Over 1 million tech questions and answers.

DDS scan and GMER scan log files.

Q: DDS scan and GMER scan log files.

Good afternoon,

I have been experencing really low internet speeds on my computer. I have ran many tools such as HiJack this, ComboFix, AVG (Including rootkit) and Malwarebytes. Several of these tools found things here and there which seemed to have been removed.

I have set my computer up to dual boot WIN XP/WIN 7. I only experience the low speeds while using Win 7 which seems to make me thing that something is taking the majority of my bandwidth usage.

Could any take a look at my logs and see if there is anything going on before I decide to reinstall the os.

P.S I have also included my HijackThis log file.

Thanks in advance!

RELEVANCY SCORE 200
Preferred Solution: DDS scan and GMER scan log files.

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: DDS scan and GMER scan log files.

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===This process looks suspicious.C:\Users\James\Desktop\Security Tools\mb9soxkz.exeDo you know what it is?Did you installed this driver or do you know which application needs it.R1 enport;enport;c:\windows\system32\drivers\enport.sysIt may be valid but I cannot find sufficient information on it.===Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofixLink 1Link 2* IMPORTANT !!! Save ComboFix.exe to your DesktopIMPORTANT....1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Do not install any other programs until this if fixed.How to : Disable Anti-virus and Firewall...http://www.bleepingcomputer.com/forums/topic114351.htmlDouble click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt Note:Do not mouse click ComboFix's window while it's running. That may cause it to stallNote: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html===Third party programs if not up to date can be the cause infiltration of an infection.Please run this security check for my review.Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.===Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.Please post the logs for my review.

Read other 2 answers
RELEVANCY SCORE 99.2

Below are Bazooka scanner, dds and gmer scan results. Exe files are not working properly. Any executable I open immediately asks for a file to open the program. I can run some programs by browsing for the executable again but does not work for everything. Some programs won't work or install. here is my latest scan results using bazooka / dds / and gmer.BAZOOKA SCAN--------------------------------------------------------------------------------------------------------------------------------********************************************************************************************************************************************Result when scanning:SystemDir.explorer 545.505.000 %SystemDir%\explorer.exeC:\Windows\system32\\explorer.exehttp://www.kephyr.com/spywarescanner/library/systemdir.explorer/index.phtmlSystemDir.regedit 544.500.000 %SystemDir%\regedit.exeC:\Windows\system32\\regedit.exehttp://www.kephyr.com/spywarescanner/library/systemdir.regedit/index.phtml********************************************************************************************************************************************DDS SCAN------------------------------------------------------------------------------------------------------------------------------------********************************************************************************************************************************************.DDS (Ver_2011-06-23.01) - NTFSAMD64 Internet Ex... Read more

A:Virus - Bazooka Scan / DDS scan / GMER scan - %#^#%^#

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this post fresh dds logs, please.

Read other 2 answers
RELEVANCY SCORE 86

Hello, first thing, I am extremely new to this. This is my first time consulting personal online help.

I was hit by a string of fake security/anti-virus scams, or "scareware". Among them were "Desktop Security 2010" and "Program Compability Assistant". There was one more before Desktop Security 2010, but I forget the name and can't find it in my search history either, but I believe Malwarebytes took care of that and Desktop Security 2010.
Program Compability Assistant on the other hand, is still around, but not to a full extent which I will explain later. This thing disallows me to open any video files, claiming that I'm missing codecs and directs me to a presumed fake scam website.
Program Compability Assistant, note the spelling error, I discovered to be a recently new scareware as my searches for it on google kept insisting I had a spelling error of the legit program Program Compatibility Assistant and the ppl experiencing the same thing all posted about it in May. I've been continuously updating Malwarebytes, hoping to take care of it, but to no avail.
I then foolishly followed a guide for another person dealing w/ Program Compability Assistant (I regret this so much. I was unaware of the dangers of following someone else's problems and guides as outlined in this forum). hxxp://www.nucia.eu/forum/showthread.php?t=57431
I translated it and followed it and now, although I do not get a pop-up of Program Compability Assistant, there are st... Read more

A:Fake Anti-Viruses -> Can't Open Video Files (comp restarts during GMER scan)

Howdy there and welcome to TSF Forums

I'm Steve and I will be helping you throughout this fix.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. It is IMPORTANT that you don't miss a step. Please perform everything in the correct order/sequence.

Vista users please make sure you all run commands with administrator rights (right click icon - run as administrator)

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription

Please note that the forum is very busy and if I don't hear from you within three days from this initial posting then the thread will be closed.

Download this version of GMER Rootkit Scanner from here to your desktop. It will be a randomly named executable.
Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed.
Do not use your computer for anything else during the scan.
Double click the exe file.
The program will begin to run, and perform an initial scan. If possible rootkit activity is found, you will be asked if you would like to perform a full scan. Click No.

In any case, after the initial scan is complete, click on the Save button, and save the ... Read more

Read other 19 answers
RELEVANCY SCORE 85.2

My GMER anti-rootkit scan resulted in the following message 'GMER has found system modification caused by ROOTKIT activity'. How do I address/correct this problem? It is not specific.
 

