Computer Support Forum

No internet&hardware errors after removal of "Security Essentials 2010"

Question: No internet&hardware errors after removal of "Security Essentials 2010"

Here's the story: After removing Security Essentials 2010 (rogue program) with Malwarebytes Anti-Malware, my internet didn't work anymore. So, I tried doing a system restore, which fixed the internet. However, after a reboot initiated by Windows "updating" to Internet Explorer 8, the internet has stopped working and I have a yellow exclamation point in devmgmt for my hardware, Linksys LNE100TX v4. I tried to manually install my driver to no avail, and kept on getting "driver error code 39". LSPFix didn't work, driver installation didn't work, and I'm at a loss..

I tried sfc /scannow, and I left the computer with the window. When I came back, the sfc window was simply gone.

Could just reformat, but there's a lot of files and programs, and redownloading all of them would be a hassle..

EDIT: Fixed SQL server issue. In addition, ran a Combofix even though I'm not supposed to (sorry I'm impatient). It found some infected file etc, please find log attached. Still no internet..

Here is the HJT log, with the program renamed as "cookie.exe" from a previous fix:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:42:17 PM, on 5/7/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Aclient\AClient.exe
C:\Program Files\Adlib\Express\AdlibFMR.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$ADVANCEPRO\Binn\sqlservr.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\WINDOWS\system32\hpzipm12.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SMARTD~1\Messages\SDNotify.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program Files\ProtectTools\Embedded Security Software\SpTna.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTServs.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Program Files\Microsoft LifeChat\LifeChat.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Administrator\Desktop\cookie.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\Nuance\NaturallySpeaking10\Ereg.ini
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enumn /alertsn /notificationsn /systrayIconn /fln /frn /appDatan
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [AClntUsr] C:\Program Files\Aclient\AClntUsr.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://bba.bloomberg.net/default/Clients_common/ica32/icaweb.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA} (Hewlett-Packard Printer Diagnostics) - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISWebManager.CAB
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168307507562
O16 - DPF: {B24F0664-7DDA-40B6-B38C-A4FD68DE8685} (CentraDownloaderCtl Class) - http://171.64.22.130/main/Install/en/US/CentraDownloader.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Altiris Client Service (AClient) - Altiris, Inc. - C:\Program Files\Aclient\AClient.exe
O23 - Service: Adlib Express Server - Adlib Software - C:\Program Files\Adlib\Express\adexps.exe
O23 - Service: Adlib FMR - Adlib eDocument Solutions - C:\Program Files\Adlib\Express\AdlibFMR.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe

--
End of file - 11243 bytes

Relevance 100%
Preferred Solution: No internet&hardware errors after removal of "Security Essentials 2010"

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: No internet&hardware errors after removal of "Security Essentials 2010"

Formatted. Fixed~

1 more replies
Relevance 80.91%

Got my computer back today (Windows XP), and my background is now all green with a black box in the middle saying "Your System Is Infected...etc"

Also a red circle with a white X in the task bar

I can't open the task manager

Can Anyone Help???...

Downloaded HiJackThis

My log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:51 AM, on 12/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\sy... Read more

Answer:"Your System Is Infected" Background + "Internet Security 2010" virus/malware problem

Hi and welcome to TSF.

I'm afraid HijackThis no longer provides the information we require.

We want all our members to perform the steps outlined in the link given below, as far as they possibly can, before posting for assistance.

http://www.techsupportforum.com/f50/...lp-305963.html

If you have problems with any of the steps, simply move on to the next one and make a note of the problem in your reply.

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply - it may take a few days.

This thread will now be closed.

1 more replies
Relevance 80.91%

Got my computer back today (Windows XP), and my background is now all green with a black box in the middle saying "Your System Is Infected...etc"

Also a red circle with a white X in the task bar

I can't open the task manager

Can Anyone Help???...

Downloaded HiJackThis

My log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:51 AM, on 12/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\i... Read more

More replies
Relevance 80.91%

I just read the articles. Here they are.

http://news.softpedia.com/news/Micr...ls-Fake-Security-Essentials-2010-144312.shtml

http://www.neowin.net/news/microsof...urity-essentials-2010quot-anti-virus-software

-----------------------------------------------------------------
 

Answer:Warning! Fake "Security Essentials 2010"

6 more replies
Relevance 102.09%

I suppose it's just coincidence, but I can't help thinking I screwed something up massively when I did a driver (GPU, for the record) rollback in Vista x64 last week. Ever since then, I've been getting random BSODs of either the "the system has encountered an uncorrectable hardware error" or the "a secondary clock interrupt was not received..." variety, usually referring to either 0x00000124 or 0x00000101. Nothing in the system is overclocked or overvoltaged, and the only thing that seems to minimize--but not completely eliminate--it even with only one HD in the thing is if absolutely no sound hardware of any sort is in place. No sound card, no enabling onboard audio.

How screwed am I?
 

Answer:"Clock interrupt" + "uncorrectable hardware" errors = I'm replacing something, right?

Just uninstall and reinstall the video driver?
 

13 more replies
Relevance 101.68%

Earlier today i tried to download a file of mediafire called Justin Vernon Self-RecordAs soon as I downloaded it my computer freaked out, my default internet browser was changed from Flock to Internet Explorer. I just got a popup that says "Vista Internet Security 2010 - Unregistered Version" it says I have 22 critical system objects and lists what could happen to my system then gives me the options to register my copy of vista internet security 2010 or remind me later. I also got a pop up from the same company that "scanned" my computer, I've attached a screenshot. About three boxes popped up, that screenshot, another one with a red bar on top saying my system was infected and Windows Security Center or something like that which says my  firewall and malware protection are off, to be honest I'm not sure it was ever on but I'm 98% sure it was because I've never had a problem with it before. When i type in Security in the Start Search bar it says theres a Windows Firewall and Advanced Security and Security Center which is the one i have problems with. I've attached another screenshot of this. Every time i open a program, it always ends up the last program listed in my start bar and for some reason Security Center does not end up on that list but Windows Firewall and Advanced Security does. When I try and click anything in Security center, whether it be "System Restore and Backup" or "Turn on now" it just pop... Read more

Answer:"Vista Internet Security 2010", Virus Protection Popups

Please visit this webpage for a tutorial on downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixSee the area: Using ComboFix, and when done, post the log back here.

7 more replies
Relevance 101.68%

I caught the Internet Security 2010 virus. I used a malwarebytes full scan to delete it. Upon restart, I can't get into windows. safe mode does not even work and 'last known working configuration' does not work.Quote"A PROBLEM HAS BEEN DETECTED AND WINDOWS HAS BEEN SUT DOWN TO PREVENT DAMAGE TO YOUR COMPUTER.IF THIS IS THE FIRST TIME YOU'VE SEEN THIS ERROR SCREEN RESTART YOURCOMPUTER. IF THIS SCREEN APPEARS AGAIN FOLLOW THESE STEPS:CHECK FOR VIRUSES ON YOUR COMPUTER. REMOVE ANY NEWLY INSTALLED HARD DRIVES OR HARD DRIVE CONTROLLERS. CHECK YOUR HARD DRIVE TO MAKES SURE IT IS PROPERLY CONFIGURED AND TERMINATED. RUN CHKDISK /F TO CHECK FOR HARDDRIVE CORRUPTION, AND THEN RESTART YOUR COMPUTER.TECHNICAL INFORMATION:***STOP: 0x0000007B (0xF7B6D528, 0xC0000034, 0x00000000, 0X00000000)"We apologize for the inconvenience but Windows did not start successfully. A recent hardware or software change might have caused this.If your computer stopped responding, restarted unexpectedly or was automatically shut down to protect your files and folders, choose Last Known Good Configuration to revert to the most recent settings that worked. "Right now I'm in linux.I would do a clean install of windows but I need the files on the windows partition.

Answer:Vicious Malware: Internet Security 2010 + Bluescreen ("of death")

I tried to rebuild the Windows boot.ini. using the "How to rebuild the Windows boot.ini." tutorial, but it did not work. Instead I've created 4 "Microsoft Windows Professional" items and the Ubuntu one is the only one that works. http://www.computerhope.com/issues/ch000648.htm

14 more replies
Relevance 101.68%

If this has been covered, can someone direct me to a thread with help? Home computer is overrun with "Internet Security 2010" pop ups and malware - cannot connect to internet, access system restore or much else. It disabled my MalwareBytes and Symantec Anti virus programs. Tried running a win32NetSky removal tool from disc yesterday with no luck. It will sporadically connect to viagra website or porn.org ...any suggestions?

Thanks!!!!
 

More replies
Relevance 101.68%

i have a winXP SP3 laptop (hewlett-packard) and i'm stuck in an auto log-off problem. i've read a lot around various sites about possible causes and fixes. seems it could be a "userinit.exe" file that is missing or corrupt. i used malwarebytes to remove the internet security 2010 virus and then upgraded from AVG antivirus v8 to v9.0. i also used latest spybot to scan the computer. malwarebytes found 43 infected files, which i removed (quarantine and delete) and spybot found two more which were also healed.

now, i have been trying to get into the computer through safe mode and safe mode with command prompt. i can not get past the user acct OR the administrator account logon before i get logged off. i can not get to a command prompt, as far as i can tell, in order to try any of the fixes i've read about.

can anyone tell me how i might get to a command prompt to run a system restore or otherwise fix this userinit.exe file problem?
thanks
 

Answer:auto-logoff after removing "internet security 2010"

10 more replies
Relevance 100.04%

Hi! Despite Norton's usually good protection, Norton 360 just let a virus take over our little Toshiba Satellite 32bit laptop running Windows XP (Media Center Edition...). It blocks access to internet, so we can't download or get remote help.
It does not show up on the computer's list of installed programs so there is no entry on the list to delete or uninstall. It blocks Task Master so we can't use TM to stop it. It is happy to let us run full, comprehensive scans with Norton -- which reports that it finds no infections whatsoever (so it is invisible to Norton!). Although, the norton events log did note a "medium security" violation from outside when this all started -- meaning Norton did realize an infection was entering the computer. But Norton did not block it and the log entry says there is no user action to be taken.
Meanwhile, it pops up nunerous (at one time I got a bit behind and wound up counting 9 of them!) "error messages" of various types, all consistently saying that it had found various serious security infections or problems and that we need to click to purchase their program to fix them. Of course, the only security infection we really need to fix is this "internet security 2010" virus itself!
We spent a day on the phone with a nice Microsoft lady who ran us through dozens of tries to remove the infection. This failed to work, however, and they are going to try further in a couple days after they have chance to study i... Read more

Answer:"Internet Security 2010" virus ... help!????

