Computer Support Forum

symantec virus detection error

Question: symantec virus detection error

I am trying to run an online virus scan from symantec at http://security.symantec.com. I click the virus detection button and the scanning screen opens. The scan does not start. I receive an error message "unable to run virus detection"-In order to run Virus Detection you must be using Microsoft Internet Explorer 5.0 or higher with ActiveX and Scripting enabled.
I have checked my internet options under the security tab. I defaulted my options and made sure activeX and scripting is enabled. I have windows xp pro with Internet Explorer version 6.0
I have tried reinstalling IE6.0

I have an antivirus program and I am not at risk. How can I fix this problem? thanks.

Site of the message i receive:
http://security.symantec.com/sscv6/...ie&venid=sym&plfid=23&pkj=WGVMRHYTINMHDKDCWLL

More replies
Relevance 100%
Preferred Solution: symantec virus detection error

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Relevance 60.27%

Happened after I installed automatic update from Adobe Reader 10, or maybe caused by some other events in the meantime which I did not recognize.

Symptom:
Security risk detected: Trojan.Gen
File: C:\Windows\Installer\{4d5b51ed-d271-244b-7ac9-d23efcafa6bd}\U\[email protected]
Security risk detected: Trojan.Gen.2
File: C:\Windows\Installer\{4d5b51ed-d271-244b-7ac9-d23efcafa6bd}\U\[email protected] risk detected: Trojan.Zeroaccess.B
File: C:\Windows\Installer\{4d5b51ed-d271-244b-7ac9-d23efcafa6bd}\U\[email protected]
These three types of risk are detected and quarantined, but Symantec can't delete them.
I would greatly appreciate any helps on this, thanks!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:02:44 PM, on 7/19/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19272)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
C:\Program Files\Lenovo\VeriFace\PManage.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Common ... Read more

Answer:Symantec Trojan Gen, Gen 2, Zeroaccess B detection problem

12 more replies
Relevance 59.04%

My son is running a PC with XP pro. I ran AVG antivirus and it has detected 3 viruses in a zip file (count.jar-43c66fb6-14c3949a.zip) called BlackBox.class, Verifier.class, and Beyond.class. I tried to follow through on the AVG suggested removal which says if you haven't got Java plug-ins installed you can delete the appropriate file. When I do this it appears to prevent access to the internet. Any advice much appreciated.A bit of further info, on boot up it keeps generating a message that New hardware relating to an Ipod has been found, even though no such item (we don't have one) or infact anything is plugged into any of the ports.I am not sure if the Online gaming that appears to have installed itself in favourites(and cannot be deleted is any connection, it also appears to have installed a browser bar at the bottom of the screen which also I don't appear to be able to remove.

Answer:Virus Problems & Hardware detection error

Try downloading Winsock fix click here then remove the file, then run Winsock fix.Also scan with Ewido click here

7 more replies
Relevance 59.04%

First, please forgive me. I am a computer noob. I'm not very savvy with computers, so I might need "extra" help.

We have a shared family computer and today, all of a sudden, a window popped up and said something along the lines of, "Hard Drive Detection Error". My wife restarted the computer and everything on the desktop disappeared, none of the programs were in the Startup menu and we have no idea what happened and how to fix this. I've searched and found that others had similar experiences. I'm not sure if my hard drive really is out of commission or if we've contracted a virus.

I'm running Windows XP (sorry not sure which Service Pack). My hard drive is petitioned into 2 parts, Operating System is on the C:\ and everything else (music, games, pics, etc...) is on the E:\. It seems like everything still shows up on the E:\, that's why I believe I may have contracted a virus???

Can someone please help this noob out?

Thanks in advance!

Answer:Virus???: Hard Drive detection error

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Your files aren't missing, they're hidden and the hard drive errors you see are fake.

Please download this file and run it.

If necessary, you can run it straight from a USB drive.

------------------------------------------------------

Download dds and save it to your desktop from here or here.
Double-click dds to run the tool.When done, DDS will open two (2) logs: DDS.txt
Attach.txt

Save both reports to your desktop.
-----------------------------------------------------

Please include the following logs in your thread:Contents of the DDS.txt posted as text in your reply.
Attach the Attach.txt to your post by clicking the Manage Attachments button under Additonal Options>Attach Files on the composition page. Browse to where you saved the file, and click Upload.
------------------------------------------------------

Download GMER Rootkit Scanner from here and Save it to your Desktop.Double-click gmer.exe to run it. If asked to allow gmer.sys driver to load, please consent .
If it gives you a warnin... Read more

17 more replies
Relevance 57.4%

Okay i have turned my pc on after not having it on in 3 months (due to having to buy a new graphics card) anyway everything was running smooth untill i heard a few beeps only to see that avira has detected few viruses i had a choice to either remove or ignore so i pushed remove 10 minutes later avira is detecting the virus again so i click remove and then do a quick scan with Malwarebytes and it did not detect anything so i did a full scan with my Avira Anti Virus and it found 1 warning 13 hidden files and 30 detections now i would like to know what to do from here to completely get rid of the 30 detections that it has found the two that it has detected look like this: TR/BHO.ZWANGI.Trojan TR/GerVar.EJ Trojan there are 30 of them in my Avira quarantine so what i would like to know is where to go from here thank you.DDS (Ver_10-03-17.01) - NTFSx86 Run by DJ at 19:40:17.32 on Thu 09/09/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.518 [GMT -7:00]AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}============== Running Processes ===============C:\WINDOWS\system32\nvsvc32.exeC:\windows\system32\svchost -k DcomLaunchC:\windows\system32\svchost -k rpcssC:\windows\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\windows\system32\spoolsv.exeC:\Program Files\Avira&... Read more

Answer:avira virus detection beeps with detection pop ups

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEmsconfigsafebootminimalactivexdrivers32netsvcs%SYSTEMDRIVE%\*.exe/md5st... Read more

2 more replies
Relevance 57.4%

Okay i have turned my pc on after not having it on in 3 months (due to having to buy a new graphics card) anyway everything was running smooth untill i heard a few beeps only to see that avira has detected few viruses i had a choice to either remove or ignore so i pushed remove 10 minutes later avira is detecting the virus again so i click remove and then do a quick scan with Malwarebytes and it did not detect anything so i did a full scan with my Avira Anti Virus and it found 1 warning 13 hidden files and 30 detections now i would like to know what to do from here to completely get rid of the 30 detections that it has found the two that it has detected look like this: TR/BHO.ZWANGI.Trojan TR/GerVar.EJ Trojan there are 30 of them in my Avira quarantine so what i would like to know is where to go from here thank you.

Answer:avira virus detection beeps with detection pop ups

Hello,Please follow the instructions in ==>This Guide<==.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==If you can produce at least some of the logs, then please create the new topic. If you cannot produce any of the logs, then post back here and we will provide you with further instructions.

2 more replies
Relevance 49.2%

in my start menu on the right of the clock it says VIRUS ALERT!

I believe the virus came from a bad file brought out by the disk defragmentor. When I ran the Disk Defragmentor, a file showed up on my computer called, Antiviruspro 2008, I looked it up online and noticed it was a spyware virus. I had McAfee 5.0 before running it, after running the Defragmentor, The Antivirus got deleted, my Windows Automatic Update won't work anymore, and while i'm on the administrator name my registery has been blocked by the administrator. I fixed that by getting RED (Registry Enabler & Disabler) and got it working, when I click on My Computer I can't find the file Local c: Drive, When I try to search for files or folders I can't press enter or click the search box nothing happens, Now. I'm not sure. I have on my add/remove programs alot of SP1 Hotfix (i honestly don't know what they are) And 1 XP SP2 Hotfix, but i don't believe i have sp1 or 2 and I can't get them because my Automatic Update doesn't work or because the website won't be displayed. I've tried to download numerous antiviruses and my browser wont let me go to the download site (I suspect that to be the Virus too), and I can't find any System Recovery, Application Recovery disks at the store or online that will support my system. I don't know what advice you could give me but any would help, I don't have much money. The System Info says it was made in 2001... Read more

Answer:Virus HELP!! Automatic Updates won't work, Virus detection can't be installed, etc.

6 more replies
Relevance 49.2%

Hi I am pretty new to viruses, trojans etc... usually very careful online but it seems a clever virus has tricked me somehow... must be only the last week as recently i cant turn on user account control in windows security centre.

i cant open google chrome, i can use internet explorer and firefox. i can google search programs like malwarebytes but cant actually get there browser just says problem loading page.

cant boot spybot

I have ran malwarebytes it found one trojan and deleted it but no difference problems are still there. ran it again and found no threats.

trojan it found was called trojan.zbot.gen

had to run malwarebytes using the chameleon dos booter that came with it.

computer not running slow. had problems updating itunes. can't visit microsoft website either.

hope this is a thorough description of my problems and would be very grateful of any assistance...

regards...

Answer:virus i think cant run spybot or view virus detection progam web pages

Hello and welcome to TSF.

Thanks for the description but we want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and
Quote:




Having problems with spyware and pop-ups? First Steps




a link at the top of each page.

Please follow our pre-posting process outlined below. Use a USB flash drive to download and transfer the tools to the affected machine, if necessary. You might like to run the Flash_Disinfector.exe on the clean machine and the flash drive first to protect against any possible transfer of infection via USB.


NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 48.79%

hi all,

please help me solve my computer problem, because i have this so called trojan horse virus, tracking cookie. adbrite etc...i already do the scanning using my anti virus software called symantec anti virus corporate edition...i scan my pc in safe mode, and i turn off system re store..my anti virus software doesnt detect the virus, but the avg anti spyware detect it, i already deleted it all but when i go back to noramal window, my symantec antivirus auto protect is still disabled, iaso tried uninstalling the anti vius software and install it again but still cannot, the virus is still there ..what should i do? bec if my anti virus auto protect is disabled, my computer is at risk because i often connect to the internet and i might get so many viruses that will destroy my pc.. PLease help me...
 

