Over 1 million tech questions and answers.

HiJackThis Trend Micro Found 04 & 017 Issues-Please Help Remove Issues

Q: HiJackThis Trend Micro Found 04 & 017 Issues-Please Help Remove Issues

HiJackThis Trend Micro Found 04 & 017 Issues-Please Help Remove Issues

Cant remove, issues reappear often, cannot get into Google.com or known sights that would be obviously safe to surf within them such as foxnews.com and other pages take forever to load or do not load at all, just plain old frustrating, java is messed and files temp downloaded from Java cannot be deleted when performing a disk cleanup, along with ipod/ ishuffle and all Apple software no longer working, so I cannot use iTunes to load songs on to them etc and I had issues deleting AVG7/ Grisoft but I finally did it via Hijack this, using OneCare which is awful, Windows XP Home SP3, I have two logs to post or forward but I was advised not to post the logs before someone asks me to, please let me know ASAP, I believe I have a serious infection, so much so that my hotmail account was hijacked a month ago so I had to change my password and the person used to send medical spam emails to many comcast.com subscribers and God only knows if he/she has stolen any of my personal and confidential information. Also bytes received are so much larger than bytes sent example rcvd 5 million (5,000,000) sent 4 hundred thousand (400,000). Please advise, I am unsure if I can give you my hotmail account via this posting or the log files pertaining to the exact issues for I am new on this site. Also if I have posted in the wrong location please help me post in the proper location. Thanks in advance.

RELEVANCY SCORE 200
Preferred Solution: HiJackThis Trend Micro Found 04 & 017 Issues-Please Help Remove Issues

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: HiJackThis Trend Micro Found 04 & 017 Issues-Please Help Remove Issues

Please go here....Preparation Guide ,do steps 6 - 9.Create a DDS log and post it in the new topic from step 9.If Gmer won't run,skip it and move on.Let me know if that went well.

Read other 5 answers
RELEVANCY SCORE 97.2

I have a Dell E310 with windows XP. I use Trend Micro House call as my virus scanner. It's probably been a little over a month since my last scan... so this is all recently found things on the computer. Nothing more than a month. When I run just the basic critical scan or whatever its called, the fast scan, it says there are 5 viruses and 1 suspicious threat. 1st virus says:File name: explorer. exeFile Path: C:\WINDOWS\explorer.exeThreat: PE_PATCHEP.AType: VirusRisk: 3 red barsAction: Fix2nd Virus says:File name: services.exeFile Path: C:\WINDOWS\system32\services.exeThreat: PE_PATCHEP.AType: VirusRisk: 3 red barsAction: Fix3rd Virus says: File name: Not sure if it's Isass.exe or lsass.exe I think its the 2nd.File path: C:\WINDOWS\system32\lsass.exeThreat: PE_PATCHEP.AType: VirusRisk: 3 red barsAction: Fix4th Virus says: Filename: svchost.exeFile Patch: C:\WINDOWS\system32\svchost.exeThreat: PE_PATCHEP.AType: VirusRisk: 3 red barsAction: Fix5th Virus says:Filename: winlogon.exeFile path: C:\WINDOWS\system32\winlogon.exeThreat: PE_PATCHEP.AType: VirusRisk: 3 red barsAction: Fix1 suspicious file says: Filename: MSDNNA~1.DLLFile Path: C:\WINDOWS\system32\msdNnaern.dll Threat: TROJ_Gen.XZ30D3Type: GenericRisk: 2 red barsAction: ignoreNow everytime I try to do the recommened things for this... it says that 4 files will be removed on restart and 2 files need to be backed up before they can ... Read more

A:Trend Micro Housecall found virus that I can't remove...

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

Read other 2 answers
RELEVANCY SCORE 95.6

Ok, Hope someone can tell me what's up as I am baffled. I have recently installed the trial version of trend micro internet security to my computer. I found that it was just lagging and generally not working right, so I went to uninstall it, by removing it from the add/remove control panel. Well, now it doesn't show up in the add/remove control panel, (as I uninstalled it there) but it is still somehow existing on my system, and I can't get it off. Every time I try, it won't let me, even when I go to the programs folder and try to manually delete it. Ok, so I have given up the fact that I am now stuck with this junk, and the stupid thing won't even update. It keeps giving me an error saying it won't let me connect to the internet. This is ridiculous. Any suggestions here? Ben
 

A:Trend micro issues

here is there site for help.
http://esupport.trendmicro.com/supp...wRFIncident&RFID=RF_CON_TS_UNINSTALLATION_1_1
 

Read other 1 answers
RELEVANCY SCORE 94.4

Hello,

Over the past year or so I have noticed a major slow down in the operation of my laptop, ex. programs taking longer to open or respond, programs freezing, random pop-ups and system crashing. I recently installed a free version of Trend Micro Internet Security and preformed a full system scan. The scan revealed that my computer is infected with a few Trojans, 3 TROJ_Generic.ADV and a DEADLINK_NOVIRUS. Ever since the install and scan my laptop has increasingly gotten worse as far as the afore mentioned problems. I regularly run CCleaner on and O&O Defrag but still have not noticed any improvement. I tried to follow some cleaning instructions online but could not make them work for my issue. Any advice is greatly appreciated; please let me know if any additional information is needed.