Read other answers
RELEVANCY SCORE 82

I have been having an issue with Symantec Leaving my logs full with scan Omissions 99% of which are compressed. After doing considerable research I find symantec gives a nice list of possabilities and things to look into. Personally none of these fixed my issue, but it may yours. If Anyone has any Ideas to add to Symantec's offical list of reasons for scan omissions please do.---------------------------------------------The following is From Symantec @ http://service1.symantec.com/SUPPORT/ent-s...002073015235648Event ID 6Solution:This event is typically encountered when any of the following occurs: You scan a compressed file that contains a password-protected file. The decomposer engine cannot provide the password required to gain access to the file, so it will be omitted during a scan. You scan files that have been locked for access by the operating system and access cannot be released to the scanner because the file is in use. You scan files that are recursively compressed to a depth that is more than the scan engine is set to scan. By default, the scan engine is set to scan a maximum depth of three levels (for example, a zip file contained within a zip file contained within another zip file). You scan files with LH7 compression, which is not a supported format. These compressed files commonly have an .lzh extension, and they are omitted by the scan. You scan files that are in use by another user. This is most commonly seen when you scan user directories and shared folders... Read more

Read other answers
RELEVANCY SCORE 81.2

Ok after I scanned with super antispy software and removed everything, I started getting bad image file errors with .dlls popping on anything opened and on startup. I cant get DDS to run it just pops up a command prompt and never does anything. So I will attach the gmer txt and post my HJT log here.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 951 PM, on 12/3/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELServic... Read more

A:bad image files after scan with a super anti scan

bump please.

Read other 4 answers
RELEVANCY SCORE 81.2

Greetings,

My McAfee Real-Time Scan will not remain enabled. When I try to run either Quick Scan or Full Scan, an error message comes up, telling me to return to the McAfee Internet Security Home and to try to run the scan again.

I have followed their instructions for re-enabling the Real-Time Scan to the best of my abilities, by trying to restart the McShield Service, and by running the oas-disabled-fix.cmd utility that they instructed me to download. The oas-disabled-fix.cmd utility will not run.

I have contacted McAfee and they have told me that it is a problem with Windows Update. I have contacted Microsoft and told them that as well, but they seem to be trying to rule out any other possible cause, than what McAfee says is the actual cause of the problem, thereby dragging this out even longer.

Microsoft is supposed to be getting back to me again tomorrow, but any other help would be appreciated.

Thank you for your time.

Read other answers
RELEVANCY SCORE 78.4

Almost every time I do quick scan and got nothing and I think it is good. However, I just read online, it says that when quick scan does not find anything then you do deep scan. It confuses me, since it means I should do deep scan all the time. ?
 

A:quick scan vs deep scan/full scan ( antivirus )

the 1000$ question is
which anti-virus
ON windows defender and malwarebytes and many others only a quick scan is necessary
The converse of what you have read is usually the case eg. You do a quick scan and only if that finds something should you then need to follow it with a full scan
For instance a threat scan on Malwarebytes paid for edition or the scan on the free version will scan up to 99% of the system
A full scan also scans the system restore points and other unusual places to detect, or at least try to detect, all possible traces of infection.
As I said it depends on the AV and to some extent the OS which I presume is not Windows 2000 as indeed commented on by my colleague Cookiegal in another of your topics
Also, it appears you're running Windows 7 and if you don't still have your Windows 2000 computer you should visit your profile and change that information so that it's current which makes it easier to help you in some casesClick to expand...
 

Read other 13 answers
RELEVANCY SCORE 77.6

this is my first putting this on here. sorry if i get it wrong

DDS.txt

i have not access to a windows install disc or a boot CD

A:i did a GMER scan

Hello pezzer,

I appreciate the gmer log, but I also need the logs produced by dds.scr. Please run that tool again and post the dds.txt, and attach the Attach.txt it produces.

Would you also please provide a description of the problems you are having?

Read other 1 answers
RELEVANCY SCORE 77.6

How long should the GMER scan take?

I am going to post on my browser being hijacked etc. and have done the other two scans (hijackthis, dds) but when I went to do the GMER scan it took literally hours and hours and hours.

I am wondering if I did it right (more than a raw beginner, but not understanding most of this). After clicking "No" to the first GMER full scan request I ended up with a list of places to be scanned on the right. I made sure only "C" was checked, and that IAT/EAT was NOT checked.

And many hours later it was done with some end messages saying there were some things it could not do. But I could not copy the results because after hours and hours on my computer sometimes loses the ability to do certain things. (I had it uplugged from my DLS line to try to keep anything else from sneaking in while it was working.)

Could I have done something wrong?

I will try it again today, but my computer also checks out periodically so I have to fiddle with it to get back to the screen to see how the scan is progressing.

Your help is appreciated.

Anyway we sue the guys who do this? This browser hijacking thing gets by the security I have on two computers and this is the third time. (I had them in the shop for it previously.)
 

Read other answers
RELEVANCY SCORE 77.6

Hiya I have some problems and I was working through the new instructions page trying to get the log and stuff and have tried to scan with dmer and every time it scans for about 3 secs and then my laptop restarts. What do I do to try and stop this happening and what does it mean for my laptop :S

Thanks

Oh and here is the dds scan thing..



DDS (Ver_10-03-17.01) - NTFSx86
Run by Goldfish1000 at 18:45:49.40 on 01/10/2010
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_17
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.44.1033.18.2038.1006 [GMT 1:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Progra... Read more

A:GMER won't scan

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------


Quote:




C:\Users\GOLDFI~1\AppData\Local\Temp\4i9ls7aa.tmp\dds.scr




Please note that tools are best Run from the Desktop. Save to the Desktop and then Run from the Desktop.

Easier to find and perform specialized functions which may be required. Thanks.

------------------------------------------------------

It appears you didn't attach the second dds log, Attach.txt, to your initial post. I need to see it in order to help you.