Answer:trojan horse virus has disabled my symantec anti virus auto protect

Welcome to Major Geeks!

Cookies are not problems and cookies would also not be able to disable your antivirus.

Please work thru the below procedure and attach the requested logs when you finish:

Read & RUN ME FIRST Before Asking for Support
 

1 more replies
Relevance 47.97%

When I try to boot my W520, I get a BIOS boot up error : "2100: Detection Error on HDD0 (Main HDD)". I am using PNY XLR8 240GB SSD. It worked fine for a month. I also have PGP installed and whole disc encrypted. I installed an update of Intel Management Engine Firmware and Intel Chipset, both are the latest from lenovo site because I was experiencing expreme slowness from my harddrive. Programs would freeze. Webpages would take forever to load..The next time I rebooted, I got the error. If I leave the SSD out for a bit, and put the SSD back in, the disk will work for some time... but on next reboot, it is again detection error.. TRIM is enabled on my system. I am not sure how the SSD died so quickly. I am back to using my HDD but I am not happy. I want a solution... is this a intel chipset issue? Intel IMEI issue? Is  the PNY SSD just a bad model? I've googled plenty and dont really see a solution. Sometimes there is a firmware update.. PNY has no firmware updates for my drive.. I don't see anybody else using PNY on their W520, but plenty of people are experiencing Error 2100 with SSD on their W520.. somethings fishy.. help please! thanks in advance !

Answer:W520: PNY XLR8 240GB SSD with error "2100: Detection Error on HDD0 (Main HDD)"

Hello,
I don't have a ThinkPad W520 or a PNY SSD, but could it be simply that the SSD is coming loose inside the ThinkPad's chassis?  I suppose this could occur if a 7mm high SSD was inserted into a 9.5mm high 2.5" drive bay with a ~2mm spacer to "pad" the unused vertical space.
 
Regards,
 
Aryeh Goretsky
 

3 more replies
Relevance 47.56%

running 1.40 biosthink I have WWAN model as there is a SIM slot and there are a red and blue wires ready for the 3G wireless card.all lenovo drivers etc checked to latest versionsInstalled 128GB Kingspan which failed to do anything and caused the whole system to be unbootable. Turns out the ssd was dead as it did not work in working usb enclosure.swapped in 64GB msata minipci from my old eee901 it is the correct size for the lenovo slot - it wasn't for the 901 and I am now getting 2101 Detection Error on hdd2 on boot up.I have tried reseating the card, cleaning the pins, reseating, booting to Hirens, Slacko, Gparted, Fedora and not been able to see it as the error code is pre OS... Anything I can do? - roll back drivers, roll back bios, buy specific brand msata any suggestions welcome :-)

Answer:Error 2101 Detection error on HDD2 (mini sata) X220

HiIt seems newer drive is needed or its firmware. Chek out SSD manufacturer site for fw update.Since x220 BIOS 1.16 or something like this one, msata SSD error detection has disappeared. Except of rare cases with some Crucial (or Corsair, didn't remember) and Samsung drives. Also do not use OCZ drives.

7 more replies
Relevance 47.56%

I've had my T430 for about a year, and other than two Corsair RAM sticks failing my computer has been running smoothly. Last night, my computer suddenly froze up and now it won't recognize my SSD. I'm currently using my stock HDD, but now I can't access any of the data on my SSD. I've tried running the SSD firmware update from the Lenovo site, but it wouldn't show my SSD under the memory devices (I'm not sure if this particular SSD is supported by the firmware update either). I don't think lenovo customer support would help in this situation, since my stock HDD runs fine and I didn't buy the SSD from them, so any help would be appreciated.

Answer:T430 "2100: Detection error on HDD0 (Main HDD)" Error on Samsung 830

I have the same problem that I ran into for no reason.  Does anyone have a solution for this?  Luckily I was able to login to safemode once and did my data back up after I could not login to safe mode.  The moment I connect to net work this problem happens.  On a side note I bought this T430S on ebay 3 months back with 16GB Memory, 500GB SSD which was running pretty good.

1 more replies
Relevance 47.56%

Whenever I try shutting down my computer normally, it is extremely slow and displays the message: Error 2101  Detection error on HDD2 (mini sata). This causes some problems on my computer. My laptop is a Thinkpad T530 with Intel Core i7, 500 GB HDD, and 8 GB RAM. Any suggestions?

Answer:Error 2101 Detection error on HDD2 (mini sata) in T530

do you have mSATA installed on the system???

6 more replies
Relevance 47.56%

Hallo, Since the past couple of days I am receiving this Error 2102: Detection error in HDD2 during every cold/warm boot. It pops up even after a complete powerdown for overnight and boot up the next day. Further, the boot itself has become very slow - shows blank screen until the Thinkpad logo is displayed, followed by which the error message pops up. Thanks in advance for pointers!!! P.S: I looked up in the community for similar errors - only couple found and no solutions.----------------------------------------------------------------------------------------------------------------------------------------------------------------Thinkpad Edge E530 - i5-3210M -upgraded 8GB RAM - 750 GB, 16GB mSATA HDD Performance Booster  













Solved!

Go to Solution.

Answer:Edge e530 - Error 2102: Detection error in HDD2 - press escape to continue

That error is coming from BIOS, it means there is something wrong detecting the mSATA SSD.  It could point to a hardware problem.  It is definitely not a software problem.  I would call the support line in your country, and ask what they recommend about it.

2 more replies
Relevance 47.56%

Hello! First post on this forum but been browsing for some time. My machine: ThinkPad S430, type-model: 3364-5HG, Win 7 x64, 500 GB HGST HDD. My problem is notably similiar to this one: https://support.lenovo.com/us/en/documents/ht082504.The problem occurs on very irregular basis, at times a couple of times a day but other times it goes weeks between the interrupts. It starts with some sort of short mechanical sound from the HDD, similar to the one when you turn the laptop of by pressing and holding the power button (only do this if I absolutely have to, it feels like choking someone with a pillow). After the sound, the screen freezes for a couple of seconds before the short bluescreen mentioned in the link occurs. The rest is as follows by the link above. Basically the only difference is the HDD brand (HGST in my S430 and Samsung in the link). After reboot (with power button during the automated reboot after bluescreen when the error code occurs), the laptop works fine.  It's getting quite annoying when this happens and also the suspension of not knowing when it will happen next is not good for my heart. What to do? Thanks in advance! Regards,Nicholas

More replies
Relevance 47.56%

Hi, I have a month old T440s. It has the original 256GB SSD drive (didn't open\replace anything).After uninstalling some antivirus software win8 had problems booting. To make a long story short, I tried different things to fix the MBR and eventually got to the point of trying to do a full factory restore, which didn't work (it couldn't find the recovery partition).When I boot up now, I get the "2100: Detection Error on HDD0 (Main HDD)" error.Aside from trying to restore using Lenovo CD (shipped to me, will be here in a couple of days), what else cn be done and what caused this ordeal? I don't mind about the data on the SSD, I just really need my laptop functioning ASAP. Thanks for any advise you may have!

Answer:Brand new T440s (original 256GB SSD) - Error 2100: Detection Error on HDD0 (Main HDD)

Hi,check out the disk drive model. If that's a Samsung SSD PM841, refer the page below regarding firmware update affected models:http://support.lenovo.com/us/en/documents/ht082504

7 more replies
Relevance 47.56%

I'd lost my power cord and haven't been using my E220s for few weeks.When I finally bought a power cord, the screen only shows:Thermal sensing error.2103: detection error on HDD2 (mini sata).And it turns on.How do i fix it?

More replies
Relevance 47.56%

I have an issue with a Lenovo X1 Carbon Touch Windows 8. It has a 512GB SSD. (Believe its Samsung)  Earlier today the computer frooze while saying plug in your charger, so I had to hold down the power button to do a forced shutdown. Upon turning it back on I got this error after hanging on the Lenovo logo for a good five minutes. Error: 2100: Detection error on SSD0 (M.2) The SSD is not visible anywhere not in BIOS or anywhere else. I've tried reseating it however it doesn't help. The BIOS is upto date, any I'm unable to update the SSD Firmware as I cannot get onto Windows as per the instrutions here - http://support.lenovo.com/us/en/documents/ht082504 1. I cant update firmware for the SSD as I cant get onto Windows2. The BIOS firmware is the latest 3. I've taken the SSD out and put it back in4. Reset BIOS settings5. Disconnected Battery and left it for an hour I'm panicing as all my data is on there, I assumed it was safe as it's SSD.  Please can anyone assist?  

Answer:X1 Carbon - SSD Failure? Error 2100: Detection error on SSD0 (M.2)

Sorry for a 2500 GBP laptop I'd expect better really. This is the SECOND X1 Carbon I've had out of 4 to fail me with the SSD. I've lost all my data (Yes I know I should have backed it up) that I'll never be able to recover. Ultimately I've given up on the brand of Lenovo, my company who supplies exclusively Lenovo hardware to our customers are now switching to Dell as a direct result of the lack of support and poor hardware/firmware design. Just ordered 2X Dell XPS 13's as a replacement for my less than 6 month old Lenovo X1 Carbon, never thought it would come to this but the lack of support, knowledge and consitant hardware failures has left me no choice, I can't operate or do my work on an Lenovo X1 Carbon, fingers crossed the Dell will be better as it cant get any worse than Lenovo. To anyone who has Google'd the error and found this thread some cold facts; According to my resources this error can be caused if the system is not shutdown, BSOD or sudden power loss. If it doesn't resolve itself, there is a good chance it wont. Cycle the computer numrous times, let the battery run flat. Try it a few more times. Reset the BIOS, Update the BIOS. Prevention is better than cure, supposedly updating the SSD Firmware might have prevented this from happening in the first place.Lots of reports that this is an issue with BIOS and Firmware issues that result in an early death. I can confirm this having happened twice to me on different generation and model... Read more

3 more replies
Relevance 47.56%

Model: T450sEquiped as:Intel i54+4GB RAM256GB SSD (M.2) Configured as boot disk running Win 7 x64500GB HDD as additional storage Issue:Seemingly at random, approx once every one to two weeks while PC is on and at the desktop but not actively being used (meaning no user is sitting in front of it performing tasks) it will error and crash.  The error is a black screen with the following error: 2101: Detection error on SSD1 (M.2) Press Esc to continue. According to the user Esc does nothing and the only escape is to long press the physical power button until a power down occurs.  On reboot the system comes up without issue.  No user has actually seen the crash take place.   MY QUESTION(S):1st.  Is this most likely an issue with the T450s not being able to reliably boot from the m.2 slot or is this more likely an issue with the SSD installed in the m.2 slot?2nd.  Is this something altogether different?  Any (knowledgeable) advice or info appreciated.

