Over 1 million tech questions and answers.

Ewido Anti-spyware - Scan Report

Q: Ewido Anti-spyware - Scan Report

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:17:08 PM 9/9/2006

+ Scan result:

C:\WINDOWS\system32\vtutrop.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Cleaned with backup (quarantined).
[1988] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
[284] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
[596] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
[620] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
[776] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
[836] C:\WINDOWS\system32\ntswrl32.dll -> Backdoor.Cakl.a : Error during cleaning.
C:\WINDOWS\system32\ldapi32.exe -> Backdoor.Dosia : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ntcvx32.dll -> Backdoor.Dosia : Cleaned with backup (quarantined).
[2060] C:\WINDOWS\system32\ntcvx32.dll -> Backdoor.Dosia : Error during cleaning.
[2292] C:\WINDOWS\system32\ntcvx32.dll -> Backdoor.Dosia : Error during cleaning.
C:\Documents and Settings\Danilo Ambrosio\Local Settings\Temp\Rar$EX13.906\Patch.exe -> Not-A-Virus.Hacktool.Crack : Cleaned with backup (quarantined).
C:\Program Files\BitComet\Downloads\Ewido Anti-Spyware 4.rar/Patch.exe -> Not-A-Virus.Hacktool.Crack : Cleaned with backup (quarantined).
C:\Program Files\BitComet\Downloads\Patch.exe -> Not-A-Virus.Hacktool.Crack : Cleaned with backup (quarantined).
C:\Documents and Settings\Danilo Ambrosio\Cookies\danilo [email protected][2].txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
C:\Documents and Settings\Danilo Ambrosio\Cookies\danilo [email protected][1].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
C:\Documents and Settings\Danilo Ambrosio\Cookies\danilo [email protected][1].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Danilo Ambrosio\Cookies\danilo [email protected][2].txt -> TrackingCookie.Clickhype : Cleaned with backup (quarantined).
C:\Documents and Settings\Danilo Ambrosio\Cookies\danilo [email protected][1].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Danilo Ambrosio\Cookies\danilo [email protected][1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Danilo Ambrosio\Cookies\danilo [email protected][1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\WINDOWS\system32\1024 -> Trojan.Small : Cleaned with backup (quarantined).
::Report end

RELEVANCY SCORE 200
Preferred Solution: Ewido Anti-spyware - Scan Report

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Ewido Anti-spyware - Scan Report

Hello pnoiboi03_ and welcome to BleepingComputer. My name is Charles and I will be helping you to clean your computer today. Click here to download HJTSetup.exeSave HJTsetup.exe to your desktop. Double click on the HJTsetup.exe icon on your desktop, and follow the installation guide to install HijackThis.Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log. Click Save to save the log file and then the log will open in notepad. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log. Come back here to this thread and Paste the log in your next reply.DO NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required. Post back with the log it creates.Thanks,CharlesEDIT: I see you are already being helped by somebody. Please do [b]not[/b[ start new topics, as we get confused and do not realise that somone is already helping you.

Read other 1 answers
RELEVANCY SCORE 86

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:07:45 PM 8/4/2006

+ Scan result:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet\readme.html -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet\uninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet\uninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\Program Files\filesubmit\rainbowgirlwp.zip\NNWDAC638.EXE -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
[464] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Error during cleaning.
C:\Program Files\filesubmit\rainbowgirlwp.zip\Ezthemes_WhenUSaveNow_InstallerInst.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Brenda\Cookies\[email protected][2].txt ... Read more

A:report from ewido scan

Hi and welcome

I have split your post off into your own thread. In the future if you have a Question/Problem please start a "New Thread".
It gets too confusing trying to address two different people's problem in the same thread and you may get overlooked.

Please continue in this thread.
 

Read other 2 answers
RELEVANCY SCORE 84

I ran an EWIDO scan with two ‘infected’ items found. There seems to be a ? as to whether or not these are a true problem. Therefore, I ask your advice as to what to do. I can not remove them with EWIDO, since I am using a lapsed trial version. The info from the “report” follows:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 10:54:49 AM, 11/10/2005
+ Report-Checksum: 5CD01CE8

+ Scan result:

C:\WINDOWS\system32\MRT.exe -> Heuristic.Win32.AVKiller : Ignored
C:\System Volume Information\_restore{8A76E78A-6A78-49A6-A7E2-9B95E126EFAD}\RP384\A0059194.exe -> Heuristic.Win32.AVKiller : Ignored
::Report End

Thanks, {redoak}
p.s. Note the 'word' "AVKiller" at the end of each entry. Significance?
 

A:Solved: EWIDO scan report - problems?

Read other 7 answers
RELEVANCY SCORE 84

I've been infected with spysheriff as well. here are my HJT and Ewido scan logs:

Logfile of HijackThis v1.99.1
Scan saved at 1:09:32 AM, on 6/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\unzipped\hijackthis\HijackThis.exe

F1 - win.ini: run=C:\WINDOWS\..\PROGRA~1\COMMON~1\MICROS~1\MSInfo\info32.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 -... Read more

A:Hijack This Log, Ewido Scan Report, need to rid spysheriff

Read other 7 answers
RELEVANCY SCORE 83.6

What am I looking at with this report? With this report can I see if anybody else has access to my computer? Thanks.
 

