Computer Support Forum

virus preventing updates

Question: virus preventing updates

I've somehow got some malware/ trojans/ viruses, whatever you may call them, and I'm unable to update my spyware/ anti-virus software. I currently have Spybot, Zonealarm pro, ad-aware pro and a recent download of the free avg anti virus...all of which are outdated. Can anybody please assist in the removal of these things causing the problems?

Thank you!

Relevance 100%
Preferred Solution: virus preventing updates

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: virus preventing updates

Welcome! to MajorGeeks.com!

Please follow the instructions in the READ & RUN ME FIRST link given further down and attach the requested logs when you finish these instructions.

If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
TDSSserv Non-Plug & Play Driver Disable

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.
READ & RUN ME FIRST. Malware Removal Guide


Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in Safe Mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
To avoid additional delay in getting a response, it is advised that after completing the READ & RUN ME you also read this sticky:
Don't Bump! It Only Hurts You!

Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.

3 more replies
Relevance 68.06%

Hello guys, I hope I've posted this in the correct place. I'm only averagely tech minded so I'll try my best

I'm running Windows XP (sp3) and mostly use Chrome browser with IE occasionally.

My Avira Free has refused to net update for over 24hrs, and when I look at Internet Options I see the 'use proxy server' button is checked although I've previously un-checked it. I've managed to download manually from Avira and am currently running a scan with it & Malwarebytes.

I have some log files but I take notice of the warning against posting hijack this logs in this forum.

There are several processes & files that look decidedly fishy to me but am not sure of where/how to proceed. "ProxyServer = http=127.0.0.1:49717" for example!

I also use Malwarebytes free version & update & scan regularly with this & Avira free AV.

I usually scan any potentially fishy files with AV & MWB before downloading but something's gotten through (could be another user when I've not been here is responsible) or can hardware like a cheap chinese USB hub be responsible?

Answer:malware &/or virus (I think) is preventing AV updates

Welcome joolzLet's run these as I feel you have a rootkit.Many malwares like to change the proxy setting on you.Please click Start > Run, type inetcpl.cpl in the runbox and press enter.Click the Connections tab and click the LAN settings option.Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.Now check if the internet is working again.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.... Read more

10 more replies
Relevance 68.06%

hello everyone,
my sons laptop has acquired a virus. (an acer aspire 5100 on xp)basically it is preventing any windows updates & any security scans. It is clever; for example if i attempt trend micro house call i get blue screen & the pc shuts down immediately. When i reboot it refers to fat32 as follows:
checking file system on c the type of the file system is fat32.

i have current subscription to trend micro internet security for three pc's but can't download due to the virus.
i am not a "power user" but i am capable of starting the the laptop in safe mode & carrying out basic tasks.(but it appears to be stopping that unless i'm doing something wrong with the "f8" key)

how serious is this & is there the idiots guide to a resolution?
thanks for looking bob (uk)
 

More replies
Relevance 53.71%

I'm having startup issues with a Windows 10 Build:
Cumulative update for Windows 10 ver. 1511
KB3192444. (I hope I copied it correctly).

Before this update is installed the problem doesn't exist, after it's installed it does.
I posted this issue here but have not gotten any help.
Because windows 10 automatically installs updates I needed to go into Group Policy Editor-Computer Configuration-Windows Components-Windows Update and set it to
"Notify for download and notify for install"

But, when I go back into settings for windows update advanced settings, the choose how updates are installed has remained with the same 2 options.

How can I be sure that Windows 10 does not install this update????
Does changing this setting in GPE work ok?

Any help will be appreciated,
James

Answer:Preventing Auto Updates

Hi, to hide (stop) a particular update see:
Windows Updates - Hide or Show in Windows 10 - Windows 10 Forums

1 more replies
Relevance 53.71%

I'm having startup issues with a Windows 10 Build:
Cumulative update for Windows 10 ver. 1511
KB3192444. (I hope I copied it correctly).

Before this update is installed the problem doesn't exist, after it's installed it does.
I posted this issue here but have not gotten any help.
Because windows 10 automatically installs updates I needed to go into Group Policy Editor-Computer Configuration-Windows Components-Windows Update and set it to
"Notify for download and notify for install"

But, when I go back into settings for windows update advanced settings, the choose how updates are installed has remained with the same 2 options.

How can I be sure that Windows 10 does not install this update????
Does changing this setting in GPE work ok?

Any help will be appreciated,
James

Answer:Preventing Auto Updates

Hi, to hide (stop) a particular update see:
Windows Updates - Hide or Show in Windows 10 - Windows 10 Forums

3 more replies
Relevance 53.71%

Hi,
Right now i have about 56 updates pending, most of them office updates, and a couple of Windows updates.
I've discovered that a update is preventing my PC from sleeping, as when i do a system restore back to before i updated my PC will sleep, and then instaill them again my PC wont sleep.

I'm assuming its a windows update rather than an office update causing this problem.
Is there a better way to see which update is causing the problem rather than instailling each update, one by one?

More replies
Relevance 53.3%

What can I do to prevent updates from preventing me from using my computer?
Apparently whoever designed Windows update never considered the possibility of people using small SSD drives that only have a fraction of the space required to run applications. Everything worked under Windows 7, although I did have to do some tweaking to get it to install apps directly to drive E: (my multi-terabyte hard drive). After installing Windows Update, I had to do the same registry tweak to make it install programs on drive E:, and it worked fine the first six weeks or so, but then it started routinely breaking one or two of my applications with each update. The problem was initially tedious to fix, but I eventually got everything working. However, I was not successful at getting Windows to comply with running my Chrome browser from E: I finally relented, and moved as many of the commonly used apps to drive C: (the SSD) and consequently had to set the cache size smaller. Everything was fine for another month or so.
However, beginning sometime in November, Windows updates started failing. It schedules an update, runs the update, reboots my computer, says the update failed, and reboots the computer again, uninstalled the update, and then it works. This was an annoyance, but since it only happened once a month, I put up with it.
Recently however, Windows has started retrying updates every few days, and doesn't bother warning me in advance or asking my permission. It just unceremoniously shuts... Read more

Answer:What can I do to prevent updates from preventing me from using my computer?

In updates, there is a setting to schedule restart, usually 3am. Can you check that setting is enabled?

2 more replies
Relevance 53.3%

Info in this thread:
http://forums.techguy.org/windows-nt-2000-xp/736643-automatic-updates-rundll32-error.html

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:55:39 PM, on 8/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avi... Read more

Answer:MalWare preventing Automatic Updates?

Er hm, was I suppose to post the HJT log while in non-safe mode?
 

1 more replies
Relevance 53.3%

i keep getting this message. i have already disabled automatic updates through group policy editor.

Answer:updates preventing my computer from shutting down

With this batch script you can automatically close apps not responding at shutdown in windows. Please execute the batch script as a administrator.

1 more replies
Relevance 53.3%

I have a Compaq desktop at home running Windows 7 Home Premium. My girlfriend has a user account on it that she uses from time to time. She sometimes needs to restart the computer. When she tries to do that, many times the shut down screen shows "Install updates and Restart" as the default action. Is there a way to eliminate that option for her account or at least make Restart or Shutdown, without installing updates, the default choice? She is careful about changing the option, but I am concerned she might slip up one time.

I have no desire to upgrade to Windows 10 at this time (Yes, I know the free upgrade offer is supposed to end at the end of June). On my account, I manually go through the list of new available updates and remove any that are related to preparing the computer for Windows 10 or actually downloading and installing it.
 

More replies
Relevance 53.3%

Hello.

I posted in the Vista section about trouble I am having with updates installing. One person replied that "[b]ecause of the large number of problems in category items that [I] posted, and the corrupted SFC store," before I do anything else, I should post in this forum to make sure my system isn't infected.

To briefly summarize what I posted over there, I can't get some updates to install, and I have some corrupted files (or corrupted something . . . I honestly don't know enough to know what the problem is).

Here is what I got when I ran the dds:


DDS (Ver_09-03-16.01) - NTFSx86
Run by admin at 16:00:03.31 on Thu 04/16/2009
Internet Explorer: 7.0.6000.16830 BrowserJavaVersion: 1.6.0_07
Microsoft? Windows Vista? Home Premium 6.0.6000.0.1252.1.1033.18.2037.1118 [GMT -5:00]

AV: ZoneAlarm Security Suite Antivirus *On-access scanning enabled* (Outdated)
FW: ZoneAlarm Security Suite Firewall *enabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkS... Read more

Answer:Possible malware infection preventing updates

Hello ti2,

I'm not seeing any malware in these logs. You can run an online scan and see if it detects anything lurking about. It can take some time, so please be patient and allow it to run it's full course:

**Vista users - right click on the IE icon and run as administrator

Using Internet Explorer or Firefox, visit http://www.kaspersky.com/kos/eng/par...avwebscan.html

1. Click Accept, when prompted to download and install the program files and database of malware definitions.


2. To optimize scanning time and produce a more sensible report for review:Close any open programs
Turn off the real time scanner of any existing antivirus program while performing the online scan

3. Click Run at the Security prompt. The program will then begin downloading and installing and will also update the database. Please be patient as this can take several minutes.Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
Click View scan report at the bottom.



Click the Save as Text button to save the file to your desktop so that you may post it in your next reply

2 more replies
Relevance 52.48%

Hi,
Since an automatic update on my computer, my computer will not access the internet. I have tried to resart the computer to a previous point pre-updates but now it will longer do this either. So i am a stuck. Can you help?

Thanks

Answer:Automatic updates now preventing access to internet

Quote:





Originally Posted by duncan hill


Hi,
Since an automatic update on my computer, my computer will not access the internet. I have tried to resart the computer to a previous point pre-updates but now it will longer do this either. So i am a stuck. Can you help?

Thanks




I have a similar problem. Bun not from automatic updates. I updated Adobe reader(it says "Install security update). Since then It appeared in system Tray an yellow triangle with an exclamtion mark on it. If I click on it, it disappears, but my network connection has stopped working. It connects normaly, but the computer works like it would not be connected to the Internet. I unistaled the update, but the problem reappeard after 2-3 days. Now it looks that it is all OK, but I do not know what am I suposed to do.

7 more replies
Relevance 52.48%

I was going to download Norton 2009 antivirus, but the setup said that the computer needed and upgrade. I proceeded to the windows update to check. Sure enough I needed windows service pack 2. I tried to download this but got the error 80072efd. Its not the firewall, but i also realized that I cannot download it directly from the windows update website. I am really confused and need this antivirus cause my computer is infected at this time. All help will be appreciated.

