Computer Support Forum

Solved: viruses found on my pc using kaspersky free online scan

Question: Solved: viruses found on my pc using kaspersky free online scan

Good day experts!
I posted day or two ago with a friend's pc w/ infections(solved!)
Here's my own, scanned using kaspersky free online scan and it found viruses and infections.

before I do anything or delete anything, I'd ask your humble expert opinion.

I have 2 Maxtor 80gig hard drives
1st one contains c: and d:
2nd one is just for backup, f: and g:

KASPERSKY ON-LINE SCANNER REPORT
Friday, April 21, 2006 7:56:53 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 21/04/2006
Kaspersky Anti-Virus database records: 189289
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target Folders
C:\
D:\

Scan Statistics
Total number of scanned objects 69612
Number of viruses found 3
Number of infected objects 15
Number of suspicious objects 0
Duration of the scan process 00:43:53

Infected Object Name Virus Name Last Action
C:\SIERRA\Half-Life\hltv.exe Infected: not-a-virus:Server-Proxy.Win32.Hltv skipped

D:\System Volume Information\_restore{56277D9F-3FE9-46C2-9DFE-88639DAABCA1}\RP2\A0000122.exe/stream/data0006 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped

D:\System Volume Information\_restore{56277D9F-3FE9-46C2-9DFE-88639DAABCA1}\RP2\A0000122.exe/stream Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped

D:\System Volume Information\_restore{56277D9F-3FE9-46C2-9DFE-88639DAABCA1}\RP2\A0000122.exe NSIS: infected - 2 skipped

D:\System Volume Information\_restore{56277D9F-3FE9-46C2-9DFE-88639DAABCA1}\RP2\A0000123.exe/stream/data0006 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped

D:\System Volume Information\_restore{56277D9F-3FE9-46C2-9DFE-88639DAABCA1}\RP2\A0000123.exe/stream Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped

D:\System Volume Information\_restore{56277D9F-3FE9-46C2-9DFE-88639DAABCA1}\RP2\A0000123.exe NSIS: infected - 2 skipped

D:\Applications downloaded\ccleanersetupv128.exe/stream/data0006 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped

D:\Applications downloaded\ccleanersetupv128.exe/stream Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped

D:\Applications downloaded\ccleanersetupv128.exe NSIS: infected - 2 skipped

D:\Applications downloaded\Magicjellybean_keyfinder.zip/keyfinder.exe/data.rar/xpkey.exe Infected: not-a-virusSWTool.Win32.RAS.a skipped

D:\Applications downloaded\Magicjellybean_keyfinder.zip/keyfinder.exe/data.rar/officekey.exe Infected: not-a-virusSWTool.Win32.RAS.a skipped

D:\Applications downloaded\Magicjellybean_keyfinder.zip/keyfinder.exe/data.rar Infected: not-a-virusSWTool.Win32.RAS.a skipped

D:\Applications downloaded\Magicjellybean_keyfinder.zip/keyfinder.exe Infected: not-a-virusSWTool.Win32.RAS.a skipped

D:\Applications downloaded\Magicjellybean_keyfinder.zip ZIP: infected - 4 skipped

Scan process completed.
----------------------------
KASPERSKY ON-LINE SCANNER REPORT
Friday, April 21, 2006 8:23:29 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 21/04/2006
Kaspersky Anti-Virus database records: 189289
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target Folders
E:\
F:\
G:\
H:\

Scan Statistics
Total number of scanned objects 37315
Number of viruses found 1
Number of infected objects 3
Number of suspicious objects 0
Duration of the scan process 00:22:18

Infected Object Name Virus Name Last Action
F:\Backup\Applications downloaded\ccsetup126.exe/stream/data0006 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped

F:\Backup\Applications downloaded\ccsetup126.exe/stream Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped

F:\Backup\Applications downloaded\ccsetup126.exe NSIS: infected - 2 skipped

Scan process completed.

Relevance 100%
Preferred Solution: Solved: viruses found on my pc using kaspersky free online scan

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Solved: viruses found on my pc using kaspersky free online scan

13 more replies
Relevance 87%

Hi,

I've a Dell desktop running 98SE, IE6 with Ad-aware, Spyware Blaster, SpyBot, Avast! anti virus and others installed.
PC's been behaving strangely for the last week.
After scanning with above programmes found one or two bits of malware.
Used SpyBot to clear them.

However, scanned PC on Kaspersky earlier and it found two bugs.

c:\sysmeob.exe Infected: Virus.Win32.KME skipped

c:\systole.exe Infected: Virus.Win32.KME skipped

c:\sysnlll.exe Infected: Trojan-Downloader.Win32.Small.evy skipped
Hoping someone with a LOT more know-how can help me out!!

I've kept both log files for future use.

Many thanks, in advance.

Carol

Answer:Two Viruses Found Using Kaspersky's Online Scan

Try running this scan, as it can remove what it finds SuperAntiSpyware .Using the free home version,down load,install, uodate then run scan from Safe Modesee How to start Windows in Safe ModeLet us know if it works as there is still another option

7 more replies
Relevance 97.99%

Howdy,I recently scanned my computer with Kaspersky Free Online Scan. The scan log indicated that I have a Trojan that has infected my computer. Below are the two items infected by the same Trojan.C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\72BF65DB.tmp Infected: Trojan.Java.ClassLoader.ao skipped C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\72C20FD8.tmp Infected: Trojan.Java.ClassLoader.ao skipped I searched for information about this Trojan and got the following results. (In order to enlarge the screen shot below to make it legible ,I had to disable my pop up blocker)I removed Norton Security 2006 from my computer over a month ago. It looks as if these items are in quarantine somewhere in my computer.After the scan I re-started my computer in safe mode and ran a scans with SpyBot S&D, Ad-Aware SE, AVG Anti-Spyware 7.5 Free and SUPERAntiSpyware. The combined results were three tracking cookies.I then re-started in normal mode and ran a scan with Windows Live Care and Housecall, they came up clean.Are these items harmless ? I ask that because it seems to show they are quarantined. Regardless, I would like to do away with these items.Could someone please tell me how to locate these files (?) and how to delete them ?Thank You for your time.Dennis XP Home, SP-2, IE-7

Answer:Kaspersky Free Online Scan

Here is a link to Norton's removal tool. Whether it will allow you to remove the quarantined items or not, ????????http://service1.symantec.com/SUPPORT/tsgen...005033108162039

6 more replies
Relevance 97.99%

I ran the Kaspersky scan and it found 2 viruses. I had previously ran mcafee & it didn't catch these. Here is the report it created:

I'm not sure what my next steps should be, don 77 helped me before & we thought we got everything, but it looks like its either back or never went away!
Back on April 8th I updated Java and cleared the cache per his instructions.. I also created a restore point. I make sure all my software/hardware is updated. I also downloaded Hostman. I did have the smitfraud virus which precipitated all the above steps. I also regulary run Spybot Search/Destroy & Spyware Blaster. Neither found anything.

C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped

C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\log.edb Object is locked skipped

C:\Documents and Settings\All Users\Application Data\McAfee\MPF\data\tempIpRules.xdb Object is locked skipped

C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR7.tmp Object is locked skipped

C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is ... Read more

Answer:Ran Kaspersky Scan & It Found 2 Viruses Mcafee Didn't

You need to clear your Java cache again. Follow the instructions here.Get a second opinion on those files related to PeoplePC. Go to jotti's virusscan or virustotal.com. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.-- Post back with the results of the file analysis.PeoplePC is an Adware supported ISP program and it is not unusually for anti-virus programs to target some of its files as malware. If this is your primary ISP, then removing the file may affect the functionality of the program.

9 more replies
Relevance 96.76%

How to get rid of them?

My machine runs very slow at times. CPU use is up to 100% according to TASK MANAGER.

KASPERSKY ONLINE SCANNER 7 REPORT
Friday, September 12, 2008
Operating System: Microsoft Windows 2000 Professional Service Pack 4 (build 2195)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, September 12, 2008 15:58:41
Records in database: 1218378
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
A:\
C:\
D:\
E:\
Scan statistics
Files scanned 32350
Threat name 8
Infected objects 10
Suspicious objects 0
Duration of the scan 01:52:29

File name Threat name Threats count
C:\RECYCLER\S-1-5-21-796845957-1343024091-839522115-1000\Dc17\MSX.cpl Infected: not-a-virus:FraudTool.Win32.MSAntivirus.ac 1
C:\RECYCLER\S-1-5-21-796845957-1343024091-839522115-1000\Dc17\MSx.exe Infected: not-a-virus:FraudTool.Win32.MSAntivirus.ac 1
C:\RECYCLER\S-1-5-21-796845957-1343024091-839522115-1000\Dc18\a.exe Infected: Trojan-Downloader.Win32.Zlob.yie 1
C:\RECYCLER\S-1-5-21-796845957-1343024091-839522115-1000\Dc18\b.exe Infected: Trojan.Win32.Small.xve 1
C:\RECYCLER\S-1-5-21-796845957-1343024091-839522115-1000\Dc18\c.exe Infected: Trojan-Downloader.Win32.Zlob.yih 1
C:\RECYCLER\S-1-5-21-796845957-1343024091-839522115-1000\Dc18\d.exe Infe... Read more

Answer:Kaspersky Online Scan Found Infected Files

Hello and welcome,let;s run this MBAM scan...Please download Malwarebytes Anti-Malware and save it to your desktop.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen, click on the Show Results button to see a list o... Read more

7 more replies
Relevance 94.71%

Hi,

I'm running 98SE on a P3.

Recently I've been having problems; freezing, slow running, etc., all the usual symptons.

I use Norton Internet Security 2005 with regular downloaded updates.

I've scanned my PC using the current Norton AV, plus both Spybot and AdAware.
AdAware & Spybot found malware, which was quarantined.

However, my PC was still unstable so I tried an online Panda scan, again nothing.

It wasn't until I did an online Kaspersky scan that a virus was picked up.
Kaspersky found, "Trojan-Downloader.Win32.Small.dlw" in C:\ProgramFiles\NortonInternet\Security\NortonAntiVirus\Quarantine\38A809A9.exe.

Can someone out there help me get rid of this??

Many thanks in advance,

Carol

Answer:Trojan-downloader.win32.small.dlw Found By Kaspersky Online Scan!