Answer:T450s Thinkpad - ERROR 2101: Detection error on SSD1 (M.2)

It is hard to diagnose without seeing it, but my experience has been that the Gen4 and later CPUs (like yours) support a very low power state that is incompatible with some devices. (that would make it a problem with the card) Make sure you have the latest BIOS and power manager software installed. Look in the device manager and find the M.2 SSD. There should be a power management tab. Turn off the option to allow the system shut the device off to save energy.

4 more replies
Relevance 47.56%

Hi guys, I fitted a 64GB Sandisk P4 mSATA SSD today in my week old X220 4287CTO & get this error, I thought it maybe the bios causing the problem as reported in the forum but the threads I have read seem to be the SSD not being recognized at all. Any help would be appreciated. Product SKU: 4287CTOProduct Name: ThinkPad X220 - 3 Yr Depot Topseller Warranty Intel Core i5-2410M Processor (2.3GHz, 3MB L3, 1333MHz FSB)7 Home Premium 64 English12.5" Premium HD (1366x768) LED Backlit Display, Mobile Broadband Ready, 2x2 Antenna2 GB DDR31333MHz (1 DIMM)Keyboard UKFingerprint Reader720p HD Camera20 GB Hard Disk Drive, 7200rpmNo Micro Solid State DriveThinkPad Battery 29+ (6 cell)Country Pack United Kingdom with Line cord & 65W AC adapterBluetooth 3.0Intel Centrino Advanced-N 6205 (2x2 AGN)Integrated Mobile Broadband - Upgradable

Answer:Error 2101 Detection error on HDD2 (mini sata)

Yeah I am getting the exact same error 2101. Also X220 but 4286-CTO which I brought from US. The BIOS version is 1.17(highest I can find now).Wonder if it is a compatibillity problem or simply the bios is not programmed rightly.

7 more replies
Relevance 47.56%

I got my 430s, and it's with a 16Gb mSATA SSD cache inside.Now everytime when I open my PC, it shows Error 2101 Detection error on HDD2 (mini sata) and I need to press ESC to continue.Is there any software or driver's problem, or it just phsically got wrong?Any techician could help to solve, or I have to do it my own?










Solved!
Go to Solution.

Answer:Error 2101 Detection error on HDD2 (mini sata) in...

Have you ensured you are running the latest BIOS?  What version BIOS do you currently have? After pressing escape does the computer boot normally?

9 more replies
Relevance 46.74%

Hello all,

my wife was on a website last night about nursery rhymes and she clicked on something and AVG instantly came up with a warning telling me that files 61883.sys, aec.sys and asyncmac.sys are infected with Trojan horse Agent_r.G. after looking u what the files were i believe them to be legitimate sys files, but could they get infected? We have pop ups for smileys and bingo and i can't start up safe mode.

Anyone have any ideas??

A very grateful Dave. :confused
 

Answer:AVG Virus detection

Welcome to Major Geeks!

Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.

If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First. If TDSSserv is not found, just continue on with the READ & RUN ME.
TDSSserv Non-Plug & Play Driver Disable

READ & RUN ME FIRST. Malware Removal Guide

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.

After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:

If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to ... Read more

4 more replies
Relevance 46.74%

My adware is detecting a trojan downloader but it can't get rid of it. When I try finding the virus on norton nothing shows up. Any information regarding this would be helpful.

Answer:virus detection????

stop spamming

5 more replies
Relevance 46.74%
Question: Virus Detection

hi all,this is my first posting,so be kind.im using AVG Antivirus and Symantec Corporate Edition.AVG keeps detecting a Trojan virus,but i cant send it to the virus vault or delete it.Symantec doesnt ever detect the trojan when running a scan.Will this trojan affect my PC?Any advice would be much appreciated.im using XP Pro.

Answer:Virus Detection

The problem is probably caused because you are using more than one anti-virus program.NEVER run multiple AV programs - they will always clash with each other.Make your choice and get rid of one.

9 more replies
Relevance 46.74%
Question: Virus detection

I was able to run an antivirus program I am using (AVG free edition). It came up with a detection that reads:

File
c:\windows\syste...\i8042prt.sys

Infection
trojan horse agent_r. BAV

Result
object is white listed (critical/system file that should not be removed)

What does this mean?
 

Answer:Virus detection

You need to start a thread in the Virus & Other Malware Removal section of this site.

Before you post though, you need to read THIS guide.
 

2 more replies
Relevance 46.74%

I had did a scan and found these on my computer. Here is the report:

Avira AntiVir Personal
Report file date: Sunday, December 05, 2010 05:06

Scanning for 3110546 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : XP-E

Version information:
BUILD.DAT : 10.0.0.596 31825 Bytes 11/16/2010 15:57:00
AVSCAN.EXE : 10.0.3.1 434344 Bytes 11/3/2010 01:06:45
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 17:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 23:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 04:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 14:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 00:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 22:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 21:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 16:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 13:19:04
VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 13:19:14
VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 13:19:35
VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 13:19:49
VBASE009.VDF : 7.10.13.80 2265600 Bytes 11/2/2010 01:06:45
VBASE010.VDF : 7.10.13.81 2048 Bytes 11/2/2010 01:06:45
VBASE011.VDF : 7.10.13.82 2048 Bytes 11/2/2010 01:06:... Read more

Answer:Virus detection. Please help me. Anybody

16 more replies
Relevance 46.74%
Question: Virus detection

Hi there,

I clicked on a link in Facebook and I think it has given my machine a virus. I ran MSE which picked up 3 or 4 severe threatss. Have got MSE to remove these threats from my machine but my machine is still running slow. If I have to do a reinstall can windows easy transfer copy and reinstall my drivers. If not does anyone have any good free software links that will backup and reinstall my drivers? Im downloading AVG free just now to see if that can pick up anything. Have ran malwarebytes. I think this could be looking at a reinstall now. Any help is greatly appreciated.

Answer:Virus detection

Hi clark,

you only need one AV pkg - MSE seems to be favored around here. I don't have a dog in that fight, so since you have MSE, stick with it.

MalwareBytes (MwB) is a good companion to any AV software - keep MwB too. I'm not sure why you think you have to re-install (slowness?) if your system came up clean MSE, MwB). That's an awful big hammer to use, but.....

5 more replies
Relevance 46.74%
Relevance 46.74%
Question: Virus detection

I know i have a virus as i cant view task manager or regedit without renaming them. My search function on the computer wont work either ( i cant view "serch files and folders" or what drive and whatever). also when on the the internet, i click to go to a page, and the progress bar will whizz to completion and say 'done' in the oposite corner but the page doesn't change. I thought i had the msclock.exe virus, but when i followed all instructions to remove it (rename regedit...go thru and find msclock.exe) it wasn't there. I then pressed edit and find, and serched for msclock.ex and it found it so i delted it. i hoped this would fix the probblem but it wouldn't. It also found when i searched for msclock.exe, bling, sasser.worm.e. (or something like that) this [Y E W E Z X] (it wasn't acctually them letters but that what it lookwd like) anyway, i delted al them as well. However this still didn't fix the problem, so i downloaded hijackthis and saved the log for you guys on here to have a look at and hopefully help me out. Can you guys please tell me what (if anything is harmful, and what i dont acctually need e.g. bulleye networking)Thanx xxxLogfile of HijackThis v1.98.2Scan saved at 19:55:26, on 01/09/2004Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system3... Read more

Answer:Virus detection

Your log shows that you are seriously behind on windows updates. It is essential that you update your windows before we continue to help you as the infections could reoccur. Go to http://www.windowsupdate.com and if it asks to install software, let it. Then click on the Scan link and let it do its thing. When its done you will see on your left a section called critical updates. Click on that section and install everything that you can. When it prompts you to reboot, do so. Then repeat this process again until there are no more critical updates listed. Then post a new log.

4 more replies
Relevance 46.74%
Question: Virus Detection

I think I have a virus but malwarebytes nor superantispyware can find it and whenever I try to access some sites it redirect me,I just need someone to check if I am infected or not,tyvm.Here is my hjt log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:41:58 PM, on 10/6/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Steam\Steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMob... Read more

Answer:Virus Detection

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

------------------------------------------------------

1 more replies
Relevance 46.74%

himy system has virusthis virus when i click on folder or file , open delete window and also when turn on system automatic  open panel setupplease help me

Answer:help in detection virus

Hi there!Read directions in this thread and post logs for me back here please: http://www.computerhope.com/forum/index.php/topic,46313.0.html

1 more replies
Relevance 46.74%

Greetings:My name is Jon. I have a Toshiba laptop, and recently received a virus (possibly through limewire, but I am not sure). I normally have AntiVir, but all full scans of the system come up without any detections. I then downloaded the free trial of Mcafee, and each time it finds trojans and tracking cookies. It cleans them up, but the initial virus that is causing all of this still remains. Here are the symptoms that let me know it's still here:Whenever I open Internet Explorer, a hidden file "idgrvecqmn" is created on my desktop. Also, whenever I try to search something (from Yahoo or Google) the links to the sites that come back all lead to advertisement pages instead of the desired page.Occasionally, Windows Explorer closes down as soon as I start my computer, and I have to ctrl-alt-dlt to restart the computer or at least restart Windows Explorer. This hasn't happened in the past day or two.The most recent symptom is back with Internet Explorer, as when it is in full-screen mode it does this weird thing where I cannot see the toolbar for Windows Explorer at the bottom of the screen (unless I minimize Internet Explorer or make it just a partial screen), and on the top where I would type in internet addresses it disappears until I scroll the mouse to the top of the screen.When I first ran McAfee it told me it didn't detect anything. Then the virus tried to do something (first time Windows Explorer crashed and had to be restarted) and now viruse... Read more

Answer:Virus without Detection

Try using the free ESET online scanner for another opinion of what's actually on your pc and alsosee the computer hope malware help guide and follow the directions and a malware specialist will help you get you on your way with your pc.

