Computer Support Forum

Cannot access internet after malware removal using GridinSoft Anti Malware

Question: Cannot access internet after malware removal using GridinSoft Anti Malware

Please help me,
I cannot access any internet (wifi & ethernet) after malware removal using GridinSoft Anti Malware. I already updated network drivers, but it's still not working.

More replies
Relevance 100%
Preferred Solution: Cannot access internet after malware removal using GridinSoft Anti Malware

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Relevance 86.71%

I have an ASUS notebook computer running Windows 8.1.  I've been having a lot of trouble with malware (tons of pop-ups interfering with internet/browser use), including something called cwu.thunderyswinger.com.  A google search said GridinSoft Anti-malware would take care of the problem.  I installed and ran GridinSoft and it located 51 "bad" files and it recommended deleting some and moving others to quarantine (I don't know what that means).  I told it to go ahead and "fix now" and it went through and did its thing with 25 of the files, then it asked me to pay to register for their service before it would finish "fixing".  I tried to pay, but I got an error message that said "There is no internet connection"   Now, I can't connect to the internet, even though my computer says my wifi is connected.  I get the same message whether I'm using Google Chrome (my main browser) or Explorer.  Obviously, I'm sending this note from another computer. Please help!  I need to get the malware off my computer (suggestions of which anti-malware I should use would be greatly appreciated).  But, first, I need to be able to connect to the internet!  Thanks for any help you can give.

More replies
Relevance 79.17%

I just want this crapware deleted,please help
 

Answer:Gridinsoft Anti Malware

I've never heard of this software before, but I will link you to: Malware Removal Assistance

Next time test new programs within a VM/make sure to have a recent and clean system image backup.
 

2 more replies
Relevance 78.3%

I just want this crapware deleted,please help
 

Answer:Removing Gridinsoft Anti Malware

I've never heard of this software before, but I will link you to: Malware Removal Assistance

Next time test new programs within a VM/make sure to have a recent and clean system image backup.
 

4 more replies
Relevance 93.07%

I did a hijackthis scan and here's what I got:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:18:17 PM, on 4/20/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\SYSTEM32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\WINDOWS\System32\DVDRAMSV.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exeC:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exeC:\WINDOWS\System32\00THotkey.exeC:\WINDOWS\system32\TFNF5.exeC:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exeC:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynT... Read more

Answer:Malware Blocking Acess to Spybot, Microsoft Malicious Removal Tool and other anti-malware programs

Hey guys I solved my own problem. I completely reinstalled windows. (It was about that time anyway)

2 more replies
Relevance 90.61%

I downloaded .zip and .exe file. I ran .exe file and then the internet stop working. Webpage said not connected to internet. Both firefox and internet explorer. A toolbar appeared on my desktop. I was able to uninstall toolbar. I believe it was named search module. Malwarebytes doesn't start says missing DNSAPI.dll to run. Ran Rkill to try to use Malwarbytes, says file is corrupted and runs halfway. Mentioned Windv.exe and Deskbar in rkill file. Any help would be much appreciated! Thanks so much!
 
 
 
 
 
Here is the Farbar Scan Report:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by April (administrator) on APRIL-PC (11-11-2015 13:34:57)
Running from E:\
Loaded Profiles: April (Available Profiles: April)Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by April (administrator) on APRIL-PC (11-11-2015 13:34:57)
Running from E:\
Loaded Profiles: April (Available Profiles: April)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Cli... Read more

Answer:Can't access internet or run Malwarebytes Anti-Malware

Hi & to Bleeping Computer Forums!My name is Jürgen and I will be assisting you with your Malware related problems. Before we move on, please read the following points carefully: My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.If I don't reply within 24 hours please PM me!Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.You've posted the contents of FRST.txt twice but the Addition.txt is missing. Can you please also pos... Read more

26 more replies
Relevance 89.79%

Hi. Rather strange problem. Acer Aspire 1 netbook, running Windows XP.

I removed what I thought was a fairly simple bit of malware from a client's pc.

Now I can't seem to access the internet from any installed browsers. The weird part? I CAN still access the internet from any browser installed on a USB drive.

I'm thinking registry issue, possibly due to the malware. Any thoughts?

Thanks in advance.

More replies
Relevance 89.79%

I was trying to install a software. But it contained heavy viruses. My whole laptop had been infected with malware. I ran malwarebytes to remove it but it didnt fix my laptop completely. I then used Norton Power Eraser. It found some more threats and cleared everything but now I am not able to access internet. Neither, google chrome nor internet explorer is working. Please help. It is urgent.

Answer:No internet access after malware removal

I had this problem once, I am quite sure you go into chrome settings>advanced settings>Network/change proxy settings>connections>lan settings and uncheck the box to use a proxy server if its checked. 

3 more replies
Relevance 89.79%

Greetings:

Thanks to all who help out in this place!

I am working on a friend's laptop. She indicated that she had gotten a windows popup window saying that she was infected and had clicked "ok" only to realize that when windows challenged her that she backed out. Afterwards she indicated that she wasn't able to access the internet.

Following your " READ & RUN ME FIRST Malware Removal Guide (incl. spyware, virus, trojan, hijacker) " sticky I've been able to seemingly recover the system (I'm able to get to Users to create an administrative account now, get to "system restore", etc.) though I didn't keep a specific record of each step of the process. Her McAfee has shown back up, but I can't seem to completely diable it to run ComboFix. I've killed all but the mcshield process through the task manager, but don't see any way to close/kill it.

I was unable to remove Wild Tangent from the Add/remove program list. MalwareBytes was unable to update due to no internet connectivity, but it found and removed a number of infections. I've also installed/run SuperAntiSpyware, security360, CCleaner, ComboFix (with the McAfee warning due to its staying on), Defogger.

I went into networking help and they suggested that due to the insidious nature of malware/virus/trojans that possibly I had missed something and that I should come here.

Any suggestions on next steps would be greatly appre... Read more

Answer:No internet access after Malware removal

I just uncovered my first Combofix log, but the system won't allow me to attach it. I'll rename log.txt and try again. Nope, it won't take. If you need it, let me know.
 

7 more replies
Relevance 88.97%
Relevance 88.97%

Windows 10 64-bit

At first I got my Google Chrome hijacked.
After using Malwarebytes to quarantine and remove all the PUPs, I am now unable to connect to the internet via browsers, however my computer itself is connected.
 

Answer:No internet access after malware removal with Malwarebytes

Vincent7up said:


Windows 10 64-bit

At first I got my Google Chrome hijacked.
After using Malwarebytes to quarantine and remove all the PUPs, I am now unable to connect to the internet via browsers, however my computer itself is connected.Click to expand...

MS Fixit should work, if not use the windows repair all-in-one. https://www.raymond.cc/blog/portable-and-offline-microsoft-fix-it-utility
 

0 more replies
Relevance 88.97%

This all started when I was downloading piano music for my daughter. I thought it was strange that it was an .EXE file. I could not find the music anywhere else. When I clicked on it, it disappeared. I knew I was in deep dodo. I was here on May 25 "doing it myself" removing malware on an xp machine and ran into a problem. I made it to run SAS and I lost my internet connection. I talked to SAS support for a few days but we were unable to connect to the internet. We ran a lot of software but nothing helped. When it finally came down to "You need to reformat C:\ in order to get an internet conncetion," SAS support had helped me all they could. I posted on another site 4 days ago. No bumping allowed so I am now on page 10 with no replys. Not even any replys after I went to the waiting room yesterday!
I have a dell 5100 desktop connected to a Belkin router with cable (used 2 different cables and 2 different nics ... also tried wireless adapter w/ no luck). Two other desktops and a notebook connect to the internet with wireless adapters. So far I have run
TFC
CCleaner
mgtools
erdnt
gmer
rootrepeal
combofix
dds.scr
erunt_setup
HijackThis
MBam
MGtools
OTL
winsockxpfix
PCTools on line scanner
SUPERAntiSpyware (lifetime version)
I have probably run a few more that I don't remember or can't find.
Oh yea, I ran Microsoft Security Essentials and removed Trojan:Jave/Selace.L, Trojan:Jave/Selace.K, Exploit:Java/CVE-2008-5353.c and 300 plus ... Read more

Answer:Malware removal stopped internet access on 5/25/10

Please attach the following logs>
SAS
MBAM
RootRepeal
ComboFix
C:\MGLogs.zip
 

10 more replies
Relevance 88.97%

I recently removed the program PursuePoint from my computer with adwcleaner, now my computer wont let me access the internet, it keeps saying "limited access"
Any help would be great, thank you
also: I'm fairly sure I'm on a 32 bit system but I'm not positive
 

Answer:Malware Removal - limited internet access

Hello,
Please follow this topic and attach requested reports:

http://malwaretips.com/threads/preparation-guide-before-requesting-malware-removal-help.20334/
 

24 more replies
Relevance 88.97%

I have also attached the detections that Malwarebytes made and essentially everything I've removed with it.

Thank you for any help in this matter.

Edit1: Removed extra copies of the FRST and Addition files
 

Answer:No internet access after malware removal with Malwarebytes

Hi,

Before we begin, I want you to have this in mind:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like ever... Read more

8 more replies
Relevance 88.97%

There is my first time posting on a forum ..but my girlfriend chatched a small virus on her macbook(using win 8.1) and i thought i can solve the problem with malwarebyte ..i scanned and removed the problems after that i couldnt acces the internet . I unistalled the malwarebyte program thinking will work after ..but still nothing .
Please help . Thanks
 

Answer:No internet access after malware removal with Malwarebytes ! Help

Here is the scan --sorry
 

1 more replies
Relevance 88.56%

Like many I have referred to your site many times over the years to help extract the baddies of the online world mostly for friends computers, I have always been able to get the systems back up and running by either following a main thread or a thread in where a technician walks another user through an issue that is similar. Unfortunately it appears as though I need a bit more specialized help since the items I have tried have not worked and I fear that if I proceed with non specific information I will only make it harder for your team to identify the issue. In a nutshell I am at a standstill and will not be using any more tools until I hear from your team. DDS log and GMER log created and then no additional activity on the system. Here is the history of the system in question:
Specific Issue
A) Wired connection continually says Acquiring network address
When attempting to "Change Windows Firewall settings" in LAN tray icon the following error is displayed "Windows Firewall settings cannot be displayed because the associated service is not running. Do you want to start the Windows Firewall/Internet Connection Sharing (ICS) service? When selecting Yes windows displays "Windows cannot start the Windows Firewall/Internet Connection Sharing (ICS) service."
c) Other items of interest = Opening the task manager does not display the toolbar or tabs, just the running processes.

1) Wired Connection tested on another system to ensure operation
2) The sys... Read more

Answer:Possible Rootkit Zero Access After Malware Removal - Cannot Access Internet

HiPlease physically connect your machine to the internet so the tool can determine what service is failing and run the following:Please download Farbar Service Scanner and run it on the computer with the issue.Press "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.

16 more replies
Relevance 87.74%

Never posted to a forum before, but I seem to have a similar issue. Malwarebytes blocks my web browser from resolving a page unless its cached, like Google or a select few. But if I disable the active "Malicious Website Protection", I am able to pull pages just fine. I assume that Malwarebytes sees an unfriendly connection somewhere in the mix there and blocks it. (Will add my FRST files here? Hope this is the right way to approach the issue, rather than start a new thread?)
 