A:Ewido anti-malware - Connection report

What are you looking for? Whay do you think someone else has access to your computer?
 

Read other 2 answers
RELEVANCY SCORE 78

I'm on a Windows XP and recently did a full scan using ewido anti-spyware 4.0. There were 1939 infected items. When I clicked on "apply all actions", it did not delete all 1939 infected items. Instead it said "error while deleting". So, how can I get rid of these infected items?
 

A:Ewido Anti-spyware 4.0

Read other 16 answers
RELEVANCY SCORE 77.2

I'm just wondering what happens when the resident shield is no longer in effect since after about 3 weeks of using it, (i guess it was a trial) I'm no longer able to turn on the shield and it says that the shield detects Malware and this and that about the securtiy of my computer.

Please tell me what to do... Should i get a new anti spyware? If so which one?
 

A:Question about ewido anti-spyware 4.0

♥♦♣♠ Bump ♠♣♦♥
 

Read other 1 answers
RELEVANCY SCORE 77.2

I want to install the latest version of AVG free.
But I cannot install ewido anti-spyware from my PC.

A:Remove Ewido anti-spyware

make sure it's closed down and not running in the background then remove it from add and remove or from within the ewido folder
if the the uninstall is corrupted
reinstall and then uninstall

Read other 1 answers
RELEVANCY SCORE 77.2

Hi

I have seen that people refer to Ewido Anti Spyware in the security section of the forum.

Is it better than the rest that are out there in the market.

Is it worth purchasing ? or is SpyBot and Windows Defender enough
 

A:Ewido Anti Spyware , Is it Good ?

Read other 8 answers
RELEVANCY SCORE 76.4

Hi guys
Can I scan my PC with Ewido Anti-Malware in normal mode?
Can I use Ewido Anti-Malware and Spyware Doctor in my PC? Not, of course, at same time, but first one and after the other.
Thanks and regards.
Darthy

A:Ewido Anti-malware And Spyware Doctor

Hi Darthy.

Ewido can be used in normal start-up mode. It will still detect malware and delete it. The reason that it's recommended to run in safe mode is just to make sure that it can delete any malware that runs in normal mode that does not run in safe mode and therefore protected. Its always best to run in safe mode, if only to avoid the agro of running a scan in normal mode to find you have to run it again in safe mode to delete a problem that you cant do in normal setup.

....and yes, you can run Ewido and Spyware Doctor programmes after one another,which is a good thing to do, just not together as they may conflict with each other and not work properly.

Just always remember to update Ewido and Spyware Doctor before running a scan,which you need to do in normal mode as you cannot update in safe mode.

Happy browsing

Read other 3 answers
RELEVANCY SCORE 75.6

umm Dr. Web's virus database is about 2 Mb. AntiVir PE's is about 5Mb. Spyware Doctor's database is 938kb and Ewido's is 5Mb. Does that mean that AntiVir is superior to Dr. Web and Ewido is superior to spyware doctor?

A:Dr.web Antivir Pe Ewido Anti-malware Spyware Doctor

The short answer is no.AV CompartivesHave a look at this website for comparisions of different AV products.http://www.virus.gr/english/fullxml/default.asp?id=72&mnu=72See the results here although they may not be as valid as the AV comparitives ones.

Read other 1 answers
RELEVANCY SCORE 75.6

Hi,I recently ran my ewido anti-spyware 4.0 and it found Dialer.Generic I did the recomended action & it said it was cleaned. Upon my next reboot though I rechecked & there it was again!! This happens over & over...it seems to clean it, but upon re-boot it returns! Here is my latest ewido log:ewido anti-spyware - Scan Report--------------------------------------------------------- + Created at: 8:47:15 AM 7/17/2006 + Scan result: HKLM\SYSTEM\ControlSet002\Control\SPPInfo\PPSE1IDesc -> Dialer.Generic : Cleaned with backup (quarantined).::Report endHow do I find the obvious program that is reinfesting me with this upon bootup??I am running:TrendMicro PC-Cillin Internet Security 2005Outpost Firewall Pro ver. 3.51.759.6511ewido anti-spyware 4.0Spyware BlasterSpyware Doctor--Trialxspysoftsearchbot search & destroyad-aware se personalspyware guardstartup monitorAll Programs are up-to-date as of yesterday/today with the latest available updates except for SpywareDoctor.How do I find the obvious program that is reinfesting me with this upon bootup??Your help in this troubling matter would be deeply appreciated! Thanks,,,,Bobby AKA DreamRyder

A:Dialer.generic...found With Ewido Anti-spyware 4.0

This problem was reported several months ago. I have not found an official reply from ewido regarding it. peter.ewido was involved in a similar discussion here.A solution to create a new user account then deleting the key using that accountwas posted there. I found two other users who posted the same question at other sites, used this solution and it worked.