Answer:error 80072efd is preventing me fom downloading updates

hi and welcome to TSF the first thing you should do is go here
http://www.techsupportforum.com/f50/...lp-305963.html and get help for your infection and then see about antivirus i would not choose norton or mcafee as they can cause issues with vista

3 more replies
Relevance 52.48%

I have a paid version of AVG Internet Security 2012 which commenced in August 2012. I've had paid versions in the previous two years and until the last two months have had no problems.
In the past few days when I switch on my PC (Windows XP with Mozilla Firefox browser, wired connection with BT) the automatic AVG update will not proceed, nor will a manual attempt.
Within a few minutes of switching on the following Windows warning box appears on the screen:
'The software you are installing for this hardware - Non-Plug and Plug Drivers - has not passed the Windows Logo testing to verify its compatibility with Windows XP. Continuation of installation of this software may impair or destabilise the correct operation of of your system either immediately or in the future.'
Two options are then given: Continue anyway or Stop installation.
The updates waiting to be downloaded are all version 2238 of the the following: Alert Manager; Anti Rootkit Driver; Anti Spam Component; Scanning Engine; Set Up Component; Kernel components; E-mail Scanner; Firewall Component; User Interface Component; Identity Protection; Language Files (English); Online Shield (Settings); Resident Shield Scanner; Link Scanner HTTP Redirector; Systems Tools Component; TDI Component; Pc Analyzer; Update Component.
If I click on 'Continue anyway' the system attempts to download the updates again but aborts very quickly and the same warning notice appears. If I do nothing the warning notice remains but my AVG page sa... Read more

Answer:Windows preventing paid AVG updates download

I'd recommend putting this to AVG in the form of an email. Even copy and paste what you posted here.

2 more replies
Relevance 52.48%

Hi Guys,

I could use some help getting rid of some malware that has been vexxing me for quite a while now. Looking back at my windows update history, I have been unable to install Vista Security Update KB979683 since 16 Apr 10 with it attempting to install everyday since then and always getting the same error 'FFFFFFFF'

I was unable to get a RootRepeal log as the program would use up all my RAM (2GB) and then just exit itself after about 20 mins.

My logs are attached. Thank You!
 

Answer:Malware preventing Vista security updates

Welcome to Major Geeks!

You ran steps in safe boot mode not normal boot mode. You should be running in normal boot mode to get proper logs unless that is not possible.

Also you skipped running step 6 of the READ & RUN ME so we cannot tell whether you have a Master Boot Record rootkit infection or it is just the disk emulation software you did not disable. To properly continue, you will have to run this step and then rerun MGtools and attach a new log; however, based on the sum of all logs, I don't think you are having malware problems.

While problems with Windows Updates can sometimes becaused by malware, it is quite frequently not malware. It could just issues with Windows itself or it could be your own protection sofware. You could try shutting down Symantec and Windows Defender and see if you can update.
 

3 more replies
Relevance 52.07%

For some reason, whenever windows 8.1 updates, internet explorer stops working. Every time I try to get on the internet, I just keep getting a message that 'this page cannot be displayed'. Skype still works, so the problem seems to be internet explorer itself.

I have decided to switch to google chrome to fix the problem, but I can't do so without getting on the internet.

I would like to restore the computer to a point in which it worked, and I have one restore point which I'm certain will work, but the problem is, immediately after restoring, windows automatically updates, which kind of undermines the entire purpose of the restore. I have tried changing the update settings so it will restore without updating, but as soon as the system restores, my changes are undone and windows then proceeds with the stupid updates.

I just want to get on the internet somehow to install google chrome! (and no, I can't just copy and paste from the computer I'm currently on because this one has windows 7).

Any ideas?

Thanks,
smile puppy

Answer:Windows Updates Preventing Internet Explorer from Running!

Unplug your router, then do your system restore. You then have as much time as you need to configure Windows Update not to auto check.

2 more replies
Relevance 52.07%

I am not able to install the windows updates>>used Express and got like 72 updates required. dloaded all but NONE installed.. got this message>>

A problem on your computer is preventing updates from being downloaded or installed

any help on this? this is after a windows XP install/repair

thanks, bo bo bolinski
 

Answer:A problem on your computer is preventing updates from being downloaded or installed

Re: A problem on your computer is preventing updates from being downloaded or install

no help on this? I am suprised! do I have to do the HJT routine or does someone have an easier solution??

thnx, bo bo bolinski
 

3 more replies
Relevance 52.07%

Hi

With Windows 8.1 Update, how do I prevent all users that the notification of any updates to the apps by Microsoft Store will never be displayed?

Thanks

Bye

Answer:Preventing the notification of any updates to the apps by Microsoft Store

This should cover it: Tech Blog :: Enable/Disable App Notifications In Windows 8

1 more replies
Relevance 52.07%

I have 93 updates for XP & Office 2003 which I cannot install. I have stopped and re-started the update service & tried everything else I can find on the web.

I would be very grateful for any help anyone can provide!

Answer:A problem on your computer is preventing updates from being downloaded or installed

Is your windows update allowed to install updates automatically? Check your settings in the security center. I hope you are updating via a broad band connection. Also does windows download the updates and stalls have way thru the installation? During the install of the downloads, Windows will ask you to accept certain agreements. You may not be seeing these and think Windows has stopped installing. Windows will not move forward unless you respond to these agreement. When downloading be sure all the downloads are complete and upon the installation part, Minimize your screen to see these agreements. IE7 download and install is one of the biggest culprites. It hides behind your Download and install screen.
Hope this helps.

5 more replies
Relevance 51.25%

Hello all!Firstly, thank you so much for running such a magnificent site with such detailed and easily understandable instructions. I direct everyone I know to this site once they become infected--you offer such useful tools and great suggestions. Anyway, onto my problem. I'm working on a friend's laptop that was infected with System Check. (Boo!) The computer is unable to connect to my wireless, nor his wireless at home and the Windows diagnostic tool is of no help in that area. So everything I'm downloading to run on his computer, (rkill, gmer.zip, etc.) is being downloaded on my computer and transferred via flashdrive. Everything is being run on this computer while it's in Safe Mode with Networking. After going through the steps per the removal guide for System Check, I discovered that the infection was a lot tougher to remove than previously thought. It has kept MalwareBytes from being able to update, and I had to initially rename both TDSSKiller and MalwareBytes installer with single word names so that the malware wouldn't stop the process from running. When trying to run MalwareBytes after going through the guide with Rkill and TDSSKiller (which found no infection,) I receive an error from MalwareBytes that states: Program_Error_updating(11004,0,No address found)I am unsure if this is related to the rootkit, or if the rootkit is preventing the update due to the wireless connectivity issue. So I suppose my questions are thus:1.) Is the rootkit... Read more

Answer:TDSS infection preventing updates to MalwareBytes/Internet connection

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me Agent ST for short), it's a pleasure to meet you. I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated f... Read more

18 more replies
Relevance 51.25%

Hi, my computer somehow picked up some nasty little programs that caused a lot of problems. This is my first time posting on a tech help forum so I hope I followed the rules correctly. If I've done anything wrong or you need some information I didn't supply, please let me know and I'll try to correct it ASAP.

Thanks in advance for your help :]
Okay, here's an outline of my problem:

Initially the desktop of my computer was changed into a screen that read "Warning! Spyware has been detected on your computer!" in Blue and Yellow text.

I downloaded and ran a few different antispyware programs:
SUPERAntiSpyware Free Edition
Dr. Web Cure It!
and Malwarebyte's Anti-Malware

Each of these programs detected some things and I had them remove them.

The desktop issue is no longer present now, however two issues that I know of remain.

I use Mozilla Firefox 3 and it works normal, same homepage and everything, except when I do a search in google, I can not follow the links. If I click on a link it'll divert me to some other things.
At first the links (under properties) all lead to some weird website that started with an "a" sorry I don't remember what it was...

Now all the links are to a go.google.com/? followed by a ridiculously long string of characters.

Some of the redirects try to get me to download some pseudo antivirus program antivirus 2009? I think it was called.

Other issues I have is I can't access any help sit... Read more

More replies
Relevance 51.25%

This topic is tied to the following post: http://www.bleepingcomputer.com/forums/t/304226/unable-to-update-mbam-spybots-d-or-avg/I have malware on my machine that prevents me from updating any of my security apps (MBAM, SpybotS&D, AVG). If I do scans with them in both regular and safe mode I receive no results.Steps i've already taken with the help of a moderator includes: - running fixexe.reg - running TFC - running rkill - running SuperAntiSpyware - re-running MBAM (to no avail)Now I have run Defogger, DDS, and GMER and will post the results per the guidelines and attach the appropriate files:DDS.txtDDS (Ver_10-03-17.01) - NTFSx86 Run by Duong at 20:43:34.07 on Mon 03/22/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_05Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1270 [GMT -8:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) coloro:#E567177FW: ZoneAlarm Firewall *enabled* coloro:#E567176FW: NVIDIA Firewall *disabled* coloro:#E567175============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exesvchost.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\WINDOWS\system32\CTsvcCDA.exeC:\Program Files\Juniper Networks\Common Files\dsNcService.exeC:\Program Files\NVIDIA Corporation\... Read more

Answer:Malware preventing security apps updates (i.e. MBAM, Spybot, AVG)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

27 more replies
Relevance 50.43%

Hi,

My desktop PC running on Windows XP Professional with SP3 is infected with some kind of virus/spyware that prevents access to anti virus sites.

The virus has also corrupted McAfee virus scan binary and prevents access to sites which clean spyware/malware. I have Malwarebytes' Anti-Malware and SuperAnti Spyware installed. But they cannot update their definitions since the virus attack started about 1 week ago.

I have tried several attempts to clean the virus/malware using the above anti spyware (McAfee scan is corrupted and won't start). The anti spyware finds a few worms and trojans and says that it cleaned them, but they keep coming back. I ran the scan in Safe mode with/without internet connection but that didn't help.

I have Zone Alarm installed but think that it is also infected.

Following are the main symptoms I see

1. No visible error messages/pop ups during bootup.

2. After booting I see quite a few new programs, mainly from the "C:/windows/system32/temp" dir trying to access the internet. Zone Alarm blocks them.

3. After doing a Google search in IE, if I click any website link, it is redirected to another random site. Sometimes opening the link in another IE window helps. (right click -> "open in new window")
Cannot access Microsoft or any anti virus/spyware related website.

4. Many times a pop up message saying "my computer may be infected with spyware" shows up and asks for running a scan. Initial... Read more

Answer:Virus/Spyware preventing access to Anti-Virus/Microsoft files

Hi there,

* Go here to run an online scanner from ESET.Tick the box next to YES, I accept the Terms of Use.
Click Start
Make sure that the option Remove found threats is UNchecked.
Click Scan
Wait for the scan to finish
Copy and paste report as a reply to this topic.

10 more replies
Relevance 50.43%

I am infected by a Trojan/Virus that prevents me from updating my antivirus software as well as redirects any clicked links from a Google search. I've run Ad-Aware and it removed a trojan but apparently did not completely fix the problem. I have run online scans (Kaspersky and Panda) but the scan either didn't finish or my computer rebooted when the infections were trying to be removed. I've installed MalwareBytes but it will not execute. I've pasted the dds.txt log below and attached the attach.txt and hijackthis.txt logs.

I appreciate any help that can be given.

Thanks,
Brian

DDS (Ver_09-05-14.01) - NTFSx86
Run by brian at 20:38:36.45 on Wed 05/13/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_13
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.3069.1563 [GMT -4:00]

AV: AVG 7.5.557 *On-access scanning enabled* (Outdated) {41564737-3200-1071-989B-0000E87B4FB1}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalS... Read more

Answer:Infected with an unknown trojan preventing updates to antivirus and causing google redirects

Just bumping this up. I'm still interested in getting some help if anyone is available.