If you can save you files to cds or a usb stick or externel hard drive.
That is the most important thing to do first.
Then if you can boot the computer in safe mode with networking and
see if you can get on the net. Download Maleware bytes (a free program)
install it update it run it.
If that does not work you may have to redo windows.
Some times the effort you put in to removing that crap you would be better off
just to wipe it.
That is why I wanted you to save your files right away.

I know I was not much help but I tried.

Jimmy

31 more replies
Relevance 100.04%

Keep getting popups about computer being infected. The windows are titled "Internet Security 2010". Can't open applications such as system restore. And I attached a screenshot of my unwanted desktop background. Seems to be a rather common problem with other users lately. Also, it won't let me run dds.

Answer:Have the "Internet Security 2010" problem

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Double-click dds to run it. When you get the warning, 'Application cannot be executed', leave it open, then double-click dds again. It should run. Post/attach the logs as requested.

------------------------------------------------------

19 more replies
Relevance 96.35%

The two main malware items I think I have. I've already assumed I will do a total C: delete and re-install. I've tried lots of things in safemode, etc. with Spybot, Malwarebytes, a Norten scanner, etc. either directly running or downloading/renaming, or by downloading on another computer and using memory stick to transfer. Nothing stays launched, runs nor completes.

What a pain in the butt. I use AVG and whatever it did jumped right through in no time.......I've read lots of posts in cnet, pctools, a few here, etc.

What a mess.

Some people have way to much free time......maybe they ought to get a job somehow using these skills...they'd make a mint.

Pete
 

Answer:"Total Security" and "Antivirus Pro 2010"

simpler to just reformat the whole computer
 

1 more replies
Relevance 94.3%

This began after dumbly going to some non-commercial website. NAV auto-protect did initially detect an infection, but indicated it could not quarantine or delete.

Now when launching IE6, it attempts to redirect to a fake virus software website. When I choose the "not recommended" link, IE crashes shortly afterward. Also, I get a fake "Security Center Alert" popup every few minutes. I stupidly clicked on the link to update the security center.

With System Restore deactivated, I have run (all updated, full scans in safe mode) NAV, Ad-aware, Spybot, SpySweeper, Avira and CCleaner. (Then I found this website and learned I should have waited to do this.) Spybot found a couple of registry entries, but that was the only detection made by any of the programs, other than NAV's initial auto-protect message. File gmer.txt is attached.

dds.txt:

DDS (Version 1.0) - NTFSx86
Run by Mike at 13:22:43.09 on Sat 12/06/2008
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2038.1399 [GMT -6:00]

============== Running Processes ===============

C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\... Read more

Answer:IE crash after "Insecure Internet activity", "Security Center Alert" popup

Before any work can be done on this machine, there is something that requires your immediate intervention.

This machine is messed up pretty badly because you have several anti-virus programs on your machine. That's not a good idea!!

Alike firewalls, anti-virus programs have conflicts co-existing with each other & produces undesirable results. Please uninstall ALL leaving only one of them.

ALL the antivirus programs must be removed via add/remove program.
For any program that doesn't have an add/remove entry, you will have to do this:re-install the program -> reboot -> uninstallPost a fresh logs when you have completed the above task.

11 more replies
Relevance 94.3%

Hi Guys, I need some help please. My computer seems to have been infected with some trojan that does not allow me to run any antivirus/malware software. A windows popup keeps coming up titled "Security Warning," and reads Application cannot be exectured. The file **** is infected. Do you want to activate your antivirus software now?" Also, on the tasktray, a "windows security alert" keeps coming up as well, and it appears that "Antispyware Soft" keeps trying to scan my system and ask me to purchase the program to fix the infected files.I tried doing a google search for other users with similar problems, and saw that all the users posted a .txt log, after running rkill. I tried downloading that to expedite the process for you guys, but was not able to execute the file as it says what is stated in the 1st paragraph above.Please let me know what I have to do to get rid of this virus. Thank you

Answer:Need Help Removal: "windows security alert" popup, "application cannot be execut

http://www.computerhope.com/forum/index.php/topic,46313.0.htmlgo to above , complete , post the 3 logs

6 more replies
Relevance 93.89%

I got my dell few days ago. Installed it with Samsung EVO 850 SSD 500 Gb and Kingston 8GB PC3L - 12800 SODIMM.The Windows 10 Home OEM home is installed on HDD 1TB so I decided to use Samsung Data Migration software to clone the data to SSD. However, the OS crashed and decided to install a fresh Windows 10 Enterprise to SSD and deleted the previous OS on HDD using diskpart.Now after Installing Windows 10 Ent OS files. Every after BIOS run, I got BSOD errors "MEMORY MANAGEMENT" + "Page Fault it non paged area" + "IRQL NOT LESS OR EQUAL" 

More replies
Relevance 93.89%

Windows crashes on startup -- a freeze in the "Starting Windows" screen. The Event Viewer shows this recurring error:

Administrative Event Viewer Error - Session "Microsoft Security Essentials OOBE" stopped due to the following error: 0xC000000D

Searches give me this thread as the only one with something that might be a solution; however, the solution in that thread seems to be temporary, and the folder and file specified don't exist in my current install of Windows 7 and MSE.

Recommendations?

Answer:"Microsoft Security Essentials OOBE" stopped (...) error 0xC000000D

Hello PantsMasterson

Is this of any help to you - MSE OOBE Event Error - Fixed

If not maybe a reinstall of MSE is in order.

Danny

9 more replies
Relevance 93.89%

Hi there

Each time I switch on my PC Security Essentials flags up an medium alert (status active) concerning a detected item - "Adware:Win32/FastSaveApp".

I've applied the action "Quarantine" and "Remove", each time Security Essentials completes the operation and tells me to restart my PC.

Upon restart FastSaveApp is back again.

I have tried CCleaner and Malwarebytes but they don't pick it up. I've check to see if it has installed anything in Chrome and IE9, it hasn't as far as I can tell.



This is the first time that I've come across something that Security Essentials couldn't deal with. Any suggestions as to how I can remove this pest please?

Answer:Security Essentials can't remove/quarantine "Adware:Win32/FastSaveApp"

Try running the following tool:

AdwCleaner Download

3 more replies
Relevance 93.89%

Hi All.

I recently moved from Avast to MSE and I was wondering if there was a way to shift the Scan with MSE context menu item to the Shift+Right Click menu instead. I did a little googling and tried the "extended" registry key but that didn't seem to work (unless I put it in the wrong place).

Thank you in advance for your help!

Answer:Move "Scan with Microsoft Security Essentials" to Shift+Right Click

Welcome to Seven Forums BaconCatBug. You should be able to add items to the extended menu, but I don't know if it will also reside in the standard menu.

How to Add Any Application Shortcut to Windows Explorer?s Context Menu

You might also see if the entry is listed via Shell Menu View. If so, the program also has an extended view (File> Set extended view) you can use to add it there.

ShellMenuView - Disable/enable context menu items of Explorer

A Guy

4 more replies
Relevance 93.48%

Target: Sony Vaio PCV-RX640 w/ XP SP2

Have a Norton antivirus. Got a message (from it?) saying it had stopped a trojan. Then a window popped up offering to search multiple search engines for a solution. I vaguely (I was tired, ok) noticed that it claimed on the top bar to be "Windows Security Essentials" which should have caused me to yank the cord, since though I'd recently installed WSE on a laptop I still had a Norton sub on this computer. So I watched it as it pretended to search (little green boxes as I recall) and clicked on one of the four that claimed to be a solution. *duh* Obviously no real antivirus would follow this procedure, but Norton had worked before and I was not alert. All the Firefox instances closed immediately and then what appeared to be a power-off(-restart?) procedure self-initiated. It was aborted by what appeared to be a memory error and now Windows keeps recycling back to the choose-startup-mode screen. I stuck in the #1 Sony System recovery CD just to see what would happen and it proceeds to the point where it says ?"File \i386\system32\hjalaacpi.dll could not be loaded" / "The error code is 32768" // "Setup cannot continue. Press any key to exit."

Exiting initiates a reboot and, since the recovery cd is in the drive, a loop. Or, if I take it out, the start mode loop.

I take that back. I just looked up and this time I've got a BSOD. "...windows had been shut down to prevent damage..." // &quo... Read more

Answer:Virus with fake "Windows Security Essentials" ( I think) solution-search popup

Well, thank you all.

Btw, the Sony proved unbootable enough that the easiest solution was to slave its drive in another computer. All the files seem ok. MalwareBytes Anti-Malware did't find any trace of the virus on it.

1 more replies
Relevance 93.48%

Why is Microsoft Security Essentials Definition Update being listed as "Optional" under the Automatic Windows Update?
You actually have to choose it to be downloaded (since it is listed as optional), instead of MSE/Windows automatically downloading the definition.
If you do not manually select it to be downloaded, Windows will not automatically download the MSE definition. 
Isn't it odd that a security definition update for MSE be listed as "Optional" in terms of "importance?" This happens in both Windows 7 and Windows Vista OS.
 
Any reasons or answers?

Answer:Microsoft Security Essentials Definition Update being listed as "Optional" under Importance?

"They are marked optional in Windows Update because if they are ignored MSE will install the definitions at its regular daily update check." (official answer from

http://social.answers.microsoft.com/Forums/en-US/msestart/thread/b5594cea-93b4-4320-8cbb-edc59a0948cc)
Even if many people set their Windows Update (incl. MS Update) settings to "check for updates and notify..." instead of "install updates automatically", I would strongly recommend the automatic setting. It's safer when MSE checks and updates the virus
signatures every time you start the computer (before you can do anything in Windows) than when it updates according to its own daily schedule. The difference is not huge but existent."192 GB ought to be enough for anybody." (from the miniseries "Next Generation's Jokes")

10 more replies
Relevance 93.07%

You can read about it here:

https://blogs.technet.microsoft.com...staller-that-can-lead-to-a-support-call-scam/

--------------------------------------------------------------
 

More replies
Relevance 93.07%

Many of you(like me) don't like to have Microsoft automatically download and install updates, and prefer to have control over which updates get installed.