Read other 2 answers
RELEVANCY SCORE 75.6

Ewido Anti-Spyware picked these 3 things up as malware, with medium risk.
C:\Windows\system32\yaywxyw.dll
C:\Windows\system32\yaywxyw.dll
C:\Program Files\ToolBar888\MyToolBar.dll

Here's the Hijack This Log (I'm getting tired of this garbage happening.)
Logfile of HijackThis v1.99.1
Scan saved at 10:14:11 PM, on 9/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\OdHost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPHipm11.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozil... Read more

A:Solved: Malware, picked up by Ewido Anti-Spyware

Read other 16 answers
RELEVANCY SCORE 68.4

Good morning,

I had my hijack log analysed and was asked totake certain actions which i did. Because the computer was in safemode when the scan was performed I had to save the report file with the results. I saved it to DEsktop then, because I was in another user's account I then transferred it to a floppy.

Now that I ahve tried to post to the hijack log I cannot get the report in readable format. By this I mean I went through "File" on my browser and opened the report - it came up with a number of small squares and letters (the usual jargon when a file is opened in the wrong application).

What do i have to do to post it into my hijack log thread to ensure that you guys could lookat it since i am not seing anything here that allows opening of files.

Thanks

Tempest

Read other answers
RELEVANCY SCORE 64.4

Just thought I would share this bit of info.. I have run my first scan with Microsoft's new Beta. Um.. I am a bit stunned to see what it found. the list goes like this..1. Incredifind ~ classified as adware and I will remove that one. Rated High.2. KaZZa (ad-ware bundler). I would remove this too. Rated Moderate3. Ok.. this one is a complete surprise.. VX2 transponder(browser plug-in). Rated Severe. 4. iLookup(browser hijacker) rated Severe5. NewDotNet (browser plug-in) Rates high6. PowerReg Scheduler(spyware) rated moderate.. I think this one has some legitimate programs running in it. It lists HjT and something on my son's desktop.7. Ezula.TopText(adware) Rated High8.WhenU.SaveNow(adware) Rated High9. AltNet P2P Networking(adware) Rated Elevated10. FunWebProducts... yeah it's a blast.. (adware) Rated Elevated11. CoolWebSearch.StartPage(browser Hijacker)Rated severe of course.. this is located in IE of course. 12. SeachSquire(adware) rated elevated13. MywaySearchBar(browser plug-in) adware rated moderate14. IST SlotchBar (toolbar) Rated High15. ActualNames (browser hijacker) rated elevated.How did all this get here? I am stunned. Here I though I was doing well staying on top of things and I find this stuff. I am just a bit blind-sided.. specially by that VX2.. where the bleeping bleep did that come from?? Like I said... just thought I would share. I have every sort of tool you can imagine.. Ad-aware SE.. Spy-bot..Spyware blaster.. AVG... A squar... Read more

A:Microsoft Anti-Spyware 1st Scan

Pandy.
I am shocked.However did you acquire that rubbish.Please keep us informed.
Thanks.
Philip

Read other 10 answers
RELEVANCY SCORE 64.4

can someone tell me if this scan is any good. the microsoft anti spyware scan. also when i ran it. it says i have one spyware-kontike(browser plug-in) is this bad.
 

A:microsoft new anti spyware scan

Check out this thread...
http://forums.techguy.org/t316073.html
 

Read other 1 answers
RELEVANCY SCORE 64.4

I have recently tried a new Anti-Virus program and am surprised at the infections it listed on it's first scan. Can the log be analysed for false positives?
My OS is Win98SE, I have the following Anti-Virus programs installed:
SpyBot S&D 1.3 Ad-Aware PE 1.05 IE-Spyads and Spyware Blaster 3.2, all are up to date. I also have Panda Anti-Virus & Firewall.
Any advice would be appreciated. rim rim
 

A:Can an Anti-Spyware scan log be analysed?

Read other 6 answers
RELEVANCY SCORE 64

Hi everyone.

I want to thank you in advance for any help I get.

I've been trying to fix/research this problem for 3 days now.
My Dell Lattitude 610 with windows XPsp3 was running perfectly a week ago (March 20, 2011). On March 21, i noticed it was extremely slow and music files were playing choppy, which always indicates some kind of spyware.

I have all the windows security updates installed. I don't download music, roms etc. I regularly defrag and run CClean.

I ran Ad-Aware and it removed 2 infections that I did not get a chance to look at because I restarted my computer once I pressed ok on its UI. The next day, when Avast was updating I got a BSOD. I restarted in safe-mode and ran Avast which turned out to say there was no threat. I ran ad-aware in safe mode as well as malbytes malware remover and got no threats from either.

I thought the malware was gone. I started normally and as soon as I did a routine avast scan it went into BSOD again.

Blue screen: DRIVER_IRQL_NOT_LESS_OR_EQUAL
STOP: 0x000000D1 (0X0000000C, 0X00000005, 0X00000001, 0XF73FA5F7)
atapi.sys
F73FA5F7 F73F2000, DATE STAMP 4802539d
I downloaded rkill.com and used that. It killed two processes. I DID NOT restart (as the instructions clearly say not to) and I did try and run avast again now that the processes were "killed" and got my bsod again. I rebooted, used rkill and then tried malbytes instead and got no threats. I rebooted and tried to start working again, and avast went to aut... Read more

A:BSOD on vrius or anti-spyware scan

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far. Upon completing the steps below another staff member will review your topic an do their best to resolve your issues. If you have already posted a DDS log, please do so again, as your situation may have changed. Use the 'Add Reply' and add the new log to this thread. Thanks and again sorry for the delay. We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explaination about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that... Read more

Read other 2 answers
RELEVANCY SCORE 64

Hello,

I have several anti spyware and virus scanner software and such but I can not update any of them. The computer seems slow as well. I did online scan from Panda and it said it detected 41 spyware or hacker tools(Imsaved the log) and I did etrust online scan as well and it found 4 items which were java related(?) and said to clear the java cache. I am now posting the log. Thanks

Logfile of HijackThis v1.99.1
Scan saved at 11:22:17 PM, on 10/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Progr... Read more

A:Can not update anti spyware and virus scan

Hi and welcome to TSF.

