Over 1 million tech questions and answers.

AA Airlines virus

Q: AA Airlines virus

Hello, I'm sure this is old news, but I ran this AA Airline crap and before I knew it was a virus the damage was already done. I killed the computer as soon as I realized trouble and now all I get when I try to start it is "error reading OS". I can't get it to even show a safe mode option with F8. I can get to bios (F2) and boot (F12) but that is it. Any help would be appreciated as I am at a loss. Thanks. Robert.

RELEVANCY SCORE 200
Preferred Solution: AA Airlines virus

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: AA Airlines virus

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/442543 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system. If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.Thank you for your patience, and again sorry for the delay.*************************************************** We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE We also need a new log from the GMER anti-rootkit Scanner. Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log. Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here: How to create a GMER logAs I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

Read other 6 answers
RELEVANCY SCORE 59.6

Hi,
 
A family member of mine was just recently infected with a virus that they got from a fake American Airlines email.  Since they already deleted the email, I cannot paste here what the content was exactly but it seemed like a regular ticket confirmation email.  The only thing that was off was that it included a line saying "in order to use your ticket now, please download the attachment".  As you may have guessed, they actually downloaded the attachment and executed the file inside which was named something like ticket.exe.  
 
I'm not sure what the virus does exactly, but after a few minutes, Mcafee caught it, but it notified us that the computer had to restart in order to fix the problem.  I booted into safe mode with networking, but things seemed to be in working order.  When I googled the virus, I heard it was supposed to black out your desktop and erase your program icons from the start menu, but this doesn't seem to be the case here.  After a few more minutes, Mcafee's real-time scan disabled itself and I'm unable to turn it back on.
 
The computer is running Windows 7, 64-bit ultimate.  Let me know if you need more information, otherwise I'll update with any new problems as they come up.
 
Thanks for all your help! 

A:American airlines email virus/ticket.exe

Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and ... Read more

Read other 5 answers
RELEVANCY SCORE 47.6

cannot access their website

southwest.com or iflyswa.com

others have no problem.
this started on wednesday for me.
 

A:southwest airlines

Read other 11 answers
RELEVANCY SCORE 46.8

TRAVELERS ALERT
I stumbled on new baggage rules for lithium batteries on airlines. (haven't seen this announced before.)
Spare lithium batteries can not be carried in checked luggage. Only lithium batteries installed in equipment can be in checked baggage.
Spare lithium batteries are allowed in carry-on baggage.

These strange rules will cause your spare lithium camera batteries to be discarded after you check luggage without you being notified. Those are expensive and hard to replace when touring.
 

A:Lithium batteries on airlines

Here's the DOT's notice.

http://safetravel.dot.gov/whats_new_batteries.html
 

Read other 1 answers
RELEVANCY SCORE 46.8

I cannot access Delta Airlines url (www.Delta.com) from any of the 3 computers on my Home network anymore. I can take my Laptop to another network and access perfectly. All PC's use XP.

I have access to all other url's (websites) from any of the 3 computers except the Delta Website.

Any help is appreciated.

A:Can't access Delta Airlines url

Click Start => run type in CMD press OK. When command prompt opens up type in Ping www.Delta.com and press Enter. Please copy and paste the results back into this thread

Read other 1 answers
RELEVANCY SCORE 46.8

For some reason I cannot access southwest.com - on any of the three computers I own. At home these three computers access the internet via a wireless modem that connects with the comcast host. When I travel with either laptop the same problem happens. It also happens using Firefox. When I attempt to open southwest.com I get a connecting message and it will grind away for a half-hour or so before finally timing out. Sometimes the southwest site will partially open. I have tried deleting cookies, but that doesn't help. Any suggestions.

Thanks.

Rob

A:Cannot access Southwest Airlines

You might have SW on your banned URL list. Check 64.57.78.148 to see if that connects.

Read other 17 answers
RELEVANCY SCORE 46

to whom it may concern
My brother accidentialy opened a american airlines email and caused his computer to hide all personal files, including music, photos, work, I have tried malwarebuytes to repair. needs more than that. he has webroot antivirus, it always saying it needs updating
thank you for your help

Kevin Petty

A:opened American Airlines fake ticket

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 3 answers
RELEVANCY SCORE 45.6

+1 833_228-2161 Spirit Airlines Flight Baggage Fee



Spirit baggage fees





Baggage category

Fee

Max Weight



Gate check baggage fee

$65





First checked bag

$21-$50

40lbs



Second checked bag

$31-$60

40lbs



Third - fifth checked bag

$76-$100

40lbs





Do you have to pay for carry on with spirit?





When you fly Spirit Airlines, you can bring on a personal
item up to 18 x 14 x 8 inches on board for free while a full-sized carry-on will cost you $37 to $65, depending on when and where you purchase the right to bring the bag on board.
(Prices slightly less for $9 Fare Club members.)

Read other answers
RELEVANCY SCORE 44.8

+1 833_228-2161 How do I talk to a live person at Spirit Airlines?


How do I talk to a live person at Spirit Airlines?





How to Call a Live Person in Spirit Airlines Customer Service


Dial 1-801-401-2222.Press 5 in the main menu.Press 1 in the sub-menu and press 6 in the next menu.After that, the automated phone system will connect you to a live customer service agent from Spirit Airlines.

Read other answers
RELEVANCY SCORE 44

+1 833_228-2161 Delta Airlines Flight Booking & Managing Phone Number

Air travel has become one of the most convenient and cheap means of transportation nowadays. Most of us prefer to book flights for journeys that would take up almost twice our time if we traveled by other means for the same distance. Booking flights has also
become an easier task nowadays than it was before.

There are various ways to book a flight ticket. We can do it ourselves or let others do it for us. We can make the booking online, through a travel agency, etc.

Read other answers
RELEVANCY SCORE 40.4

Hi,

Can anyone help me design airlines website like calendar in access.