------------------------------------------------------Please download Rootkit Unhooker and save it to your desktop.
Right-click RKUnhookerLE.exe and choose 'Run as administator'.
Click the Report tab, then click Scan
Check Drivers and Stealth Code, Files, and Code Hooks
Uncheck the rest, then click OK
When prompted to Select Disks for Scan, make sure C:\ is checked and click OK
Wait till the scanner has finished then go File > Save Report
Save the report somewhere you can find it. Click Close then Yes
Copy the entire contents of the report and paste it in your next... Read more

Read other 17 answers
RELEVANCY SCORE 77.6

This is the first time I have used your website - it comes highly recommended to me. I have tried to follow your Guide for Malware Removal but each time I get to the step of completing a GMER scan it stops before I can save it to file labeled ark.txt. I have run the scan 3 times - each time taking several hours to run the scan - but then it restarts the computer before I can save it. I had run a malware program prior to trying your sight and it told me I had 2 Trojan Agents.1. C:\WINDOWS\cpnprt2.cid2. C:\WINDOWS/system32\cpnprt2.cidI was reluctant to allow the first malware program to delete these files because they looked important to me. Someone suggested I contact you and you would be able to help me.Thank youGinny

A:GMER scan

Hello,Don't worry about the GMER log for now. Please post the DDS logs as a reply. I will then merge them into your initial post and remove my reply so your topic doesn't get lost.Orange Blossom

Read other 2 answers
RELEVANCY SCORE 77.6

GMER 1.0.14.14536 - http://www.gmer.netRootkit scan 2008-06-24 17:00:45Windows 5.1.2600 Service Pack 3---- User code sections - GMER 1.0.14 ----.text C:\Program Files\Internet Explorer\iexplore.exe[532] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 42F0F301 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[532] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 430A1667 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[532] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 430A15E8 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[532] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 430A162C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[532] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 430A1574 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation).text C:\Program Files\Internet Explorer\iexplore.exe[532] USER32.dll!MessageBoxExA 7E45085C 5 Bytes ... Read more

Read other answers
RELEVANCY SCORE 76.8

I'm trying to help a friend, even less technical than I am, with her Acer Aspire laptop which seems to have been infected with something ugly. She uses IE, and Funmood sets itself as browser, home page, and she gets stackoverflow in line 864 messages. I've used Chrome to begin the process outlined here to get help. I've obtained and saved the files requested, down to scanning with GMER. How long should that take? I unchecked IAT/EAT, and clicked scan. It's been running for a very long time, exactly how long, I'm not sure. I think it's starting over when it gets to the end. Is that possible? I didn't understand when it said to close all pages but "this one." So I've tried closing the browser, and leaving only the page from which that scanner was downloaded. It doesn't seem to make a difference.

Thanks for help. (imagine your gray haired grandma here)
 

A:question re GMER scan

It shouldn't take that long and may have frozen. Closing all other windows means not to have anything else open in your browser when running GMER.

But for now, leave GMER aside and please post the DDS logs.
 

Read other 3 answers
RELEVANCY SCORE 76.8

unable to generate a Gmer scan report, due to BSOD, everytime i scan using either avg/m-bam/Gmer BSOD occur*have no clue how to post the actual error of the BSOD*Page_fault_non_paged_area<usual BSOD message>***stop:(0x00000050C)(0XFFFFF7F8)(0X00000000)(0X80543E9D)(0X00000000)<usual BSOD message>DDS DDS (Ver_10-03-17.01) - NTFSx86 Run by pcx_15 at 22:51:51.53 on Mon 06/07/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.360 [GMT 8:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}AV: avast! antivirus 4.7.1043 [VPS 000774-7] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exesvchost.exeC:\Program Files\AVG\AVG9\avgcsrvx.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\WINDOWS\Explorer.EXEC:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exeC:\WINDOWS\system32\nvraidservice.exeC:\Program Files\DivX ... Read more

A:BSOD at AV/Gmer/m-bam scan

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

Read other 1 answers
RELEVANCY SCORE 76.8

I was told to post the complete log of the GMER scan. It is attached. What's the next step I need to take?Many thanks in advance.

A:Results of GMER scan... What now?

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 22 answers
RELEVANCY SCORE 76.8

Occasional redirects, occasional trojans found by AVG - other than that computer is running fine.Couldn't complete gmer scan - blue screen and reboot about 30 min in. Happened during both attempts, other than that no random resets to my knowledge. I've included a hijack this log as well.Thanks for any help you might be able to provideddsDDS (Ver_10-03-17.01) - NTFSx86 Run by Lucinda at 8:24:56.18 on Tue 06/01/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.334 [GMT -7:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exec:\program files\idt\wdm\STacSV.exesvchost.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeC:\WINDOWS\system32\IoctlSvc.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\WINDOWS\system32\HPZipm12.exeC:&#... Read more

A:Gmer can't complete scan

Hi,ComboFix shouldn't be run if not requested to do so. Post contents of c:\ComboFix.txt log. Also, post contents of attach.txt log of DDS.

Read other 6 answers
RELEVANCY SCORE 76.8

I do not suspect there to be any rootkits on my laptop but decided to perform a scan just to be sure.

I downloaded GMER as a randomly named file, the program opens and I begin the scan. It usually continues for about five or so minutes before I receive a message telling me that the program has stopped working and only gives me an option to end the process.

I understand this isn't much to work with, so if there is any other information I can provide please ask.

Thanks in advance.

A:Cannot Run A Full Scan Of GMER

Try running GMER in safe mode.-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning[/color][/i].