I appreciate your time. Thanks.
Brian

4 more replies
Relevance 50.43%

Hi, I'm pretty sure someone clicked on a virus link on facebook because when I viewed my profile on another computer I've somehow started conversations with everyone on my contact list along with a link of the virus. Please help me. Thank you.Edit: Moved topic from XP to the more appropriate forum. ~ Animal

Answer:Virus Preventing connection to Facebook and anti virus scans

Hi, I'm pretty sure someone clicked on a virus link on facebook because when I viewed my profile on another computer I've somehow started conversations with everyone on my contact list along with a link of the virus. Also, on the infected PC facebook never loads up. So far I've done nothing as I was getting ready to format my PC. Somehow I stumbled upon this forum while browsing the internet so I was hoping my comp could be saved. Please help me. Thank you.

7 more replies
Relevance 50.43%

I have a Windows XP Home laptop and I am unable to access any anti-virus websites for updates. Also tried installing Ad-aware but it failed. Malwarebytes found 2 objects but could not delete them on restart. Here are the results from DDS and the GMER results attached. What are the next steps?

Thanks in advance!


DDS (Ver_09-11-24.02) - NTFSx86
Run by Zeny at 14:35:07.86 on Wed 11/25/2009
Internet Explorer: 6.0.2800.1106
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.447.203 [GMT -8:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\America Online 9.0a\aoltray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AOL Companion\companion.exe
C:\Documents and Setting... Read more

Answer:Virus/Malware preventing access to Anti-Virus Sites

Haven't received any responses yet . . . bumping.

Thank you.

16 more replies
Relevance 50.43%

The previous poster of this issue had his post closed after receiving his system restore disks without actually beating the virus and I'm experiencing the exact same symptoms as he had, so here's his post, please help me, I would rather not wait for disks.

My desktop computer contracted a virus, and it's unlike one I've ever dealt with. It seems to be affecting the computer in two ways:

1) When I use Internet Explorer and search Google for something and click on a link, it re-directs to a different website -- usually one about some sort of anti-virus software. It doesn't seem to be affecting Firefox at all, though. Searches and links are just fine there.

2) It prevents any currently installed anti-virus software from running a scan, or any new anti-virus software or anti-spyware software from installing. I had Norton installed, and when I tried to run a scan, it would look like it was running a scan, but nothing happened. I tried installing other anti-virus software (after un-installing Norton) and running anti-virus scans on the internet (like Trendmicro) and nothing worked. It either sat idle like Norton did, or it causes the computer to go to a blue screen and then shut down.

I've perused various forums for a solution, and most of the solutions involve running some sort of anti-virus or anti-spyware program, or programs like HijackThis, and none of these will run on my infected computer.

I also tried to restore the system back to factory settings, but it seems as th... Read more

Answer:Virus Preventing Anti-Virus Software and System Restore

bump >_>Hello KBM,While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large, as are other comparable sites that help others with malware issues. Athough our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, you wouldn't want someone to assist you who is not familiar with your issue and attempt to fix it, would you?We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of... Read more

3 more replies
Relevance 50.02%

My desktop computer contracted a virus, and it's unlike one I've ever dealt with. It seems to be affecting the computer in two ways:

1) When I use Internet Explorer and search Google for something and click on a link, it re-directs to a different website -- usually one about some sort of anti-virus software. It doesn't seem to be affecting Firefox at all, though. Searches and links are just fine there.

2) It prevents any currently installed anti-virus software from running a scan, or any new anti-virus software or anti-spyware software from installing. I had Norton installed, and when I tried to run a scan, it would look like it was running a scan, but nothing happened. I tried installing other anti-virus software (after un-installing Norton) and running anti-virus scans on the internet (like Trendmicro) and nothing worked. It either sat idle like Norton did, or it causes the computer to go to a blue screen and then shut down.

I've perused various forums for a solution, and most of the solutions involve running some sort of anti-virus or anti-spyware program, or programs like HijackThis, and none of these will run on my infected computer.

I also tried to restore the system back to factory settings, but it seems as though the system recovery partition doesn't exist, or has been disabled by the virus. I'm not exactly sure, because I just got the computer recently and I guess I never paid much attention as to whether or not there was a recovery partit... Read more

Answer:Virus Preventing Anti-Virus Software Scans

This sounds exactly like something that took down my work computer last week, all the same symptoms...ended up doing a clean install. Ugh!

Couldn't get anything mBAM or AVG to do anything....

...I am/was running XP...

I am *very* interested in any info anyone may have about this!

16 more replies
Relevance 50.02%

I posted about this in the "Am I Infected?" area, but after several attempts at removing this beast of a virus, I was told to post here. Topic referenced is here: http://www.bleepingcomputer.com/forums/t/241480/virus-preventing-anti-virus-software-scans/ ~ OBThe contents of my original post:My desktop computer contracted a virus, and it's unlike one I've ever dealt with. It seems to be affecting the computer in two ways:1) When I use Internet Explorer and search Google for something and click on a link, it re-directs to a different website -- usually one about some sort of anti-virus software. It doesn't seem to be affecting Firefox at all, though. Searches and links are just fine there.2) It prevents any currently installed anti-virus software from running a scan, or any new anti-virus software or anti-spyware software from installing. I had Norton installed, and when I tried to run a scan, it would look like it was running a scan, but nothing happened. I tried installing other anti-virus software (after un-installing Norton) and running anti-virus scans on the internet (like Trendmicro) and nothing worked. It either sat idle like Norton did, or it causes the computer to go to a blue screen and then shut down.I've perused various forums for a solution, and most of the solutions involve running some sort of anti-virus or anti-spyware program, or programs like HijackThis, and none of these will run on my infected computer.I also tried to restore the system back to factory set... Read more

Answer:Virus Preventing Anti-Virus Software Scans

I received my System Restore discs, so I just did a complete restore to factory settings to get rid of the virus. It worked, so this thread can be considered closed.

Kris

2 more replies
Relevance 50.02%

Hello,

I hope you will be able to help me with this.

I seem to have a virus of some sort that's preventing me from running any of my Anti-Virus, Anti-Malware or Anti-Spyware programs

Whenever I try to run one of them, the program will just close half way through without any warning messages. If I try to open to open the program again, I get an error message saying

Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item.Click to expand...

The programs that I have tried to run and have had this problem with are:

AVG AntiVirus
MalwareBytes' Anti-Malware
GMER
SuperAntiSpyware
HiJackThis

Because HiJackThis has been affected as well, I'm unable to provide you with a log. I'm hoping it won't be a problem when it comes to helping me get rid of the virus.

Many thanks

Roz
 

More replies
Relevance 50.02%

Hello, I am not able to update Malwarebytes, Windows Defender and run Avira Connect that I have downloaded.I did have AVG but has not been updating so I removed it and downloaded Avira, It won't install. I have run Malwarebytes but it can't update and so has not found anything.I can't update Windows defender,even though I am connected to the internet it tells me there is no connection.I am running Windows 10Help!!

Answer:HELP! A virus is preventing me from updating and launching virus protection.

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. 1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.2. The fixes are specific to your problem and should only be used for this issue on this machine.3. If you don't know or understand something, please don't hesitate to ask.4. Please DO NOT run any other tools or scans while I am helping you.5. It is important that you reply to this thread. Do not start a new topic.6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.7. Absence of symptoms does not mean that everything is clear.If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line. *************************************************************************Try booting in Safe Mode and run the scans. Windows 10 has its own AV called Windows Defender. You don't need anothe... Read more

1 more replies
Relevance 50.02%

The problem started a few days ago when I got a fake anti-virus, I promptly killed it with Malware Bytes Anti-Malware or so I thought. Later that day the computer restarted without prompting or warning and then kept restarting just after windows loaded. So I went into safe mode and ran AVG Malware bytes and Spybot. They all found stuff and killed them. I left the computer a bit and there was another Fake anti-virus. I killed it and then winlogin and severel other windows system files were being killed by Data Execution Prevention. After several attempt to remedy the problem we took drastic steps. WE formatted and reinstalled windows. We couldn't activate this windows because it wouldn't give us a installation ID so we found a disk with the version of windows the computer previous;y had from an older computer that got fried. Because of this there are 3 OS on the computer. The recovery drive which was not included in the format reads as: Unrecognized Operating System on drive C and XP Professional which should have been erased from the 2nd formatting from the current OS XP Media Center.

Now that we are able to logon we saw that the bugger was still there. I can get on the internet but the virus is preventing me from getting help anti-virus and anti-spyware sites are all not coming up. I do have 1 anti-virus that I have on CD but it's 2 years old and the virus won't let it update. Now I am here.

DDS:

DDS (Ver_09-06-26.01) - NTFSx86
Run by EnzoreDax at 11:44:31.53 on ... Read more

Answer:Virus Preventing Access to Anti-Virus websites

Hi DragonFox,

Wow.. This machine is heavily infected!!

Sorry for the delay in looking into your log, as we are extremely busy in this section of the forums. If you still require assistance and are not seeking help elsewhere, then please carry out my instructions.

Please subscribe to this thread so that you are notified when you receive a reply. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Add Subscription.

--------------------------------------------------------------

Please re-run DDS and post the resulting logs

Thanks

1 more replies
Relevance 50.02%

I have been getting redirected to fake anti-virus sites when using explorer and firefox keeps having an error and closing down on me. I used my malware and anti-virus programs to check for infections. I updated them manually and tried it again and they say there are no infections, however I still can't update my AVG or Avira from their interface.

Any help would be appreciated, I'm gone as far as I can with it on my own.
Thanks

Answer:Virus redirecting me and preventing from updating my anti-virus?

Have you used Malwarebytes? If so, please post a log. If not:In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.If prompted with a legal dialog, accept the warning.Click and then on "Advanced Mode"
You may be presented with a warning dialog. If so, press Click on Click on Uncheck this checkbox:
Close/Exit Spybot Search and DestroyIf teatimer was already off proced with this nextPlease download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the ... Read more

1 more replies
Relevance 50.02%

Hey there...

I must have some sort of virus preventing me from installing anti virus program, and even accessing their websites online.

It seems to be the same problem as bill here, had back in 2008.
Virus Prevents Access to Antivirus Sites

What should I do?

Best Regards - Lasse

Answer:virus of sorts, preventing anti virus installation...

Hello and Welcome.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 50.02%

I have a particularly nasty bugger that has apparently found it's way into my recovery files. The only anti-virus I have been able to put on the computer is 2 years old and the virus won't let it update and as the title says I cannot access the anti-virus parts of any anti-virus website. Preemptive thanks you for any help you can provide.