Like, when it shows, the date and the availability and the price of ticket.

Thanks,
 

A:Access Query: Display Airlines like Calendar in Access

Read other 12 answers
RELEVANCY SCORE 23.6

Topic Title edited to show original Post Title ~KoanYorelHi I posted original post on the 6th July and have not had a replyThanks for any help that may come my wayCheers Johttp://www.bleepingcomputer.com/forums/t/98897/w32-alcra-f-virus-trojan-popper-virus-with-2-downloader-viruss/I am so sorry for double posting for some reason I cant post in the ' havent had a reply in 5 days ?'I have also tried to clean up my computer since the original post so I will put my new HiJack This log in this posting..... hope that isnt a problem.ThanksLogfile of HijackThis v1.99.1Scan saved at 6:22:43 PM, on 13/07/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\NMSAccess.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\wdfmgr.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\HP... Read more

A:W32 Alcra F. Virus + Trojan Popper Virus With 2 Downloader Virus's,

Welcome to the BleepingComputer HijackThis Logs and Analysis forum magic23My name is Richie and i'll be helping you to fix your problems.Please download Combofix and save to your desktop:Note: It is important that it is saved directly to your desktop Close any open browsers. Double click on combofix.exe and follow the prompts. When it's finished it will produce a log. Post the entire contents of C:\ComboFix.txt into your next reply. Note: Do not mouseclick combofix's window while it's running. That may cause the program to freeze/hang. Also post a new Hijackthis log please.

Read other 9 answers
RELEVANCY SCORE 23.6

Hey!!! Please help me. About two days ago, my computer got infected with Vista Anti-virus 2011. I spent the whole day trying to remove it, I finally did with the help of Malwarebytes. Its seems to wipe it out until today when Vista Anti-virus emerged again. I ran Malwarebytes and removed it again. Rebooted and ran it again and came up clean. I also ran systematic antivirus and it also came up clean. The only problem now is that about every minute a commercial audio plays without anything else running. Nothing pops up or anything, just the audio file. Also when I try to go in the internet either with internet explorer or firefox, I get alot of redirects. Please help me!!!Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Then post your DDS and GMER logs as a reply to this topic. Once you have done that I will remove my reply and consolidate the posts so that you retain your correct place in the queue.If you can produce at least some of the logs, then please explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs..DDS (Ver_11-03-05.01) - NTFSx86 Run by Garrett N at 0:51:43.25 on Sat 05/07/2011Internet Explorer: 8.0.6001.19048 BrowserJavaVersion: 1.6.0_22Microsoft? Windo... Read more

A:Vista anti-virus (virus) and Commercial Audio virus

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 28 answers
RELEVANCY SCORE 22.8

I have an HP running XP.All microsoft updates are current. Adobe Reader is the latest version.I have started in safe mode removed proxy and run both Malware and Super Anti Virus multiple times. Infections included multiple trojans and rogues.Some but not limited to AV, Wireshark, trojan dropper etc.I get pop ups that state "overstack" i also get other pop ups with 000000000000000000000.0000I also had redirect issues on google search but went away when i went in and cleared out the ip it was directing it to. Trojans and rogues keep coming back.Please help.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 1:11:57 AM, on 8/9/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exec:\Program Files\Fingerprint Sensor\AtService.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\CheckPoint\ZAForceField\IswSvc.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\CheckPoint\ZAForceField\ForceField... Read more

A:AV Virus then WireShark Virus now Google redirect Virus

Hello, and to the Malware Removal forum! My online alias is Blade Zephon, or Blade for short, and I will be assisting you with your malware issues!If you have since resolved the original problem you were having, we would appreciate you letting us know.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Before we begin cleaning your machine, I'd like to lay out some guidelines for us to follow while we are working together.I will be assisting you with your malware issues. This may or may not resolve other problems you are having with your computer. If you are still having problems after your machine has been determined clean, I will be glad to direct you to the proper forum for assistance.Even if things appear better, that does not mean we are finished. Please continue to follow my instructions until I give you the all clean. Absence of symptoms does not mean that all the malware has been removed. If a piece of the infection is left, it can regenerate and reinfect your machine. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your ... Read more

Read other 2 answers
RELEVANCY SCORE 22.8

I have recently purchased a HP All-In-One computer running Windows 7. This past Friday I chose a link from Google news thinking I was going to a news article. Instead, I was taken to a website that appeared to be a virus scanner. I recognized that this was a scam and X'ed out of the screen. Now the computer is slow when navigating the web and periodically returns to the virus scan scam. The virus shows as AVG8 virus scan.

I've run both Avast virus scan and Malwarebytes malware scanner and both show up with 0 infections.

Can anyone provide me a direction that would eliminate this browsing re-direct problem?

(Ironically, I have an old dell laptop running Windows XP that has the same problem. Since it is old and I got so frustrated I just stopped using it. I bought the All-In-One for my wife for Christmas and now it's doing the same thing.)

Thanks

A:AVG Anti-Virus Virus or browser redirect virus

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

Read other 1 answers
RELEVANCY SCORE 22.8

Hello,

Well today my brother and his wife were using my computer and when I got on the first thing I was met with was this little problem. A black rectangular box in the middle of my desktop with red lettering stating:

YOUR SYSTEM IS INFECTED!

The program that suddenly showed up on my hard drive is called Advanced Virus Remover. The desktop background has been changed to a plain blue background and the task manager has been blocked by the so called "administrator" even though I am logged into the default admin account.

For an anti-virus on my system I currently use Avast Home Edition but it seems to have been unsuccessful at removing the entire virus and it just keeps coming back. I have not personally had a virus like this in some years now. I want to find a method that is going to COMPLETELY eliminate everything that has been placed onto my PC 100%.

I do have a complete backup of my system made. When I first installed windows XP on my machine I made a complete backup witch I can use if all else fails to completely wipe out this situation. However since I did a complete recovery to my system about a week ago just before I got internet hooked up to it again I really do not want to do everything all over yet again.

