_UNO1.cabO16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cabO16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exeO17 - HKLM\System\CCS\Services\Tcpip\..\{5938A3AD-1488-4948-8819-3EA452FE33AD}: NameServer = 165.21.100.88,208.67.222.222O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLLO23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exeO23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exeO23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exeO23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exeO23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exeO23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe--End of file - 9123 bytesStep 4 found me certain things which I have deleted but it does'nt seem to have affected anything. I suspect the malware came from a downloaded installer which I clicked run instead of install.(All this is done on a fellow computer. Could the malware spread on the router or through my thumbdrive? )

RELEVANCY SCORE 200
Preferred Solution: Dangerous Error! Attention (users Name) Some Dangerous Viruses Detected In Your System. Microsoft Windows Xp Files Corrupted.

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Dangerous Error! Attention (users Name) Some Dangerous Viruses Detected In Your System. Microsoft Windows Xp Files Corrupted.

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please reply to this topic stating that you still need help and I will work with you on resolving your computer problems. If your problem has been resolved, please post a reply letting us know so we can close your topic.

Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, feel free to create a new one.

Once again, I apologize for the delay in responding to this topic.

Read other 1 answers
RELEVANCY SCORE 200

Good afternoon (from my point of view) - again!I have already used this forum when I messed up some HW stuff. And have been very grateful for your help. Now, it seems to be some malware...It's been only 2 days since I started the martyrdom of downgrading my HP Pavilion dv6560ec to Win xp. I've been downloading and installing the necessary drivers, as the HP doesn't support XP on the machines, as I learned later.Now, being almost done, I got this warning everytime I wanted to open IE 6.0.2900 (have SP3):CRITICAL ERROR! Attention (users name) Some dangerous viruses detected in your system. Microsoft Windows XP files corrupted.This may lead to the destruction of important files in C:WindowsDownload Protection Software now!Click OK to download the antispyware (Recommended)......... ........: YES: : NO :::::::: :::::::In the window, where my homepage is supposed to display, a note that it is redirecting me to another page appears. When I press "No". Then the IE shuts down and a note about some error displays prompting me to send it to the MS.I did the following:- ran Norton Internet Security (2007.2, updated the day before yesterday) full scan of the C: drive (as there are only 4 files on the other partition yet - haven't installed almost any sw yet) - nothing problematic detected. - updated and ran a free ad-ware application - this found 71 or so tracking cookies and deleted them, one file in quarantine.- before any installations of any drivers, I installed ... Read more

A:Critical Error! Some Dangerous Viruses Detected In Your System. Microsoft Windows Xp Files Corrupted.

Hello and Welcome to the forums! My name is Carolyn and I'll be glad to help you with your computer problems. HijackThis logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that it happens. Please do not run any other tool untill instructed to do so!Please reply to this thread, do not start another!Please tell me about any problems that have occurred during the fix.Please tell me of any other symptoms you may be having as these can help also.Please try as much as possible not to run anything while executing a fix. If you follow these instructions, everything should go smoothly. I am sorry that we were unable to reply to your post sooner. The forums have been very busy. If you are still in need of assistance, please scan again with HijackThis and post a fresh log. Also, please make an uninstall list using HijackThis To access the Uninstall Manager you would do the following: 1. Start HijackThis 2. Click on the Config button 3. Click on the Misc Tools button 4. Click on the Open Uninstall Manager button. 5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here in your next reply.Post the fresh HijackThis log and the uninstall list in the bo... Read more

Read other 2 answers
RELEVANCY SCORE 171.6

Please help me, I Found this website on google.com after a Popup with the title Critical error! keeps on popping up everytime i access my C: drive and internet explorer. The popup reads:

Attention, ! Some dangerous viruss detected in your system. Microsoft Windows XP files corrupted. This may lead to the destruction of important files in C:\WINDOWS. Download protection software now! Click OK to download the antispyware. (Recommended) and i have an option of clicking yes to download the software and no which opens up an internet explorer page to software's website which will try to convince me to download the software.

I have read some posts on this forums with the same problems and have done the 5 steps on the "5 Steps before posting a log" thread. I have attatched the Panda Activescan log as well as copied and pasted it below but i could not attach the Hijackthis log as the attach page says it is an invalid file and so, i just copied and pasted it below. Any help will be appreciated. I will try to check this thread for replies whenever i can. Thanks!

Activescan log attachment:ActiveScan.txt



Activescan log:
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-08-14 20:52:01
PROTECTIONS: 1
MALWARE: 39
SUSPECTS: 7
;*****************************************************************************************... Read more

A:Help pls. Popup: Critical Error! Attention, ! Dangerous viruses detected in system...

BUMP, please

Read other 1 answers
RELEVANCY SCORE 164.4

Attention,(me)! Some dangerous viruses detected in your system. mICROSOFT wINDOWS XP files corrupted. ect.

Click ok to download the antispyware, (recomended)

This keeps popping up on explorer and redirects me to blank pages and to other sites... How do i get rid of this?

I downloaded a stupid .exe file and everything started from then.
i ran mbam this is my log

Malwarebytes' Anti-Malware 1.30
Database version: 1452
Windows 5.1.2600 Service Pack 2

12/2/2008 9:50:16 PM
mbam-log-2008-12-02 (21-50-16).txt

Scan type: Quick Scan
Objects scanned: 57067
Time elapsed: 6 minute(s), 47 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 167
Registry Values Infected: 11
Registry Data Items Infected: 0
Folders Infected: 19
Files Infected: 109

Memory Processes Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.

Memory Modules Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarant... Read more

A:Attention,(me)! Some dangerous viruses detected in your system. HELP!

Oh my, certainly a lot going onPlease reboot your computer and update Malwarebytes. This time do a FULL scan and post the new log here

Read other 3 answers
RELEVANCY SCORE 161.2

Help me please!
There is a virus in my system, whenever i open a folser it comes up with a message:

Attention! [NAME] Some dangerous viruses detected in your system. Microsoft Windows Xp Files corrupted. This may lead to the destruction of C:\WINDOWS. Download protection software now!

Click OK to download the antispyware (recommended).


It then has YES and NO.

I click NO but it takes me to hxxp://www.free-viruscan.com/id/4912933/4/1/

Luckily the site has been taken down for forgery.

Anyway, i really need help getting rid of this thing!
Here is my HiJackThis log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:17:52 AM, on 6/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
... Read more

A:Attention! [name] dangerous viruses detected in your system - Virus in explorer

Hello and welcome to TSF

==========
Download RSIT by random/random and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

============
Logs Required
log.txt
info.txt

If there is no response to this post within 72hrs, this thread will be closed.