14 more replies
Relevance 46.74%
Question: virus detection

I was informed through e-mail from the [email protected] that a message I had sent to [email protected] contained a virus{ WORM-KLEZ.H} What does this mean? The mail message was (file:III.exe). I have McAfee virusScan. This is the first time I have ever had a virus detected by someone else. Actually as far as I know I have never had a virus. Please advise. Thanks. I'm still kinda new at this.
 

Answer:virus detection

Klez is a very smart virus. It may only appear to have been sent by you, because Klez spoofs the from address. THis is the case, unless you sent an email to that person, and you really have the virus.
 

1 more replies
Relevance 46.74%
Question: Virus detection

Hello everyone!

I'm the 'new girl (well granny actually!) on the block!'

Has anybody encountered this virus, detected by AVG free v7, as I can find very little info on it through google searches etc.

IRC/BackDoor/Trojan/SdBot.55.U

It's gone from my system now (I think!) but I am curious as to it's origin and 'popularity'!

Answer:Virus detection

Hi silverlady This is what Symantec Security Response has to say. See link below for full report.Backdoor.Sdbot is a Backdoor Trojan horse that allows the Trojan's creator to control a computer by using Internet Relay Chat (IRC). Backdoor.Sdbot can update itself by checking for newer versions over the Internet. http://securityresponse.symantec.com/avcen...door.sdbot.html

1 more replies
Relevance 46.33%

As of yesterday, my XP computer is not able to update Spybot, Malwarebytes, or AVG. Won't open IE7. I ran Combofix, but don't know what to do with the log. As instructed, I've attached the two dds text files that give info about my computer. Any suggestions on what to do next?
Thanks,
Dennis

Answer:Virus detection and removal help

Hello Dennis,Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you. Also, please include the original ComboFix log, if you still have it. Please do this:1. Download HijackThis? here:http://www.trendsecure.com/portal/en-US/th.../hijackthis.php2. Click 'Do a System Scan and Save log'.The HJT log will open in notepad.Thanks,tea

2 more replies
Relevance 46.33%

Hey guys. I was scanning with SpyBot and it detected an infected file: WIN\SYS\TRNC.DLL. The message said it contained the virus "TR/Small.GS.2"

I deleted it, but my question is, why didn't my AV notify me? I use AntiVir Personal Edition 6.24. It's configured correctly, and I check for updates daily. Any ideas?

Thanks
 

Answer:Virus Detection Question

Either it wasn't listed in the virus definitions, or the virus itself falls under more of a spyware category than virus.

There is a fine line between malware and virus sometimes.
 

2 more replies
Relevance 46.33%

I don't think the DDS worked properly, but it is attached. Also, RootRepeal wouldn't run again, so all I have is the drivers from what Blaze had me run previously; it is attached as well. Thanks.

Answer:Cannot Run Any Virus Detection Software

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 46.33%

My avg anit virus program listed 14 programs which were locked and it was associated wih microsoft office and some windows messages about setting/documents etx stated field were lock and could not be tested is this a normal message or is there something wrong?
 

More replies
Relevance 46.33%

Hi, Names Rayeann I need some help.
I had a notice come from AVG that a javabyte sun had a virus actually several of them. SOme i oculd heal others I could not. I did a hyjack this and saved. Can some one tell me how to remove the files. Let me warn you that I am pc illiterate. Thanks Muchly
Rayeann

Logfile of HijackThis v1.99.1
Scan saved at 12:25:11 AM, on 3/31/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\SECRET~1\run.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\GDAVC9AN\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Softwar... Read more

Answer:AVG Virus detection Javabyte HELP

Before you do anything else, please create a folder for HijackThis and put it in a permanent folder (like C:\HJT) instead of the Temp folder. This is required because HijackThis will create backups and we don't want them to be deleted.

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

This should clear the java byte problem.

Click on the Start menu
Select Settings
Select Control Panels
Select Java Plug-in
Click o... Read more

5 more replies
Relevance 46.33%

I am running Windows ME and suffered a crash earlier this summer. I reinstalled everything, including upgrades to AOL 9.0 and RealPlayer 10. I think I might have a virus. When I try to burn CDs placed in my internal drive to an external burner, RealPlayer gives me an error that reads "CD drive not detected." Strangely, my internal drive still reads DVDs fine, which leads me to believe it is a program virus. I am also running Selective Startup, since I got two error messages: one that says my system has caused an "SMC error" and the other that reads "msxml3.dll." Are these viruses? How can I get rid of them? Thanks.
 

Answer:RealPlayer CD detection -- virus?

For a start, what antivirus program do you run. If you don't have an av program, try one of these online scans.

Housecall : http://housecall.antivirus.com/housecall/start_frame.asp
Panda: http://www.pandasoftware.com/activescan/
 

1 more replies
Relevance 46.33%

Ok...I've been working my way through the prescribed procedure. A few things to note:

I did not read the instruction to keep the bitdefender file even if there were no problems discovered. There were no problems discovered ... so I deleted it.

also, the GetRunKey thing seems to be working, but every time I try to attach it here, it says that it cannot accept this type of file. I do not understand that because the newfiles thing worked fine. I did note that the notepad popup had nothing in it when I ran the getrunkey.

Panda did find two problems ... every other scan did not detect anything.

Will change the name of hyjackthis and send that next.

Thanks...if I need to re-do the bitdefender or do something different with getrunkey, let me know please!confused

big poppa (john)
 

Answer:Help with Virus Detection Procedure.

My hijack this log is attached.
 

5 more replies
Relevance 46.33%

Have you heard of a program called EAnthology and stop-sign? When i scan my pc it says that i have the following viruses Win32.Benny.6382, Win.exe.virus, Com.TSR.virus and Com.TSR.Crypt.virus. Do these programs claim to find viruses so that they can sell you their anti virus packages.When i do a scan with AVG it says that i have no viruese?I think i will remove EAnthology.Any ideas.

Answer:Virus detection software

Spyware - ingore them

6 more replies
Relevance 46.33%

norton has found an infected file and has stated that it is unable to repair it and that access was denied after a full scan using norton2003 fully updated norton still says computer is still infectedI`ve still got a virus alert screen on my computer which will not go away

Answer:norton virus detection

Clear all your restore points.

4 more replies
Relevance 46.33%

Everytime I run AdWare or Microsoft AntiSpyware, my McAffe virus scan always reports that Trojan Exploit Btye Verify is detected, somtimes in the local settings temp folder, sometimes in the AdWare folder....its always three files...loaderclass, installer class. WHy does it keep showing up, even though it says it has deleted it each time. And also, my computer is kinda slow, is there anything else that looks bad that could be causing problems. Thank you in advance.

Logfile of HijackThis v1.99.1
Scan saved at 2:22:51 PM, on 3/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Documents and Settings\Richard Alves\My Documents\Common Framework\FrameworkService.exe
C:\Documents and Settings\Richard Alves\My Documents\McAfee\mcshield.exe
C:\Documents and Settings\Richard Alves\My Documents\McAfee\vstskmgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Documents and Settings\Richard Alves\My Documents\EMS Free Surfer\Free Surfer\fs20.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\TOS... Read more

Answer:Help With Recurring Virus Detection, Please.

Anyone?
 

1 more replies
Relevance 46.33%

Either I have been lucky up to now or my AV progs have been working.Over the weekend my AVG (free) has thrown up 3 Trojan horse virus infection warnings.These are: Downloader.Small.42.M located in C:\BLA.EXE Downloader.Generic.JW located in C:\Temp\SS.STOPSIGN[1].EXE Downloader.Small.42.M located in C:\Windows\Temp Int Files\ Content.IE5 ZVLA2HAY\AY[1].CLASSI find that a folder has been set up in C:\ drive named $virus$.avg and I presume this is the Virus Vault referred to in the progs Test Center. In this folder are 3 files with unknown names but I assume they are, or are copies of, the offending files.As I have the free version of AVG I do not think I have access to a virus encyclopedia and therefor do not know how bad the virus are or how they can be cured.The AVG prog does not appear to be able to heal any of the virus as that operation in the tool bar has a cross on it for each virus.Assistance is sought on:1 How serious are the virus (virii?)2 Are the files in the $virus$.avg folder just backups OR do the virus files still exist in their original folder. Although I can not spot them.3 Must I find the original virus file and delete it OR can I just delete the backup.4 Any other advice.Thanks in advance.Mananin My Computer Specification:-Mbd.- MSI MS 6340M v. 5; AMD Duron XP 1200 Mhz; Video-Pro Savage S3; Audio- Via AC 67Windows 98SE; Internet Explorer 6.0.28; Outlook Express 5.5 . ISP is BT Yahoo (PAYG) with Pop-up Blocker and Spam Guard. Protection:- Grisoft AVG 7; Nor... Read more

Answer:Virus Detection and Cure

click here download and run to clear all the temp files. Then download Sunbelt counterspy click here it is a free trial and you only have to give your email addy. Run it and delete all it finds. Start up in safe mode and delete bla.exe if it is still there. You can delete all the files in the AVG vault. AVs will not always stop Trojans, if you unwittingly execute the programme no amount of firewalls and AVs will stop it. Sunbelt does provide 'real-time' protection though and it is free for a month or so. Worth paying for IMHO as it is virtually the same as MS Antispy but it can run on other OS's than just XP. MS Antispy will only run on XP.G

2 more replies
Relevance 46.33%

I ran through all 5 steps, except for the panda scan. It kept closing out midway through the scan. The computer is not having popups anymore, but is still very slow. I detected virtumonde through spybot but am not sure if it is completly removed yet.