Any recommendations to completely rid myself of this garbage is much appreciated.

A:Virus alterting me of a virus - Advanced Virus Remover

I appears as if I have removed it completely, but I am always a bit worried whenever something like this happens even it seems to be gone. Any pointers would still be helpful.

Read other 2 answers
RELEVANCY SCORE 22.4

Hello everyone.

I have tried my best to remove this virus on my laptop, but no success yet.

Here are all of the things the virus does:

-Prevents access to websites like spybot, instead of letting me see the site, it simply says "Internet Explorer cannot display the webpage", and there is a button to click that says "Diagnose Connection Problem" (no connection problem of course)

-When I click links from a google search, they most of the time take me to the wrong webpage and I am forced to copy/paste the original link into the web bar.

-Programs like Combofix, Spybot, and HJT do not work and a box comes up after starting them saying "Combofix has stopped working".

-I tried running the programs in Safe Mode, but no luck there.

If anyone knows a fix please reply.

Thanks,

Sean

A:Virus prevents access to Anti-Virus sites/anti-virus programs (combofix, etc.)

I renamed my Combofix to something else and I followed the instructions from a different post and here is the log I ended up with:

ComboFix 09-07-29.04 - Sean 07/31/2009 0:30.1.2 - NTFSx86
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3070.2059 [GMT -7:00]
Running from: c:\users\Sean\Desktop\Music.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\videosoft
c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\videosoft\Uninstall.lnk
c:\program files\videosoft
c:\program files\videosoft\Uninstall.exe
C:\resycled
c:\resycled\boot.com
c:\windows\10057vir9sza2.cpl
c:\windows\1059zpamb5t5bd.exe
c:\windows\1069thi5fz912.bin
c:\windows\1075859zj467.exe
c:\windows\11297vzr5s51c.cpl
c:\windows\1132z5ru977d.cpl
c:\windows\11388troz4559.cpl
c:\windows\1179zs5y695.dll
c:\windows\11991szambo95d9.cpl
c:\windows\120355zoj6819.bin
c:\windows\12324tr9j7b5z.bin
c:\windows\1279zroj295.ocx
c:\windows\12a7d5wnloader999z.bin
c:\windows\132985pz2a0.cpl
c:\windows\133505i9us7z8.exe
c:\windows\13552hackt9ol37z.ocx
c:\windows\1355zw59m5d8.exe
c:\windows\13562vizus1059.cpl
c:\windows\135759orm5c5z.ocx
c:\windows\13599virus6cz5.dll
c:\windows\13614spamzo5990.cpl
c:\windows\13956trojz59.cpl
c:\windows\1502zspy169.ocx
c:\windows\15107zpa9bot54.cpl
c:\windo... Read more

Read other 1 answers
RELEVANCY SCORE 22

I have a nasty if not multiple nasty virus's and have not been successful removing them. It started with the XP Anti-Virus 2011 Removal fake anti-virus popping up with all real anti-virus programs disabled and anytime I try to go to an antivirus website I'm redirected to a random site. This happens in all browsers not just Internet Explorer. I also had many of my files changed to hidden file folders and also the start/all programs button does not show any of my programs. I mananged to get both Malwarebytes and Superantispyware on my computer and was able to get rid of much of the problems by running these programs. Now it seems the XP Anti-Virus 2011 has been removed but I still have the issue with my webpages being redirected depending on which page I try to access. I also have many processes that should not be running in the task manager and when i close them out they just start back up again. This worm seems to be accessing my iexplorer because there are multiple iexplorer.exe open at all times and sometimes the CPU Usage gets very high which is not normal for my computer. The final symptom is that at random times I get a webpage pop up or if not a webpage an error that reads like the following example:

An error has occured in the script on this page.

line: 13
Char: 1
Error: Object doesnt support this property or method
Code: 0
URL: http:/www2a.glam.com/mobile/detect.act?affiliatedld=288743725

Do you want to continue scripts on this page?

I will get at ... Read more

A:XP Anti-Virus 2011 Fake Anti-VIrus and webpages being Redirected Virus

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
Do not d... Read more

Read other 17 answers
RELEVANCY SCORE 22

Antivirus vanished! Can't install ANY new one!Can't access microsoft and any anti virus sites (thus i cannot download or scan my computer from there)I tried to install a copy of avast pro but the set- up immediately close after opening, i also noticed a lot of programs behaving like this just like the bandmaster game from e games and Grand Theft Auto Vice City( once i opened it, it immediately closes)Tried to install that in safe mode, but the computer does not start and reboots back into normal mode.This is the content of DDS logDDS (Ver_10-11-26.01) - NTFSx86 Run by neopc10 at 19:47:12.65 on Fri 11/26/2010Internet Explorer: 6.0.2900.2180Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.353 [GMT -8:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\Acronis\Schedule2\schedul2.exeC:\WINDOWS\System32\svchost.exe -k AkamaiC:\WINDOWS\system32\svchost.exe -k imgsvcC:\WINDOWS\Explorer.EXEC:\Program Files\KGB\Mpk.exeC:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exeC:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exeC:\WINDOWS\PixArt\PAC7302\Monitor.exeC:\Program Files\... Read more

A:anti virus banished.can't install any anti virus programs, can't acces microsoft and anti virus sites!!!...

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the ... Read more

Read other 2 answers
RELEVANCY SCORE 21.6

Hi,

Please help!

I have a Fake Virus Alert Visus on my PC.

When booting the machine it comes up as:
" Application cannot be started - the file wltuser is damaged. Do you want to activate Antivirus now?"

Internet Explorer will then be locked and will only link to the Fake AntiVirus software.

Can someone please help? I have ran Malewarebytes a few times but it has not worked. I am currently in Safemode and re-running once again.

Thank you very much!