Thanks in advance!
HJT Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:51 PM, on 3/23/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Ryan\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\U... Read more

A:Trend Micro and Trojan issues

bump
 

Read other 1 answers
RELEVANCY SCORE 94.4

My AVG free program will not update after re-start as it usually does. Also, Clean Up hangs and trend micro won't load. I get a blank screen after clicking on the scan icon. Could you have a look at my HJT log?

Logfile of HijackThis v1.99.1
Scan saved at 9:12:54 PM, on 2/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe
C:\Program Files\Common Files\AOL\1124337897\ee\AOLHostManager.exe
C:\Program Files\... Read more

A:AVG/Trend Micro and Clean_Up Issues

I reccommend you Subscribe to this thread so you are notified of any replies via email. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

There isn't much showing in your log, so we'll try a general cleaning and see what turns up.

If you have not yet tried running Cleanup! in Safe Mode, please run it where I have recommended it. If it hangs reboot into Safe Mode and continue with the instructions. If you have already tried it in Safe Mode and it still hangs, you may skip it.

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions.

Downloads(make sure to save these in a permanent location)

You will need to update Ewido to the latest definition files. Double-click the icon on Desktop to launch Ewido.On the left hand side of the main screen click update.
Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.

Next, please reboot your computer in SafeMode by doing the following:Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear
Select the first option, to run Windows in Safe Mode.

Tools
Open Cleanup! b... Read more

Read other 4 answers
RELEVANCY SCORE 92.4

I have an HP Pavillion with Vista. I have had Trend Micro Internet Security for many years and love it. I've had no issues until now when it wanted me to upgrade to the new 2009/2010 version. After the install, I cannot get my firewall to turn on. Using both Trend Micro or Windows firewall.
Also - When I try to open Trend Micro it takes FOREVER to open.
Has anyone seen this before?

Read other answers
RELEVANCY SCORE 92.4

Within a day or two of installing Trend Micro Titanium 2012 my computer wont open up any programs.Not shore if its a trend issue or setting changed and need assistance.windows 7 OS
when I open up a program it comes up with
" no application is assosiated with the specified file"or
"This file does not have a program assosated with it for performing this action instal a program or if one is already installed create an assoiation in the default program control.
followed the prompts in default prgram and setup default for eg Internet explorer but it would not open.
i cant open up or do system restore ,get into regedit.
Not shore where to go.Can some one assist

I have had issues with Trend in previous version.

A:windows 7 / Trend Micro Titanium 2012 issues

NOTE: I have severe eye problems. If I do not respond to your postings, please PM another staff member for assistance.

Trend is normally a very well-behaved program. But with a virus on the system (as your description suggests), it can turn into a nightmare while it tries to fight an already entrenched infection.

I'd suggest using one of these free tools to scan and see if the system is infected (this is NOT a fix and it won't remove everything).


Quote:




Also, please run one of these free, independent online malware scans to ensure that your current protection hasn't been compromised: Free Online AntiMalware Resources (read the details at the link)
There are also free, bootable antivirus disks at this link: Free Online AntiMalware Resources - Bootable Disks




If so, please post over in the Security Forums for assistance: NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

Read other 1 answers
RELEVANCY SCORE 80.4

Has anyone tested it out or heard anything about it?
 

A:Trend Micro Web Security and Trend Micro Kids Safety for Playstation 3 and PSP

I've got it, I don't really use it though, Do you want it, it's better than Norton, but it brings in a lot of scammers, so we had to get a new credit card.
 

Read other 1 answers
RELEVANCY SCORE 79.6

I install the Trend Micro RUBotted app and a week ago starts telling BOT Found, it tells you to go to HouseCall to fix this but when I tried its not working, remains in the screen Update/Install forever.
Tried System Cleaner (also from Tren Micro) and it shows a BKDR_Generic in muvee Technologies directory, I suppose it was removed but the RUBotted still telling BOT Found.
Tried NoAdware5 and tell that a Troyan (sorry, dont remember name) for long distance calls was found but I need to by the license to remove it.
PLEASE HELP ME!!!
DDS (Ver_09-05-14.01) - NTFSx86
Run by Federico at 17:05:23.77 on 13/05/2009
Internet Explorer: 8.0.6001.18702
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.52.3082.18.1014.239 [GMT -5:00]