Read other 2 answers
RELEVANCY SCORE 148.8

Every time I go to open my document folders I get the message: Attention, (name)! Some dangerous trojan horses detected in your system. Microsoft Windows XP files corrupted. This may lead to the destruction of important files in C:\WINDOWS. Download protection software now!
Click OK to download the antispyware. (Recommended)

Once I click NO, I'm lead to this site: http://fast-viruscanner.com/id/4912933/4/1/

How can I get rid of this bug??

My HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:49:56 PM, on 15/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Z... Read more

A:HELP! Error message: Attention! Some dangerous trojan horses detected in your system.

Please visit this webpage for instructions on installing recovery console and downloading/running ComboFix.

Post the log from ComboFix along with a new HijackThis log.
 

Read other 1 answers
RELEVANCY SCORE 146

I couldn't find a thread with this issue actually fixed, they were all just closed. Here are my logs, thanks in advance!!

Logfile of random's system information tool 1.04 (written by random/random)
Run by Andrew at 2008-11-07 11:15:30
Microsoft Windows XP Professional Service Pack 3, v.3264
System drive C: has 1 GB (2%) free of 78 GB
Total RAM: 1024 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:15, on 07/11/2008
Platform: Windows XP SP3, v.3264 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.3264)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8... Read more

A:"Attention [name]! Dangerous viruses detected in your system"

Hello phreak214.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

Please copy this page to Notepad and Save it to your Desktop in order to assist you when carrying out the following instructions.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding.
Ensure that there aren't any opened browsers when you are carrying out the procedures below.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

------------------------------------------------------

Your hard drive is almost full. Having too little free space on your hard drive can compromise system performance.


Quote:




System drive C: has 1 GB (2%) free of 78 GB




I suggest you move pictures, music, etc. to an external drive or USB stick if you have one and uninstall any programs that are never or hardly ever used.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me ... Read more

Read other 9 answers
RELEVANCY SCORE 138

Every time I go to open my document folders I get the message: Attention, (name)! Some dangerous trojan horses detected in your system. Microsoft Windows XP files corrupted. This may lead to the destruction of important files in C:\WINDOWS. Download protection software now!
Click OK to download the antispyware. (Recommended)

Once I click NO, I'm lead to this site: http://fast-viruscanner.com/id/4912933/4/1/

++++++++++++++++++++++++++++++++++++++++
if you got this error (it success)
go to this web http://www.windowsbbs.com/showthread.php?t=74202
or download Malwarebytes' Anti-Malware (MBAM) from here or here and save the file to your desktop.

lookpom : thailand
 

Read other answers
RELEVANCY SCORE 129.6

System Error: Attention, <NAME>, Some Dangerous Trojan Horses Detected In Your System.

Caught a Trojan Malware virus, leads me to a Anti-Virus scan site that wants my money. I ran a ComboFix log on it, and here's my current log:

ComboFix 08-06-20.4 - Owner 2008-06-29 23:09:56.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.648 [GMT -7:00]
Running from: C:\Documents and Settings\Owner\My Documents\My Received Files\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\smp.bat
C:\WINDOWS\system32\MSINET.oca
.
((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-30 )))))))))))))))))))))))))))))))
.
2008-06-29 17:06 . 2008-06-29 17:06 <DIR> d-------- C:\Games
2008-06-29 17:06 . 2008-06-29 17:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-06-29 17:05 . 2008-06-29 17:05 <DIR> d-------- C:\Program Files\Resources Wizard
2008-06-29 16:43 . 2008-06-29 16:43 26,624 --a------ C:\WINDOWS\system32\xmlview.dll
2008-06-29 16:42 . 2008-06-29 16:42 26,624 --a------ C:\WINDOWS\system32\domview.dll
2008-06-29 16:17 . 2008-06-29 17:28 <DIR> d-------- C:\Program Files\PCHealthCenter
2008-06-29 16:16 . 2008-06-29 16:43 1,682 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-06-29 16:16 . 2008-06-29 16:43 56 -r-hs... Read more

Read other answers
RELEVANCY SCORE 126

i keep getting a pop up, attention, some dangerous trojan horses detected..it is just a pop up i have run virus scans and swept and found nothing, i have downloaded smitfraud, how do i get rid of the pop up?

A:Attention, Some Dangerous Trojan Horses Detected...

Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on Download_mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen, click on the Show Results button t... Read more

Read other 1 answers
RELEVANCY SCORE 124.8

I've already tried...smitfraudfix.exeSpybot S&DA-SquaredAVG Freeand now I've got Windows Firewall turned onBut I still have the same symptoms of the infection, namely, whenever I go into Control Panel, My Computer/Windows Explorer, or Internet Explorer a warning box pops up saying "System error!" "Attention User! Some dangerous trojan horses detected in your system. Microsoft Windows files corrupted. This may lead to the destruction of important files in c:\windows. Download protection software now!""Click OK to download the antispyware. (Recommended)"with two options:OK and CancelEither of those two options, or closing the window with the top right X button, or Alt-F4 all result in the same thing. A new Internet Explorer window opens and goes directly to a page that downloads or updates or does whatever to make this infection worse.I'd be ready to reformat if it weren't for the uncertainty of my backup files. I didn't have any recent backups prior to this infection (stupid me), so I decided to back everything up while infected, of course that means my backups potentially carry the infection.anyway, here' the combofix log:ComboFix 08-07-09.5 - Drew 2008-07-10 16:45:10.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2424 [GMT -5:00]
Running from: C:\Documents and Settings\Drew\Desktop\ComboFix.exe
.

(((((((((((... Read more

A:Infected By *attention User: Some Dangerous Trojans Detected...*

Hi,* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against the following:O2 - BHO: VideoCodec Class - {284AAAD9-FDF9-49A3-93ED-9CAE4AA26805} - C:\WINDOWS\system32\AswBHO.dll* Click on Fix Checked when finished and exit HijackThis.Make sure your Internet Explorer is closed when you click Fix Checked!Let me know if that solved your issue.

Read other 4 answers
RELEVANCY SCORE 108.4

HiI thought PC Tools was suppose to find and eliminate these kind of threats,but it does not i am usingAVG 8 FreePlease help me find and fix this problem manually...When I click on "My Computer" and any other folder this thing pop up twice. "System Error!Your computer was infected by unknown Trojan.It's dangerous for your system (critical files can be lost)!Click OK to download the antispyware program to clean your system! (Recommended)" then it open my internetto:http://spywareadvancedscanner.com/2008/3/_freescan.php?aid=880202Or Click on Cancel which does not cancel but also open my internet to:http://spywareadvancedscanner.com/2008/3/_freescan.php?aid=880202How do I remove it?MY hijack this Log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:08:02 AM, on 7/11/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.20815)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.ex... Read more

A::angry: "system Error! Your Computer Was Infected By Unknown Trojan. It's Dangerous For Your System (critical Files...