A:Virus - false Virus Protection Virus

Lots of people have been getting this recently. Is it similar to Vista Internet Security 2011? Thats the one i got. Dunno if it matters if urs is windows 7 or xp. When it pops up and the the shield icon shows up in the taskbar tray, open task manager. Look for .exe's pw.exe and MSASCui.exe. For me it was uuj.exe.

Right click on it and then click open file location. If you cant see it, then go into folder options and click show hidden files and show system files too. Once u can see it, u can delete it.

The pop up should be gone now but you still wont be able to load you .exes. You can only use them by running as admin.

So click start and type in regedit. Right click on it and run as admin.

In regedit look for these entries;
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CLASSES_ROOT\pezfile
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*

For me, i could only find the third one. I deleted replaced it with "%1" %*

Then i downloaded and used that vista/windows7 exe fix from this site and fixed the problem
http://www.winhelponline.com/articles/105/1/Fil... Read more

Read other 2 answers
RELEVANCY SCORE 21.6

so i have registry cleaner installed because ive been getting the blue screen of death and i heard it helps ( no help)
i have Malwarebytes' Anti-Malware and its pretty good,removes viruses and all
and i JUST installed Safereturner

ok so everytime i run MAM it says only 1 infected (torjan.bubnix) remove and restart. i restart and run again...still there! so i install safe Returner and it found viruses in dell and quicktime and stuff but no malware found no bubnix found....so i restart and run MAM AGAIN and still have Trojan.bubnix.
i think that has been the reason for my re-occuring blue screens of death and looooads of spam e-mail! i really am sick and tired and i need it installed fast,easy and free,pleeeeeeeeeeeeease help!

A:apparently i have a virus? one virus and two virus removers...help!

Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Read other 2 answers
RELEVANCY SCORE 21.2

My anti-virus said it removed a trojan. When I restarted my computer my anti-virus was turned off and it won't turn back on. I ran MalwareBytes and I didn't find anything, so I need some help.

A:Anti-virus removed virus now anti-virus won't turn back on.

DownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

Read other 11 answers
RELEVANCY SCORE 20.8

Hello
I have been experiencing some problems with my computer recently. Firstly, my virus scanner (AVG) keeps on finding a virus called 'not-a-virus:RemoteAdmin.Win32.WinVNC-based.f' and some trojans called 'Trojan.JavaClass'. I have also been getting random pop-ups whenever I have been browsing the internet, and my computer seems to be running very sluggish, especially at startup.

I also believe that, last week, someone gained remote access to my computer, as all of a sudden, my mouse wouldn't move properly and the computer became really slow. This only stopped when I engaged the internet lock on my Zonealarm firewall.

Today, I was asked by Zonealarm to give a program called spoolsv.exe "access to privileged rights" which I have never seen before for this program. When I looked at the properties of spoolsv.exe, it said that it was created in 2006 but modified in 2005 (???), and so therefore didn't allow the program access. (I don't know if that has anything to do with the problems that I am having but thought I would mention it)

I have done "the 5 things you need to do" before posting a blog; here are the files requested:

Panda Scan:

Incident Status Location ... Read more

A:[SOLVED] &quot;not-a-virus&quot; virus and &quot;javaclass&quot; trojan keep appearing on virus scans

Bump.

Read other 4 answers
RELEVANCY SCORE 20.8

hello guys/gals. this is my first post here. wonderful helpful site you have here ! thanks !
alright i may provide too much info, but i figure too much is better than not enough.
for starters, my wife's cousin was using my laptop to do online school work when the screen went blank, then changed to a solid red screen. all of those fake "windows restore" type error messages started popping up saying things such as failed hard drive, etc. then it started doing this scan and showed all of these problems that it detected. it prompted you to purchase their "bogus" program. luckily i was home and told her that was not legit and to avoid that. i grabbed the laptop from her, closed all of these 60 or so error messages, closed out this fake scan screen, and rebooted my pc. after reboot, everything appeared to be gone. my desktop icons were gone, my desktop image was gone and replaced with a solid red screen, everything in my start menu was gone.

i quickly realized that everything was not gone, but whatever had infected my computer had "hid" everything. i shut down again and hit my f8 key to reboot into safe mode. i have windows xp professional (5.1,build 2600) 32-bit. after hitting my f8 key, it pulled up the "windows advanced options menu" where i selected "safe mode with networking" so that i could troubleshoot and research the internet from the safety of safe mode. after selecting "safe mode with networking", i... Read more

A:possibly had / have root kit virus or restore / recovery virus that hid EVERYTHING and would not allow me access to safe mode

adding update. following your "remove system restore (uninstall guide)" in the exact order it was listed, after posting my initial post as suggested, i continued on to the next steps. i downloaded malwarebytes and ran a full system scan. here is a copy of the notepad txt file created with threats detected placed here as an attachment. i removed these threats as directed and restarted pc when malwarebytes prompted me to. my question is do i still need to run your step 19 which is to run the unhide.exe program ? i'm asking that because it APPEARS that everything is working like it should after me running the "pc recovery". i am now going to leave safe mode and reboot into normal mode without running unhide.exe, hopefully that will be ok. thanks again.

Read other 17 answers
RELEVANCY SCORE 20.8

Hello,I've been figthing with this for some time now, with no joy. I found that somebody has an identical problem here: http://www.bleepingcomputer.com/forums/topic279534.html So in any broswer (MSIE8, Firefox, Chrome etc), google search results are hijacked to searchwebnet.info, and then redirected to various other locations - e.g. it seems the first point is searchwebnet.info, and then my browser makes a couple of other hops, before it eventually lands on some dodgy site. Results from search engines other than Google (e.g. Yahoo! or Bing), are not hijacked.Also, same as described in the topic above, MSIE sometimes doesn't start, or sometimes bluescreens my machine when I attempt to run it.One thing I noticed, whether is relevant or not, when the redirection happens, in windows task manager I see SearchProtocolHost.exe process starting up. And staying there, running..Interestingly, my problem also started happening around 17th Dec 2009, which is the date when the above topic was posted. Any help is greatly appreciated!