Hello ceb83The Kaspersky scan flagged the Trojan-Downloader in the quarantined area of NAV as shown by the path location you gave. When a progam quarantines a file or moves it into a virus vault, it is safely held there under you take action to delete it. The reason for doing this is to prevent deletion of an essential file that may have been flagged as a "false positive". You could then restore the file. Doing this also allows you to view and investigate the files while keeping them from harming your computer. Thus, Quarantine is just an extra safety measure. You can launch NAV and delete that file so it will not be detected again.Another good anti-malware program you can use on Win 9x is SUPERAntiSypware free for Home Users which you can download here.Double-click SUPERAntiSypware.exe to install and use the default settings for installation.Run SUPERAntiSypware and update the definitions before scanning by selecting "Check for Udates".When done, select "Scan for Harmful Software".There are three scanning options available. Choose "Perform Complete Scan" and click "Next".When done, a Scan Summary will appear with potentially harmful items that were detected. Click "OK".Place a checkmark next to items you wish to remove/quarantine and Click "Next".A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the... Read more

1 more replies
Relevance 94.3%

hi i did a kaspersky online scan and it found the following

Infected Object Name Virus Name Last Action

D:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP17\A0007984.exe/data.rar/_WinRAR.exe Infected: Backdoor.Win32.DSSdoor.d skipped

D:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP17\A0007984.exe/data.rar Infected: Backdoor.Win32.DSSdoor.d skipped

D:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP17\A0007984.exe RarSFX: infected - 2 skipped

D:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP19\A0013551.exe/data.rar/_WinRAR.exe Infected: Backdoor.Win32.DSSdoor.d skipped

D:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP19\A0013551.exe/data.rar Infected: Backdoor.Win32.DSSdoor.d skipped

D:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP19\A0013551.exe RarSFX: infected - 2 skipped

D:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP28\A0026080.exe/data.rar/_WinRAR.exe Infected: Backdoor.Win32.DSSdoor.d skipped

D:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP28\A0026080.exe/data.rar Infected: Backdoor.Win32.DSSdoor.d skipped

D:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP28\A0026080.exe RarSFX: infected - 2 skipped

D:\System Volume Information\_restore{B1C538C0-CBA3-4434-A006-53A338B37653}\RP35\change.log ... Read more

Answer:kasperky online scan found viruses

7 more replies
Relevance 93.48%

but could not disinfect some of them. So I ran a HijackThis scan and posted the results below.

I couldn't find anything wrong with the HiJackThis Scan but was hoping someone on this forum, more educated than I, could find something.

Thanks ahead.

v/r

AF1

Logfile of HijackThis v1.97.7
Scan saved at 2:32:34 PM, on 5/10/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PGPsdkServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sophos SWEEP for NT\SWNETSUP.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\ggviewer67-80.exe
C:\Program Files\Hercules\Audio\Crystal Sound Cards\ForceUpdate.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Utils\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://baseball.fantasysports.yahoo.com/b1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Defa... Read more

Answer:Online scan found numerous trojans and viruses

7 more replies
Relevance 82.82%

Hi found a virus or and loads of junk with spybot Panda online scan and Spyware Terminator,,, Internet explorer comes up with error when i close it down,,,, Just gives error send or dont send the microsoft thing and computer seems slow too,,,, Please could you look at the scan log,,,, and thanks for your time........ Running XP Pro
Logfile of HijackThis v1.99.1
Scan saved at 22:42:45, on 22/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\all\Desktop\New Folder\HijackThis.exe

R0 - HKCU\Software... Read more

Answer:[SOLVED] Viruses found, Still not right, Hijack this scan

Information from the error report that gets sent to microsoft,,, Any idias Please

<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="iexplore.exe" FILTER="GRABMI_FILTER_PRIVACY">
<MATCHING_FILE NAME="custsat.dll" SIZE="33792" CHECKSUM="0xA30E1EC0" BIN_FILE_VERSION="9.0.3790.2428" BIN_PRODUCT_VERSION="9.0.3790.2428" PRODUCT_VERSION="9.0.3790.2428" FILE_DESCRIPTION="custsat" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft? Windows? Operating System" FILE_VERSION="9.0.3790.2428 (srv03_sp1_qfe.050422-1043)" ORIGINAL_FILENAME="custsat.dll" INTERNAL_NAME="custsat" LEGAL_COPYRIGHT="? Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xD494" LINKER_VERSION="0x50002" UPTO_BIN_FILE_VERSION="9.0.3790.2428" UPTO_BIN_PRODUCT_VERSION="9.0.3790.2428" LINK_DATE="11/08/2006 05:03:34" UPTO_LINK_DATE="11/08/2006 05:03:34" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="hmmapi.dll" SIZE="60416" CHECKSUM="0x66589FD9" BIN_FILE_VERSION="7.0.5730.11" BIN_PRODUCT_VERSION="7.0.5730... Read more

15 more replies
Relevance 80.77%

Kaspersky says it needs any AV programs to be turned off but I don't know how to turn AVG off--other than uninstalling/reinstalling it, which, of course, I would prefer not to do.
 

Answer:Solved: How to turn off AVG Free to allow an online scan

Open the Control Center, double click the Resident Shield
Uncheck Resident Shield active - then save changes
Don't forget to re-enable later!
 

3 more replies
Relevance 80.77%

Hi, I just finished a scan with AVG Free. It said it found 3
viruses of the Java Byte Verify type. I clicked details and where it showed completed test, it showed the virus amount. I highlighted it and clicked remove. Did i only remove the test results, and if so, when i do another sacn and they show up again, how do i get rid of them with AVG Free.
chuck.
 

Answer:Solved: AVG FREE Found viruses, need some help.

9 more replies
Relevance 77.9%

Good day experts,

Did a scan online with panda,it found:
Potentially unwanted tool:Application/Restart Not disinfected C:\WINDOWS\system32\Tools\Restart.exe

needed advice on what to do.
 

Answer:Solved: panda active online scan found potentially unwanted tool

8 more replies
Relevance 77.9%

Here is the report of the Kaspersky WebScanner:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, March 15, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, March 15, 2009 15:26:37
Records in database: 1908427
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\

Scan statistics:
Files scanned: 115940
Threat name: 5
Infected objects: 37
Suspicious objects: 1
Duration of the scan: 02:21:26
File name / Threat name / Threats count
C:\WINDOWS\Spumoviloxeg.dll/C:\WINDOWS\Spumoviloxeg.dll Infected: Trojan-Downloader.Win32.Agent.beta 32
C:\Documents and Settings\JanetT\Local Settings\Application Data\Identities\{4E3254D7-522A-412A-9296-3F4767B3A2CB}\Microsoft\Outlook Express\Sent Items.dbx Suspicious: Trojan-Spy.HTML.Fraud.gen 1
C:\Program Files\MUSICMATCH\Common\ComponentMgr\HoldingArea\WebSys2\WebSys.mmz Infected: not-a-virus:RiskTool.Win32.Deleter.f 1
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\WebSys\offline.mmz Infected: not-a-virus:RiskTool.Win32.Deleter.f 1
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP868\A0124862.exe Infected: Trojan-Downloader.Win32.FraudLoad.dum 1
C:\WINDOWS\S... Read more

Answer:I did Kaspersky Online Scan What Now?

Bump
 

1 more replies
Relevance 77.9%

Looking over some of the comments in this forum it appears running the free Kaspersky Online Scan may help me identify and hopefully eliminate some spyware/malware etc. problems that have infected my computer. I'm running Windows XP service pak two. Is there any potential problem that running this program will cause any damage to my computer files or crash my computer? Currently the malware etc is primarily annoying with its frequent popups, but all my programs seem to operate OK. Thanks for any help/comments/suggestions.
 

Answer:Online Kaspersky Scan

I can't guarantee anything (and no one else can either), but I've run a Kaspersky scan when I've had problem with malware. It will take a while to download and run and you will get a very long report. As long as you're just running a scan I don't see a problem. But . . . it's still up to you.

You might want to wait and see if anyone else has a differing opinion.
 

2 more replies
Relevance 77.08%

What does it mean when you do a Kaspersky online scan and it says you don't have any problems but it says some objects were locked and skipped. Here is an example:
Infected Object Name Virus Name Last Action
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

Thanks to whoever knows.
 

More replies
Relevance 77.08%

ran a trend online housecall today and found some new things i've never seen before, kept running scans until nothing was found (3 scans in total):
- TSPY_SMALL (Trojan.Win32.Small.ga)
- ADWARE_MEMWATCHER

then just to be sure, ran a kaspersky online scan. nothing found but..... hoping those who know can tell me if there's anything fishy with these files it couldn't open and skipped. here's the log and thanks in advance.

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
07-01-06 23:18
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 7/01/2007
Kaspersky Anti-Virus database records: 242178
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 63833
Number of viruses found: 0
Number of infected objects: 0 / 0
Number of suspicious objects: 0
Duration of the scan process: 00:46:41

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Se... Read more

Answer:Kaspersky Online Scan can't look at these files.

Hi,
Do you want to cover all options and include a HijackThis log as well? Just a thought ...

Richard
 

3 more replies
Relevance 76.67%

I'm using a PC running MS XP OS.

Kaspersky found several viruses but doesn't have an option for deleting them.

How do I get rid of these?

-bob

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, December 31, 2005 11:07:22
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 31/12/2005
Kaspersky Anti-Virus database records: 158209
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 80279
Number of viruses found: 5
Number of infected objects: 8
Number of suspicious objects: 0
Duration of the scan process: 4884 sec

Infected Object Name - Virus Name
C:\Documents and Settings\Bob Sacco\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-70dda3ff-6e5ccaa0.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Documents and Settings\Bob Sacco\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv470.jar-1dbf9af3-650ff2dc.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c
C:\Documents and Settings\Bob Sacco\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv470.jar-1dbf9af3-650ff2dc.zip/Counter.class Infec... Read more

Answer:Kaspersky found several viruses...now what??

Java Cache

# Click Start | Settings | Control Panel
# Click the Java Plugin Icon
# Click the Cache tab
# Click the Clear button and click OK to confirm
# Note: Please repeat this procedure for each "Java Plugin" button in your Control Panel

or

Control Panel > Java > General tab
Temporary Internet Files > Delete Files
Checkmark all 3 options and click OK

Empty the recycle bin
 

1 more replies
Relevance 76.26%

KASPERSKY ONLINE SCANNER 7.0: scan report
Monday, November 9, 2009
Operating system: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
 

Answer:virus probelm kaspersky online scan

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide
and attach the requested logs when you finish these instructions.
**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.

After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:

If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using a differe... Read more

1 more replies
Relevance 75.85%

Lately, I have noticed my computer is becoming a little slower than normal and also a little odd. Random freezes are one of the things that are occurring. Anyhow, I have decided to clean up my computer and I have done what I normally do in steps of security.I have updated both Windows and my programs. I have run a disk clean-up, defrag, and check. As well as CCleaner and ATF Cleaner. I used both AVG Anti-Virus and Kaspersky Web Scanner. I also used Ad Aware Free 2007, CWShredder, and Spybot S&D.I also scanned one of my external USB drives and found a virus on that and don't know how to remove it. All help is greatly appreciated. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:21:49 PM, on 3/23/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\PROGRA~1\Grisoft\AVG7\avga... Read more

Answer:Several Viruses Found By Kaspersky Web Scanner

I would like to request that this topic be closed.

2 more replies
Relevance 75.44%

(attached log)
Was surprised considering this isn't a bootable drive, but rather backup stuff (for music, pics, etc).
Apparently Kaspersky free AV cleaner is no longer available so can't use that to clean it up.
Any suggestions?
(yes i did the stickies, always do )
 

Answer:Kaspersky online found this

jak3y said:



(attached log)
Was surprised considering this isn't a bootable drive, but rather backup stuff (for music, pics, etc).
Apparently Kaspersky free AV cleaner is no longer available so can't use that to clean it up.
Any suggestions?
(yes i did the stickies, always do )Click to expand...

All those items are in a System Restore folder! System Restore should be disabled. If it is and the files still exist, boot into safe mode and delete the files manually.
 

13 more replies
Relevance 75.44%

Hey there,

I just ran Kaspersky Online Scan on one of my computer's, and it detected 3 infections on my computer. I ran a full scan on SpybotSD and MalwareBytes, and both came back completely clean. Only Kaspersky found something. Below is the scan result.

