Computer Support Forum

Is R61 affected by CVE-2017-5715?

Question: Is R61 affected by CVE-2017-5715?

Hi, my R61 is not mentioned in Lenovo Security Advisory: LEN-18282 . Does this mean it is not affected? I'm running Windows 7 on it and the test tool provided by Microsoft suggests a BIOS update from the device OEM in order to fix CVE-2017-5715. If R61 and other older Thinkpad models are affected what it the offical policy of Lenovo regarding this problem? Regards,jal66

More replies
Relevance 100%
Preferred Solution: Is R61 affected by CVE-2017-5715?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Relevance 102.09%

Hi ,  I am trying to download the BIOS update for X1 carbon 4th gen 20FB and i couldnt find that in this page. Can you please difrect me where to get it ?  https://support.lenovo.com/us/en/solutions/LEN-18282 Thanks,Ramesh

Answer:LEN-18282: Reading Privileged Memory with a Side Channel CVE-2017-5753, CVE-2017-5715, CVE-2017-575

Welcome to the CommunityThe BIOS update is published on the laptop' download pagehttps://pcsupport.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-x-series-laptops/thinkpad-...
 
UPD
The link to the BIOS update is present on the page you've mentioned, unfortunately without laptop' MT code or x1 Carbon its generation #:
 
ThinkPad X1 Carbon, X1 Yoga - Affected - N1FET59W - https://pcsupport.lenovo.com/downloads/DS111756 - 1/7/2018
 

1 more replies
Relevance 82.41%

i've been with lenovo on phone for the past hour did not solve my problem !!! I ran powershell to check if the update solved the problem according to micorsoft but the bios update didnt solve the problem  this is microsft articlehttps://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-... this is lenovo link that claims the problem is solvedhttps://support.lenovo.com/eg/en/solutions/len-18282https://pcsupport.lenovo.com/eg/en/products/laptops-and-netbooks/thinkpad-p-series-laptops/thinkpad-...   these are the commands i used to check in powershell install-module SpeculationControlGet-SpeculationControlSettings  This is my Thinkpad after bios updateThis is how it should look like if it was fixed


























Capture.JPG ?115 KB

More replies
Relevance 67.65%

"Security only" download is available for Windows Server 2012 (Server Core installation) 
Please advise why there isnt there any "security only" released download for CVE-2017-11815 that also affected window 2012 R2?

More replies
Relevance 53.71%

Hi everyone, i have quite a few questions so i'll post separate threads rather than pollute one thread. I'm wanting to get something a lot better than windows defender. Comcast is my ISP so i can get NIS for free. As most of you are aware of Norton hasn't been doing a great job these days. There has been multiple vulnerabilities in its products that actually decreases the security of windows. Still NIS still does a pretty good job of scoring pretty well in the various test in terms of protection. I was thinking on going with either bitdefender or KIS but of course i would have to pay for those. If you were me would opt for NIS because its still pretty dang good and worlds better than bit defender or would you opt for one of the better products like KIS or bitdefender?
 

Answer:Kaspersky IS 2017 vs Norton IS 2017 vs Bitdefender IS 2017

bitdefender free+ CF and SAP i think will be good
 

11 more replies
Relevance 48.38%

Good evening everyone. Thanks for your access to this thread. I hope you to read and answer for this question.

I want to ask everyone that which software should I use for keeping security of my PC.

Now I am using Bitdefender Total Security 2017 as main anti-malware soft on my main desktop PC.
And also I was using F-secure SAFE as anti-malware soft on my PC until last week.

Yesterday, I heard that new Avast Antivirus 2017 was released, and new Avast Free is including behaviour scanning system.

I am having trouble deciding which software should I use as anti-malware soft.
Please tell me about your recommend.

I think that...

?Protection features
Better : Bitdefender 2017 > F-secure SAFE > Avast Free 2017

?Performance and speed
Lighter : Avast Free 2017 > F-secure SAFE > Bitdefender 2017

?the risk of false positive trouble
Bigger risk : F-secure SAFE > Avast Free 2017 > Bitdefender 2017

?SSL (HTTPS) Scanning is enable without fake SSL certificate to browser
Unnecessary fake certificate : Avast Free, F-secure
Need fake certificate : Bitdefender Total

F-secure SAFE is the very nice solution as protection from malwares and keeping speedy PC. But it is having big risk of false positive ratings; especially the website blocking is not good with many many false positive ratings. And, sometimes slow down my PC.

Bitdefender Total Security 2017 is the best solution as protection from malwares. This software is providing users very nice anti-malware solu... Read more

Answer:Avast Free 2017 vs F-secure SAFE vs Bitdefender Total Security 2017

Quick question, why Bitdefender Total Protection? Do you need ALL those additional features, or looking for an Antivirus only, because there are Bitdefender Antivirus Plus and Free versions.

What about other protection software like Emsisoft Anti-Malware/Internet Security or ESET Nod32 Antivirus/Internet Security?
 

11 more replies
Relevance 48.38%

My BD sub expires soon. Trying to decide whether I should switch to Norton 2017. It's my understanding that Norton is no longer the grand POS it used to be.

What say you?
 

More replies
Relevance 48.38%

College Football Picks 2017-2018 Season Charlotte at Eastern Michigan Eagles September 01, 2017 @ 06:30pm

Charlotte at Eastern Michigan Eagles

COMPUTER PREDICTIONS STRAIGHT-UP

TEAM SCORE PERCENTAGE TO WIN GAME
Charlotte 22.903 26%
Eastern Michigan Eagles 30.181 74%

COMPUTER PREDICTIONS AGAINST THE SPREAD

TEAM SPREAD TOTAL
Charlotte +14.0 59.5 over
Eastern Michigan Eagles -14.0 59.5 under

Get full analysis, detailed write-ups, and official picks at goo.gl/Xf3NiR
 

More replies
Relevance 48.38%

Hello, Guys!
I'm new on this forum but I Really Really like this good Forum
So I had Emsisoft for couple of months now
But Recently I've switched over to Avast Premier Beacuse I've never used Avast before So I wanted to try It out
But now I'm without any AV As I do not know what to Install Avast or Emsisoft!
I have licences for both So thats not the problem
Thanks In Advance And btw This forum really nice.
 

Answer:Avast Premier 2017 Vs Emsisoft Internet Security 2017

Both have excellent protection functions, but certainly they are two different security solutions.
I think the choice of one or the other one is really subjective, I've used Emsisoft for many years and it is my first choice
 

46 more replies
Relevance 47.97%

A couple of years ago I moved myself and some of the fam from Apple Everything to Windows 10. Yesterday however, I bought an new 2017 iPad. I really love the Surface devices, so why?
LEAVING THE PLATFORM BECAUSE OF WINDOWS MOBILE
First, because Microsoft are no longer supporting the phones that are in our house, we are being forced from that platform. So rather than living and breathing completely and happily inside the Microsoft ecosystem, I am now forced to diversify and go elsewhere. This really is a big deal, and changes my thinking from the unthinkable (leaving the MS ecosystem) to the possible (shifting back towards Apple). That being the case, why should I then buy a Microsoft Surface tablet (I was planning to buying a new Surface Pro M3) when I an now FORCED to be open to Apple and Android?
EASE OF MOVING PLATFORMS
Second, Microsoft have made my leap back to Apple so easy, because they have done what Apple and Google have refused to do, which is to make their software available on the others' platforms. Thus the transition to iPad is easy. For example, Word and PowerPoint are effectively free (via my 365 account that I will not be renewing at full cost next time; I will use the academic version which costs me almost nothing). Outlook on iPad is a great app (better than on PC platform). Lots of other apps that Microsoft that I use are also really nice on iPad (e.g. Wunderlist) and made the transition really simple and clean.
FACEBOOK
Third, the Facebook app on iPad is ... Read more

Answer:I did the unthinkable and chose a 2017 iPad over a 2017 Surface Pro M3

Microsoft are no longer supporting the phones that are in our house, we are being forced from that platform
Can't make sense of that. Presumably you have really old windows phones that no longer get updates?
And what does that have to do with what tablet you use? Windows has timeline, cloud clipboard and a whole host of platform agnostic features coming this fall, so Windows will play nice with android or ios (better than those OSes play with any other).
You don't even need your tablet, desktop and phone to be the same platform. You just need the same services, which for MSFT, exist on every platform.

1 more replies
Relevance 45.1%

Hello,
I'm trying to push out the update for the CVE-2017-11937 and CVE-2017-11940 vulnerabilities through WSUS but I can't find the KB# for either of them. Anyone know what KB# these two have?
Thanks!

More replies
Relevance 45.1%

Hi guys
Wich do you perfer?
 

Answer:avast 2017 or F secure 2017?

Avast has nicer user interface and more features besides that everything else is pretty similar.
 

6 more replies
Relevance 43.87%

Hello,
On my Windows 10 pro PC, I'm running (BDTS 2017 + Voodoo Shield Pro + Malwarebytes 3), and this combo is very smooth for me, but when I saw the results of MT tests here : AV Test - MalwareTips - Bitdefender Report - March 2017 and here : AV Test - MalwareTips - Kaspersky Report - March 2017, I think that these tests demonstrated that Kaspersky did a better job then Bitdefender
So my question is to know if it is a good idea to replace BD by KIS on my config ?
Thanks
NB: I have paid keys for both
 

Answer:Bitdefender Total Security 2017 vs Kaspersky Internet Security 2017

1/ kaspersky with tweaked settings alone

2/ kaspersky, slightly tweaked + Voodoshield

3/ bitdedender with ATC = aggressive + ransomware protection enabled | Heuristics = normal
 

40 more replies
Relevance 41.82%

Good evening everyone! Thank you for your access to here and reading my post.
Tonight, I want to ask you that how much the Avast Free Antivirus reaches some solid anti-malware software, which are the paid version.