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Please download Deckard's System Scanner (DSS) and save to your Desktop.alternate download siteDSS will do the following:Create a new System Restore point in Windows XP and Vista.Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives.Check some important areas of your system and produce a report for an analyst to review.Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes.You must be logged onto an account with administrator privileges when using.Close all applications and windows.Double-click on dss.exe to run it and follow the prompts.If your anti-virus or firewall complains, please allow this script to run as it is not
malicious.When the scan is complete, two text files will open in Notepad:main.txt <- this one will be maximizedextra.txt <- this one will be minimizedIf not, they both can be found in the C:\Deckard\System Scanner folder.Please copy (Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your next reply.-- When running DSS, some firewalls may warn that it is trying to access the Internet especially if your asked to download the most current version of HijackThis. Please ensure that you allow it permission to do ... Read more

Read other 2 answers
RELEVANCY SCORE 104.8

Deckard's System Scanner v20071014.68Run by Umair on 2008-07-03 11:46:28Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------System Restore is disabled; attempting to re-enable...success.-- Last 1 Restore Point(s) --1: 2008-07-03 05:46:35 UTC - RP1 - System CheckpointBacked up registry hives.Performed disk cleanup.Percentage of Memory in Use: 80% (more than 75%).Total Physical Memory: 254 MiB (512 MiB recommended).-- HijackThis (run as Umair.exe) -----------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:48:54, on 03/07/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.17184)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Network Associates\VirusScan\Avsynmgr.exeC:\WINDOWS\system32\drivers\CDAC11BA.EXEC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\WINDOWS\system32\HPZipm12.exeC:\WINDOWS\Explorer.EXEC:\MDaemon\WebAdmin\... Read more

A:Some Dangerous Trojan Horses Detected In Your System Please Download

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Download SDFix and save it to your Desktop.Double click SDFix.exe and it will extract the files to %systemdrive%(Drive that contains the Windows Directory, typically C:\SDFix)Please then reboot your computer in Safe Mode by doing the following :Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;Instead of Windows loading as normal, the Advanced Options Menu should appear;Select the first option, to run Windows in Safe Mode, then press Enter.Choose your usual account. Open the extracted SDFix folder and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
(Report.txt will also be copied to Clipboard ready for posting back on the forum). Finally paste the contents of the Report.txt back on the forum with a new DSS log

Read other 2 answers
RELEVANCY SCORE 95.2

Hello.I just got home from a three day trip, and when i turned on my comp the first thing that came popping up was this error screen: I have no ideas of its origins, i'm guessing my brother stumbled upon it somewhere, but it's here now and i'd very much like it not to be I've tried reading in on the subject, but without grater success. According to the information i've found i'm dealing with some sort of SmitFraud here?So now i humbly turn to you for help.Here are the first logs:MAIN.TXTDeckard's System Scanner v20071014.68
Run by kim on 2008-05-24 14:40:07
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
81: 2008-05-24 11:40:17 UTC - RP370 - Deckard's System Scanner Restore Point
80: 2008-05-24 07:08:36 UTC - RP369 - Removed SPYWAREfighter.
79: 2008-05-23 18:05:51 UTC - RP368 - Installed SPYWAREfighter.
78: 2008-05-22 13:34:30 UTC - RP367 - System Checkpoint
77: 2008-05-21 13:06:29 UTC - RP366 - System Checkpoint
-- First Restore Point --
1: 2008-02-24 17:06:54 UTC - RP290 - System Checkpoint
Backed up registry hives.
Performed disk cleanup.

-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Tr... Read more

A:Error Message: Your System Is Infected By Dangerous Virus!

Hello mrrej89,Download FixIEDef.exe by ShadowPuterDude to the Desktop. Mirrors: Alternate official download locations for FixIEDef.exe http://it-mate.co.uk/downloads/fixiedef/fixiedef.exe http://hosts-file.net/download/fixiedef/fixiedef.exe http://avant.it-mate.co.uk/?c=Download&f=Tools/FixIEDef http://archives.mysteryfcm.co.uk/?f=Securi...pyware/FixIEDef Double-click FixIEDef.exe, this will create a folder named FixIEDef on your Desktop. Double-click of the FixIEDef folder. NOTE: You will need to temporarily disable any programs you have running that will block attempts to edit the registry. As FixIEDef calls REGEDIT to delete registry keys added by Zlob, Trojan.Downloader.Delf, AntiSpyPro, and IE Defender. WARNING: FixIEDef will kill all copies of Internet Explorer and Explorer that are running. The icons and Start Menu on your Desktop will not be visible while FixIEDef is running. This is necessary to remove parts of the infection that would otherwise not be removed. FixIEDef will re-start Explorer at the end of the removal process VISTA Users: Double-click on DisableUAC inside the FixIEDef folder and answer "Yes" if asked if you want to merge with the registry. After the script has finished double-click on EnableUAC.reg inside the FixIEDef folder to re-enable UAC. Answer "Yes" if asked if you want to merge with the registry. Locate FixIEDef.bat and double-click on it. VISTA Users: Right-click on FixIEDef.bat and select "Run as Administrator&q... Read more

Read other 2 answers
RELEVANCY SCORE 94.4

Help! I have an unknown number of viruses on my computer! When I started it this morning, there was a UAC warning to run Update.exe from Windows\System32\Java\Update.exe. Then, I got a run dialog for an svchost in the Roaming folder! Then, I ran avast and it said my op was infected so I scheduled a boot scan. It found something in Temporary Files but my keyboard suddenly froze and I could not select delete options so I had to restart. Then Windows Error Recovery Came up and Repair just went back to the main screen so I selected Start Windows Normally.

Could you guide me through what to do? I haven't used HijackThis before.
 

Read other answers
RELEVANCY SCORE 94.4

Help! I have an unknown number of viruses on my computer! When I started it this morning, there was a UAC warning to run Update.exe from Windows\System32\Java\Update.exe. Then, I got a run dialog for an svchost in the Roaming folder! Then, I ran avast and it said my op was infected so I scheduled a boot scan. It found something in Temporary Files but my keyboard suddenly froze and I could not select delete options so I had to restart. Then Windows Error Recovery Came up and Repair just went back to the main screen so I selected Start Windows Normally.