Answer:Unable to access internet after malware removal using malwarebytes

Hello,
Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable. ​
Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
Press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.
 

1 more replies
Relevance 87.74%

Pretty much unable to access the internet with any web browser or program on this computer.

Thank you for any help
 

Answer:Unable to access internet after malware removal using malwarebytes

Helllo,

My name is Argus and and I will be helping you with your computer problems.

Before we begin, please note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not be able to help you if you do not follow my instructions.


Rules and policies

We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled befor... Read more

6 more replies
Relevance 87.74%

I'm not sure which caused this problem though, Malwarebytes or Bitdefender. But I've checked the thread and it seems that the Malwarebytes is more likely to cause it
 

Answer:No internet access after malware removal with Malwarebytes and Bitdefender

I need Addtion.txt
 

15 more replies
Relevance 87.74%

I am able to access my internet through my web browser but i cannot get any other programs such as online games and AIM to access the internet.
 

Answer:I cannot access the internet after malware infection/malwarebytes removal

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

1 more replies
Relevance 87.74%

My PC was attacked by the 'systemdefender' virus yesterday and I was relieved to get it back again after using Malwarebytes' Anti-Malware. After fresh reboot I did a final quick scan with Malwarebytes and it said there were 0 infected files left but when I tried to access google the IE page presented the 'Internet Explorer cannot display the page' message with another below suggesting that the site I am trying to reach is dangerous and offering a hidden link back to the System-defender website. I could not believe that this virus was still in my system? Anyway I decided to try SUPERantispyware, ran that and it found several more infected files so I removed them.

I now have the regular 'Internet Explorer cannot display the page' message (without any corrupt link) when I try to access the web. My wireless says it is connected with excellent strength. If I run the IE 'diagnose connection problems' tool, I am told that it is probably firewall settings preventing connection, but even with the firewall turned off I still cannot connect.

I am now guessing that something vital was deleted during the clean-up process. Can anyone suggest anything?

More replies
Relevance 87.33%

When I try to run a scan from usind AVG anti-virus, Avira, Windows Defender, or SuperAntiSpyware; when the scan gets to a certain point, Windows shuts computer down with a blue window. It says Kernel_Stack_ Inpage_ Error plus some standard verbage about if you recently installed sortware/hardware,see administrator, etc. At bottom it says: STOP: 0x00000077 (0x00000001, 0x00000000, 0x00000000, 0xF79B1D24). I could sometimes run AVG scan in "select drives/folders" mode but recently it quit allowing that after I upgrade to AVG 9 (free). I uninstalled AVG and went to Avira but with same results. Scanning with Windows defender did the same. I recently installed and ran SuperAntiSpyware and was able to pinpoint problem to " System Volume Information" directory. I am unable to open to see contents as Windows shows no files in it. When I ask Ariva to scan it, Ariva says no files also but if I use AntiSpyware to scan, it shows many files during it's scan but will get to a certain point and computer will shut down. I can almost see file that shuts it down but it happens too fast to catch it. I was able to run "RootRepeal" and log is below. I was not able to run "DDS.scr".

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/30 13:15
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: rootrepe... Read more

Answer:Unknown malware/virus won't let any anti-virus/windows defender/malware removal progran to complete scans

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

23 more replies
Relevance 86.92%

This Windows 8 ASUS laptop was brought to me when the internet stopped working, and of course the first thing I did was check for malware and remove it. I'm very confident that the malware is gone but I haven't been able to access the internet with the laptop yet.
 
Here are some things I've already attempted.
In the Command Prompt (Admin) window, I typed each of these and afterwards restarted computer. No success.
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
Went back to Command Prompt (Admin) and typed in:
netsh int ip reset reset.log
(Result was Global, Interface, Neighbor, and Path all reset but the fifth line reads--)
Resetting , failed.
Access is denied.
Resetting , OK!
Typed:
netsh winsock reset catalog
Restarted computer, still no access.
I uninstalled the antivirus she had that I'd never heard of; no access. I disabled the firewall to see if its settings were causing it; no access. I uninstalled and reinstalled the driver for the wireless card. I still get no access either wirelessly or by Ethernet cable. I went into windows firewall and found that IE and Firefox had no permission, added them and still no access.
I'm willing to retry any and all of these again in pursuit of the problem.

Answer:Windows 8-unable to restore internet access after malware removal

Following the list of what you have done, this may be something of a longshot, but are you actually certain that the WLAN and ethernet drivers you have installed are the drivers for the devices that are actually installed, not the ones the manual says are installed ?  It wouldn't be the first time that different devices have been installed on the production line because of supply problems with the 'correct' ones. Speccy (www.piriform.com) might help you here.
 
As an alternative, if just to see if the computer can connect at all, have you tried it with a USB Wi-fi dongle ?  I have an elderly laptop with a fried wi-fi unit and use a dongle in that whenever I need it to connect to the internet. If it does connect with a dongle it would suggest problems with the network cards themselves.
 
Finally, if this laptop is new enough to be still under warranty, how about dumping it back on the supplier ?
 
Chris Cosgrove

3 more replies
Relevance 86.92%

IS 2014 showed up with its dire warning of errors and infections.  I ran MBAM-Chameleon (although it never finished the process where it killed suspicious processes); then MBAM quick scan which ID'd 3 infected files. Rebooted and ran MBAM full scan which came up clean.  Ran RogueKiller, which ID'd zero.access and pointed to CDROM.sys as obfuscated and suspicious.  Ran the RogueKiller delete process, and now the CD optical drive doesn't register with Windows XP (SP3).  Where should I go from here?
 
Thanks in advance!

Answer:Internet Security 2014 fake anti-malware; as an added bonus zero.access!

Please...follow Steps 6-8 of Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html .  Post the DDS log which is requested, along with your RogueKiller log...as a new topic in the forum which contains the Prep Guide.
 
Thanks .
 
Louis

2 more replies
Relevance 85.28%

Hi, I'm suddenly having a lot of trouble with malware. My computer seemed to be running okay but I ran Malwarebytes as I occasionally do, and it picked up a fair amount of malware on my system. I deleted it and rebooted, but that's when my problems really began. Upon restarting, my internet connection has become almost unusable. It's extremely slow and generally I can't even open a page that I want after trying to refresh several times. Oddly though, google is working perfectly and a few other sites seem to work too, including this one. I've tried running MBAM again and again, each time it picks up more malware and I remove it, then reboot and the cycle renews. I can't seem to get rid of all of it, every time I scan my system there's just more of it. I've tried ComboFix but it doesn't seem to have done anything. One persistent thing seems to be photo_id.exe, I've got a few messages from MBAM saying it can't be removed and I need to reboot. Also, I've noticed that if I'm trying to reach a webpage, although it won't load there seems to be some redirecting, for example I just tried to reach a wikipedia page and it says "The server at topsearchfeed.com is taking too long to respond" For some reason I can't bloody format this properly no matter how hard I try, so here's an attached HJT log:
 

Answer:Malware removal attempt led to unusable internet, still can't remove all malware

problem has become more serious, now my mother has told me that the internet on her laptop is also extremely slow and essentially unusable, I'm worried that something from my computer has got on to hers via the wireless network we're both connected to. Somebody please help me
 

2 more replies
Relevance 85.28%

Hello,

A friend of a friends mom heard that I was a computer guy so her laptop got handed off to me to fix. I received no information as to what the problem was or when it started giving them trouble, they just said its slow and they cant get online. I removed quite a bit of malware and a rootkit and I thought my troubles were over. I was able to get online with IE8 (Not Chrome or Firefox though) that day and do a Windows update, but I havent been able to get back online since. I've re-ran SAS, ComboFix and TDSS and none of them come up with anything. I've checked to see if its using a proxy but I didn't see any.

Windows Vista
Has valid IP address (wired and wireless)
Able to ping sites like google.com and get a response
Same results when booting into safemode with networking

Any help would be appreciated.

Thanks,
Adam
 

Answer:Vista machine unable to access Internet / Windows update after Malware removal

Greetings, adamjs, and welcome to MajorGeeks.

Even though you've run some scans, I strongly suggest you go through the Malware Forum's Read & Run Me First thread, perform all of the suggested steps, and attach the requested logs to a new thread in that forum.

Once the gurus there give you the all clear, then we'll tackle any remaining problems and try to get you sorted.

Good luck!
 

1 more replies
Relevance 81.59%

Hi, I need help pls... Recently I browse the internet and this Anti Malware has installed in my computer. I want to remove it but I couldn't find the file. Any idea about this?

Regards,
Kim
 

More replies
Relevance 80.77%

Okay, I'm totally new to the site so forgive me if I get it wrong..

At the moment I'm using my laptop as I can't connect to internet on PC, or for that matter I can barely do anything with my PC...

Anti Malware Doctor I think is the problem, I'm not a whizz at computers at all so I have no idea what to do....

If I try and connect to internet to download AVG etc, a message will pop up saying something like "Critical Error save your work and you will be logged if in 1 minute"

So currently I have my wirelss adapter unplugged so I could route through the programme files to see anything?

I've got task manager open and have to delete the processes whenever Malware Doctor pops open on the desktop.

So yeah I can't connect to internet and download any sort of programme to remove it and I have no idea on how to get rid of it..

I tried windows defender, that was just- pointless and it was totally oblivious to the whole thing.

Any help on how to remove the problems greatly appreciated as I am desperate as I have so much work on there which I need greatly.

More replies
Relevance 79.95%

[topic=253487.html"]Malware byte's Anti Malware software, Malware byte's Anti Malware Not working[/topic]My google requests are being redirected to other sites. As a first step to correcting this, I started to run Malware byte's Anti Malware software. After I updated it, I started the scan when all of a sudden it stopped working. When I tried to reconnect, I got a message"Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item"I re-installed the software, updated it, and tried to run it again, and got the same message.Since then, SuperAntispyware, RootRepeal and now DDS will not work. They download okay, but then terminate during the scan, hence I don't have logs I can insert.I've backed up all my data onto an external hard drive.I'm at my wits end, but I'm happy with any assistance I can give you. Hopefully the topic link works.Here is my Win32kDiag.exe log. The next post will by my Rootrepeal drivers log.Log file is located at: C:Documents and SettingsPhilDesktopWin32kDiag.txtWARNING: Could not get backup privileges!Searching 'C:WINDOWS'...Found mount point : C:WINDOWSaddinsaddinsMount point destination : Device__max++>^Found mount point : C:WINDOWSassemblyNativeImages_v2.0.50727_32TempZAP247.tmpZAP247.tmpMount point destination : Device__max++>^Found mount point : C:WINDOWSassemblyNativeImages_v2.0.50727_32TempZAP453.tmpZAP453.tmpMount point destination : Device__... Read more

Answer:> Malware byte's Anti Malware software, Malware byte's Anti Malware Not working

Hello smartjock99,You got a Rootkit on this computer. We will need to take this cleanup in phases. You are not clean until I tell you so - even if it appears that everything is running fine!Let's begin....==========Step 1Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here. "%userprofile%\desktop\win32kdiag.exe" -f -r==========Step 2Please do this: Click on the Start button, then click on Run... In the empty "Open:" box provided, type cmd and press EnterThis will launch a Command Prompt window (looks like DOS). Copy the entire blue text below to the clipboard by highlighting all of it and pressing Ctrl+C (or after highlighting, right-click and select Copy).

copy C:\WINDOWS\ServicePackFiles\i386\eventlog.dll C:\ /y
In the Command Prompt window, paste the copied text by right-clicking and selecting Paste. Press Enter.When successfully, you should get this message within the Command Prompt: "1 file(s) copied"
NOTE[: If you didn't get this message, stop and tell me first. Executing The Avenger script (step #3) won't work if the file copy was not successful. Exit the Command Prompt window.==========Step 3 Warning to others reading this thread!: The Avenger i... Read more

44 more replies
Relevance 79.95%

Hello,
 
My computer is definitely infected, both malware (Malware Bytes) and anti-virus (Avast) programs find tons of infected files, but neither program runs to completion (tried both in regular and safe mode, also tried the Avast boot scan). Also, when I tried enabling the Windows firewall, it told me that due to an unspecified problem Firewall settings could not be displayed.
 