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Friday, April 24, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Friday, April 24, 2009 05:21:22
Records in database: 2074011
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\

Scan statistics:
Files scanned: 52711
Threat name: 2
Infected objects: 3
Suspicious objects: 0
Duration of the scan: 01:38:26
File name / Threat name / Threats count
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\23\d372ed7-4f231dab Infected: Exploit.Java.Gimsh.b 1
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-4941f397-3aa29660.zip Infected: Exploit.Java.Gimsh.b 1
C:\WINDOWS\system32\Міcro... Read more

Answer:Kaspersky Online Scan has detected 3 infections on my computer

Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.Please download DrWeb-CureIt and save it to your desktop. DO NOT perform a scan yet.Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Scan with Dr.Web CureIt as follows:Double-click on launch.exe to open the program and click Start. (There is no need to update if you just downloaded the most current versionRead the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.The Express scan will automatically begin.
(This is a short scan of files currently running in memory, boot sectors, and targeted folders).If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All. (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if... Read more

5 more replies
Relevance 75.44%

My browser (IE7) has gotten quite slow recently. I had a trojan (can't remember the name) pop up in my AVG Free scans twice in a row, and it said it was deleted. Nothing showed in my ZoneAlarm scans. (I have their security suite) I did an online scan with Panda (cookies only) and Kaspersky; K. showed a bunch of stuff but couldn't name them. Not sure if it's an issue or not, maybe just more cookies or whatever. Anyway, before I complain to my ISP yet again, I'd like to make sure everything is indeed clean. Here's a HJT logfile, followed by the Kaspersky data. Thank you very muchly in advance.

BTW I should mention that GameSpy did come up, but it's a part of my online game. (F.E.A.R.)


Logfile of HijackThis v1.99.1
Scan saved at 5:01:29 PM, on 05/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\Program File... Read more

Answer:Kaspersky online scan positive & HJT logfile posted.

Hello Woodenhead,

Kaspersky is only reporting an item already locked away in your System Restore. We can take care of that in a bit. I'd like you to run the following diagnostic tool and we'll see if anything turns up:

Download Combofix and save it to your desktop.

**Note: It is important that it is saved directly to your desktop**


-------------------------------------

Close any open browsers.

-------------------------------------

Double click on combofix.exe & follow the prompts.
When finished, it shall produce a log for you.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

Post the ComboFix.txt in your next reply.

9 more replies
Relevance 75.03%

Kaspersky detected 2 viruses with 4 infecions...I am affraid of malware and really do not know what to do now...please find below the HijackThis log:Logfile of HijackThis v1.99.1Scan saved at 1:10:00 AM, on 27/05/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16441)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\PROGRA~1\Grisoft\AVG7\avgemc.exeC:\Program Files\Ahead\InCD\InCD.exeC:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exeC:\Program Files\Java\jre1.5.0_11\bin\jusched.exeC:\WINDOWS\Mixer.exeC:\Program Files\D-Link\AirPlus G\AirGCFG.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeC:\WINDOWS\SOUNDMAN.EXEC:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exeC:\Program Files\Adobe�... Read more

Answer:2 Viruses Found And 4 Infections By Kaspersky But Not Cleaned

Hello super goku and welcome to the BC HijackThis forum. I don't see any signs of viruses or malware int he log. It is clean.

Post the log from Kapersky and I will have a look at it.

Cheers.

OT

3 more replies
Relevance 74.62%

not-a-virus:AdWare.Win32.SearchIt.t was found using Kaspersky online scanner.

Avast! hasn't found it, and I don't know what to do with it. So far I haven't noticed any ill effects, but I'd like to get rid of it. Here's my HJT log...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:47:25 PM, on 7/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Lavasof... Read more

More replies
Relevance 74.62%

Hey Guys,

Sorry to be bothering you all, but I've been having issues lately with some virus/malware. I've been reading the forums on similar cases and trying to remove some myself (probably doing it wrong), but they still seem to be appearing in my computer when I do my scans in different areas. Any advice would be appreciated.

HJT Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:14:53 AM, on 8/3/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Norton 360\Engine\3.8.0.41... Read more

Answer:Virus/Malware Removal Help - w/ HJT Log, Combofix Log & Kaspersky Online Scan

ComboFix Log

ComboFix 10-07-31.01 - Dave.xD 08/03/2010 9:05.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.3070.2027 [GMT -4:00]
Running from: c:\documents and settings\Dave.xD\Desktop\wCFix.exe
AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((( Files Created from 2010-07-03 to 2010-08-03 )))))))))))))))))))))))))))))))
.

2010-08-03 12:59 . 2010-08-03 13:03 -------- d-----w- C:\ComboFix
2010-07-25 21:18 . 2010-07-25 21:18 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys
2010-07-25 21:18 . 2010-07-25 21:24 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-07-25 21:18 . 2010-07-25 21:18 -------- d-----w- c:\program files\Symantec
2010-07-25 21:18 . 2010-07-25 21:18 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-07-25 21:18 . 2010-07-25 21:18 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-07-25 21:17 . 2010-07-26 15:04 -------- d-----w- c:\windows\system32\drivers\N360
2010-07-25 21:17 . 2010-07-25 21:17 -------- d-----w- c:\program files\Norton 360
2010-07-25 21:17 . 2010-07-25 21:17 -------- d-----w- c:\program files\Windows Sidebar
2010-07-25 21:12 . 2010-07-25 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\PCSettings
2010-07-22 03:57 . 2010-07-22 03:57 -------- d-----w- c:\documents and settings\Dave.xD\Local Settings\Application Data\fyupfjibl... Read more

2 more replies
Relevance 74.62%

I have Internet Explorer 7, and was recently trying the 5-Step Process that is required under the HiJack-This forum. I got to Step 2, and have been stuck there for a while, because whenever I try to click the "Scan" button on the Panda Activescan page, it does absolutely nothing; no windows come up, and no indication that it was even supposed to do anything. I tried this website out in Firefox, and Yep, it brings up a window like it should, but then tells me that the scan itself will only work in IE.

So then I try another scan recommended to me, Kaspersky Online Scanner, and I encounter the same problem. I click the button, but it does nothing; no window and no indication that it was supposed to to anything. Again, I try it in Firefox, and it does work, but informs me that the scan itself will only work in IE. So then I try to go into Internet Options for IE, and disable Pop-Up Blocker. It does not change or help anything. I turn off the Phishing Filter for this website; still nothing. I go into the Security and Privacy tabs under Internet Options and raise the notches on some of the bars relating to Cookies and Allowed levels; these do not help either.

I also tried holding down Ctrl or Shift while clicking the Scan button, because this used to do something I believe, but it does not help in this case.

I am wondering why no windows come up at all when I click this buttons; I'm trying to get through the 5-step process as fast as possible, but I'm g... Read more

Answer:Panda Active Scan and Kaspersky Online Scanner Not Working in IE

Hello

Just ignore that step and continue with the rest of the steps.

3 more replies
Relevance 74.62%

Well this post is for those kind of people who usually don't install any antivirus program and also for those who uses antivirus for security. You may have seen that sometime your antivirus could not detect a virus/malware etc. but the other antivirus do that.
So it seems difficult for you to uninstall your favorite antivirus program and install a new one, as two antivirus can not work simultaneously efficiently on a single machine, therefore you can opt for an another alternative that is to check your computer online for viruses. In this post i will tell you a lot of popular and free online virus scanner that you can use to get rid of viruses/spywares and malwares etc... Read and scan your computer

Answer:Scan your PC online for Viruses

I don't think that you will find any one here who does not scan their pc for viruses and very few here that have not taken notice of the warning from Corrine's Security Garden (what you're not subscribed yet!! Why NOT) But good post for others

3 more replies
Relevance 74.62%

I'm trying to scan my PC for viruses using pandasoftware.com. I go to click on the scan now button, and nothing happens. On the bottom left hand side of my internet explorer I get this message;
javascriptp (1,2,63) What does this mean, and does anyone know how to get around this problem?

Answer:Can't scan for viruses online

Easy.

Try Trendmicro's Housecall (http://housecall.trendmicro.com/). It is free, and it is very thorough.

6 more replies
Relevance 74.21%

After clicking a link to watch a video from a joke website I go to pretty often (the link looked fishy, but like an idiot I clicked on it anyway), I started getting pop-up advertisements out of no where, and prompts and download windows asking me to download virus protection. Ad-aware personal showed up clear. TrendMicro cleaned a few things off the other day, but nothing has really helped so far. I've tried locking ZoneAlarm whenever a prompt appears, but it does no good. Before I got infected, ZoneAlarm showed 0 blocked intrusions and 0 access attempts, and now it has jumped all the way up to 5,147 blocked intrusions (104 high rated) and 5,153 access attempts. The number jumps each time I look. Sometimes the taskbar will actually disappear after or during the pop-ups, and sometimes it will reappear and sometimes it won't, and I'll end up having to restart. This started happening with the pop-ups and prompts.I'm on a Dell Dimension 4550 running Windows XP Home SP1.Here is the HijackThis log:Logfile of HijackThis v1.99.1Scan saved at 8:21:31 PM, on 10/7/2006Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.... Read more

Answer:Winantivirus And Other Pop-ups. Kaspersky Found 8 Viruses And 18 Infected Objects.

Hi Speedbum and welcome to Bleeping Computer You got some infections there.Create a new folder named HijackThis to your desktop. Move HijackThis.exe into that folder. Then, please rename HijackThis.exe to Scanner.exeFinally post a fresh HijackThis (scanner.exe) log to here.

7 more replies
Relevance 73.8%

Last night/this morning, I did a scan with Kaspersky on-line which found "two viruses and 5 infected files." All files, apparently, were locked. They were not running.I did other scans:AVG AntiSpyware 7.5 CleanSpyBot: CleanAd-Aware SE Plus: CleanZoneAlarm Privacy Suite: CleanSuperAntiSpyware Free: CleanTrend Micro HouseCall: CleaneTrust Antivirus Web Scanner: Cleanhttp://safety.live.com/site/en-us/default.htm: CleanI attempted to do a Panda Scan, but the scanning page won't stay open. It flashes closed almost immediately.I have pasted in the Kaspersky log below. I replaced my name in the log with my BC user name, and I edited the portion with my computer ID, which I have highlighted in green. I have highlighted the infected files with blue. Otherwise, it is exactly as produced.Are these false positives, or for real? How do I get rid of them? Might there be other bits hiding elsewhere? I could, if necessary, uninstall the two infected programs and reinstall them - I have the serial numbers I received at purchase. One last note: When I did a Kaspersky On-line scan back in August or September, it didn't find anything and I had Cyberscrub Privacy Suite then, and I believe I had also installed Essential NetTools by that time which are the programs that have the infected files.Orange Blossom Sunday, October 15, 2006 1:41:59 AMOperating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)Kaspersky Online Scanner version: 5.0.83.0Kaspers... Read more

Answer:Kaspersky Online Found 5 Infected Files

Update:

I've gotten the Panda Online scan to work. My Ad-Watch settings were blocking it. Panda came out clean.

A2 anti-malware free updated yesterday came out clean: normal mode
---------------------
I've searched for Win32.agent, but cannot find it on my computer. I've searched in program files in the specific programs that Kaspersky has identified as infected, but nothing jumps out at me. Looking at properties of a couple of the files fingered by Kaspersky doesn't show recent modifications, so I'm clueless here. Should I upload the suspect files to JottiScan?

Google searching the two infection names suggests that these are real bad news. As a safety precaution, I haven't opened or run either of the two infected programs in the hope that if I don't the infection won't spread.