A:Unknown redirect virus(es?), A virus that often redirects to searchwebnet.info from google results 2

Please find my DDS.txt pasted below (created with AV & AS software off, and with network off). I've attached DDS' Attach.txt zipped, and NT Boot Log, if it's of any help.Many thanks!DDS (Ver_09-12-01.01) - NTFSx86 Run by Owner at 23:32:13.41 on 29/12/2009Internet Explorer: 8.0.6001.18865 BrowserJavaVersion: 1.6.0_15Microsoft? Windows Vista? Business 6.0.6002.2.1252.1.1033.18.1021.296 [GMT 0:00]SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\system32\Ati2evxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\Ati2evxx.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\syste... Read more

Read other 3 answers
RELEVANCY SCORE 20.8

Here is teh log, I think I have a redirect virus, it seems like every uyahoo or google search I do the links take me to random places, I also cannot access my virus scanner or its update. Also teh computer is running very slow. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:40:28 AM, on 4/22/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:E:\WINDOWS\System32\smss.exeE:\WINDOWS\system32\winlogon.exeE:\WINDOWS\system32\services.exeE:\WINDOWS\system32\lsass.exeE:\WINDOWS\system32\svchost.exeE:\WINDOWS\System32\svchost.exeE:\WINDOWS\system32\spoolsv.exeE:\Program Files\Java\jre6\bin\jqs.exeE:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeE:\WINDOWS\system32\nvsvc32.exeE:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exeE:\WINDOWS\system32\HPZipm12.exeE:\WINDOWS\system32\svchost.exeE:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exeE:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exeE:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exeE:\WINDOWS\Explorer.EXEE:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exeE:\Program Files\Java\jre6\bin\jusched.exeE:\Program Files\Sharp\Shar... Read more

A:Hijackthis log I have a redirecting virus that wont allow virus scanners or internet explorer to work

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

Read other 2 answers
RELEVANCY SCORE 20.8

My computer: Dell Inspiron 15inch Windows 8 64bit 500gb hardisk
 
 
I have this virus that will established connection to remote hacker and download virus etc. Currently Im using Sterjo Netstalker to block suspicous connection and its many. I believe its a rootkit virus that hide inside hard disk if not anything else. I have only 1 harddisk attach and I even flash bios and format hardisk. I use to format using DBAN nuke despite not finish (it takes 20 hour) though have gone 1 round and 2 pass but the virus is back after fresh Windows 8 install.
 
Its annoying as it slow down internet and keep use up my hard disk and its getting hot. I wish to remove this virus or had to buy new PC. I attach GMER scan here
 
Too bad though I take prevention step by using AVG and disabled my laptop wireless device and using external usb wireless instead. In the attachment you cant see the real original virus before like its infected svchost and create "auxiliaryseed..." inside the value something like that. But now maybe just ignore the AVG and see around if you can find anything in the attachment. Help much appreciated.
 
Thank you

A:rootkit virus csrss, svchost spyware virus hidden in hardisk even reformat

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.   Scan with aswMBRPlease download aswMBR ( 4.5MB ) to your desktop.Double click the aswMBR.exe icon, and click Run.There will be a short delay before the next dialog box comes up. Please just wait a minute or two.When asked if you'd like to "download the latest Avast! virus definit... Read more

Read other 16 answers
RELEVANCY SCORE 20.8

Hi, my computer was struck with that hideous virus AntiMalware and its various forms such as Trojan-Downloader.JS.Multi.ca and Virus.Win32.Gpcode.ak. I kept getting frequent messages or Security Center alerts whenever I used my computer saying those trojans were present and I had to install their program. I managed to stop getting those alerts by deleting some entries from a HijackThis scan such as -ex_08.exe and others stored in the temp folder in the scan that seemed suspicious and those that I verified on Google as trojans. But I still can't use system restore, malwarebytes antimalware program or super anti spyware. I went into safe mode and everything I described above as well trying to install Malware bytes but it's stuck at finishing installation. It just doesn't work so I cant remove all the malware. Im posting a Hijackthis log. Please help.

A:AntiMalware program infection and virus disabled all antispyware/virus/malware programs

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No inp... Read more

Read other 2 answers
RELEVANCY SCORE 20.8

Received a link to clik from business colleague. I started receiving messages from friends on my Facebook buddy list asking me why I would send them a link to clik on. Apparently, the links are different but my McAfee said it blocked it when I tried to download whatever he sent me. I started getting virus alerts to download programs to clean it, which I knew was not from McAfee. I performed a manual scan and it found 6 virus and malwares which were quarantined. One of my friends said that her McAfee didn't even detect anything and had to pay them to get deep into her computer to get rid of it. Today, I awoke to find a similiar ploy to download a virus and malware program to rid my problems. I print screened and am posting that. I again ran a McAfee virus scan and it found 4 which again were quarantined.

How can we get rid of whatever is causing this?

I ran a Lavasoft Ad Aware scan which detected 2 cookies and were removed. I also ran Spybot Search & Destroy which found 25 Ask toolbar which I removed. It is 1 day after rerunning the McAfee scan above and so far no recurrence of the virus. But is it still in my computer?
 

Read other answers
RELEVANCY SCORE 20.8

Windows XP Machine IE 7
Noticed a few days ago that whenever I was doing google searches I would find my item, click the hyperlink and was supposed to go to the intended website, but instead would hit a variety of Porn, Healthcare, Pharmacy etc website having nothing to do with my search criteria.