Could you guide me through what to do? I haven't used HijackThis before.

A:Infected by Dangerous Viruses!!!

Hello there! Scan with this:

Malwarebytes.org

Read other 6 answers
RELEVANCY SCORE 93.2

I accidentally clicked a bad link and it directed me to this site which I closed immediately, and I received some kind of html script virus that made me open a lot of microsoft office outlook , however my antivirus quarantined it and I deleted it afterwords.

Should I still be cautious of the virus?



this is the link that gave me the virus: tinyurl.com/dyrusreplay

A:How dangerous are Html script viruses?

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and
Quote:




Having problems with spyware and pop-ups? First Steps




a link at the top of each page.

Please follow our pre-posting process outlined below.

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in your next reply.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 2 answers
RELEVANCY SCORE 92

Since yesterday, Avira has been contacting my non-stop about different viruses detected, the main ones being TR/Rootkit.Gen and Swizzor.Gen and more, but mainly Trojans and most found in C:/system32/driver
After repeatedly sending all the files to Quarantine, it seemed to calm down a little. I went into Safemode and scanned my pc with Malwarebytes AND Avira. I then rebooted and went back to normal Windows.

Today, I tried to download Avast because of its features range, but whilst installing, I came back and my computer had rebooted itself. It will stay on the Log in screen for a few seconds then restart again. The furthest I've gotten is logging into my account and then the screen goes blank. I am now in Safemode. Btw, I downloaded Avast from their website and I am using Mozilla Firefox not Internet Explorer (if that helps).

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:48:36, on 17/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/... Read more

Read other answers
RELEVANCY SCORE 92

this is the error message i get, it pops up all the time with a red circle and white X
and then it keeps starting a program called spyaxe 3.0 and wanting me to buy it

i have adware, avg virus, zone alarm , windows one care and spybot search and destroy, i have done scans with all of them and i stil have this problem

what can i do to get rid of this ??

thanks

noasad

A:Dangerous Malware infection was detected

You need to uninstall Spyaxe. See this:

SpyAxe is an anti-spyware application that may be distributed and installed without a user?s knowledge or consent. The installed application functions up to the point when a user wants to remove a found infection, at which point the software requires purchase. The software may falsely alarm about infections, even prior to conducting a scan.

SpyAxe will falsely alarm the user of a registry key, which the software claims is a component of 2Search, and marks it as a high security risk. The registry key is actually belongs to a scripting component and is a part of the Microsoft Windows operating system.

Spyaxe seems to be downloaded and installed by Trojan-Downloader.Win32.Zlob.

To remove Spyaxe, follow the instructions here: http://www.bleepingcomputer.com/forums/topic36868.html

Hope it helps!

Read other 18 answers
RELEVANCY SCORE 91.2

Ok, here's the problem. Starting yesterday, Avira has been contacting me non-stop about different viruses detected, the main ones being TR/Rootkit.Gen and Swizzor.Gen and more, but mainly Trojans and most found in C:/system32/driver.After repeatedly sending all the files to Quarantine, it seemed to calm down a little. I ran a scan with Malwarebytes, but after 9 hours, it froze and was so slow I had to open Windows Task Manager and shut down my computer mid-scan.I went into Safemode and scanned my pc with Malwarebytes AND Avira. I then rebooted and went back to normal Windows.Today, I went into Safe Mode to scan with Malwarebytes AND Avira (with around 90 viruses in total found). However, Rootkit still kept coming up so I tried to download Avast because of its wide range of features, but whilst installing, I came back and my computer had rebooted itself. It will stay on the Log in screen for a few seconds then restart again. The furthest I've gotten is logging into my account and then the screen goes blank. It continues to restart even when I don't touch it. I am now in Safemode. Btw, I downloaded Avast from their website and I am using Mozilla Firefox not Internet Explorer (if that helps).I need this problem fixed ASAP because I have to start my GCSEs coursework which determines the grades I get when I get back next Monday. What do i do?

A:Been infected with dangerous viruses. Keeps restarting. Help needed immediately please!!

Hello do the the sious urgency,, Reformatting and reinstlling the system may be fastest and most secure,We can try booting from a rescue CD.Avira AntiVir Rescue System

Read other 1 answers
RELEVANCY SCORE 90.8

I dont know what happened or when. Im not having any issues with my PC but all this came up today. My malwarebytes found nothing. I CCleaned..defraged.. dusted & waxed. What is this junk? Do I have a virus or is Vista just forcing me to upgrade? "";"Locked file. Not tested., C:\Program Files (x86)\Google\CrashReports\";"Infected""";"Contains macros, C:\Program Files (x86)\Microsoft Office\Office12\1033\EXPTOOWS.XLA";"Infected""";"Contains macros, C:\Program Files (x86)\Microsoft Office\Office12\Library\HTML.XLAM";"Infected""";"Password-protected, C:\ProgramData\AVG2013\IDS\config\quarantinedList.zip";"Infected""";"Locked file. Not tested., C:\ProgramData\Desktop\";"Infected""";"Locked file. Not tested., C:\ProgramData\Documents\";"Infected""";"Locked file. Not tested., C:\ProgramData\Favorites\";"Infected""";"Locked file. Not tested., C:\ProgramData\MFAData\msistorg.dat";"Infected""";"Locked file. Not tested., C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\02598c934385f330a935bda28d42b3c0_6d5b2038-4853-410b-ae52-70f22458b034";"Infected""";"Locked file. Not tested., C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\03432f824cd17880cacbee7982c6a378_6d5b2038-4853-410b-ae52-70f22458b034";"Infected""";"Locked file. Not tested., C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\03e3ea7301a61d2c42e69d0dbf7f91f6_6d5b2038-4853-410b-ae52-70f22458b034";"Infected""";"Locked file. Not tested., C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\083c634a2c3bea98e06057470b4a945a_6d5b2038-... Read more

A:AVG detected 267 potentially dangerous threats- not all were removed.

Hello, these are "Locked" files and cannot be modified by malware. They should NOT be unlocked. If you feel the need to scan these, use the AVG Rescue CD 
You may want to disable locked files reporting I AVG so they won't report these.

Read other 5 answers
RELEVANCY SCORE 90

Rootkit Revealer detected the file C:\System Volume Information\_restore{F6BB1AAD-2A8D-4B85-9D3A-4967072BF7AC}\RP257\A0034833.RDB which it described as "2.72 MB Hidden from Windows API.".

Is this hit a false positive, or is the file, in fact, a rootkit?
 

A:Suspicious file detected by Rootkit Revealer - dangerous or not?