Here is the DDS log:
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 7.0.6000.17080
Run by Danica at 11:11:07 on 2014-01-03
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1014.482 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Danica\Application Data\T-Mobile Internet Manager\ouc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Ap... Read more

Answer:Anti-virus, malware removal do not run to completion

I tried to install a third-party firewall, but after I did that, I would get a blue screen and the computer would not start up. I took it to a repair shop for them to try to figure it out.
 
Thanks.

2 more replies
Relevance 79.95%

Hello
yesterday i found out i cannot start AVG. I click it and nothing happens. When i click spybot it ask permission to run but then nothing happens.

I ran the guide on this forum (""Windows XP Malware Removal/Cleaning Procedure"".
Followed the procedure and downloaded Roguekiller, Mam, tdsskiller, hitman pro and mgtools. The results after installing the programms:
* Roguekiller: could not start the program (clicked it, asks permission, nothing happens)
* MAM:could not start the program (clicked it, asks permission, nothing happens)
* tdsskiller: could not start the program (clicked it, asks permission, nothing happens)
* hitman: The programm ran, found a bunch of malware. Did not remove it (as mentioned in the guide). Attached the log
* mgtools: It starst running in dos and then i get over and over a request to give permission in windows. I click yes and get the same request again. Over and over, but the programm does not run.

Attached are the log of hitman.

Please help me, don''t know what to do.

thnx
Ron
 

Answer:cannot run anti-virus and malware removal software

You have been infected with a file encryption program (CryptoWall). See the below:

http://www.enigmasoftware.com/cryptowallransomware-removal/

http://www.bleepingcomputer.com/forums/t/532879/cryptowall-new-variant-of-cryptodefense/page-4

http://www.malwarekillers.com/recover-files-encrypted-cryptowall-cryptodefense/

You will have to reinstall your OS. Many/most or all of your files may now be encrypted and may be unrecoverable. There is a chance that some could be recovered from System Restore or from Shadow Copy but normally it is only a small number compared to what is on your PC. If you are doing your part in securing your PC and personal files, you will have backups that you can restore from after reinstalling. If you have not been doing backs then you can now see why it is important to do backups.

Will Hitman Pro let you fix all it finds under the heading 'Malware' and 'Potential Unwanted Programs'?
 

3 more replies
Relevance 79.95%

Malwarebytes' Anti-Malware does not seem to work on my windows 7, so I thought I would delete the folder it left behind...

I managed to delete most the files, but there is one left over mbamext.dll it seems to be running ( as windows 7 is telling me ) but its not in the processes and I cant even remove it using any 'hard to remove file deleters' I cant use killprocess in cmd as its not listed in the processes

( to be honest I have not tried safe mode, but I would prefer to do it from my main windows if possible.. as getting to safe mode on my pc requires me to mess with the boot options and I dont like doing that )

has anyone got any other ideas on how to remove it..

thanks

Answer:Malwarebytes' Anti-Malware mbamext.dll removal

First, I want to challenge your original statement. Better than removing MB, maybe we can fix it? How does it not work?

If you are really intent on removing it, though, we can try a few things. First, download MB again, and install it. Then run the uninstaller it provides.
Hopefully that will work.

3 more replies
Relevance 79.13%

Hello all,

In a nutshell, my computer is running hella slow and I cannot access one of my hard drives. I just recently ran a virus scan with AVG 7.5 and am using Comodo Firewall and even though it says everything is fine, its not.

Where it started
- About two months ago, I opened the music folder on my hard drive (Z:) and noticed my files from D-Z were nowhere to be found. The weird part was when I opened iTunes, I was able to play all of those files no problem and when I right click on a song and picked 'Get Info', the 'Where' path referenced the Z drive and music folder like it was there no problems. Later that month, I go to My Computer to see if the files are there. For one, it took my computer about 5 minutes to bring up all of the icons. When it finally displayed all of my drives, I noticed Z drive didn't show any remaining space. I try to open the Z drive and Windows gives me an error message saying the disc is not formatted; would I like to format now? I closed the box and immediately ran scans with AVG, Comodo, and Kapersky online scan. They cleared a lot of malware yet when I click My Computer it still is very slow to display all of my drives and of course, I can't access the Z drive.

Just before posting this, I just went through and checked all of my running programs and found these:

ctfmon.exe
llsass.exe
services.exe
spoolsv.exe
wdfmgr.exe
winlogon.exe
wuauclt.exe

I don't know what more to do. I don't want to start over an... Read more

Answer:Post Anti-virus/malware Removal - Worse Than Before!

Those are all normal as written . Is this an XP machine?

13 more replies
Relevance 79.13%

Good morning! First time poster here!
I am trying to remove the "Windows Anti-Malware Patch" malware from a laptop.
There is no proxy set up in IE, but it still keeps me from using the internet, or downloading files.
So I went back to my desktop and downloaded malwarebytes onto a usb key BUT
the home page and download pages of bleepingcomputer.com are misbehaving for me both in IE and Firefox (on the non-infected computer), and I can't get rkill to download.
Until I do that, I am pretty much stuck.
HELP?

Thank you!
S.T.

Answer:Windows Anti-Malware Patch Removal problems

Boot into safemode with networking,download and run these toolsorCopy all these tools to the infected PCDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) Do not change the default options on scan resultsDownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your reply

13 more replies
Relevance 79.13%

My computer experienced Police Pro and/or Antivirus 2010 which disabled AVG 8.5 along with Malwarebytes, Norman Malware remover, spy doctor and Hijack This ... I have manually removed all registry items and files that I could locate and the computer does not show any sign of the virus while in safe mode, however it still will not run AVG scans or any other malware removal tools, so my assumption is that there is something still running that I am not seeing.

I tried to run RootRepeal, but it crashes if I request Files to be scanned. I then ran Win32kDiag and it appears to have run below is the log. Any help in getting AVG and a Malware removal tool running would be greatly appreciated!!!!!
Running from: C:\Documents and Settings\Owner\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Owner\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINNT'...

Found mount point : C:\WINNT\$hf_mig$\KB925454\KB925454

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\$hf_mig$\KB944533\KB944533

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\$hf_mig$\KB956390\KB956390

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\&... Read more

Answer:Anti-virus and malware removal tools disabled

Hello vjc,Please refrain from making any changes to your system (updating, installing, removing, etc.) from now on as it might prolong handling your log and make the job for both of us more difficult.Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) "%userprofile%\desktop\win32kdiag.exe" -f -r into the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

55 more replies
Relevance 78.31%

Hello and thanks in advance, I apparently picked up several malicous files, when I try to remove them my anti malware program ( Malwarebyte) freezes ("program not responding") when it gets to files named BN42. temp, etc.... Not sure how to proceed and hopefully I will be able to return to retrive a reply... Best regards, Skip

Answer:Malwarebytes' Anti-Malware Freezing during file removal [Moved]

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

14 more replies
Relevance 78.31%

I have a friends laptop that got infected with ANTIVIRUS 2009.

I was looking for some way to remove this a$$ho** of a program...it's a nasty one.

One website said to download Malwarebytes' Anti-Malware tool. HAS ANYONE EVER USED THIS? IS IT ANY GOOD?


Also, any recommendations on how to remove ANTIVIRUS 2009?

Cheers and thanks

mark

Answer:2 questions - 1 about Antivirus 2009 removal - 2nd about Malwarebytes Anti-Malware

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

If you're not receiving help elsewhere and still require assistance for this issue, please follow the process outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

After running through all the steps, you shall have a proper set of logs. Please post/attach as instructed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your next reply.

------------------------------------------------------

2 more replies
Relevance 78.31%

Windows Anti-Malware Patch is a rogue security software which will report that malware has been detected on your computer in an attempt to scare you into buying this malicious software.
In reality, none of the reported issues are real, and are only used to scare you into buying Windows Anti-Malware Patch and stealing your personal financial information.

As part of its self-defense mechanism,Windows Anti-Malware Patch has installed a rootkit on your computer,which will disable the Windows Task Manager and will block you from running any program that could lead to its removal.

Windows Anti-Malware Patch is a scam and you should ignore any alerts that this malicious software might generate.
Under no circumstance should you buy this rogue security software as this could lead to identity theft,and if you have, you should contact your credit card company and dispute the charge stating that the program is a scam and a computer virus.
Removal instructions for Windows Anti-Malware Patch virus​This is a self-help guide, use at your own risk.
If you experience problems completing this guide, or the problem persists after following the instructions below or would like to have one of our staff members guide you through the process, please start a new thread in our Malware Removal Assistance forum.
STEP 1 : Start your computer in Safe Mode with Networking

Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer.

Press and hold the F8 key as your c... Read more

More replies
Relevance 78.31%

Help please dear scumware fighter!

Here's a tricky one that's brought me to halt. I have an infection from some malware that is hiding itself and seems to be actively crashing anti-virus/anti-malware sw before they can id it or remove it.

Here are the symptoms:

Discovered when I upgraded to version 10 of Avira's Antivir Free version. It wouldn't run completely through and crashed. Checking with Avira's forum, others had the same problem and it was identified as an existing infection. It was then that I noticed that I haven't even had a successful full system scan with the previous version since mid-Feb (even though I manually run a full scan every month or so). Virus definitions were being downloaded normally every day.

Then it started crashing Windows and Firefox. Couldn't turn off the computer and had to hard reset with the power button several times.

Downloaded and ran MalwareBytes which found 1 virus immediately, id'd as "Trojan: FakeAlert" in C:\END. I quarantined this item.

Ran a full system scan and MalwareBytes ran for about 10 minutes but crashed at the same directory that I thought I had seen Avira stop on.
I repeated and it stopped at the same directory. This is the file that it stopped on:

windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\063bdcb7c733d30d0ac1e533ae9191f7\ehiVidCtl.ni.dll

I tried downloading Microsoft Security Essentials and that failed to even finish the download for some unknown error. Another ... Read more

Answer:Insidious Infection Blocking Anti-Malware Programs & Removal

BUMP, please.

3 more replies
Relevance 77.9%

Should I install Malwarebytes Anti-Malware beside Emsisoft Anti-Malware for extra protection? Will it slow down my computer?
 

Answer:Should I install Malwarebytes Anti-Malware beside Emsisoft Anti-Malware?

Emsisoft is more than enough by itself.
 