I don't think there is anything strange happening on my computer, so I think - perhaps - I got a partial infection, but I don't know. I'd really like to know how to get rid of the infection - if indeed there is one - and be sure it is gone.
--------
I started to run the F-Secure Online scan last night, but I fell asleep and so I will have to start that one over as my dial-up connection disconnected while I was asleep.
-----------
I have rebooted into safe mode, used ATF cleaner by Attribune to clear out all temp files etc. and started a scan with Spybot in safe mode before I left home this morning. That is where things are at the moment. I'm... Read more

14 more replies
Relevance 73.8%

Problems:
Microsoft Internet Explorer: cashing of data received via encrypted channels is enabled
Microsoft Internet Explorer: sending of error reports enabled
Microsoft Internet Explorer: some websites saved cookies on your computer
Microsoft Internet Explorer: some websites are added to the list of pop-up blocker exceptions
Microsoft Internet Explorer: some websites are added to the list of trusted websites
Windows Explorer: display of known file type extension is disabled
Microsoft Internet Explorer: home page reset
Autorun from hard drives is allowed
Autorun from network drives is enabled
CD/DVD autorun is enabled
Removable media autorun is enabled

At this point I don't know what other information I should add.

I need help in correcting these eleven problems.

More replies
Relevance 73.8%

I just ran a Kaspersky security scan and the problems found were:
Information about vulnerabilities associated with the settings of installed applications and the operating system.



"Service termination timeout is out of admissible values" "Autorun from hard drives is allowed" "Autorun from network drives is enabled" "CD/DVD autorun is enabled" "Removable media autorun is enabled" "Windows Explorer - show extensions of known file types" "Microsoft Internet Explorer - disable caching data received via protected channel" "Microsoft Internet Explorer: disable sending error reports" "Microsoft Internet Explorer: clear the list of trusted domains" "Microsoft Internet Explorer: enable cache autocleanup on browser closing" "Windows Explorer: display of known file types extensions is disabled" "Microsoft Internet Explorer: start page reset"

How can I fix these?

Answer:Kaspersky Security Scan Problems found.

Originally Posted by Jcwisgod


I just ran a Kaspersky security scan and the problems found were: Information about vulnerabilities associated with the settings of installed applications and the operating system.
"Service termination timeout is out of admissible values"



No Idea for this one.






Originally Posted by Jcwisgod


"Autorun from hard drives is allowed" "Autorun from network drives is enabled" "CD/DVD autorun is enabled" "Removable media autorun is enabled"



Control Panel / Display Icons
Click on Autoplay and uncheck it / disable it for all drives.







Originally Posted by Jcwisgod


"Windows Explorer - show extensions of known file types"



Still in control panel
Click on Folder Options/View
Uncheck hide known extensions file types (or something similar)






Originally Posted by Jcwisgod


"Microsoft Internet Explorer - disable caching data received via protected channel" "Microsoft Internet Explorer: disable sending error reports" "Microsoft Internet Explorer: clear the list of trusted domains" "Microsoft Internet Explorer: enable cache autocleanup on browser closing" "Microsoft... Read more

5 more replies
Relevance 73.39%

Hello! I ran RKILL, Malwarebytes, Super Antispyware, Adw Cleaner, F-Secure Online Scanner, and Microsoft Security Essentials -- all of which did not find anything. However, TDSS Kaspersky found a potential threat at c:\windows\systems 32\drivers\truesight.sys. In addition, when I run Kaspersky first, Rogue Killer also finds problems. However, if I run Rogue Killer first, it does not find anything. I always select delete and upon reboot the same problems reappear. I have attached the Rogue Killer affected log. The other log is over the maximum limit allowed. Thanks for any help I can get!
 

Answer:Truesight.sys Found in TDSS Kaspersky and Viruses in Rogue Killer

Update! I read in several articles that truesight.exe is a part of Rogue Killer, which makes sense. Some forums say that it is a virus, while others don't. Everytime I boot up the computer, the exe file does not show up until I click on Rogue Killer. When I exit from Rogue Killer, the exe file disappears so I think I should be OK with this issue (as I ran a scan with JRT and came up with nothing, as well).

As for ASWMBR.exe, I am not sure whether there are viruses as it shows four errors at the end of the log. Attached. Thanks!
 

4 more replies
Relevance 72.98%

First, Thank you so much for taking the time to help me! I really appreciate it! Below are the logs you requested - I tried to follow the instructions in th Preparation guide. The problems my computer is having is: Windows Installer won't work. Whenever I try installing or uninstalling anything that requires it, I get an error 1601 Windows is in safe mode or the service cannot be found. I tried setting the service to automatic, and reinstalling windows installer from the Microsoft site but it didn't work. Then I scanned with Kaspersky and it found something. Can it be related? Anyway here are the logs.

DDS (Ver_09-03-16.01) - NTFSx86
Run by Shelley List at 1:32:52.25 on Sun 04/19/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_11

============== Running Processes ===============
============== Pseudo HJT Report ===============

uStart Page = hxxp://www.aol.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol\aol toolbar 3.1\aoltb.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: AOL Toolbar Launcher: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol... Read more

Answer:Kaspersky online virus scanner found an infection

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

2 more replies
Relevance 72.98%

Kaspersky Security Scan for Windows provides a free and a easy way to find viruses and other threats that may be hidden on your PC: plus get advice on your PC's security status.
Go HERE to get it.
If you do not want to download and install it, you can use the Kaspersky Lab Free Online Virus Scannner.
Other free tools from Kaspersky: Kaspersky Virus Removal ToolKaspersky Rescue DiskKaspersky Safe Browser for Windows PhoneKaspersky Whitelist You might want to also check out our Kaspersky Internet Security Review.

More replies
Relevance 72.98%

HELLO,Location of Virus:D:\Documents and Settings\Sun\My Documents\Sun\Local Settings\Temporary Internet Files\Content.IE5\24R0HIFX\counter21[1].htmHere is my hijack this logLogfile of HijackThis v1.99.1Scan saved at 10:43:54 PM, on 3/12/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16414)Running processes:D:\WINDOWS\System32\smss.exeD:\WINDOWS\system32\winlogon.exeD:\WINDOWS\system32\services.exeD:\WINDOWS\system32\lsass.exeD:\WINDOWS\system32\svchost.exeD:\WINDOWS\System32\svchost.exeD:\WINDOWS\system32\brsvc01a.exeD:\WINDOWS\system32\brss01a.exeD:\WINDOWS\system32\spoolsv.exeD:\WINDOWS\Explorer.EXED:\Program Files\Trend Micro\Internet Security 2007\pccguide.exeD:\WINDOWS\system32\ctfmon.exeD:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exeD:\Program Files\MSN Messenger\msnmsgr.exeD:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exeD:\WINDOWS\system32\svchost.exeD:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exeD:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exeD:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exeD:\Program Files\MSN Messenger\usnsvc.exeD:\PROGRA~1\MOZILL... Read more

Answer:Kaspersky Scan Found Trojan-downloader.vbs.agent.p

Hello and welcome to BC.Sorry for the delay in response. If you're not being helped elsewhere and still need help, please post a fresh HijackThis log and I'll be happy to help you.

2 more replies
Relevance 72.57%

Just scanned w/ Kaspersky for the first time just for maintenance and it said it found 1 virus and 1 infected file. When I look at the report though, all I see are numerous skipped objects (mostly locked Symantec files) and one hp file that may or may not be marked as infected. The hp file is

hp\bin\killwind.exe

which is a legit HP utility that came w/ my HP computer. However, googling it turned up other folks who say McAffee sometimes falsely pegs this utility as a virus.

Could someone please look at my Kaspersky report and tell me if it looks like I actually have a virus that needs to be removed. Norton turns up nothing, and I'd prefer not to install the full Kaspersky program if I can avoid it, because I already own Norton and use Ad-Aware and Spyblaster too and that seems like enough.

I've attached the report.
 

Answer:confused by Kaspersky free online scanner results

There are no problems showing in your log. As you suspected the killwind.exe is just false indication. Many scanners detect this and a few other poorly named files from HP.
 

1 more replies
Relevance 71.75%

I have Avast version 4.7 Home Edition Free installed on my computer.

When I ran a scan today with Avast, it detected a virus and I deleted it. I then ran another scan and there were no viruses reported.

Then I went to Kaspersky's online virus scanner and ran it and it detected 2 viruses on my computer, but of course the only way to get rid of the one's detected is to purchase Kaspersky Anti Virus.

Questions are.
1. How did the virus that Avast detected get on the computer in the first place? I have the on access protection control running with all of the modules activated with the exception of Outlook (I do not have Outlook on my computer).

2. Why is Kaspersky detecting 2 viruses on my computer at the present time and Avast detects none?

Do I need to ditch Avast Free and pay for Kaspersky as a better Virus protector.

Thanks for any ideas and suggestions,

Jerry
 

Answer:Solved: Avast scan resuts vs Kaspersky scan results

6 more replies
Relevance 71.75%

Visit the Kaspersky Lab?s facebook page and get Award Winning Kaspersky Security Scan for FREE.

Please note we do not offer support for beta versions or previews of new operating systems ? for example, Windows 8.1 Preview. Only final, official releases of operating systems will be supported.
Expires April 30, 2014Click to expand...



https://www.facebook.com/Kaspersky/app_601466423275043
 

Answer:Award Winning Kaspersky Security Scan for FREE - facebook

Please be aware this is just a free scanner, it will not remove infections unless you buy.
Basically just a promotional ad to get you to buy. As far as I know they have always offered a free scanner with no removal ability.

http://www.kaspersky.com/security-scan

Thanks.
 

12 more replies
Relevance 70.93%

Hi,

I'm using PC-Cillin 2006 with my Windows XP PC. When I do a virus scan, PC-Cillin usually finds a few cookies and that's it. However, when I do a spyware scan using Ad-Aware, I get 10 messages from PC-Cillin saying it's found a virus.

Here are the incident and detection names of what it finds:

Incident name: C:\DOCUME~1\Joe\LOCALS~1\Temp\AAWTMP\C1274171\8B8F6\MsOfCrack.exe
Detection name: CRCK_OFFICE.A

Incident name: C:\DOCUME~1\Joe\LOCALS~1\Temp\AAWTMP\C1274171\32B752\CR-N5009.EXE
Detection name: CRCK_NERO.A

Incident name: C:\DOCUME~1\Joe\LOCALS~1\Temp\AAWTMP\C1274171\32B752\CR-N5009.EXE
Detection name: CRCK_NERO.A

Incident name: C:\DOCUME~1\Joe\LOCALS~1\Temp\AAWTMP\C1274171\2082C1\UHANFO.EXE
Detection name: SPYW_KEYLOGWN.A1

Incident name: C:\DOCUME~1\Joe\LOCALS~1\Temp\AAWTMP\C1274171\2082C1\UHANFO.EXE
Detection name: SPYW_KEYLOGWN.A1

Incident name: C:\DOCUME~1\Joe\LOCALS~1\Temp\AAWTMP\C1274171\12B5AE\complete_set_hacking_tools+manuals\hacking_tools\Haktek.exe
Detection name: TROJ_HAKTEK

Incident name: C:\DOCUME~1\Joe\LOCALS~1\Temp\AAWTMP\C1274171\28BD42\UHANFO.EXE
Detection name: SPYW_KEYLOGWN.A1

Incident name: C:\DOCUME~1\Joe\LOCALS~1\Temp\AAWTMP ... Read more

Answer:Viruses Only Found During Spyware Scan

You should try to scan only your Documents and Settings folder using PC-Cillin and see what you get.