Now I am using F-secure SAFE as Trial license on desktop PC, which is one of the mine.
It seems to nice for protect PC and F-secure SAFE is light despite it is one of the very strong scanning system as consumers.

But now, I am worrying about false blocking by browsing protection of F-secure SAFE.
In usually, f-secure is not making something to bad situation for me, I am feeling it.
But the Browsing protection feature of F-secure SAFE blocks websites too many times.
The most of sites,which were blocked by F-secure are obviously safe. Of cause, they are judged safe sites by other major antimalware soft (e.g. Avast, Bitdefender Total Security).

So I want to compare them; Avast Free Antivirus 2017 and F-secure SAFE 2017(or Internet Security 2017).
I want to ask you that which is the more strong software under the below situation...

1.
OS is Windows10 Home and updated with latest security patch.
2.
Main browser is the latest of Mozilla Firefox with ublock origin.
3.
If I use Avast Free 2017, I will configure some setting (e.g. File Shield, Mail Shield, Web Shield, and Behavior Shield) to aggressive security level. For example, I will configure by referring to this page avast! Optimal Protection settings by RejZoR​
I heard that the latest edition of Avast Free A... Read more

Answer:"Avast Free 2017 with aggressive setting" vs "F-secure SAFE 2017"

Try Avast with these settings. How to setup Avast Internet Security for Maximum Protection (2016 Guide)
 

1 more replies
Relevance 41.82%

I know 2017 version of avg devoloped from Avast. And also both of them use the same engine. But i want to ask you a question. Which one have more feature at the moment? And which one do you recommend to install my computer?

Sorry for my bad english.

Thank you in advance.

Best regards.​
 

Answer:Avast 2017 vs AVG 2017

Hey man. Of the two I would choose Avast, much more reliable and customizable.
My personal choice is Bitdefender though. I believe you could do some research on Youtube so that you form your own opinion. Here are some interesting channels:

The PC Security Channel [TPSC]
Malware Blocker
cruelsister1
Aca Faca

Make sure to post on Security Configuration Wizard forum your full setup after you made your choice
 

26 more replies
Relevance 38.13%

Just threw this article together, I want all the brain's in this forum to chip in and if there is anything missing from this article (at all!) let me know ASAP, in this thread.

A top quote :
Quote:




Previously we wrote a long post about Best Laptops for Hackers, which included a run-down on the best laptops for programming and penetration testing (pen-testing). This article turned out to be very popular even though it wasn't exactly intended to be that, now we are proud to finally publish the long-requested article of 'Best Laptops for Video Game System Emulation'.

The idea of this post is to give an accurate summary of which laptops are suited for, or adept at emulating various consoles and their games, and which ones also can easily perform these duties, at the lowest possible cost.

Now obviously, the better hardware you have the better your system will be at emulating other hardware/software. That doesn't necessarily mean a more expensive laptop. Where the demands of hacking and pen-testing demand vital and significant internal storage, the prerequisites for game emulation are generally just a good graphics processor, and good RAM/CPU.

Your laptop should also be in good working order and not muddled with high-risk pirated downloads and large bits of video. To emulate efficiently, you should also have as little processes and programs running in order for the emulator to run smoothly.

These are all common sense tips but...
If you are lo... Read more

More replies
Relevance 36.9%

For some reason I have expierienced some errors lately and I just think I'm infected. Can someone please help me?

Answer:I Think I May Be Affected

What are the errors you are experiencing? Do your anti-virus and anti-spyware scans come up clean?

11 more replies
Relevance 36.9%

Hi, any help on this problem would be greatly appreciated, this morning i was browsing the internet,when all of a sudden zonealarm pro asked me if i wanted to let explor.exe access the internet,i think i got a message saying this programme has changed since last used or something to that affect, so i went on yahoo and searched for what it was, alll the websites say it is a worm so i denied it access, i thought because i had denied it access id be alright but ive checked in my windows folder and there is a file named explor.exe, does this mean i have been affected because ive done a full system scan with norton anti virus 2003 pro and it says i have no virus even though it was the norton website i found out about the virus,so just wondering why it didnt pick anything up, also it says it drops a file in the startup folder but when i go into the folder it is empty even tho on properties it says the folder contains one file (size 84 bits), as i said before any help on this would be very much appreciated as i dont wana have to reinstalll windows if i havnt actually been affected

ps. when i did properties on the expor.exe file it says it was created this morning

Thanks alot in advance look forward to hearing anyones idea on this
 

Answer:Have i actually been affected

16 more replies
Relevance 36.9%

Hi,I tried all the steps listed in the site to remove trojans or virus from my computer. I still keep getting pop-up ads. It s a litte better now.I used to get pop-ups for these sites before:www.zestyfind.com/cgi-bin/search.cgi?keywords=air+compressorswww.yourtruths.com/t74101073.htmlwww.allcomprehend.com/a74101073.htmlwww.bigdispatch.com/t74101073.htmlwww.realrealities.com/t74101073.htmlwww.greatbulletin.com/t74101073.htmlwww.oneperception.com/t74101073.htmlwww.oneperception.com/t74101073.htmlwww.yourtruths.com/t74101073.htmlwww.oneperception.com/t74101073.htmlwww.realrealities.com/t82971083.htmlwww.locatebest.com/t82971083.htmlwww.oneperception.com/a82971083.htmlwww.gojournalists.com/t9681093.htmlwww.allcomprehend.com/a9681093.htmlwww.newsalone.com/t9681093.htmlwww.cheappress.com/t9681093.htmlwww.goodrumor.com/a9681093.htmlwww.broadcastsnews.com/a103191103.htmlwww.goodrumor.com/t103191103.htmlwww.dofact.com/a118101113.htmlafter installing spybot and MCafee..i get only www.zestyfind.com/cgi-bin/search.cgi?keywords=air+compressors when i search in google..and www.lynxtrack.com/offer_expired.phpPlease find the hijackthis log file below.Logfile of HijackThis v1.99.1Scan saved at 13:37:47, on 09/08/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32 ... Read more

Answer:Affected By Pop-ups

http://www.atribune.org/ccount/click.php?id=7 to download Look2Me-Destroyer.exe and save it to your desktop.? Close all windows before continuing.? Double-click Look2Me-Destroyer.exe to run it.? click the Scan for L2M button, your desktop icons will disappear, this is normal.? Once it's done scanning, click the Remove L2M button.? You will receive a Done Scanning message, click OK.? When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.? Your computer will then shutdown.? Turn your computer back on.? Please post the contents of C:\Look2Me-Destroyer.txt and a new HiJackThis log.If Look2Me-Destroyer does not reopen automatically, reboot and try again.If you receive a message from your firewall about this program accessing the internet please allow it.If you receive a runtime error '339' please download MSWINSCK.OCX from the link below and place it in your C:\Windows\System32 Directory.http://www.ascentive.com/support/new/images/lib/MSWINSCK.OCX======================Download the trial version of Ewido Security Suite http://www.ewido.net/en/download/ (W2K/XP Only)? Install ewido.? Run the application? Clickon scanner? then select the "Settings" tab.? Once in the Settings screen click on "Recommended actions" and then select "Delete".? Select "Automatically generate report after every scan"? Un-Select "Only if threats were found"?... Read more

6 more replies
Relevance 36.9%
Question: Am I Affected

Logfile of HijackThis v1.99.1Scan saved at 10:58:49, on 09/04/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16414)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\... Read more

Answer:Am I Affected

Hello JJSSJ and welcome to the BC HijackThis forum. I see no signs of viruses or malware in the log. It is claen.The only thing I do see is that the java version installed is quite out of date and should be updated.Updating Java:Note: If there is an Update XX in the name then the "XX" in the version will be whatever the latest version is.Download the latest version of Java Runtime Environment (JRE) 6.0 Update XX (if present).Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".Click the "Download" button to the right.Check the box that says: "Accept License Agreement".The page will refresh.Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.Close any programs you may have running - especially your web browser.Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.Check any item with Java Runtime Environment (JRE or J2SE) in the name.Click the Remove or Change/Remove button.Repeat as many times as necessary to remove each Java versions.Reboot your computer once all Java components are removed.Then from your desktop double-click on jre-1_6_0_XX-windowsi586-p.exe to install the newest version.Cheers.OT

1 more replies
Relevance 36.9%

Hi,

I signed onto MSN today and I got a link from someone that said something like http:/ /www.hi5-images. com/ viewimage.php?= and then my email was there at the end. Now my msn messenger won't work properly and I'm afraid I can affect someone elses computer.

How can I get rid of this virus? I tried AVG and Adware and Clean Up! but nothing is working. Please help me!

Heres my log file

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:06:29 AM, on 2/16/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\PROGRA~1\AVG\AVG8\avgw... Read more

More replies
Relevance 36.9%

Please check it out for me D: I think i might have vitro. well maybe
Im also trying to play a Game but it keeps giving me a rundll32.exe application error.
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\IObit\IObit Security 360\IS360tray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Apple... Read more

More replies
Relevance 36.9%

Hi,I think I am affected with some kind of virus, but not sure exactly what. Suspicious points to look at.-Had some kind of accesss intrusion in my Spybot TeaTimer, when I was trying to shut down my computer, everytime I clicked something, it re-appeared. Precursor to this I blocked the change Spybot was detecting with AOL Fast Start Up earlier wasn't sure what it was so I stopped it.-Hosts have changed according to AVG, but doesn't list anything as infection.-Can't download Microsoft Windows updates, saying I am not the administrator when it is clearly the case.-Errors when trying to scan in Trendmicro, says file can't be delivered.-Generally computer is still pretty fast, but shutting down takes a lot longer, and slight time when starting up.-Windows defender randomly showed up a couple of weeks, back, whenever I used a spyware scanner, it scanned aswell according to the temporary internet files in CCleaner, until I stopped it.-Quite a few times the internet connection would break down and I'd have to reconnect, frequency reduced a lot when I got Spybot.-Taskeng.exe and explorer.exe asked for access to the internet according to my Zonealarm Firewall, I stopped both. Help would be greatly appreciated, I know you guys must be really busy, I hope you can find some time for me. Here's my log;Logfile of Trend Micro HijackThis v2.0.2Scan saved at 18:37:44, on 22/01/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16575)Boot mode: NormalRunni... Read more

Answer:Think I Am Affected, But Not Sure Exactly How..