AV: Prodigy Antivirus *On-access scanning enabled* (Updated) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}
SP: Prodigy Antivirus *enabled* (Updated) {FE6602D3-1E71-4EBB-B4E3-D1C9CBDAF0A1}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\SYSTEM32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\PskSvc.exe
C:\Program Files\Prodigy Antivirus\Prodigy Antivirus\pavsrvx8... Read more

A:Trend Micro RUBotted telling Bot Found

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_Sca... Read more

Read other 12 answers
RELEVANCY SCORE 79.6

My trendmicro reports this "GRAY_gen.8X2133" but is not able to remove it and when I search my computer for it(including system and hidden files), I can't find it. It's been reporting this file every time it scans, but originally it was "GRAY_sml.8X2133". At not sure at what point the name changed.

Also I found on my computer a directory
C:\f628256df53218a3ee7457522dda0a with the two files
mrt.exe._p
mrtstub.exe

I am an experienced computer user but lacking in the skills to diagnos this. I ran hijackthis and am submitting the log files. Any help would be appreciated.
I ran the DDS scan and have attached the result files

A:Trend micro found GRAY_GEN.8X2133

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 79.6

Hello. My pc was randomly making "boot" noises, running very slow with constant freezes even after disk cleanup,defrag, running AVG,Spybot,MalwareBytes. I also attempted to do a system restore but, it came back not able to restore. I ran Trend Micro Rootkit buster and it found 2 hidden files that appear in several places. I am running XP. I have NO idea what to do now.I am very slow with computers so please have patience with me. Thank you
Lynn

A:Trend Micro Rootkitbuster found hooks. How to rid of them now?

Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity CenterWindows UpdatePress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Fin... Read more

Read other 8 answers
RELEVANCY SCORE 79.6

Hi, I don't know how I got infected, I run AVG and it updates automatically every day. I scanned 6 days ago so something happened since then. My computer is infected with four variations: JAVA_BYTEVER.AQ, JAVA_BYTEVER.S, JAVA_BYTEVER.C, JAVA_BYTEVER.A.

After reading other threads here, I uninstalled old versions of Java, and installed the newest. I cleared all my temp files and installed HijackThis. Hope someone can help me figure it out. Here is the logfile:

Logfile of HijackThis v1.99.1
Scan saved at 2:44:58 AM, on 7/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\htpatch.exe
C:\WINDOWS\system32\sistray.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\System32\khooker.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
C:\Program Files\Common Files\Mediafour\MACVNTFY.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\Argentum Back... Read more

A:Trend Micro scan found JAVA_BYTEVER.??

Hi and welcome to TSG,

Download the trial version of Ewido Anti-spyware from HERE and save that file to your desktop. When the trial period expires it becomes freeware with reduced functions but still worth keeping.


Once you have downloaded Ewido Anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.
Once the setup is complete you will need run Ewido and update the definition files.
On the main screen select the icon "Update" then select the "Update now" link.
Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
Once in the Settings screen click on "Recommended actions" and then select "Quarantine"
Under "Reports"
Select "Automatically generate report after every scan"
Un-Select "Only if threats were found"

Close Ewido Anti-spyware, Do NOT run a scan yet. We will do that later in safe mode.

Reboot your computer into Safe Mode now. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode then hit enter.
IMPORTANT: Do not open any other windows or programs while Ewido is scanning as it may interfere with the scanning process:
Launch Ewido Anti-spyware by double-clicki... Read more

Read other 1 answers
RELEVANCY SCORE 79.6

I have read in previous posts to delete the uncleanable viruses found with the trend micro.
Trend Micro found 7 infected files that were uncleanable but some are in my c:\windows\system32 folder
the files are
0021-bdl94126.EXE (Troj Revop A)
CS4P028.exe (Troj Small Go)
silent.exe (Troj Stilen A)
CktK.exe (BKDR Sandbox A)
EqmZ6P.exe (BKDR Sandbox A)
also the others are located in
C:\recycler
File is named S-1-5-21-2052111302-2111687655-1343024091-500 (Troj Stilen A)
I went to properties and it says 2 files
the other that is in there isn't infected is full of stuff
Last one is in C:\Program Files\lycos\IEagent\Loader.exe (Troj Small Go)

I just want to make sure it's ok that I delete these. I really don't wanna screw my computer up..

one more quick thing..everytime i shut down my computer it's always ending a task it says its explorer.exe.. does anyone know why it's doing that?

Thanks,
LeesaWeesa
heres my hijack this log in case u need it
Logfile of HijackThis v1.97.7
Scan saved at 1:31:07 AM, on 5/2/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\NO... Read more

A:Trojan viruses found with Trend Micro

Read other 6 answers
RELEVANCY SCORE 79.2

Probably not the right place but I know there are the best folks in here so...........