Read other 6 answers
RELEVANCY SCORE 86.8

Please help if you know what these files are:

Nen85.exe
Kaf2w.exe
Dsz3Fzo2.exe
DwpO.exe
MjyZG.exe
Ftw7.exe

I find them in the list of running Processes under Win XP Pro.
If you delete one, it immediatley comes back as one of the other files listed. When I do a search of the computer, the files are found in the C:\Windows\Prefetch file.

I recently had an infestation with several spy programs and pop-up generators...used HiJack This, AdAware to remove them...but these files remain. I would love to know if they are harmful or not.
Thanks!!
 

A:Are these files dangerous?

Read other 16 answers
RELEVANCY SCORE 86.8

I have the Program Remove it Pro free for 30 days and when I scan my Pc apperars 3 Dangerous files:

Infected with Sys32.jestertb
Infected with Sys32.omcamdib
Infected with Sys32.omniuns

Are this files related to a Program called OVT that is for editing video and slides?

How can I solve the problem?

A:Dangerous files

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 86.8

Can someone tell me if these two files are dangerous? I ran a Hijack log and have been going through it - I find it fascinating (smile) Anyway - these two entries look suspicious and I don't want to delete anything! Thanks so much for your time!
Best Wishes,
Tammy
O17 - HKLM\System\CCS\Services\Tcpip\..\{0924ECE7-E96C-4E38-8110-3D00E454B514}: NameServer = 205.171.3.65,205.171.3.62
O17 - HKLM\System\CS1\Services\Tcpip\..\{0924ECE7-E96C-4E38-8110-3D00E454B514}: NameServer = 205.171.3.65,205.171.3.62

Here is my whole Hijack log. The reason I was checking into it is because Kaspersky has caught two trojan's in the last week and I have tried to delete them from the log and they keep coming back?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:54:47 PM, on 11/5/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyw... Read more

A:Our these two files dangerous?

I ran Dr Web cureit and it found four trojan's - which it fixed - but I reran the Hijack log and these two files are still on there. Can someone tell me if I should delete these two 017 entries? Also I can't install Spybot - it downloads and then times out - so I think I'm still infected?

Thanks much,
Tammy
 

Read other 1 answers
RELEVANCY SCORE 86.8

I was looking through the files on my hard drive and found some oddly named ones. Are these files dangerous?

1. ezsidmv.dat
Found at: C:\WINDOWS\SYSTEM32\EZSIDMV.DAT

2. msft_kernel_ggflt_01007.wdf
Found at: C:\WINDOWS\SYSTEM32\DRIVERS\MSFT_KERNEL_GGFLT_01007.WDF

3. msft_kernel_ggsemc_01007.wdf
Found at: C:\WINDOWS\SYSTEM32\DRIVERS\MSFT_KERNEL_GGSEMC_01007.WDF

4. msftwdf_kernel_01007_coinstaller_critical.wdf
Found at: C:\WINDOWS\SYSTEM32\DRIVERS\MSFTWDF_KERNEL_01007_COINSTALLER_CRITICAL.WDF

Read other answers
RELEVANCY SCORE 86.4

The recent update for Microsoft Security Essentials is causing a lot of Windows XP computers to bog down or become unusable.

You might want to read this article:

http://www.fudzilla.com/home/item/34518-microsoft-security-essentials-bug-kills-xp-boxes

-------------------------------------------------------------
 

A:Attention! Windows XP Users That Have Microsoft Security Essentials

Read other 16 answers
RELEVANCY SCORE 86
A:Dangerous Files! (Video)

Any Type of hacking is illegal, and extremely dangerous it could lead to jail time, also thousands of pounds in damage costs. Under Computer Misuse Act.
For more information on the law please click; Computer hacking and the law - Crime and Justice

Read other 2 answers
RELEVANCY SCORE 84.8

Where to begin??? Suddenly I am getting all kinds of strange behavior from my pc. First I notice 2 icons on the desktop this afternoon. One says "Help and Support" (looks like a green shield) and the other says Windows Update and looks far too legit, but checking the properties I was able to see that these icons will direct me to storageprotector.com. Next I rebooted to see what, if any, errors may occur at start up. Sure enough, I received the following message:
"IMPORTANT - Potential Errors found in the system
During a scan of files at system startup, potential errors in the system registry were found.
p-07-0100 irql: 1f SYSVER 0xff00024
NT_Kernal error 1256
KMODE_EXCEPTION_NOT_HANDLED"

In my attempt to search for possible answers to these problems, I see that every webpage that I go to now has an ad stating "Your system could be saving dangerous adult files to your computer" with a DELETE DANGEROUS FILES NOW button. Another ad displays as though a scan is being run and reporting XXXX errors Also, the page acts as though it is always "transferring data" and I have to use the STOP button to speed things up and stop the continuous loading.
Just now had a warning pop up from my system tray, the icon is a red circle with an X:
"A Critical error could occur. ***STOP: 0x0000007B (0xF20184, 0x000000, 0xCC0034)***
Inaccessible handler or device.
Click this balloon to fix the problem"
One more thing to mention; McAffe is blocking ... Read more

A:Warnings of dangerous files on every webpage

Read other 12 answers
RELEVANCY SCORE 84.8

OKay. So I've ran down the Ad-Aware. I've run the Spybot... Unfortunately... Nothing's working out for me. (Keep in mind I also don't know what I'm doing.) Great. But I KNOW there are just WAAAY too many files under system32 and I know that they're not suppose to be there. So if anyone would be so kind as to take a looksee at the jungle I call my computer logfile? Thank you!




Quote:





Logfile of HijackThis v1.99.1
Scan saved at 8:51:15 PM, on 3/25/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.ex... Read more

A:waaaay too many system32 files that look dangerous

Hi and Welcome.
Its a wonder that this poor old thing has the energy even to log on the net,let alone run.

It may help you if you print out or copy this page for easy reference.. Make sure to work through the fixes in the exact order its listed..These instructions only apply to HJT v1.99.1

Please Keep your browser and all open programs closed (except firewalls and antivirus) when you are carrying out the fixes.

Download any of the required programs before attempting to start any of the fixes.


Turn off System Restore instructions (WinXP)
Rightclick My Computer | Properties | System Restore | check ?Turn off System Restore?, <Apply>, <OK>. Reboot. When we have confirmed that your log file is clean, you may renable System Restore and create a new restore point.

SHOW HIDDEN FILES AND FOLDERS.
To show hidden files instructions (WinXP)
Doubleclick My Computer | Tools | Folder Options | View tab
Select Show Hidden Files and Folders
Uncheck Hide extensions for known file types
Uncheck Hide protected operating system files (Recommended)
Select Apply to All Folders | Yes | Apply | OK
------------------------------------------------------------------


Scan your pc with Housecall. Its a free online scanner. Be sure to put a check the box beside AutoClean.