Deckard's System Scanner v20071014.68
Run by Owner on 2008-03-09 14:19:47
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
44: 2008-03-09 21:20:05 UTC - RP51 - Deckard's System Scanner Restore Point
43: 2008-03-08 04:23:17 UTC - RP50 - System Checkpoint
42: 2008-03-07 03:58:18 UTC - RP49 - Software Distribution Service 3.0
41: 2008-03-06 11:05:28 UTC - RP48 - System Checkpoint
40: 2008-03-05 10:20:19 UTC - RP47 - Software Distribution Service 3.0


-- First Restore Point --
1: 2008-02-02 01:53:13 UTC - RP8 - Software Distribution Service 3.0


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 448 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-03-09 14:22:18
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\sys... Read more

Answer:Virtumonde detection + Other possible virus'

Just got Kaspersky to run all the way through. Here is the log from that run.


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Sunday, March 09, 2008 06:55:23 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 9/03/2008
Kaspersky Anti-Virus database records: 620192
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 98835
Number of viruses found: 6
Number of infected objects: 12
Number of suspicious objects: 0
Duration of the scan process: 01:55:38

Infected Object Name / Virus Name / Last Action
C:\Deckard\System Scanner\backup\DOCUME~1\Owner\LOCALS~1\Temp\UE.exe Infected: not-a-virus:AdWare.Win32.PurityScan.gn skipped
C:\Deckard\System Scanner\backup\DOCUME~1\Owner\LOCALS~1\Temp\~cdsf3kj09u.tmp Infected: Trojan.Win32.Qhost.zv skipped
C:\Documents and Settings\All Users\Application Data\Avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Da... Read more

16 more replies
Relevance 46.33%

I have the exact same problem. Every ten minutes or so my AVG Internet Security find that same file, "83.133.124.199/inst_n105.exe"

my browser also trieds to open page that AVG reacts to and calls the file "searchaddca.org/cgi-bin/103". I don't know if it's connected in any way.

Malware bytes does not find anything, nor AVG. I hope someone knows of some way to get rid if this. It's so annoying.

More replies
Relevance 46.33%

Apparently I have a virus that is shutting down any antivirus program that I try to run. The program will start, but just disappear after a minute or so. Any help? Thanks.

Answer:Cannot Run Any Virus Detection Software

Hello golf71 and to BleepingComputer.Let's try this.Please install RootRepealNote: Vista users ,, right click on desktop icon and select "Run as Administrator."Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorDisconnect from the Internet or physically unplug your Internet cable connection.Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver. Temporarily disable your anti-virus and real-time anti-spyware protection.After starting the scan, do not use the computer until the scan has completed.When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.Extract RootRepeal.exe from the zip archive.Open on your desktop.Click the "Drivers" tab, and then click the button.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.~BladeIn your next reply, please include the following:RootRepeal log

4 more replies
Relevance 46.33%

My father-in-law recently manager to contract the fake FBI/DOJ virus that locked up his computer. Using HitmanPro and Malwarebytes Antimalware, I've managed to get the computer operational again. However, I believe I still have the virus that started it all on. The reason I believe that is because when I type something into google and click on a link in chrome, I'm often redirected to another page - one of which already tried to download something. However, I can't find the virus. I checked the proxy settings and the hosts file, but they both look good. Bitdefender, Panda, and MBAM all say the computer is clean, but something is causing those redirects.
 
Thank you,
Aaron
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16576
Run by Larry at 2:04:06 on 2013-06-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4061.1897 [GMT -4:00]
.
AV: Panda Internet Security 2013 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2013 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Win... Read more

Answer:Redirect virus detection

Hello BE0921 I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", ... Read more

3 more replies
Relevance 46.33%

When doing CTRL+ALT+DEL I get "Defscangui" running in the background. It seems to stop my doing a scan disk and defrag. Whilst doing scan disk, I get a message saying that this drive is already being used and scan disk has retried 10 times but cannot continue. I think it was something that I downloaded, have now deleted but it is still lurking. Can anyone help please?

Answer:Virus Scan detection

have a Trojan running on your system. Go to Symantec site ( Security Response ) and type Defscangui into the search box. It comes up with this click here

6 more replies
Relevance 46.33%
Relevance 46.33%

HiWhile running AdAware, it came up with a mesage telling me I have a trojan on my PC named awi.exe. I have already seen this message twice recently and each time, I disable System restore, run AVG (after rebooting) then enable system restore. Each time AVG reported finding nothing so I am surprised this keeps springing up.Is it a case of AVG being unable to disinfect the PC of this trojan or is it a case of a program installed that when run, triggers the 're-deployment' of this virus?I run the TrendMicro HouseCall online scan to see what it would report and is also reported finding nothing!I browsed to the file via the path reported while running AdAware and deleted the entire folder in the Temp directory and run AdAware again. This time the virus message pop-up box did not appear. Strange.Your thoughts/comments?Regards,Tj_El

Answer:AdAware SE: Virus detection

AVG is an anti-virus program, AdAware is an anti-malware program.AVG probably cannot detect this .exe program because it is malware/spyware, rather than a virus.You were wise to run your scan with System Restore turned off but, generally, it is safe to allow AdAware to remove any nasties which it finds.

10 more replies
Relevance 46.33%

A few days ago a nasty program was installed by my sister trying to get into a zipped folder.
I am still having trouble with it after a couple of days of scanning
I managed to get rid of quite alot of "junk" and came across things like "close 16.exe"
Another virus that has been popping up lately is the Detection: New Win32 (Virus)
File Path: F:\Documents and Settings\*\Local Settings\Temp\V1FSFHa00220 - Mcafee has been discovering things in here today

Also, when I know open Internet explorer, it makes a "beep beep" noise, as if something is loading or trying to load
 

Answer:Detection: New Win32 (Virus)

I have also just discovered a program that has popped up in Task Manager in the last 5minutes - guard.exe - I read up on this and it can make a "beeping" noise
 

9 more replies
Relevance 46.33%

Machine is so slow I can't stand it any more. Don't know what to do!!
 

Answer:virus detection and removal

It would help you if you would list your system specs (Chip, Ram, Video card and MoBo at least) and a few details as to how long you've had the problem and some behavioral specifics.
 

3 more replies
Relevance 46.33%

It started of a week ago. I was checking my mail then I got a warning. WARNING VIRUS DETECTED: file : http//: 83.133.124.199/inst_n105.exethreat: Win32/TrojanClicker.Delf.NBX trojan after that I got another one WARNING VIRUS DETECTED:file: http://moviefact.com/install.52032.exethreat: Win32/Kryptik.DOR trojanNow it's repeating that warning every 10 minutes when I'm browsing on the internet. I scanned the pc with NOD32 and Ad-Aware. They found nothing. I don't know what it is and what to do about it. Can some-one help me. If you don't understand, I'm sorry my english is not that good. Just reply

Answer:Virus detection every 10 minutes. What do I do ?

Frituurkonijn,SAS, may take a long time to scanPlease download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)In the Main Menu, click the Preferences... button.Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program.Do not run a scan just yet.FirstReboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear wit... Read more

2 more replies
Relevance 46.33%

A pop-up indicating detected viruses exist on this computer. It is not the installed native Avast Free edition and the pop-up has repeated a 2nd day in a row which is making me suspicious. Unfortunately, I got rid of it by using 'Task manager' both times and didn't pay attention as to what it was trying to sell me on. I know for sure it was nothing to do with Avast.

I ran Ccleaner prior to running the following requested logs.

When attempting to run GMER only 3 lowest boxes were checked above C: drive selection and the others were grayed out - could not select.

GMER did not find any rootkit modifications

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:21:46 AM, on 9/7/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\PROGRA~2\MICROS~1\wkcalrem.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Soft... Read more

More replies
Relevance 46.33%

Hi ya,
Im running windows xp, and using avg free ed. antivirus program, the resident shield has detected a virus but when I run the program it says no virus detected there are several files that it cannot open. What do I do about this? I also have ad aware and spybot. and there are several items on ad aware that can not be removed and some on spybot also.
Help please!
Thanks
Snowey
 

Answer:problems with virus detection

12 more replies
Relevance 46.33%

Please, any idea how to fix error 2104 with laptop ThinkPad p50 full error message >>  2104: Detection error on Storage Device2 (m.2)

More replies
Relevance 45.92%

Comodo SiteInspector has new features and it's for free to sign up. Good service for those who have own websites.
 

Answer:Malware detection and blacklist detection for Websites..sign up for free!

I saw this earlier, looks like they changed it from 30 days to 365 days.

These type of services from Comodo I like.

http://siteinspector.comodo.com/public

http://siteinspector.comodo.com/public/features
 

9 more replies
Relevance 45.92%

I ran Symantec's free virus scan and it said 2 files were infected with something called Bloodhound.Exploit.13.

I don't know what this is. Is it bad? I deleted the 2 files it said were infected. Does anyone know what that is or why I'd get it?