It was discovered that the install of Microsoft Security Essentials will change the setting back to Automatic without your knowledge. The end result is getting updates installed without your knowledge, unless you change the setting back to where you had it right after you install MSE.

You can read the full article here.

----------------------------------------------------------------
 

Answer:Something To Be Aware Of Before Installing "Microsoft Security Essentials"

6 more replies
Relevance 93.07%

Some of you may remember the 2010 version of the fake Microsoft Security Essentials. In the last a totally new Aero styled twist to the previously known "protector.exe" trojan dropper that saw the fake SE or Windows Doctor scamware placed on your system has a new cousin to watch out for!

This latest malware will easily slip past any effect web guard as well as just about any av program! The user will unwittingly expose themselves to this by whatever form disguishes it to begin with.

The now called "protector-xfg.exe" trojan dropper downloads several trojans along with a fake "Security Essentials - Windows Defender". Note when trying to bring up the taskmanager to find out what process is new to end it you will find the SE along with a "Windows Process Manager" which basically takes over the taskmanager entirely preventing the disable of the scamware as well as the protector-xfg.exe trojan dropper.

Removal is basic as far as the main exe file by booting into safe mode to manually delete the file found under the user account sub folders once you have opened the file location. Here on one infected 7 laptop the protector-xfg.exe bug was first moved into a temp folder out from the user account while still being active prior to the reboot into safe mode.

With the VIPRE AV Home Premium version of that software installed and having removed several trojans already the fake SE still continued to indicate they were prese... Read more

More replies
Relevance 93.07%

In Microsoft Security Essentials, there is an option to "check for certain patterns of suspicious activity". What are these patterns of suspicious activity? How much does this slow down my system? How likely am I to get a false positive?

Answer:MS Security Essentials, "certain patterns of suspicious activity"

I use MSE and cannot see the option ,
where are you seeing it?
screenshot if possible

5 more replies
Relevance 93.07%

On their website, they have 2 separate TSE versions from what I can gather:

TSE and the Enhanced version.

Couldnt find any info between those. Anyone care to clarify?

Also, those using TSE (not TS), can you please let me know the idle RAM usage and full scan CPU usage?

Thanks

PS: also on TSE, does anyone know what bugs were fixed exactly? their change log only shows Bug Fixes.

I am aware TSE is the former IS.
 

Answer:360 Total Security Essentials " Enhanced Version "

You are correct that Internet Security is now called Total Security Essentials. After its done checking it drops down to around 20% ram usage on my system and around 1 to 3% cpu usage.
 

15 more replies
Relevance 93.07%

Some of you may remember the 2010 version of the fake Microsoft Security Essentials. In the last a totally new Aero styled twist to the previously known "protector.exe" trojan dropper that saw the fake SE or Windows Doctor scamware placed on your system has a new cousin to watch out for!

This latest malware will easily slip past any effect web guard as well as just about any av program! The user will unwittingly expose themselves to this by whatever form disguishes it to begin with.

The now called "protector-xfg.exe" trojan dropper downloads several trojans along with a fake "Security Essentials - Windows Defender". Note when trying to bring up the taskmanager to find out what process is new to end it you will find the SE along with a "Windows Process Manager" which basically takes over the taskmanager entirely preventing the disable of the scamware as well as the protector-xfg.exe trojan dropper.

Removal is basic as far as the main exe file by booting into safe mode to manually delete the file found under the user account sub folders once you have opened the file location. Here on one infected 7 laptop the protector-xfg.exe bug was first moved into a temp folder out from the user account while still being active prior to the reboot into safe mode.

With the VIPRE AV Home Premium version of that software installed and having removed several trojans already the fake SE still continued to indicate they were prese... Read more

Answer:New Variant of "FAKE" Security Essentials to be aware of!

Thanks for this info.

3 more replies
Relevance 93.07%

I am using Windows 7 and Microsoft Security Essentials. When I run Security Essentials it finds 2 JAVA related infections* and then halts about 2/3s of the way through the cleansing process without removing them. Any suggestions?

*Sorry, but I actually have to go through a full scan to get the details.
 

More replies
Relevance 93.07%

Some of you may remember the 2010 version of the fake Microsoft Security Essentials. In the last a totally new Aero styled twist to the previously known "protector.exe" trojan dropper that saw the fake SE or Windows Doctor scamware placed on your system has a new cousin to watch out for!

This latest malware will easily slip past any effect web guard as well as just about any av program! The user will unwittingly expose themselves to this by whatever form disguishes it to begin with.

The now called "protector-xfg.exe" trojan dropper downloads several trojans along with a fake "Security Essentials - Windows Defender". Note when trying to bring up the taskmanager to find out what process is new to end it you will find the SE along with a "Windows Process Manager" which basically takes over the taskmanager entirely preventing the disable of the scamware as well as the protector-xfg.exe trojan dropper.

Removal is basic as far as the main exe file by booting into safe mode to manually delete the file found under the user account sub folders once you have opened the file location. Here on one infected 7 laptop the protector-xfg.exe bug was first moved into a temp folder out from the user account while still being active prior to the reboot into safe mode.

With the VIPRE AV Home Premium version of that software installed and having removed several trojans already the fake SE still continued to indicate they were present risks. The obvious d... Read more

Answer:New Variant of "FAKE" Security Essentials to be aware of!

Hi there
If you are unfortunate enough to get this -- just RESTORE from a decent Virus Free backup.

Would you REALLY trust an Infected computer that had been used to clean itself.
We ALL know that NO A/V software can ever be 100% cast iron solid -- so why should you believe that the "cleansing" is 100% OK either.

In any case if the Virus is discovered AFTER the fact the you really don't know what has been happening between Infection and Discovery time. A/V software IMO is only of any use if it operates in REAL time.

If you do "Batch scans" and discover something then only a clean restore or OS re-install IMO is sufficient.

Cheers
jimbo

15 more replies
Relevance 93.07%

Session "Microsoft Security Essentials OOBE" stopped due to the following error: 0xC000000D    using win 7 64bit over and over BSOD
My event viewer has been coughing the error line above. It has lead to the feeling of a Carotid Artery leak of memory where my whole
system slowly stops working till BSOD. Windows Explorer just stops working then Death.
I HAVE HAD THIS HAPPEN MORE AND MORE, AND IT APPEARS TO BE A PROGRAM PROBLEM, ANYBODY ELSE HAVE THIS.
IT HAS COST ME 2 DAYS WORK NOW.
MIKE

Answer:Session "Microsoft Security Essentials OOBE" stopped due to the following error: 0xC000000D using win 7 64bit over and over BSOD

Hi,
 
When does the issue begin to occur?

 
Since Windows system uses separated user mode and kernel mode memory space, stop errors are usually caused by kernel portion components, such as a hardware device,
third-party drivers, backup software or anti-virus services (buggy services).
 
Please refer to the following steps to troubleshoot the issue.
 
1. Boot the computer in
Clean Boot for a test.
 
2. Temporarily disable all unnecessary hardware devices in Device Manager, such as Modem, sound card or external device.
 
For detail steps, we can refer to the link below:
 
Device Clean Boot
 
3. Upgrade the virus definition, run antivirus program and perform a full scanning.
 
If the issue persists, please upload the minidump file (%systemroot%\minidump) to SkyDrive (
www.skydrive.live.com ), then share the link to me. I will be glad to assist you to analysis the data.
 
Thanks,
Novak

47 more replies
Relevance 92.66%

my computer has been infected by the malware security essentials 2010. It has infected my computer with rogue;w32/xp,virus.win32,nuker.win l6.bi...,riskware win32,trojan(dropper,download,clicker,spy,and W32), fraud tool.win3,exploit.html.a,worm:w32/del...,adware:w32/G and email worm B.A... Some one please help with a solution. this malware wont allow me to install any other anti-virus,so i dont know how to get rid of it....THANKS

Answer:removal request for security essentials 2010

Remove Security Essentials 2010 (Uninstall Guide)http://www.bleepingcomputer.com/virus-remo...essentials-2010

2 more replies
Relevance 92.25%

Repeated popups

The page that comes up says:
Security Warning! Windows Virus Warning!
instanthelpmessage.com

It says it found 32 viruses...

It calls itself "Microsoft Security Essentials"

My computer is a 64 bit Windows 7 operating system..\
This is my first time using your site and Im new at virus removal. Thank you for all your help and this amazing forum.
 

Answer:Infected with "Microsoft Security Essentials" ???

Welcome to the Malware Removal forum.

Please read ALL of this message including the notes before doing anything.

Please follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide

and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual update Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using a differen... Read more

15 more replies
Relevance 92.25%

So,as we all noticed couple a days ago,new version of MSE is offered to upgrade through Windows Update.
Since,I am a satisfied user of MSE,I decided to upgrade,but...there has to be at least one BUT
My system successfuly downloaded an upgrade,but somewhere near the end of the instalation,it raises a flag"There was a problem during an apgrade..."
OK,let's try again.Same thing.Tried couple more times,but same result.Then decided to completely uninstall MSE from my system,download new version through download center and start an installation again.
Validation check-passess,instalation starts,but again,after sometimes,instalation suddenly stops,acting like it is still installing,but there is no CPU usage for more then a 30 minutes.
Anybody else faces similar problem,or even better,anybody else faced similar problem and solved it?
Thanks in advance,
Cheers?

Answer:"New" Microsoft Security Essentials 1.1.193-problem

Well this threads going to get moved but anyway, yeah i had this issue no matter it failed tried 5 times..some how mine uninstalled itself and i just got the new version again and installed it..

so uninstall it and re-download it..

EDIT: Problem Solved all in the same day the upgrade became available.

5 more replies
Relevance 90.61%

I have attempted to remove the b.s. program using Malwarebytes guide without luck. I cannot run any internet windows with the virus in place and cannot update Malwarebytes without getting a 732 error. You guys have helped me before and you kick a$$. I appreciate any help you can give! Thanks

Answer:HELP! Cannot Remove Security Essentials 2010 using Malwarebytes Removal Guide

I'm sure I've probably posted this in the wrong place.Sorry

10 more replies
Relevance 89.79%

I have an Asus CM1630 desktop running windows 7, 64 bit. SD card reader works, after adding drive letter, but there is no hardware removal or insertion tone and the is no icon to safely remove the SD card. The SD card works fine when placed in an USB adapter and plugged into the USB port - there is both the tone and the safe to remove... icon present.