Download FixAgent and unzip it. Run FixAgent.exe. It should fix something. If nothing is fixed, skip to the next step for the HijackThis fixes. If something is found, also download Home_Mi... Read more

Read other 5 answers
RELEVANCY SCORE 84.8

I have 90 gb of files on my primary partition, but I can't shrink it down to less than 150 gb.
(I want to clone it on to a SSD that is 120 gb.)

So, I tried turning off all sorts of window services like hibernate and page file and kernel memory and indexing .
And I tried some defragmenters, and the Easeus partition master.
But I can't get it down to 120gb.
I assume I have some unmovable system files spread out on the partition.

What if I try shrinking it with Gparted? Will it work? And will it ruin my windows installation, or can I get it booting again with a recovery disk?

I know -- only shrink from the right, not from the left. And leave some empty space, like 25 gb should probably be enough.

and make a system image, just in case.

anything else to be careful about? what do you guys say?

A:unmovable files and gparted. is it dangerous?

Have you tried a 3rd party defragmenter in safe(condensing empty space) mode with all the other stuff turned off and put your data files on an USB HDD if a second internal HDD? If the 150GB is not "Full" and it's fragmented free space you could look into Migration software like AOMEI Partition Assistant. your specs state you have a desktop so you must have an extra SATA cable inside.

Also one more thing I see in the threads, when you get your SSD up and running switch the SATA cable out to the one from the HDD and leave the HDD unplugged until you can reformat and partition it(you cannot have 2 boot disk of the same OS (Clones) and have the system run properly). A lot of people forget this.

Or the best over all would be a clean install, then import your library files after. Do not forget to set BIOS/UEFI to AHCI

Read other 5 answers
RELEVANCY SCORE 84.4

Gotta another sick system I am needing help with. getting the pop up "Your system was infected by dangerous trojan Note: your critical files can be lost....." when i try to click on anything and have to click th epop up off before what i want comes up. Here are the requested logs attached to the post.

A:Your System Was Infected By Dangerous Trojan

Hello Hasledash, Gotta another sick system I am needing help withI see you posted on Apr 4 with a computer problem on another comptuer. Are you a company's IT department or computer shop?

Read other 5 answers
RELEVANCY SCORE 84.4

Please help if you can, Its my own fault i got this malware as i opened up a video which i shouldn't have. I havent used hijack this before so I hope i do it rightDeckard's System Scanner v20071014.68Extra logfile - please post this as an attachment with your post.---------------------------------------------------------------------------------- System Information ----------------------------------------------------------Microsoft? Windows Vista? Home Premium (build 6000)Architecture: X86; Language: EnglishCPU 0: AMD Athlon™ 64 X2 Dual Core Processor 5000+Percentage of Memory in Use: 40%Physical Memory (total/avail): 1981.88 MiB / 1179.33 MiBPagefile Memory (total/avail): 4182.39 MiB / 3190.91 MiBVirtual Memory (total/avail): 2047.88 MiB / 1926.92 MiBC: is Fixed (NTFS) - 222.78 GiB total, 166.24 GiB free. D: is Fixed (NTFS) - 10 GiB total, 5.99 GiB free. E: is CDROM (No Media)F: is CDROM (No Media)G: is Removable (No Media)H: is Removable (No Media)I: is Removable (No Media)J: is Removable (No Media)\\.\PHYSICALDRIVE0 - Hitachi HDT725025VLA SCSI Disk Device - 232.83 GiB - 3 partitions \PARTITION0 - Unknown - 54.88 MiB \PARTITION1 - Installable File System - 10 GiB - D: \PARTITION2 (bootable) - Installable File System - 222.78 GiB - C:\\.\PHYSICALDRIVE1 - TEAC USB HS-CF Card USB Device\\.\PHYSICALDRIVE3 - TEAC USB HS-MS Card USB Device\\.\PHYSICALDRIVE4 - TEAC USB HS-SD Card USB Device�... Read more

A:Your System Is Infected With Dangerous Virus

I only just noticed there was a second part of the log....sorry about that!Deckard's System Scanner v20071014.68Run by Steve on 2008-04-21 00:54:22Computer is in Normal Mode.---------------------------------------------------------------------------------- Last 5 Restore Point(s) --18: 2008-04-19 12:50:58 UTC - RP52 - Scheduled Checkpoint17: 2008-04-18 08:14:13 UTC - RP51 - Windows Update16: 2008-04-17 17:16:57 UTC - RP50 - Windows Update15: 2008-04-17 09:58:22 UTC - RP49 - Scheduled Checkpoint14: 2008-04-16 09:43:45 UTC - RP48 - Windows Update-- First Restore Point -- 1: 2008-04-06 11:29:41 UTC - RP35 - Windows UpdateBacked up registry hives.Performed disk cleanup.-- HijackThis (run as Steve.exe) -----------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 00:55:38, on 21/04/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16643)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\RtHDVCpl.exeC:\Windows\System32\rundll32.exeC:\Program Files\Java\jre1.6.0\bin\jusched.exeC:\Program Files\Grisoft\AVG7\avgcc.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Windows\ehome\ehtray.exeC:\Program Files ... Read more

Read other 3 answers
RELEVANCY SCORE 84.4

Hi everybody,

I'd like to install Kali Linux on a Virtual Machine in VirtualBox.
At startup it failed because it did not have the PAE, so I've enabled it and checked. Everything works fine, but an horrible doubt came up into my mind: as PAE exposes the Physical Address Extension, could it be dangerous to my Host system (which is Windows 10) or, worse, my computer?

Thanks a lot for your help!

EDIT: and the I/O APIC? I do not actually know what it is, but a tutorial advised me to turn it on. Could it be dangerous for my system (not Kali Linux, I sincerely don't care if my Kali Linux machine is destroyed, the most important thing is that my Windows - Host - and my computer are damaged in no ways)?

LG

A:VirtualBox: Is PAE/NX option dangerous for the system?

This should help explain what PAE is:
Physical Address Extension - Wikipedia, the free encyclopedia

APIC
What is I/O APIC? | What is?