HiJackThis Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:34:21 AM, on 7/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\WLTRYSVC.EXE
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\bcmwltry.exe
H:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\Iexplore.exe
H:\WINDOWS\ehome\ehtray.exe
H:\WINDOWS\system32\WLTRAY.exe
C:\windows\ld12.exe
C:\windows\pp10.exe
H:\Program Files\Softwin\BitDefender10\bdmcon.exe
H:\Program Files\Softwin\BitDefender10\bdagent.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\HostsMan\hm.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\HiJackThis\HiJackThis.exe

O2 - BHO: H:\WINDOWS\system32\grffr83hn.dll - {D76AB2A1-00F3-42BD-F434-00BBC39C8953} -... Read more

Answer:Virus Preventing Access to Anti-Virus websites

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 50.02%

I have Malwarebytes and Microsoft Security Essentials installed. The former is running all the time while I only run MSE occasionally to do a scan. I don't run them together so they don't conflict.

A few days ago I was getting a bubble pop up in the corner of my screen saying Malwarebytes was blocking outgoing connections to several IP addresses.

I updated MWB and did a scan which found something and asked me to restart to remove it. After I did this I was still getting the pop up messages about blocking connections but subsequent scans found nothing so I ran MSE which did find something (Cutwail.BE) that was quarantined automatically.

After this I restarted again and when I logged into Windows the MWB live protection module (I forget the exact name and can't open it to check) and MSE Real Time protection were both disabled and I got an error when I tried to enable them.

I know viruses can cause problems with updating these programs so I ran more scans with both MWB and MSE separately. MWB never found anything else but MSE found another instance of Cutwail.be and Necurs.A.

The next time I restarted I was unable to update either anti-virus program and just now Malwarebytes told me it was installing a new version of the program, which I didn't get a choice about, and now it wont open at all.

Neither MWB or MSE are finding anything when they scan now but I think something is still wrong because I can't enable real time protection or update them.

I have access to a Wi... Read more

Answer:Virus preventing anti-virus working properly

BUMP, please.

14 more replies
Relevance 50.02%

Hello all. I definitely got myself something pretty bad I think. I'll try to explain everything along with an attached Hijack log. I run Vista 32bit.

A few days ago I noticed random programs erroring out. At first firefox would crash. Then Zune marketplace would crash. I ran AVG and Malware and both came up clean. I didn't think anything of it. Then I started to have some Bsod's.

One of the restarts I noticed there was a windows security warning. Now my AVG was disabled and no matter how I tried to enable it, nothing would happen. Also, I had trouble starting the scan. When I was able to get the scan running, it would error out or bsod. Also, it seems almost all of these bsod's are different. I've gotten "IRQL not less or equal" to "memory management." It seems to be random.

So I restarted in safemode and tried to run AVG. It froze. I read to uninstall it using the avgremover and I did. When I tried to reinstall it, it errored out twice before it was sucessful. However, when scanning, it'd just freeze. Also, when I try to just start up AVG, I can't find a place to start it. It's all "AVGUI" and such files but no base application.. if that makes sense.

I tried to download another anti-virus, like Avast, and that too wouldn't install.

Please let me know if you need any other information. Thanks in advance!

EDIT: Whoops, tried to attach log. Here's my Hijack.

Running processes:
C:\Windows\sys... Read more

More replies
Relevance 50.02%

Hello, I am not able to update Malwarebytes, Windows Defender and run Avira Connect that I have downloaded.I did have AVG but has not been updating so I removed it and downloaded Avira, It won't install. I have run Malwarebytes but it can't update and so has not found anything.I can't update Windows defender,even though I am connected to the internet it tells me there is no connection.I am running Windows 10Help!!

More replies
Relevance 50.02%

Greetings All,

I had an older version of McAfee Virus software (which I received from the army), their contract expired unbeknownst to me September 16th. When Comcast notified me that I could download free the McAfee virus software I jumped at it. However, my computer cannot access mcafee.com, symantec.com or it appears any other security site. It appears from reading other sites and yours that there could be a fix. Here is my hijack this log, I have Windows ME...I have Registry First Aid and Spyware Blaster. Any thoughts are appreciated.


Logfile of HijackThis v1.99.1
Scan saved at 10:34:35 PM, on 11/2/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\PROGRAM FILES\ADAPTEC\GOBACK\GBPOLL.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\SK9910DM.EXE
C:\CABS\7510447\USB\WIN ME\PRELOAD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\IIEVTE.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE
C:\PR... Read more

Answer:Virus Preventing me from loading McAfee or any other virus software

Hi Todd, and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back to address your problem A.S.A.P.

Please Subscribe to this thread, (Thread Tools->Subscribe to this Thread) so that you are notified when a reply has been made.

Please be patient with me during this time.

Thanks,

RavenMind

2 more replies
Relevance 48.79%

Hi
My netbook had a serious fault last week which involved a new mother board being fitted under warranty. This was done by a reputable pc suplier. I am at the moment running Windows Xp Service pack 3. The computer started playing up bringing up various pop ups saying infiltration alert. It got so bad the computer was unusable. One alert said you computer is infected with "Baker Fox" Virus, "download this program to remove it". I didnt download, i Just rebooted. At this time i noticed i could not access the task manager. I tried to run a scan using my installed AVG virus scanner and it just says this program is infected and windows protection system has closed it down. After searching the internet for details of Baker Fox virus I downloaded via another pc Malwarebytes anti-malware program. I could not run this from the infected PC it just wouldnt run. Unless i rebooted into safe mode, Then it ran and found a few small errors which it fixed. The pop ups have now dissapeared but the internet connection via Internet explorer is very strange. It allows me to browse as normal but it wont let me down load any virus protection software, also my Google tool bar is missing when i try to install the tool bar again, it wont let me. A fried lent me a copy of Dr Web Curit. Which i tried to run, Again the computer didnt allow it to run unless it was booted into safe mode. Then again it found a few low risk problems and removed them. But the problem still remains.
Pl... Read more

Answer:Virus preventing virus programs running

Howdy there LyntonW and welcome to TSF Forums

I'm Steve and I will be helping you throughout this fix.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. It is IMPORTANT that you don't miss a step. Please perform everything in the correct order/sequence.

Vista users please make sure you all run commands with administrator rights (right click icon - run as administrator)

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription

Please note that the forum is very busy and if I don't hear from you within three days from this initial posting then the thread will be closed.

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

* Ensure you install the recovery console when requested

Please include the C:\ComboFix.txt in your next reply for further review.

6 more replies
Relevance 47.97%

So AVG was recommended to me as an anti virus and I downloaded it which was a huge mistake. I recently got some adware (I hope this isn't the wrong section to post this in, I apologize if it is) which is particularly stubborn. AVG said it removed it but did nothing, so I tried adwCleaner and Malwarbytes which also did nothing. I deleted those two and thought I deleted AVG, but when I tried to download Kaspersky it essentially said AVG stopped me dfrom downloading, so I went through my hidden files and when I clicked delete on avg in the local section it said I couldn't because I had it open in another program, I have no clue which and have tried it on multiple occasions. I tried to do a system restore and it said my anti-virus stopped it, thanks AVG. I forget the name of the adware that essentially downloaded itself but I think it had surf in the name, it makes me unable t use chrome or firefox because every new page I go to I get a new popup. Internet explorer doesn't have the popup issue but is about a tenth of the speed it was before. What can I do? Any help greatly appreciated, I know you're very busy and I am glad there's a service like this available.

Answer:I've got a virus, and AVG is preventing me from trying to fix it.

Hi Rwhie84 and welcome to BC.Please take note of the following:1. Please do not run any other tools unless instructed.2. Please don't install or uninstall anything unless asked.3. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.4. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.5. Please reply to this thread. Do not start a new topic.We need to have a good look at your system in order to determine the exact problems.Note:There are both 32-bit and 64-bit versions of Farbar Recovery Scan Tool available. Please pick the version that matches your operating system's bit type.If you are unsure what you're system bit type is..... click Here for help.For x32 bit systems download Farbar Recovery Scan Tool and save it to your Desktop.For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.Double-click the downloaded icon to run the tool. Vista/Windows 7/8 users right-click and select Run As AdministratorWhen the tool opens click Yes to disclaimer.Make sure that Addition.txt is selected at the bottomPress Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.In your next reply, please submit:Both reports from FRSTThanks.

17 more replies
Relevance 47.97%

My sibling was browsing the internet on my adminstrator account and was kicked off by some sort of bug or virus. When i tried logging back into my account it shows a black screen with security options for firewalls and other things. If i attempt to change any settings nothing happens, and if i exit the screen it just shows the black background, no desktop or icons or anything. I was wondering if there is a way to delete my admin account from my siblings account, as his is unharmed. Or possibly a way to restart the account or wipe it, anything that will make it work again.

Answer:Bug or Virus Preventing Log On

Can you get in safe mode?
Safe Mode

9 more replies
Relevance 47.97%

Hi,
I have two files whch I cannot delete. Namely Apache and MYSQL. They have been
erased in the registry and everywhere else. These files are located in Computer
Management in the Services folder. I see NO method of deleting them. I be very
grateful if you could tell me how to achieve this.
regards
Gerry
 

More replies
Relevance 47.56%

I have a windows 7 HP and it was given to me already used from family, fairly new. So there was no anti-virus anything. A program came up that my computer was infected, this program did not seem ligit, nothing that I have heard of before. But this program says that I need to buy it, in order to get rid of the virus.

This program is not letting me open anything, I can not get to the Internet (I am now using my friends computer), I can not open any simple "cleaning" program that is already in windows 7, because the virus program said that me opening the internet or anything is a rick to getting more infections. There looks like there is no hope. I know that the longer the computer stays off, the worse it gets, but I am not sure of what to do.

Please help me, anything would be helpful.
 

More replies
Relevance 47.56%

It seems like a virus is preventing me from logging on to my computer. The computer starts just fine but upon turning on, the screen is just blank. I cannot access safe mode either. Just before I discovered this problem I had done a partial scan of my computer with MalwareBytes and removed the viruses I found. Upon this, I was asked to restart the computer. Please help! Thank you.

Answer:Virus preventing login?

You might have to boot from your operating system disk and run a repair. The virus could have affected the mbr.

9 more replies
Relevance 47.56%

Well, I'm not 100% sure if its a virus or not. A few days ago I was surfing the web.. and out of nowhere files start downloading to my desktop and an icon in the tray popped up and said I had an infection and to click the balloon to get rid of it. So I clicked it.. and nothing happened, I tried running all my scanners but they all crash.. ewido finds 2 critical object but it never gets the chance to delete them. My anti-virus program System Suite Pro is fully updated and everything, and it doesnt find anything. Also, Adaware crashes..and same with Spyware Doctor.. needless to say.. I think something is wrong. I think the only virus scanner that didn't crash was Trojan Guarder, but it just said it removed 1 virus and it doesnt say which one. In addition to all my scanners not working, it seems at the same time my task manager has been disabled when I right-click on the taskbar its greyed out.. same if I ctrl+alt+del. Here is a copy of my HJT, any suggestions?

Edit *
----------------------------------------
I updated ewido, and it found the following.
I typed these down before ewido crashed.