Hello Yosho and welcome to BleepingComputer!Apollogies for the delay. The forum has been very busy lately. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic: Preparation Guide For Use Before Posting A Hijackthis Log.Thanks,Johannes

11 more replies
Relevance 36.9%

Hi,
 
I have been affected again... I am getting re-directs. It just started recently but the good thing is now I know what website is doing it and I know to stay clear away... but can someone be of any assistance to me.
 
Thank you.

Answer:Affected.... again =(

Hello MissK Welcome Back to The Forums!!I'll be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top... Read more

58 more replies
Relevance 36.9%
Question: Am I Affected?

yo guys here is my HJT log can you guys check it and see if there is a problem in my pc i do get the svchost not found whenever i turn on my pc i am new to this virus removal stuff so i really want to be helped out here is the log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:43:14 PM, on 10/13/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\ATKKBService.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\CyberLink\Shared Files\RichVideo.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\WINDOWS\vsnpstd3.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\WINDOWS\system32\rundll32.e... Read more

Answer:Am I Affected?

Can you all pros help me check my log i am not sure if anything is wrong but i got a virus few days ago but i removed it and i have done 3 scans by SB S&D,online NOD32 scan and Ad-Aware scan so please look over it and tell me if there is a prob and how can i fix it or what can be done.... here is the log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:15:37 PM, on 10/15/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\ATKKBService.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\CyberLink\Shared Files\RichVideo.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\WINDOWS\vsnpstd3.exeC:\Program Files\Java\jre1.6.0_03\bin\jusched.exeC:\Program Files\CyberLink\PowerDVD�... Read more

3 more replies
Relevance 36.9%

Malware C:\ProgramData\Microsoft\Secure\Icons\temp 

Answer:i am affected please help

i have alrready run the frst program and allready have  a notepad frst and one addiction. what can i do next.pls help

1 more replies
Relevance 36.49%

hello friends i am kartook

My friend PC was effected like this

but iwas delete every time manullay
with 5 mins i am getting same like this open one IE then simply placed here



i was attached the screen shots

kindlly help me
 

Answer:Higly affected my PC

Some progs you will probably need
Hijackthis - to create a log of running processes etc for the group to analyse http://www.spywareinfo.com/~merijn/downloads.html
and for after the Hijackthis log
MS antispyware - http://www.microsoft.com/athome/security/spyware/software/default.mspx
Adaware - http://www.download.com/3000-2144-10045910.html
Spybot-S&D - http://www.safer-networking.org/en/download/index.html

A good firewall - zoneAlarm free firewall is good, but there are others, Kerio, tiny etc.
A good Antivirus - I use avast! pro, but i've heard good things of AVG
http://www.avast.com/eng/avast_4_home.html (avast)
http://free.grisoft.com/doc/2/lng/us/tpl/v5 (AVG)
 

2 more replies
Relevance 36.49%
Question: browser affected

i'm using firefox and it's been redirecting me to different websites, two of my computer's are affected i tried removing it several times following various directions but it's still there.
following are the logs:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:47:11 PM, on 4/3/2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\SFT\GuardedID\gidd.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Constant Guard Protection Suite\IDVaultSvc.exe
C:\Program Files\Hp\HP So... Read more

Answer:browser affected

16 more replies
Relevance 36.49%

today i browsed a college website and in a few second browser closed automatically.....
and quickheal sent me a message that aspimgr.exe is ready to install....click yes if this is newly installed application but i clicked no....but nothing happened and it was asking same question till i rebooted the system....
when i restarted my system it didnot asked any question and quic heal also didnt detect any virus...

i want to know that am i afeected from asprimgr.exe or i m not bcoz i didnt accepetd it as newly installed application.....

Answer:Affected From Aspimgr.exe

aspimgr.exe is a backdoor Trojan. Backdoor Trojans, IRCBots and Infostealers are very dangerous because they provide a means of accessing a computer system that bypasses security mechanisms and steal sensitive information like passwords, personal and financial data which they send back to the hacker. Remote attackers use backdoor Trojans as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge. Your anti-virus may have stopped the file before it infected your system. Is your computer showing any signs of odd behavior, slow performance, browser redirects?As a precaution, I recommend you perform at least one of these online Virus scans:((All the following, except Trend Micro Housecall Scan, require Internet Explorer to work. Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component. If given the option, choose "Quarantine" instead of delete.)BitDefender Online Scanner <- Add a check by "Autoclean" and choose the option to "Quarantine".ESET Nod32 Online Scanner <- Vista compatible but Internet Explorer must be Run as Administrator.F-Secure Online Scanner. <- Follow the directions on the F-Secure page for proper Installation. (also checks for rootkits) (Vista compatible)

7 more replies
Relevance 36.49%

Hello,My computer is infected with ISADDON. There is a file in C:\Program Files\ named IntCodec which hasisaddon.dll, isamini.exe, isamonitor.exe, pmmon.exe, pmsngr.exe. I am not able to remove these files. And when my computer is running on the internet, I get random pop-ups and a yellow danger sign flashing.The Hijackthislog looks like this:Logfile of HijackThis v1.99.1Scan saved at 9:37:06 PM, on 7/25/2006Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\system32\spoolsv.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\hidserv.exeC:\Program Files\Network Associates\Common Framework\FrameworkService.exeC:\Program Files\Network Associates\VirusScan\mcshield.exeC:\Program Files\Network Associates\VirusScan\vstskmgr.exeC:\WINNT\system32\regsvc.exeC:\WINNT\system32\MSTask.exeC:\WINNT\System32\tcpsvcs.exeC:\WINNT\System32\snmp.exeC:\WINNT\System32\WBEM\WinMgmt.exeC:\WINNT\system32\svchost.exeC:\WINNT\System32\inetsrv\inetinfo.exeC:\WINNT\System32\msdtc.ex... Read more

Answer:Affected With Isaddon. Dll, Etc

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Download SmitfraudFix (by S!Ri) to your Desktop.Extract all the files to your Destop. A folder named SmitfraudFix will be created on your Desktop.=======================Please download Ewido Anti-spyware and save that file to your desktop.This is a 30 day trial of the programOnce you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the set up program.Once the setup is complete you will need run ewido and update the definition files.On the main screen select the icon "Update" then select the "Update now" link.Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.Once in the Settings screen click on "Recommended actions" and then select "Quarantine".Under "Reports"Select "Automatically generate report after every scan"Un-Select "Only if threats were found"Close ewido anti-spyware. Do not run a scan yet!========================Open the SmitfraudFix folder and double-click smitfraudfix.cmdSelect option #1 - Search by typing 1 and press EnterThis program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is ... Read more

10 more replies
Relevance 36.49%

Hi all,
I'm working on a pc that seeems to be affected by some kind of web searching engine named "Awesomehp"; it appears at Firefox start and I can't find a way to  uninstall/erase it from browser. I read it could be potentially dangerous so I tried fixing it by running MalwareBytes and then Combofix: this is my log, could anybody give me some help?
Thank you sincerly.

Answer:Affected by "Awesomehp"

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number). Please downloadJunkware Removal Tool to your Desktop.Please close your security software to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete, depending on your system's specifica... Read more

2 more replies
Relevance 36.49%

Hi,

Glad to found this forum. My computer got serious infection and already used couple spyware programs (spybot, Ad-Ware, SDFix) to remove but still receiving this message pop-up every time computer rebooted and launched any application.

" The application or DLL C:\WINDOWS\system32\clbdll.dll is not a valid Windows image. Please check this against your installation diskette "

Here is my hijackthis log report.

================================================

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:33:51 AM, on 5/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~... Read more

Answer:Please Help - Affected Computer

Welcome to TSF.

Go to http://www.bleepingcomputer.com/comb...o-use-combofix and follow the instructions on how to install the Recovery Console and run ComboFix. Go through all the steps until posting the log part. Post the combofix log here.

1 more replies
Relevance 36.49%

how i can get relief from win32 virut.ceand i dont want to format my system ..my laptop is also getting turned off in the windows process

Answer:i am affected from virus!!!

start with a full scan of Malwarebytes and fix all it findsSome HELP in posting on Computing.net plus free progs and instructions Cheers

2 more replies
Relevance 36.49%

Hi, i've been having some problems with my computer for the past 2-3 weeks now. The pc used to run fine but then all of a sudden it is running ever so slow. It also freezes frequently and says '(not responding)' for a few seconds then stops. Also I get some sound ads in the background with no running application, i can only hear it therefore i have to close down the whole window and restart it again. Now i will admit that i have used uTorrent so i can full accept that this may be part of the cause. I have now deleted uTorrent and all the files i downloaded with it but the problem still persists obviously. I have Norton antivirus which i thought would have stopped me getting problems but its not helped at all. i also have ccleaner which has also done nothing. Any help or advice would be appreciated. My pc specs are as follows:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 4060 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1806 Mb
Hard Drives: C: Total - 299043 MB, Free - 212540 MB; D: Total - 299045 MB, Free - 298942 MB;
Motherboard: Packard Bell, ONETWO M3700
Antivirus: Norton Internet Security, Updated and Enabled

also here is the requested information:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:03:45, on 22/07/2012
Platform: Windows ... Read more

Answer:Has uTorrent affected my whole pc?