For a while I could not get the Drive it(SD card reader) was in to show up. So I labeled it as Drive G: which was the original labeling and it shows up as a removable storage device. Any solutions out there?

Answer:SD card reader works but no "removal of hardware" sound or icon

If you were to use the safely remove hardware function on the card reader, it would uninstall the reader itself.

Right click on the Card drive letter in Explorer (My Computer) and select eject.

1 more replies
Relevance 88.97%

I'm getting a lot of "Check Disk for Errors" and "this hard drive needs to be formatted before it can be used" error messages when plugging my external usb hard drives into my home pc which uses windows 7. I don't get any of these messages when I plug the same hard drives in at any of a number of pcs at work which use windows xp. Any ideas on why this is happening only with windows 7? I'm also getting a lot of disconnects and reconnects on these devices but again only on windows 7.

Thanks in advance for any advice you can give...

DR

Answer:"Check Disk for Errors" & "hard drive needs to be formatted" errors

Welcome

I would do the ck disk. If you still get the notices, I would be concerned about HD failure. Take the HD diagnosis.
http://www.carrona.org/hddiag.html

1 more replies
Relevance 88.15%

I finished my computer a long time ago, but I'm bringing this up now because after I finished, my DVD-CD Drive and HDD are on the Safely Remove Hardware List, but I didn't care. But now it's getting annoying. Sometime I try to Safely Remove my Flash Drive without corrupting it, but accidently hit my HDD and crash my computer...Anyway to fix?

Answer:Safely Remove Hardware "Removal"

I have a similar problem. My DVD burners are showing up in the "Safely Remove Hardware" icon, even when they have no disc in them. I am using a desktop with standard internal SATA DVDRW drives. They are not removable. What is the point? If I accidentally select a DVD drive in that SRH icon, its drive letter is removed and I have no access to the drive until I reboot.

I have tried suggestions I have come across in searching for a way to fix this, like the well-known work-around of disabling write caching, but there is no way to do that to a DVD drive. Clicking Properties on the drives gives no options for caching in any way. How can I remove devices from the "Safely Remove Hardware" list that have no business being there in the first place? Is there a Registry hack or something? Thanks.

1 more replies
Relevance 88.15%

Yeah, I got infected with it too. Except I tried doing most of it myself and I think I kinda screwed up doing so. I ran AVG and Malwarebytes and erased it, but now things are getting even more frustrating as I can't open programs without running it as an administrator. I can't even run the task manager without some dumb error message popping up saying that the "application cannot be found." Almost all of the simple programs like iTunes or Firefox tell me that the extension .exe doesn't know what program to use to run it. Halp?

Uh, here's an HJT log.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 12:36:18 AM, on 3/16/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\AVG\AVG8\avgam.exe
C:\Program Files (x86)\AVG\AVG8\avgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHel... Read more

More replies
Relevance 87.74%

yep it caught me....somehow. On top of that its disabled my antivirus and its somehow not letting "gmer.exe" to run so i can get the "ark.txt"

So heres what i have sorry i couldnt run gmer. if theres any alternative i can use please let me know thank you:

~~~~
DDS:
~~~~


DDS (Ver_09-07-30.01) - NTFSx86
Run by Ben at 19:21:23.90 on Tue 09/08/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.447.150 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Avant Browser\avant.exe
C:\Documents and Settings\Ben\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local ... Read more

Answer:Help with removal of "Antivirus 2010".

Hi,

Please try running GMER in safe mode, or rename it to REMG.com and see if it will run.

Please run the following programs as well
Please save Win32kDiag to your desktop.
Double-click on it to run a scan.
When it's finished, there will be a log called Win32kDiag.txt on your desktop.
Please open it with notepad and post the contents here.

NEXT
Download RootRepeal from the following location and save it to your desktop.Zip Mirrors (Recommended) Primary Mirror
Secondary Mirror
Secondary Mirror


Rar Mirrors - Only if you know what a RAR is and can extract it. Primary Mirror
Secondary Mirror
Secondary Mirror

Extract RootRepeal.exe from the archive.
Open on your desktop.
Click the tab.
Click the button.
Check all seven boxes:
Push Ok
Check the box for your main system drive (Usually C:), and press Ok.
Allow RootRepeal to run a scan of your system. This may take some time.
Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

10 more replies
Relevance 87.33%

I need to download memtest 86 ISO file so I googled "memtest 86", this site came up first in line. So I clicked on it, and immediately a screen showing a scanning is in process done by "XP smart security 2010 unregistered version". its tray icon looks like the "security center" logo. And apparently my firewall has been turned off and I can't turn it back on the usual way unless I "purchase the full version". The purchase website is NOT microsoft but some other 3rd party site. WTF? Now whenever I go to Control Panel>Security Center, this thing will come up and scan my HD, saying 12 infections found please register blah blah. Of course it always leads to a website to get you to buy the thing. ANyone knows what's going on? How do I get rid of this thing and turn back my Firewall?

I disconnect from the internet right afterwards and it didn't affect the scanning. HELP!
 

More replies
Relevance 86.51%

What is "Windows Security Alert"?

"Windows Security Alert" is a fake system security software that is considered as a Rogue. Rogues are malicious programs that hackers use to trick users by displaying false threats and problems that it claims to have detected. In reality, none of the issues are real and are only used to convince the user into buying their software and stealing their personal financial information
Am I infected?

This are some screenshots of this rogue.

[attachment=149]

[attachment=150]

Removal Instructions
(If you experience any problems completing these instructions, please start a new thread here)
1. Restart your computer. As soon as your computer turns on, tap F8 until you reach the Advanced Boot Options. Use the arrow keys and select Safe Mode with Networking .
2. Download and run RKill.

Download mirror 1 - Download mirror 2 - Download mirror 3
Save it to your Desktop.
Double click the RKill desktop icon.
It will quickly run and launch a log. If it does not launch a log, try another download link until it does.
(This tools will kill the rogue's process temporarily. As a result, act quickly and move on to the next step.)

3. Download Malwarebytes' Anti-Malware to your desktop.

Rename the file to firefox.exe BEFORE downloading
Double-click firefox.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
Update Malwarebytes' Anti-Malware
and Launch Malwarebytes&#... Read more

More replies
Relevance 86.1%

I have removed the Windows 10 "Libraries" from the navigation pane in Windows Explorer and other Microsoft programs (eg. Notepad), but despite an exhaustive internet search I have been unable to discover how to remove Libraries from navigation panes in the "Open" and "Save as" dialogs in Office 2010 programs. Can anyone point me in the right direction?

More replies
Relevance 86.1%

At least once a month over the past 8 months, the message "Preparing Security Options" appears on my screen. These three words of the message are displayed in large white letters on a Microsoft Blue background.

My question is whether anyone has experienced the same issue, particulalry on a recurring basis; and how did you overcome it without reimaging?

The symptoms I experience during each occurrence include all or some of the following: My system freezes momentarily and my mouse and keyboard are non-responsive.
I find my AV client (Microsoft Security Essentials) and/ or my Windows Firewall disabled (both of which had previously been running). My AV found no viruses in real-time or during a full system scan.
Different system services that had been running cannot be restarted (i.e. SQL Server).
USB device drivers associated with my mobile devices cannot be installed/re-installed.
My Windows OS may not restart
Windows updates cannot be installed because essential Windows systems files become corrupted.
My system environment is:Windows 7 Ultimate 32 bit (build 7600)
Microsoft Security Essentials (AV)
HP Pavilion, 2 Ghz, 2GB RAM
Thanks in advance for your responses.

Answer:"Preparing Security Options" Errors

Hi, Spector. Welcome to Seven Forums.

To determine whether the issue that you are experiencing is caused by one or more system files that are used by Windows, run the System File Checker tool. The System File Checker tool scans system files and replaces incorrect versions of the system files by using the correct versions.

To run the System File Checker tool, follow these steps:
Click Start, and then type cmd in the Start Search box.
Right-click cmd in the Programs list, and then click Run as administrator.
If you are prompted for an administrator password or confirmation, type your password or click Continue
At the command prompt, type the following line, and then press ENTER:
sfc /scannow (note the space before the backslash)
If errors are found, run the tool again (up to 3 times) with a restart between each run.

9 more replies
Relevance 85.69%

Hi,

First, thank you for taking the time to look at this!!

My desktop was infected with System Security. I followed an online tutorial to remove the malware. All visual signs of the malware were removed. The computer runs very slow now. For some time it also had a google redirect issue. Currently Chrome does not work at all, it loads a blank page indefinitely unless the no sandbox command is inserted into the target within the icon.

Many antivirus programs, malware programs, and rootkit programs have been tried yet the computer remains at the point where it is barely usable. The last thing I want to do is reformat.

I have seen many users online that have had almost identical, if not identical, problems which seem to also stem from the same or similar infection but nothing has helped get the computer back to peek performance.

I recently ran a rootkit remover and it detected "redbook.sys" and removed it.

Windows XP
SP 2

The computer works perfectly when in "Safe Mode w/ Networking".

(let me know what other info you need as I am in this for the long haul with you, this forum may be my last hope)
 

More replies
Relevance 85.28%

Greetings,

I execute this:

Code:
C:\Users\Administrator\Downloads\ldif_files>ldifde -i -k -f test.ldf -v -j "C:\Users\Administrator\Downloads\ldif_files"
Connecting to "dc1.company.local"
Logging in as current user using SSPI
Importing directory from file "test.ldf"
Loading entries

There is a syntax error in the input file
Failed on line 6. The last token starts with 'C'.
The change-modify entry is missing the terminator '-'.
0 entries modified successfully.
An error has occurred in the program

C:\Users\Administrator\Downloads\ldif_files>
test.ldf is this:

Code:
dn: CN=PrinterAdmins,OU=GL,OU=Groups,OU=CMPNY,DC=company,DC=local
changetype: modify
add: member
objectClass: top
objectClass: group
member: CN=John Doe,OU=Track-It!,OU=Admins,OU=CMPNY,DC=company,DC=local
I have painstakingly troubleshooted this for a couple or few hours now without success. I have tried...