61 more replies
Relevance 77.9%

Based on your opinions and reasoning which is the better product.
I will still be using both products regardless of the votes.
 

Answer:Malwarebytes Anti-Malware 2.x vs Zemana Anti-Malware 2.x (Premium only)

This is difficult. I use both as on-demand scanners. I've been using Malwarebytes for years and it's saved my butt on numerous occasions. For that simple fact alone, I'm going with Malwarebytes, but do not shy away from Zemana (in fairness to Zemana, it's a fairly new program). If anything I'd say Zemana AntiMalware feels a bit lighter, but that's really the only fault I can provide. I'll be interested to see what others think.
 

5 more replies
Relevance 77.9%

Hello. I am working on a friends machine that seems to have a nasty infection. This machine is a dedicated server running Windows Server 2003 Web. Everything I am doing to it is via remote desktop which is making it a little more of a challenge. Web browsing on the server was incredibly slow when he asked me to take a look at it. I figured he was infected with something so I was going to try and install a few things on it and run a few scans, only to find that all of the sites that I found to use are blocked or disable by whatever is infecting the server. Any attempt to access an anti-virus or anti-malware website results in a message stating server cannot be found. Any other website can be accessed though.

There is an FTP server running on this machine, so I do have that availability to FTP to the server to get any file or program to it that I need to. Please just let me know what you need from me and I will get it up here as soon as I can. I am a fairly experienced user and can grasp things pretty easily. Thanks for your time, I greatly appreciate it.


Jamie

Answer:Malware Blocking all Anti-Malware/Anti Virus websites

If it doesn't block you from softpedia or download.com, the get the anti virus software from their sites instead. Hopefully it won't block them. When they are downloaded, rename the file names.

2 more replies
Relevance 77.9%

Donna over at Calendar of Updates has posted a second test regarding the viability of free anti-malware and free anti-spyware programs - Malware Detections of Free Anti-Malware/Anti-Spyware

see Malware Detections of Free Anti-Malware/Anti-Spyware - Calendar Of Updates

For those who don't know, Donna also previously posted another test, Rogue Detections: Old, Not So Old and New Threats
see Rogue Detections (old, not so old, new threats) by malware scanners - Calendar Of Updates

Answer:Malware Detections of Free Anti-Malware/Anti-Spyware

Hi John

Looks like a fairly good test, unfortunately it's on an XP box. Do you know if they plan on running one on a Vista system, since the way that many malware works will affect it's viability on Vista systems?

Thanx for the link! Still lots of good info there for our members.

7 more replies
Relevance 77.49%

With the recent acquisition of the popular Junkware Removal Tool software, Malwarebytes has added another string to its security bow. Although, I guess it?s really a case of strengthening an existing string rather than adding something new. Although not sporting a traditional GUI and purely a command line tool, Junkware Removal Tool has proven to be a popular download among those wanting to rid their computers of unwanted crapware.Click to expand...

http://www.davescomputertips.com/ma...um=email&utm_campaign=Weekly+Recap+Newsletter
 

More replies
Relevance 77.08%

Received assistance here: http://www.bleepingcomputer.com/forums/t/249566/spybot-search-and-destroy-not-starting/ ~ OBHey guys, I have a Windows Xp pro. SP2 installed on my PC. Off lately i have been having a lot of problems with it. I have already posted in the other Forums of Bleepingcomputer and i was suggested various measures in order to find out and cure the problems. I was asked to download some software by the members on the forum. But i had a problem accessing those sites. Infact i have a problem accessing almost all the antimalware/virus sites. Because of this i cannot perform the necessary scans. And currently i do not have access to another PC from which i can download the necessary files. I scanned using HijackThis and i request you guys to PLEASE analyze it and guide me fix it.The log is as follows:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:12:04 PM, on 8/18/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\WINDOWS\ATKKBService.exeC... Read more

Answer:Cannot access any anti-malware websites....

Hello

Apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.
If you have since resolved the original problem you were having would appreciate you letting us know If not please perform the following below so I can have a look at the current condition of your machine.

Thanks and again sorry for the delay.

Before we can continue, please post a fresh HijackThis log back here

10 more replies
Relevance 76.67%

Apple has finally accepted that there is a malware problem affecting many of its customers and plans to stop it with an upcoming system update.

The problems began earlier this month with a black hat search engine optimization campaign launched by scareware distributors on Google Images.

Such campaigns are common and one can pretty much expect to find rogue links among the top search results for all hot topics at any given time.

However, this time it was different because the cyber crooks also targeted Mac OS X users via a piece of scareware called Mac Defender that was specifically designed for Apple's platform.

Scareware, or rogueware, are terms that refer to fake applications that trick victims into paying for licenses in order to fix fictitious problems on their computer, usually malware infections.

Ironically, for a user base that largely doesn't trust antivirus programs and believes that Macs are malware-free, a lot of people ended up installing Mac Defender.

By extrapolating from tech support call figures related to this issue, ZDNet recently estimated that between 60,000 and 125,000 Mac users were affected by this piece of scareware.

What's worse, Apple apparently prevented its tech support operators from telling users how to remove the malicious program on their own.

However, after the issue got significant press coverage Apple published a knowledge base article of its own, which includes manual removal instructions.

The company makes some mist... Read more

Answer:Apple Late to Anti-Malware Party, Issues Alert and Removal Instructions

Good to see that they are taking actions, since malwares are now quite more appearance in Mac.
 

1 more replies
Relevance 75.85%

EDIT: I'm in a different timezone to these forums which is why my log dates appear to be from the future ;) 6 hours ahead.Just as a starting point I must state that the possibly still infected machine is a laptop with a broken screen, and the HDTV it is connected to does not receive a signal until the Windows logon screen. So Safe Mode is a no no and I already spent days trying to get a Windows XP repair done ?blind?. Also I know typically you prefer fresh issues and I apologise for the length of this post and posting of MBAM logs done independently, but I figured it would be useful to anyone attempting to help me.First off I was downloading stuff I shouldn?t be downloading (lesson well and truly learnt, believe me), and left my laptop to do this. When I returned I had all of the fake Antimalware Doctor stuff all on my screen. So I disconnected from the internet quickly and then ran MBAM. This was the first log=============================================================Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4238Windows 5.1.2600 Service Pack 2Internet Explorer 8.0.6001.187022010-07-20 07:18:31mbam-log-2010-07-20 (07-18-31).txtScan type: Full scan (C:\|)Objects scanned: 198734Time elapsed: 38 minute(s), 45 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 25Registry Values Infected: 6Registry Data Items Infected: 0Folders Infected: 6Files Infected: 16Memory Processes Infected:(No malicious items de... Read more

Answer:[randomname].sys file post MBAM removal of Anti Malware Doctor, GMER says rootkit

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please download OT... Read more

94 more replies
Relevance 75.85%

Hi,Repeated popups and warnings led to a Google search on the Subject above and finding this forum.I initially attempted a "Restore Point" rollback but that would not complete successfully.I then completed the following -- Uninstall "XP Anti-Virus"- Ran SmitfraudFix- Ran SDFix- Ran ComboFix- Installed and Ran HijackThis(Attempted a "Fix Checked" without success of "O2 - BHO: (no name) - {EE5A1465-1E73-4784-8F63-45983FDF0DB8} - C:\WINDOWS\system32\awtuvULB.dll")- Installed and Ran SUPERAntiSpyware(found 0 errors or problems in any category)HijackThis still displays "O2 - BHO: (no name) - {EE5A1465-1E73-4784-8F63-45983FDF0DB8} - C:\WINDOWS\system32\awtuvULB.dll" which concerns me so I am posting so the guru's can check out the logs....As a newby to the forum I appreciate any help/advice :^) Thanks.Deckard's System Scanner v20071014.68Run by administrator on 2008-04-18 16:18:31Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --96: 2008-04-18 23:18:37 UTC - RP324 - Deckard's System Scanner Restore Point95: 2008-04-18 22:49:23 UTC - RP323 - Installed SUPERAntiSpyware Free Edition94: 2008-04-18 21:40:02 UTC - RP322 - Restore Operation93: 2008-04-18 21:27:20 UTC - RP321 - Restor... Read more

Answer:Removal Of Xp Anti-virus, Privacy Protector, Error Cleaner And Spyware&malware Protection

Hello there and welcome to Bleeping Computer's security forum.My name is David, I will be helping you with your log today.It is a good idea to print off these instructions. There is a possibility some of the instructions will need to be carried out where internet access is not available. It is important that you complete the instructions in the right order, and that you don't miss out any steps.Please set your system to show all files. Click Start, open My Computer, select the Tools menu and click Folder Options.Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.Uncheck: Hide file extensions for known file typesUncheck the Hide protected operating system files (recommended) option.Click Yes to confirm.Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following if still present:O2 - BHO: (no name) - {EE5A1465-1E73-4784-8F63-45983FDF0DB8} - C:\WINDOWS\system32\awtuvULB.dllO20 - Winlogon Notify: awtuvULB - C:\WINDOWS\SYSTEM32\awtuvULB.dllO21 - SSODL: DriveSys - {7dc6ff88-ddc9-4b18-a143-ef3f8f110be0} - C:\WINDOWS\Resources\DriveSys.dll (file missing)O21 - SSODL: SysBoot - {fd5ffa08-e23f-467f-867a-8a5770344bc3} - C:\WINDOWS\Resources\SysBoot.dll (file missing)Click on Fix Checked when finished and exit HijackThis.Make sure your Internet Explorer is closed when you click Fix Checked!Open hijackthis, click 'conf... Read more

1 more replies
Relevance 75.85%

hello, a friend has droped off a broken windows xp computer with me for repair. The followed http://www.bleepingcomputer.com/virus-remo...-security-suite this guide section 'automated removal section and now the PC bluescreen's on both normal and safemode. Looking for guidance as to what they might have broken. Thoughts? The BSOD is a stop c000021a - windows logon process system process terminated unexpectedly with a status of 0xc00000005 (0x00000000 0x00000000).

Answer:BSOD after following "automated removal instructions for security suite using malwarebytes anti-malware guide

Hi .The majority of references I see for this...are for Win 2K. XP users who have this error...don't really seem to get a resolution of any sort that I can see.From looking at the Win 2K references, I'd say that the registry is jumbled. A repair install effort would be worth a try...but I suspect that a clean install will be the ultimate resolution.Some Google Links.Louis

1 more replies
Relevance 75.44%

Hi guys,

Had this problem for a while, I cannot access any Microsoft or Antivirus, Malware etc. websites.

I've run Spybot S&D, Super Anti Spyware, Malwarebytes, Sophos, Adaware, ATF cleaner - all on full scans (downloading them was a nightmare when I can't access any sites) and nothing they pick up seems to solve the problem. Googling around doesn't seem to shed any light on anything either.

My hosts file itself looks clean, the only modifications are by SpybotSD.

I'd appreciate any help you can give me on this one, it'd be nice to have my computer working again.

Thanks

DDS LOG:
DDS (Ver_10-12-12.02) - NTFSx86
Run by RJ's Laptop at 10:46:06.60 on 23/12/2010
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_05
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.44.1033.18.3061.1419 [GMT 0:00]

AV: Sophos Anti-Virus *Disabled/Updated* {479CCF92-4960-B3E0-7373-BF453B467D2C}
SP: Sophos Anti-Virus *Disabled/Updated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\SLsvc.exe
C:\Windows ... Read more

Answer:Cannot Access Microsoft or Anti-Virus/Malware Sites

Sorted! Managed to fix it myself!