Have a Toshiba A200 laptop running Vista SP2 32bit with a Core duo 2.0Ghz 2Gb RAM (DDR2 667Mhz) and an 80GB HDD.

Now the friend wanted me to get the email put right but on stating this machine I found it incredibly slow ie waiting for a Google page for a minute! I have replaced the RAM to 2GB (originally1GB) and removed a lot of Apple software her kids had on it and am working through Shawn's speed up tut. Plus downloaded SP1 and so many Windows updates it isn't funny any more.

Now the machine is running at a reasonable / acceptable rate.

However try as I may I cannot get rid of the Trend Micro I have got it out of Programs and Features, done a Revo and even in desperation tried deleting the regedit for it but that will not respond. I know it is still there because it pops up a renewal notice on every boot

I have Comodo free and MBAM set up for her a she tells me she hasn't renewed the Tend for two years and has just been running "blind" but I feel that getting rid of that wretched Trend will make a lot of difference to the boot.

So can anyone please help me as I don't now quite what to do

A:Cannot remove Trend Micro

Uninstalling Trend Micro program using the Diagnostic Toolkit

Read other 5 answers
RELEVANCY SCORE 79.2

Hi,

I've been having a lot of issues with my laptop from about a month after I got it- Christmas one year ago. A tech guy advised that I remove my school antivirus - Trend Micro- because it may not be updating properly or something like that.
I tried removing it once and it asked for a password which I didn't have, but now know. I then tried to delete all the files from C-Program Filesx86- Trend Micro- Officescan Client and it didn't work properly. I dont know if that now means I have half the files and destroyed the software or if its fully functioning.
I tried removing Trend through the add/remove programs of windows but it crashed this time- saying it couldn't find the uninstall information, not giving me an opportunity to use the password.
Then I downloaded the uninstaller from the Trend website, making sure it was for the right system and everything and it did nothing- tried that twice.

I don't know what to do now because I can't think of any other ways to get rid of the software.

Thanks,

Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft Windows 7 Home Premium , Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz, Intel64 Family 6 Model 30 Stepping 5
Processor Count: 8
RAM: 4019 Mb
Graphics Card: ATI Mobility Radeon HD 5730, -2048 Mb
Hard Drives: C: Total - 152619 MB, Free - 61348 MB; D: Total - 437854 MB, Free - 340947 MB;
Motherboard: ASUSTeK Computer Inc., K42JA, 1.0, NB-1234567890
... Read more

A:Can't remove Trend Micro

Read other 6 answers
RELEVANCY SCORE 78.8

I've lately been having probelms with Gmail and Yahoo mail, whenever i tried to log into my accounts, the window would show a "invalid certificate" message. I tried changing the date on my computer but that wasnt the problem either. I looked on an earlier post that said that using Trend Micro HijackThis i could get rid of it, but i dont know what to fix!!! Somebody please help! Here's the log that i got:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:35:19 PM, on 1/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\program files\support.com\client\bin\tgcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Java\jre6\bin\jusche... Read more

A:Trend Micro HijackThis Help!!!

Hi Welcome to TSG!!

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

With malware infections being as they are today, it's strongly recommended to have the Windows Recovery Console pre-installed on your machine before doing any malware removal.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
Go to Microsoft's website => http://support.microsoft.com/kb/310994

Select the download that's appropriate for your Operating System


Download the file & save it as it's originally named.
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

Please note once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall.

Drag the setup package onto ComboFix.exe and drop it.

Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.

At the next prompt, click 'Yes' to run the full ComboFix scan.

When the tool is finished, it ... Read more

Read other 1 answers
RELEVANCY SCORE 78.8

I downloaded the zip file and tried to run the program but I get this error, can anyone tell me what it wants? I have not run a Hijack log on my computer for sometime and wanted to run a test and see if everything is OK

Here is the error when I try to launch the program

This application has failed to start because MSVBVM60.DLL was not found. Re-installing the application may fix this problem
 

A:Trend Micro HijackThis 2.02

You need the version 6 V-Basic runtimes. You'll need these for a lot of other programs, too.

You can get the version 6 runtimes here:

http://www.microsoft.com/downloads/...61-7A9C-43E7-9117-F673077FFB3C&displaylang=en

For older programs, you may need 5 or even 4, but you may as well wait until you need them because you may never need them.
 

Read other 2 answers
RELEVANCY SCORE 78.8

Hi, I just have an error every time I am trying to search something my Google Chrome says this !

"Our systems have detected unusual traffic from your computer network. This page checks to see if it's really you sending the requests, and not a robot. Why did this happen?"