Read other 5 answers
RELEVANCY SCORE 76.8

I'm cleaning up a computer as I do quite often.
This one started because the computer was being sluggish and the sounds are coming out slowly and broken up.
I ran Anti Malwarebytes as usual and removed a few parasites (that's what I call all of them).
I ran CCleaner cleanup tools.
I ran HiJackThis! and removed unecessary stuff.
I fixed the sound problem by removing the device and letting it reinstall. But after a reboot, the sound problem reappeared.
So for whatever reason I decided maybe a rootkit or other hard thing to remove....
I downloaded DDS, GMER and ComboFix as I do in this situation.
DDS started but would not run - pretty much froze up the computer except the mouse cursor.
GMER started but would not run - ditto
ComboFix starts but stops after saying this should take 10 minutes or more.
Not on normal mode. Not in Safe Mode.
I've not seen this problem before....

I ran a collection of Root Kit programs: McAfee, Sophos, RootKitRevealer, RootRepeal, etc. I didn't find anything that seemed compelling. And, none of these tools seemed to be able to *do* anything but generate a list!! Bummer (or maybe not, eh?).
So, I'm still unsure if thiss machine has a parasite remaining but I'm concerned because all those tools don't run.
And, I still have to fix the sound problem.

Thanks

A:DDS, GMER, ComboFix don't scan

Heelo, please repost this here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.Run and post an OTL log.1. Please download OTL from one of the following mirrors: This is THE Mirror
2. Save it to your desktop.
3. Double click on the icon on your desktop.
4. Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
5. Push the Quick Scan button.
6. Two reports will open, copy and paste them in a reply here: OTL.txt <-- Will be opened Extra.txt <-- Will be minimizedLet me know if that went well.

Read other 2 answers
RELEVANCY SCORE 76.8

While trying to perform the prep work for asking help I keep getting quick blue screen errors and restarts. Only once have I seen the blue screen error and it lasted long enough to read it (unplugged power to restart) but I did not copy the information down nor do I remember it. The blue screen error appeared at least once during the scanning of a folder called quarantine (5 hours in) and at least once during what appeared to be a temporary internet file for flash websites (half an hour in).

I'm currently having problems with Google search links redirecting, no sound for flash and the audio from various commericals that i cannot see and does not appear that I have openned. (Only mentioning these as it might help with solving the problem of this topic)

Here is the DDS:

.
DDS (Ver_2011-06-02.03) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by Freeter Otaku at 10:38:15 on 2011-06-09
.
============== Running Processes ===============
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\OpenManage\Client\ActionAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\DMI\WIN32\bin\DellDmi.exe
C:\Program Files\Dell\OpenManage\Client\EventAgt.exe
C:\Program Files\Dell\OpenManage\Client\DLT.exe
C:\Program Files\Dell\OpenManage&... Read more

A:Gmer Scan Error

HiPlease run the following:Scan With RootKitUnHookerPlease Download Rootkit Unhooker and save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers and StealthUncheck the rest. then click OKWhen prompted to Select Disks for Scan, make sure C:\ is checked and click OKWait till the scanner has finished and then click File > Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in your next reply.Note** you may get the following warning, just click OK and continue."Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?"

Read other 24 answers
RELEVANCY SCORE 76.8

I do not know what to make of the attached jpeg that summarizes the findings of a GMER scan. Machine is running Win 7 x64 Ultimate with Comodo Firewall and ESET. Adobe Acrobat Reader is not present on the machine. No other AV saw this thing, if it even is a "thing".Any opinions much appreciated.New to the forum,--GeneAKA "Starless"Well let's try a second time with getting the GMER scan attachment to go.--Starless
 Gmer Scan.JPG   55.09KB
  9 downloadsMerged posts. ~ OB

A:Interesting GMER Scan--what is it?

Well it might have been something after all, because my MBR got shredded and I could no longer pass an SFC/SCANNOW integrity check. Glad I had a clean week-old back up image. And glad that I image my drivse with two different brands of software, because the Acronis restore failed, and the Paragon did not.It's a jungle out there folks.Best,--Starless

Read other 2 answers
RELEVANCY SCORE 76.8

Hi...I'm new to this forum and am looking for some assistance. I have a redirect trojan virus and I've been following the steps of your preparation guide to post the logs here. I got to the GMER scan and every time I run the scan, it shuts down my computer before finishing. The folder it is scanning when it shuts down is C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5. The strange thing is that when I look for that folder on my computer, it isn't there and I have "show hidden files" checked. Can you help me with this? I have Windows XP. Thank you.This is my DDS Scan:DDS (Ver_10-10-10.03) - NTFSx86 Run by HP_Owner at 15:23:35.73 on Tue 10/12/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.348 [GMT -4:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\WINDOWS\System32\svchost.exe -k AkamaiC:\Program Files\A... Read more

A:Unable to run GMER Scan

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The ... Read more

Read other 15 answers
RELEVANCY SCORE 76.8

I followed all of the instructions for the Prep Guide & when I run the Gmer program I immediately get an error message that says "c:\windows\system32\config\system: the system cannot find the file specified." And all of the options arent available to scan. In fact, the only options checked are "Services, Registry, Files C:, and ADS". Where do I go from here in order to get the program to scan the area's needed to get a complete scan log?