Info:
HP Pavilion Slimline s3200t
Visa 32-bit Home Edition Premium
2 GB Ram
160 GB HD

Thanks for help!
~
 

More replies
Relevance 45.92%

I was referred to you by a friend of mine who is very knowledgable about computers. He linked a forum which contained info about getting rid of the same virus that someone else had problems with called the Trojan. My friend recommended I follow your advice so I downloaded the Hijack This program and it came up with this:

Logfile of HijackThis v1.99.1
Scan saved at 10:43:15 AM, on 6/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Aveo\Attune\bin\attune_ce.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\windows\system32\mrdsregp.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Belkin\PCI F5D700F\Wireless Utility\Belkinwcui.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\... Read more

Answer:Virus detection (and hopeful deletion)

16 more replies
Relevance 45.92%

I have an old computer that is in my business. It's main function is video survailence for my business, however it does have internet. I came to work yesterday to find this computer popping up a bogus page stating it had a virus and it looked like a virus scanner running. I was told that they tried to close it but it kept popping back up. I tried to run avg but it found nothing. I tried to run spybot but during the scan it gave me errors stating something like i didnt have the proper permissions to perform these actions. There are no user accounts set up on this computer because the video security system reboots automatically every night and erases a certain amount of space on the hard drive to make room for the next days recordings. This computer would not let me on the internet except when i did attempt to get on the net it would first bring up the bogus security firewall page then i could control alt delete and it would then bring up an internet explorer page. I tried running trend micro house call but it found nothing. even in safe mode I was still having these same issues. I tried running spybot from a flash drive but still got the same errors. I disabled everything in msconfig. i was finally able to download avast and ran it. IT FOUND the virus and i told it to delete it. I no longer have the bogus scanner and security system popping up BUT I still have some major problems. If i click internet explorer i get the dialouge box that ask me what program i want to use t... Read more

Answer:wbl.exe Security popup box with virus detection

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Administrator


You only need to get one of them to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
Rkill.exe
Rkill.com
Rkill.scr
Rkill.pif
* Double-click on the Rkill desktop icon to run the tool.
* If using Vista or Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
* Do not reboot until instructed.

If you are having problems running Rkill, you can download iExplore.exe or eXplorer.exe, which are renamed copies of Rkill.com, and try them instead.

* If the tool does not run from any of the links provided, please let me know.
Once you've gotten one of them to run then try to immediately run the following.

Now download and Run exeHelper from Raktor
Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to clo... Read more

6 more replies
Relevance 45.92%

A window keeps popping up trying to "scan" my computer. It keeps trying to act like a spyware removal for windows but I can tell it's fake. It shuts down windows task manager every time I try to open it. Pop ups will fill my screen and then disappear suddenly. I have run MalwareBytes and it has detected over 600 trojans and supposedly deleted them all, but IT WON'T GO AWAY. I have copied and pasted my log from MalwareBytes below in hopes that you can identify the problem. Please help, I'm afraid it might be keylogging and stealing passwords and various info, thanks. *NEW INFO*: It has apparently erased all of my files on my desktop, and my pictures and other documents. Are these retrievable? this a fairly new computer, so I haven't backed up anything

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7868

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

10/4/2011 2:32:42 PM
mbam-log-2011-10-04 (14-32-42).txt

Scan type: Full scan (C:\|D:\|E:\|Q:\|)
Objects scanned: 380422
Time elapsed: 36 minute(s), 20 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 260
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 400

Memory Processes Infected:
c:\Users\Sidney\AppData\Roaming\ftwub1vo3mqd8lh\iuebzy0si3gq6.exe (Backdoor.Bot) -> 6544 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items d... Read more

Answer:Fake Spyware Detection Virus

Download the following program to your desktop:

Unhide tool

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.
Please be patient as this may take several minutes to run, it will scan and fix all Hard drives on your system. You will see a new window with the drive being processed, typically C:\ as below:

Changing as the next drive is processed as below:

You will get a success alert at the end.

Re-boot and see if your files are present.

Next,

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

Link 1
Link 2
Ensure that Combofix is saved directly to the Desktop <--- Very important

Before saving Combofix to the Desktop re-name to Gotcha.exe as below:


Disable all security programs as they will have a negative effect on Combofix, instructions available Here if required. Be aware the list may not have all programs listed, if you need more help please ask.

Close any open browsers and any other programs you might have running

Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)

Instructions for running Combofix available Here if required.

If you ... Read more

1 more replies
Relevance 45.92%

Computer listed is not correct, Dell Vostro 1500 laptopSon home from college and brought us a gift. He said his virus software wasn't updating (Since Feb), he was having problem with being redirected to random ad pages when using search engine. Also had false Virus Found warnings popping up directing him to page to purchase software. This has now spread to two other PC's on the network and I'm stuck and looking for help.Here's what I've done and where things stand as of now. After last reboot I can no longer access the internet from the PC. Connects to wireless but can't aquire network address. Tried repair but that failed too.Initially couldn't update existing anti-virus or load anything new. Was able to get to Microsoft web page and run their on-line tool. It found several items and cleaned the system. No log file or ability to cut and paste that window so no history. After that still having redirect issue but false Virus Found seemed to be gone. Updated SuperAntiSpyware and ran. More items found and quarantined. Still having redirect issue. Loaded and ran Malwarebytes, more items found and removed. After reboot can't access internet so not sure where I'm at now.Also at suggestions of wife's PC friend at work I checked the following file and removed what were described as extra entries.c:\windows\system32\drivers\etc\hosts127.0.0.1 local host (no edit, left)::1 local host (removed)91.212.127.226 osguard-pro.com.microsoft.com (removed)91.212.127.226 osguard-pr... Read more

Answer:DNS Redirect & False Virus Detection (maybe)

Try using Combo Fix found here: http://www.bleepingcomputer.com/com...And WinSock Fix found here to fix your internet connection: http://majorgeeks.com/WinSock_XP_Fi...(Which is what saved me when I too was DNS Hijacked last year).Let me know if it helps!

8 more replies
Relevance 45.92%

my system automatically create a folder name system volume information, desktop.ini, $recyle.bin and program data. i could not delete it using shift+delete keys because it keeps on returning back. Also my printer often jams then when i print a document in microsoft word with a page border it has a clearance of 0.5 inches the border wont fit in the page..pls help.. thanks

Answer:virus removal, detection, control

These are the hidden files, used to customize settings of folders which you create in windows.. You can delete them. According to the permission and security set on that folder and these files will appear again. For jammed papers you have to adjust printer's settings(look for the same in its manual)Solving Technical queries is my passion and I just Love it !!

6 more replies
Relevance 45.92%

I'm not sure I'm going to ask this question correctly. I have a IBM Laptop that I was just given to me. It might have a bad HD because it clicks and will not load OP system, however someone stated that a virus might cause the same problem. It there a way to use a start up floppy to check for a virus

Smitty
 

Answer:Solved: Virus? Detection Question

Turns out it was the Hard Drive
 

1 more replies
Relevance 45.92%

I am trying to fix my teenage sister in-laws computer. I have tried to run Ad-Aware, Malwarebytes (but it hangs on installation) and nothing cleans it.

Here are the requested log files.


DDS


DDS (Ver_09-07-30.01) - NTFSx86
Run by Lindsey M at 11:28:30.81 on Tue 09/08/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1406.686 [GMT -4:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmo... Read more

Answer:Personal Virus Detection? PVD.exe and demoscan4free.com

Download this tool to desktop:http://www2.gmer.net/mbr/mbr.exeDouble click it & post the log it creates on desktop. (mbr.log)

2 more replies
Relevance 45.92%

My anti-virus caught a bunch of viruses and quarantined but the internet is running really slow now. I've updated all software on the pc and it's still really slow. Sometimes not working at all.

Here is a copy of the virus log:

Verizon Internet Security Suite Anti-Virus
3/22/2009 7:27:14 PM
File Name Virus Action Date
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\XKX3VGQC\alla[1].htm Trojan-Downloader.JS.LuckySploit.e Quarantined 3/9/2009 10:29:04 PM
C:\Documents and Settings\Owner\Local Settings\Temp\jopaxx_1237399261.exe Net-Worm.Win32.Koobface.fd Quarantined 3/18/2009 2:01:25 PM
C:\Documents and Settings\Owner\Local Settings\Temp\jopaxx_1237399264.exe Trojan-Downloader.Win32.Zlob.bcgj Quarantined 3/18/2009 2:01:26 PM
C:\WINDOWS\tt_1237399266.exe Trojan-Dropper.Win32.Agent.ajnc Quarantined 3/18/2009 2:01:26 PM
C:\WINDOWS\tt_1237399268.exe Trojan-Dropper.Win32.Agent.ajcj Quarantined 3/18/2009 2:01:26 PM
C:\WINDOWS\tt_1237464188.exe Trojan-Dropper.Win32.Agent.ajnc Quarantined 3/19/2009 8:03:14 AM
C:\WINDOWS\tt_1237464190.exe Trojan-Dropper.Win32.Agent.ajcj Quarantined 3/19/2009 8:03:15 AM
C:\WINDOWS\ld02.exe Backdoor.Win32.Lithium.dw Quarantined 3/20/2009 8:07:11 AM
C:\WINDOWS\pp03.exe Trojan.Win32.Small.bvv Quarantined 3/20/2009 8:07:48 AM
C:\System Volume Information\_restore{68BEAC7D-A23E-4C77-8990-D95D2F47A75F}\RP144\A0034248.exe Backdoor.Win32.Lithium.dw Quarantined 3/20/2009 2:46:25 PM
C:\System Volume Inform... Read more

Answer:slow internet after virus detection

bump
 

2 more replies
Relevance 45.92%

My wife recently opened a virus/trojan (internetsecurity2010) which caused havoc on the computer. having used malware pro to defeat the problem, reinstalled and checked the computer and also installed Norton360 I am still unable to connect to the internet. We are using a thompson wireless router Vista business and have been instructed to reinstall via ethernet cable. However, the computer will not detect the device. I have tried various cables and the light on the ethernet port is not illuminating. After many frustrating hours this is a pleae for help from someone who knows more than me

Answer:Ethernet detection after virus/trojan

Have you looked in Device Manager for any yellow triangles? What OS do you have?