2 more replies
Relevance 70.52%

Kasparsky found the following. How can I remove. hijack log included. Thank you

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, June 17, 2006 12:09:12 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 17/06/2006
Kaspersky Anti-Virus database records: 201100
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 71773
Number of viruses found: 5
Number of infected objects: 13
Number of suspicious objects: 0
Duration of the scan process: 02:22:39

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Owner\My Documents\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\Documents and Settings\Owner\My Documents\mirc616.exe mIRC: infected - 1 skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\44801BF6.htm Infected: Trojan-Downloader.HTML.Agent.aq skipped
C:\System Volume Information\_restore{593172EE-14D9-4262-8426-24BF2115D284}\RP134\A0006042.exe/stream/data0002 Infected: not-a-virus:RiskTool.Win32.... Read more

More replies
Relevance 70.11%
Question: free online v-scan

does anyone know where i can get a good online v-scan other than http://housecall.antivirus.com/housecall/start_pcc.asp.that one keeps locking up on me now.thanks for the help
 

Answer:free online v-scan

hI !! Prowler Check

 

3 more replies
Relevance 70.11%

hi there,
im running xp sp2, norton is 2005, avg free edition, ad-aware se and spybot (all up 2 date)
i found two programs in my add and remove list 'web offer' which i cant delete and 'windows serverad' which i deleted. i customised ad-aware and done the online virus check and found 'java openstr.a' which none of the above detected.


===========================================================================================================================
Log was analyzed using HijackThis Analyzer - Updated on 1/7/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
... Read more

Answer:online scan found virus!!!

Welcome to TSF.

Do you have two antivirus installed there? Keep one and uninstall the other. We recommend using AVG, but that's your choice.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file... Read more

19 more replies
Relevance 69.7%

OK, I'm infected...Isn't this the first step to recovery...just admitting it? lol

My PC starting running slow and I also noticed that I no longer could type URL address into the URL address bar without it being hijacked to some stupid site that redirected me...so i experience a takeover of some sort. I also noticed that my Hard drives malfunctioned and required a check-disk type of repair...so there was some kind of physical damage going on....very nasty. This PC is a i7 haswell but is running super slow so I know something is wrong...

I'm running Windows 8 PC and need to set it up properly to avoid viruses in the future.

I was hoping you guys could review my logs and suggest what programs to install to ensure a virus-free experience...

Thanks,
bob

--------------------------------

HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:06:25 AM, on 11/3/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CrashPlan\CrashPlanTray.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.ex... Read more

More replies
Relevance 69.29%

I might be infected with a trojan or virus.

Is there a good free online virus scan I can use?
 

Answer:Free online virus scan?

Here's what I am unsure of in taskmanager:

wuauclt.exe
alg.exe
acs.exe
crss.exe
smss.exe
Isass.exe
 

2 more replies
Relevance 69.29%

See the log below...did online scan with PandaScan and it found 18 spyware and 1 hacker kit, or something like that (can't remember)...can you help with this? Thanks!!

Deckard's System Scanner v20071014.68
Run by Owner on 2007-12-07 19:15:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
23: 2007-12-08 01:15:28 UTC - RP117 - Deckard's System Scanner Restore Point
22: 2007-12-08 01:05:30 UTC - RP116 - Software Distribution Service 3.0
21: 2007-12-07 19:31:27 UTC - RP115 - Installed Adobe Reader 8.1.1
20: 2007-12-07 19:31:12 UTC - RP114 - Removed Adobe Reader 6.0
19: 2007-12-06 18:35:52 UTC - RP113 - System Checkpoint


-- First Restore Point --
1: 2007-09-09 18:34:10 UTC - RP95 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 479 MiB (512 MiB recommended).


-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:17:26 PM, on 12/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\syst... Read more

Answer:Online scan found 18 spyware and 1 hacker kit

I forgot this.....from PandaScan....

Incident Status Location

Potentially unwanted tool:application/sysprotect Not disinfected hkey_local_machine\software\classes\appid\CheckProduct2_1.DLL
Spyware:spyware/virtumonde Not disinfected Windows Registry
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt ... Read more

5 more replies
Relevance 69.29%

Okay, I need help with this. I have Norton Internet Security, but for some reason, it didn't pick anything up. I did an online scan with Trend Micro and it found 1 infected file:

TROJ_SMALL.XC in the file C:\Windows\System32\msmc....

What is it, and what should I do? It said it was uncleanable, so I'm not sure what to do now.
 

Answer:TROJ_SMALL.XC found by online virus scan

Was that the entire message? Didn't it give you the whole name of the file?
 

3 more replies
Relevance 68.47%

HiI have run AVG free edition & it found something it coldn't delete. I am looking for the best free online scan than is available with Firefox & hope it finds the same issue & it can be deleted!!All seem to want IE 5 at least!Is Firefox ignored by most online virus scans??CheersGaz

Answer:Free online scan that works with Firefox!

Try click here

10 more replies
Relevance 68.47%

I ran the Mcafee free online scan and it picked up many PrcViewer items.

I googled PcrViewer and read that these could be legitimate items needed to run certain programs but again they may not be. I don't know how to tell good from bad.

Here is the log.

C:\Documents and Settings\...\A0047780.exe PrcViewer
C:\Documents and Settings\...\A0047781.exe PrcViewer
C:\Documents and Settings\...\A0047782.exe PrcViewer
C:\Documents and Settings\...\A0047783.exe PrcViewer
C:\Documents and Settings\...\A0047784.exe PrcViewer
C:\Documents and Settings\...\A0047787.exe PrcViewer
C:\Documents and Settings\...\A0047809.exe PrcViewer
C:\Documents and Settings\...\A0047810.exe PrcViewer
C:\Documents and Settings\...\A0047812.exe PrcViewer
C:\Documents and Settings\...\A0047814.exe PrcViewer
C:\Documents and Settings\...\A0047815.exe PrcViewer
C:\Documents and Settings\...\A0047818.exe PrcViewer


Is this something that should concern me ?

I ran SAS, Malwarebytes, F-Secure, Housecall, Bitdefender, Windows Live Care and Panda online scans and they all came back clean other than a few cookies.

XP-Home, IE-8, SP-3

Thanks for your time.

Dennis

Answer:Mcafee Free Online Scan Results

PrcViewerThis is a generic detection that covers multiple variants of PRCViewer. PRCViewer is a small command line utility that can alter a processes characteristics (Affinity and Priority) and also View, Close, Kill, Suspend and Resume running processes, even when Task Manager access is disabled.Variants are often used in specialized fix tools. Such programs have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or it can potentially be used for malicious purposes. These detections do not necessarily mean the file is malware or a bad program. It means it has the potential for being misused by others or that it was simply detected as suspicious due to the security program's Heuristic analysis engine which provides the ability to detect possible new variants of malware. Anti-virus scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them.

5 more replies
Relevance 68.47%

My daughter's computer has been VERY slow in loading the desktop and task bar icons when turned on. Yesterday evening I ran a scan using Norton's Free Online Virus scan. Below is what it found:C:\qacUgwXx.bat is infected with Trojan Horse C:\rVd.bat is infected with Trojan Horse C:\VFZHp.bat is infected with Trojan Horse C:\Documents and Settings\Maggie Pettigrew\Local Settings\Temporary Internet Files\Content.IE5\7VXETQ2U\Soft_16[2].exe is infected with Packed.Generic.187 C:\Documents and Settings\Maggie Pettigrew\Local Settings\Temporary Internet Files\Content.IE5\7VXETQ2U\Soft_16[3].exe is infected with Packed.Generic.187 C:\Documents and Settings\Maggie Pettigrew\Local Settings\Temporary Internet Files\Content.IE5\7VXETQ2U\Soft_16[4].exe is infected with Packed.Generic.187 C:\Documents and Settings\Maggie Pettigrew\Local Settings\Temporary Internet Files\Content.IE5\7VXETQ2U\Soft_16[5].exe is infected with Packed.Generic.187 But unlike bitdefender and eset's online scanners, Norton did not offer an option to remove these viruses short of buying their program......at least not that I could find. Here's their website where the viruses were reported after the scan: http://security.symantec.com/sscv6/vc_resu...GCQH&bhcp=1I'd really like to remove these 7 viruses if at all possible. Can some h... Read more

Answer:Norton online virus scan found these - can you help me remove them?

Please download OTM by OldTimer and save to your Desktop.Double-click on OTM.exe to launch the program. (If using Windows Vista, be sure to Run As Administrator)Copy the file(s)/folder(s) paths listed below - highlight everything in the code box and press CTRL+C or right-click and choose Copy.:Processes
explorer.exe

:Services

:Reg

:Files
C:\qacUgwXx.bat
C:\rVd.bat
C:\VFZHp.bat

:Commands
[emptytemp]
[start explorer]
[Reboot]Return to OTM, right-click in the open text box labeled "Paste Instructions for Items to be Moved" (under the yellow bar) and choose Paste.Click the red MoveIt! button.The list will be processed and the results will be displayed in the right-hand pane.Highlight everything in the Results window (under the green bar), press CTRL+C or right-click, choose Copy, right-click again and Paste it in your next reply.Click Exit when done.A log of the results is automatically created and saved to C:\_OTM\MovedFiles \mmddyyyy_hhmmss.log the date/time the tool was run.-- Note: If a file or folder cannot be moved immediately you may be asked to reboot your computer in order to finish the move process. If asked to reboot, choose Yes. After the reboot, open Notepad, click File > Open, in the File Name box type *.log and press the Enter key. Navigate to the C:\_OTM\MovedFiles folder, open the newest .log file and copy/paste the contents in your next reply. If not asked, reboot anyway.Caution: Be careful of what you copy and pas... Read more

18 more replies
Relevance 68.47%

I just Ran ESET Online Scan On my Windows 7 machine and it has detected a Win32/Olmarik.AIZ trojan. How do I clean this up? here is a log of the results
 
C:\TDSSKiller_Quarantine\23.10.2014_01.30.07\tdlfs0000\tsk0005.dta    a variant of Win32/Olmarik.AIZ trojan    cleaned by deleting - quarantined
C:\Users\Admin\Downloads\Setup.exe    a variant of Win32/SoftPulse.O potentially unwanted application    deleted - quarantined

Answer:Threats found after using ESET Online Scan. Trojan

G'day CashmereCattt, and Welcome to BC.
 
Go to THIS page, click on    [Download Olmarik / Olmasco Cleaner ]
 
Save to your desktop, and then Run the cleaner.
 
(Your computer should be clean anyway because the Online scanner has deleted and quarantined the threat....this will make sure )
 
The second item in your list is only a pup (potentially unwanted program) and has been deleted and quarintined.
 
 
 

10 more replies
Relevance 68.47%

Could someone please help.

I carried out a panda online active scan and it came up with the following results:


Incident Status Location

Adware:adware/cashdeluxe Not disinfected c:\windows\system32\MSWINF32.DLL
Adware:adware/commad Not disinfected Windows Registry
Adware:Adware/ActiveSearch Not disinfected C:\WINDOWS\SYSTEM32\MI1.EXE[2r_samba.exe][toolbar-w-google-r.dll] ... Read more

Answer:Infections found following panda online active scan

bump!