Infection: Downloader.Agent.uj
Process:[560] VM_00D70000
Infection: Downloader.Agent.uj
Process:[584] VM_00F40000
Infection: Downloader.Agent.uj
Process:[7272] VM_00B90000
Infection: Downloader.Agent.uj
Process:[7584] VM_009E0000
Infection: Downloader.Agent.uj
Process:[2080] VM_003C0000
Infection: Downloader.Agent.uj
Process:[2060] VM_00B70000
-----------------------------------... Read more

Answer:Virus Preventing Scans

7 more replies
Relevance 47.56%

Hi, i got virus that is preventing everything. Anti-virus and the internet. i tried some virus removers but none work because the virus says that the programs are infected. i mean Everything. even the space pinball that is under the game section of the windows xp applications. i need help!

Answer:antivirus preventing virus

Here you have to Install any one good anti-virus and, You must run a virus scan in Safe mode, because the virus worm might be running in the background, and you cannot remove it unless the computer is in Safe mode where no applications are running.1.) Restart your computer and start-up happens quickly. When you see the first screen when your computer is rebooting, hit "F8" key. 2.) Select "Safe Mode" from the list of options. This will take you to a desktop that looks very different from your regular desktop. 3.) Run the virus scan. When any virus worms are detected, place them in quarantine or delete them. If you are unsure what to do or what the virus is infecting, always select quarantine.4.) Allow the scan to run through everything, and then return your computer to normal operating mode if the software does not prompt you to do so. Simply restart the computer to return to normal operating mode.5.) Reconnect your computer to the Internet and check with the anti-virus software's publisher to make sure you have the latest updates. If not, download them now6.) After updating the anti-virus software, run it again until your computer comes up clean.7.) After the above steps, download and run good Anti-Malware, adware, trojan remover softwares like Malwarebytes, remove it pro, hitman pro, or trojan remover etc..Performing this will clean your system.Kindly get back us the result to assist you further.Thank you :-)Regards,PCS365_3ISHA KRISHNA KPBangalore.

5 more replies
Relevance 47.56%

I was recently attacked by a trojan which messed with my system files resulting in blue screen of death. And while I was able to load up in safe mode, the only program run was the trojan which was ironically called CleanThis. After using system restore my computer seems to be back to normal, however I am a little scared that the the Trojan might still be lurking somewhere. Can someone see anything suspiciousIn addition my computer keeps trying to open Malicious Site199.80.55.19 (I know this as my avast network shield keeps blocking) Am I being hacked or is this a virus that I can't loacate?Here's my Hijackthis log. Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:04:56 PM, on 18/03/2011Platform: Windows 7 (WinNT 6.00.3504)MSIE: Internet Explorer v9.00 (9.00.7930.16406)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Alwil Software\Avast4\ashDisp.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exeC:\Program Files\DivX\DivX Update\DivXUpdate.exeC:\Windows\system32\taskhost.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\WordWeb\wweb32.exeC:\Program Files\Steam\steam.exeC:\Program Files\McAfee Security Scan\2.0.181\SSSchedule... Read more

Answer:Help preventing a Trojan Virus

The log looks clean although I would uninstall all toolbars.How do you know when a politician is lying? His mouth is moving.

6 more replies
Relevance 47.56%

Hi All.

One of the PC's at work got hit by a very nasty email virus. What happened was the boss opened an email from an unknown address and downloaded and opened an attachment (I know, I know!).

He says he got a message saying that the computer was infected with a virus and was shutting down. SInce then when I try and turn it on all I get is a continuous beep for about 4 seconds and nothing else. I tried putting the windows xp disk in, but cannot even access the boot order to boot directly from CDROM.

I am planning to take the HD out of the office PC and stick it into my home PC as a slave in order to wipe it clean, then put it back into the office PC for a clean install. Am I risking damaging my own PC in the process?

Thanks in advance for any help and advice I may get.

Cheers all.
Aaron.
 

Answer:Virus preventing PC from POSTing

OK. Managed to sort this myself.

Installed new memory, rebooted, deleted temp internet files, run antivirus software, hey presto!!

Thanks for looking anyway.
A.
 

2 more replies
Relevance 47.56%

turned m computer on this morning and boom massive fake spyware virus claiming im infected, although it is my fault as i clicked run on an unknown thing last night, i just wasnt paying attention. anyway whenever i try run anything but IE it says cannot run blah.exe because it is infected. so i cant run my antivirus spyware s--- to stop italthough after i ran it i did prevent information leaving through its firewall, heres hoping thats still running and its just hidden it. it also removes all icons from system tray, and calls it self system tools. i checked programs but nothing out of ordinary so i think its in win32 somewhere but i dont know where to look. please help.

Answer:virus preventing .exe running

If you can get online, download, install and update MalwareBytes freebie which is good at fixing these. If the exe for the download won't run then change it to bat.Similarly if the actual program won't run then change the program's exe to bat.If you can't get the download get it on another machine and put it on a flash drive.Once the thing has been dealt with, if you still can't run exe files, then chose EXE from here:http://www.winhelponline.com/blog/f...(but run MalwareBytes first)We all live on the same ball.

5 more replies
Relevance 47.56%

I usually use IE7 or my AOL VR on my vista system but will not download anymore except through Firefox occasionally? I have run the usual spybot SD and AdAwareSE but apart from discovering Myweb which I duly deleted via the dos prompt method no other suspicious items are in sight.Any help please?? gertting annoyed with myself on this one.

Answer:Virus preventing me downloading

I would start here:Post the logs and one of our malware specialists will help you.

14 more replies
Relevance 47.56%

Hello all, i am having a problem with a possible virus. This virus does not allow IE7 to show. It only leaves the page as Diagnose Connection Problem. Firefox works fine as a browser (which is what i am using right now), but it is not my default browser. Also, it wont let me access things such as WoW, LoL, or even Xbox Live. Each one asks if I am connected to the internet. Please help, thanks.Jcaps

Answer:Help, internet preventing virus

Please follow the instructions in the following link and post your logs: http://www.computerhope.com/forum/index.php/topic,46313.0.html

14 more replies
Relevance 47.56%

This morning my sister's packard bell pc won;t start. It seems to be on a loop between start up screens (going between the screen used when prompting to go into the bios and the screen used when pressing for safe mode). She suspects this problem was caused by a virus.Last thing last night she opened a an email daemon undelivered email (no attachment) and is now convinced that it contained a virus. She can't 1) reboot from drive A (system restore disk does not work or the A drive doesn't work -different problem)2)reboot into safe mode just goes into start up loop.Any ideas how she can get get started so that she can scan and clean? She has AVG and a-squared etc.Any

Answer:Possible virus preventing reboot

Which OS please

7 more replies
Relevance 47.56%

cannot open windowsxp (get application failed to initialize properly (0xc0000005) think this is virus. Can you help?

Answer:virus preventing me from booting

Welcome to TSF

Read the instructions HERE and post the requested logs HERE. We do not deal with virus infections in this area of the forum.

1 more replies
Relevance 47.15%

I'm running XP and have service pack 3.
I've tried running AVG, Malwarebytes, Hijackthis, gmer, and others but they all just close automagically or get and an error saying that it has to close. Even in safemode none of these work. Don't know what to do please help.

Answer:virus or something preventing me from using virus scanners

oh yeah I do have my windows CDs also. Please help.

19 more replies
Relevance 47.15%

Trying to fix a friend's pc. He has XP Pro sp3. Infected with trojan horse generic 18.bwndPC can ping but IE browser does not work. I also tried Chrome browser - nada.I tried many things: ccCleaner, deleting local settings temp files, install run MalwareBytes, install avast! and run full scan. I think the virus has been deleted but damage is done.Originally detected by AVG. I deleted AVG and kept avast! That's what I use.I am attaching a HijackThis logThanks!JeffP.S. hmmm..don't see an attach button

Answer:Virus preventing access to internet

For those who have faced this virus and did not get an answer, here it is:The virus has replaced your HTTP proxy setting (port80) with something else. So after you clean the virus and need the internet back, do this:Open IEUnder Tools, click Internet OptionsClick Connections tabClick LAN connections (settings)uncheck the Proxy settings box (it will probably be shaded out with something other than port 80 in the field.Internet should work!!

5 more replies
Relevance 47.15%

Well, this all started off trying to fix my wifes computer. I am in the AIr Force, and currently in New Mexico. My wife is in Florida, and she all of a sudden can not connect to the internet. Fine one day, nada the next. So, I was looking up some sites, and got the Antivirus XP 2008 crap. Fun. I'm running Norton Firewall, Antivirus enterprise editions, they are super, let me tell you! So, I am ready to smash this laptop to pieces. I found this site, and I have a feeling I can get this thing removed with all your help. I downloaded the Spyware removal Guide, and attempted to download the software. I can't get any page from Tech-Dump or Bleepingcomputer to open at all. IN fact, I am having a lot of problems with the whole web page redirection. Any links I click in Google or Yahoo searches get redirected. I can't open any Microsoft pages either. So, I was only able to download trsetup, msconfig cleanup, cleanup452, and ccsetup. That's it. Is there anywhere else I can get the rest of those files? I don't want to start using the guide if I don't have the right stuff.
Thank You!
Daniel

Answer:Virus preventing me from opening websites

Since you have those downloaded go to start, run, type Msconfig and press ok. Then go to the startup tab and click disable all. Make sure you recheck Norton Antivirus. Now don?t reboot just yet. Run ccleaner and cleanup and then reboot. Then try to access those sites. Then download Malware Bytes http://www.malwarebytes.org/ if you can and run that. Then try to post a hijackthis log. Let us know what you can and can?t do and we will work from there.

1 more replies
Relevance 47.15%

I can't download anything at all ! I tried using a antivirus Cd but that's not working either. I also tried going in safe mode but no luck! How can I get rid of this nasty virus?Mod edit ,moved to the Am I Infected forum.~~boopme

Answer:Virus preventing antivirus download!! Help please!

Hello, you have tried safe mode with networking?Try getting these from another machine. Put them on a Flash Drive and run from there.Download FixExec.exe to your desktop.Double click on the downloaded file to run the fix.When the program has finished, it will generate a log on the desktop called FixExec.txt.Post the log in your next reply.NOTE: If for any reason you're not able to execute FixExec.exe rename it to FixExec.com, FixExec.pif or FixExec.scr....Please download Rkill by Grinler and save it to your desktop.Link 1Link 2Double-click on the Rkill desktop icon to run the tool.If using Vista, right-click on it and Run As Administrator.A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.If not, delete the file, then download and use the one provided in Link 2.If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.If the tool does not run from any of the links provided, please let me know.Do not reboot the computer, you will need to run the application again....Malwarebytes Anti-Malware Free and Malwarebytes Chameleon----------Download Malwarebytes Anti-Malware Free and save it to your desktopDouble click the desktop icon, click Run, then OKClick NextSelect I accept the agreement then continue to click Next then finally click InstallUncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish... Read more

7 more replies
Relevance 47.15%

Dell Dimension
Microsoft XP
2002 SP3
Intel Pentium 4, 2.8 GHz
.99GB Ram

I found a virus on my computer about 2 days ago, when Spybot S&D started to repeatedly pop up alerting me to registry changes that I had not made. I clicked deny on all of them, although my computer still eventually was infected. Now, I can't even open Spybot. I ran Ad-Aware and Dr. Web Cureit, the latter finding roughly seven trojans that I removed. Initially, the alerts told me it was a virus related to Userinit? Anyway, I thought I had fixed it. Restarted my computer. Computer immediately upon loading desktop crashes to blue screen of death and says that I need to run it in safe mode. S Ran computer in safe mode, but computer will not allow me to install Hijackthis, nor will it let me use Spybot or Malwarebytes. Not quite sure where to go from here.