Apologies for any delay in replying, but we have been rather busy lately.

Since it has been a few days since you first posted, please post a fresh HijackThis Log if you still need assistance.

Thank you.

Read other 3 answers
RELEVANCY SCORE 63.6

could not fit all reports in one post so all the ewido report is in my reply.

i am still having my original problem where my mouse moves at a hyper speed and starts right and left clicking everything it touches. but the person who helped me originally told me to post these three things so i assume the problem shoudlnt be fixed yet.
Logfile of HijackThis v1.99.1
Scan saved at 12:51:30 AM, on 8/19/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\BelkinMonitor.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://s-redirect.com/?a=2&b=n-ex
R1 - HKCU\Softw... Read more

A:hjt log, ewido scan and active scan reports

ewido report still too long... continued into next post

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 12:09:43 AM, 8/19/2005
+ Report-Checksum: 384EC406

+ Scan result:

HKLM\SOFTWARE\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2E246FAE-8420-11D9-870D-000C2917DE7F} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj -> Spyware.MoneyTree : Cleaned with backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CLSID -> Spyware.MoneyTree : Cleaned with backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CurVer -> Spyware.MoneyTree : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{1C01D150-91A4-4DE0-9BF8-A35D1BDF1001} -> Spyware.SafeSurfing : Cleaned with backup
HKLM\SOFTWARE\Classes\MediaAccess.Installer -> Spyware.WinAd : Cleaned with backup
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CLSID -> Spyware.WinAd : Cleaned with backup
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CurVer -> Spyware.WinAd : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib... Read more

Read other 2 answers
RELEVANCY SCORE 63.2

I recently read that if you use a keychain drive on a computer with spyware or a virus, it can infect the drive and then infect your computer when you use it at home. I can scan my keychain drive with Ad-Aware and AVG Anti-Virus, but I don't know of any other programs that can scan a flash drive. Does anybody know of any anti-spyware programs that can scan a removable drive? I've searched the web, but I haven't found anything. What about CWShredder? It doesn't ask what drive to scan when you use it.

Thanks

A:Scan a flash drive with anti-spyware programs?

Most antivirus programs should be able to scan a flash drive by specifying the drive letter. Microsoft antispyware can scan a specific driver letter as well.

Cwshredder would not work on this.

Read other 4 answers
RELEVANCY SCORE 63.2

I have XP Media Center Edition Version 2002 Service Pack 3. THE virus scan window pops up
with the name XP Anti Spyware 2011-Unregistered Version. I used the Windows Task Manager to close it.
Zone alarm also asked for ten.exe (I think was the name) to access the internet. I clicked on deny.
I shut down the computer and I am using a different one to post this message.
I have Avira Anti Virus, Malwarebytes, Super AntiSpyware, CCleaner and Spyware Blaster already installed.
It has been a while since I have posted about a virus problem, but I am familiar with the process.
Thanks for your help.

A:Fake XP Anti Spyware 2011 Virus scan

Try this:

http://www.bleepingcomputer.com/virus-removal/remove-win-7-internet-security-2011

Read other 11 answers
RELEVANCY SCORE 62.8

I use Ewido Anti-Trojan free on my computer. Is it O.K. if I use a-squared also for extra security? Won't this cause conflict and cause my pc to crash? Thanks.

A:Ewido Anti-trojan & a-squared anti....

Perfectly OK.
I ran them both together, for a while, with no problems.

Read other 3 answers
RELEVANCY SCORE 62.8

Logfile of HijackThis v1.99.1Scan saved at 21:25:00, on 09/04/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by TiscaliR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 217.171.184.1:8080O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /ConsumerO4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNCO4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exeO4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exeO4 - HKL... Read more

A:Hijack This Log And Ewido Report

Hello karo,Please download, update and run the free A2 (A squared) anti-trojan If malware is found, click the button "Remove Selected Malware".Save the log file by clicking on "Save HTML-Report". Let it delete whatever it finds. *************************************************** I know you may have anti-virus software, but sometimes its definitions are corrupted due to malware. Online scans are the best resort in this case. Run this pc through theTrend Micro Housecall Online virus scanneror Panda Scan Online virus scanner orBitDefender Free Online Virus Scan Let it delete whatever it finds. If it cannot delete it, then post the log and we will delete it manually.*************************************************** You ran Ewido, but did you run it in the Safe Mode? If not, then please reboot your computer in Safe Mode by doing the following:Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, press F8.Instead of Windows loading as normal, a menu should appearSelect the first option, to run Windows in Safe Mode.Open Ewido by clicking on the Ewido iconClick on scannerClick on Complete System Scan and the scan will begin.NOTE: During some scans with ewido it is finding cases of false positives.**You will need to step through the process of cleaning files one-by-one.If ewido detects a file you KNOW to be legitimate, select none as the action.DO NOT select "Perform action on all infections"... Read more