A:Problem with Gmer Scan

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.Thanks and again sorry for the delay.Are you running Windows 7?Gmer won't run on this format, at the moment rootkits are not making inroads into this operating system. Instead run the follwoing programsDownload OTL to your desktop.Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.When the window appears, underneath Output at the top change it to Minimal Output.Under the Standard Registry box change it to All.Check the boxes beside LOP Check and Purity Check.Click the Run Scan button. Do not change any settings unless oth... Read more

Read other 23 answers
RELEVANCY SCORE 76.8

I have a WIN7 Home Premium computer that might have a rootkit infection. I have run malwarebytes and AdwCleaner, which found some things that i had the SW fix. However, when I tried to run GMER, the program stopped before finshing. I am still having pop ads. So I am still concerned that something bad is going on. Would appreciate any help in systematically diagnosing and fixing this problem. I await any instructions on tools to run and logs to post back. I really like to concept of your site to help walk people through the process of virus removal. I hope to learn the basics of keeping my computer protected. Right now I only use Microsoft essentials, MalwareBytes, AdwCleaner.and GMER. I never had a problem with GMER before so suspect something is wrong.
Wildham  
 
OK I forgot to post the DDS log
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17344  BrowserJavaVersion: 10.55.2
Run by Tom at 15:52:23 on 2014-11-10
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3839.1834 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Pro... Read more

A:PopUp ads and can't run GMER scan

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/555596 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 2 answers
RELEVANCY SCORE 76.8

I have a new HP Pavillion dv7 with 4gb Ram, i7 820 dual core & 1280gb of memory and its does not run well.

I started the Malware tutorial and got to the gmer.exe scan when it said it could not complete the scan. When i hit the scan button agfain the whole computer crashed to a blue screen. I started the computer again and ran the scan again and it did the same but it shut down the scan window by itself straight away.

Where do i go from here?

Also i am running Kaspersky 2010 for virus.

A:gmer.exe scan crashed?

Hello Timesaver78.Please try the gmer scan again. This time, however, please uncheck the box marked Devices in addition to the other boxes you were asked to uncheck earlier.Let me know if that doesn't work.~Blade

Read other 4 answers
RELEVANCY SCORE 76.8

When I performed the GMER scan of my system (in safemode), the scan took over 24 hours. Is this normal?
I have 149 GBs of stuff on my computer.
A McAfee Scan takes about 2 hours.

Thanks,
~Honokeman

A:How long does a GMER scan normally take?

GMER scans vary highly in the amount of time they take to run. While a scan time as long as yours is uncommon, it's not unheard of. Often you can reduce the amount of time the scan takes by ensuring that only your system drive (usually C:\ ) is being scanned, and by unchecking "IAT/EAT" in the scan options.

Hope that helps,

~Blade

Read other 5 answers
RELEVANCY SCORE 76.8

Hello, I am a new member here. I was wondering if anyone can help me out. My computer has been running slow for a while. Recently it takes 30-40 min. to load Explorer after startup. I did DDS scans, however during Gmer scan blue screen opens with a message:KERNEL_STACK_INPAGE_ERROR technical info:*** STOP: 0x00000077 (0x00000002, 0x00000000, 0x00000000, 0x074A9000)Here is a DDS log:DDS (Ver_10-03-17.01) - NTFSx86 Run by Peter at 15:30:48.13 on Wed 06/09/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.255.46 [GMT -5:00]AV: avast! antivirus 4.8.1368 [VPS 100609-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\Ahead\InCD\InCDsrv.exesvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exeC:\Program Files\Ahead\InCD\InCD.exeC:\Program Files\HP\hpcoretech\hpcmpmgr.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PI... Read more

A:Can not perform GMER scan

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you let... Read more

Read other 35 answers
RELEVANCY SCORE 76.8

How long does it typically take for the gmer scan to do its thing? I'm going on an hour now and no end in sight. I followed the instructions except where it said to un check drivers, I saw none except local C.

Read other answers
RELEVANCY SCORE 76.8

What is the typical duration for a Gmer scan? Coming up on 24 hrs here. Running in safe mode in XP.

A:Gmer scan duration

That is too long. Try rerunning the scan with the Devices box unchecked.

Read other 3 answers
RELEVANCY SCORE 76

Hello,I was asked to "speed up" an older laptop for a friend. After exhausting my knowledge without solving the problem, I turned to the internet for assistance and thankfully found Bleepingcomputer. My initial post was here, and after several scans I have been referred to this forum. In short, at the outset the computer was extremely slow, definitely suffering from the presence of System Tool as well as a google redirect. My independent efforts, using tools such as Spybot S&D, CCleaner, MBAM, SAS, and Hitman Pro removed several types of malware though also suggested the presence of a rootkit.At present, the computer seemingly functions normally, though Hitman Pro continues to report the following error: "Proxy server on this computer (User) 127.0.0.1:23012" It reports this error twice in each scan, and is able to repair it, however the finding reappears after any restart.The requested logs are pasted and attached below. The only variance from the preparation guide protocol is that GMER was run without unchecking the IAT/EAT box, I can certainly repeat that scan if needed. Thanks so much for your help in advance.DDS.txt:DDS (Ver_10-12-12.02) - NTFSx86 Run by Lisa Pastel at 22:35:01.00 on Tue 12/14/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2550.1938 [GMT -5:00]AV: avast! Internet Security *Enabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}FW: avast! Internet Security *Enabled*... Read more

A:rootkit activity per GMER scan

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for post... Read more

Read other 36 answers
RELEVANCY SCORE 76

Hi I hope I am posting this in the right forum. I am in the process of running a GMER scan on my other computer which is infected with the Google Redirect Virus. The problem is, the scan has been going on for well over 22 hours now and my screen has gone black and I am only able to see the mouse pointer (it has been like this for many hours). Is this normal? If not, how do I fix this? I can't see anything so I am assuming I would have to do a force shut down. Thanks in advance.
 

Read other answers
RELEVANCY SCORE 76

Pls. find aqttached the GMER scan log. Need to now delete the files to start working.