I had McAfee installed at the time but found that it had not updated itself in a few days and when I tried to run it for virus scans it wouldnt work. Finally removed the program and tried a number of others: Kasperia, Ad Aware, etc. The same problem exists in all of them.....I install it, I try to start a scan and either it starts scanning and then just disappears from my screen a few seconds later (program stopped and is gone from screen - try to restart and either it crashes instantly or does the same each time) or I cannot even click the scan button (it just doesnt do anything when you press it over and over again).

Have been for last few days reading through website help forums and downloading various programs to ID, fix etc...with little results.

Hijack installs and when I click the .exe file it gives me a popup error saying:

Windows cannot access the specific device, path, or file. You may not have the appropriate permissions to access the item.
I have managed to get Win32kDiag.exe to work with a log.....I currently have Erunt, HijackThis, SysRestorePoint, TFC, MGADiag, and Malware Bytes programs on my desktop.

Maleware is doing same as all other scanners....Either star... Read more

Read other answers
RELEVANCY SCORE 20.8

Hi,

Virus doesn't allow me to startup my computer, apparently even if safe mode.

Symptoms were:
- Pseudo-anti virus program launched itself, and gave spurious results
- Messages were displayed in red over the screen background
- I rebooted, and could no longer run browsers or other programs, including Norton
- Rebooted again, and no screen display
- Tried to reboot in safe mode, but that appears not to work also
Help!
 

Read other answers
RELEVANCY SCORE 20.8

Hello, i'm new to this site, so if i say something stupid please be understanding.
(i'm running vista to clarify)

I had a while ago gotten a virus which would play sounds randomly, and i was able to temporarily fix it by going to task manager and killing the process. after a while the virus stopped bugging me (i guess the antivirus software caught the culprit.)

recently i downloaded an installer, and it happened again. this time i hit ctrl alt del, and task manager had been removed from the list. i tried accessing it through control panel and it told me it had been blocked by the administrator (me) i then looked up how to re-enable it, and went to run REGEDIT and that was blocked too. i've tried several scripts to re-enable regedit, all to no avail.

whenever the sound stops playing i get a message saying:
"Host Process for Windows Services stopped working and was closed

A problem caused the application to stop working correctly. Windows will notify you if a solution is available."

i also found these 2 files in system configuration: BtwSrv (by Microsoft Corporation) and fastnetsrv Service (by Sigma Designs Inc)

I googled the second one, and found it to be a virus (yayy google!)
I am unsure about how to remove these, and i also found several remote applications which i would like to disable... help would be appreciated

McAfee identified a virus and removed it, however it keeps re-appearing

Detected: Artemis!F245638D7283 (Trojan),
Artemis... Read more

A:Random Sound Virus + Registry editor and task manager disabled by virus

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for malware removal assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed. I currently have as many open topics as I can effectively handle; this will have you back in queue with the proper logs so an available helper would be able to assist.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 20.8

I hope that this is in the right section but I am having a problem with my computer. I can constantly hear programs running in the background. I currently have two anti spyware/malware installed on my computer. One is SpyHunter and the other is CyberDefender. They both are picking up on some virus called Vundo and everytime I delete it, it just comes right back. It is so frustrating surfing the internet because it freezes or moves extra slowly. Figured I'd ask you guys before I take a hammer to it lol.

Thanks

A:Windows XP SP2 running slow, virus protection catches it but the virus keeps coming back

Hello,i am moving yjis to the Am I Infected forum from XP.Please disable those apps while we do this.Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the St... Read more

Read other 9 answers
RELEVANCY SCORE 20.8

Operating System: Windows XP

I'm hoping that someone can help me! I am also getting three pop-up messages on my system. One is to download anti-virus software, another is a warning about the Blackworm virus, and the third is an Adult Friend Finder pop-up. My hijack this log:
Logfile of HijackThis v1.99.1
Scan saved at 5:05:45 PM, on 4/4/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE
C:\Program Files\Clarisys\Claritel-i750\Ipnappgw.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\CHARTE~1\backweb\3528733\Program\SERVIC~1.EXE
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Program\fspex.exe
C:\Program Files\Charter High-Speed Security Suite... Read more

A:Solved: Blackworm virus, anti-virus software and Adult Friend Finder pop ups

Read other 9 answers
RELEVANCY SCORE 20.8

OK i just got into the Econo Lodge hotel i got my computer and i started to realize it would keep getting hot. So sometimes it would crash or go into hibernation. But now its worse the computer keeps shutting down like in sleep mode where the screen dims and the wireless button becomes red accept now it shuts off is my harddrive shot or is there a remote accesser or worm in this. Let me note i do download ROMS and emulators but are these the cause. Even when my computer is just 34 or 48 degrees Faranheit it will do shall i call it a "sleep-mode shutdown" is this my BIOS doing a fail-safe worm by someone or is my hard-drive shot or is someone invading my computer and infecting it or remotely hacking and shutting it off with a .BAT i should also tell you i am in Safe Mode with Networking while i post this and my computer is Windows 7 Ultimate bought in 2007 and upgraded to Win7 2009.

Thank you. Ryan

- I will post a log as soon as i get a reply with what to do.

EDIT: I also get my ROMs from Emuparadise.com and since i use a hotel wireless access point i get a lot of pop-ups.

A:Weird virus??? (Remote access/WIN32.Worm/file virus/SHUTDOWN.exe PLEASE HELP)

My guess is your computer is getting to hot and being shutdown to protect it.