Read other 2 answers
RELEVANCY SCORE 62.8

Logfile of HijackThis v1.99.0Scan saved at 2:08:18 PM, on 10/12/2005Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Documents and Settings\Desktop\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://home.microsoft.com/search/lobby/search.aspR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.msn.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsoft.com/search/lobby/search.aspR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...er=6&ar=msnhomeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchR0 - HKLM\Software\... Read more

A:New Topic: Hjt Log; Ewido Report

Hi MajorWoody and Welcome to the Bleeping Computer!Please download WebRoot SpySweeper from HERE (It's a 2 week trial):Click the Free Trial link under to "SpySweeper" to download the program.Install it.Once the program is installed, it will open.It will prompt you to update to the latest definitions, click Yes.Once the definitions are installed, click Sweep Now on the left side.Click the Start button.When it's done scanning, click the Next button.Make sure everything has a check next to it, then click the Next button.It will remove all of the items found.Click Session Log in the upper right corner, copy everything in that window.Click the Summary tab and click Finish.Paste the contents of the session log you copied into your next reply.Make sure Ewido is Updated with the latest definitions!Download WinPFind: http://www.bleepingcomputer.com/files/winpfind.phpRight Click the Zip Folder and Select "Extract All"Don't use it yet!Restart in Safe ModeWith all Windows and Browsers Closed-> Scan the entire System with Ewido-> Clean all it finds and be sure to click the tab to Save a ReportFrom the WinPFind folder-> Doubleclick WinPFind.exe and Click "Start Scan"It will scan the entire System, so please be patient!One you see "Scan Complete"-> a log (WinPFind.txt) will be automatically generated in the WinPFind folder!Run MSCONFIG and enable everything in the startup area. To get to MSCONFIG, click on Start -> Ru... Read more

Read other 1 answers
RELEVANCY SCORE 62.8

Hey peeps, i have tried running Ewido anit-malware a couple of times and i have come to the conclusion that it is not giving me a report as normally it should, the program just shuts down after it has scanned my system.

I dont understand what is going on, it is still giving me a "status of program" at the status menu, saying it has found 57 infected objects, but does nothing after i scan. I have read a number of other forums and they all state that it should give a report but i have never had that as it closes after the scan

Anyone know what is going on?
 

Read other answers
RELEVANCY SCORE 62.8

EWIDO KEEPS CATCHING THE SAME TRACKING COOKIES AND IT SAYS THAT HIJACK THIS IS A PROBLEM. MY PC IS RUNNING LIKE CRAP AND MY TASK MANAGER CHANGED. WINFIX/WIN ANTI VIRUS PRO IS BACK TOO. HERE IS A COPY OF HIJACKTHIS REPORT.
Logfile of HijackThis v1.99.1
Scan saved at 8:07:22 PM, on 9/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\spool\driv... Read more

A:Help! Its Got Me Again. Hijackthis Report And Ewido

Read other 16 answers
RELEVANCY SCORE 62.4

Does anyone know of a good anti-virus program (also need anti-spyware) that does all the scans, updates etc. automatically? I'm helping a friend update her computer. She's just learning about things like this, and not too comfortable with the whole process. If it doesn't update automatically, the next best thing would be if it prompts her to scan on a regular basis, update when needed, and is easy to use.

Of course, if possible, a free program would be ideal, but if it does the updating automatically, she's probably better off paying for it, so we're sure it gets done.

Thanks,

Carol
 

Read other answers
RELEVANCY SCORE 62.4

Recently my computer was infected with adware or a virus. My search results through search engines such as Google get redirected to random ad pages. I am unable to use HijackThis, MBAM, or SUPERAntiSpyware to scan my system or create log files. After I install any of the above programs and attempt to scan my computer, the programs simply shut down; when I attempt to re-open the programs I get the following message:

"Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."

This message makes no sense because this is a personal computer, I get the same message when I try to run the programs directly - not using a shortcut. I am also unable to open my Symantec AntiVirus although it is running and it's definitions still update. Furthermore, my Windows Live Messenger shuts down right after I log-in. Safe Mode does not work, although Safe Mode with Networking can be accessed.

I'm able to access everything else on the computer and all other programs work as they should. I've attempted to read other threads to find the solution, but no other problems seem to be quite like mine. Any help is greatly, greatly appreciated, I've tried everything that I know to do.
 

A:Search result redirect, unable to scan with/use anti-spyware

Read other 16 answers
RELEVANCY SCORE 62

I am trying to clean out my computer from the pop-ups that is has been getting. I also get a black explorer page that opens each time I reboot with the word common on the top title bar. I have already run ad-aware and ewido. I am not sure how much of my problem has been solved by these two programs. This is the hijackthis report that I ran afterwards. Can someone please let me know what else I can do to fix any possible problems on my system

Thanks,

Norma

A:Hijackthis Report, Already Ran Adaware And Ewido, What Now?