A:HOW TO REMOVE MALWARE after GMER SCAN

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator&#... Read more

Read other 3 answers
RELEVANCY SCORE 76

hi thank you for your help.
the scan shows system modification...The second problem is that when I run
a cracked software it create a "alg.exe" here C:\Program Files\Common Files\alg.exe which i think is 100% "i dont know".SO I deletet the cracked software and the "alg.exe". NOW the system modification from rootkit activity
is the big problem ......WHAT can i DO.???


thank you

A:Gmer Scan->sys modification by ROOTKITactivity

Hello and welcome to TSF, folli!

I recommend that you read this article?
"NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help"; follow the instructions very carefully; then, post all the requested logs and information; as instructed, in the Virus/Trojan/Spyware Help section of the forum.
(Simply, click on the coloured links to be re-directed.)

Please ensure that you create a new thread in the Virus/Trojan/Spyware Help Forum; not back here in this one.

When carrying out The Malware Removal Steps, if you cannot complete any of them for whatever reason, just continue on with the next one until they are all completed.
However,it is extremely important to make mention of the fact that you could not complete any of the steps in your post to the Virus/Trojan/Spyware Help Forum; where an Analyst will assist you with other workarounds.

Once done, please be patient, as the Security Team Analysts are usually very busy; one of them will answer your request as soon as they can.

After your system has been verified as clean, if your are still experiencing those problems come back here and I will assist you further.

Read other 4 answers
RELEVANCY SCORE 76

i have scanned with gmer rootkit scan and saved the logfile in my documents as a txt file. i don't know how to read it, so that i can see that i don't have a rootkit detected by gmer.
i don't know how to post the log, or even if i am allowed to.
could someone here please help me hopefully through the process of posting, and reviewing the log. any info will be permanently archived in a folder with the programme accompanied by a large collection of anti-malware tools i have accumulated.
thanks.

Mod Edit~ This topic has been moved to the "Am I Infected forum." This forum is better suited for the question you have asked.

A:Can I Post My Gmer Rootkit Scan Here? If So, How?

When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.Important! Please do not select the "Show all" checkbox during the scan..

Read other 4 answers
RELEVANCY SCORE 76

Here's the result after I scanned the computer. I hope this would help to solve my problem. I also want to thank you all for helping me.

DDS (Version 1.0) - NTFSx86
Run by Aaron Tran at 22:08:32.39 on Mon 11/24/2008
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2038.1501 [GMT -5:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Viewpoint\... Read more

A:Rootkit, Gmer and DDS scan result

I Have A Message Saying" Error In:c\windows\system32\caewqgeycilvoe.dll
Missing Entry:dllstart:".
I Currently Run On Xp Home Edition. After I logged in, everything on the desktop disappeared. The only left to see is the screen saver. Results shown above after the Gmer and DDS scan. Please advise of what to do and how to fix this. Thank you!

Read other 3 answers
RELEVANCY SCORE 76

These are the results I obtained from a Gmer scan in safe mode. None of these were highlighted in red, btw is the red highlighting an indicator of harmful infection?

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-25 18:16:38
Windows 6.0.6002 Service Pack 2
Running: 9xibzucq.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\002186d2c7c5 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\[email protected] 0x0C 0xF1 0xA6 0xAE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186d2c7c5
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTE... Read more

A:Don't understand Gmer scan results, please help

Hello and Welcome to TSF.

I see nothing malicious in your gmer log. If you think you are infected, and wish to seek help, follow the instructions below.

------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

------------------------------------------------------

Read other 1 answers
RELEVANCY SCORE 76

did prep ( as much as i could) ran gmer 5 times...3 times system frooze and 2 times computer shut down and restarted. below is posted what was on the log when each thing occured.Referred from here: http://www.bleepingcomputer.com/forums/t/306203/poss-infection/ ~ OBgmer scanGMER 1.0.15.15281 - http://www.gmer.netRootkit scan 2010-04-02 13:18:04Windows 5.1.2600 Service Pack 3Running: gmer.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\kwlcyfog.sys---- System - GMER 1.0.15 ----SSDT 89E94A48 ZwAlertResumeThreadSSDT 89E946C8 ZwAlertThreadSSDT 8A07EDE0 ZwAllocateVirtualMemorySSDT 89EBD6B8 ZwAssignProcessToJobObjectSSDT 89800498 ZwConnectPortSSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xA6434210]SSDT 89E94FC0 ZwCreateMutantSS... Read more

A:canot complete gmer scan

Hello and and Welcome to BleepingcomputerPlease note we are very busy, so if I don't hear from you within 5 days the topic will be closed, If you have sinceresolved your issues I would appreciate if you would let me no so I can close this topic.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.%appdata%\*.exe%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%SYSTEMDRIVE%\*.exenetsvcsmsconfig/md5startproquota.exesfcfiles.dlleventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dllbeep.sysiaStor.sysnvstor.sysatapi.sysnvatabus.sysviamraid.sysnvata.sysiastorv.sys/md5stopCREATERESTOREPOINTPush the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedThanks

