Computer Support Forum

Unknown malware/virus won't let any anti-virus/windows defender/malware removal progran to complete scans

Question: Unknown malware/virus won't let any anti-virus/windows defender/malware removal progran to complete scans

When I try to run a scan from usind AVG anti-virus, Avira, Windows Defender, or SuperAntiSpyware; when the scan gets to a certain point, Windows shuts computer down with a blue window. It says Kernel_Stack_ Inpage_ Error plus some standard verbage about if you recently installed sortware/hardware,see administrator, etc. At bottom it says: STOP: 0x00000077 (0x00000001, 0x00000000, 0x00000000, 0xF79B1D24). I could sometimes run AVG scan in "select drives/folders" mode but recently it quit allowing that after I upgrade to AVG 9 (free). I uninstalled AVG and went to Avira but with same results. Scanning with Windows defender did the same. I recently installed and ran SuperAntiSpyware and was able to pinpoint problem to " System Volume Information" directory. I am unable to open to see contents as Windows shows no files in it. When I ask Ariva to scan it, Ariva says no files also but if I use AntiSpyware to scan, it shows many files during it's scan but will get to a certain point and computer will shut down. I can almost see file that shuts it down but it happens too fast to catch it. I was able to run "RootRepeal" and log is below. I was not able to run "DDS.scr".

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/30 13:15
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB2EC8000 Size: 49152 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0xb60d70c6

#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xb60d70bc

#: 063 Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0xb60d70cb

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0xb60d70d5

#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xb60d70da

#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xb60d70a8

#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xb60d70ad

#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xb60d70e4

#: 204 Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xb60d70df

#: 247 Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0xb60d70d0

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xb60d70b7

==EOF==

Relevance 100%
Preferred Solution: Unknown malware/virus won't let any anti-virus/windows defender/malware removal progran to complete scans

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Unknown malware/virus won't let any anti-virus/windows defender/malware removal progran to complete scans

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

23 more replies
Relevance 100.34%

I recently had an update notice from Microsoft. Once uodated I had IE8 . Before updateing I had run an MBAM scan due to a false anti-virus I think it was Anti-Virus PRO. I have the scan log if need to verify what was detected. I have tried to run MBAM & SAS in both normal & safe mode, recevied the error on the subject line for MBAM. SAS just says will report error & asks for my email. I can not stay on IE without encountering a problem and shutting down. Not even wmp stays on always encounters error & shuts down. Was able to run BitDefender Antivirus 2008 nothing detected.PC details:HP 873nXP Media Center Edition Ver. 2002 Service Pack 3Pentium 4 2.53GHz1.50GB RAMTask Manager shows 40 processes running have noticed multipule duplicate processesName User Countsvchost.exe System 4svchost.exe Network Service 2svchost.exe Local Service 2Here is the HJT logAny help is greatly appreciated.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:09:54 PM, on 6/6/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\... Read more

Answer:Unknown virus can not run any Anti-Malware scans

Hello, plox3.My name is aommaster and I will be helping you with your log.If you have since resolved the original problem you were having would appreciate you letting us know If not please perform the following below so I can have a look at the current condition of your machine.ThanksAlso, you may want to consider tracking this topic by either adding it to your favourites or clicking the Options button at the top of this thread.Please note that I am in the process of my training so it may take a while for me to get back to you, as each of my fixes need to be checked by a coach first.Download random's system information tool (RSIT) by random/random and save it to your desktop.Double click on RSIT.exe.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)In your next reply, please include the following:RSIT Log

29 more replies
Relevance 89.32%

I have scanned with AVG with the latest updates. On top of that insidious google redirect I get random pop ups even when I don't already have IE or Firefox running. Also getting sounds in the background like I'm clicking on a link, surfing the net when I'm not. And SYSTEM in task manager is hogging a ton of memory.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 11:52:42 PM, on 8/7/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exeC:\... Read more

Answer:persistent malware undetected by virus scans and malware removal tools

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please download OT... Read more

2 more replies
Relevance 87.58%

Hello ancient gods of computer wizardry, 
 
I your humble and lowly servant come to you with a problem. 
 
I've noticed my computer has been doing some erratic things lately. When in the login screen after starting up, the computer makes the login sound before I actually type anything in. That's my first indicator that something is wrong. 
 
Also, I recently downloaded the start.qon8 PUP and was able to get through step 1 of removing it. however, when I go to step 2 using the Junkware removal tool, I noticed that a few minutes into the scan, my computer freezes up. The whole thing. I can't move the mouse, CTRL ALT DEL doesnt work and I have to do a hard restart to get it working again. 
 