Sorry, forgot to add the report Logfile of HijackThis v1.99.1Scan saved at 9:07:25 PM, on 8/27/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Apache Group\Apache2\bin\Apache.exeC:\Program Files\DNSexit IP Updater\dnsexit_srv.exeC:\Program Files\Apache Group\Apache2\bin\Apache.exeC:\Program Files\DNSexit IP Updater\DNSexit.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Vongo\VongoService.exeC:\WINDOWS\system32\fxssvc.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\PROGRA~1\McAfee.com\Agent\McAgent.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Windows Media Connect 2\WMCCFG.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\AOL\1151360710\ee\aolsoftware.exeC:\Program Fi... Read more

Read other 2 answers
RELEVANCY SCORE 61.2

Hey!

So for the last week or so I've had a laundry list of spyware symptoms taking over my computer. I hadn't used the computer in a couple days and I woke up one morning to mayhem. I've been able to work out a lot of the problems myself but there are still quite a few pieces I need a hand with.

1. I managed to get HJT to run, but it crashes shortly after the scan is started - so I can't get a log.

2. I've managed to run anti-spyware scans a few times, but most of the infected files cannot be deleted and require a restart. However, upon restart the programs do not run, so I can't get rid of the files. This is my biggest problem.

3. Random IEXPLORER.exe services starting, no visible advertisements, but there is annoying audio playing.

4. Firefox redirects my links to shady advertisemets, and sometimes won't load any basic web address (such as myspace.com). I have to find a backdoor to get to the sites like "myspace.com/blah".

5. I've found ways around it, but my anti-spyware programs all crash either right away at startup, or shortly after the scan begins.

I have tried every online scan I can think of, but they all crash before they complete. AVG won't start scanning if I try more than once. EXE's are being renamed, programs are being blocked. I've gotten Malwarebytes to scan a few times, but again I have problems with the auto-run on reboot that I so desperately need. Spybot has the same problems.

Oh, an... Read more

Read other answers
RELEVANCY SCORE 61.2

Trying to clean up someone's Vista laptop (no sp1). It has Mcafee installed and I ran several spyware removal tools, but it still seems to be infected. Looks like it may have several infections - possibly the pc anti-spyware scam, abebot popup, and system integrity scan wizard popups. Logs below. Any advice on how to fix ? Thanks.Deckard's System Scanner v20071014.68Run by Diane on 2008-04-17 12:45:04Computer is in Normal Mode.---------------------------------------------------------------------------------- Last 5 Restore Point(s) --10: 2008-04-17 14:30:24 UTC - RP148 - Installed Ad-Aware 20079: 2008-04-17 14:00:47 UTC - RP147 - Windows Update8: 2008-04-12 13:15:41 UTC - RP146 - Scheduled Checkpoint7: 2008-04-11 21:20:24 UTC - RP145 - Windows Update6: 2008-04-11 17:02:56 UTC - RP144 - Windows Update-- First Restore Point -- 1: 2008-03-25 17:16:05 UTC - RP139 - Scheduled CheckpointBacked up registry hives.Performed disk cleanup.Percentage of Memory in Use: 77% (more than 75%).Total Physical Memory: 894 MiB (1024 MiB recommended).-- HijackThis (run as Diane.exe) -----------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:53:52 PM, on 4/17/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16643)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Synaptics&... Read more

A:Anti-spyware Scam, Abebot Popup, System Integrity Scan Wizard

Hi andymc

If you still need help, please post a fresh dss main.txt

Read other 1 answers
RELEVANCY SCORE 60

when I run ewido scan it finds several problems says it cant fix them what should I do see attached logs--------------------------------------------------------- ewido security suite - Scan report--------------------------------------------------------- + Created on: 5:57:50 AM, 11/8/2005 + Report-Checksum: 26C24270 + Scan result: HKLM\SOFTWARE\PSGuard.com -> Spyware.PSGuard : Error during cleaning HKLM\SOFTWARE\PSGuard.com\PSGuard -> Spyware.PSGuard : Error during cleaning HKLM\SOFTWARE\PSGuard.com\PSGuard\P.S.Guard -> Spyware.PSGuard : Error during cleaning HKLM\SOFTWARE\PSGuard.com\PSGuard\P.S.Guard\License -> Spyware.PSGuard : Cleaned with backup::Report EndLogfile of HijackThis v1.99.1Scan saved at 6:00:09 AM, on 11/8/2005Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\Kerio\Personal Firewall 4\kpf4ss.ex... Read more

A:Ewido Scan

Welcome topcat43 to Bleeping Computer!Please disable SpybotSD’s protection, as it may hinder the removal of the infection. You can enable it after you're clean.Open Spybot and click on Mode and check Advanced ModeCheck yes to next window.Click on Tools in bottom left hand corner.Click on Resident icon.Uncheck Teatimer box and/or Uncheck Resident.Close Spybot.***Please disable SpywareGuard, as it will stand in the way of us cleaning up:Right click the running icon of Spywareguard, it will open the program.Then go to Menu, file, exit.Then confirm the program is closed.Reverse the process when you’ve carried out the advise.***Please read these instructions carefully. You may want to print them. Copy the text to a Notepad file and save it to your desktop! We will need the file later. Be sure to follow ALL instructions!Please download noahdfear's smitRem.exe?. Save the file to your desktop. Double click on the file to extract it to it's own folder on the desktop.***Launch ewido, there should be an icon on your desktop double-click it.The program will now go to the main screenYou will need to update ewido to the latest definition files.On the left hand side of the main screen click updateClick on StartThe update will start and a progress bar will show the updates being installed.Once the updates are installed, close Ewido for now.*** If you have not already installed Ad-Aware SE 1.06, please download and install AdAware SE 1.06.Check Here on how setup and us... Read more

Read other 5 answers
RELEVANCY SCORE 59.2

I have posted my HJT scan before and it was clean, but when I do an Ewido scan, even after deleting the cookies, it comes right back. Currently, system restore is turned off. Might this be the cause? Should I reboot after disinfecting an then turn it on?
Thanks for the help!