Adding a single link '-' at the end
Adding a line '-' followed by a blank line (two lines total) at the end
several other things; have spent lots of time Googling for solutions and trying everything without having success

The OUs, security group, and user exists. For the life of me, I can't figure it out. I have successfully imported an OU structure from 'oldcompany.com' domain, used Notepad++ to remove a particular space/enter character and also to replace 'dc=oldcompany,dc=com' with 'dc=company,dc=local', im... Read more

Answer:LDIFDE errors "last token starts with 'C'", "change-modify entry missing '-'"

What if you get rid of the two object class entries? And yes the official syntax should have the - and a space below the dash so it knows to stop.
 

2 more replies
Relevance 84.87%

hey guys....

im on my friends comp right now with a bit of a problem. aperently he had gone through the trials of the notorius av virus. he told me he successful deleteted it. however....
i went to go install avg and it told me that coliding program calld "av suite" would keep it from being istalled properly. it appears that the virus is now sitting dorment in his files. there is no methods of finding it through any sort of windows search, for it does not come up. the point is there is no harm being done however we would like it to be gone.

any suggs???

thanks

Answer:"Av security suite" virus removal

Go through Osirus virus guide -.-

Anyways, just something that may help, download and install Malwarebytes and run that.

1 more replies
Relevance 84.87%

Sirs -

Last week my computer got infected by the "Antivirus Security Pro" and basically i could not use the computer as i kept getting pop ups etc.

I eventually went to "malwarebytes.org" and downloaded their malware bytes antie malware (MalwareBytes - mbam-setup-1.75.0.1300). I ran this as instructed and i believe i removed most of the Antivirus software.

However, I noted that when i go to my programs (start>allprograms>) i still see that the "Antivirus Security Pro" still appears installed in on pc and i cannot delete it.

When i view its properties its location is "C:\Users\Mananas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro" but when i go to that location all i see is a shortcut.

I am not certain if my computer is clear of the ""Antivirus Security Pro" and if i managed to removes its threat and keep my computer safe.

Thank you for your assistance, its appreciated.

_____

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476
Run by Mananas at 11:22:27 on 2013-10-26
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3758.1532 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabl... Read more

Answer:Removal of "Antivirus Security Pro" virus

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please be patient with me during this time.

10 more replies
Relevance 84.46%

Ive been getting random popups and my homepage has been reset to http://www.securitynetpage.com/. I also had two programs installed onto my desktop, Online Security Guide" and "Security Troubleshooting". I also have a yellow triangle sign in the lower right hand portion of my screen that says something about a system alert: popups. Help would be greatly appreciated. Thank You.

Logfile of HijackThis v1.99.1
Scan saved at 4:15:12 AM, on 8/17/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ishost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\regscan.exe
C:\Program Files\Kodak\Kodak EasyShare Software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\System32\ismon.exe
C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\issearch.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\isnotify.exe
C:\Program... Read more

Answer:Random popups, "Online Security Guide" and "Security Troubleshooting"

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem a.s.a.p

In the meantime, make sure you subscribe to this thread so that you will receive an instant email when I have replied with a fix to your problem. You may do this by clicking the Thread Tools option at the top of your post and then clicking Subscribe to this thread. Then, make sure Instant Notification by email is selected and click Add Subscription

Please be patient with me during this time.

2 more replies
Relevance 84.46%

Hello,

I'd like to enable the slider that allows to quickly higher or lower security for the Internet zone in IE7. Unfortunately it seems that acting on the registry value? HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags or the same value under the HKCU hive does not achieve anything. Can anyone help? Is there some Local Security Policy to act upon maybe?

Thanks.

Bob

Answer:Enabling "security level" slider in IE7 security tab for the Internet zone

Well, if you can edit the registry, then I assume that you have admin rights on that box...

I don't know of anything in the LSP, but if this is a domain member machine, there might very well be a GPO that has removed this. Unfortunately my Win2K3 server VM is broken and am recreating it, so I can't look and see right this second. If you have AD admin rights, you might have a look at the IE Security options there...

Sorry I can't be of more help :(

5 more replies
Relevance 84.46%

Sorry if this is in the wrong section, by the way.

After an almighty virus rendered my laptop completely useless, with only a full system restore becoming the only available option (it was a wrap-around virus that latched onto a website advertising anti-virus software, and wouldn't let me do anything else), I bought a copy of Webroot's Internet security essentials 2010 to try and get rid of the virus.

After finally somehow tricking the virus and installing the software, I went onto the scan options page of the anti-virus software, only to find I couldn't select an anti-virus sweep - the text box was highlighted in red, and I couldn't tick the box.

Not that it mattered, because in the end, the virus was so powerful that a full system restore was the only way to get rid of it (bye-bye uni work, I'll forever curse the 'I'll back it up later' decisions I foolishly made).

Once it was all gone and the laptop was running again, I re-installed the software, but I still have the same problem - the anti-virus feature is turned off, and it won't let me turn it on.

Is this a problem anyone else has encountered? I thought that by registering the product, it would un-highlight the box, but it hasn't worked.

Can anyone help?

Thanks if you can.

Answer:Webroot internet security essentials 2010 - won't let me use the virus scanner?

Hi andy2k10, install Microsoft Security Essentials. http://www.microsoft.com/security_essentials/ See if that will find any remaing parts of the malware you had/have.

1 more replies
Relevance 84.05%

Hello

I have these 2 unwanted icons on my desktop, "Click to find & Fix errors" and " Sportsbook Football". I don't what type of programs they are but they downloaded themselves without my authorisation and I can't get rid of it.

I have run Ad-Aware, Spybot, The Cleaner (trial version), AVG anti spyware, Webroot (trial version),Windows Defender.

I think it was Webroot Spy Sweeper or The Cleaner that removed "Click to find & Fix errors" but it kept coming back.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:28:08 PM, on 5/22/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware ... Read more

Answer:Help remove "Click to find & fix errors" and "Sportsbook Football"

Hello
Can anyone help please?

Thanks

19 more replies
Relevance 84.05%

http://tinyurl.com/k3vyb

I tried copying a fresh version of the file to \Windows\System32. No dice. I tried renaming it all uppercase and then all lowercase. Nothing. I put a copy in the root directory. No effect. I tried everything I could think of, but nothing worked.

Then--doh!--I stopped thrashing and did what I should have done initially: I dug into the Microsoft Knowledge Base and learned about XP's built-in Rebuild command. It can often easily fix "Missing HAL" and similar problems in just a minute or two. If you know about this command and how to use it, you can potentially save yourself hours and hours of manually reinstalling or rebuilding a failed operating system.
 

More replies
Relevance 83.64%

Hello there:

I have recently been infected with the Security Tool virus/malware. I went through the instructions posted in THIS thread but I'm not 100% sure if I was able to remove the little bugger. Any help you could provide would be greatly appreciated. Thanks in advance.

Logs:
 

Answer:"Security Tool" Removal - Help

Welcome to Major Geeks!





tmoc1976 said:





I went through the instructions posted in THIS threadClick to expand...

That fix was not posted for you. What you need to run is the below:


READ & RUN ME FIRST. Malware Removal Guide
 

1 more replies
Relevance 83.64%

 Can anyone advice me how to remove a pop up on my screen which says "security Alert" As soon as i go into my email, this pop up would appear and it reads.SECURTY ALERT;The security certificate has expired or is not yet valid.I dint know if this is caused since i have just reinstall the windows xp program. Its annoying and would like to remove it from my screen. To remove it when it appears constantly  i need to enter YES ! Yes! Yes!.Any help appreciated.Thanks  Alli

Answer:help with removal of "SECURITY ALERT POP UP"

Hi Allie, your thread has been moved here because it is believed that you have a virus or malware on your computer causing your problem. Could I ask why you re-formatted? Were you having problems? To begin with you should go to this thread and follow the instructions to the letter.http://www.computerhope.com/forum/index.php/topic,46313.0.html

1 more replies
Relevance 82.82%

Hey guys.
Can you pleas explain me what does Hardware Acceleration means and why is that when it is turned on, it causes a green screen on the video (with audio working).
It happened to me once in YouTube, where I had to go in to settings and unpick the "Enable Hardware Acceleration", then it worked!
And 2nd time similar thing happened in Cyberlink PowerDirector 10, when I imported .mp4 and flv video files and it showed me green screen with audio. After unpicking "Enable Hardware Decoding " it was fixed.
My Sony VAIO has:
CPU - Intel Core i5 M430 2.27GHz
RAM - 4GB
GPU - AMD Radeon HD 6500M/5600/5700
Does this mean that I have a problem with my hardware, or maybe I need to set up something??? to ba able to use Hardware Acceleration. As I understand I should be able to use it!!??

Thank you
Have a nice day

Answer:Enabled "Hardware Acceleration" causes "green screen"

I don't know what the problem is but the only time I had this issue is when I installed a VM and get black screen on youtube so I had to enable that.

6 more replies
Relevance 82.82%

Hello all i need your help when i play world of warcraft and watch videos my computer will crash and go to a blue screen and say Bluescreen "hardware malfunction" "the system has halted" anyone kno what i can do?

 

Answer:Bluescreen "hardware malfunction" "the system has halted"

8 more replies
Relevance 82.82%

Ok where do I begin?! I have been dealing with viruses, spyware/malware for the past week. It all started with Norton advising me that I had been infected with Trojan. Vundo and Trojan.Zonebac. After that I started receiving many different pop ups warning me about critical system alerts. I also had an annoying yellow triangle at the bottom of my screen warning me about different trojans and worms. More evil friends included 2 new icons that had made their home on my desktop one named "Live Safety Center" and the other "Online Security Guide", also installed was a new toolbar named "Security Toolbar 7.1". I have scanned my computer with many different programs and have somehow finally managed to get rid of the pop ups and toolbar, although I know I'm probably still infected somewhere. I'm sorry this is so long but, I wanted to explain EVERYTHING! I'm running Windows XP SP2, and have followed all steps to post. I downloaded DSS, but after many attempts to run, it just wouldn't let me. I do have a fresh hijackthis log and my Panda report, I hope this is good enough.
Many thanks in advance to whomever helps me, I am desperate!
Monica

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:58:35 PM, on 11/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe... Read more

Answer:2 evil friends on desktop "Live Safety Center" and "Online Security Guide" Help?