Crazy thing is, it's happening with other programs that scan my computer. Adaware, Malware bytes, AVG, Microsoft security essentials... They all freeze after a few minutes. I've noticed that it freezes when I get to C:\Windows\System32\drivers\ataport.sys
 
I think that having 3 different scanners freeze at this file indicates that this file may be corrupt, but I leave this up to you gentlemen (or ladies) to help me.  
This is beyond my capabilities. Please help. 
 
V/R, 
A Lost LT

Answer:Windows 7 freezes when running any anti spyware/virus/malware scans

Welcome aboard
 
You surely can't be running two AV programs (MSE and AVG) so you must uninstall one of them.
If AVG use AVG Remover: http://www.avg.com/us-en/utilities
 
When done try another scan.

14 more replies
Relevance 84.97%

i have looked up this issue and apparently this must be a new one since there is no solution what so ever, even the hidden admin account is defenseless, here is what's going on

1. the PC got infected on windows defenders watch, the infection proceeded to disabling it and what happened next is still unclear.
2. it disabled every anti-malware i tried, even KVRT which is specifically used on this situation. it says my admin has declared anti-virus softwares an enemy of the state. it either wont allow new installation or apparently uninstallation too...
3. just recently, it started blocking powershell, and 2 other apps i have never used before, skeptic to open and see., might be a consequence of not having anything to protect my PC, I am online for 60% of the day.
4. the overall performance has not been impacted, and that's what is worrying me.

things i tried so far

1. manually deleting the viruses carried by the malicious program. i canceled the set up once i found out it was fake but obviously, it didnt work.
2. running KVRT through elevated cmd found some malware but didnt have necessary privileges, it copies the malwares to quarantine and let them loose. that's actually how they protect themselves, they can not be deleted..period.
3. i finally found adwcleaner which destroyed the adwares which plagued my browsers, but after that there is a recurring key which seems to be immortal...screen shot attached.
4. i installed avast premier (the one antivirus which managed to finis... Read more

Answer:Every...i mean every anti malware blocked by unknown malware/virus

To save you all the agro.....a nice clean install......or have you done a back up?

3 more replies
Relevance 82.94%

Lately I have been attempting to install our purchased copy of Bitdefender anti-virus and for some reason the software won't install, and it doesn't just do it for Bit Defender, it also happens with every other anti-virus I've tried to install (avg, malwarebytes and another one I can't remember). I have no idea what kind of virus/malware/worm it is, so I'm sorry that I can't give anything helpful in that regards. Thus far I have followed your guide for your forums and will post the needed information.

P.S. Thank you so much for doing what you guys do.

P.P.S. My Ark.txt file was too big to upload so I can send it over email.

DDS (Ver_10-12-12.02) - NTFSx86
Run by Sean at 19:58:28.90 on Mon 12/20/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_22

============== Running Processes ===============
============== Pseudo HJT Report ===============

uStart Page = about:blank
mStart Page = about:blank
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - e:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - e:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - e:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolba... Read more

Answer:Anti-Virus installation virus/malware/worm (unknown)

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

2 more replies
Relevance 82.36%

Hello! Thanks in advance for taking the time to listen to my proble.This all started when I received an email from my ISP giving a 1st Abuse warning that one of our devices was "...sending out spam attached emails.." so I began ensuring all PCs were up-to-date with windows updates and virus scans. When I attempted a Windows Update on this PC I received the error "Cannot display the page" after hitting either the "Express" or "Custom" button on the update site.AVG and Spybot S&D did not find anything during scans. I then downloaded and attempted to run Malwarebytes Anti-Malware which was going fine untill the system self rebooted half way throught. I now get a "Run-time error '0'" when I attempt to run Malware Bytes. I have followed the instructions on your site and unfortunately not been able to get RootRepeal to run. When it starts a screen saying "Initializing please wait.." comes up and stays up (I have tried overnight and for an hour). Task Manger reveals RootRepeal is using a constant 50% of CPU.Thanks for your help I look forward to hearing from you -larry __________________________________________________________________DDS (Ver_09-07-30.01) - NTFSx86 Run by Owner at 0:24:01.39 on Sun 20/09/2009Internet Explorer: 6.0.2900.2180Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2046.1149 [GMT 10:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D... Read more

Answer:Infected with unknown virus/malware blocking scans and updates

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

20 more replies
Relevance 82.07%

Windows Anti-Malware Patch is a rogue security software which will report that malware has been detected on your computer in an attempt to scare you into buying this malicious software.
In reality, none of the reported issues are real, and are only used to scare you into buying Windows Anti-Malware Patch and stealing your personal financial information.

As part of its self-defense mechanism,Windows Anti-Malware Patch has installed a rootkit on your computer,which will disable the Windows Task Manager and will block you from running any program that could lead to its removal.