So I Ran scan on "HiJackThis" applications, and its says to post on this forum, so someone can help me.
Can someone help me please?
Thank you

This is what came out after scan
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:14:57 AM, on 4/6/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:&#... Read more

A:Trend Micro Hijackthis,Need help!

Hello and Welcome to Bleeping Computer!!My name is Gringo and I'll be glad to help you with your computer problems. I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE:... Read more

Read other 48 answers
RELEVANCY SCORE 78.8

PLease help! my log is on the attachment!the computer starts up and opens My documents but the desktop does not start up.None of the programs seem to be working properly except HiJackthis. I can access the internetbut that is about it. I dont know what I should fix on my HiJackthis scan.

A:My Trend Micro Hijackthis! log

Hello Please do The following.It may be helpful for you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Please download DeFogger to your desktop.Double click DeFogger to run the tool. The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKIMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.Do not re-enable these drivers until otherwise instructed.:run combofix:Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully Please continue as follows:Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Click Yes to allow ComboFix to continue scanning for malware.When the tool is finished, it will produce a report for you. Please include the report in your next post:C:\ComboFix.txt"information and logs"In your next post I need the following Log From Combofixlet me know of any problems you may have hadHow is the computer doing now?Gringo

Read other 9 answers
RELEVANCY SCORE 78.8

Hello

I have just downloaded this program, scanned my computer & I was adviced to post the log file & follow your instructions.

A:Trend Micro Hijackthis

Hello skytech,

I apologise for the delay, the forum is too busy.

If you still need help, post a new HijackThis log, and describe any problems you have.

Please post it normally and not as an attachment.

Read other 2 answers
RELEVANCY SCORE 78.8

Please help me fix what ever issue my computer is having thanks Logfile of Trend Micro HijackThis v2.0.2Scan saved at 21:09:25, on 7/9/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\RunDLL32.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\ctfmon.exeC:\CFusion\cfam\program\ccmgr.exeC:\CFusion\cfam\Program\dfp.exeC:\CFusion\Bin\cfserver.exeC:\CFusion\cfam\Program\wsm.exeC:\CFusion\cfam\Program\wsprobe.exeC:\CFusion\Bin\cfexec.exeC:\CFusion\Bin\cfrdsservice.exeC:\CFusion\JRun\bin\JRun.exeC:\CFusion\jrun\bin\jrun.exeC:\CFusion\jre\bin\ntConsoleJav... Read more

A:Trend Micro HijackThis

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions... Read more

Read other 2 answers
RELEVANCY SCORE 78.8

Hi there, I'm Lacey. Please bare with me, I'm new to this site. I need help on removing the "Quick Defrag" virus. I was told to go to a forum if I needed help using the Hijackthis program. I ran the program and now it is telling me to check different areas. The problem is, I don't know what to check and get rid of. Can anyone help me on this? Are there any other areas I should go to? Please help ASAP!Edit: Moved topic from Vista to the more appropriate forum. ~ Animal

A:'Hijackthis" Trend Micro Help

HijackThis isn't needed just yet, and may not be at all. Take a look here first: Remove Quick Defragmenter (Uninstall Guide)

Read other 1 answers
RELEVANCY SCORE 78.8

For the last few days to a week I haven't been able to use internet explorer or update avira. I recently had the av security center virus and I believe that it may have changed some of my settings with these programs. Any help you could give me with this log file would be much appreciated.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 11:08:33 AM, on 6/23/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Avira\AntiVir Desktop\sched.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\RTHDCPL.EXEC:\HP\KBD\KBD.EXEC:\Program Files\HP\HP Software Update\HPWuSchd2.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\HP DigitalMedia Archive\DMAScheduler.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\DivX\DivX Update\DivXUpdate.exeC:\Progr... Read more

A:Trend Micro HijackThis log

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions... Read more

Read other 3 answers
RELEVANCY SCORE 78.8

i am not sure if i have a virus or not could someone who is familiar with trend hijack logs review this for me thank you very much in adavanc....
 hijackthis.log   10.49KB
  2 downloads

A:Trend Micro HijackThis log

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/428309 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 3 answers
RELEVANCY SCORE 78.8

i've been getting linked to ad sites whenever i click on google search links

here is my log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:32:52 PM, on 8/7/2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
C:\Program... Read more

A:Trend Micro HijackThis v2.0.2 log

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 3 answers
RELEVANCY SCORE 78.4

About every day, TrendMicro core protection module on my laptop pops up and says it has found a trojan.  It is always located in the same place (Program Files/TrendMicro/Office Scan Client/).  Sometimes it deletes the file, and sometimes it is unable to delete.  The funny thing is that I have AVG Free Edition 2013 installed and have scanned the computer many times, but it is unable to find anything.  Same with MalwareBytes.  The only thing that is catching it is TrendMicro.  The only effects I have seen from the virus are the desktop background resets to blank, and the file extentions and hidden files are visible.  I can reset them and they will normally stay until I reboot, then it goes back to the way it was.  Please help.  Thank you for reading