In case anyone else stumbles across this and has the same problem (I've read about 50 threads on this, with no solutions!), this is what I did:

Ran Combofix, which seemed to pick up the rootkit and partially remove it, enough to let me access Microsoft and Antivirus websites again, but not enough to remove it completely as it was still blocking MS Update, so I next ran Kaspersky Rootkit Removal Tool which found it and got rid of it for good. All websites working again, as is MS Update.

I've attached the logs, just in case anyone with an interest wants to have a more in depth look.

Cheers

2 more replies
Relevance 75.44%

Hi,

I've been working to rid a desktop of a number of infections that showed first as AV Security Suite. Access to antivirus sites is blocked making it difficult to install software if the installers that need to access the web. e.g. Windows Defender can't get updates.

I have managed to manually remove AV security suite, I believe. Was able to download and run Windows Defender, spybot S&D because they could be moved over on a usb drive. Found and cleaned up a number of issues. Ad-aware and other antivirus programs I tried, could not be installed this way.

I've cleaned a lot of bad stuff out of the registry, and the computer is working much better now. However the anti-virus sites are still blocked, so there must be some infection left.

Any help greatly appreciated. Here is the hijack this log. I did remove the entries for servers 93.188.163.10 and 93.188.166.245 but they came back on reboot.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:23 PM, on 6/13/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe... Read more

More replies
Relevance 75.44%

Hi! I'm new to this forum, and am seeking advice/help with what may be a malware problem on my main PC. I downloaded and installed the latest version of Malwarebytes Anti-Malware, but the program was unable to connect to the server to update its database.  I tried at different times on two successive days with no luck.  Other web sites were accessible, although in some cases the response was unusually slow. I consider this suspicious and would like to determine if there is a problem.  When I Googled this issue, I found this forum, joined, and am following the preparation guide for  the use malware removal tools.
 
I ran DDC; the DDC/txt file is shown below (and attach.txt is attached).  Thanks in advance.
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16537  BrowserJavaVersion: 10.21.2
Run by phil at 7:43:54 on 2013-05-08
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7935.3533 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Presen... Read more

Answer:Malwarebytes Anti-Malware Can't Access Updates Server

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Third party programs if not up to date can be the cause of infiltration an infection.Please run this security check for my review.Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.===Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Delete tab follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).===Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofixLink 1Link 2IMPORTANT !!! Save ComboFix.exe to your Desktop1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Do ... Read more

3 more replies
Relevance 75.44%

I am not able to acess symantec.com, or mcafee.com. It seems like they are being blocked, possibly by malware. Any thoughts on how I fix this? I am running windows xp.
 

Answer:Malware blocking access to anti-virus website

follow advice here and post the logs those programs make
 

1 more replies
Relevance 75.44%

My friends laptop running vista can't connect to anti virus sites like trend micro and can't get updates for malwarebytes or spybot. He doesn't have any active anti virus on his computer their was an old version of symantec from three years ago on here but hadnt been updated since. Ive now deleted it.

I ran combo fix but that didn't cure the problem. Here is the combofix.txt file

If anyone can recommend a way to fix the problem i would be very grateful.

ComboFix 11-07-31.04 - Merrr 02/08/2011 17:35:41.1.2 - x86
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.2.1033.18.2046.1003 [GMT -7:00]
Running from: c:\users\Merrr\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\KBL.LOG
.
.
((((((((((((((((((((((((( Files Created from 2011-07-03 to 2011-08-03 )))))))))))))))))))))))))))))))
.
.
2011-08-03 00:30 . 2011-07-13 03:39 6881616 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{90382B71-C4AE-4EC6-8FB7-923E0A3B4D80}\mpengine.dll ERROR(0x00000005)
2011-07-29 23:34 . 2011-07-29 23:35 -------- d-----w- c:\program files\CCleaner
2011-07-29 21:46 . 2011-07-29 21:46 -------- d-----w- c:\program files\ESET
2011-07-26 23:32 . 2011-07-26 23:32 -------- d-----w- C:\PerfLogs
2011-07-26 22:58 . 20... Read more

Answer:Can't access Anti Virus Malware Software sites

I'm working on a friends Hp laptop and gotten in a real mess. They had a virus which was stopping the computer from communicating with Virus/Spyware websites.

I ran combo fix but after that the problem still existed. Then automatic updates asked me to update so i figured why not. It was vista sp1 this is when everything started to go wrong. Vista Hung after this update and i couldn't get it to load. I tried system restore but that hangs and never finishes. Then i read that system restore works better from safe mode. I can't get into safe mode it also hangs when it gets to crcdisk.sys

Now It looks like i will have to do a HP system recoverey. The Hp recovery does give me a chance to do a back up of data so I ran that part of the program but now I have another problem the program doesn't recognise the usb stick so it's got nothing to save to. Is their anything i can do to get the usb stick working again. When i put the stick in it does light up.

If that doesn't work is it possible to install XP on the computer. So it will dual boot then using XP i can save all of his data?

4 more replies
Relevance 75.03%

Greetings,

I'm running a Lenovo X301 Notebook computer with Windows 7 Pro, 32 bit.

My problem started this summer some time when I noticed that a lot of my folders were suddenly hidden and were missing from the startup menu. It was a busy time at work and I didn't think much of it since I could easily unhide folders and access the programs through their root folders.

So, I've attempted to follow your malware removal instructions, but have had some glitches.

1. Superspyware found four threats, report attached.
2. I think malwarebytes found nothing, report attached
3. Combofix report attached
4. RootRepeal crashed on every attempt., report attached
5. MGtools ran and then ended with the message 'access denied'. report attached in my next post.

The access denied thing is a bit mysterious. I've noticed that I will occasionally click on a folder that has the locked icon and will get the message 'access denied', you must be the administrator (or something like that), but then it will usually let me in. (I am the only one who uses this computer and I always log in as the admin).

Thanks for your fantastic site. You've helped me before and look forward to your genius again.

ron
 

Answer:malware removal access problems

Here is the MGlogs zip
ron
 

6 more replies
Relevance 75.03%

Hi folks,

I had Internet Security 2013 malware on a laptop that my nephew uses. Despite apparenlty removing all of the junk on the machine, it refuses to connect to the internet.
I had posted on another forum, but the helper seems to have given up. I'm wondering now if its a hardware fault rather than a software,or has the OS been so corrupted? I'm not sure. I've not attached logs as quite a fair amount of work has already been done by the helper in another forum.. I will post the link ... If anyone could help, I would be really thankful.

http://www.bleepingcomputer.com/for...security-2013-no-access-to-internet-demented/

The thread details work already asked of me by the previous helper.

Thanks.
 

Answer:Unable to access net after Malware removal.

I will do my best, I may however refer you to the software forum if we do not find any malware/or I cannot repair things for you myself.

You will also have to follow OUR procedures:

READ & RUN ME FIRST - Malware Removal Guide
 

5 more replies
Relevance 74.62%

I have a default Yoog Search in my Search Engines, i try to remove it and set it as google but it would again default to Yoog. Next thing is I just cannot run 'sybot search & destroy' and doesnt let me open any anti-malware related sites. I cant download any anti malware apps. I am just stuck.
 

Answer:unable to run any anti-malware tools and also cant open any anit-malware related site

Re: unable to run any anti-malware tools and also cant open any anit-malware related

Welcome to Major Geeks!

Please try doing this first:
Yoog Removal

Then please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.
If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.

TDSSserv Non-Plug & Play Driver Disable

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.
READ & RUN ME FIRST. Malware Removal Guide


Helpful Notes:

If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can run steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes ... Read more

6 more replies
Relevance 74.62%

these are the instructions I followed:Uninstall itclick on this link ? and then select run.http://www.malwarebytes.org/affiliates/2...INSTALL IT TO YOUR DESKTOP, update it, then run a full scan and remove everything it finds.some viruses will try to disable it so if malwarebytes will not start up then go into the folder it is in and rename the mbam file to XXX then double click on the file you just renamed to start it up.after you have used malwarebytes then do this on-line scan.to make sure you have nothing else hiding away.http://www.bitdefender.com/scan8/ie.htmlpreferably in safe mode with networking.it's important you install it on your desktop so you can easily get into the folder and change the name of the mbam file.and viruses do not always look on the desktop for it.OR you can try the on-line scan first.This seemed to have helped but I still can't run Malware bytes and my computer redirects websites I try to get into sometimes. I installed Norman Malware cleaner is this is what it said:Removed 5 of these ( deleted file:C:/windows\system.32\UACqfqboedxvctjti.dat)in red appeared- To many infections/an unexpected error (Please contact support):C\Windows\system32\UACqfqboedxvctjtit.dat (infected with Text/Td.ss.A)File marked for defered cleaning (reboot required) c:\windows\Temp\UAC314c.tmp(infected with W32\FakeAlert.NEUI clicked quit afer it finished scanning and it prompted me to reboot computer automatically. I ... Read more

Answer:The computer at work is infested with PAV. I downloaded Malware bytes anti-Malware but it still won't scan

Hello it appears you are heavily infected with rootkits. They are interfereing with removal.You need to run HJT/DDS.Please follow this guide. go and do steps 6 and 7 ,, Preparation Guide For Use Before Using Hijackthis. Then go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post that complete log.Let me know if it went OK.

1 more replies
Relevance 74.62%

Hi all,My dad has asked me to take a look at his computer after it's been acting odd, and it looks like he's got a doozy of something running on the system. He's been getting some pop ups advertising various programs, the desktop is changed to text reading "Your system is infected! System has been stopped due to a serious malfunction. Spyware activity has been detected" (which is not something any program that should be running would display", Task Manager is blocked from opening and a fake piece of anti-spyware has taken up residence (don't have the name off hand).Looking at the log, I found a couple of things that I'm not a fan of - batmeter16.dll, for starters. There's a couple others I don't recognize, but I am not sure if they are bad or not.Unfortunately, my attempts to fix it have been thwarted - an AVG scan said it cleared it up, but more pop ups came. I tried to run Malware Bytes, but when I download the latest update through the program, I get a nice warning message saying "The database you are using is not supported by this version of Malwarebytes' Anti-Malware. Download the latest version of the program."Additionally, this came about because I tried to start into Safe Mode to get this cleaned up. I couldn't get my keyboard to register keystrokes before Windows started, which kept me from accessing the dialogue allowing Safe Mode to be entered, so I modified boot.ini to force a safe mode boot. Unfortunately, this brought about a blue sc... Read more

Answer:Malware blocking MalwareBytes (post-update), fake anti-malware program

Hello, my name is fenzodahl512 and welcome to the forum.. Please do the following....Please download The Comedian.exe by Rorschach112 to your desktopPlease disable all of your antivirus/firewall before doing this step. Please visit HERE if you don't know how..Double click the program to run it. It will only take around several minutes to run.It will do a series of tasks and tell you when each one is finished.You will be prompted to press any key after each stepWhen it is done it will close and exit itself automatically.You can delete The_Comedian.exe once it is finishedSTOP! if you can't complete this step.. Tell me more about it..NEXTPlease download OTL by OldTimer and save it to your desktop.Under the Custom Scans/Fixes box paste this innetsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINTDon't change any setting... Just click on the Run Scan button.. Let it scan till finish..Then a log will pop-up at your Desktop. Post the content of the log hereNEXTWe need to scan for Rootkits with GMERPlease download GMER from one of the following locations, and save it to your desktop:Main Mirror
This version will download a randomly named file (Recomm... Read more

3 more replies
Relevance 74.62%

I have a default Yoog Search in my Search Engines, i try to remove it and set it as google but it would again default to Yoog. Next thing is I just cannot run 'sybot search & destroy' and doesnt let me open any anti-malware related sites. I cant download any anti malware apps. I am just stuck. I saw a post " Win 2K hijack issue - unable to run malware apps!". I have exactly the same case on my system.