Bump
 

2 more replies
Relevance 36.49%

HI all,

I am using Windows XP with Pentium 4 processor and Supercomp motherboard.
My system has become tremendously slow. Seems virus affected. Firstly in Windows Task Manager gwdrive32.exe appeared. Then I disabled it from msconfig but still it is coming.
Now I am observing a new problem. ahetk.exe and csisf.exe are replicating itself in task manager, mainly ahetk.exe.

Please advice any tool or something.

Thanks in advance,
Kousik

Answer:Seems Trojan Affected

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 36.49%

There are random icons in my icon tray that say "System performance monitor: Warning" and "System Alert!" I know they aren't supposed to be there. They are trying to sell me software to get rid of the probem. Also, everytime I try to change my homepage, something would change it back to a fake Microsoft Security/Firewall program. i"m running panda active scan now and it's not even at 50% and i have 55 spyware files and 2 rootkits. Please help. Here is my HiJackThis Logfile.Logfile of HijackThis v1.99.1Scan saved at 11:49:56 AM, on 12/17/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:... Read more

Answer:I Need Help Right Away...i Have Definately Been Affected.

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.Please download SmitfraudFix (by S!Ri)Extract the content (a folder named SmitfraudFix) to your Desktop.Next, please reboot your computer in Safe Mode by doing the following :Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;Instead of Windows loading as normal, a menu with options should appear;Select the first option, to run Windows in Safe Mode, then press "Enter".Choose your usual account.Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmdSelect option #2 - Clean by typing 2 and press "Enter" to delete infected files.You will be prompted: "Registry cleaning - Do you want to clean the registry?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.A text file will appear onscreen, with results from the cleaning process; please copy/pa... Read more

20 more replies
Relevance 36.49%

My PC has been attacked by conflicker...I have tried AVG,Mcafee, Avira but couldn't clean the PC fully..Though using Mcafee I can work on my PC somehow but showing massages from morning to evening like "Prevent mass mailing worms from sending mail..." or message deleted conflicker...and also I can't access any security sites for downloading any removal tool. Someone advice me to use Malwarebytes..But it can't start the scan. I used broadband connection and sometimes the connection failed to connect to the net or blocked..Really I am in a great trouble. I don't want to reinstall the OS..Can you help me with this..
 

More replies
Relevance 36.49%

i have installed hijack this and Run it, the logfile is as follows, so plz help me to remove ABI - Network
Logfile of HijackThis v1.99.1
Scan saved at 00:31:57, on 03/07/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\MATLABR11\webserver\bin\matlabserver.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\winnt\shellnew\bin\drivers\input\data\srvmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\windows\system32\lmgkybm.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\accwiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WordWeb\wweb32.exe
C:\WINDOWS\webshots.scr
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Documents and Settings\Mohammed Sohel\Desktop\HijackThis.e... Read more

Answer:I am affected from ABI Network, Plz Help

10 more replies
Relevance 36.49%

About two months ago there was an infection that changed the EXE associations. We cleaned using malware bytes, rkill, and rogue killer. The issue appeared to be gone for the last two months until now. EXE associations are again messed up, and in addition we are receiving outlook email from the users email account to the users email account. We have fixed the file associations with an EXE fix from dougknox, and scanned with Malwarebytes with nothing found. I am attaching the hijackthis log, as I am concerned there is more not being found. There is a BHO no file line I think should be removed. Any other removal suggestions is greatly appreciated. Thanks in advance.
 Katherine_hijackthis_10102011.txt   11.1KB
  1 downloads

Answer:EXE assocaitions being affected

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the ... Read more

2 more replies
Relevance 36.49%
Question: System Affected

this is my first post .recently some virus has affecred my system i removed it using smidfraud but now when i reboot or start my system it shows "Error loading c:\users\razia\appdata\local\temp\vtstu.dll" ,"Error loading c:\users\razia\appdata\local\temp\oppqr.dll" ,"Error loading c:\users\razia\appdata\local\temp\ypcceoxk.dll" ,plz help i even tried prevxcsi scan nothing found
this is the log from hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at PM 6:15:19, on 14-03-2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\run... Read more

Answer:System Affected

Hello shabeerWelcome to the Bleeping Computer Malware Removal Forum, sorry for the delay in responding, but the amount of people posting with infected computers is through the roof and we sometimes can't get to logs as fast as we would like to. It looks like your post may have fallen through the cracks, If you have not resolved this issue and still need assistance, post a new HJT log as your system may have changed since your original post.Ken

1 more replies
Relevance 36.49%

Hi guys,

This is a weird one...but it's driving me crazy!

I don't have any new hardware, and I have wifi turned off on this PC. Every time a vehicle passes by my building my mouse/keyboard freezes (both are wired) and starts imputing it's own characters (generally a repeated character)...goes on for 7+ seconds. I had a MS wireless mouse, and bought a cabled one just in case. But the problem persists!

Any idea what is causing this? It never happened on vista (the one good thing I can say about that OS), or XP.

I'm sure it's a CB radio that's affecting it as I can hear them talking on my studio speakers when the keyboard/mouse freeze. (So it's police, taxis, buses, etc).

I have two towers hooked up via a wired KVM switch. Just the fact that it's coinciding since the time I installed win7/64-bit makes me think it's some driver thing...but how am I being affected by CB radio waves??

{get's hammer ready to destroy said PC! lol}

Answer:PC being affected by CB Radios?

The first thing I would suspect is the KVM. Try disconnecting it, watching each machine (one at a time if you don't have the additional components, ie, monitor, keyboard, mouse) long enough for the problem to occur.

James

1 more replies
Relevance 36.49%

Hi,

My computer seems to be affected with some malware as I keep getting popups and other stuff on my comp. I have already tried running spybot and adaware 2007, but that hasn't helped much. Here is my HJT log:

-----------------------------------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:56:26 PM, on 2/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDO... Read more

Answer:Affected By Spyware - Please Help

Welcome to the BleepingComputer HijackThis Logs and Analysis forum. My name is Richie and i'll be helping you to fix your problems.Apologies for the late response,as i'm sure you can appreciate we are extremely busy.If you've already recieved help at another forum and your issues have been resolved,or you're presently recieving help elsewhere then please let us know.If you have not followed the info in the link below prior to posting your log then please do so now:Preparation Guide for use before posting a HijackThis Log:http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/If you still require help,please post a new Hijackthis log into this topic in your next reply.Also post a detailed description of the issues you're experiencing.*Note*Post all reports/logs directly into this topic,not as attachments,thanks.

1 more replies
Relevance 36.49%

Hello and Welcome to Bleeping Computer!!My name is Gringo and I'll be glad to help you with your computer problems. I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE:... Read more

Answer:Affected by Happili

Hello 48 Hour bumpIt has been more than 48 hours since my last post.do you still need help with this?do you need more time?are you having problems following my instructions?
if after 48hrs you have not replied to this thread then it will have to be closed!Gringo

3 more replies
Relevance 36.49%

In my system Windows XP and ZoneAlarm Pro firewall is installed. I want to ask when we download any software or opening a site then my web speed will affect by firewall.
 

Answer:Web Speed will affected

as long as you grant access permission zonealarm will not restrict your download/upload speeds.
good luck.
 

1 more replies
Relevance 36.49%

HI all,

My system has become tremendously slow. Seems virus affected. Firstly in Windows Task Manager gwdrive32.exe appeared. Then I disabled it from msconfig but still it is coming.
Now a new problem I am observing. ahetk.exe and csisf.exe are replicating itself in task manager.

Please advice any tool or something.

Thanks in advance,
Kousik

Answer:Seems Trojan affected

Please follow this sites pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, please post the requested logs in the Virus/Trojan/Spyware Help forum, not here.->

http://www.techsupportforum.com/f50/

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

1 more replies
Relevance 36.49%

Followed prep guide-downloaded gmer-but when I tried to open it error message rcvd that said-Application not found.Log is as follows:DDS (Ver_09-12-01.01) - NTFSx86 Run by Paul Nagel at 15:14:30.85 on Tue 03/09/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.427 [GMT -5:00]AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\AVG\AVG9\avgcsrvx.exesvchost.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXEsvchost.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\WINDOWS\system32\fxssvc.exeC:\Program Files\AVG\AVG9\avgam.exeC:\Program Files\AVG\AVG9\avgnsx.exeC:\WINDOW... Read more

Answer:Not sure what my computer is affected with

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 36.49%

For Christmas I received the following PC upgrades:

New CPU
New Video Card
New Power Supply
New Motherboard

Being the impatient idiot that I am I decided to try and attach everything without thoroughly reading through how to do it.

I attached the motherboard 'directly' to the PC Case using steel screws instead of the gold coloures screws provided as I didn't think it made a difference. When trying to boot up the PC it came on for about 5 seconds and then just turned itself off and wouldn't turn on anymore.

After taking the PC to a repair shop to get everything fitted properly I was told that I had burnt out the motherboard by attaching it directly to the inside of the case without using the gold coloures screws (I take it the gold ones don't conduct electricity).

Well I've now had to shell out more cash to buy a new motherboard but I'm "extremely" worried that the rest of my hardware (video card, CPU etc) will have been affected by this. There isn't any noticeable damage on any of the hardware except the motherboard which has a black line going across the underneath of it.