A:Trend Micro Core Protection found trojan

Sorry if I posted in the wrong forum.  I probably should have posted this in the malware removal section

Read other 2 answers
RELEVANCY SCORE 78.4

I have a Windows XP SP 2 with Trend Micro client/server security agent installed on my computer. The real time monitor is showing 1 infected file Antvrsinstall[1].exe. I then do a full scan found nothing. I ran anti-malware and found nothing. Here's the log file for hijackthis. Please advice thanks.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:58:12 PM, on 11/23/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exeC:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe... Read more

A:Trend Micro found an infected file Antvrsinstall[1].exe

Hi, drunkducki Welcome.Please read and follow all these instructions very carefully. Please download Malwarebytes' Anti-Malware from Here.Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.=====================================================================Please download ComboFix from Here or Here to your Desktop.**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**Please, never rename Combofix unless instructed.Close any ... Read more

Read other 4 answers
RELEVANCY SCORE 78.4

Get Reports of Trojan Generic.ADV by Trend Micro Internet security all the time I use the program and cleans but it cokmes back. What to do?

Thanks

Johannes

A:Found Trojan Generic.adv With Trend Micro, But Wont Go Away

Hello and welcome. Is this an XP machine and have youbtried running the scan from safe mode?How to start Windows in Safe Mode

Read other 1 answers
RELEVANCY SCORE 78.4

This post is the same problem as http://www.bleepingcomputer.com/forums/ind...mp;hl=TROJ_TDSSI did the following as requested in the post mentioned above:We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.My results from the scan are attached (Attach.txt and DDS.txt)The DDS.txt can be seen below:DDS (Ver_09-03-16.01) - NTFSx86 Run by Administrator at 16:23:13.50 on Mon 16/03/2009Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_12Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.503.105 [GMT 11:00]FW: Trend Micro Client-Server Security Agent Firewall *disabled*============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Borland\INTERB~1\bin\ibguard.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG ... Read more

A:Trend Micro cannot remove TROJ_TDDS.DB...

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any scri... Read more

Read other 2 answers
RELEVANCY SCORE 78.4

In the last few weeks, I started getting a pop-up window telling me that my subscription to Trend Micro Antivirus software was expiring. This window pops-up during start-up, then another smaller window pops-up saying it is downloading something from the 'Solution Center'. I can get the pop-ups to stop by clicking on the cancel button, but I have to do this at least 3 times, and sometimes it starts-up again and I have to cancel another 3 times. Since I have never knowingly downloaded this package, I suspect this is malware. This slows-down my start-up time. Since having this problem, when I first turn the computer on each day, I get a blinking screen with only an old-style underbar, that seems to stay that way until I push the return key, then normal start-up occurs until I connect to the internet, when I get the Trend Micro Virus pop-up.

Once I get rid of the origianl pop-up window each session, the computer appears to work normally until the next session.

Update - After poking around this site, I realized that Trend Micro might be a valid company, and noticed that they had a link on how to uninstall the offending software. Apparently, this was the anti-virus software that came with my computer, and I was able to turn it off and remove it using conventional methods. Sorry for the trouble.

A:Trying to remove Trend Micro Antivirus pop-ups

I have moved this topic from HijackThis Logs and Malware Removal, into the Antivirus, Firewall and Privacy Forum. Since you seem to have resolved your issue I will close this topic for now. If you have a need to have it reopened, just pm a moderator and they will be glad to asist you and reopen for you, clarke.

Read other 1 answers
RELEVANCY SCORE 78

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:47:50 PM, on 1/27/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:H:\WINDOWS\System32\smss.exeH:\WINDOWS\system32\winlogon.exeH:\WINDOWS\system32\services.exeH:\WINDOWS\system32\lsass.exeH:\WINDOWS\system32\svchost.exeH:\WINDOWS\System32\svchost.exeH:\WINDOWS\system32\svchost.exeH:\Program Files\AVG\AVG9\avgchsvx.exeH:\Program Files\AVG\AVG9\avgrsx.exeH:\Program Files\AVG\AVG9\avgcsrvx.exeH:\Program Files\Lavasoft\Ad-Aware\aawservice.exeH:\WINDOWS\system32\spoolsv.exeH:\WINDOWS\Explorer.EXEH:\Program Files\ACNielsen\Homescan Internet Transporter\HSTrans.exeH:\WINDOWS\system32\hkcmd.exeH:\Program Files\USB Disk Win98 Driver\Res.EXEH:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeH:\Program Files\Analog Devices\Core\smax4pnp.exeH:\Program Files\AVG\AVG9\avgwdsvc.exeH:\Program Files\Bonjour\mDNSResponder.exeH:\PROGRA~1\AVG\AVG9\avgtray.exeH:\Program Files\Java\jre6\bin\jqs.exeH:\Program Files\iTunes\iTunesHe... Read more