Read other 2 answers
RELEVANCY SCORE 84.4

This popup has been so annoying! If anyone could help me get rid of I'd really appreciate it. I downloaded HJT and have the log file here:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 4:54:03 PM, on 6/17/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16850)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exec:\Program Files\Common Files\Symantec Shared\ccProxy.exec:\Program Files\Common Files\Symantec Shared\ccSetMgr.exec:\Program Files\Norton Internet Security\ISSVC.exec:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exec:\Program Files\Common Files\Symantec Shared\SNDSrvc.exec:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exec:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS... Read more

A:your system is infected with dangerous virus

Hello andeethree, Sorry for the delay. We have many logs backed up. Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt.Please post the contents of that document.We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make. Open Windows Defender. Click on Tools, General Settings. Scroll down and uncheck Turn on real-time protection (recommended). After you uncheck this, click on the Save button and close Windows Defender.After all of the fixes are complete it is very important that you enable Real-time Protection again.lease download Malwarebytes' Anti-Malware from one of these places:http://download.cnet.com/Malwarebytes-Anti...&tag=buttonhttp://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.htmlhttp://www.besttechie.net/mbam/mbam-setup.exeDouble Click mbam-setup.exe to install the application. * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select "Perform Full Scan", then click Scan. * The scan may take some time to finish,so please be patient. * When the scan is complete, click OK, then Show Results to view the res... Read more

Read other 2 answers
RELEVANCY SCORE 84.4

well i was looking through my processes in windows task manager and i came across this process called system. just looking at it seem suspicious to me so i looked it up online because i didn't want to stop it if it was vital to my computer so i looked it up and a lot of stuff i read said it was dangerous. but this is the confusing part: i went back to task manager to the processes and the description said that it was NT Kernel & System which really confused me then i click on it and went the properties so when i went there it said system32 properties and it was a file folder that was worth 2.32 gbs!!! which threw me off now I'm confused and don't know what to do if anybody can give me some info to weather or not its dangerous and can if someone can help with my computer overall will be great because i need help. i know hijackthis log is not used anymore so anyone that can assist me can tell what type of log to use so that the person can see what's wrong with my computer. if anyone can also help i also have two csrss running in task manager which i don't want to mess with because i don't want to mess up my computer and they're both in c:\windows\system32. thanks to anyone that can help me

A:system running in taskmanager, is it dangerous???

No, it is not dangerous. Never end a process in your Task Manager unless you know exactly what it is.Googling a lot of Windows processes results in a lot of websites like: "usually a integral part of Windows.....could be sign of infection....download our free diagnostics tool to check for viruses!!!" Pretty much all of them are like this.They try to be informative, but also want you to install their, most likely, dangerous software. Don't believe everything you read.System.exe is part of Windows and it runs on everybody's PC's. Don't worry about it.Csrss.exe is another critical Windows component that should not be tampered with. Your system is not infected because of these files/processes.If you are worried about malware, check the pinned topics in the AntiVirus, Firewall and Privacy Products and Protection Methods forum. There is a lot of great advice there.And as always, if you have questions or problems, feel free to ask.

Read other 10 answers
RELEVANCY SCORE 83.2

Greetings, I made the mistake of allowing an Active-X code to run in IE7. (Went brain-dead for a second.) Don't know what this popup is called but the full text is: "System error Your system is infected with dangerous virus! Note: Strongly recommend to install antispyware program to clean your system and avoid total crash of hour computer! Click OK to download the antispyware. (Recommended)" It pops up 3 times while IE7 is loading my home page. It pops up 2 out of 3 times when double-clicking on My Computer. When I double-click on My Docs, it does not. It shows up at other odd places. When you search for anything in the Google search toolbar, the 2nd and 3rd entry are obviously supplied by the malware. 2) Error - your computer was infected etc etc. 3) You Tube - Porn - Watch now. I have never clicked on OK or these bogus Google search results. I have run Kasperski 7.0 full system scan many times. No threats are ever detected. A few general questions before I post the logs. 1. I have an attached USB drive for data. Do these things infect attached drives that are data only? 2. Why doesn't Kaspersky 7.0 ever find anything? 3. What causes System Restore not to work? What a disappointment! I went back as far as I could go. How do I make it work in the future? 4. I have turned on Kaspersky Proactive Defense and have blocked all suspicious activity, the Internet Explorer finally runs without popups... Read more

A:"your System Is Infected With Dangerous Virus..." Popup

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. You are running an older version of Java. This can be a security risk so let's get you the latest version.Upgrading Java:Download the latest version of Java Runtime Environment (JRE) 6 Update 6.Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".Click the "Download" button to the right.Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".Click on Continue.Click on the link to download Windows Offline Installation (jre-6u6-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..Close any programs you may have running - especially your web browser.Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.Check any item with Java Runtime Environment (JRE or J2SE) in the name.Click the Remove or Change/Remove button.Repeat as many times as necessary to remove each Java version.Reboot your computer once all Java components are removed.Then from your desktop double-click on the download to install the newest version.Please post a new log from DSS.

Read other 6 answers
RELEVANCY SCORE 83.2

Hi all I would welcome your consideration of the following log(s).BASELINE HIJACKTHIS LOG (PRE-CLEAN)DECKARD'S SYSTEM SCANNER (main.txt)HIJACKTHIS LOG (POST-CLEAN)I have also attached a small JPG file which is a copy of the offending pop-up (image).So far I have used the following tools in an attempt to clean my system of this malware.Spybot, AVG Ant-spyware 7.5 Freeversion, DSS, CUREIT, UNDOFIX, PROVW21, CCLEANER v2.06,567 (current version)Thank-you for your assistance.RegardsAlan========================================================================BASELINE HIJACKTHIS LOG (PRE-CLEAN)--------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:57:43 PM, on 15/04/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Rundll32.exeC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Java\jre1.6.0_05\bin... Read more

A:***** "your System Is Infected With Dangerous Virus!" Popup *****

Hello plshelpme2,Download FixIEDef.exe by ShadowPuterDude to the Desktop. Mirrors: Alternate official download locations for FixIEDef.exe http://it-mate.co.uk/downloads/fixiedef/fixiedef.exe http://hosts-file.net/download/fixiedef/fixiedef.exe http://avant.it-mate.co.uk/?c=Download&f=Tools/FixIEDef http://archives.mysteryfcm.co.uk/?f=Securi...pyware/FixIEDef Double-click FixIEDef.exe, this will create a folder named FixIEDef on your Desktop. Double-click of the FixIEDef folder. NOTE: You will need to temporarily disable any programs you have running that will block attempts to edit the registry. As FixIEDef calls REGEDIT to delete registry keys added by Zlob, Trojan.Downloader.Delf, AntiSpyPro, and IE Defender. WARNING: FixIEDef will kill all copies of Internet Explorer and Explorer that are running. The icons and Start Menu on your Desktop will not be visible while FixIEDef is running. This is necessary to remove parts of the infection that would otherwise not be removed. FixIEDef will re-start Explorer at the end of the removal process VISTA Users: Double-click on DisableUAC inside the FixIEDef folder and answer "Yes" if asked if you want to merge with the registry. After the script has finished double-click on EnableUAC.reg inside the FixIEDef folder to re-enable UAC. Answer "Yes" if asked if you want to merge with the registry. Locate FixIEDef.bat and double-click on it. VISTA Users: Right-click on FixIEDef.bat and select "Run as Administrato... Read more