 

A:Ewido Scan: 815 cookies????

IE - Block Third party cookies
1. Click on the Tools button on the Internet Explorer tool bar.
2. Highlight and click on Internet options at the bottom of the Tools menu.
3. Select the Privacy Tab of the Internet Options menu.
4. Select the Advanced... button at the bottom of the screen.
5. Select override automatic cookie handling button.
6. To block third party cookies select block under "Third-party cookies".
7. Select "always allow session cookies".
8. Click on the OK button at the bottom of the screen.
===============
In firefox - TOOLS - OPTIONS - PRIVACY - COOKIES - Check originating site only
 

Read other 2 answers
RELEVANCY SCORE 59.2

I originally posted the problem with the browser going to a different web page than the address typed. I installed Ewido & followed the instructions from the other post. The problem is that when Ewido gets to 80% complete, the computer restarts with no scan log. Any ideas?

Thanks
 

A:ewido scan shuts down

speedy333 said:

I originally posted the problem with the browser going to a different web page than the address typed. I installed Ewido & followed the instructions from the other post. The problem is that when Ewido gets to 80% complete, the computer restarts with no scan log. Any ideas?

ThanksClick to expand...
A good idea would be to post back to the same thread with the original problem.

Closing this one. I would merge it into the other one, but our merge feature is not currently working.
 

Read other 1 answers
RELEVANCY SCORE 59.2

Help, I recently asked you for assistance on my own personal PC. My mothers PC, seems to be acting in the same manner mine was.
I have ran a PC scan in safe mode with Ewido trial version, and a new hijack log on her Dell Dimension Desktop and here are those two logs.
I appreciate this help very much.

Patiently waiting.

Scott

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:53:00 PM, 2/21/2006
+ Report-Checksum: EC30AA0D

+ Scan result:

C:\Documents and Settings\Nana\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Nana\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Nana\Cookies\[email protected][1].txt -> TrackingCookie.Euroclick : Cleaned with backup
D:\System Volume Information\_restore{F875A298-9EAF-44F0-A099-60BA3E813C38}\RP27\A0009088.exe -> Adware.180Solutions : Cleaned with backup
D:\System Volume Information\_restore{F875A298-9EAF-44F0-A099-60BA3E813C38}\RP27\A0009089.dll -> Adware.Agent : Cleaned with backup
D:\Documents and Settings\Nana\Cookies\[email protected][1].txt -> TrackingCookie.Statcounter : Cleaned with backup
D:\Documents and Settings\Nana\Cookies\[email protected][1].txt -> TrackingCookie.Zedo : Cleaned with backup
D:\Documents and Settings\Nana\Cookies\[email protected][1].t... Read more

A:Ewido Ran, then Hijack scan now what?

Read other 6 answers
RELEVANCY SCORE 59.2

Hi! This forum has helped me before and I'm sorry to say that I need assistance again. Computer freezes up for 10-30 seconds randomly, and McAfee VirusScan keeps getting disabled.

I already did the canned fix at the top of the forum for Smitfraud, etc. but still haven't gotten rid of it. Prior to the canned fix I ran Ewido, Microsoft AntiSpyware, Spybot, Adaware, and McAfee Virus Scan - all with the latest update.

HJT and Ewido logs:

Logfile of HijackThis v1.99.1
Scan saved at 9:02:50 PM, on 9/25/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\Program Files\Support.com\bin\tgcmd.exe
C:\Program Files\Adaptec\Easy CD ... Read more

A:Help! HJT and Ewido scan included

Read other 14 answers
RELEVANCY SCORE 58.8

hey ppl
any1 use this software?
I have used 4 3 days, seems to work but i always find multi infections on daily scan & i mean always?????

A:Ewido Anti Malware

Ewido is an excellent product and is recommended by many security experts as part of your anti-spyware toolkit. By "multi infections on daily scan" do you mean Ewido is finding/cleaning malware files or just lots of tracking cookies?

Read other 4 answers
RELEVANCY SCORE 58.8

Is this Ok now?

Logfile of HijackThis v1.99.1
Scan saved at 6:56:47 PM, on 1/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\BenQ\QMusic2\QMAgent.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\Pro... Read more

A:Hijack log and Ewido scan result

Hi and welcome.

You need to reply back to this thread instead of creating a new one. I'd merge, but the site appears to be having problems right now.

http://forums.techguy.org/security/430387-hijackthis-log-help.html
 

Read other 1 answers
RELEVANCY SCORE 58.8

The Computer is getting slow suddenly, can u guys please help me to check the log if there are any problems to be fixed. thanks

Logfile of HijackThis v1.99.1
Scan saved at 11:40:14 PM, on 7/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\WINDOWS\system32\TpShocks... Read more

A:Hijackthis log and log from Ewido and Panda Scan

Read other 6 answers
RELEVANCY SCORE 58.4

Windows XP English
I have a reoccuring problem. When I cold boot I get the following Trojan detected by ewido anti spy ware.