Read other 8 answers
RELEVANCY SCORE 76

DDS log with ark.txt to the point it was hung up on the last directory.Let me know what you think and what's next. Thank you so much!LUNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH ITDDS (Ver_09-12-01.01)Microsoft Windows XP Home EditionBoot Device: \Device\HarddiskVolume2Install Date: 4/10/2008 8:25:36 PMSystem Uptime: 3/13/2010 6:38:16 AM (0 hours ago)Motherboard: Dell Inc. | | 0TT347Processor: Intel? Core™2 Duo CPU T5270 @ 1.40GHz | Microprocessor | 1396/200mhzProcessor: Intel? Core™2 Duo CPU T5270 @ 1.40GHz | Microprocessor | 1396/200mhz==== Disk Partitions =========================C: is FIXED (NTFS) - 146 GiB total, 55.655 GiB free.D: is CDROM ()E: is CDROM (CDFS)F: is Removable==== Disabled Device Manager Items ================= System Restore Points ===================No restore point in system.==== Installed Programs ======================Adobe Flash Player 10 ActiveXAdobe Flash Player 10 PluginAdobe Reader 8.1.3Adobe Shockwave Player 11.5Broadcom Management ProgramsCompatibility Pack for the 2007 Office systemConexant HDA D330 MDC V.92 ModemDell DataSafe OnlineDell Network AssistantDell Support CenterDell TouchpadDell Wireless WLAN CardDigital Line DetectGoogle DesktopGoogle Toolbar for Internet ExplorerGoogle Update HelperHigh Definition Audio Driver Package - KB835221Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for... Read more

A:mbroot-h gmer scan/dds logs

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 76

I have applications failing on a regular basis and opeing things like control panel takes 2-3 minutes.
I have cleared down and defragd my disks.

Hard drive is constantly active even during idle time.

Have been able to run the dds app and I include the dds file and attach zip.
Gmer falls over and pc reboots.

plz help..


DDS (Version 1.0) - NTFSx86
Run by HP_Owner at 23:09:09.33 on 07/12/2008
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.44.1033.18.1023.660 [GMT 0:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Syma... Read more

A:[SOLVED] GMER fails during scan

BUMP please

Read other 2 answers
RELEVANCY SCORE 76

trying to run GMER scan, keep getting BSOD (approx 5 times) what can I do? Originally came here for google redirect...DDS (Ver_10-03-17.01) - NTFSx86 Run by Tom Ohlgren at 8:54:13.43 on Fri 06/11/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1122 [GMT -5:00]AV: ZoneAlarm Security Suite Antivirus *On-access scanning enabled* (Updated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}FW: ZoneAlarm Security Suite Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchC:\WINDOWS\system32\svchost -k rpcssC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\CheckPoint\ZAForceField\IswSvc.exeC:\WINDOWS\system32\brsvc01a.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\brss01a.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\Program Files\Dell Network Assistant\hnm_svc.exeC:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\WINDOWS\sy... Read more

A:BSOD upon running GMER scan--Help??

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please download OT... Read more

Read other 13 answers
RELEVANCY SCORE 76

Hi...I'm new to this forum and am looking for some assistance. I have a redirect trojan virus and I've been following the steps of your preparation guide to post the logs here. I got to the GMER scan and every time I run the scan, it shuts down my computer before finishing. The folder it is scanning when it shuts down is C:\Documents and Settings\HP_Owner\Local Settings\Temporary Internet Files\Content.IE5. The strange thing is that when I look for that folder on my computer, it isn't there and I have "show hidden files" checked. Can you help me with this? I have Windows XP. Thank you.

A:GMER Scan Shuts Down My Computer

Hello, just skip Gmer for now. Post the DDS log and tell them Gmer would not run. They will take it from there.

Read other 2 answers
RELEVANCY SCORE 76

I have ran the GMER.exe scanner twice. Both times it scanned fine and took several hours since I have many files from running online sports game leagues. When the scan completes and I try and save my machine becomes unstable and will not save the log file. Should I have disabled Malware Bytes or AVG? I use IE8 but also have Firefox installed with a few greaemonkey scripts that I use in my GLB mmo football sim game. I would like to get the log to save so I can post for analysis. Anyone have any thoughts what I might be doing wrong? Thanks so much!!

A:GMER scan runs but won't save

When running such tools, I recommend temporarily disabling security programs and CD Emulators until the scan has been completed.In some cases you may need to open GMER and deselect (uncheck):IAT/EATDrives/Partition other than Systemdrive (typically C:\) Show All <- don't miss this oneIf that does not work you may also need to uncheck Devices and Sections from the options on the right, along with the items noted above, then try running it again. If it's still crashing, also uncheck Files.Should GMER still continues to crash or not run properly, try running it in safe mode.

Read other 2 answers
RELEVANCY SCORE 76

I decided to run a rootkit scan on my computer using Kaspersky TTDS and GMER. TTDS ran fine and no threats were detected, but when I ran GMER all the options (including system, processes, sections) other than "services, registry, files, ADS" are grey and I can't select them.

So, am I infected or did I miss something. And if I'm infected what is the possible malware(name) running on my PC.

Please help me out.

A:GMER scan options grey!

And this is the log I got after running the scans with the allowed options.

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2013-01-11 15:16:57
Windows 6.1.7600
Running: Gmer rootkit scan.exe
---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac7289218f44
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0x43 0xFC 0x70 0x05 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\[email protected] 0xCC 0xFC 0xAB 0xF0 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0x2B 0x0A 0xEE 0xC1 ...
Reg HKLM\SYSTEM\Curren... Read more

Read other 4 answers
RELEVANCY SCORE 76

hi thank you for your help.
the scan shows system modification...The second problem is that when I run
a cracked software it create a "alg.exe" here C:\Program Files\Common Files\alg.exe which i think is 100% "i dont know".SO I deletet the cracked software and the "alg.exe". NOW the system modification from rootkit activity
is the big problem ......WHAT can i DO.???


thank you




hi .this is my new mesage.,with a scan:
Malwarebytes' Anti-Malware 1.40
Versione del database: 2717
Windows 6.0.6002 Service Pack 2

File infetti:
C:\Windows\System32\kbiwkmcrycgxtd.dll (Trojan.TDSS) -> No action taken.
C:\Windows\System32\kbiwkmdqlsiics.dll (Trojan.TDSS) -> No action taken.
C:\Windows\System32\kbiwkmvqrpvftq.dll (Trojan.TDSS) -> No action taken.
C:\Windows\System32\kbiwkmwrqndosb.dll (Trojan.TDSS) -> No action taken.
C:\Windows\System32\drivers\kbiwkmepwmifcf.sys (Trojan.TDSS) -> No action taken.
C:\Windows\System32\drivers\kbiwkmpmpxggcu.sys (Trojan.TDSS) -> No action taken.