8 more replies
Relevance 68.47%

hi,
My computer has been running slow and having a few other problems, so i ran an online scan and when it was about 25% complete it said it had found a virus.

Shortly after this the computer just went back to desktop, so i have no idea what panda scan actually found.

I have tried to run panda online scan again but it just keeps getting half way through and then it shuts down everything and goes back to desktop.

I have run other scans and they find nothing.

Deckard's System Scanner v20070611.50
Run by Grumpygit on 2007-07-08 at 14:20:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
25: 2007-07-08 13:20:46 UTC - RP163 - Deckard's System Scanner Restore Point
24: 2007-07-08 10:20:02 UTC - RP162 - System Checkpoint
23: 2007-07-06 23:29:51 UTC - RP161 - System Checkpoint
22: 2007-07-01 19:52:22 UTC - RP160 - Software Distribution Service 3.0
21: 2007-07-01 19:44:16 UTC - RP159 - Software Distribution Service 3.0


-- First Restore Point --
1: 2007-04-10 21:28:04 UTC - RP139 - Software Distribution Service 2.0


Performed disk cleanup.


-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of HijackThis v1.99.1
Scan saved at 2007-07-08 14:21:4... Read more

Answer:Panda online scan found virus then stopped

Hello grumpygit

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem a.s.a.p

Please be patient with me during this time.

You may wish to subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

11 more replies
Relevance 68.06%

Thanks to anyone who can offer some help or info, I ran the AVG Free scan and it came up with two viruses:
Backdoor.Ruledor.C
Downloader.Braidupdate.A

I can find info about the first one, and it just says that it's a non threatening spyware program, but I ran Spybot and couldnt' find anything like it said. And I can find no information at all about the second one. Thanks once again for any help.
 

Answer:viruses found using AVG Free Edition

Welcome to TSG.

Do this:
go to http://www.lurkhere.com/~nicefiles/ , and download 'Hijack This!'.....
Unzip it to its own folder, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, and please copy & paste its contents to the forum.

It will possibly show other issues deserving our attention, but most of what it lists will be harmless or even required, so do NOT fix anything yet.
Someone here will be happy to help you analyze the results.

If you have anything disabled by MSConfig or any other startup manager, please re-enable it before scanning to post.
 

2 more replies
Relevance 67.65%

i have a laptop that has the Blue Screen due to possibly a virus/trojan. is there a way i can use a free online virus scanner via Safe Mode w/ Networking? if so, how?
 

Answer:possible to run free online virus scan via safe mode?

Boot to Safe Mode with Networking and try it...
 

3 more replies
Relevance 67.65%

Hi AllI know I have posted a thread on spyware but this is much more general.Does anyone know of any free websites that do free online spyware scan and then remove it?Is there on Anti-virus aswell?

Answer:Free Online scan and remove spyware programs?

Try click here for spyware scan and click here for virus scan.

4 more replies
Relevance 67.65%

I have tried all the rec's in the sticky under this topic and I am having great difficulty getting those torun...I did the Spy Sweeper but it expired on me, the Panda says I have to install ActiveX but no bar comes up for me to allow this... Are there any other sites that coupld help me... I run Norton and Zone Alarm, but they don't seem to catch the spyware and adware that is killing me...any help would be appreciated...Thanks
 

Answer:Need a good free online virus, adware etc. scan..r/o

7 more replies
Relevance 67.65%

Ill start off by saying I have 70+ processes running on my laptop, and my cd-rom randomly started ejecting. Especially when I am playing a game, which then gives me an error message then shutting the game down. Or when I close my laptop at night, I wake up and its ejected. Its just been becoming more sluggish by the day.
I have registered on another forum seeking help and have done a few things but the guy helping me is really slow to respond and its been a few days now so i was trying to see if i get could get it resolved faster.Not to mention my modem lights are constantly blinking. Sometimes when they blink too rapidly i get disconncted and have to wait 1-3 minutes for it to reconnect before doing anything.

I have Avia Anti vir I scan daily with no threats
I have Ad Aware I use with no threats
and recently isntalled MBAM with no threats

I was advised to use ESET Online Scanner, and it was on 7hours 10minutes and still scanning, and then froze- i was then forced to hold the power button untill it shut down. But before it froze it said it found:

Java/TrojanDownloader.agent.NBM trojan
Java/TrojanDownloader.agent.NBK trojan
Java/TrojanDownloader.agent.NBL trojan
probably a Variant of Win32/Agent Trojan

so,I have 4 known trojans the moment and dont know what to do!
I have HiJackThis, DDS , OSL, and a few other programs I was advised to download.
I need help
 

Answer:4 trojans found during online scan, then froze. 70+ processes, many issues

Welcome to Major Geeks!

I'm sorry but you are already actively getting help at BPC from schrauber ( re: http://www.bleepingcomputer.com/forums/topic329102.html ). It does not make sense to ask for help here since that would just have you starting over again running our cleaning procedures and attaching the logs we use. In addition working on multiple forums occupies the time of very limited precious resources and can also lead to confusion. So it would be better and more expedient for you to continue where you have started since you could be waiting a few days just for us to get back to you after you complete our cleaning process.
 

6 more replies
Relevance 66.83%

I have a virus. Also im typing this on another computer because on the infected comp i seem to type backwards.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:48:20 AM, on 5/8/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16827)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exeC:\Program Files\Cisco Systems\VPN Client\cvpnd.exeC:\Program Files\Juniper Networks\Common Files\dsNcService.exeC:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exeC:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Viewpoint�... Read more

Answer:kaspersky online virus scan shows virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_Sca... Read more

2 more replies
Relevance 66.42%

Here is a list of some of the best free Online Antivirus Scanners for Windows PC that will help you scan your entire computer or select files for virus with help with malware removal.
1) Trend Micro HouseCall is a FREE Web-based antivirus tool to scan for virus, worms, Trojans, spyware and all forms of malware.
2) ESET Online Malware Scanner can detect malware—viruses, spyware, adware, worms, trojans.
3) BitDefender Free Online Virus Scan is an on-demand online virus scanner which automatically clean infected files. QuickScan here.
4) FortiGuard Virus Scanner
5) ScanThis.
6) McAfee Security Scan Plus actively checks your computer for anti-virus software, firewall protection, and web security, and threats in your open applications. You need to download and install it now.
7) Comodo Cloud Antivirus. You need to download and install it.
8) Kaspersky Free Virus Scan. You need to download and install it now.
9) Panda Active Scan. You need to download and install it now.
10) Norton Security Scan. You need to download and install it now.
11) Computer Associates Virus Scanner has been discontinued.
12) F-Secure Free Online Virus Scanner too has been discontinued.
13) Authentium Command-On-Demand appears to have been discontinued.
14) Avast Online Scanner is not available anymore. Many of them have discontinued the classic online scanners which you can run in your web browser and they now need you to download an exe file and install the basics. So please chec... Read more

Answer:Best free Online Antivirus Scanners to scan file for virus, with removal

This is a good post for those who do not have an antivirus application running, but my friend I think that every one here will have one. Keep up the good work ok

5 more replies
Relevance 66.01%

The Online Kaspersky scanner I used has found Trojan-Spy.HTML.Fraud.gen & Trojan.JS.Redirector.b but I really don't know what to do now. I've been trying to take bits and pieces of the information I've found on related posts but nothing seems to work. I almost feel now that personalized attention is my best bet. If anyone with the ability to assist me could help me I'd truly appreciate it. The online Kasperky scan results are as follows:

KASPERSKY ONLINE SCANNER 7.0 REPORT
Friday, July 24, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Friday, July 24, 2009 06:43:12
Records in database: 2524312
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
C:\
D:\
Scan statistics
Files scanned 93217
Threat name 2
Infected objects 35
Suspicious objects 8
Duration of the scan 03:09:24

File name Threat name Threats count
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000004630.eml Suspicious: Trojan-Spy.HTML.Fraud.gen 1
C:\Documents and Settings\All Users\Application Data\McAfee\MSK\Users\1\Front\1\M0000005939.eml Suspicious: Trojan-Spy.HTML.Fraud.gen 1
C:\Documents and Settings\All Users\Application Data\McAfee ... Read more

Answer:Online Kaspersky scanner found Trojan-Spy.HTML.Fraud.gen & Trojan.JS.Redirector.b

Your log looks like it is seeing quarantined McAfee files. Let's start with malwarebytes and go from thereThe process of cleaning your computer may require temporarily disabliling some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a mes... Read more

11 more replies
Relevance 65.19%

Recently found a Trojan virus on another computer. Used AVG Antivirus Free to find and heal, though some infected files had to be quarantined in a "Virus Vault." Would someone look at the Hijack This logfile and advise me about further procedures?

Logfile of HijackThis v1.98.2
Scan saved at 9:58:14 AM, on 11/4/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SOINTGR.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\PRINTRAY.EXE
C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\MY DOCUMENTS\SPYWARE REMOVERS\HIJACKTHIS.EXE

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by EarthLink, Inc.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;http://localhost;<local>
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILE... Read more

Answer:Virus problems found during AVG Antivirus Free Scan

And here we are again....

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

Reboot into Safe Mode (hit F8 key until menu shows up).

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = ;http://localhost;<local>
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: ICOO Loader BHO - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - C:\WINDOWS\MSOPT.DLL (file missing)
O2 - BHO: ie - {2FF5573C-0EB5-43db-A1B2-C4326813468E} - C:\WINDOW... Read more

8 more replies
Relevance 65.19%

hi folks.. i suck at dealing with computer problems and i would really appreciate some help. Thanks

when i ran a free kaspersky scan it found these 3 things:

Trojan-Downloader.JS.Inor.a

not-a-virus:AdWare.Win32.AdMoke.agg

Backdoor.Win32.Sheldor.aw
here is a copy of the HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:05 AM, on 8/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\PROGRA~1\AVG\AVG8\avg... Read more

Answer:Solved: Need help with HijackThis Log &amp; Kaspersky Scan... Thanks

Hi, Welcome to TSG!!
Run HJT again and put a check in the following:

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 209.150.84.198 www.winmx.com
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - C:\PROGRA~1\VOL_TO~1\VOL_TO~1.DLL (file missing)

Close all applications and browser windows before you click "fix checked".

Please download Malwarebytes Anti-Malware and save it to your desktop. alternate download link 1 alternate download link 2
Make sure you are connected to the Internet.
Double-click on Download_mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware

Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
On ... Read more

3 more replies
Relevance 65.19%

Hi, I just scanned my computer using kaspersky's free online scanner and got a bunch of results ... now it says there is only 1 suspected item but it also gathers a bunch of other stuff, if possible can somone please tell me what exactly I should remove/do?

Here are the results,

Friday, October 06, 2006 7:32:20 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 6/10/2006
Kaspersky Anti-Virus database records: 216463
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
Scan Statistics
Total number of scanned objects 96480
Number of viruses found 1
Number of infected objects 1 / 0
Number of suspicious objects 0
Duration of the scan process 01:40:09

Infected Object Name Virus Name Last Action
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Se... Read more

Answer:Solved: kaspersky Scan Results, Help Please

16 more replies
Relevance 65.19%

Hi Guys.

I am presently using the trial version of NOD32 and have had no events either through blocking or through a full scan.

Being curious I went online to Kasperky's web site and did their online scan (I disabled NOD32 when running it) and I got all kinds of warnings, etc.