Problem:
Crashes upon startup to blue screen.
Can't install Hijackthis.
Only some antivirus/adware programs run, no progress.

-Jon
 

Answer:Trojan Virus(s) Preventing HJT Install.

Bump
And,
I tried it again, the exact text of the bluescreen that I get reads:
DRIVER_IRQL_NOT_LESS_OR_EQUAL
And then,

Technical Information:
*** STOP: 0x00000D1 (0xE2747000, 0x00000002, 0xAA201CF6)
 

1 more replies
Relevance 47.15%

I have tried several suggestions on this web site to try and remove the virus, including running in safe mode, trying to run Malware Bytes off an external drive, etc., but without any luck. Since I am unable to run any scanners (have tried Norton, McAfee, Malware, MRT, and SuperAntiSpy), I finally ran the Win32KDiag utility, and am posting the log generated. Hope someone can point me in the right direction on how to get rid of this virus.

**************************
Running from: C:\Documents and Settings\Administrator\Desktop\Win32kDiag(2).exe

Log file at : C:\Documents and Settings\Administrator\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Found mount point : C:\WINDOWS\$hf_mig$\KB915865\KB915865

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB953838\KB953838

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\addins\addins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP18C.tmp\ZAP18C.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZA... Read more

Answer:Virus preventing scanners from running

Could someone please reply as to whether these types of request take some time to get a reply to, or did I do something incorrect in the way I posted my computer problem?

Thanks

3 more replies
Relevance 47.15%

Hello,

I have recently been having some trouble with Malware on my computer. I ran Malwarebytes' Anti-Malware on my computer in Safe Mode, which cleaned up some of the infections. Unfortunately, there are still viruses remaining. I booted up my computer and noticed that I still had a problem with a virus that disguised itself by the name of 'Data Protection.'

To make matters worse, Internet Explorer has stopped working for me. When I click on Internet Explorer, the webpage says: "Internet Explorer cannot display the webpage." Fortunately, I can still use Mozilla Firefox (which proves that it is not a connection issue, since I can still connect to the Internet). I am really struggling to find out where to go from here. Oh, and I also noticed that something is preventing me from using regedit. When I type regedit in the Run box from the Start menu, it says: "Another program is currently using this file."

I ran a scan with hijackthis and saved the log file, since the information will likely be useful. I have not yet checked or fixed anything that it has found, since I wanted to check on here first.

Thank you for taking the time to read this post! I appreciate any help you can offer.

EDIT: I think the Hijackthis log is too long to post on here... It isn't letting me post it.
 

Answer:Virus preventing me from using Internet Explorer!

Download ComboFix here :

Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them

Click me
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.
 

1 more replies
Relevance 47.15%

The virus has taken over, Microsoft Security Essentials wont work, Malwarebytes pro will not work even after using CHAMELION (it found nothing wont run real time.  Used EEK and it found two trojans but did not fix system. Did get Emsisoft software to install and seems to be working in place of Malwarebytes, it's scans find nothing. 
 
MS update will not work nor will disc defragmenter.  Tried MS MSRT and it quits after 52 files scanned!
 
Any help would be appreciated by an old man!!!

Answer:I have a virus thats preventing windows 7 functions

Hello, I suggest we get a deeper look. Please follow this Preparation GuideLet me know if all went well.

4 more replies
Relevance 47.15%

I got a virus in my computer that is not allowing me to run certain programs to remove it. I can install malwarebytes and PCtools spyware doctor but when I try to run them after a couple of seconds the programs stop and when I try to run them again it gives me an error indicating that I don't have the permission to run that file. I need help in finding something that will allow me to get rid of this virus.I first noticed it when Internet Explorer would pop open randomly to various websites. I've done scans a few days ago and it removed something but obviously not the issue. Yesterday it shut down my anti-virus all together. Today i went to install a new anti-virus and Malware programs and a quarter way through the scan they shut down suddenly. I tried Microsoft's online scanner and their Malicious Software remover and got the same result. They both shut down. It would not even allow me to create a Highjackthis log. 10 seconds into the scan it too shut down. I have attempted all this is Safe Mode as well to no avail. I am running Windows 7 Ultimate. Thanks in advance for any help. The only thing i can think of at this point it to reformat which obviously i do not want to do. After reading around i see a few people have the same issue. I tried doing this -Welcome to BC We will need internet connection, or the ability to transfer files for this clean...RKill by GrinlerLink #1Link #2Link #3Link #4Before we begin, you should disable your anti-malware softwares you have installed... Read more

Answer:Virus preventing me from running scans.

If you cannot run MBAM or complete a scan in normal mode, then try performing a Quick Scan in "safe mode". Scanning with Malwarebytes Anti-Malware in safe or normal mode will work but removal functions are not as powerful in safe mode. MBAM is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact, MBAM loses some effectiveness for detection & removal when used in safe mode because the program includes a special driver which does not work in safe mode. Further, scanning in safe mode prevents some types of malware from running so it may be missed during the detection process. Additionally, there are various types of malware infections which target the safeboot keyset so booting into safe mode is not always possible. For optimal removal, normal mode is recommended so it does not limit the abilities of MBAM but sometimes there is no alternative but to do a safe mode scan. If that is the case, after completing a safe mode scan, reboot normally and try rescanning again.

1 more replies
Relevance 47.15%

i have a virus on my computer that wont allow me to open any files or even internet explorer in normal mode. I cant even open any files once i download them. I only can access the internet in safe mode, but still not able to download any files, therefore i need assistance for my vista op system?

Answer:virus preventing me from opening any download

Do you get a "Open this file with.." notice?. If so you may need to try the Vista file association fixes found here: http://www.winhelponline.com/articl...What types of pop ups are you getting?..Such as "Anti-Virus Pro", etc.Helpful tips before getting started: http://www.computing.net/howtos/sho...

13 more replies
Relevance 47.15%

My laptop has a box pop up saying that I can't connect to the iternet. It has just happened today. Is it a virus? I have McAfee anti virus which is up to date

Answer:virus preventing me from opening any download

It sure would be nice if you told us what the popup actually says? If not, you can expect many guessing answers.Also is this by ethernet or wireless?Some HELP in posting on Computing.net plus free progs and instructions Cheers

2 more replies
Relevance 47.15%

I am on a network with siblings who are very careless when it comes to internet security. In this home, we are all connected through the same router and that is the only connection between computers, we don't do any folder sharing or anything.

What can I do or what services and other system elements can I disable or remove to prevent the risk of any network-level virus penetration?
 

Answer:Preventing Network Virus Spread

Hyphen said:





I am on a network with siblings who are very careless when it comes to internet security. In this home, we are all connected through the same router and that is the only connection between computers, we don't do any folder sharing or anything.

What can I do or what services and other system elements can I disable or remove to prevent the risk of any network-level virus penetration?Click to expand...

I would recommend anti-virus and anti-malware programs on all computers, and personal firewalls on all computers. This should be enough for an average home user, as long as your router has an inbuilt firewall as well.

Some programs that I personally recommend are:

Avira Antivirus: http://www.free-av.com
Malwarebytes anti-malware: http://malwarebytes.org
COMODO Firewall: http://www.comodo.com

Obviously these will be no good if you do not scan with them. I recommend each program is used at least weekly.

If you use these it is very unlikely that anything will get on to the network, so there is little need to worry about infections spreading.
 

4 more replies
Relevance 47.15%

I had a Dcom attack and then ran AVG and Avast which found viruses and removed some of them but then could not remove all of them, so as a last resort one of the anti-virus programs said it would delete the files on reboot.

I then tried to reboot but it would not start, just kept going in a reboot loop.

Safe mode also will not start.

Restore to last good configuration by pressing 'L' also does not work.

Any suggestions?

This PC has all the latest Microsoft security patches as of the 3rd week of August 2007.

Thanks
Russ
 

More replies
Relevance 47.15%

I have a virus, and I have downloaded a bunch of virus protection software. I read somewhere that adding multiple can cause gaps for virus to get into. The things I currently have downloaded on my computer is Avast, Malwarebytes, and panda security. Since I can't access the internet, I put rkill and netadapter on a flash drive to try to get my internet working. After many computer resets, I still have no internet. What am I doing wrong, and can someone provide me advice to get out of this annoying problem? Thanks

Answer:Virus Preventing Me from Accessing the Internet

First step, is to make sure you are clean.Run ESET Online Scanner, Copy and Paste the contents of the log in your reply please. This scan may take a very long while, so please be patient. Maybe start it before going to work or bed.http://www.eset.com/us/online-scann...http://www.eset.com/home/products/o...If your comp is unbootable, or won't let you download, you will have to download ESET from a good computer, put it on a flash/thumb/pen/usb drive & run it from there.Create a ESET SysRescue CD or USB drivehttp://support.eset.com/kb2103/How do I use my ESET SysRescue CD or USB flash drive to scan and clean my system?http://support.eset.com/kb2612/Configure ESET this way & disable your AV.http://i.imgur.com/3U7YC.gifHow to Temporarily Disable your Anti-virushttp://www.bleepingcomputer.com/for...http://www.techsupportforum.com/for...3: Which web browsers are compatible with ESET Online Scanner?http://support.eset.com/kb405/?loca...Online Scanner not workinghttp://support.eset.com/kb403/?loca...My ESET product detected a threat?what should I do? http://support.eset.com/kb117/Once onto a machine, malware can disable antivirus programs, prevent antimalware programs from downloading updates, or prevent a user from running antivirus scans or installing new antivirus software or malware removal tools. At this point even though you are aware the computer is infected, removal is very difficult.5: Why does the ESET Online Scanner run slowly on my computer?http://support.eset.com/kb405... Read more

4 more replies
Relevance 47.15%

My daughter's computer has a bug I can't figure out - we are uanble to acccess the internet at all. I loaded Malwarbytes on her computer (which I have used to cure virus/malware problems in the recent past), ran the wscan which found numerous bugs, but when I re-booted we still couldn't acccess internet. One problem I've never faced before is that we can't get up to internet to find other potenial solutions.

This problem cropped up two days ago. Any help would be greatly appreciated. Thanks.

MSL
Jan 4, 2009
[email protected]
 

More replies
Relevance 47.15%

Hi

Been trying to sort out a recurring issue I have with windows Back Up. The back up process seems to stick at a point where it finds a file called VBInject. I have tried to locate this file but have been unsuccessfull, I have run Malwarebytes program in normal and safe mode and this VBInject doesn't show up.

Any ideas how to remove this?

It is Microsoft Security Essentials program that detects it, I am able to post a screenshot of the details.