Anyway, I realise it's hard to tell without looking at it but I was just wondering if my other hardware is going to be OK as it was a very decent CPU & Video card and I don't want to have to throw them away and buy more just because of a stupid mistake.


HK
 

Answer:Will All My Hardware Have Been Affected By This?

The gold screws are actually stand-offs that keep the motherboard elevated and prevent shorting it out (as you found out). All your other hardware should be OK.... no guarantees though..... when a motherboard shorts out, it rarely takes out other components with it. Occassionally, the RAM can be fried as well, but like I said, it's rare.... GOOD LUCK!!!! And next time, be a bit more patient and become informed before jumping right into something you've never done before LOL
Happy Holidays!

hopperdave2000
 

1 more replies
Relevance 36.49%

Hi all I have been trying to fix my friends laptop and really do not know what is affecting it. When he goes to Google.ca the word Google is not there and it just says Canada and at the  top it has a bar that has 10 options in it like search images and Gmail. he says the color has changed also.  I have done scans with MBAM, Superantispyware his antivirus software and went to Panda security and did a scan with that. nothing came up..  I am going to try and attach a zipped file from dds so someone could look at it please.  maybe nothing is wrong I just do not know what to do..  
 
thanks all

Answer:Google being affected by something

Hello caveanimal Welcome to The Forums!!Around here they call me Gringo and I'll be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at... Read more

53 more replies
Relevance 36.49%

WHEN I LOG IN ON SITE MY PC PLAY BACKGROUND COMMERIALS DO THAT MEAN MY PC HAS AN PROBLEM?

Answer:What is the pc shut down will my pc be affected?

Don't write in capitals, it puts people off, what do you mean on site?I am a hardware guy not a software guy but i try to help.

4 more replies
Relevance 36.49%

Sugar  fell all over on the keypad on my R61and this led to red ants crawling all over my R61.now and often these red ants erupt from what not gaps in my R61. will this affect my R61 h/w ?

Answer:will my R61 h/w get affected by red ants all over it???

Hillarious. However, if you find prospect of decaying ant bodies shorting your motherboard, try to remove the outer shell and blow some compressed air into the laptop.

4 more replies
Relevance 36.49%

Hi, so yesterday I woke up to some kind of nasty malware on my computer... I know we arent suppose to run combofix from the start, but I did because it seemed like the virus was eating away at my hard drive (icons were disappearing, losing function, hard drive failure messages were popping up). I noticed some odd processes in task manager so I knew it was a virus of some kind. So I ran combofix and it fixed everything back to normal, I just want to make sure I got everything... I also attached the combofix log. gmer scan said something about code detected And that a Rootkit modified something!

Thankyou

-------------------------------------------------------
DDS Log
-------------------------------------------------------

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Run by The Tudors at 11:11:34 on 2011-08-30
Microsoft Windows XP Professional 5.1.2600.3.1252.2.1033.18.3327.2478 [GMT -6:00]
.
AV: Spyware Doctor with AntiVirus *Enabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
svchost.exe
C:\Program Files&#... Read more

Answer:Affected with malware... Please Help!

You may close this topic as I found help on a different site...

Thankyou

2 more replies
Relevance 36.49%

Hi everyone something affected my Computer, I normally use Avast! which can solve a lot of problems. but last 2 days was a hell for me... every 10 minutes some virus, so someone told me about Combofix. The main problem that I can see, is that A lots of important applications are defected by virus and after healing they appear as not-working. (Java components, the card drivers etc.)
below you can see two results of Combofix. So can anyone tell me what to do next? thx for any answers...

Answer:Something affected my Computer

So first ComboFix.txt file:

ComboFix 09-05-26.05 - El Carlos 29.05.2009 8:14.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1919.1485 [GMT 2:00]
Spuštěný z: c:\documents and settings\El Carlos\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090528-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-04-28 do 2009-05-29 )))))))))))))))))))))))))))))))
.

2009-05-23 19:10 . 2004-08-17 13:49 21504 -c--a-w c:\windows\system32\dllcache\hidserv.dll
2009-05-23 19:10 . 2004-08-17 13:49 21504 ----a-w c:\windows\system32\hidserv.dll
2009-05-23 19:10 . 2004-08-17 13:45 14848 -c--a-w c:\windows\system32\dllcache\kbdhid.sys
2009-05-23 19:10 . 2004-08-17 13:45 14848 ----a-w c:\windows\system32\drivers\kbdhid.sys
2009-05-23 19:10 . 2004-08-03 21:08 31616 -c--a-w c:\windows\system32\dllcache\usbccgp.sys
2009-05-23 19:10 . 2004-08-03 21:08 31616 ----a-w c:\windows\system32\drivers\usbccgp.sys
2009-05-22 14:23 . 2009-05-22 14:23 -------- d-----w c:\windows\Downloaded Installations

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-28 21:48 . 2008-07-23 20:22 -------- d-----w c:\program files\Zoom Player
2009-05-27 18:13 . 2008-07-23 21:01 -------- d-----w c:\program files\uTorrent
2009-05-22 14:25 . 2008-07-23 19:19 -------- d--h--w c:\program files\InstallSh... Read more

4 more replies
Relevance 36.08%

Hello. I have encountered a problem with my PC.

In Google and other search related websites, whenever I run a search, i'll click on a link and it will redirect me to another page.

It appears to only be affecting search websites.

I'd really appreciate some help with resolving this issue.

Answer:Virus that affected Browsing.

Hi rgallos and to Bleeping Computer!MALWAREBYTES ANTIMALWARE-------------------------------------------Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Full Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It ma... Read more

11 more replies
Relevance 36.08%

Please Help me Bro.........I'm in problem.......
 

Answer:pceu malware Affected

Hi and welcome to the MalwareTips.com forums!

I'm Kuttus and I am going to try to assist you with your problem. Please take note of the below:

I will start working on your malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for this issue on this machine!
The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
If you don't know, stop and ask! Don't keep going on.
Please reply to this thread. Do not start a new topic.
Refrain from running self fixes as this will hinder the malware removal process.
It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
Before we start:
Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to nece... Read more

1 more replies
Relevance 36.08%

Logfile of HijackThis v1.99.1Scan saved at 11:15:49 PM, on 2/26/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16414)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exec:\Program Files\Common Files\Symantec Shared\ccProxy.exec:\Program Files\Common Files\Symantec Shared\ccSetMgr.exec:\Program Files\Norton AntiVirus\navapsvc.exec:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\brsvc01a.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\brss01a.exeC:\WINDOWS\system32\svchost.exec:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Java\j2re1.4.2_03\bin\jusched.exeC:\windows\system\hpsysdrv.exeC:\WINDOWS\system32\hphmon06.exeC:\HP\KBD\KBD.EXEC:\Program Files\Common Files\... Read more

Answer:Im Affected By An Unknown Virus..can Help..

Welcome to BC huzainie Warning:If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums. You should consider them to be compromised. They should be changed by using a different computer and not the infected one. If not,an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breech.*************************************************Please make sure all hidden files are showing:* Click 'Start'.* Open 'My Computer'.* Select the 'Tools' menu and click 'Folder Options'.* Select the 'View' tab.* Under the 'Hidden files and folders' heading select 'Show hidden files and folders'.* Uncheck the 'Hide file extensions for known types' option.* Uncheck the 'Hide protected operating system files (recommended)' option.* Click Yes to confirm.* Click OK.*****************************Download/install AVG Anti-Spyware 7.5.Please follow these instructions carefully.Launch/start up AVG Anti-Spyware.On the main page click the 'Update' tab,and then 'Start Update'.Once the updates have been installed,do the following:Select the 'Scanner' icon at the top of the screen, then select the 'Settings' tab. Once in the 'Settings' screen,under 'How to act?',then under 'Set default action for detected malware to:', click on 'Recommended actions',then click on 'Quarantine'.Under 'Reports' select 'Automa... Read more

2 more replies
Relevance 36.08%

Hi guys, I'm new here and need some advice - I don't know much about computers at all.
 
I know viruses (although not sure which ones) can copy personal information from computers but I was wondering if viruses can use your personal information and sign you up to websites (like a membership) and post things in them?  Or is it only possible to happen if someone were to physically sign themselves up onto a site personally?   
 
Any advice would be appreciated.
 
Thanks

Answer:Computer may affected - advice please

Both options are possible... Cookie stealing/grabbing worms are there. and they are capable of stealing login sessions....
http://www.bbc.co.uk/news/technology-16426824
Keep you antivirus up to date and keep operating system fully patched.. 
and may be useful .. check this
http://www.bleepingcomputer.com/tutorials/tracing-a-hacker/

3 more replies
Relevance 36.08%

Here is the DDS report.

The problem:
My sisters computer had antivirus trigger. I was able to remove it with hijackthis. However there are still issues and I am assuming there is more to it. explorer.exe wont boot - si o need to do cntrl alt del and new task with explorer. Doing so I get a exception processing message c000a3 parameters 75b6bf9c. After hitting ok, i get a very quick window titled personel setting. it goes by too quick to see what the small writing below it says. After all that explorer loads up. However, it doesnt last long. it freezes in under 10 minutes usually. I ran ccleaner, and multiple other programs, nothing worked. Whats odd is it wont let me even use the windows xp cd. I put it in and try booting from it but after a few minutes (before getting to the menu), it goes to the blue screen of death. I tried using a diagnostic check like one from tuneup utilities but after booting and the tuneup check running for a few seconds it says complete and goes to booting up. Same thing in safe mode. Tried putting in a different harddrive and same issue. No idea what is going on.