Windows Anti-Malware Patch is a scam and you should ignore any alerts that this malicious software might generate.
Under no circumstance should you buy this rogue security software as this could lead to identity theft,and if you have, you should contact your credit card company and dispute the charge stating that the program is a scam and a computer virus.
Removal instructions for Windows Anti-Malware Patch virus​This is a self-help guide, use at your own risk.
If you experience problems completing this guide, or the problem persists after following the instructions below or would like to have one of our staff members guide you through the process, please start a new thread in our Malware Removal Assistance forum.
STEP 1 : Start your computer in Safe Mode with Networking

Remove all floppy disks, CDs, and DVDs from your computer, and then restart your computer.

Press and hold the F8 key as your c... Read more

More replies
Relevance 78.88%

I installed Malwarebyte's Anti-Malware but it will not run. I've read other threads saying to rename the file, I tried but it still would not work. Can someone help me?

More replies
Relevance 78.3%

We switched to McAfee about 4 months ago. The thing never really worked right and warned me, after the warranty, that the scan was not completing. It finally started to reboot the computer everynight . McAfee wouldn't refund us so I uninstalled and installed AVG-free, No I can't open links in emails and some other things. the internet freezes and I have to use taskmanager to close the browser windows. I can go on my husbands side and everything will open from those particular emails. What could be my problem?
Thanks
 

More replies
Relevance 78.01%

I am having an issue with, what I believe is, the google redirect virus or whatever it may be called now. It all started last week when I was working on my accounting homework for school and was working between Microsoft Word 2007 and various websites in IE9 (running Windows 7). I was working on my homework when suddenly all of the windows closed without warning (internet, word, and windows explorer) and my computer restarted. When Windows reloaded, my desktop background had changed to solid black and half of my desktop icons went missing. The more I did to try to fix it, the worse it got and the more icons disappeared. I found a thread on this forum that described the fix and followed it step by step. I downloaded and ran Malwarebytes, the unhide program (i dont recall the proper name but the icon is a white briefcase with a red cross on it), and another program that I renamed to iexplore.com per the instructions. I was able to restore the desktop icons and full functionality of the computer after doing that process. Although I was never able to run TDSSKiller (even with the disguised version) or Kapersky...couldn't even install them.

Now I am living with the issue of the redirected search links. I can get to Google (or any other search engine) and search normally, but when I click the link that I want, it will take me to some other random website having nothing to do with my search (for example, i search for Bleeping Computer and click the link for www.bleepin... Read more

Answer:Malware or virus is redirecting search links but is not detectable with anti-virus/malware programs

Do not run any tools unless instructedDownload Listparts from hereFor 32 bitList parts 32For 64 bitList parts 64Launch it,click on SCAN,post the log

22 more replies
Relevance 77.14%

Hello,
 
My computer is definitely infected, both malware (Malware Bytes) and anti-virus (Avast) programs find tons of infected files, but neither program runs to completion (tried both in regular and safe mode, also tried the Avast boot scan). Also, when I tried enabling the Windows firewall, it told me that due to an unspecified problem Firewall settings could not be displayed.
 
Here is the DDS log:
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 7.0.6000.17080
Run by Danica at 11:11:07 on 2014-01-03
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1014.482 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\T-Mobile\InternetManager_H\DataCardMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Danica\Application Data\T-Mobile Internet Manager\ouc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Ap... Read more

Answer:Anti-virus, malware removal do not run to completion

I tried to install a third-party firewall, but after I did that, I would get a blue screen and the computer would not start up. I took it to a repair shop for them to try to figure it out.
 
Thanks.

2 more replies
Relevance 77.14%

Hello
yesterday i found out i cannot start AVG. I click it and nothing happens. When i click spybot it ask permission to run but then nothing happens.

I ran the guide on this forum (""Windows XP Malware Removal/Cleaning Procedure"".
Followed the procedure and downloaded Roguekiller, Mam, tdsskiller, hitman pro and mgtools. The results after installing the programms:
* Roguekiller: could not start the program (clicked it, asks permission, nothing happens)
* MAM:could not start the program (clicked it, asks permission, nothing happens)
* tdsskiller: could not start the program (clicked it, asks permission, nothing happens)
* hitman: The programm ran, found a bunch of malware. Did not remove it (as mentioned in the guide). Attached the log
* mgtools: It starst running in dos and then i get over and over a request to give permission in windows. I click yes and get the same request again. Over and over, but the programm does not run.

Attached are the log of hitman.

Please help me, don''t know what to do.

thnx
Ron
 

Answer:cannot run anti-virus and malware removal software

You have been infected with a file encryption program (CryptoWall). See the below:

http://www.enigmasoftware.com/cryptowallransomware-removal/

http://www.bleepingcomputer.com/forums/t/532879/cryptowall-new-variant-of-cryptodefense/page-4

http://www.malwarekillers.com/recover-files-encrypted-cryptowall-cryptodefense/

You will have to reinstall your OS. Many/most or all of your files may now be encrypted and may be unrecoverable. There is a chance that some could be recovered from System Restore or from Shadow Copy but normally it is only a small number compared to what is on your PC. If you are doing your part in securing your PC and personal files, you will have backups that you can restore from after reinstalling. If you have not been doing backs then you can now see why it is important to do backups.