 

More replies
Relevance 74.62%

Yesterday, I had troubles with Windows live messenger where it (still) says:

"Windows Live Communications Platform has encountered a problem and needs to close. We are sorry for the inconvenience. "

although, the problem isnt about MSN. I found out that this problem was caused by having Malware on your computer. Hence, i decided to run a scan using Malwarebytes Anti-Malware (MBAM).

I noticed that my Avast was disabled and if i try enable it, it comes up with a window saying: the operation could not be completed.

My google searches also SOMETIMES get redirected to links that is clearly out of topic.
like if i google search the terms "malware wikipedia" and i click on the wikipedia link but i get redirected to some Myspace/Anz credit card crap.

Then this happened.
MBAM CRASHED after 2 mins of scanning -> tried to re-run MBAM but a window came up saying:
"Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."
I ran several other programs such as:
HJT -> scanned for 2 mins, then crashed (no logs were made)
SUPERAntiSpyware (SAS) -> scanned for 2 mins, then crashed
and same goes for any other programs that searched for any malware.
The only program that worked was TROJANHUNTER and came up with a couple of false positives
I also tried using Avira's Rescue CD (the one where you boot up with it and it does a scan)
A scan using Avira was also successful but failed to... Read more

Answer:Malware/Anti-virus tools wont run due to a rootkit/trojan/malware

i am having the exact same problem!
i have no clue what to do, any help would be amazing!

2 more replies
Relevance 74.62%

I can not do the prework because my browsers are incapacitated, so I can't download anything.The PC indicates that my web connection - DSL - is functioning properly. I don't know if it is safe to insert a flashdrive in order to bring the required programs to my pc, and post the results using my relative's pc. Is there a way to prevent malware from infecting the flashdrive?
 
I am using a relative's desktop PC in order to communicate here. I still have windows XP SP3 on my desktop pc and I finally got a virus despite what I thought was safe surfing, using a limited account. I have Avast free but it did not detect anything. My superantispyware is "locked" and my malwarebytes free stops responding.  So I don't know what infection I have. I use Online Armor firewall, but it did not prompt me about any new program. It is set to always notify me, even when running something I have allowed in the past. Whatever it is, also got passed K-9 web protection which filters all of my PC use. I am putting a lot of disjointed information that may be helpful into this post, simply because of my need to go back and forth between two houses in my particular situation. (About a 5 minute walk). I normally would not put all of this into one initial post. I understand that the system works better when one detail at a time is presented upon your request. Please understand that I won't be able to provide bits of information without returning home for each request!
 
My last action befor... Read more

Answer:unknown malware disabled my browsers, locked anti-malware programs

DON'T READ MY POST!
system restore worked!
how do I close this thread as solved??

2 more replies
Relevance 74.62%

I have an old laptop (2003 bought and rarely used).
Today i tried to run the RED AND RUN ME FIRST MALWARE REMOVAL GUIDE for it.
The CCleaner run was smooth and get rid of some junk.
HOWEVER when i tried to run the Malware bytes software i got the message :

mbam.exe Application Error
The application failed to initialize properly(0xc000001d). Click on OK to terminate the application.

I suspect that my laptop has a malware that does not let it run the Antimalware software...
Can you please help me?
 

Answer:Old Laptop. Can't Run Malwarebytes Anti-malware Software. Suspect Malware Inhibits It

Are you able to run ANY of the tools, sakoul?
RogueKiller
Hitman Pro
TDSSKiller
MGTools

 

40 more replies
Relevance 74.62%

Have been using Win 7 Ultimate x64 for quite a while but tonight ran into a small problem. I like to keep the titles for links very short and want to rename "Malwarebytes Anti-Malware" (I am a registered, paid user) to simply "Malwarebytes". I am listed as an Administrator and I used LockHunter to unlock the file but it still does not allow me to shorten the description. When I shorten the name and hit OK I am told "You'll need to provide administrator permission to rename this file" Since I am the administrator on this machine I do not know what to do. Continuing does nothing. Anyone have any suggestions? /* Philip */

Answer:Changing File Decription for link to Malware Bytes Anti-Malware

Not sure but I think Malwarebytes is trying to protect itself.
That is one of the first things a virus would try to do is change the name/link and get it out of the infection way.

I can change the name of the desktop Icon to MBAM.

9 more replies
Relevance 74.62%

Hi,
I have been using AVIRA, Malwarebytes, and Registry Mechanic for awhile. But I think I got either a virus or malware via a colleagues thumbdrive. I have had constant hijacking from google results when using Mozilla, IE, and Chrome. I have also been unable to update malwarebytes, or registry mechanic. I have removed AVIRA, Malwarebytes, and Registry Mechanic and am currently running Trend Micro OfficeScan 10. OfficeScan blocks the hijacking, but it is annoying to see that something wants to still divert my browser. But I am unable to even view certain websites like Malwarebytes.org, or Microsoft webpages, and somtetimes unable to open the browser at all. Sometimes when I am using MyComputer, the layout switches from XP to the Windows-safe-mode type layout.

Start-up is also extremely slow on this machine. I have attached my hijack this log file. If anyone can help that would be great! I am considering wiping the machine and starting over....
 

More replies
Relevance 74.62%

After scanning with Malwarebytes Anti- malware  a message will pop up saying :       Windows cannot access the specified device , path , or file . You may not have the appropriate permissions to access item . :  ...................................... Then if i try to view the log it will say the same thing ....  That was the only problem i had  . Until i tried to do something i found in your forum that seemed to be the same problem .....  But it said i had to disable my anti virus  (AVG)2011 free edition to use Combo fix .  Well i tried to uninstall it and use the remover and nothing seemed to change .. except it wouldn't let me enable AVG again  or install anything from AVG .... it now has a error message ...............  I have been at this for about 2 days and i don't know what else to do . Thank you to all that respond .[recovering disk space - old attachment deleted by admin]

Answer:Windows is not letting me access logs from Malwarebytes Anti-malware

SUPERAntiSpyware Scan Loghttp://www.superantispyware.comGenerated 07/18/2011 at 04:44 PMApplication Version : 4.55.1000Core Rules Database Version : 7419Trace Rules Database Version: 5231Scan type       : Complete ScanTotal Scan Time : 01:40:47Memory items scanned      : 594Memory threats detected   : 0Registry items scanned    : 7855Registry threats detected : 0File items scanned        : 156874File threats detected     : 60Adware.Tracking Cookie   .doubleclick.net [ C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies ]   .imrworldwide.com [ C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies ]   .imrworldwide.com [ C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies ]   .revsci.net [ C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies ]   .revsci.net [ C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies ]   .adserver.adtechus.com [ C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies ]   .kontera.com [ C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies ]   .anrtx.tacoda.net [ C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies ]   .xiti.com [ C:\Users\Admin... Read more

3 more replies
Relevance 74.62%

Appreciate any help. Please keep in mind I am not tech savvy. Returned to laptop from overseas. McAfee had expired. Used computer and picked something up. Downloaded free Norton. Too late?? Norton tells me I have a trojan and to run a scan, but scan will never start (says; "starting" only.

Other symptoms:

- cannot run registry scans. lava soft, etc

- cannot access most ant malware sites

- when i click search result on google, I get redirected to odd pages

- CPU usage at 90-100%

Can anyone at least tell me what trojan I have (if, indeed, that is what it is)?

Thank you in advance

Answer:Have Trojan and am unable to scan or access anti malware sites

Hello and welcome...Some types of malware will disable MBAM (MalwareBytes) and other security tools. If MBAM will not install, try renaming it.Before saving any of your security programs, rename them first. For example, before you save Malwarebytes', rename it to something like MBblah.exe and then click on Save and save it to your desktop. Same thing after you install it. Before running it, rename the main executable file first***Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run..***Another work around is by not using the mouse to install it, Just use the arrow keys, tab, and enter keys.***Open up command prompt, type in following commands: XP >> click the Start menu at the lower-left of your computer's desktop and select "Run". Type cmd into the Run box and click "OK".Vista >> click the Start menu at the lower-left of your computer's desktop and Type cmd in the search box.regsvr32 mbamext.dllregsvr32 ssubtmr6.dll regsvr32 vbalsgrid6.ocxregsvr32 zlib.dll ****If you cannot use the Internet,you will need access to another computer that has a connection.From there save mbam-setup.exe to a flash,usb,jump drive or CD. Now transfer it to the infected machine, then install and run the program. If you cannot tr... Read more

24 more replies
Relevance 74.62%

Hi,First, thank you very much for your help in assisting me resolve my problem.My browser is redirected quite often. When I tried to access Malwarebytes.org I receive an error. The same is true for many other anti-virus or anti-malware sites. In some cases I am permitted to download a utility from a site, but the .exe fails to launch. When I search on "browser redirects" in Google, I receive lots of choices, but am unable to access any of them as I am redirected.I will post the dds.log below, and attach the attach.zip log, however I am unable to post the gmer.log as my PC bluescreens when I run gmer. I tried multiple times with the same result.I am running the Norton Security Suite (which has not identified any problem) and have since added several other anti-virus/malware problems that also finds nothing wrong.Thanks again for your help!!hereafter2DDS (Ver_10-03-17.01) - NTFSx86 Run by Alex at 21:34:08.40 on Mon 09/13/2010Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_07Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3061.1250 [GMT -4:00]SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}FW: Norton AntiVirus *enabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.... Read more

Answer:Browser redirects and prevents access to anti-malware sites

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Do not Attach logs unless I ask you to.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.Note** If you are having problems posting the complete log into this thread upload them here http://www.rapidshare.com/ and post the links in this thread Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Gmer is the best but can be hard to get a log lets try this and see what we get.Scan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Sa... Read more

14 more replies
Relevance 74.21%

Hi all!
Recently while searching for new Anti-Malware tools to try subsequently in order to clean my computer for malware, I came across EMCO Malware Destroyer.
And hence, now I am wondering;What is your opinion on the Anti-Malware tool EMCO Malware Destroyer?
Thank you very much in advance!
Regards,
midimusicman79

Answer:What is your opinion on the Anti-Malware tool EMCO Malware Destroyer?

I have seen it advertised on Major Geeks and other third-party hosting sites but write ups and reviews never impressed me.EMCO Malware Destroyer by Softpedia...To start with, you should note that it does not provide active protection, heuristic scans or an active shield of some sort. This utility will only search for baddies currently loaded in the memory or running processes that are infected...Malware Destroyer is designed for manual virus checks and the fast scans recommend it, but bear in mind that it is mainly aimed at non-techy users and will only provide an occasional supplemental layer of protection.