DDS (Version 1.1.0) - NTFSx86
Run by rebecca hassine at 19:20:15.43 on 2009-01-03
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1022.594 [GMT -8:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall Plus *enabled*

============== Running Processes ===============

C:\WINDOWS\system32 ... Read more

Answer:Antivirus trigger affected something in the OS

Hello ahbuilderWelcome to BleepingComputer ========================Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

1 more replies
Relevance 36.08%

DDS (Ver_09-05-14.01) - NTFSx86
Run by Mo at 1:18:44.66 on 29/05/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.353.1033.18.1789.728 [GMT 1:00]

SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8&... Read more

Answer:infected and search res affected

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 36.08%

hi, i'm looking at buying a laptop and am confused by the array of processors on offer.i have a short list of systems with intel and amd processors with clock speeds from 1.6ghz to 3.06ghz....is this a true reflection of performance? are they comparable or does fsb and cache come into it? (i realise other things like ram etc will also affect system performance but i'm talking purely processors here)thanks

Answer:overall processor speed - how affected?

"clock speeds from 1.6ghz to 3.06ghz....is this a true reflection of performance? are they comparable or does fsb and cache come into it?"Processor design comes into it a lot - that's why AMD processors tend to do more for a given clock speed. Not all Pentiums can be compared on the basis of clock speed either. And remember AMD "numbers" are not clock speeds at all.Cache comes into it a lot - more cache = higher performance.In a laptop I recommend only buying a "mobile" rated chip - they tend to perform better at a given clock speed - run cooler - and have superior power saving characteristics.

5 more replies
Relevance 36.08%

Hello! I think that my computer is infected with a virus. More in particular a malware virus I think. I get the google redirects in firefox and when I open Internet Explorer it starts opening more windows and going to different random sites and when I open my task manager it shows iexplorer.exe 3 different times, two in the owner username and then one in the system username. I have Norton anti-virus but it is outdated and I don't have money to update it. I recently installed avast but it didn't really detect what I was looking for. It only made things worse pretty much. Now I have a.exe, b.exe, and c.exe running in task manager and they pop up randomly under the system username. I uninstalled avast but the .exe's are still there and I have to end process to make them go away. If I don't end the process my main screen when you log in, everything disappears. The bar at the bottom of the screen and all my desktop icons. The only thing I can do is do ctrl-alt-delete to bring up the task manger and I have to restart my computer. I also tried to install malwarebytes but it had gotten halfway through the downloading process and then ended up quitting. I have a dds log, a hijackthis log and the attached log but the rootrepeal would freeze while trying to initialize so I'm not sure what happened there. I'm not sure what else to write but if you need any more information I will be happy to give it to you. I have windows xp home edition 5.1. On an hp pavilion a320n. I will provide ... Read more

Answer:I'm not sure what I'm affected with but I'm pretty sure it's Malware.

wow just checked all other new posts and they seem to get a reply within a day or that day it's been over a week and i had over 200 views but no kind of answer or help well thanks anyways bc.com.

17 more replies
Relevance 36.08%

I got infected by the file xzxzxzxzxzxz and tried to delete it manually. However it kept re-appearing after i reboot my computer. I consulted online forums and tried using killbox to delete the program permanently. So now i'm not sure if i solved the problem at all. hahaha. could someone have a look at this? thanks in advance Logfile of HijackThis v1.99.1Scan saved at 7:02:51 PM, on 8/14/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Norton Internet Security\ISSVC.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\cisvc.exeC:\WINDOWS\system32\CTsvcCDA.EXEC:\Program Files\Common Files\Microsoft Shared\VS7Deb... Read more

Answer:Computer Affected By Xzxzxzxzxzxz

Hello there and welcome to Bleeping Computer's security forum.My name is David, I will be helping you with your log today.It is a good idea to print off these instructions:This will be useful as there is a possibility some of the instructions will need to be carried out where internet access is not available. You may also like to save these instructions in word/notepad to the desktop where they can be easily found for the same reasons as above. A print out of the instructions would be a good reference to make sure you don't yet lost.Also, it is important that you complete the instructions in the right order, and also that you don't miss any steps out!If you have any queries about the process or just general questions, just ask.Your Java is out of date and the older versions are being exploited by malware. It is the likely cause of your infection, so we need to get it patched up as soon as possible.Click on start, then control panel, and then double-click on add/remove programs. Search in the list for all older installed versions of Java. (J2SE Runtime Environment.... )It should have next icon next to it: Highlight each and click Remove.Then Download and install the newest version from here:http://www.java.com/en/download/manual.jspDownload Brute Force Uninstaller.Unzip it to a folder of it?s own (c:\BFU).Read here how to unzip/extract properly:http://metallica.geekstogo.com/xpcompressedexplanation.htmlStart the Brute Force Uninstaller by doubleclicking BFU.exeNext t... Read more

10 more replies
Relevance 36.08%

I got a virus and after removal my computer stopped communicating with my printer printer is on network and works wirelessly wirh other computers but mine can not find it mine will work when connected to printer with usb any one have any ideas i have tryed all my fixesEdit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

Answer:Virus affected printer

Hello, what tools did you run? What is your Browser and Operating system?MiniToolBoxPlease download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

6 more replies
Relevance 36.08%

Ok, im sure you've encountered poss on this before..ive tried various spyware programs, ive been into the registry, ive checked my DNS iv even formatted my hard drives and reinstalled windows..spybot is picking up on the nasty copy-book url when i open windows, but i can't seem to stop it, removed some nasty looking bits by running a search for my prefetches and deleted sum documents that told me i was blatently being redirected to other sites...both my laptop and my pc have had this problem, ive tried getting rid of any ominous looking files..leaving my modem off overnight to renew my ip ad, yet it still seems to track me down...starting to get a little frustrated!
Any help would be a great assistance, im not daft but this is just out of my knowledge base!
Thanks, Carla

Answer:Pc,laptop And Psp Affected By Copybook!

Hi notquiteright, welcome to BC. Take a look at this thread. CARRUTHERS post in particular.

10 more replies
Relevance 36.08%

Howdy folks:
Please help me with a question about my Dell Win7 Premium laptop.
A)Would the following scenario affect my windows installation ?
1. Taking out my hard drive and enclosing in USB HD enclosure.
2. Connecting via USB to identical laptop.
3. I assume HD will be assigned a drive letter.
4. Making an emergency backup of my hard drive by just pasting and copying from the now
external USB HD to a folder in the other identical system.
5. Putting hard drive back in my laptop.
B) Would the drive take on the C: drive letter again when I put it back?
C)Will it boot ok when I put it back?
Thank You All

Answer:Is Win7 installation affected by...

It will not effect your drive in the slightest, but I doubt that that method would actually make a usable backup of your computer. That is why people us imaging software to make backups. A better idea would be to put the other hard drive in the enclosure, create a folder, and use Windows 7 backup to create an image of your hard disk in that folder on the other drive.

9 more replies
Relevance 36.08%

Following the suggestion from the ?Malware removal? section, I would kindly like to ask for help regarding the problem I am facing with the startup of the PC, the startup time being more than 30 minutes and after that is all working OK, except the USB ports: also the PC presents a problem communicating with the USB ports despite the fact that it shows that the USBs are working properly. The PC still presents these problems after rootkit-gen[rtk] and viruses where removed.

System info: Windows XP Professional SP3, all updates are at date. 1G RAM and do not have too much running at startup.

Disk cleanup, check local disk and defrag did not improve the situation.

I do have the installation CD with SP2, but I cannot launch Recovery Console because I am getting the message that the PC has a newer version of Windows?

I would appreciate any help to solve the problems with the startup and USB communications ports

Thank you very much for your time

Sincerely yours
 

Answer:startup very slow & USB affected

From your hijackthis log, try disabling all startup items except AVAST and ctf.mon using startup cpl from HERE

Any improvement?

Then, from a command prompt, type sfc /scannow
Note the space between sfc and /.

What are the scan results?

Then, set a restore point, as this has been known to cause, as well as fix, problems. Download and run, checking all boxes, dialafix from HERE

Has any of this helped?

Any yellow flags in your device manager? :wave:wave
 

6 more replies
Relevance 36.08%

My system is infected with trojan when i run antimalware scan,in system32/Redemption.dll.
I had experienced blue screen,after quarantining the file for one time.
What is redemption.dll and how can i repair file?

Answer:Redemption.dll is affected with trojan

Redemption.dll Problem - Microsoft Community

Worth taking a look at that page as someone has had an error with that .dll. What AV/security programme do you have installed? If you have Malwarebytes it should allow you to scan in "safe mode" to get rid of it.
There are also many portable scanning utilities out there that can help.

Five portable antivirus and antimalware tools to carry with you at all times - TechRepublic
Turn your flash drive into a portable PC survival kit | PCWorld
The Portable Freeware Collection - Security - Malware Detection

4 more replies
Relevance 36.08%

omg, I tried to open a .docx and I get a no known associations / set associations. Simply enough? I good to the panel to do just that and SURPRISE Word 2010 is nowhere to be found! Also there are a huge number of unknowns now in the listing of extensions to programs to open with, etc.

Answer:Now setting associations are affected

If it worked recently use system restore. If that fails post back for more ideas.

1 more replies
Relevance 36.08%

I have a Dell desktop that runs Windows XP.. Last year, due to a battery back-up failure, it was infected with a virus. A local shop got it up and running again, however many programs on the startup menu are mysteriously "empty". Not the biggest problem--last week a lightning stike hit the phone line and fried (I think) the ethernet port. Bought a USB ethernet adapter--PROBLEM--I need to run the installation CD. I can open the draw and insert the CD, but then-nothing. I think the old virus wiped out the cd drive, or at least the computer can't find it! It's not listed on the device manager at all. Help! It's an old computer, but would like to get it back online if possible!
 