Read other 1 answers
RELEVANCY SCORE 20.8

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:57:03 PM, on 9/9/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16876)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Brmfrmps.exeC:\WINDOWS\System32\GEARSec.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Viewpoint\Common\ViewpointService.exeC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\system32\BRMFRSMG.EXEC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Dell\Media Experience\DMXLauncher.... Read more

A:Please diagnose Hijackthis log: Personal Guard 2009 virus (fake anti-virus)

DDS (Ver_09-07-30.01) - NTFSx86
Run by Admin at 14:22:35.14 on Wed 09/09/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1270.580 [GMT -4:00]
============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Progra... Read more

Read other 3 answers
RELEVANCY SCORE 20.8

Please can anyone help me clear my laptop of whatever has hijacked it. It blue screens on me and will only access the internet with add ons disabled. It completely locked me out at first but used malware removal and found yura 94.exe I have tried using several malware removal tools since but think I need to leave it to you experts as it really seems to be in a mess and i can't fix it !!!!
Thank You in anticipation.
Here is the HJT log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:31:12, on 27/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Acer\Empowering Technology\admServ.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\NCH Software\Fling\fling.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Pro... Read more

Read other answers
RELEVANCY SCORE 20.8

Hi. I am new here. I have had constant problems with my computer crashing for over two weeks. Also I have noticed that I haven't been able to update my anti virus software...both ad aware se personal and avg 7 free have not been able to update for some 16 days now.
I have run your recommended online scanners, pandasoftware, housecall, and macafee. I believe macafee discovered the WIN32.ATAK.B and NEW POLYWIN 32 viruses, but said it could not remove them.
something seems to be eating up my ram, simple rendering tasks cause my computer to crash now.

I have updated to windows sp1a. I am running windows xp pro. I would appreciate any help.

here is my hijack this log.

Logfile of HijackThis v1.99.1
Scan saved at 18:47:14, on 19/06/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\AvidSDMService.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\sv... Read more

A:virus WIN32.ATAK.B, NEW POLYWIN 32 viruses, can't update anti-virus software

HijackThis!
Open Hijack This and click on Scan. Check the following entries (make sure you do not miss any)
F3 - REG:win.ini: load=???
??? ???
?
? ?????
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/dba1402.exe

Please remember to close all other windows, including browsers then click Fix checked.

Online Scans
Perform an online scan with Internet Explorer with Panda ActiveScan
** click on "Free use ActiveScan" located on the top right hand corner Click Scan your PC & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
Click Scan Now
Enter your e-mail address & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer If it finds any malware, it may ask you to purchase the program, this is not necessary we will take care of the entries manually.
At the end of the scan click on see report. Then click Save report
Please post that log in your next reply.

In your next post please include:Panda Activescan Log
A new Hijackthis! Log

Read other 19 answers
RELEVANCY SCORE 20.8

I got this nasty virus but I have no idea how to get it out, I can't run into safe mode because it restarts my computer and it keeps doing that. Ill post up a HiJackThis log PLEASE HELP! I am still a beginner so please bare with it. The problems that I know/see on my computer is that, I have restricted admin rights so I cant use System Restore or the task manager, Also my anti-virus keeps disabling and its Macafee if you want to know.
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.... Read more

Read other answers
RELEVANCY SCORE 20.8

Hi seem something got into my computer!!!
  Noticed yesterday my Norton’s popup said it caused an error and had to close. I rebooted the computer and ran a scan, came up fine? I notice my pointer would blink back and forth to the hourglass. I opened my task manager and it seems to be switching with the CSRSS.EXE & N360.EXE (CPU) counter jumping up and down, FAST! Never saw anything like it before, usually what just system idle, maybe Firefox??? I tried running Norton's again, I really forget if it crashed or didn't do anything. Tried the standard online virus scans and ran into all kinds of troubles. Some seem to start to load and then the popup window disappeared? Think it was Kasp., when I reloaded it, it ran and found nothing! Others froze or crashed, restarted the computer, without finishing. It seems to have gotten worse, the last few time I looked at the Task Manager and I see
 
CSRSS.exe       KSS.EXE       N360.EXE       AVG***.exe
 
All these (CPU) counts are jumping up and down I have never seen my task manager list jumping so much! It seems so much worse now that I tried all these scans, even with the computer freezing and crashing now. I rebooted in safe mode and came right here. You help me once so long ago and hope you can again! One thing, now when I look at the Task Manager, all those virus program names are gone, list is very short.  Plus (C... Read more

A:virus chk, no run! Task Manager show CSRSS.EXE & Virus prgs crazy switching??

Are you really surprised? You have kaspersky, norton, and AVG installed. There I was thinking that I like a bit of tin foil head gear. The executable CSRSS.exe as you typed it has reputation for being exploited, and although it should be a legit bit of XP, it could also be a trojan according to some of the webz? This support article from Micro$oft may be more practical/applicable use to you, and they suggest that it's caused by a corrupt user profile. The suggested remedy is to delete your user account after backing up stuff, and then restart followed by re-creating your user account.
 
PS
 
Being a Linux user I'd have to chip in as to why don't you try a linux live DVD/USB, there is no need to make changes to your hard drive or computer with the possible exception of changing the BIOS boot order. If you cannot afford a hardware/software upgrade then just boot into free linux, and try it out. There is no obligation to buy, and little/no risk of damage. Visit the BC linux forums, where people are very friendly and helpful.
 
windows XP ==
 
Linux ==

Read other 22 answers
RELEVANCY SCORE 20.8

Hello, I have some weird chinese "anti-virus" virus that I cannot delete, also Malwarebytes Quarantine doesnt let me press the finish button.
Some weird chinese programs tend to appear out of nowhere.
Please help.

A:Weird chinese "anti-virus" virus + malwarebytes quarantine doesnt let me finish

Hi Snajpi My name is Aura and I'll be assisting you with this issue. Please give me a few hours to review your logs and prepare a reply.Thank you!

Read other 15 answers
RELEVANCY SCORE 20.8

Accidental double post.  Here is the link to my real thread: http://www.bleepingcomputer.com/forums/t/524143/virus-possibly-paladin-virus-avoids-all-scanners-and-crashes-desktop-on-start/Edit: Merged two topics for continuity of context and MR Team topic management.~ Animal

A:Virus (possibly Paladin virus) avoids all scanners and crashes desktop on start

Computer: Windows Vista 64 bit / / Dell XPS 420
 
Problems started occurring out of the blue when I tried to resume my computer from sleep mode and it froze. I had not downloaded anything recently, not anything I was aware of anyway. My computer has had several corrupted files that contained error messages on start up. I have been able to fix these but my computer freezes soon after I start up. I am only able to access safe mode. 
 