A:Logfile of Trend Micro HijackThis v2.0.2

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No inp... Read more

Read other 2 answers
RELEVANCY SCORE 78

Whenever I go to Google there are suspicious "sponsered links" on the left side of the page(and on ebay too)but there are also the real sponsered links on the right side of googleI think I may have a virus,spyware,ect. on my computer please help here is the Logfile of Trend Micro HijackThis v2.0.2Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:01:18 PM, on 2/28/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Sygate\SPF\smc.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\system32\CTsvcCDA.EXEC:\WINDOWS\system32\crypserv.exeC:\Program Files\Common Files\Motive\McciCMService.exec:\PROGRA~1\mcafee.com\vso\mcvs... Read more

A:Logfile Of Trend Micro Hijackthis V2.0.2

Hello rossw75,Welcome to the BleepingComputer Forums. Since it has been a few days, please post a new HijackThis log. Thank you for your patience.

Read other 2 answers
RELEVANCY SCORE 78

i scand my pc with hijak this, please varify my status, thank you Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2.30.36, on 07/01/2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Programmi\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Programmi\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Programmi\Windows Defender\MSASCui.exeC:\PROGRA~1\AVG\AVG8\avgtray.exeC:\Programmi\ATI Technologies\ATI.ACE\Core-Static\MOM.EXEC:\Programmi\Nortek\Sphera WL Wireless combo set\StartAutorun.exeC:\WINDOWS\system32\ctfmon.exeC:\Programmi\Nortek\Sphera WL Wireless combo set\KMWDSrv.exeC:\Documents and Settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exeC:\Programmi\Nortek\Sphera WL Wireless combo set\KMConfig.exeC... Read more

A:Logfile of Trend Micro HijackThis

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

Read other 2 answers
RELEVANCY SCORE 78

Hi i have read previous posts and it suggested to run hijackthis and post the log and here it is....please help



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:42:52 PM, on 2/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Norton PC Checkup\CHECKUP.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\defrag.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microso... Read more

A:Trend Micro Hijackthis LOG please review

Hi, Welcome to TSG!!

What kind of problems are you having?
 

Read other 1 answers
RELEVANCY SCORE 78

Hello everyone. could you look at this log and tell if anything looks out of wack? these are the ones that worries me O4 - HKLM\..\Run: [ftutil2] "rundll32.exe" ftutil2.dll,SetWriteCacheModeO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllthank you for all the help C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Java\jre1.6.0_01\bin\jusched.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper.exeC:\Program Files\Trend Micro\Antivirus\tmproxy.exeC:\Program Files\Trend Micro\Antivirus\Tmntsrv.exeC:\Program Files\Trend Micro\Antivirus\PCClient.EXEC:\Program Files\Trend Micro\Antivirus\PCCGUIDE.EXEC:\Program Files\Trend Micro\Antivirus\TMOAgent.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Documents and Settings\Compaq_Owner\Desktop\Tools\HiJackThis_v2.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\Program Files�... Read more

A:Logfile Of Trend Micro Hijackthis

Hi,Nothing to worry about here..O4 - HKLM\..\Run: [ftutil2] "rundll32.exe" ftutil2.dll,SetWriteCacheModeO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllBoth are legitimate files:ftutil2.dll: http://www.castlecops.com/s13590-ftutil2_dll.htmlbrowseui.dll: http://www.liutilities.com/products/wintas...brary/browseui/You may check and fix this entry in HijackThis:O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://games.pogo.com/online2/pogo/bejewel...aploader_v6.cab

Read other 2 answers
RELEVANCY SCORE 78

i'm an italian studenti don't know how to solve this problemi've got to many process and my computer is going to explode, i want to say a special thank to who can help mep.s. and sorry for my englishthis is the logfile:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 18.22.22, on 28/06/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Programmi\Alwil Software\Avast4\aswUpdSv.exeC:\Programmi\Lavasoft\Ad-Aware\AAWService.exeC:\Programmi\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\Programmi\Java\jre6\bin\jqs.exeC:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\o2flash.exeC:\WINDOWS\system32\IoctlSvc.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Programmi\Alwil Software\Avast4\ashMaiSv.exeC:\Programmi\Alwil Software\Avast4\ashWebSv.exeC:\... Read more

A:Log file of Trend Micro HijackThis

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 78

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:45:30, on 2010-04-18
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Razer\Arctosa\razerhid.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explor... Read more