5 more replies
Relevance 45.92%

What are the physical signs of virus on computer and how can one detect it,apart from slowing movement of the system? greetings to you all

Answer:VIRUS SIGNS AND DETECTION ON COMPUTER

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. 1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.2. The fixes are specific to your problem and should only be used for this issue on this machine.3. If you don't know or understand something, please don't hesitate to ask.4. Please DO NOT run any other tools or scans while I am helping you.5. It is important that you reply to this thread. Do not start a new topic.6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.7. Absence of symptoms does not mean that everything is clear.If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line. *************************************************************************There are a great number of symptoms when your computer is infected. First of all, certain infections will only slow your... Read more

1 more replies
Relevance 45.92%

Malware Detection TechniquesSignature Based or Pattern Matching or String or Mask or Fingerprinting TechniqueA signature is an algorithm or hash (a number derived from a string of text) that uniquely identifies a specific virus. Depending on the type of scanner being used, it may be a static hash which, in its simplest form, is a calculated numerical value of a snippet of code unique to the virus. Or, less commonly, the algorithm may be behavior-based. A single signature may be consistent among a large number of viruses. A virus signature is the viral code. To identify viruses and other malware, antivirus software compares the contents of a file to a dictionary of virus signatures.Heuristic Analysis or Pro-Active DefenseRest of content can be seen here: http://forum.kaspersky.com/index.php?showtopic=234997&view=findpost&p=1845013Topic edited to conform to fair use laws and avoid copyright infringement. ~ Animal

Answer:Malware/Virus Detection Techniques

There are other malware checks which are not discussed in public to safeguard the program from malware writers who would use that information for nefarious purposes.

1 more replies
Relevance 45.92%

message deleted
 

Answer:Spysweeper Tamper Detection - A virus?

No those detections are nothing out of the ordinary. They are similar to what you would see if you started checking a software firewall log.

Please do not post any logs inline like that. It makes threads harder to read and takes longer to load the thread. If you suspect you have malware problems, please complete the instructions in the READ & RUN ME.
 

3 more replies
Relevance 45.92%

Hi.
I am unable to access any virus detection encyclopedea sites.
I had some already in my fav list. but from there or any were when I try to access them i get the "the page can not be displayed" msg.
This seems to only happen at sites that give info on removing viruses.
Does anyone know how to fix this. or perhaps what to look 4 in regestry to remove?
With so many many more viruses this year it'd be very helpful to have this info.

p.s. I know this forum said Spy and hijack. But I didnt c any were else to post.
and this is a type of hijack, I would think.
 

Answer:virus detection sites blocked!

First off, download HijackThis. http://http://majorgeeks.com/download.php?det=3155
Download Hijack this to its own folder. When I downloaded it, I saved onto my C drive. When it is download, open it up and then click SCAN. When it is done scanning DO NOT fix anything yet. Click save log, and then copy and paste the log on the message board so that your log can be analyzed and you can be informed on what to fix. Good luck


-CaNoFzOo
 

3 more replies
Relevance 45.92%

I have a win 3.1 with DOS6.0 that is used to run old programs,in dos. It is working but not as it used to.If i copy a 3.5 inch disk from it, and try to read in more modern computer, i am told that a virus is present in boot up.Can i still get any virus software for the old system because the old programs are needed.

Answer:Windows 3.1 Virus detection needed

click hereI have no idea how good it is.

1 more replies
Relevance 45.92%

Referred from here: http://www.bleepingcomputer.com/forums/t/299284/removal-of-huhugafedll/ ~ OBHello,I have been posting for the past few days about the huhugafe.dll virus on my friend's computer. SAS reported the presence of Vundo variant and cleaned it, but the huhugafe.dll virus was still present on the computer. I am attaching the logs and asking for any advice on how to clean this computer.Thanks,AaronHere is DDS.txtDDS (Ver_09-12-01.01) - NTFSx86 Run by Owner at 19:03:54.26 on Mon 03/08/2010Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_18Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.1075 [GMT -5:00]============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\AVG\AVG9\avgcsrvx.exesvchost.exeC:\WINDOWS\Explorer.EXEsvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\windows\system\hpsysdrv.exeC:\WINDOWS\system32\ps2.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\QuickTime\qttask.exeC:\WINDOWS\system32\ctfmon.exesvchost.exeC:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\svchost.exe -k hpdevmgmtC:\Program Files\AVG\AVG9\avgnsx.exeC:\Program F... Read more

Answer:Logs for detection of possible rootkit virus

Hi Aaron,Please visit this webpage for download links, and instructions for running ComboFix tool:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPlease ensure you read this guide carefully first.Please continue as follows:Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, linkRemember to re-enable them afterwards.Click Yes to allow ComboFix to continue scanning for malware.When the tool is finished, it will produce a report for you. Please include the following reports for further review, and so we may continue cleansing the system:C:\ComboFix.txtNew dds log.A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

17 more replies
Relevance 45.92%

Sana plans stand-alone antivirus product News Story by Robert McMillanSEPTEMBER 20, 2005Most antivirus products identify malicious software by comparing the software being run to pieces of known worm and virus code, called signatures. Primary Response, however, determines whether software is malicious based on a mathematical analysis of what it's trying to do.This means that, unlike other products, Primary Response can protect users even from unreported viruses,...computerworld.com/securitytopics

More replies
Relevance 45.92%

Hello

My PC has been running much slower than normal lately and I think I know why. I have Avira Antivir and it keeps detecting a certain virus called TR/Crypt.ZPACK.200907. I keep hitting remove but the infection keeps coming back. Please help!

My specs: Windows 8 64 bit

I went to run DDS, but it said that I could not run it in compatibility mode. Therefore I used Farbar Recovery Scan Tool because I saw someone else had the same problem in another thread. TSF advised them to use this tool.

Please let me know if I should post anything else. THanks!

More replies
Relevance 45.92%

Windows XP Home edition. Got the Fake "Windows" threat detection bug. Rkill then Malwarebytes then Combofix finally got it. Can't access files on only one drive. All other drives have their content accessible. This one drive shows to have contents when clicking on properties but will not open when clicking on a specific folder in the drive. Just blank. But again will show the folder/file to have something under properties. Any help is appreciated. Thanks.

Answer:Fake Windows Virus Detection

O.K. I found if I go to TOOLS>Folder Options - View - "show hidden files and folders" I can see them but they are like ghost files that I can open. They are not normal in appearance. So there is still something awry. I will keep hacking at it. If someone else has anything to offer...Thanks again.

2 more replies
Relevance 45.92%

Urgent

Recently I faced a virus problem, It costs me too much

Reformat my HD, Windows XP sp3 installing, Avira anti virus setup.

I have backup for main programs, a few of these programs are activated by using KeyGen, such as ShareMax and SpiderShare for Sat receiver and Sat sharing and Magnitude for ANSYS graphic simulator.
Avira antivirus gives me alarm that it contains Trojan Virus
Please see attached photos.





Program suppliers said to me it is not virus, and by pass the setup.
Please your advice is required

Sorry for my poor English.
Your reply will be too much appreciated.

Best regards

Answer:Ignore alarm of virus detection!

Please read this!

http://www.techsupportforum.com/f50/...re-248501.html

This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Before posting for help, uninstall any such applications.

Referring to the Forum Rules which you should have read at the time of Registering at this forum, TSF does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if cracked (illegal) software is present on the machine


==========================

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting pro... Read more

1 more replies
Relevance 45.92%

Is it possible to know when a virus entered your system, are there any anti-malware programs that will tell you when it got there?

I'm going to use a continous backup software (like Genie Timeline, Acronis True Image, etc) so that if I get a virus, I can restore the system to before it happened (I would use system restore, but I've had that fail on me sometimes)

But, suppose I set it to make backups of my system once a day, then a month later I my virus definitions have been updated and it can now detect a virus that entered my system 2 weeks ago. Then, I could set my computer back to the point before it happened. This would mean that I'd lose anything else that had been installed on my computer since then, and would need to be reinstalled, but I suppose that's the best I can do.

Though, it would help if there was a program which could also reinstall everything except the virus that was installed since then.

Answer:Question about virus detection (I don't need removal help)

No program I know that can do that if u get a virus use a normal antivirus to remove the infected file then restore to a point before the virus was detected, hope this helps

4 more replies
Relevance 45.51%

I have an emachines e520 laptop and am trying to go from Ubuntu to XP, however every time i try doing the install, it blue screens and gives me the "STOP: 0x0000007B (0xF7AF4524,0xC0000034,0x00000000,0x00000000)" error.

I have downloaded the drivers and included them into the XP install disk. i made an iso file from the boot disk and then added the drivers to the ISO and then burned it back to a disk. And still no luck. I do press F6 but it still goes to expect it from a floppy drive, which the laptop does not have.

the HDD in the system is a sata drive and Sata mode is set to AHCI in the setup utility of the comptuer.

Help!
 

Answer:HDD detection error

Try setting the mode from AHCI to IDE in the BIOS, then boot from the Windows CD.
 

2 more replies
Relevance 45.51%

I think I have a virus that is corrupting my Norton files. I'm getting hundreds of pop-ups indicating that Symantec is scanning 1 email each (emails that are not mine), and it's fills the entire screen with about 30 of these little windows. My bottom bar is filled all the way across with envelope icons indicating hundreds of these bogus emails are being scanned. Eventually, I can get them all to close and my system works fine for a few hours, but then they start popoing up again. Help!

AndrewL
 

Answer:Symantec virus problem

I don't know what is causing the problem, but please do the following. This will help us determine whether or not malware is causing the problem.

Go and read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, ComboFix, and AVG Antispyware logs as attachments into this thread, only after doing the above. Also post here the results of the AVG Antirootkit scan.