The report is below. Please advise if the Kaspersky scan is really showing viruses/malware or is everything ok.

Thanks, Jerry

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, July 20, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, July 20, 2008 16:41:39
Records in database: 977475
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 132338
Threat name: 8
Infected objects: 84
Suspicious objects: 16
Duration of the scan: 03:14:42
File name / Threat name / Threats count
C:\Program Files\PicoBackupOE\SystemState.dll/C:\Program Files\PicoBackupOE\SystemState.dll Infected: not-a-virus:Monitor.Win32.KeyLogger.eg 64
C:\Documents and Settings\Jerry\Local Settings\Application Data\Identities\{B32D48CA-91FC-4570-8853-6AD2EA99D834}\Microsoft\Outlook Express\Sent Items.dbx Suspicious: Trojan-Spy.HTML.Fraud.ge... Read more

Answer:Solved: Kaspersky On-Line Scan

Hi, The list does appear to be false positives- I've never seen that many in one scan before, though.

If you wish, there are two places to scan just one file at a time, ....if you do some of your suspects, and nothing is detected, it seems safe to offer that these are indeed false positives.

http://www.virustotal.com/
http://virusscan.jotti.org/

At either the process is similar, just navigate to the file's location on your hard drive in Windows Explorer, and when you click once to highlight the file it's path will show in the Submit space at the one file scan site....just hit "Submit" to upload the file for a quick but thorough scan.
 

2 more replies
Relevance 64.78%

Hi.
I am using Windows XP. Recently, my computer was infected with a virus. I do not know how I got this virus, but I am sure there is something bad floating around my machine.

Symptoms include:

Threatening message appearing at the top of webpages when I use Mozilla such as
"18 Trojans WERE found on your machine! !!!FREE VIRUS SCAN!!! !!!Warning!!! your system is at risk! "
AND
" Warning! Your system is in danger. YOUR COMPUTER IS IN need OF full scanning."
AND
"Too many errors and faults WERE found in your system. Possibly that IT WAS THE RESULT of virus attack.YOU MUST scan your system."

Also, occasionally when I click on a link, instead of going to the intended page, the following will pop up in lieu of the webpage, even though the URL in the address bar is just as if I did go to the intended web page.

"Page cannot be displayed

Possible problems:

* No connection with Internet.
* Some problems with server.
* Your computer is being attacked by a virus.

Please scan your system:

Conection problems diagnostics."

Also, occasionally a large amount of IE windows will pop-up on random webpages. I do not know the nature of the webpages that pop up. This IE pop up barrage freezes up my computer and if I am lucky I can get to Task Manager and end iexplore.exe before everything stops moving.

I have AVG Anti-Virus ... Read more

Answer:18 Trojans WERE found on your machine! !!!FREE VIRUS SCAN!!! !!!Warning!!...

Hi, and welcom to the forums! Please download Malwarebytes Anti-Malware and save it to your desktop.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen, click on the Show Results button to see a list of any malwar... Read more

1 more replies
Relevance 63.96%

I downloaded Kaspersky Online Scanner and scanned my files, now I want to scan everything else but I cant't find the file. The only place I see it is in the Add and Remove file.

Anybody know how to access this file?

It took a long time to download.

Thanks
 

Answer:Solved: Can't find Kaspersky Online Scanner download

If Kapersky acts like Panda, then what you downloaded was an activeX module and can be only used while online connected to their site.
 

2 more replies
Relevance 63.96%

A few weeks ago I started to get a rootkit warning from AVG scans. I've been through Malware removal and they can't find anything.

The file/s are C:\INSTB32.SYS and the same file in C:\Windows\Temp
Removing them does not remove them as they reappear on restart.

Since I can only find others with the same question as me online, and the answers they get are ambiguous, On the off chance I emailed Spybot S&D even though it wasn't alerting to the program.
Spybot said;
"The file is not bad.
INST32.SYS and INST32B.SYS occur often after installation of Kaspersky 8
(initial or reinstallation of later variant) _and_ reinstallation of
Broadcom Bluetooth connectivity software linked to a Motorola phone.
Other people have reported the phenomenon involving Kaspersky. Thinkpad
computers also contain these files."

I don't have broadcom bluetooth and I've never had bluetooth turned on.
This file is new to me the last few weeks and I am pretty sure I downloaded Kaspersky after I got it but just on the off chance I want to remove Kaspersky completely to be sure.
I've removed ESET online scanner, and all bluetooth items.
EDIT
I am having troubles with logins on this site. Often I get logged in and when I go to another page I'm no longer logged in? I haven't changed anything. Aslso links on the front page of the forum don't work when I log in, I get sent to another page telling me i'm not logged in and asking me to login aga... Read more

Answer:Solved: How to remove all traces of Kaspersky online scanner

16 more replies
Relevance 63.96%

Help !!

Since I'd downloaded Kaspersky Rescue for another PC I thought I'd run it on my main PC to check all was ok. I only found one infected file (which was some keygen thing), but now the pc won't boot up. It says

c:\windows\system32\l_intl.nls is missing or corrupt

Have I caused serious damage here?

I can try and repair this file using the recovery console , but I need to find my raid driver disks first.

But I'm worried the whole thing is going to be roken now!
 

Answer:Solved: Ran Kaspersky Rescue Disk Scan now won't boot

13 more replies
Relevance 63.96%

Hello virus experts and Kaspersky users,

I have some strange results coming from the Kaspersky scan on my Laptop/.
Note that I also have another case
http://forums.techguy.org/security/523202-error-can-not-find-script.html
"error, cannot find autorun.vbs";
this is a totally separate case here. (That is for my desktop, this is for my laptop.)

When I ran Kaspersky internet scan, it found a virus:

C:\Temp\AgentBase.exe/data.rar/AgentBase/AhnHook.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1370 skipped

C:\Temp\AgentBase.exe/data.rar Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.1370 skipped

C:\Temp\AgentBase.exe RarSFX: infected - 2 skipped

So I downloaded the Kaspersky trial software to my computer. Now I run the trial software, and it says my laptop is clean, no sign of the above virus. I ran the internet scan again and it still says the virus is there. Can I just delete these files since they are in a C:\Temp directory.

Second problem:
The downloaded trial version of Kaspersky does show a different problem. It comes up with a window saying "Proactive Defense Warning. Keylogger detected, process is trying to redirect keyboard input, Running module 'Driver SynTP'"

There are two buttons in this "Proactive Defense Warning" window: 'Terminate' and 'Allow'. But 'Terminate' is light shaded and not allowed. Only 'Allow' is possible. There is no option to 'halt', 'stop�... Read more

Answer:Solved: Kaspersky scan and WinVNC infection (and keylogger)

16 more replies
Relevance 63.55%

are there any websites that you can download movies for free. preferably not wasteful of space. and brings no viruses. i dont want it to slow my pc too. my kids want to watch these disney movies like despicable me and others. idk. please help!! thanks you!!!

Answer:[SOLVED] Downloading free movies online free and no virus?

The movies you mention are copyrighted and as such can only be attained at ligitimate contracted sites. You are asking about illegal downloads and as such are not supported on this site.

1 more replies
Relevance 63.14%

All, been trying to clean up a PC. Was getting the following error:

Generic Host Process for Win32 Services has encountered a problem and needs to close.

I ran Spybot, Adaware and SuperAntiSpyware and cleaned anything found. Ran Norton's and it said it was clean. Then I ran Kaspersky's and it found something. I also ran AVG and it found something but died before it finished. Those scanner logs and the HJT follows:

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, May 27, 2008 3:17:01 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 27/05/2008
Kaspersky Anti-Virus database records: 801559
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\

Scan Statistics:
Total number of scanned objects: 38275
Number of viruses found: 2
Number of infected objects: 9
Number of suspicious objects: 0
Duration of the scan process: 00:29:14

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\... Read more

Answer:Solved: Kaspersky found a virus

7 more replies
Relevance 62.73%

Received a link to clik from business colleague. I started receiving messages from friends on my Facebook buddy list asking me why I would send them a link to clik on. Apparently, the links are different but my McAfee said it blocked it when I tried to download whatever he sent me. I started getting virus alerts to download programs to clean it, which I knew was not from McAfee. I performed a manual scan and it found 6 virus and malwares which were quarantined. One of my friends said that her McAfee didn't even detect anything and had to pay them to get deep into her computer to get rid of it. Today, I awoke to find a similiar ploy to download a virus and malware program to rid my problems. I print screened and am posting that. I again ran a McAfee virus scan and it found 4 which again were quarantined.

How can we get rid of whatever is causing this?

I ran a Lavasoft Ad Aware scan which detected 2 cookies and were removed. I also ran Spybot Search & Destroy which found 25 Ask toolbar which I removed. It is 1 day after rerunning the McAfee scan above and so far no recurrence of the virus. But is it still in my computer?
 

More replies
Relevance 62.73%

You guys got me out of a deep hole before, so I'm hoping you can do the same for my niece..

Win XP (SP2) Laptop 'behaving strangely' and failing to connect to wireless netwroks. I've run it for a few hours and seen nothing starnge, but Kaspersky scan does show the presence of trojans.

Can you check these logs and let me know hoe deep we're in..?

Thanks in advance for your time.

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Saturday, October 4, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, October 04, 2008 13:27:18
Records in database: 1289130
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
Scan statistics:
Files scanned: 71415
Threat name: 3
Infected objects: 5
Suspicious objects: 0
Duration of the scan: 01:07:39

File name / Threat name / Threats count
C:\Documents and Settings\Heather Dimarco\Shared\!! sibling rivalry noel liam !! (DVDrip).rar Infected: not-a-virus:AdWare.Win32.Virtumonde.ha 1
C:\Documents and Settings\Heather Dimarco\Shared\dj tiesto adagio for strings.wm Infected: Trojan-Downloader.WMA.Wimad.m 1
C:\Documents and Settings\Heather Dimarco\Shared\lisa lashes.wm Infected: Tro... Read more

Answer:Solved: Trojan Wimad/Mudrop Infection - Hijack this log and Kaspersky scan

11 more replies
Relevance 62.32%

This is a follow up on my last post about identifying Viruses & Worms found with AVG. I closed that post and later ran this Kaspersky check and found many items that AVG didn't find.

I'm open to ideas on how to remove them.

Also, what's that "Lavan" folder for.

Thanks, Steve-x8086

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Thursday, December 01, 2005 16:13:28
Operating System: Microsoft Windows 2000 Professional, Service Pack 4 (Build 2195)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 1/12/2005
Kaspersky Anti-Virus database records: 162690
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 36269
Number of viruses found: 15
Number of infected objects: 29
Number of suspicious objects: 0
Duration of the scan process: 1191 sec

Infected Object Name - Virus Name
C:\Documents and Settings\Steve\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-212d396c-6a010cf1.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Documents and Settings\Steve\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-56095709-6197b633.class Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Documents an... Read more

Answer:Solved: Kaspersky Found Things AVD Didn't

16 more replies
Relevance 62.32%

Hi, I am really hoping you can help me, because I have tried everything. A friend asked me to help him with his computer, as I am pretty techie. He has a Toshiba L355D-S7901 with an Atheros AR5007EG wireless adaptor. He didn't renew the Trend Micro that came with his computer and has been running for six months with no protection! I couldn't believe it. All kinds of windows were popping up, it was a real mess. The computer is running Vista SP1. I have cleaned it up, and connection is there, but I still cannot get online. Here is what I did:
I ran Malwarebytes and got rid of over 600 infected files and programs. I uninstalled Trend Micro and installed free Avira Anti-virus, which scanned and found 12 more viruses. I quarantined and removed all files. But one file cannot be deleted: Windows\System32\drivers\zaljvnzmw.sys. I even located it myself and it WILL NOT delete.
No more windows popping up, but occasionally I get a message, like Host Process for Windows Services not found.
I still cannot get internet.
I went to Device manager, and noticed the 4to6 adaptors had no drivers. These shouldn't be necessary. Uninstalled them, and they did not reinstall on startup. But I'm not too worried about this.
Went to Toshiba's website on another computer and downloaded the latest driver for the wireless adaptor. Uninstalled the adaptor (including software) and installed the new driver. Disabled Windows Firewall and Avira--still no getting online
ran ipconfig, ... Read more

Answer:Solved: Getting back online after viruses

12 more replies
Relevance 61.91%

Hi, can anyone scan my web-site for viruses?

or is there software for this?

thanks,
senwod

 

Answer:Solved: can anyone scan my web-site for viruses?