Read other 2 answers
RELEVANCY SCORE 82

Hello all! I'm posting here because I'm trying to take care of my brother's laptop. On Friday (Christmas Eve) he let me know that he'd gotten what appeared to be a malware and or virus attack which appeared initially as a fake anti virus scan ("AntiVirusDoctor") -generating numerous pop-ups and so forth. This was an older Dell (running Windows XP) of his that he'd had to switch to as his newer one is out of service for the moment-so the usual security software he uses and such had either not been reinstalled or not updated for a very long time with the exception of AviraAntivirus (it had just updated itself an hour or so before hand). Avira's gaurd seemed to have caught about 20-30 files trying to come in -almost all of these were tojan's. He'd started it's scan and had found 3 or 4 infections but I suggested he stop the scan and reboot into safe mode so he could run it from there. Meanwhile I went back to my computer and downloaded the newest version of Malwarebytes and after running his Avira again in safe mode ran a full-system scan on his computer in Malwarebytes. This found around 250 or so more infections. I saved the log files from the two malwarebytes scans I ran (I'd forgotten to ensure that all the files had been selected for removal the first time round & when I saw this immediately rescanned and then removed them). I&#8217;ve a decent amount of experience in dealing with computers but not so much ... Read more

A:Malware/Virus Infection: AntiVirus Doctor & other possibly dangerous malware/viruses

Read other 16 answers
RELEVANCY SCORE 80.4

Hey guys,

I'm sorry in advance for the lack of information, if you need anything that I haven't provided then let me know and I will give it to you. I copied the link and closed the last warning without thinking to screenshot the actual warning :\

But I have Trend Micro and every once in a while when I am browsing (IE7 if that helps) it pops up a warning messages (one of the red boxes that show up in the lower right of your screen). This is the URL

http://tcla.mmismm.com/mmmss.php?mm_...a/L11&mm_flag=

I get the error "Server Lookup Error" and am told that its dangerous by Trend Micro, but it also tries to stop me from using Proxy sites when I try.

Should I be worried?

Thanks!

A:TCLA MMISMM Server Lookup Error - Dangerous?

Hello and Welcome to TSF.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 80

Hey,A friend told me running Windows 7 on the 64 bit edition,could be dangerous to my CPU because it "run the CPU" up to 100%.
I don't want to return to 32 bit,because it's slower,my PC works better on 64 bit,games,programs etc.
So is it dangerous? my specs:
AMD ATHLON 64X2 DUAL CORE 4400+
2GB RAM DDR2
ATI RADEON HD2400 PRO
Thanks!

A:Windows 7 64 BIT dangerous?

Ummm.....paying hundreds of dollars for a CPU and never using 100% of it is so much of a waste...Running a CPU at 100% is not going to damage it in the slightest. And your friend is 100% wrong on all accounts.

The 64 bit version is no more dangerous then the 32 bit version.

Read other 6 answers
RELEVANCY SCORE 79.2

Welcome everyone
This is my first post , so please be placable because i'm not a IT specialist..

Well, in Windows 7 we have many of services. Some of them are needed and some do not. But i discovered , that one of them sends an informations about PC and our activies . When you download a TCPview program , you will see that, our system is sending and informations to ... ( well that's good question, where ?)

Is there any person who know a lot about this problem ? Or maybe already solve it ?

I will be grateful for advices )

A:Dangerous Windows Services ?

Screenshot please?

Read other 2 answers
RELEVANCY SCORE 78.4

Can anyone tell me what this is please? I've searched the register and found nothing, I've tried searching for it via a normal internet search but found nothing useful. It has popped up several times now and it is impossible to get rid of it without having some woman ordering you to ring a number ....I'm now thinking that it is simply an advert, although if anyone knows better I would be very grateful to hear about it.
Thank you.

A:fatal-xxx- dangerous-windows.pc error1108.com

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

Read other 2 answers
RELEVANCY SCORE 76.8

If you're experiencing crashing with these Microsoft Outlook versions in Windows 7 and 8.1 and 10, you might want to read here:

http://news.softpedia.com/news/micr...b4011042-kb3191849-and-kb3213654-517011.shtml

--------------------------------------------------------------
 

A:Attention! Microsoft Outlook 2010 & 2013 & 2016 Users

I have the third update being rolled out this week via Big Fix. Curious to see what happens now. Regardless, thanks Frank.
 

Read other 1 answers
RELEVANCY SCORE 74.8

I just installed Kaspersky Internet Security 2009 trial to check it out and compare it to Avast. I did a scan on my computer and supposedly it found a lot of threats, but when I look at the logs, they are all legitimate files or programs (see below).

Kaspersky Screenshot 1

Kaspersky Screenshot 2

What's the deal? What do you suggest I do?

There's a link to "disinfect all".
 

A:Kaspersky is saying legit files and programs are "very dangerous" threats??

Read other 9 answers
RELEVANCY SCORE 74

Hi, I'm not sure what I've done, but it apparently was something that managed to kill my system.

This is the Message that I've been getting:

System Error!

Attention, Jason! Some dangerous trojan horses detected in your system. Microsoft Windows XP files corrupted. This may lead to the destruction of important files in C:\WINDOWS. Download protection software now!

Click OK to download the antispyware. (Recommended)

Any help that could be provided would be greatly appreciated. Below is the Panda Report that I got and the Main report from DSS. I've also attached the extra text file from DSS.

Thanks,

Jason

Panda

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-06-22 18:54:36
PROTECTIONS: 1
MALWARE: 29
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Windows Live OneCare 1.0.0 Yes Yes
;==================================... Read more

A:"System Error!...Microstoft Windows XP Files corrupted. Download protection now!

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please save this page to Notepad in order to assist you when carrying out the following instructions.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding.
Ensure that there aren't any opened browsers when you are carrying out the procedures below.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

You have no firewall enabled. Please enable Windows OneCare Live Firewall in the Security Center of your Control Panel.

------------------------------------------------------

I see you have P2P software ( Azureus ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. Howe... Read more

Read other 1 answers