Nilage.apx this is located in System Volume info and System32.dms.dll

Prior to this I also ran AVG anti virus at this time there were no viruses detected. However, I had problems detected in the past. This was when I cold booted.

For about two weeks I have not cold booted the system.

I started to save messages in the “AVG virus vault” since the 12th, January.

The file in AVG virus vault can not be copied, or I do not know how to do it: they are below.
So I believe,that there is a file in the cold start program that adds the Trojan horse to activate if I go online.

AVG firus vault info:
Filename - Partial Path - Discovery

jbhook.dll - Windows\system32 - Trojan horsePSW.Generic2.TLV
A0053194.exe – System Volume Information\_restore{7… - Trojan horse Back Door.Agent.DEO

A0053251.exe – System Volume Information\_restore{7… - Trojan horse PSW.Generic2.TLV

A0053204.exe – System Volume Information\_restore{7… - Trojan horse PSW.Generic2.ACBM

A0053236.exe – System Volume Information\_restore{7… - Trojan horse PSW.Generic2ACBM

A0053238.exe – System Volume Information\_restore{7… - Trojan horse PSW.Generic2ACBM

A0053245.exe – System Volume Information\_restore{7… - Trojan horse PSW.Generic... Read more

Read other answers
RELEVANCY SCORE 58

anybody know why this would happen ?

first i did an ewido scan in safe mode, and then in normal mode:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:31:41 PM 9/23/2006

+ Scan result:

Nothing found.
::Report end

there was actually 3 infections though in the above scan, don't know why it said 0,

and now normal mode:

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:00:45 PM 9/23/2006

+ Scan result:

:mozilla.10:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oq7cdmrj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.13:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oq7cdmrj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.14:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oq7cdmrj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.15:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oq7cdmrj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.16:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\oq7cdmrj.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles... Read more

Read other answers
RELEVANCY SCORE 58

Here are all the logs that were needed
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 5:18:47 PM, 10/11/2005
+ Report-Checksum: FF012805

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{357A87ED-3E5D-437d-B334-DEB7EB4982A3} -> Trojan.Agent.eo : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject -> Spyware.FizzleBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject\ CLSID -> Spyware.FizzleBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject\ CurVer -> Spyware.FizzleBar : Cleaned with backup
HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject. 1 -> Spyware.FizzleBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} -> Spyware.Azsearch : Cleaned with backup
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup
HKU\S-1-5-21-79386089-878341568-3753858856-1003\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup
HK... Read more

A:My Hijack this, active scan, and ewido logs

Read other 7 answers
RELEVANCY SCORE 57.6

Installation of Ewido Security Suite began about 9:00 PM, April 13th, 2005I made two screenshots and posted to a thread requesting opinions about AV products.http://www.bleepingcomputer.com/forums/Ant...ce-t15687.html#9:16:30 I set the updating into motion, as the first launch informed me I had NO definitions "onboard"."Attackers do not mind if you have the lastest definitions are not.  To be protected against this threat most efficiently, you are highly recommended to run the online update at least once a week"

as stated in this screen, which is the security suite console initial window<--click to view9:25:00 I was rebooted ready to scan.all functions & configurations are presently available<--click to view It took me several more minutes to decide what I wanted to do with the full functioning menu.Which ended up being very little for the moment other than scan using the database of over 100,000 definitions.9:30:00 scan began.each file being scanned is rapidly displayed at the bottom to the screen<--click to viewAs I expected, the scan boosts the CPU use to 100%.That's OK, I can minimize the GUI window (which is pleasant to view, and clean. You can watch progress, too.)I can also conduct other "chores", such as capture screenshots and use wordpad while I wait with liitle sluggishness).this shows the task manager details while scan is running<--click to viewChecking the processes tab in the task manager utility r... Read more

A:Ewido program for anti-virus protection

Looks like it found your bitdefender quarantined files. Suprises bitdefender quarantines the files that way though.

Read other 1 answers
RELEVANCY SCORE 57.6

When i do and Ewido Anti-Malware scan it picks up 47 infections and heals none of them.

Here is my log

Logfile of HijackThis v1.99.1
Scan saved at 15:43:22, on 22/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireles... Read more

A:Ewido Anti-Malware picks up 47 and fixes none! :o

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to Subscribe to this thread (Thread Tools) so that you are notified when you receive a reply.

Please be patient with me during this time.

Read other 7 answers
RELEVANCY SCORE 57.6

Problem is big and it came suddenly after working very well. My machine froze after boot and didn't reboot at all. I did chkdsk which helped me to get to windows again (repaired some system32 files) but it tilts still. Everytime I run ewido it stops at that memory process. Here is my hijackthislog: I think there are more problems too

Thanks in advance!

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 22:58:12, on 31.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
F:\program files\powerstrip\pstrip.exe
F:\program files\steam\steam.exe
f:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
F:\Filut\Softat\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO:... Read more

A:XP help: Ewido scan tilts at Memory Process: VM_00FE0000

The only one who didn't get a reply :/
 

Read other 1 answers