Hi, thanks for trying to perform all the steps.


Quote:




I downloaded DSS, but after many attempts to run, it just wouldn't let me.




At what stage does DSS stop working?

7 more replies
Relevance 82.82%

From what I remember, I was just browsing my usual sights when firefox closed, and a fake antivirus popped up, which I promply ended it's process.
The immeadiate effect was that it hi-jacked my executables, requiring it needing to be started first, and saying that whatever I started was infected.
I quickly found it, as avast kept telling me that it was trying to run, and where it was, and I deleted it.

However, my computer was now looking for an application to run .exe files.
After doing various mucking around, that I unfortunaly remember beyond looking for suspious things in the registry, like folders labeled 'don't start' in folder "Control Panel", I fixed it by setting the association for .exe file back to being an application.

It also apparently ended up doing something to the built-in keyboard and touchpad, as they stopped responding when I restarted it, but fortunatly not the USB mouse I usually use. I ended up uninstalling the touchpad drivers and they started working immeadiately.

The only thing that wasn't working was the internet, I found out as I finally became able to use the keyboard to reactivate the wireless network... er, antenna(?)

...again, I can't remember all the failed attempts, usually googling up my problem and trying what I found, winsock, uninstalling the ICP/IP Driver, replacing a file with one from a computer that was capable of internet access...

Currently, I think what's stopping me is the dependenc(y/ies) services for ... Read more

Answer:Netbook can't access internet after removal of "XP antivirus 2011"

Please run the following:

Please download Farbar Service Scanner and run it on the computer with the issue.Make sure the following options are checked:Internet Services
Windows Firewallsfc
System Restore
Security Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

17 more replies
Relevance 82.82%

I get a popup about every 5 minutes with the title:
"From Internet Speed Monitor".
I would like to remove this very much.
I've scanned w/ AVG, and SpyHunter3 and removed the threats,
but it keeps popping up. There is nothing on control panel either.

here is my HJT log:
--------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04, on 2008-10-06
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\B... Read more

Answer:"From Internet Speed Monitor" spyware/ popup removal

Hi, Welcome to TSG!!
Please close/disable all anti-virus and anti-malware programs so they do not interfere with the running of SDFix and make sure you are disconnected from the Internet after downloading the program but before extracting the files.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with SDFix and remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Remember to re-enable the protection again afterwards before connecting to the Internet.
Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually
Instead of Windows loading as normal, the Advanced Options Menu should appear
Select the first option, to run Windows in Safe Mode, then press Enter
Choose your usual account.

Open the extracted SDFix folder and double click RunThis.bat to start the script.
Type Y to begin the cleanup process.
It will remove any Trojan Serv... Read more

1 more replies
Relevance 82.41%

Hello,

I am asking for some support to help me recover a stable PC.
I have multiple "reroutings" under internel/web sessions with malwares detected by Spybot & Search that constantly reappear after removals.
I suspected rootkits & MBR risks, I did run MBRcheck that detected Whistler / Black Internet virus/malware.

- Avast 5 don't see anything and Bitdefender online scan nothing as well.
- Spybot & Search detect, delete but everything reappear after PC restart
- Ad-Aware, I cannot install ("Microsoft Visual C++ Runtime 9.0 Servive Pack 1" missing but I don't succeed to find it for installation)
- I tried to use ComboFix but it bugs (PC locked after message "... can last 10 minutes or double" - needing to stop/restard PC with button)

FYinfo, I am based in France, but Google do not identfy 1 local site that talk about Whistler, so I try this way and hope to manage it in english.

Hope you will be of help for me,
Bernard
 

Answer:MBRcheck detected "Whistler Black Internet" & other malwares reappear after removal

14 more replies
Relevance 82.41%

Hello.

I am new here; I was googling around on a friend's computer to try to figure out why my desktop's internet is dead. In the process of doing so, I encountered this site, and believe it is a good place to seek aid.

Last week, I wound up opening a box of trojans by accident; one of many things which hit my computer were the Security Essentials 2010 malware.

I removed it successfully, had functional internet for a few days, but during thel ast of those days, while running one extra full-system scan via avast! just to be sure, it reported a "helpers32" file in my c:\windows\SysWOW64\ folder to be a virus.

Vindictively, and possible naively, I deleted it.

Upon reboot, my computer was no longer able to get online. via cmd -> ping google.com, I can successfully ping outside my box, but website / steam / skype / etc will not connect. HJT reports that this file is required to get online, despite multiple google searches leading me to believe it was in fact put there by a virus.

This line leads me to believe my previous statement:

"O10 - Broken Internet access because of LSP provider 'c:\windows\system32\helpers32.dll' missing"

Despite it saying that the file belongs in system32, the one I removed was removed from windows\SysWOW64. There may have been another one in system32 removed by my antivirus stuff, but I don't have a record of this.

My HJT log follows; Any help would be appreciated!!

Logfile of Trend Micro HijackThi... Read more

More replies
Relevance 82.41%

When I open an old (2003) Exel-file with VBA-code in it with Excel 2007, I get one of these two responses
and I do not know what causes Excel to make different choices
-----------------
1)
A Dialog Box: "Microsoft Excel Security Notce"
This one is very similar to the one in Excel 2003 and that is how I want Excel to behave.
The user has to “Enable Macros” to go on and work with the file.

2)
"Security Warning"
This one is new in 2007 and the user can continue to work with the file even if he does not see the security warning.
That means that VBA-code that I (the programmer) want to run when the file is opened, does not execute.
--------------------------

My problem is that I do not know what causes the two different behaviors and cannot force Excel to open files with the first Dialog box.
Can you?
 

Answer:Solved: Excel "Security Notice" vs "Security Warning"

I think most of the info will be in the dailog screen, i'sn't there's more text in the dialog box than the text you mentioned?

I think if you read through it it'll become clear.

It has all to do with the improved Security settings with 2007 and up

Found this in a simple search with Google:
http://peltiertech.com/WordPress/improved-macro-security-warning-in-excel-2010/
 

2 more replies
Relevance 82.41%

I have had two different instances of Internet Security 2010 over the past month and I have been able to remove that, but now I think I have a nasty rootkit that is affecting my windows installer package and Generic Host Process for Win32 services. Also when browsing the web my search results are redirected usign searchsite.com and other websurvey related sites.I ran the DDS scan and have posted the log, but the RootRepeal crashes and does not finish. Thank you for the help, if possible.DDS (Ver_09-12-01.01) - NTFSx86 Run by AK at 19:25:09.20 on Tue 01/26/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_10AV: PC Tools AntiVirus 5.0.0.22 *On-access scanning enabled* (Updated) {832E7172-E406-4bb2-8B19-6D29F2C93A98}AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}============== Running Processes ============================= Pseudo HJT Report ===============uStart Page = hxxp://google.com/uInternet Settings,ProxyServer = http=127.0.0.1:5555uInternet Settings,ProxyOverride = <local>BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dlluRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [seten] c:\windows\system32\mxy... Read more

Answer:Removed Internet Security 2010, now Google redirects, windows installer service errors, Generic Host Process errors

Hello, my name is fenzodahl512 and welcome to the forum.. Please do the following....Please download The Comedian.exe by Rorschach112 to your desktopPlease disable all of your antivirus/firewall before doing this step. Please visit HERE if you don't know how..Double click the program to run it. It will only take around several minutes to run.It will do a series of tasks and tell you when each one is finished.You will be prompted to press any key after each stepWhen it is done it will close and exit itself automatically.You can delete The_Comedian.exe once it is finishedSTOP HERE! if you can't complete this step.. Tell me more about it..NEXTPlease download OTL by OldTimer and save it to your desktop.Under the Custom Scans/Fixes box paste this inCODEnetsvcs%SYSTEMDRIVE%\*.exe/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.syseNetHook.dllahcix86.sysKR10N.sysnvstor32.sysahcix86s.sysnvrd32.syssymmpi.sys/md5stop%systemroot%\*. /mp /sCREATERESTOREPOINT%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfilesDon't change any setting... Just click on the Run Scan button.. Let it scan till finish..Then a log will pop-up at your Desktop. Post the content of the log hereNEXTWe need to scan for Rootkits with GMERPlease download GMER from one of the following locations, and save it to your deskt... Read more

19 more replies
Relevance 82%

Well, heres the story... I was online and it said something like windows explorer is trying to access the internet, so i thought it might be a key-logger, (dumb worry wart me ) and i clicked block all on nortons and i dont know how to get back to that page where i can unclick "block all" please help me i dont know and the only reason im on the internet now is because i have to press disable nortons and then get on.. PLEASE!!
 

Answer:I clicked "Block all" on Norton internet security for internet explorer

help me please!
 

1 more replies
Relevance 82%

Hello,

I'm running Windows XP SP 3. I have fake "Security Center Alert" popups and "Security Center" popups. A program called "Malware Defense" has also seemed to installed itself onto my computer. And I've just noticed porn icons appearing on my desktop. It's also disabled my Avira software.

GMER doesn't seem to run. I've clicked on it a couple of times but it doesn't seem to do anything. The DDS logs are attached/follows.

Thanks in advance!

DDS (Ver_09-12-01.01) - NTFSx86
Run by zili at 23:28:31.96 on Wed 01/06/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.1022.493 [GMT 11:00]

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WI... Read more

Answer:"Security Center Alert" popups, "Malware Defense" self install

Let's try this version of gmer.


Download GMER Rootkit Scanner from here to your desktop. Double click the exe file.
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO, then use the following settings for a more complete scan.



Click the image to enlarge it


In the right panel, you will see several boxes that have been checked. Ensure the following are unchecked Sections
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop, and attach it in reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

4 more replies
Relevance 82%

I'm having the same problem that a lot of people are having. These icons have showed up on my desktop and i keep getting pop ups telling me to download them because i have a virus. i would really applicate the help.
thanks!
John

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
91: 2007-11-17 16:39:03 UTC - RP554 - Deckard's System Scanner Restore Point
90: 2007-11-17 15:47:18 UTC - RP553 - System Checkpoint
89: 2007-11-16 15:05:33 UTC - RP552 - System Checkpoint
88: 2007-11-15 01:17:54 UTC - RP551 - Software Distribution Service 3.0
87: 2007-11-13 22:39:57 UTC - RP550 - Removed Banctec Service Agreement


-- First Restore Point --
1: 2007-11-12 23:17:11 UTC - RP464 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 81% (more than 75%).
Total Physical Memory: 510 MiB (512 MiB recommended).
System Drive C: has 2.78 GiB (less than 15%) free.