Answer:virus affected cd/dvd drive

One thought for getting the driver would be to go to the USB doggle manufacturer's website and see if they have the XP driver available for download. Most manufacturer's have downloads available in case the CD doesn't work or gets lost.

As for the CDROM, if it doesn't show in Device Manager then the next step would be to see if it shows in BIOS. That would be F2 during the Dell screen to enter BIOS. The system summary should probably list the CDROM. But if you give the model of the desktop, I might be able to find BIOS screens that would verify the location as to whether or not BIOS recognizes the drive. If BIOS doesn't recognize it, then either it is hooked up wrong or is dead.
 

1 more replies
Relevance 36.08%

I clicked some link my friend on msn sent me and it has spyware. Guys, do u know how to get rid of this, aside from reformatting? My father's gonna kill me if he finds out our comp's infected.
Can this damage my comp?


Any help would be greatly appreciated. Thanks.

Answer:My MSN Messenger is affected w/ Spyware

go thru my guide

3 more replies
Relevance 36.08%

Its not even a month since I purchased my pc and its filled with all these malware. I have tried various softwares and methods to remove the same but none of them helped. Though i followed all the steps correctly, i still found out no matter how much i tried , these malware doesn't seem to go.Finally I landed up here and decided why not give a try. I really need help badly because I can no longer browse with ease or mostly its impossible to browse on any application (chrome,firefox,etc). waiting for further assistance eagerly!!
 

More replies
Relevance 36.08%

Hello experts !I am trying to download the free version of Publisher 2007 from click here, I already saved it in my Hard Drive but whenever I click on "RUN" it appears this message: "There are no products affected by this package installed on this system". What does that mean? what else do I need to do to run the program? Thanks in advance, all the best, Antonio.

Answer:There are no products affected by this package...?

This message usually means that the downloaded program is not compatible with your system.And of course you cannot get a free version of Publisher - this is just a 60 day trial. After that it costs $169

2 more replies
Relevance 36.08%

Hi guys,

Maybe you can help me with some advices. I am running win 7 x64 and from time to time I have BSODs, with no clear logic. Usually I saw then happening when I am not touching the keyboard or mouse for a while but I have also sudden BSOD while I am browsing.
I attached at the end of the message the dumps.



WhoCrashed log below. Any idea what may cause the problems?

On Fri 21.01.2011 18:55:14 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x50 (0xFFFFF280035AE500, 0x1, 0xFFFFF80003497C62, 0x7)
Error: PAGE_FAULT_IN_NONPAGED_AREA
Dump file: C:\Windows\Minidump\012111-36457-01.dmp
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft? Windows? Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.



On Fri 21.01.2011 18:46:33 your computer crashed
This was likely caused by the following module: msrpc.sys
Bugcheck code: 0x1000007E (0xFFFFFFFFC0000005, 0xFFFFF880012BC363, 0xFFFFF880031C6D68, 0xFFFFF880031C65C0)
Error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
Dump file: C:\Windows\Minidump\012111-24866-01.dmp
file path: C:\Windows\system32\drivers\msrpc.sys
product: Microsoft? Windows? Operating System
company: Microsoft Corporation
description: Kernel Remote Procedure Call Provider
The c... Read more

Answer:BSOD in Win 7 with different files affected

  
Quote: Originally Posted by valir


Hi guys,

Maybe you can help me with some advices. I am running win 7 x64 and from time to time I have BSODs, with no clear logic. Usually I saw then happening when I am not touching the keyboard or mouse for a while but I have also sudden BSOD while I am browsing.
I attached here the dumps for help:

2shared - download Minidump.zip

WhoCrashed log below. Any idea what may cause the problems?

On Fri 21.01.2011 18:55:14 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x50 (0xFFFFF280035AE500, 0x1, 0xFFFFF80003497C62, 0x7)
Error: PAGE_FAULT_IN_NONPAGED_AREA
Dump file: C:\Windows\Minidump\012111-36457-01.dmp
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft? Windows? Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.

On Fri 21.01.2011 18:46:33 your computer crashed
This was likely caused by the following module: msrpc.sys
Bugcheck code: 0x1000007E (0xFFFFFFFFC0000005, 0xFFFFF880012BC363, 0xFFFFF880031C6D68, 0xFFFFF880031C65C0)
Error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
Dump file: C:\Windows\Minidump\012111-24866-01.dmp
file path: C:\Windows\system32\drivers\msrpc.sys
product: Microsoft? Windows? Operating Sy... Read more

2 more replies
Relevance 36.08%

Despite all the Firewalls, CA anti virus protection, Windows Defender and several others installed and kept up to date, I have one machine which has been rendered nearly useless by some sort of virus attack. 4 out of every 5 boot ups I get just the desktop picture with no icons, and a frozen system. When Windows does load OK the machine is inundated with popups insisting that I am infected and by paying by credit card all will be cleaned up. The chief invader is called Advanced Anti Virus or AAV. Soething keeps turning off my Windows Something keeps turning off my Windows Security centre automatic upadtes. I turn it on, next time I boot OK it is off. I have purged the Startip itms, and deleted AAV entries from registry or so I thought. It is still there. One pop up allegedly from CA anti virus keeps telling me my license has expired and demanding payment. I know it does not expire until 2009. In general terms is there any software available which will clean up a system, or do I have to wipe it and begin again? Windows XP Home SP2.

Answer:Virus affected system

By the sound of it,a reformat could be the easiest route as the system is basically unworkable.However, i think your going to need expert help on this if you wish to persevere with a cleanup.Download Hijackthis click here (direct download)And post the scan log at Malwareremoval click herePlease be paitent,the experts will help you.

8 more replies
Relevance 36.08%

Hi.I'm using HP 15 R078TU which came with Windows 8.1 single language and I updated it to Windows 10 home single language OS.Recently my laptop infected with virus. I'm unable to uninstall them and can't remove them by using Windows defender. Security service center turned off. And then windows defender too stopped. Can't be able to browse internet in Microsoft edge browser though I have a good internet connection. I removed Mozilla Firefox browser. I don't have chrome browser. In another laptop I downloaded malware bytes and spyhunter softwares and tried to install them in my laptop through USB pen drive but when I tried to run them it says they can't be executable. Cursor on screen blinks very fast and behaves all the time as if any background processes are running ... sometimes taskbar will not respond. What to do? Is recovery is the best option? I have Windows 8.1 recovery media. Will recovery removes windows 10.? I didn't backed up my data. Huge data is there because I'm using 1TB hard drive full of data. Don't have external hard drive. So what to do now?

More replies
Relevance 36.08%

I installed service pack 2 yesterday and now cannot use IE6. Each time i open the browser I get "this page cannot be displayed message"I have followed the instructions in previous posts on how to fix Internet explorer but it didn't work.Anyone any ideas?

Answer:Service pack 2 - has it affected IE for anyone?

Hi vandango. Check what your Home Page is set to (Tools - Internet Options). I find it's best set to "Use Blank", then I can decide what site I want to visit on opening IE. Otherwise install Mozilla Firefox click here, I'm sure you won't regret it.

10 more replies
Relevance 36.08%

I have a Lumia 920 I've long since replaced and want to sell while it's still worth something. I had installed 8.1 on it using Preview for Developers. I noticed trying to research asking price, unlocked phones were fetching a higher price. I researched unlocking it and found, after getting the unlock code from my carrier, I could enter ##7820# to bring up sim unlock screen. It worked fine on a 1520 I'm also selling but on the 920 I would see the beginning of page change animation and it would just go to a blank screen (this was addressed but not really answered here in your forums). I solved that problem by rolling the 920 back to WP 8. Unlocked no problem. To finally get to my question, I have now reinstalled WP 8.1 through Preview for Developers (where sim unlock page won't show) and have no idea if my sim unlocking stuck through the process. Anyone know the answer? My only thought if someone can't help is to revert to WP 8 again, check there, then reinstall 8.1 one more time. A couple hours of babysitting an old phone I'd rather spend doing something else if anyone already has done that or knows the answer. Thanks!

More replies
Relevance 36.08%

i had the win 7 virus. i removed it and now many programs wont run. my pc will ask me which program to use to open the file. until recently, it was almost immpossable to open internet explorer and i can't install anything or accsess most files on my pc. the files i cannot acsess are all extensions(have .exe).

Answer:can't run programs affected by win 7 virus

http://support.microsoft.com/kb/950505sounds like a file association problem.or search for windows 7 file association fix .exe and it will give you other options.let me know if this doesnt workmike

5 more replies
Relevance 36.08%

Hey,
my Chrome Browser does not function anymore since I got this annoying adware. It can not be detected by any virus softwares and I can't access the chrome settings to get rid of it. Even when I uninstalled Chrome and when I deleted all related files the problem occurred immediately again when I installed Chrome for new.
Does anybody has an idea how to solve that?
Thanks!
 

Answer:affected Chrome Browser, Mac

Hello,
Have you tried this: Malwarebytes Anti-Malware for Mac
 

0 more replies
Relevance 36.08%

Hey,
my Chrome Browser does not function anymore since I got this annoying adware. It can not be detected by any virus softwares and I can't access the chrome settings to get rid of it. Even when I uninstalled Chrome and when I deleted all related files the problem occurred immediately again when I installed Chrome for new.
Does anybody has an idea how to solve that?
 

Answer:affected Chrome Browser, Mac

Do you sign into Chrome with your Google Account? (See image below).



Download and Run:
Malwarebytes Anti-Malware for Mac
Objective-See
 

1 more replies
Relevance 36.08%

All of the text has been replaced by symbols and characters!!!
I can't read anything except for the windows logo and other images.
For example a b types a checkmark, s types a question mark, h types a filled in circle....
 