0 more replies
Relevance 74.21%

Hi, A suspicious SVCHOST.exe just popped into my startup list. I bet it's not the only one causing my sudden computer slowdwon. I attached my HijackThis log and I hope someone gets to help me. Thanks!

Answer:Malware. Unable to Update any Anti Virus/Malware Program

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Relevance 74.21%

I tried to down load the now version, and the computer won't let me download it.

And there is something wrong with the version of Anti-Malware I have now. Every time I want to use it.
It downloads the setup and then it up dates. And today when I wanted to scan, it stopped and computer ran an error
report.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:03:38 PM, on 10/4/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\G... Read more

Answer:Can't download the news version of Malware bytes Anti-Malware

16 more replies
Relevance 74.21%

I've been seeing here that Emsisoft Anti-Malware is free for 30 days, after 30 days of use will be able to scan and remove malware that it finds?
I do not want to use it with real-time protection, I have ESET for it, I use it as I use Malwarebytes Anti-Malware Free, only for weekly scans!
Thank you
#Translator
 

Answer:Emsisoft Anti-Malware Free'll be able to scan and delete the malware?

Download emsisoft emergency kit

Emsisoft Free Emergency Kit: Portable malware scanner | Free removal of Viruses, Bots, Spyware, Keyloggers and Trojans

it's scanner without real time, full free
 

3 more replies
Relevance 74.21%

My Windows 8 computer has been infected with malware/adware. When I browse the internet there are ads displayed by edeals. I've followed many guides to removing it, but none have worked. I've scanned my pc with malwarebytes, adwcleaner, and junkware remover.
Here is the result of the scan with Adwcleaner: 
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Local]
# Operating system : Windows 8.1  (x64)
# Username : Jed - JEDPC
# Running from : C:\Users\Jed\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*origin.com;*ea.com;*akamaihd.net
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:12289
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [2109 bytes] - [24/05/2015 11:15:26]
AdwCleaner[R1].txt - ... Read more

More replies
Relevance 74.21%

Good afternoon,
 
  After 2 years of no problems, it seems I may have been infected with Malware.  The hard drive spins constantly, making my laptop nearly worthless.  I rebooted my computer in Safe Mode and ran several programs to try and find/remove the Malware.  Some programs run OK and find nothing, but at least 3 programs run for a short time, then freeze up and the hard drive spins constantly.
 
  Here is what I've tried so far:
- Norton Power Eraser - Finds no problems
- Panda Cloud Cleaner - Did find and quarantine a few issues
- Kaspersky - I ran a through scan on everything - it took several hours and did find 2 infections.  Cleaned or quarantined both
- Malwarebytes - Gets to a certain point, then freezes.   Hard drive spins constantly
- ESET - Gets to a certain point, then freezes.  Hard drive spins constantly
- House Call - Gets to a certain point, then freezes.  Hard drive spins constantly
 
- AdwCleaner - Ran this, log looks clean except for 1 Firefox and 1 Google Chrome file that are listed
- Junkware Removal Tool - Only tried to run in Safe Mode w/ Networking.  Shows a command prompt screen, but nothing happens
- ComboFix - I have run this, can produce the log file if needed.
 
Any help you can give would be greatly appreciated!!

Answer:Malware Infection - Freezes computer when Anti Malware Program is run

Hello having run ComboFix, you need to repos this with that ComboFix log in this forum...Virus, Trojan, Spyware, and Malware Removal Logs

4 more replies
Relevance 74.21%

Today i updated my malware bytes anti malware database and i got this weird update version!!!:-D
Has anyone here ever had that happen??
 

Answer:weird malware bytes anti malware database update

Hey! I'm getting ripped off, mine is only 9111221001. See Malware Bytes thread: http://forums.malwarebytes.org/index.php?showtopic=102591
 

2 more replies
Relevance 74.21%

Hi all!
Recently while searching for new Anti-Malware tools to try subsequently in order to clean my computer for malware, I came across EMCO Malware Destroyer.
And hence, now I am wondering;What is your opinion on the Anti-Malware tool EMCO Malware Destroyer?
Thank you very much in advance!
Regards,
midimusicman79

Answer:What is your opinion on the Anti-Malware tool EMCO Malware Destroyer?

I have seen it advertised on Major Geeks and other third-party hosting sites but write ups and reviews never impressed me.EMCO Malware Destroyer by Softpedia...To start with, you should note that it does not provide active protection, heuristic scans or an active shield of some sort. This utility will only search for baddies currently loaded in the memory or running processes that are infected...Malware Destroyer is designed for manual virus checks and the fast scans recommend it, but bear in mind that it is mainly aimed at non-techy users and will only provide an occasional supplemental layer of protection.

10 more replies
Relevance 74.21%

The independent Malware Research Group started an interesting series of tests on September 1.
19 well-known security programs were challenged to a "duel" with ten of the most dangerous and
widely spread Malware pests.
At the start of September 2010 the Malware Research Group confronted 19 well-known security programs with 10 hand-picked types of widely spread Malware. These Malware programs were the latest versions of well-known pests and were all classified as highly threatening.
The result of this test was a surprise. Many well-known established protection programs did not detect certain Malware. The bottom line was that the Malware won most of the duels:
- HotKeysHook Keylogger (9 x detected / 10 x not detected)
- TDL3 Rootkit (8 x detected / 11 x not detected)
- TDSS Dropper (3 x detected / 16 x not detected)
- FakeAV Trojan (3 x detected / 16 x not detected)
- Zbot Trojan (7 x detected / 12 x not detected)
- FakeAlert Trojan (7 x detected / 12 x not detected)
- VLogger Trojan (5 x detected / 14 x not detected)
- Neeris Worm (8 x detected / 11 x not detected)
- ?Here You Have? Email Worm (19 x detected / 0 x not detected)
- Zbot Trojan retest (12 x detected / 7 x not detected)
Only one program detected all pests without exception: Emsisoft Anti-Malware.
Details: Anti-Malware Reviews - A collection of reviews, tests, awards and personal opinions of anti-malware software.

Answer:Emsisoft Anti-Malware only one to detect all malware in independent MRG Test

hi ! THANK YOU ! once again Emsisoft Anti-Malware (EAM), previously known as a-squared (a2), "wins" an antimalware test.
more info about previous awards: a-squared Anti-Malware Tests and Reviews
there is also a FREE version of Emsisoft Anti-Malware without realtime-protection: Emsisoft Anti-Malware - Best protection against Viruses, Trojan Horses, Spyware, Worms, Dialers, Adware, Keyloggers and Rootkits
you can test the FULL version for 33 days, then it turns into the FREE version.
Emsisoft Anti-Malware (EAM) can be used together with most other Antivirus / Antimalware-programs, although you (might) have to change the settings for the "FileGuard".
fx. EAM & MSE v2-beta works very well together, i?ve been testing those 2 with different settings for several weeks.

2 more replies
Relevance 74.21%

Hi. There is something going on with my computer, can't get on internet and many pop up messages, and I have tried to run MBAm. When I click on "Remove Selected" it starts doing the removal but then a box pops up with "Malwarebytes Anti-Malware has encountered a problem and needs to close." There are three boxes to choose to click on...Debug, Send Error Report, or Don't Send. When I click on Debug I get a new pop up box with "DrWatson Postmortem Debugger has encountered a problem and needs to close". Same three boxes to choose to click. I click on Debug and then get a pop up box with "Microsoft Visual C++ Runtime Library. Runtime error. Program:C:\Windows\System32\svchost.exe.

I have multiple pop up boxes coming up when I just log on:

dsca.exe-Application error

27578134.exe has encountered a problem

Sysfader:IEXPLORE.EXE-application error. Instruction at "0x03a0bdd9" referenced memory at "0x03a0bdd9". The memory could not be written. When I click "OK" to terminate this it came up with multiple other boxes with different numbers...0x0403bdd9,0x03eabdd9,0x0455bdd9,0x053abdd9.

ctfmom.exe Application error

Data Execution Prevention-Microsoft Windows...to help protect your computer Windows has closed this program: Internet Explorer.

I am unable to get on the internet from my computer and am currently using my husbands laptop to post.

I would appreciate anyones advise or help.... Read more

Answer:Malwarebytes Anti-Malware unable to remove selected malware

I would try logging in to safemode with networking and then run the scanfrom there. To log in to safemode gently tap the F8 key as the computer reboots and then select safemode with networking from the list. If you are able to run the scan in safemode then there's probably some infection that was preventing it from runnig in the regular Windows mode. If not then there may be a problem with the Malwarebytes. I have had a similar problem and I had to un-install it and then re-install it. I emailed their tech support and was told it was possibly a conflict between it and AVG free though I'd never had that problem before... EVER.

I suspected it was something buggy with the update that had come through.

4 more replies
Relevance 74.21%

Hi, I been trying to remove the searchinterneat-a.akamaihd.net malware for months. I looked over at least 10 different guides on how to remove the malware. I tried multiple antimalware programs to HitmanPro to Anti-Malware and it seems like none of them can detect the malware. Looking for help!

More replies
Relevance 74.21%

 
A trojan that's currently doing the rounds in Japan is using Windows itself to try to defeat security software on infected machines.
Trend Micro reports that the BKDR_VAWTRAK malware, which steals credentials used for online banking at some Japanese banks, is using a Windows feature called Software Restriction Policies (SRP) to prevent infected systems from running a wide range of security programs, including anti-virus software from Microsoft, Symantec, and Intel. A total of 53 different programs are blocked by the malware.

http://arstechnica.com/security/2014/06/banking-malware-using-windows-itself-to-block-anti-malware-apps/

Answer:Banking malware using Windows to block anti-malware apps

TrendLabs: Windows Security Feature Abused, Blocks Security SoftwareEdit: Your Trend Micro link initially did not work for me so I reposted it for the benefit of others. Checking a second time the page finally opened.

3 more replies
Relevance 74.21%

i have been having problems with Google redirecting with Firefox or IE, i cannot boot in safe mode and cannot access the MBAM website or update it, when i downloaded it on a separate computer and i ran it and found 34 infections, it deleted them but my internet would not work afterward, I did a system restore and tried combo fix with the same result, when i attempted to use root repel it shut down windows in order to protect it from damage, I am completely lost and have no idea what to do. Can anyone help me?
 

Answer:anti malware disables my internet

Welcome to Major Geeks!

Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.
If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First. If TDSSserv is not found, just continue on with the READ & RUN ME.

TDSSserv Non-Plug & Play Driver Disable

READ & RUN ME FIRST. Malware Removal Guide
If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.

After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:
If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to s... Read more

1 more replies
Relevance 74.21%

Operating System: Windows 10
Are you using a 32-bit or 64-bit operating system?: 64-bit (x64)
Infection date and initial symptoms: 9/12/2015, I used Malwarebytes to remove some files and it automatically restarted my computer afterwards. Once I logged back into my computer I could not access the internet on any browser (chrome/firefox).
Current issues and symptoms:
No internet after running Malwarebytes Anti-Malware to clean the detected threats.
Steps taken in order to remove the infection:

I ran Malwarebytes Anti-Malware, it detected 4 threats, cleaned and restarted.
This is when my internet stopped working.
I tried ticking and unticking IPv4 and IPv6 internet protocols in my ethernet properties.
I made sure that IP and Domain was automatically generated (i.e. No static IP address etc)
Then I ran FRST x64, and both logs are attached.
I ran AdwCleaner, and attached its log.
What scan logs have you uploaded to this post?:
FRST.txt, and Addition.txt
AdwCleaner[S1].txt
 

Answer:No Internet After MalWarebytes Anti-Malware

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

4 more replies
Relevance 74.21%

I ran Malwarebytes Anti-Malware, it detected 192 threats, cleaned and restarted.
This is when my internet stopped working.
I ran it again and 3 more threats, cleaned and restarted.
Ran it one more time, no threats detected.
Then I ran Malwarebytes Anti Rootkit.
Then i ran Farbar Service Scanner.
Then I ran FRST x64, and now I'm here.
All logs are attached.
 