Answer:VBInject, possible virus preventing Back-Up?

Screenshot.

3 more replies
Relevance 47.15%

My laptop is infected with virus... it won't even let me download stuff from any site. and whenever I try to scan it with malware and combofix, it scans for few sec and disappears.. When I click it again I get a message saying "Windows cannot access the specific device, path, or file. You may not have the appropriate permission to access the item." What to do. please help...?
also whenever I vist the site this warning site comes up saying
"Warning! Visiting this site may harm your computer!
This web site probably contains malicious software program, which can cause damage to your computer or perform actions without your permission. Your computer may be infected after visiting such web site.

We recommend you to install (or activate) antivirus security software.

I do realize that visiting this site can cause harm to my computer."

its really annoying...How can I remove this?

Answer:Trojan/Virus preventing from scanning.

Hello my name is Sempai and welcome to Bleeping Computer.*We apologize for the delay. Forum have been busy.*I want you to understand that I'm still a trainee here. I will be working with my Coach who will approve all my instructions before posting them to you, so there's a possibility to have some delays in my responses. But the good part is, there are two people reviewing your problem instead of one.*It is important not to make any further changes or run any other tools unless instructed to. This may hinder the cleaning process of your machine.*You must reply within 5 days otherwise this topic will be closed.1. We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE2. Download and run a batch file (peek.bat): Download peek.bat from the download link b... Read more

15 more replies
Relevance 47.15%

Hi guys can you please help me, I think i have malware in my laptop running Vista. Basically my net connecton shows but coming up with unidentified network etc tried renew in dos etc, but programs that use the internet like itunes wont connect at all, can you help me please? Thanks, Carl

Answer:Virus preventing internet access

I am having a similar problem. I can connect to the internet and even perform a google search, but cannot open any pages. The error msg is 'web page not available'. I down loaded a rar file yesterday but it requested a password to open so i deleted it. Could it have installed a virus? Please help. Thanks!

11 more replies
Relevance 47.15%

Hi, trying to fix my daughters laptop. Last night it locked up and displayed a page claiming to be from the Metropolitan Police, saying ' your pc has been locked due to one of the following reasons ... Blah Blah Blah' pay us ?100 and we'll unlock it.

Every time I boot up, it goes to the same page and if I hit F8 and attempt to boot up in safe-mode it gets to the starting windows bit and then shuts down and reboots normally, ending up at the same page ....

Any ideas please?

Laptop running Win 7 if that helps

Answer:Virus preventing safe boot

You will need a USB (Flash) pendrive.

For 32bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
Downloading Farbar Recovery Scan Tool

For 64bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.
Downloading Farbar Recovery Scan Tool

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Choose your language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Choose your language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.
On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Select Command Prompt
In the command window type ... Read more

17 more replies
Relevance 47.15%

Thanks for anything you guys can do. I got a few viruses yesterday that Nortan found, notified me about, and failed to delete. I have tried running in Safe mode to manually delete and it does not work. This virus / these viruses are as follows per Nortan:

Windows> Temp:
UAC1355.tmp, UACe3.tmp, UAC4ce8.tmp, Perflib_Perfdata_2bc, UACd973.tmp

2 others usually come up, but those can be deleted manually. These viruses have PREVENTED ME FROM RUNNING "Gmer" per the request on the forums saying that it errors out. Google Chrome, and numerous other programs are also erring since first getting these viruses yesterday afternoon. DDS below and Attach is zipped. Thanks for anything you guys can do for me.
-----

DDS (Ver_09-07-30.01) - NTFSx86
Run by Administrator at 16:32:25.78 on Sun 08/09/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_12
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.339 [GMT -4:00]

AV: Protection System *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bi... Read more

Answer:Can not delete virus - preventing programs...

I also forgot to mention that these are preventing me from contacting Nortan for updates to definition files - This also happens when I uninstall nortan, and try using another virus program - it will NOT allow any program to update their definition files. No firewall is blocking, internet is connected and functional.

4 more replies
Relevance 47.15%

Hi I'm just a new here .

My Problem is I can't access any antivirus sites in the web.
also I can't download any virus removal tool or open a free scan from the web.

I wanted to know what is the best solution to fix this problem?

I hope someone will help me regarding to my problem





My HijackThis log

HJT.log

My ComboFix log

CF.log

Answer:Virus that preventing me to access any AV sites?

Hello and welcome to TSF.

HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Relevance 47.15%

Virus attacked my computer(slowed everything down and unknown .exe started running in Windows task manager). I rebooted(mistake I know) and upon trying everything, XP won't load, it goes to a black screen before the Windows XP loading bar. All the Safe modes doesn't work, it freezes when trying to load some files. Last known configuration gets me to the loading bar but goes into blue screen fatal system error before getting to the log-in screen. I installed a fresh copy of XP which now works fine thus I now have 2 OS' which I can choose from. I ran ESET and Malwarebytes and have removed a number of trojans and infections. My original XP still doesn't work though. I'm very eager to get my old files back from 'my documents' from my old XP which I can't access now in my new OS.

Answer:Virus preventing my computer to load XP

First of the safe-mode option for "last known good configuration" is only useful when you install a driver and it makes the boot fail. To make sure you get all those viruses off I suggest using the Sophos command line interface you can download it here http://www.sophos.com/support/disin... Its a free tool just follow the instructions and you'll be all cleaned up. Also, if this isn't the first time I suggest looking up Sardu rescue disk http://www.sarducd.it/ just follow the instructions if you have any problems shoot me a message ill be glad to help ya.-----------------------Visit my blog for tech reviews, updates, tutorials and more http://www.techreally.blogspot.com

2 more replies
Relevance 47.15%

Well, when I open up IE, the window automatically closes. I cannot access any websites from this internet browser.
Somehow, Firefox presents no problems.
AVG, Spybot S&D, Malwarebytes, Superanti spyware... etc. cannont be accessed so I cannot scan my computer posing this problem.
I tried running on safemode to scan, but it still doesnt work
Is it better to uninstall IE and use firefox instead?
Or is it a virus posing this problem?
All help to fix this problem is appreciated.
 

Answer:Virus preventing access to internet

You might want to address this to the Malware Removal & HijackThis Logs forum.
 

2 more replies
Relevance 47.15%

Dear Tech Support Forum,

A couple of months ago I got a virus on my laptop. I was aware of it when it first showed up, I suddenly had an icon on my desktop for something like "Windows Live Protection" and it had the same icon as the virus protection I was using which was BT Net Proction by McAfee. I tried to delete the program via the uninstall program in the control panel, this had mixed results so I scanned the laptop with the virus software. It recognised one threat and when I told the software to fix it the laptop went into a sort of "lock-down" where all ports of communication were closed i.e. internet/network connection was inactive, CD/DVDs were not regognised and USB connectors didn't come up.

Since this I have logged on in safe mode and run Malwarebytes which recognised one threat and removed it but this hasn't changed much. The the Windows live protection has gone but a sheild icon with yellow and blue squares has appreared on a few of the desktop icons, this wasn't there before. Now the desktop (not in safe mode) has a message in the corner saying "Windows 7, Build 7601, This copy of windows is not genuine" and I can't use the Malwarebytes, the messge that comes up says "the specified service does not exist as an installed service", though the BT Net Protect didn't recognise any threats. I tried to uninstall the BT when I got the Malwarebytes but it wouldn't let me giving the same message as trying to open the malwareb... Read more

Answer:Virus preventing internet connection

Please run the following:

Download the appropriate version for your system of the Farbar Recovery Scan Tool and save it to a flash drive.
Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Choose your language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Choose your language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.
On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In... Read more

19 more replies
Relevance 47.15%

Hi,
I have some kind of malware on my computer that won't let me run programs until I purchase their antivirus. I do have access to a Windows install disc, the one that came with my computer when I bought it.

Thanks for your help...

Here is the DDS log:


DDS (Ver_10-03-17.01) - NTFSx86
Run by Temp at 9:42:00.89 on Sat 07/31/2010
Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_20
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.2942.1943 [GMT -4:00]

SP: AVG Anti-Spyware *disabled* (Outdated)
.internal_links {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
}
2
SP: Windows Defender *enabled* (Updated)
.internal_links {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
}
1

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Wind... Read more

Answer:Virus preventing me from running any programs

Welcome to TSF :)

Please download Malwarebytes' Anti-Malware from Here.



Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.


Extra Note:



If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.



===================================================

Download OTL.exe to your desktop.
Double-Click on OTL to run it.
When the window appears, underneath Output at the top change it to Standard Output.
Under the Standard Registry box change it to All.
Under Custom scan's and fixes section paste in the below in bold


netsvcs
%SYSTEMDRIVE%\*.*
%systemr... Read more

19 more replies
Relevance 47.15%

Well, when I open up IE, the window automatically closes. I cannot access any websites from this internet browser.
Somehow, Firefox presents no problems.
AVG, Spybot S&D, Malwarebytes, Superanti spyware... etc. cannont be accessed so I cannot scan my computer posing this problem.
I tried running on safemode to scan, but it still doesnt work
Is it better to uninstall IE and use firefox instead?
Or is it a virus posing this problem?
All help to fix this problem is appreciated.
 

Answer:Virus preventing access to internet?

Hello, I'm new to this forum and still quite inexperienced with computers.
I ran AVG and there was a Win32 cryptor virus at C:\program files\internet explorer\iexplore
AVG couldnt get rid of it. I can't run any other programs like Spybot, HJT, super anti spyware and malwarebytes. They scan half way and then my computer freezes. (same with AVG)
IE browser wont work and shuts down when i open it, however firefox works.

So, if i manually uninstall IE would the virus disappear?

Any help would be appreciated.
 

1 more replies
Relevance 47.15%

Hey, I posted a thread the other day before reading all the steps like I should have but now that I have thoroughly reviewed it as well as many of the other stickied threads I think I should go ahead and post again.

Basically, I am having trouble with many virus problems ranging from google redirects to my internet explorer running on its own and going to websites while hidden causing more viruses to appear as well as advertisement sounds im guessing are on the malicious webpages. This occurs even while offline I will get spammed constantly with notifications that an unknown program is calling xxxxxxx.com and asks me which internet to connect to. The problem however is after reviewing and attempting the First Steps over and over I have no way to get any logs to post here for help. I have tried GMER and DDS at least 100 times by now the past couple days even after reviewing the sticky reviewing how to disable my AVG settings so it will not interfere with these steps. GMER does nothing when I run it, but DDS will bring up the command prompt but it will do nothing else.

It seems to not only be limited to GMER and DDS either. I have noticed many Anti Virus programs I have tried before coming here such as Malwarebytes, HijackThis, TrendMicro all will not run either. This also has effected all Microsoft programs as well since I can no longer install Windows updates either. There are about 15 window updates that I downloaded (including SP3) and upon installation they simply ju... Read more

Answer:Virus Preventing First Steps From Working

Hello and welcome to TSF.

Sorry to hear that you're having so much trouble to get logs. Unfortunately, it's difficult to help without seeing the logs. Let's see if we can get some other logs.