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-11-17 11:42:27
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\... Read more

Answer:"online security guide" and "live safety center" deckard log here

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Please download VundoFix.exe to your desktop. We'll use this later.

Download SDFix and save it to your Desktop.

Please download & install - ERUNT (This is a utility that'll replicate a copy of your Registry)
Start ERUNT, confirm the Welcome message.

Next, select the backup options:

System registry
Current User Registry
Other open user registry

Click "OK" and wait until the backup process is complete. (Note that depending on your system configuration this may take some time, and that the first bar is NOT a progress bar, just an indicator that the program is still running.)
# Note: To ensure proper operation of ERUNT, you should be logged in a... Read more

13 more replies
Relevance 82%

I don't have a clue where to begin trying to fix this problem. Spybot doesn't seem to fix the problem. I keep getting random icons on my desktop and start menu called "online security guide" and "live saftey center". There are also many fake balloon warnings appearing and a window titled "Critical System Warning!" that wants me to download stuff. What process can I go through to clean my system. Any help would be great...thank you!

Answer:i need help - "online security guide" & "live safety center" icons!!

Please follow MicroBell's 5 Step process outlined here:

http://www.techsupportforum.com/secu...tml#post342651

After running through all the steps, please post the requested logs.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Relevance 82%

Ran everything a few times. Still comes back.
 

Answer:"Online Security guide", "Live Safety Center" malware

a few more logs
 

16 more replies
Relevance 81.59%

Hi.. My scanner showed that my system was infected with these 2 virus' and I need help removing them as I have read that they are very bad. Any help is greatly appreciated. I have attached and pasted what I believe is required. Thank you in advance!

Hijackthis.log
------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:18:35, on 6/23/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Luth Research\SavvyConnectFramework\bin\dtservice\JavaInvoke.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Program Files\Common Files\Hewlett-Packard\WJA Update Service\HPWJAUpdateService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Program Files\Common F... Read more

Answer:"Win32:Alureon-er" and "badcab-k" removal help needed!

3 more replies
Relevance 81.59%

Could anyone explain the differences to me.
Also, does anyone know a good piece of virus toolkit that can actually remove them as well as prevent them?

T.I.A.
 

Answer:Difference between a "virus removal tool" and a "patch"?

A virus removal tool removes the virus from your computer meaning that the file is already on your system and running, so it stops it from running and removes the file. A patch however is used to prevent bad things from being installed, usually released when big worms hit, like SoBig, MSBlast, CodeRED...etc...So patches are to prevent and removal tools are to remove files already installed.
 

2 more replies
Relevance 81.59%

I can connect to my router/modem wirelessly and via ethernet cable, i can connect a go into my router change setting from my router but it wont load any websites, and my msn won't log mi in. its NOT the router/modem. other computers including this one can connect without any problems. And my computer that cant connect also cant go online connected to other wireless connections.

any ideas how i can fix this?
 

Answer:I have no internet after malware removal with "StopZilla!"

Maybe this can Help, http://www.ezlan.net/clean.html#refreshnet
 

1 more replies
Relevance 81.18%

I don't have a clue where to begin trying to fix this problem. I keep getting random icons on my desktop called "online security guide" and "live safety center". There are also many fake balloon warnings appearing and a window titled "Critical System Warning!" that wants me to download stuff. What process can I go through to clean my system. I didn't have this problem until I upgraded to Norton 2008. I am currently running IP tool antivirus and spyware, I also have ran Smitfraudfix, still getting pop ups like crazy. Also my IP tools is finding Trojan.Virtumonde. I use Quicken and it seems to have attacked it because I am no longer able to use it. Any help would be great...thank you!

Answer:"online security guide" and "live safety center"

Hi and welcome to TSF.

Apologies for any delay in replying, but we have been rather busy lately, and, of course, all our helpers are volunteers.

Since it has been a few days since you first posted, please follow these instructions if you still need assistance.

Download Deckard's System Scanner (DSS) to your Desktop . Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - minimised > extra.txt and maximised > main.txt.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt back in this thread (do not attach it).
Please attach extra.txt to your post.


To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.

I will monitor this thread for your reply.

Thank you for your patience.

1 more replies
Relevance 81.18%

I'm on a friend's computer who felt it best (God knows why) to upgrade to XP. Not a week later, she gets this "antivirXP08" trojan that showed up hours ago. To get rid of it, she ended up downloading another fake anti-spyware finder called "Spyware Terminator" to get rid of it, which is a derivative of something called the "Crawler Toolbar." So now her security's been compromised and she's up to her ears in viruses, according to Spybot's TeaTimer.

She's run XP's anti-virus a number of times but, foreseeably, this didn't help the problem.

Before I used the anti-malware programs as suggested by the READ ME, I uninstalled any stray trojan or spyware detectors as well as Spybot so as to make sure I didn't leave the TeaTimer on. Thankfully, the original "antivirXP08" trojan that was showing up in my Control Panel is now gone, but for the life of me, I'm unable to remove this "Windows Security Center," which is obviously a fake anti-trojan/spyware program. "WSC" is also accompanied by a blue backdrop that says, "Warning! Spyware Detected on your computer."

The shear tenacity of the trojan was able to keep me from running ComboFix even after I renamed it. What it did exactly is manifest a prompt labeled as a disclaimer for the ComboFix software. I changed ComboFix executable's name to something more esoteric and it seemed to work, but I had to get rid of th... Read more

Answer:"AntivirXP08" Trojan and "Windows Security Alerts" Process

Rest of the logs.
 

4 more replies
Relevance 81.18%

I've run SuperAntiSpyware, Ad-Aware, SpyBot and Norton which removed some trojan files and registry items but I'm still getting pop-ups ("Security System Warning" and "System Integrity Scan Wizard"). Below is my HiJackThis log. Thanks in advance!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:00:21 PM, on 4/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\cryptainersrv.exe
C:\WIND... Read more

Answer:"Sys Integrity Scan Wizard" & "Security System Warning" Pop-ups

Hi Welcome to TSG!!
Please visit this webpage for instructions for downloading and running ComboFix.

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.
 

1 more replies
Relevance 81.18%

My ASUS computer (Windows 7, 64 bit) was infected by "AV Security 2012". It seems that it is bundled with "ZeroAccess Rootkit" because it won't allow any program to run, claiming that they are infected. Besides poping up alerts and windows, it also disabled "System Restore" function and won't allow me to boot into Safe Mode. It does not allow me to delete AV Security 2012v121.exe either.

I read a bunch of articles online about how to remove it, but apparently, the people who developed this virus are reading them too! This version of virus has rendered these instruction useless. This is way beyond me now. I need help from a few Einsteins to kick this virus's butt.

Below is the HijackThis log. It won't let me run DDS, downloaded from the first link, probably killed by the "ZeroAccess Rootkit".

The complete HijackThis log:

===
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:25:14 PM, on 11/10/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Shawn\AppData\Roaming\hAA11uvvS\AV Security 2012v121.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Virtual Account Numbers\CitiVAN.exe
... Read more

Answer:Infected with "AV Security 2012" bundled with "ZeroAcess rootkit"

Oh, one more thing, after the infection, the computer told me that I need to restart the computer to install Windows updates and stupidly I did.
 

1 more replies
Relevance 81.18%

Hello y'all,
I'm using Windows 10 on my Asus Notebook, and I'm having difficulty connecting to a specific wifi network.
The error began appearing a couple days ago. Originally I ignored it and just connected to another available wifi, but seeing that the current one is substantially slower than the one I used to use, I wish to resolve the issue.
The wifi network I wish to connect to uses a login/password but I've connected to it many times before. However, now, when I click to connect, a message pops up, asking me to sign into "Windows Security". What account am I supposed to use to sign in?
I've tried my microsoft account, but it still didn't allow me to connect.

More replies
Relevance 81.18%

My son uses his computer on the net a lot and of course there is a virus out there waiting to serve its twisted master.

He got the wellknown "Live Safety Center" and "Online Security Guide" and it keeps comming back and hijacks his internet browser to redirect to the same page that promises peace and wellbeing for money ... of course.

Here is the DDS log:
"
Deckard's System Scanner v20071014.68
Run by Emil on 2007-11-10 20:43:53
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- HijackThis (run as Emil.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:44:39, on 10-11-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\F?lles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\agsdyely.exe
C:\Programmer\F?lles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Progra... Read more

Answer:Need to get rid of "Live Safety Center" and "Online Security Guide"

I did follow MicroBell's 5 Step process and the Panda scan said that no virus could be found. However, my Avast anti-virus warned me 5-6 times about files while I was running the Panda virus scanning. One of them was named "win.exe" and was in C:\temp\ but has now been deleted. Every time Avast issued a virus alert I chose the option to delete the file in question.

19 more replies
Relevance 81.18%

In Windows XP, fully updated, I have several folders full of mp3's and want to see the bit rate and duration. I right click on a column heading and select "Bit rate". I then click on "More..." so I can get to "Duration", and I select that one too.

But all the figures in the "Duration" column appear to be in "hours" and "minutes", so I see "00:04" or "00:03", but what I want is "minutes" and "seconds".

Any thoughts as to how to change this?
 

Answer:Solved: Windows Explorer "Duration" Column - no "Seconds", just "Hours" and "Minutes"

16 more replies
Relevance 80.77%

I have searched on trying to remove the "To Do" and "Aurora" and "nail.exe" files but what I have tried has not worked. Here is my HJT log file. Any help would be greatly appreciated. I can't get any work done with all these pop ads!

Logfile of HijackThis v1.99.1
Scan saved at 11:37:47 PM, on 4/18/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\System32\GEARSec.exe
C:\WINDOWS\System32\egovjbm\hdjfdwpv.exe
C:\WINDOWS\System32\roknpkt\jaopfjaq.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tablet.exe
C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\ScanSoft\PaperPort\PPScheduler.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\PC... Read more

Answer:"To Do" and "Aurora" and "nail.exe" removal!