16 more replies
Relevance 61.5%

Good day Experts!
I ran kaspersly on my friend's pc for maintenance purposes and found a virus and suspicious objects.
Need you help on what to do and maybe to delete these files.

She has windows 98 second, AMD Athlon, 1000 MHz ,
nvidia riva tnt 32mb,award bios
Motherboard Name Biostar M7VIQ (3 PCI, 1 AGP, 1 CNR, 2 DDR DIMM, Audio, Video)

updated avg antivirus with zonealarm v6.1.744.001
updated spybot and spywareguard,spywareblaster.
internet explorer 6.0.2800

KASPERSKY ON-LINE SCANNER REPORT
Thursday, April 20, 2006 10:03:06 PM
Operating System: Microsoft Windows 98 SE
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 20/04/2006
Kaspersky Anti-Virus database records: 189080
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
a:\
c:\
d:\

Scan Statistics
Total number of scanned objects 13480
Number of viruses found 3
Number of infected objects 5
Number of suspicious objects 0
Duration of the scan process 00:20:54

Infected Object Name Virus Name Last Action
c:\WINDOWS\All Users\Application Data\IEService\IEService.dll Infected: not-a-virus:AdWare.Win32.FastFind.b skipped

c:\Program Files\hbinst\Hbinst.exe Infected: not-a-virus:AdWare.Win32.Hotbar.p skipped

c:\Downloads_Carlo\ccleanersetupv128.exe/stream/data0006 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped

c:\Downloads_Carlo\ccleanersetupv128.exe/stream Infected: not-a-... Read more

Answer:Solved: virus found using KASPERSKY ON-LINE SCANNER

6 more replies
Relevance 61.5%

Hello.

I have completed clearing of java cache via control panel and cleaned out temp files by using ccleaner. I also reset router and my dsl modem. I have disabled all virtualization by running Defogger. My UAC is off.

It started as a google redirect and I tried malwarebytes pro trial version and mcAfee total protection, I tried tdsskiller by kaspersky... These programs found nothing so I downloaded eset online scanner and it found 7 viruses that it have removed at the end of the scan. Out of those 7 viruses there are two that keep on coming back after reboot:

- JS/Redirector.NIQ trojan (according to ESET online scanner)

-Win32/kryptik.AILJ trojan (according to ESET inline scanner)

At this point malware bytes scanner blocks attempts of connection to some IP when I go to Google.com but when I perform full scan by malwarebytes it shows nothing.

Please help me with what to do...

Thank you so much.
 

Answer:JS/Redirector. NIQ trojan and Win32/kryptik.AILJ trojan found by eset online scan

Welcome to Major Geeks!

Please follow the instructions in the below link. Do not side track into the Google redirect link. Stay in the main read and run me and complete it and attach the 4 logs we ask for.

READ & RUN ME FIRST. Malware Removal Guide
 

1 more replies
Relevance 61.09%

They say there's never a stupid question, but I fear this one is a wee bit stupid.

Mind you, i'm not talking about illegally downloaded/filesharing music, I've stopped doing that.

I download most of music from mp3 blogs - these blogs either have the rights from the record label to post the music (these are often found on the blog aggregator elbo.ws and if they don't have permission are "tolerated" by the label to post music - because labels see those blogs as a kind of free promotion - as long as it isn't anything flagrant), are run by the record label or artist (like the website for the labels Sub Pop and Matador) or artist or are a site like last.fm or Pitchfork or The Internet Archive (large popular websites). I used to download torrents of tapes of concerts by bands like Phish (who like the Grateful Dead allow tape trading and sharing as long as no profit or malice is involved), but i'm now wary of any torrent or file sharing program despite the fact I have never recieved a virus from either (I might have before, but who says I won't) and because i'm pretty much getting the same stuff I'd get off a file sharing program anyway, except through legal means.

However, because I have two new computers, I am (somewhat obsessively) concerned that an mp3 I get from one of these sites might have a virus or malware or trojan in them (even though it wouldn't benifit a website like Pitchfork whatsoever to do this). Heck, ... Read more

Answer:Solved: Program to Scan Music for Viruses?

6 more replies
Relevance 61.09%

This maybe a coincidence or not, but I posted earlier about trying to help a friend with a laptop that had odd viruses and problems. We tried to use remote viewing on xp so I could help but the connection only lasted 3 minutes. Since then on my pc Ive had 12 port scan attacks (blocked by my firewall) and 4 viruses (found but not stopped by my AV) all in 5 hours. 2 were the same as the laptop, Kelar.a and sdbot.u plus Ive had psw.briss and urlspoofer. Now Im worrying about my own computer! could something have transfered itself over? would you mind checking its ok? this is freaking me out. Also myweb seems to have crept on but I know how to get rid of that.

Thanks,
Cas,in a panic!

Logfile of HijackThis v1.97.7
Scan saved at 22:47:32, on 12/06/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
D:\Installs\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\nvsvc... Read more

Answer:[solved]Port scan attacks and viruses!

8 more replies
Relevance 60.68%

I on occasion use Panda free online virus scan ,recently Panda has added a spyware scan to this .The Panda scan has indicated that I have spyware , 3 items.Panda free scan does not remove these.I have Ad Aware - Spybot-Microsoft Antispyware beta -AVG anti virus - Norton anti virus installed,non of which picks up the spyware Panda picks up.My computer does not seem to be compromised or acting strangely ,slowing down etc.Anyone have any advice? It is a time consuming to trace this using Panda to isolate the spyware detected by rescanning every file etc.I guess I may have to though.
 

Answer:Solved: Panda online scan

8 more replies
Relevance 60.68%

Hi everyone

Wondering what would be a good online virus scanner to use to double check for viruses.

Also would it have to be downloaded onto the computer, one last question would i have to turn of my resident virus protection to use it.

Hope you can understand this as I'm a newbie in more than one way so please don't laugh to hard.

crofty
 

Answer:[SOLVED] online virus scan

Try http://housecall.trendmicro.com
 

3 more replies
Relevance 60.27%

Hello,

I need some advice. I ran AVG and Housecall and they indicated my computer was clean. I then ran Kaspersky Online Scanner and it indicates my computer is infected with 2 viruses.

I've posted below a HJT log and the first part of the Kaspersky Online Scanner Report (the entire report is several pages long), if the entire report is required, please let me know.

Thanks.
Claire


Logfile of HijackThis v1.99.1
Scan saved at 7:32:07 PM, on 04/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R... Read more

Answer:Solved: Viruses found

I am not allowed to help out in the security forum!
 

3 more replies
Relevance 59.86%

In a post at http://forums.techguy.org , I have seen a link to a site at which one can scan individual files at multiple online sites.

I am unable to find the link.

Please refresh my memory.

Thanks for your help.

RF123
 

Answer:Solved: online scan link needed

I found it.

http://virusscan.jotti.org/

Sorry for burning some electrons & using some server disk space.

RF123
 

1 more replies
Relevance 59.86%

hi i think im havin some serious problems ,im just gonna do a online virus scan and post whats happening
 

Answer:Solved: ONline virus scan check

16 more replies
Relevance 59.86%

Hello!

I have been running regular virus scans and everything has shown to be clean, but things seemed a bit slow so I ran a Kaspersky online scan and got this report. Maybe it is something simple but I have never encountered this before:

KASPERSKY ONLINE SCANNER REPORT
Sunday, April 22, 2007 3:41:26 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 22/04/2007
Kaspersky Anti-Virus database records: 282984
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 107859
Number of viruses found 0
Number of infected objects 0 / 0
Number of suspicious objects 0
Duration of the scan process 00:53:06

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Avg7\Log\emc.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local... Read more

Answer:Solved: Suspicious online scan report

16 more replies
Relevance 59.86%

I was wondering if I disabled the Anti-Virus protection on McAfee Security Center would Kaspersky install and run properly?

Also does Kaspersky Anti-Virus run in the back ground like McAfee would?

Reason I am asking this is because I recently was attacked by trojans, and McAfee did not pick up a single one, and Kaspersky online scanner picked up three...

Thanks for you suggestions and help.
 

Answer:Solved: Is it possible to run McAfee Security Center and Kaspersky Free Anti-Virus?

10 more replies
Relevance 59.45%

Hello,can anyone tell me how to use kaspersky anti ransomware tool and kaspersky free antivirus together?
I have tried many ways and while both of the products are playing well with each other detecting threats,the internet connectivity has been lost.
Not even a single webpage can be loaded until kart gets removed.
Hope you'll understand and come up with an efficient solution.
 

Answer:How to use Kaspersky AntiRansom with Kaspersky AV Free as a combo?

I guess both are designed to be "incompatible"
 

4 more replies
Relevance 59.45%

hi gents
i want to know the difference between kaspersky antivirus and kaspersky free . and what about this combo(KFA+ZAM premium+APPcheck free)+Malwarebyte antimalware on demand scanner . is KAV has antiphsing protection ??
 

Answer:Difference between Kaspersky Free and Kaspersky Antivirus

the only difference between KAV and KAF is that KAV has system watcher = behavior blocker. system watcher is one of the most powerful weapons of kaspersky that's why they charge you for that
they both have phishing protection

your combo looks OK to me. I can recommend that
but I don't agree with Malwarebytes because it seems redundant to me. zemana as the second opinion scanner is sufficient enough. It's realtime protection is different from its on-demand scanner. You will get better result with on-demand scanning than the realtime protection
 

1 more replies
Relevance 59.45%

Norton has found 6 Trojan.ByteVerify viruses since Feb 13 (3 today). They have all been removed automatically but I noticed my system isn't performing at the optimal ease/speed I'm used to. I ran Adaware, removed the 8 critical objects (although I believe they were all data miners), rebooted my system, ran Spybot S&D and it found no files to remove. I also suppose I should mention I installed three new programs this week, but did save a system restore point prior to doing the install, so if I need to revert to that point, it should be rather easy, although I've been using the new programs and not sure what the consequences would be to the new projects I've completed since installing FrontPage, SWiSHmax and NetStudio (all are web graphics programs, which I'm sure you already know). So, just to be certain I'm ok, here is today's HJT file, please review it and let me know if anything should be removed. Thank you in advance for your assistance.

Logfile of HijackThis v1.98.2
Scan saved at 9:37:18 AM, on 2/24/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Symantec... Read more

Answer:Solved: Norton found 6 viruses

7 more replies