First, try renaming DDS.scr to DDS.com. If still nothing happens, try this scanner:
Download RSIT by random/random and save it to your desktop.
Double click RSIT.exe to start the tool and click Continue at the disclaimer.
When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of log.txt here.
Please attach info.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\rsit\info.txt

Click Upload.

=======================

and for GMER, let's try this special version of gmer:


Download GMER Rootkit Scanner from here to your desktop. Double click the exe file. If asked to allow gmer.sys driver to load, please consent .
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.



Click the image to enlarge it


In the right panel, you will see several boxes that have been checked. Uncheck the following ... Sections
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then cli... Read more

19 more replies
Relevance 46.74%

When trying to use Windows Update, the updates download successfully but fail to install. The following message appears: "Problem: A problem on your computer is preventing updates from being downloaded or installed." I have turned my antivirus software off, I have tried updating manually, I have tried updating one at a time. Nothing seems to work. I now have a backlog of 13 updates that I'm supposed to install. Can anyone please help? THANKS!

Answer:Windows Update: "problem on your computer is preventing updates from being installed"

Boot into "Safe Mode with Networking" (restart while tapping F8 repeatedly) and see if you can install the updates. This should work.

14 more replies
Relevance 46.74%

Ok heres the deal.
I crashed my system and have done a clean install. I couldn't find my winxp pro disk so I barrowed my friends. His has SP2 on it. I then found out after installing it, that it wouldn't work with my product key. So i had to go searching for my disk. Thankfully I found it, and did a windows repair to reinstall the system with the new disk.
My disk didn't have SP2 on it.

So I go to windows update to do updates and it trys to install like 80 something updates and everytime it comes back with ": A problem on your computer is preventing updates from being downloaded or installed "

I have a feeling that it thinks SP2 is on my system. is there a way to resolve this without having to do another clean install?

John

Answer:"A problem on your computer is preventing updates from being downloaded or installed"

Hello and Welcome to TSF


Why wouldn't it work with your product key?
It is better to install with SP2 incorporated onto the cd, saves a lot of time. SP2 should have been eliminated while performing the repair install.

You could try the following but you need SP2 installed before installing the updates, the site should have recognized it was not installed. If the following does not help then I suggest you Slipstream Windows XP Service Pack 2 and Create Bootable CD and do a clean install using the proper software


Try re-registering the windows update components. This may help fix a corrupt installer


1. Click on Start and Run,
2. Type "REGSVR32 WUAPI.DLL" (without quotation marks) and press Enter.
3. Should get the message "DllRegisterServer in WUAPI.DLL succeeded" Click OK.
4. Repeat above for each of the following:

REGSVR32 WUAUENG1.DLL
REGSVR32 ATL.DLL
REGSVR32 WUPS2.DLL
REGSVR32 WUCLTUI.DLL
REGSVR32 WUPS.DLL
REGSVR32 WUWEB.DLL
REGSVR32 WUAUENG.DLL

5. Reboot

3 more replies
Relevance 46.74%

A previous question about how to uninstal Windows Steady State goes unanswered.  I presume Microsoft people monitor these posts, but they do not know how to uninstall Windows Steady State to enable the Windows 10 1511,10586 updates
to be installed.   It looks like I am stuck in a bog unable to move forward with Windows 10, so intend to roll back to my previous version and then consider my OS options.   
Is anyone aware of any major problems likely to be encountered by me taking this course?

More replies
Relevance 46.74%

joined the forum to see if anyone had a solution to a problem i have come across over the past couple of days. after having not used my laptop for a couple of days i turned it on and tried to access the internet as normal. however, although my laptop connects to the router, it says there is no internet access. other computers on the network have no problems accessing the internet so it is just mine. also, when i try to run a virus scan using mcafee, it states that an error has occured and stops before it even begins. this is why i believe it to be a virus. i downlooaded malware bytes however it cannot update and when i scan it says there is no malware detected. i was wondering would anyone be able to help with my problem?

Answer:virus preventing internet connection and scan

Run Hijack This & post the log.How do you know when a politician is lying? His mouth is moving.

7 more replies
Relevance 46.74%

Okay so I think it started when I tried to download Itunes, and the exe was bundled with stuff(possibly viruses). I got infected with some kind of red.exe virus and some other one called file_to_run(and a bunch of numbers).exe. I had AVG antivirus but every time it said it cleaned it the viruses popped back up. So I unintsalled AVG and installed Avast and Comodo firewall. I use Super antispyrware, and it keeps getting adware, but doesn't find anything else. Finally Avast recommended a scan before Windows boots up and supposedly it got Red.exe and the file_to_run virus. But every since then, I cant run or update Malwarebytes. I booted in safemode and let Malwarebytes do its thing and it found 300 things(priv.dog) but I still can not get it to update. It closes and has it has stopped working. I tried to fixes myself awhile back using different trojan removers and stuff but nothing finds anything. I think something may still be infecting the computer and would appreciate any help as I have racked my brain on this and spent a lot of time trying to fix it.
 
Edit: forgot to mention I am using Windows 7
Avast! free(now)
Comodo Free Firewall
 
Thank you in advance

More replies
Relevance 46.74%

What can I do?
Would it be enough to reformat the hard disc using the original XP installation disc?
Help please.

Answer:Computer inflicted by virus preventing start-up

Depends what it is! Any clues? You could try starting in safe mode with networking ( tap F8 on boot) and download and run rkill and then malwarebytes.
If all else fails, a reformat will get rid of it.

10 more replies
Relevance 46.74%

Sometime in the last roughly 2 weeks I got a virus. Since then I purchases Norton 360 and tried to run a full scan without success. I talked with Norton's customer support and they advised that I have a specially malicious virus that is affecting Norton's ability to run properly but they could send me to their tech team and they can remove it for another $99.99. I feel like I paid for a product that promises to remove viruses and it doesn't so why invest more money into their services?

I've noticed that my computer is slowing down a great deal and Vimax male enhancement ads are on every website I go to and pop up while browsing. When I try to use Google, I click on a result and it redirects me to other search engines. I don't have expierence with figuring things like this out and don't know where to start.

I thought a system recovery would help but do not have the discs and cannot create them on the computer. I have Malwarebyte's Anti-Malware installed on my computer but it will not run or start up, could this virus be affecting this program as well?

Has anyone encountered this problem and know how to help?

Answer:Virus preventing Norton 360 from running properly

Hello and welcome to Bleeping Computer.Please subscribe to your topic so that you will be notified as soon as I post a reply, instead of you having to check the topic all of the time. This will allow you to get an email notification when I reply.To subscribe, go to your topic, and at the top right hand corner by your first post, click the Options button and then click Track this topic. The bullet the immediate notification bubble. Then press submit.Please install RootRepealGo HERE, and download RootRepeal.zip to your Desktop. Tutorial with images ,if needed >> [email protected]@KUnzip that to your Desktop and then click RootRepeal.exe to open the scanner. *Open the folder and double-click on RootRepeal.exe to launch it. If using Vista, right-click and Run as Administrator...* Click on the FILES tab, then click the Scan button.* In the Select Drives, dialog Please select drives to scan: select all drives showing, then click OK.* When the scan has completed, a list of files will be generated in the RootRepeal window.* Click on the Save Report button and save it as rootrepeal.txt to your desktop or the same location where you ran the tool from.* Open rootrepeal.txt in Notepad and copy/paste its contents in your next reply.* Exit RootRepeal and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighNote 2: If RootRepeal cannot complet... Read more

7 more replies
Relevance 46.74%

Sup hoes, I'll jump right into it.Workstation at a clinic is infected with a piece of malware that disables antivirus as soon as it's accessed. So far I've tried to run AVG's scan and MalwareBytes' scan. Running malware bytes once after installing will start the scan and the search is stopped seconds after initializing, program is terminated. At this point then the program can not be opened. Attempting to open mbam.exe delivers error "Windows can not access the specified device, path or file. You may not have the appropriate permissions to access the item." Identical results if repeating this entire process in safe mode.Installing AVG; AVG Active Anti-Virus (the real-time scan) disables and can not be enabled. An attempt at a scan with AVG results in an immediate conclusion stating no threats were found (nothing scanned). Safe mode is similar, the AVG scan will run for about 15 seconds then just simply close.The only active process I found out of the ordinary was this entry: "3517402925:3534772270.exe" - 464K. Ending the process does not seem to have any effect; it remains there. It is an active process in Safe Mode as well. Found registry entry inLOCAL_MACHINE > System > Services > 2d4fa7d1 >name: imagepathdata: \systemroot\3517402925:3534772270.exeAlso appears inLOCAL_MACHINE > System > CurrentControlSet > Services > 2d4fa7d1LOCAL_MACHINE > System > ControlSet003 > Services > 2d... Read more

Answer:Malware preventing Anti-Virus from scanning

Hi Putrid, I know it looks like a lot, but it's really just a lot of text asking for only 4 scans. Once you've done these and posted the results in your next post, let me know how the computer is running.Note: You may have to perform some or all of the following in Safe Mode With Networking, depending on if you have internet access while in the normal Windows environment.========================================================================================================================================================Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.========================================================================================================================================================Please download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the update... Read more

3 more replies
Relevance 46.74%

I too have been attacked by a virus / malaware. I am using 06 mcafee and spysweeper. I scanned and found trojan downloader ZLOB. I have pop up security alert / malaware buy our product appearing .Using the info on the forum I tried to use smitfraud but I am unable to get into safe mode to start! I reboot and tap f8 but instead of safe I get a boot device menu. When I hit any of them I get windows.I get google on internet explorer sometimes, malaware fix offers the rest. I just had a pop up balloon appear saying I have a [email protected] I think this is the virus talking.I tried to repair reinstall my XP but it didn't do any good. Quarentine doesn't seem to work but without safe mode I believe I am in trouble. I am a beginner with just enough knowledge to be dangerous. Any suggestions would be appreciated before I pay big bucks at a computer shop! thanks
 

Answer:virus preventing me from entering SAFE mode

15 more replies
Relevance 46.74%

Referred from here: http://www.bleepingcomputer.com/forums/t/539882/virus-preventing-antivirus-download-help-please/ ~ OB
 
In response to:
 
 
Not good.. We need a deeper look at this machine..
Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
 
 
I can't run the tools

Answer:I can't run the tools/Virus preventing antivirus download

DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16545Run by Dree at 10:24:57 on 2014-07-09Microsoft® Windows Vista™ Ultimate   6.0.6002.2.1252.1.1033.18.3325.1872 [GMT -4:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\Ati2evxx.exeC:\Windows\system32\SLsvc.exeC:\Windows\System32\WUDFHost.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\Ati2evxx.exeC:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exeC:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\ATT\8.3.0.34\ma\bin\MAHostService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\ATT\8.3.0.34\ma\bin\node.exeC:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exeC:\Program Files\Dell Printers\Dell 1355 Multifunction Color Printer\Status Monitor\dlp1Adb.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeC:\Program Files\iolo\Common\Lib\ioloServiceManager.exeC:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files\Common Files\Motive\pcCMService.exeC:\Program Files\Common Files\Motive\pcServiceHost.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\... Read more

more replies