Regards

This thread is for the use of AndrewL only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
 

1 more replies
Relevance 45.51%

Hi all, been coming here for years, never created an account as the tools hosted on this site have always solved my issues.Until now.Symantec Endpoint is picking up a virus (Trojan.Gen.2) on one of my clients computers.I have run a full Symantec Endpoint (SEP) scan, malwarebytes, combofix, and Symantec Power Eraser, all of which have not worked o.OI have attached my HijackThis and FRST logs.Thanks in advance for the help

Answer:Symantec detecting virus

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/463161 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

3 more replies
Relevance 45.51%

Im using WIN xp with avast anti-virus and ad-aware.i have just ran security.symantec.com and the following is the result:E:\WINDOWS\kjhp5681.exe is infected with Adware.SAHAgent E:\WINDOWS\system32\fched32.exe is infected with Adware.Envolo E:\WINDOWS\system32\g1sgmi8k.exe is infected with Adware.SAHAgent E:\WINDOWS\Downloaded Program Files\MediaAccX.dll is infected with Adware.WinAd E:\Program Files\Common Files\mifo\mifop.exe is infected with Adware.TargetSaver E:\Documents and Settings\Svotwa's\Local Settings\Temp\dealhelper.exe is infected with Adware.DealHelper E:\Documents and Settings\Svotwa's\Local Settings\Temp\GLF47GLF47.EXE is infected with Adware.TargetSaver E:\Documents and Settings\Svotwa's\Local Settings\Temp\iinstall.exe is infected with Packed.Adware E:\Documents and Settings\Svotwa's\Local Settings\Temp\targetsaver.exe is infected with Adware.TargetSaver E:\Documents and Settings\Svotwa's\Local Settings\Temp\tsinstall_4_0_3_8_b17.exe is infected with Adware.TargetSaver E:\Documents and Settings\Svotwa's\Local Settings\Temp\ICD1.tmp\MediaAccX.dll is infected with Adware.WinAd When i run Avast,the above viruses are not picked, so how can i sort this problem.many thanks for anticipated help

Answer:security.symantec .com - VIRUS HELP

All the things the symantec scan has reported have been classified as adware, as such they aren't viruses and that's why avast hasn't reported them, I'd suggest you add the following programs click here Microsoft AntiSpyware and click here Spywareblaster, the first will clean adware off and the second helps stop it getting onto your PC in the first place

1 more replies
Relevance 45.51%

Hi all,

my pc infected by SDBot, I have symantec install earlier but it seem not able to detect, so download and install AVG scan and virus remove, I then download Trend Micro and run the scan, virus detect again...
My Problem is how many time do I need to scan until my pc is virus free?
since avg detect and remove why when I scan using Trend Micro it detect again, why can't SDBot been remove since those definition include its soluation?

How do I know if my symantec anti virus program is infected?

Regards/Agoo
 

More replies
Relevance 45.51%

I'm sorry if this is in the wrong forum, I'm sorta lost.

I got a strange problem that has been bugging me for the last two days. A rogue folder on my PC's C Drive now occupies
17 GB of space; every attempt to free up more space ends up in that space getting mysteriously filled up.

Location of the file:

C:\Documents and Settings\All Users\Application Data\Symantec\SubEng

Symantec Norton Antivirus 2007 is installed on my PC.

1) I have cleared browser caches, cookies, temp internet files.
2) Ad-aware and Norton 2007 show no viruses/adware etc.
3) Windows XP Pro, SP2, 2 GB RAM
4) No recent history of the PC being infected by a virus.
5) Other drives (F Drive, G Drive) remain unaffected by this problem.
6) Images links below.

I could think of two easy solutions, either delete the file (and risk losing my Norton 2007) or creating a new drive and placing that file there.

I'm sure there's a more reasonable solution.

Image 1 or http://img155.imageshack.us/img155/8018/img1dy5.jpg

http://img141.imageshack.us/img141/6382/untitledjt8.jpg
or
Image 2

Answer:Symantec Virus/Bug/Problem?

Well, to be frank Norton is junk and is no means a guarantee that you do not have a virus. In fact 95% of the computers I see with major virus infections are running Norton.

I would suggest several things but I don't guarantee any of them will necessarily be your best course of action, this is just what I would do.

1) Get some online scans from Trendmicro, Symantec , Kaspersky et al

2) Uninstall Norton and delete program directory. (if you dont have a product key this could mean you loose norton(no big loss))

3) Purchase some decent antivirus software, update it and run full scans.

4) download and install ccleaner (makes cleaning up your computer much easier)

1 more replies
Relevance 45.51%

My son is home from college and this is his laptop running Vista home premium. Has himself a nasty virus. After he starts his computer, which is taking forever, Symantec Endpoint Protection opens and starts continually finding a virus which name starts with Blood. Joe, my kid, took Symantec off his machine in May and went to McAfee, so the fact this is called Symantec is odd. We tried to uninstall Symantec and it would not allow it. I have to post this from my home machine because his won't let me post a message on this site. The files you want are below and attached. Thanks again for your help.
Coug


DDS (Ver_09-05-14.01) - NTFSx86
Run by Joe at 22:03:30.29 on Mon 06/22/2009
Internet Explorer: 7.0.6000.16851
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.1013.227 [GMT -7:00]

SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Symantec\Symantec Endpoint Protec... Read more

Answer:Symantec Endpoint Virus?

bump and help! : )

19 more replies
Relevance 45.51%

Hi GuysUnfortnately I picked up the UPS virus having been away for th Cristmas break and although I thought I had fixd it I am now getting mesages fro Symantec saying its trying to email out - Obviously a worm hidden somewhere butI am uncertain how to proceed with finding the little bugger.Hopefully someone can give me some advice.My log is attachedDDS (Ver_09-12-01.01) - NTFSx86 Run by gavin at 5:57:55.21 on Fri 29/01/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.2047.933 [GMT 8:00]AV: Symantec Endpoint Protection *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}FW: Symantec Endpoint Protection *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exesvchost.exesvchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\agrsmsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files�... Read more

Answer:Symantec Popup - UPS virus?

Seems like ive been forgotten!!!!===========Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has ... Read more

3 more replies
Relevance 45.51%

I checked Combofix.exe with Norton Internet Security 2009 and this is the summary of the scan. NIS 2009 has found 2 viruses on Combofix.exeI did not delete.Statistiche scansione:Durata scansione: 9 secondiOpzioni di scansione: Destinazioni scansione: D:\ZipFiles\AntiSpyware\Combo Fix\ComboFix.exe Totali:Totale elementi sottoposti a scansione: 120- File e directory: 120- Voci del Registro di sistema: 0- Processi ed elementi di avvio: 0- Elementi di rete e browser: 0- Altro: 0- File attendibili: 0- File ignorati: 0Totale rischi per la sicurezza rilevati: 2Totale elementi risolti: 0Totale elementi che richiedono attenzione: 2Minacce risolte:Minacce non risolte:Rischi nel file compresso "ComboFix.exe"Tipo: CompressoRischio: Alto (Alto Stealth, Alto Rimozione, Alto Prestazioni, Alto Privacy)Categorie: Virus euristicoStato: Non eseguitoFile 2d:\zipfiles\antispyware\combo fix\combofix.exe - Nessuna azione intrapresaEnglish version:Crawl stats: Scan duration: 9 seconds Scan Options: Scan destinations: D: \ ZipFiles \ AntiSpyware \ Combo Fix \ ComboFix.exe Totals: Total elements crawled: 120 - Files and Directories: 120 - Items in the registry: 0 - Processes and startup items: 0 - Elements of the network and browser: 0 - Others: 0 - File reliable: 0 - File skipped: 0 Total security risks detected: 2 Total items resolved: 0 Total items that require attention: 2 Resolved Threats: Threats are not resolved: Risks in t... Read more

Answer:Combofix Virus for Symantec

Norton's is picking ComboFix up as a false positive. The are several anti-virus products that pick ComboFix due to it make-up and characteristics.

3 more replies
Relevance 45.51%

I have a dell desktop. My friend had a chance to buy a dell desktop and flat screen from her workplace for 50.00. Heck of a deal. It has been running slow here lately so I went over and did a good cleaning of the files, and everything. It has a old Symantec anti-virus on it. Problem I am having is when I try to uninstall it, it is asking for a password that was put on there in 2006 and who knows what this password is. How in the world am I going to get this off? I installed security essentials for the anti-virus already. I really would like to get this symantec off. Thanks for any info.
 

Answer:Symantec anti-virus

Hello,
If this was an admin password, AppRemover can sometimes remove the application without knowing it.





Can I use AppRemover to uninstall an application even if I have forgotten the access password?

Some applications, like Symantec can require an admin password to make changes. AppRemover can get around this even if you have lost the password. Check out our video page, which shows exactly this use case.Click to expand...


 

2 more replies
Relevance 45.51%

I have a Win XP dual boot sys(both XP) with uptodate nortan. I accidently installed some virus whick crashed the nortan. Error massage says nortan's not a valid sys 32 application. So I uninstalled the antivirus thinking 2 install it again & fix the problem. Which I did with the help of the nortan software removel tool. Then I found out that my DVD R/W is not working it recognizes cd & dvds, once open nothing can be seen says its a raw 0 bits. when I boot with the other winXP version cd rom works so I intalled nortan there ran a compleate virus check it did find a virus in sys 32 drivers folder & resolved it but still problem persists(dvd rom is not working in primary XP). uninstalling, updating, coping driver fils all didn't work. Thank u 4 reading. Can u please help?
I replaced the DVd rom with a spare cd rom I had but same proplem so I think its in driver files but how 2 find it. Nortan antivirus or nortan internet sec bothuptodate can't recognize it. I don't want 2 install windows again r there any other options. can't run SFC without reading winXP cd.
 

More replies