I have been able to remove 42 entries of malware via Spybot. And 1 virus via Avast. The virus was called Paladin. However, in my virus chest there are multiple entries each named unknown, all with the same date of quarantine. Despite my quarantining of this virus, a [Paladin] program still pops up very briefly in normal mode in my start-up tray. 
 
I have been able to install and update a number of anti-virus and malware removal programs despite being infected. Although initially, the virus had somehow removed Adwcleaner, I was able to reinstall it and scan my registry. The problem, however, was not fixed. For some reason, despite downloading them, I have been unable to fully install Avira Anti-virus and am unable to get AVG to run.
 
Everything else comes up with zero results despite continuing problems. MRT says I have 1 infected file on a Full Scan, however, it always locks up when attempting to scan: D:\dell\Image\Factory.wim\Windows\Help\Windows\en-US\mail.wmv
Custom and quick scans yield no results.
 
... Read more

Read other 41 answers
RELEVANCY SCORE 20.8

Hello,I'm usually good enough with my computer to avoid and/or repair these kinds of things on my own, but have never had this.It changed my desktop background from a picture to text warning me about malicious content, and at the same time my Windows Update icon flashed red, and my AVG anti-virus warned me about the bugs.Ad-Aware found and removed/quarantined some of them. AVG found and removed others.My task manager still runs properly and found a few programs that looked suspicious "fff.exe", "msctrl.exe", "16627184.exe", & "EtEngineU.exe".I run daily scans for all of my anti-virus and ad-aware, and nothing has come up previous to this stuff today, so I know it's new.One pop-up that looked like it came with a new Windows XP update I downloaded claimed it was "Windows Total Security" and that it would clean up malicious content, but that I'd have to pay.Thankfully I wasn't stupid enough to fall for that, just stupid enough to get it on my computer.I deleted a bunch of those programs from my task manager (ended the process tree completely), removed the programs from the control panel, searched out the files in "My computer" > "C:" > "System", etc.However, there are items in "startup" when I run "MSCONFIG" with the same names that claim they're going to run as soon as I start the program up again.I ran HJT, and the other scans this site recommends before posting a new ... Read more

A:Total Security virus - FFF.exe virus, 16627184.exe, EtEngineU.exe, perdm32.exe, msctrl.exe, & other viruses

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 20.8

Hello Bleepingcomputer! I am a long time user of PCHelpForum that has been reffered to this forum as a better alternative and I decided to check it out. There is definitely something funky going on with my computer, as I recieve virus infection pop ups occasionally, my computer will randomly say it has encountered an issue and needs to restart, and has had internet connectivity issues. I used to frequently use HijackThis! logs as a means of analysis, but it seems that this FRST application has taken over that niche. Please let me know what additional information you may need for your analysis. If there are any unneccessary files or programs installed that may be an issue as well, please let me know, as I am trying to do as much of a deep clean as possible. Thank you in advance for taking time to check out these problems.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
Ran by Stellakinetic (administrator) on BLUEBALLOON (01-08-2016 10:32:31)
Running from C:\Users\Christian\Documents\AntiVirus
Loaded Profiles: Stellakinetic &  (Available Profiles: Stellakinetic)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included... Read more

A:Virus analysis and removal. Random virus pop-ups and internet connectivity issue

Thank you for deleting the extra copy of this post. Once I hit post, my internet connection was lost and it must have double posted when I reconnected. Also, it may be worth noting that normally when I run antivirus software, there is generally a little bit of malware or spyware that is found, but recently when I run a multitude of different scan programs absolutely nothing shows up. Either my computer is squeaky clean after nearly 6 months without scans, or something is blocking/hiding from the scanners. It seems to be the latter, as I have mentioned that I am having issues with my laptop shutting down intermittently, virus warning popups, and internet connectivity issues stemming from something altering my connection preferences.

Read other 2 answers
RELEVANCY SCORE 20.8

Hi,Recently while happily working and listening to an online radio station my system just jammed with the cursor showing the processing symbol. I thought it a small abberation and continued working as songs still played in the background.Then I was attacked! The virus disabled the pictures on the internet, my anti virus on the system and the speeds became very slow. Searching for help I found you. on your website i was instructed to use the malware software. The malware removal has been successful to a certain extent but not completely. I am still not able to activate my windows update. and my task manager has many new .exe files. [I have uploaded a picture of how my task manager looks like]Please help!Yours trulyIpbleepa.DDS (Ver_09-03-16.01) - NTFSx86 Run by Chairperson at 9:37:23.23 on Wed 18/03/2009Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.758.333 [GMT -4:00]AV: Norton Internet Security *On-access scanning enabled* (Updated)FW: Norton Internet Security *enabled*============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEsvchost.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exeC:�... Read more

A:Ravaged system by the attacks of the notorious Anti virus 2009 VIRUS

Hello Ipbleepa Welcome to the BC HijackThis Log and Analysis forum. I will be assisting you in the cleanup of your system.I ask that you refrain from running tools other than those we suggest to you while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond the your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.Please perform the following:Do an online scan with Kaspersky WebScannerClick on Kaspersky Online ScannerYou will be prompted to install an ActiveX component from Kaspersky, Click Yes.The program will launch and then begin downloading the latest definition files:Once the files have been downloaded click on NEXT
Now click on Scan SettingsIn the scan settings make that the following are selected:Scan using the following Anti-Virus database:Extended (if available otherwise Standard)
Scan Options:Scan Archives
Scan Mail BasesClick OKNow under select a target to scan:Select My ComputerThis will program will start and scan your system.The scan will take a while so ... Read more

Read other 5 answers