Answer:No Internet After MalWarebytes Anti-Malware

I just read this thread:
Piracy

I apologize for not reading it sooner. Utorrent is no longer installed. Here are the updated FRST log files. Thanks.
 

10 more replies
Relevance 74.21%

No internet. Need help.
 

Answer:No Internet after Malwarebytes Anti-Malware

Helllo,

My name is Argus and and I will be helping you with your computer problems.

Before we begin, please note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not be able to help you if you do not follow my instructions.


Rules and policies

We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled befor... Read more

4 more replies
Relevance 73.39%

Somehow I got redirected to a site that gave my a virus/malware, even though pop-up blocker was enabled. I knew somthing was up, so I decided to run Spybot, but it wouldn't launch. i rebooted and tried to launch again...no luck. I then uninstalled Spybot, and went to Safer-Networking website to redownload, but the site was blocked. Norton blocked. McAfee blocked. Trend Micro blocked.

To make things stranger, when I search for these using Google, then click on anti-virus websites, I get redirected to something strange...every time.

The only site I could go to was Microsoft One Care, which did a scan of my computer from the MS website, but it found nothing.

Using a different computer, I was able to download Stinger, burn it to a CD, then run it on my computer, but it found nothing.

I then burned another CD with HijackThis, but it wouldn't launch on my computer. When I renamed the file to banklogin.exe, it was able to install.

It seems that I was able to install Malwarebytes' Anti-Malware, but it doesn't seem to launch, no matter how many times I reboot the computer.

Because I can't log into this website from my infected computer, it would be difficult to transfer Hijackthis results to this forum.

My computer (when not running Stinger, HijackThis, or other programs) is utilizing the Ariva AntiVir Personal anti-virus software.

Any help/ideas would be greatly appreciated!

Answer:Malware Won't Let Anti-Malware Run, and Redirects to Malicious Websites

Hello cougkyle and welcome to BC!! Please do not post the Hijackthis log in this forum. Hijackthis logs are supposed to be posted in this forum. Experts there will help you deal with your Hijackthis log.Because I can't log into this website from my infected computer, it would be difficult to transfer Hijackthis results to this forum.Well you can burn that file onto a CD and transfer it to your clean machine. However, if you don't have a CD Burner on your infected machine then you can burn a CD Burner program from your clean machine and then transfer it to your infected machine. After that you can install it using your infected machine and burn the hijackthis log using your infected machine and transfer the file to your clean machine. Then you can post the logs in to the HJT-Malware removal forum I mentioned above.. Hope that helps you.With Regards,Extremeboy

3 more replies
Relevance 73.39%

I'm about to pull my hair out here! I've been working this problem for 2 days now, and have Googled every which way to find out what's on this PC with WinXP Home + SP3.... there is some kind of trojan virus on it, that prevents anything from scanning the hard drives (ergo, I can install anti-malware software inclucing HiJackThis, Malwarebyte's anti-malware app, and even Microsoft's MRT.exe but as soon as ANY of them begin a scan of the system they are terminated and their exe file has it's permissions reset to Everyone ONLY (and apparently this thing has set the policy for the Everyone Group to NOBODY). Once this occurs, I can't run the program again as I no longer have permission to do so.... in Safe mode, I can reset the executable permissions back to Administrators Full Control and run the anti-malware exe again, only to have it terminated and it's permissions again reset... this thing's killing me!

I tried RKill to no effect either, whatever this thing is the most current RKill doesn't recognize it apparently.

I've read on these forms of others who've experienced similar problems, so I know I'm not alone... what nobody else on the internet seems to have figured out though is WHY their anti-malware app goes "Poof!" seconds after it starts scanning the system for malware. There is something, some virus in memory which I cannot locate, which is changing the security permissions of any program that ... Read more

Answer:Malware setting anti-malware app file permissions to nothing!

Well, I went and sat and thought about it for a few minutes... then came back to the PC, started up Safe mode with Command Prompt, and used the command window to manually launch System Restore and restored the computer back to a checkpoint it had made earlier today BEFORE the desktop went Poof!

To my immense relief, System Restore apparently tracks changes to file permissions as well and it reset the explorer.exe file permissions back and upon restarting the PC I had a desktop with all the trimmings again finally.

However, the virus or whatever it is still remains of course (there are no restore points beyond today, as the virus or 1 of it's many friends I already removed from this PC today had disabled System Restore and deleted all the restore points it might have had already).

I don't know where to go from this point with this PC... perhaps it's a dead horse and just needs to be reformatted, idk.

- Michael

15 more replies
Relevance 73.39%

This is a follow up to my posting in the "Am I infected? What do I do?" section.Thank you extremeboy for answering my plea for help. Below is a paste from the infected computer's HijackThis log file:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:02:33 PM, on 1/8/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: NormalRunning processes:H:\WINDOWS\System32\smss.exeH:\WINDOWS\system32\winlogon.exeH:\WINDOWS\system32\services.exeH:\WINDOWS\system32\lsass.exeH:\WINDOWS\system32\svchost.exeH:\WINDOWS\System32\svchost.exeH:\WINDOWS\system32\svchost.exeH:\WINDOWS\system32\spoolsv.exeH:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeH:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeH:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeH:\WINDOWS\System32\svchost.exeH:\Program Files\Java\jre6\bin\jqs.exeH:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeH:\WINDOWS\system32\nvsvc32.exeH:\WINDOWS\system32\svchost.exeH:\WINDOWS\Explorer.EXEH:\Program Files\Java\jre6\bin\jusched.exeH:\WINDOWS\RTHDCPL.EXEH:\Program Files\QuickTime&... Read more

Answer:Malware Won't Let Anti-Malware Run, and Redirects to Malicious Websites

Title was: Browser Redirect - wdmaud? ~ OBTried to get help posting hijackthis file last week...no takers, so I started to do a little homework.My browser redirects to bogus websites (most of the time), and redirects to bogus websites when trying to go to anit-malware sites all of the time.Was able to get Avira AntiVir loaded, but doesn't detect the virus. Able to get a HijackThis log. McAfee won't launch, Malwarebytes won't launch, Spybot won't launch, etc.Reading up on the subject of recent browser redirection, there is a lot of people having trouble with the wdmaud file in their Windows/System32 directory. I tried to rename it and reboot, but it just came back. Tried to delete it, and it wouldn't let me. Then I loaded the Gibbon Gipo program, that forces the file to be deleted upon reboot. That works with every file except wdmaud! It keeps reappearing after reboot.This may or may not be the infected file...might be chasing a ghost here, but any help or suggestions would be appreciated.Thanks!

4 more replies
Relevance 73.39%

 Hi all,
 
 I am Pousoidis and I would like to thank you for the services you provide. I am pretty sure that I have a virus in my laptop. My system is an Ideapad U410 with Intel® core ™ i5-3317u 1.70ghz, 8gb ram memory, 64 operating, with windows 7.
 
 At some point I could not click on my start menu button without windows explorer notifying me that it had stopped working and that it was checking for a solution to the problem. I went online trying to read about what I could do. Eventually, I restarted my pc with the option of cheking for disk errors and that seemed to fix the start menu problem; now the windows explorer does not crash. But after that I noticed that I could not open certain programs such as skype and picasa 3 (and μtorrent which since then it has been uninstalled from my pc).
 
 It is then that I became more suspicious and decided to download and run anti-malware programs such as mabm and spybot. None of these can install itself on my pc, always some error message such as "privileged instruction". Was not sure how to proceed from that, so i searched online and came across your site. Thank you again for your help. I apologize in advance, I am not really well versed in the ways of technology. I did run 1 system restore before I visited this site.
 
so I am copy pasting my dds files: 
 
Run by Pousoidis at 13:46:22 on 2014-02-20
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8053.5... Read more

Answer:Infected with some malware. Not allowed to install and run anti-malware.

Hello Pousoidis I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same... Read more

16 more replies
Relevance 73.39%

Hi Guys

hope you can help me. I have a windows Vista sony laptop where I tried to install a mcafee software from someone and i saw a strange pop up , when I closed it, i started to notice few strange things on my machine:

1. spyboy doesnt open anymore and unistalling it then trying to install it give me an error message
2. Malwarebyte anti-malware doesnt open as well.
3. Firefox google homepage doesn't load anymore
4. installing mcafee security software (clean version) doesnt load

I hope the log of hijackthis will shed some light on what's going on
thanks a lot

Karim
 

Answer:malware infection stopping spybot and anti-malware!

just want to update that the first 3 issues still in place but point 4 isn't a problem anymore. I successfully managed to install the mcafee 2008 security centre and I will be making a full scan, while waiting for any suggestion for points 1 to 3

thanks

Karim
 

2 more replies
Relevance 73.39%

i have looked up this issue and apparently this must be a new one since there is no solution what so ever, even the hidden admin account is defenseless, here is what's going on

1. the PC got infected on windows defenders watch, the infection proceeded to disabling it and what happened next is still unclear.
2. it disabled every anti-malware i tried, even KVRT which is specifically used on this situation. it says my admin has declared anti-virus softwares an enemy of the state. it either wont allow new installation or apparently uninstallation too...
3. just recently, it started blocking powershell, and 2 other apps i have never used before, skeptic to open and see., might be a consequence of not having anything to protect my PC, I am online for 60% of the day.
4. the overall performance has not been impacted, and that's what is worrying me.

things i tried so far

1. manually deleting the viruses carried by the malicious program. i canceled the set up once i found out it was fake but obviously, it didnt work.
2. running KVRT through elevated cmd found some malware but didnt have necessary privileges, it copies the malwares to quarantine and let them loose. that's actually how they protect themselves, they can not be deleted..period.
3. i finally found adwcleaner which destroyed the adwares which plagued my browsers, but after that there is a recurring key which seems to be immortal...screen shot attached.
4. i installed avast premier (the one antivirus which managed to finis... Read more

Answer:Every...i mean every anti malware blocked by unknown malware/virus

To save you all the agro.....a nice clean install......or have you done a back up?

3 more replies
Relevance 73.39%

I am pulling my hair out. Please help. I have followed the instructions in your excellent forum at http://www.bleepingcomputer.com/virus-remo...-antivirus-plus but still no luck. Everytime Malware Bytes starts to run it dies. I have also been unable to get the RootRepeal Report. Same problem - it starts then apparently is killed by Antivirus Plus. I also had difficulty getting the DDS Tool to generate the log files but it finally worked. Here are the two files. At least it's a start. Can you tell me what I should do next? Thank You

Answer:Antivirus Plus Kills Malware Bytes Anti-Malware

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Fo... Read more

2 more replies