GMER 1.0.15.15077 [gmer.exe] - http://www.gmer.net
Rootkit scan 2009-08-29 23:35:04
Windows 6.0.6002 Service Pack 2

---- Services - GMER 1.0.15 ----

Service C:\Windows\system32\drivers\kbiwkmpmpxggcu.sys (*** hidden *** ) [SYSTEM] kbiwkmmevoxvmd <-- ROOTKIT !!!
Service ... Read more

A:Gmer Scan->sys modification by ROOTKITactivity

Hello folli,

Download Combofix from here . You must rename it before saving it. Save it to your desktop.

Link 1
Link 2








=======================================


Now, you must turn off Avira or it will make trouble with ComboFix.

=======================================


Double click on Combo-Fix.exe & OK the messages.When finished, it will produce a report for you.
Please post the C:\ComboFix.txt so we can continue cleaning the system.

Read other 7 answers
RELEVANCY SCORE 76

Please help, I'm not a proficient computer user and I've somehow got this wretched HTTPS Tidserv Request 2 rootkit. I run a small business and this is SUCH a pain losing time and money here.First alerted 2 days ago by Norton Internet Security persistent pop-up warnings about intrusion attempts by various attacking computers and URL's, googled the names m01n83kjf7.com, zz87jhfda88.com, 7gafd33ja90a.com, 19js810300z.com, n16fa53.com and found your (wonderful) site putting the horrible significance on the information.I've read all the instructions, backed the valuables up before downloading DeFogger, DDS and GMER and followed the step-by-step instructions religiously. After starting GMER scan, the window showed quite a list but after only 1 minutes or so just disappeared, leaving just the GMER folder with the .exe icon in. Almost immediately after, Internet Explorer and Norton Internet Security and Microsoft Word (which were all open) stopped responding. Had to ctrl, alt, delete to shut them down.Question - before I run GMER again, is it coincidence that the scan just seemed to stop itself and IE etc. crashed in which case it's safe to go ahead, or does the rootkit know what I'm doing and therefore scuppering the scan?Paranoid? Maybe a little! Unfortunately I don't know enough about what I'm doing here though to confidently retry without a little reassurance from the experts please. The DDS and Attach text files are saved to my desktop if they... Read more

A:GMER stopped running mid scan

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 16 answers
RELEVANCY SCORE 76

One of my WinXP machines got a bluescreen for about 1 second and then restarted during a GMER scan, I was planning on submitting a log after detecting some malware. MBAM detected and removed 2 malware files:\applicationdata\avdrn.dat (Malware.Trace) and \local settings\temp\services.exe (password.stealer).The noticeable symptoms were lockups and failed shutdowns. But it only seemed to occur with 1 profile so I also scanned a file that was in that profile's startup folder (not a shortcut). Symantec didn't flag it so I scanned it with VirusTotal.Here's the result. 12 of 42 scanners flagged it but only Trend Micro seemed to have specifics on it. The registry entries that were to be removed were missing. But I just learned that if it were part of a rootkit it would probably be hidden anyway. Could really use some advice. Thanks.

A:Bluescreen and freezing during GMER scan

I found some spyware with MBAM and removed it and found a suspicious file which I scanned with Virus Total.Here's the result. . TrendMicro flagged it as something specific but the removal instructions refer to registry entries that I cant see. Thinking I might have a rootkit, I scanned with GMER but in normal boot mode I always get a BSOD. In safe boot mode the computer becomes unresponsive. Is there a legal bootable rootkit scanner (Hiren's is not legal) or another workaround? I'm wondering if a clean install is the only recourse.Added VT log for easeFile name: updpxe32.exeSubmission date: 2010-08-23 12:43:42 (UTC)Current status: finishedResult: 12 /42 (28.6%) VT Communitynot reviewed Safety score: - Compact Print results Antivirus Version Last Update Result AhnLab-V3 2010.08.23.06 2010.08.23 - AntiVir 8.2.4.38 2010.08.23 - Antiy-AVL 2.0.3.7 2010.08.23 - Authentium 5.2.0.5 2010.08.23 - Avast 4.8.1351.0 2010.08.22 Win32:Crypt-HKP Avast5 5.0.332.0 2010.08.22 Win32:Crypt-HKP AVG 9.0.0.851 2010.08.23 - BitDefender 7.2 2010.08.23 - CAT-QuickHeal 11.00 2010.08.23 - ClamAV 0.96.2.0-git 2010.08.23 - Comodo 5830 2010.08.23 TrojWare.Win32.Trojan.Agent.Gen DrWeb 5.0.2.03300 2010.08.23 - Emsisoft 5.0.0.37 2010.08.23 - eSafe 7.0.17.0 2010.08.23 - eTrust-Vet 36.1.7804 2010.08.21 - F-Prot 4.6.1.107 2010.08.22 - F-Secure 9.0.15370.0 2010.08.23 - Fortinet 4.1.143.0 2010.08.23 - GData 21 2010.08.23 Win32:Crypt-HKP Ikarus T3.1.1.88.0 2010.08.23 - Jiangmin 13.0.900 2010.08.23 - Ka... Read more

Read other 2 answers