Answer:virus affected text

6 more replies
Relevance 36.08%

Hello,

My PC was affected by Smitfraud-C. Toolbar888. I just tried yr method, unfortunately it just go half way, I did'nt know why. Is the Smitrfraud similar to to type that I was affected? Bt the way I'm also tried Trojan Hunter, Spybot, Lavasoft (Spyware), AVG and Avast (AV) to solve this problem, but the Smitfraud-C. Toolbar888 still remained in my PC. Please advice.

Answer:My PC was affected by Smitfraud-C. Toolbar888.

It is no us in kicking a thread of 1,5 year ago.How To Remove The Smitfraud / Generic Zlob / Quicknavigate / Virtual Maidstart with checking for malware causes to your problem.Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.http://www.superantispyware.com/]SuperAintiSpywareRun the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.http://www.bitdefender.com/scan8/ie.html]BitdefenderAfter that please read and follow all instructions in the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may have performed some of these steps already. About half way down are instructions for downloading HijackThis and creating a log.When you have done that, post a log in the HijackThis Logs and Analysis Forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and r... Read more

1 more replies
Relevance 36.08%

I ran C Cleaner and chose the advanced option to have it 'wipe free space', it advised it would take a long time, but I figured my computer needed it as it had been running slowly and the mouse at times was slow to respond and somewhat erratic. I figured I could still work while it was running. However, once it started the portion to delete and wipe space clean, I would click on my Outlook short cut and the icon would go to the 'spinning circle' indicating something was going to happen and then it stopped and Outlook would not open (no error message). I tried opening it from the program menu and got the same result. I also noticed that in Google chrome, it will open my tabs as they had been set before, but if I open a new tab and try to search for something it also spins as if something is going to happen and then nothing. When I hit refresh, it removes my search words from the URL field and goes to nothing. HELP!

Answer:Ccleaner affected my Outlook

Try reinstalling Outlook & Google Chrome
You might want to backup your outlook.pst file before reinstalling outlook just in case.

6 more replies
Relevance 36.08%

Files on the server all appear faded and many show as exe files sysamtec end point show frequent trogan.gen infections

Below is the combofix and hijackthis logs on one of them

combofix
ComboFix 13-01-27.03 - Rob 01/27/2013 10:54:39.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1076 [GMT -5:00]
Running from: c:\documents and settings\Rob\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Don\g2ax_customer_downloadhelper_win32_x86.exe
c:\documents and settings\Don\GoToAssistDownloadHelper.exe
c:\documents and settings\Rob\Application Data\PriceGong
c:\documents and settings\Rob\Application Data\PriceGong\Data\1.txt
c:\documents and settings\Rob\Application Data\PriceGong\Data\10.txt
c:\documents and settings\Rob\Application Data\PriceGong\Data\11123.txt
c:\documents and settings\Rob\Application Data\PriceGong\Data\2124.txt
c:\documents and settings\Rob\Application Data\PriceGong\Data\2229.txt
c:\documents and settings\Rob\Application Data\PriceGong\Data\2994.txt
c:\documents and settings\Rob\Application Data\PriceGong\Data\300.txt
c:\documents and settings\Rob\Application Data\PriceGong\Data\592.txt
c:\documents and settings\Rob\Application Data\PriceGong\Data\6018.txt
c:\docu... Read more

More replies
Relevance 36.08%

Kindly help!
As my system infected with WELCOME TO NGINX, please find below log report. Thanks in advance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:18:00 AM, on 02-Jul-2012
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TATA Photon+\Olive\VME101\Drivers\OliveDcService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
F:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TATA Photon+\Olive\VME101\TTSL Olive VME101 Dialer Ver 1.1.4 Release 000.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\suresh\AppData\Local\Facebook\Messenger\2.1.4554.0\FacebookMessenger.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel.exe
C:\Program Files\WIDCOMM\Bluetooth Sof... Read more

Answer:nginx virus affected

Hello lovechennai and Welcome to Tech Support Guy!
My name is Gizzy and I'll be glad to help you with your malware problems.

Please note the following while we work:

The fixes are specific to your problem and should only be used for this issue on this computer.
Perform all actions in the order given.
If you don't know or understand something stop and ask! Don't keep going on.
Please DO NOT uninstall/install any programs unless asked to. It is more difficult when files/programs appear or disappear from the logs.
Please DO NOT run any tools or scans unless I ask you to.
It is important that you reply to this thread. Do not start a new topic.
Your security programs may give warnings for some of the tools I will ask you to use, Be assured, any links I give are safe.
The process is not instant, Please continue to respond to this thread until I give you the All Clean!. Absence of symptoms does not mean that everything is clear.
Topics not replied to within 3 days will be removed from my Subscribed Threads List.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse ... Read more

2 more replies
Relevance 36.08%

Problems:
1) "2009 Anti virus" virus

2) Lot of popups

when i try searching something or open any site, the following comes up: (for example - i tried searching for the word "consent" in the google tool bar on mozilla firefox:), it immediately pops up the following url:
hXXp://70.38.98.32/red.php?lid=consent&br=firefox&url=www.google.com%2Fsearch%3Fq%3Dconsent%26sourceid%3Dnavclient-ff%26ie%3DUTF-8%26rlz%3D1B3DVFA_enUS238US241&z=US&affid=170802&ver=119&shows=0&click1=905&click2=0&uqs=905&uid=d420775ec3b011ddbcc600304890471a&guid=4baedaaf5fe00449876089808ff84b09&jguid=&cmp=superjuan&rid=fb0001&xp=1

3) Internet explorer is not opening. Always says, there is an error, do you want to send. This started hapening after i installed Internet Explorer 7.(IE7)

4) Acrobat opens PDF and then hungs.

Please help me with the above problems.

Please let me know if you need more information.

*************************************************
DDS (Ver_09-01-19.01) - NTFSx86
Run by Ramu at 23:51:40.15 on Mon 01/26/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_03
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.326 [GMT -6:00]

AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\W... Read more

Answer:Affected with 2009 virus

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

Please copy this page to Notepad and Save it to your Desktop in order to assist you when carrying out the following instructions.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding.
Ensure that there aren't any opened browsers when you are carrying out the procedures below.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Your hard drive is almost full. Having too little free space on your hard drive can compromise system performance.


Quote:




C: is FIXED (NTFS) -... Read more

2 more replies
Relevance 36.08%

Hello My wife and i bought our Gateway desktop with touch screen last feb or so in 2010. Yes I have been downloading a few songs here and there from frostwire and etc.. I do have CA PC tune up for my com that we bought at the store. Recently we have been experining our computer screen go from normal to a black screen then a gray screen then a white screen, then a rainbow screen of these colors, blue, green, red and maybe yellow.. plus along with my CA PC tune up i use superantivirus FREE edition, but yet my com says there is no antivirus program on it. Plus 3 weeks ago my adapter that get my internet hooked up just went missing but i pulled out the cord for about 5 min then put it back in and it was back.. Weird. PLus when i go to shut down windows says this UPDATING 1 of 1 then after it does this weird screen thing i telling u about.. why and what can i do to resolve this problem. I keep on restore my com after each time it does this. but sick and tired of it doing it....
 

More replies
Relevance 36.08%

Hi Tech guys ive recently had some very nasty problems with my pc, for the past few days ive had intermitent internet only resolvable by releasing the adapter an renewing( altho my knowlege is very limited) this has been going on for 3-4 days now every 10 or 20 mins, also my system seems to hang when i lose connection and work ok again after ive run ipconfig an restored connection, problems running programs that ive never had before an the past 2 days have been a nightmare where my system has stopped working in any usefull way. The past few hours ive had to change all of my services back to run auto or manual because nearly every one of them had been disabled (probs why my pc is not working very well ) I have ran a umpteen scans with malwarebytes, spybot, avira, panda online, found 2 trojans an cleaned them with avira at the first sign of trouble, found nothing since, cleaned up using ccleaner and i do have zonealarm avira and spybot running all the time.
Well as requested my logs, only HJT an Gmer ones im afraid the DDS links would not work for me nor manually typing the address, sorry.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:16:48, on 30/12/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\HP\Digital Imaging\smart web... Read more

Answer:Have been affected by something nasty (excluding the Mrs)

Hi guys i know your all busy bee's, just wanted to bump my post up incase you missed it im still havin big problems maybe damaged cause by the virus/malware i had/have? still running scans but no joy there, would appreciate any help guys thanks over an out.
 

2 more replies
Relevance 36.08%

Virus had infected only on one user ,
when I log in as an Administrator it shows no virus and system works absolutely fine.
but when log into the system as user virus exists
virus and anti spyware logs shows a continous attack of Trojan.Zefarch was listened .

using the web url tried to download the noton power earser but could not run the exe .

http://security.symantec.com/nbrt/npe.asp?lcid=1033&origin=default

also used the trojan.zefarch removal tool

http://www.symantec.com/security_response/writeup.jsp?docid=2009-012801-2706-99

but could not used the tool also on the machine.
how do we get rid of this situation .????
 

Answer:virus affected on one machine .

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this do following, please.
Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds file to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

 

1 more replies
Relevance 36.08%

Hi,

Guys my computer is affected with WIN 32/NSAnti torjan..when i scan my computer with AVG, it detects the threats and moves them to the vault...but they again pop back..and iam so fed up with dem...and my messenger stopped working now with dat...i am helpless..can ne 1 hea get me out of this..
blueboy
 

Answer:WIN32/NSAnti affected

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:27:44 AM, on 1/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
D:\Program Files\iTunesHelper.exe
C:\WINDOWS\system32\imglog.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
D:\iCall\iCall.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
D:\Program Files\Safari.exe
D:\NetMeter\NetMeter.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ex... Read more

3 more replies