8 more replies
Relevance 80.36%

sometimes when I turn my computer on and connect to the internet this window appears and wont disappear
it doesn't matter if I click always block or always allow after a few seconds it reappears

Answer:Norton Internet Security- "ipconfg32.exe is attempting to connect to a DNS server"

post a hijack this log and disable everything in msconfig except your av and reboot then scan with hijack this and post

1 more replies
Relevance 80.36%

Hi everyone, I do not understand Malwarebyte detect himself



Kaspersky Application Advisor :

mwac.sys : http://whitelisting.kaspersky.com/advisor#search/95ef63a7827d4e3a229cbbcb42619e93
Malwarebytes Anti-Malware.sys : http://whitelisting.kaspersky.com/advisor#search/5c3669b71657f22e67a1d4bd49d2cbe7
 

Answer:Malwarebytes Internet Security detecting himself as "Unknown.Rootkit.Driver"

Got to love that.
 

16 more replies
Relevance 80.36%

My Comodo Internet Security Suite keeps saying "1 Browser Issues Detected"?, how do I fix this?, I am concern if its a malware or anything like this?
 

More replies
Relevance 80.36%

One of our Lotus 1-2-3 v9.5 users running Windows 98 is getting a "File is Corrupt" error when trying to save to our network server running Windows 2000 Server. However, after the user gets that message and clicks "Ok" to get out of that dialog box, she can use the "Save As..." file option and save the file to her local hard drive. From there, she can move it back to the server. Things work, but in a very tedious process. At times, the user will not get the error, and it will save directly to the network server. The rest of the user's department doesn't seem to be having similar problems.
We did think that it could be a network problem, however, the user never has problems getting disconnected from our Novell Groupwise email server, or when accessing Excel, Word, Access, other files etc. It seems like Lotus is the only program that the machine is having trouble with.
Could it be that either something causes 123 to close it's network connection, 123 running on Win98 does not for some reason like the connection to the Win2k server? Can anyone suggest some sort of network/NIC analyzer software (prefer GNUish/Freeish, as this is only 1 client, so large expensive software packages are out of the question) that we could possibly use to see what's going on with the connection from the user's Win98 machine, to the Win2k server while accessing a Lotus 1-2-3 file? As I said before, strange thing is everything else seems to work... Read more

Answer:Lotus 123 v9.5 giving "File Internet Security Corrupt" when trying to save

1. Copy the NSF file into a new local location that has Lotus Notes
2. Using the Command prompt go to Lotus Notes home. (i.e. c:\lotus\notes )
3. Run the following commands:
(Enter the user's Notes password if prompted)
3a. nfixup.exe <filename>.nsf
3b. ncompact.exe -c <filename>.nsf
4. Once the file has been fixed and compacted. Rename the original NSF in source (i.e. _backup or _corrupt) to distinguish the corrupt version from the fixed one.
5. Add the fixed NSF to source and process in Clearwell as needed.

6. Also there is one more methods to get back .nsf file via https://www.repairtoolbox.com/lotusnotesrepair.html Lotus Notes Repair Toolbox
 

1 more replies
Relevance 80.36%

Hi, TS Guys.

I'm back with a new problem. I'm getting these "memory could not be read" error messages when starting up, with "kxvo.exe" and "ll.exe" in the headers (2 separate message boxes, although the "ll.exe" one didn't pop up anymore after I scanned for spyware using SAS).

Here's the HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:20:37, on 03/17/08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Seagate\Sync\SeaSyncServices.exe
C:\Program F... Read more

Answer:Solved: Getting "kxvo.exe" and "ll.exe" errors when booting-up

15 more replies
Relevance 80.36%

This morning when I attempted to use my computer, any application (IE, OE, everything) I tried to start gave an error message (paraphrasing) “Insufficient resources exist to complete the requested task.” I thought a reboot was in order and when attempting that got “you do not have permission to shut down this computer” or something similar.

After unplugging and rebooting everything seems normal, but I’m going to run AV, anti-spyware and Windows Malicious Software Removal Tool.

Event log shows an error at the same time “the server was unable to allocate from the system nonpaged pool because the pool was empty”. Server? I’m not networked to a server….I’m sure it means something else, but what?

Recent software changes: Deleting MS Antispyware due to inability to upgrade to their new Beta 2 Defender (something do to with GDI, which I tried to fix by following info on the MS site), and downloading some critical updates from MS.

I’ve done searches on the errors and the answers don’t apply. I’ll probably revert my HD with an application called GoBack if the scans don’t find anything but thought you people might know what caused this.

Win2K is my OS.

I'll be checking for responses as I can't get response notices due to my ISP.

Thanks in advance,
Randall
 

Answer:"Insufficient resources" and "you don't have permission" errors

6 more replies
Relevance 80.36%

Hello

It's nearly a mouth I have a brand new PC, I've reinstalled windows many times but I still have both errors.

Win 7 Ultimate 64-bit
CPU : i3 2120
Board: P8Z68-V PRO
Ram: 2GB Kingston x 4 (KVR1333D3N9/2G)
Graphic: OnBoard (1637MB)
HDD: Maxtor 300GB (Windows Driver)/ WD Khaviar green 1TB

During playing high quality games, BSOD errors become more frequent.

Answer:BSOD "IRQL_NOT_EQUAL" & "Memory_Management" errors

Plz...answer me.

2 more replies
Relevance 80.36%

OS: Windows98SE

I have two problems currently striking me at once. First of all, I've got a friend who called me about a problem. The "Safe Errors" as I stated above. When he tries to run scandisk in Safe Mode, after about an hour and 3/4'ths the way, he receives an error

Fatal Exception OE occured at:
0028:C000788E in VXD VMM(01)+000688E

Defrag runs fine, though Scandisk doesn't. I've tried researching the error but I can't seem to find it.

Second error is the "Modem Terrors". I'm currently working on a computer who's modem for some reason doesn't work. I know it's worked before because I was the one who installed it first. However, now, DUN (Dial-up networking) won't recognize it. I've tried 3 different modems, 1 used 2 new, and none of them work. I've tried reinstalling Dial-up Adapter & DUN but that didn't help. I've also changed PCI slots but nothing seems to work. Whenever you try to create a new connection, the Install Modem dialog comes up as though no modem existed. Whenever you check out the "Modem dialog" in the control panel, the modem shows up as do the diagnostics pass. I've removed everything from startup and everything off the mobo but it doesn't help. The modem will also show up in Device Manager. I've also tried going into Safe Mode and removing ANY TRACE of any previous modem. Whether that be in Device Manger, Registry, a file, or within any files hiding on the HD.

TechQuest

Answer:"Safe Errors" AND "Modem Terrors"

hmm... for the first question...im not sure,..probably lost data or bad sectors. tell him to back up his data immediately and run 98 setup.

as for the second,..have you tried enabling it in the bios? please list system specs.

5 more replies
Relevance 80.36%

This window keeps coming up from Norton Internet Security 2005.

I don't use the Windows Messenger.

Can anyone tell me why and how to stop it. It's becoming very annoying. Thanks a lot.

.....Gord
 

Answer:Norton Internet Security "Rules" window keeps coming up

There should be a User Guide somewhere in the program folder, although it might be described as a 'Manual'. If it's not there for any reason, it should be on the program CD (assuming you didn't download it).

If you can't find the Manual, try this Symantec KB article;http://service1.symantec.com/SUPPOR...88256f6c0040d19f?OpenDocument&src=bar_sch_nam

I believe that Windows Messenger is an irritating 'service' that allows popups to appear on your computer;http://www.itc.virginia.edu/desktop/docs/messagepopup/. It is difficult to see why anyone would want to keep it but, if you don't choose to disable/remove it, then I imagine you will want the firewall to monitor what comes in or out and so will have to set 'rules' for it.
 

1 more replies
Relevance 80.36%

The Bitdefender system tray icon is grayed out. When hovering over it, it says "Please sign in to activate Bitdefender"

When I open Bitdefender window, it says my account still has 178 days left on it.

Can anyone help?
 

Answer:Bitdefender Internet Security 2016 "Please sign in to activate..."

ericfox125 said:





The Bitdefender system tray icon is grayed out. When hovering over it, it says "Please sign in to activate Bitdefender"

When I open Bitdefender window, it says my account still has 178 days left on it.

Can anyone help?Click to expand...

There are many reports about this in the Wilders. This is probably a bug of Bitdefender.
 

14 more replies
Relevance 80.36%

After installing Searchbot search and destroy, I saw in my log in Norton Internet Security the following entry:

""Firewall Configuration Updated: 61 rules"""

What does this mean, is this suspicious?
Is there a chance I could now why and which rules that were edited?
 

Answer:"Firewall Configuration Updated" Norton Internet Security

This means that Search and Destroy added 61 programs to your firewall. These programs may be set as being allowed to communicate, monitored communication or blocked.

Why did you install the program in the first place. You should only have one security program and firewall running at once.
 

3 more replies
Relevance 80.36%

here is my hijackthis log....please help!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:59:34 PM, on 23/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Travis\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehom... Read more

Answer:Internet redirects me to "microsoft security center" saying i have a virus.

Please download Malwarebytes Anti-Malware and save it to your desktop.
If you have problems with that link, you can also download it from Here or HereMake sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
If you encounter any problems while downloading the updates, manually download them from here
and just double-click on mbam-rules.exe to install.
On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.

If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen, click on t... Read more

4 more replies
Relevance 80.36%

For some reason I can't turn on the Intrusion Detection on my Norton Internet Security

When try to turn it on it says "Failed to Save Setting. Please verify that your Windows account is not restricted"

The only problem is that I'm the administrator and the only account on this laptop! I have no idea what to do. I've fooled around with the settings to see if I could find anything but I came up with nothing. At this point, I'm really worried that it's a virus or something like that but Norton and AdAware haven't picked up anything. I could post a HijackThis log if you think that'll help. Thanks in advance for any help you guys
 

Answer:I can't turn on "Intrusion Detection" on Norton Internet Security

bump.. I could really use some advice. I'm really paranoid about having a trojan
 

2 more replies