Read other answers
RELEVANCY SCORE 78

Hi guys! new at HijackThis, can anyone give me a hand to identify what will require fixing??Thanks! Sam.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:57:19 PM, on 5/19/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\cisvc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exeC:\Program Files\lotus\notes\ntmulti.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\WINDOWS\System32\snmp.exeC:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exeC:\WINDOWS ... Read more

A:Logfile of Trend Micro HijackThis v2.0.2

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_Sca... Read more

Read other 2 answers
RELEVANCY SCORE 78

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:36:02, on 20.06.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\FSC OSD Utility\OSDUtility.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,S... Read more

Read other answers
RELEVANCY SCORE 78

attached is the post-scan logfile: any suggestions re. items to fix?Edit: Moved topic from XP to the more appropriate forum. ~ Animal

A:Trend Micro HiJackThis logfile

Hello and welcome to Bleeping Computer ! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.F... Read more

Read other 2 answers
RELEVANCY SCORE 78

Logfile of Trend Micro HijackThis v2.0.2


Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\Option\Telenor Mobilt Bredband\Telenor Mobilt Bredband.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\conime.exe
C:\Program Files\Spotify\spotify.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMS... Read more

A:From the Trend Micro HijackThis logfile.

Hello and welcome to TSF.

If you suspect your system may be infected, we want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

Read other 1 answers
RELEVANCY SCORE 78

Hi, this is the logfile and this is the problem i am having. Heres the link to the problem. http://www.bleepingcomputer.com/forums/t/103880/annoying-taskbar-icons/Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:56:03 PM, on 8/12/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16473)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\PnkBstrA.exec:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\MSN Messenger\msnmsgr.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Mozilla Firefox\firefox.exeC:... Read more

A:Logfile Of Trend Micro Hijackthis V2.0.2

Welcome to the BleepingComputer HijackThis Logs and Analysis forum Armin? My name is Richie and i'll be helping you to fix your problems.Download SmitfraudFix (by S!Ri),to your desktop.Reboot your computer into SAFE MODE using the F8 method. To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".Double click on Smitfraudfix.cmdSelect #2 and hit Enter to delete the infected files.You will be prompted: 'Do you want to clean the registry?' answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): 'Replace infected file ?' answer Y (yes) and hit Enter to restore a clean file.A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt Post the smitfraudfix report into your next reply.---------------------------------------------------------------Download Combofix and save to your desktop:Note: It is important that it is saved directly to your desktop Close any open browsers. Double click on combofix.exe and follow the prompts. When it's finished it will produce a log. P... Read more

Read other 17 answers
RELEVANCY SCORE 78

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:26:33 μμ, on 12/2/2014Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: Normal Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Documents and Settings\All Users\Application Data\IePluginService\PluginService.exeC:\Documents and Settings\All Users\Application Data\WPM\wprotectmanager.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Application Updater\ApplicationUpdater.exeC:\WINDOWS\system32\cisvc.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\WINDOWS\System32\snmp.exeC:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exeC:\WINDOWS\system32\svchost.exeC:\Documents and Settings\vas\Local Settings\Application Data\Torch\Update\TorchCrashHandler.exeC:\Program Files\albrechto\updatealbrechto.exeC:\Program Files\albrechto\bin\utilalbrechto.exeC:\WINDOWS\System32\dmadmin.exeC:\WINDOWS\system32\mqsvc.exeC:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exeC:\Program Files\Co... Read more

A:Logfile of Trend Micro HijackThis v2.0.2

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.  HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware. Please explain your problem.

Read other 2 answers
RELEVANCY SCORE 78

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:56:48 AM, on 9/9/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\fxssvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
H:\HBCD\WinTools\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communicatio... Read more

Read other answers
RELEVANCY SCORE 78

Sis-in-laws computer has some issues....

Please see attachment.
 hijackthis.log   9.14KB
  3 downloads

Any help is appreciated!

A:Logfile of Trend Micro HijackThis

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

Read other 3 answers
RELEVANCY SCORE 78

Hi Everyone,This is my first post at bleepingcomputer.com and I'd like to ask your help in analyzing the hijackthis system scan result of my PC as follows:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:20:10 AM, on 9/14/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\Program Files\Alwil Software\Avast5\AvastSvc.exeC:\WINDOWS\system32\netdde.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\ALWILS~1\Avast5\avastUI.exeC:\Program Files\Lavasoft\Ad-Aware\AAWTray.exeC:\Program Files\Unlocker\UnlockerAssistant.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\AirVideoServer\AirVideoServer.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exeC:\Program Files\Linksys Wireless-G USB Wireless Network Monitor&... Read more

A:Logfile of Trend Micro HijackThis v2.0.2

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the ... Read more

Read other 2 answers