Will Hitman Pro let you fix all it finds under the heading 'Malware' and 'Potential Unwanted Programs'?
 

3 more replies
Relevance 76.85%

Vista Ult. 32-bit, core2 2ghz proc, 2GB ram.
With all antivirus/etc uninstalled and rebooted,

dds.scr initially runs but does not scan or produce logs even after 10 minutes and locks up the machine.

Arc.txt log is 3.87MB and will not attach because its too big, yes it is a txt file.

aswMBR.txt is attached.

Please advise,
Doug
 aswMBR.txt   1.77KB
  1 downloads

Answer:Unknown Virus/Malware Defies Detection/Removal

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system. [/b]If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about y... Read more

2 more replies
Relevance 76.85%

This is my first time to post so I hope I am doing it right. I have Windows XP Pro, Svc pack 3, with Kaspersky Internet Security. About a week ago my Kaspersky console just disappeared. It show to still be active when I look in my Windows Security folder but I cannot access Kaspersky from anywhere on my computer, cannot run the Combofix program, cannot access my system restore, my computer sometimes freezes, sometimes tells me my keyboard is not working properly but I am using it obviously, so what to do? Below I have copied and pasted the DDS log. Would kindly appreciate any help offered! Thanks so much!
DDS (Ver_09-05-14.01) - NTFSx86
Run by HP at 14:58:38.73 on Tue 06/09/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.134 [GMT -5:00]

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE... Read more

Answer:unknown infection/virus/malware removal request

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 76.56%

My computer experienced Police Pro and/or Antivirus 2010 which disabled AVG 8.5 along with Malwarebytes, Norman Malware remover, spy doctor and Hijack This ... I have manually removed all registry items and files that I could locate and the computer does not show any sign of the virus while in safe mode, however it still will not run AVG scans or any other malware removal tools, so my assumption is that there is something still running that I am not seeing.

I tried to run RootRepeal, but it crashes if I request Files to be scanned. I then ran Win32kDiag and it appears to have run below is the log. Any help in getting AVG and a Malware removal tool running would be greatly appreciated!!!!!
Running from: C:\Documents and Settings\Owner\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Owner\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINNT'...

Found mount point : C:\WINNT\$hf_mig$\KB925454\KB925454

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\$hf_mig$\KB944533\KB944533

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\$hf_mig$\KB956390\KB956390

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINNT\&... Read more

Answer:Anti-virus and malware removal tools disabled

Hello vjc,Please refrain from making any changes to your system (updating, installing, removing, etc.) from now on as it might prolong handling your log and make the job for both of us more difficult.Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) "%userprofile%\desktop\win32kdiag.exe" -f -r into the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

55 more replies
Relevance 76.56%

Hello all,

In a nutshell, my computer is running hella slow and I cannot access one of my hard drives. I just recently ran a virus scan with AVG 7.5 and am using Comodo Firewall and even though it says everything is fine, its not.

Where it started
- About two months ago, I opened the music folder on my hard drive (Z:) and noticed my files from D-Z were nowhere to be found. The weird part was when I opened iTunes, I was able to play all of those files no problem and when I right click on a song and picked 'Get Info', the 'Where' path referenced the Z drive and music folder like it was there no problems. Later that month, I go to My Computer to see if the files are there. For one, it took my computer about 5 minutes to bring up all of the icons. When it finally displayed all of my drives, I noticed Z drive didn't show any remaining space. I try to open the Z drive and Windows gives me an error message saying the disc is not formatted; would I like to format now? I closed the box and immediately ran scans with AVG, Comodo, and Kapersky online scan. They cleared a lot of malware yet when I click My Computer it still is very slow to display all of my drives and of course, I can't access the Z drive.

Just before posting this, I just went through and checked all of my running programs and found these:

ctfmon.exe
llsass.exe
services.exe
spoolsv.exe
wdfmgr.exe
winlogon.exe
wuauclt.exe

I don't know what more to do. I don't want to start over an... Read more

Answer:Post Anti-virus/malware Removal - Worse Than Before!

Those are all normal as written . Is this an XP machine?

13 more replies
Relevance 106.19%

Running Win 7 Home Premium....laptop seemed to be shutting down randomly, so I thought there might be an overheating problem, but confirmed fan running. Shutdown frequency escalated and now startup completes through populating desktop and status bar, but nothing is clickable. Figured out that shutdown occurred when attempting manual virus scan. No matter what tool I used, system shutdown.

Booting up in Safe Mode works. Followed your procedures in Safe Mode. MGTools shut down the system, twice. Log attached is from 2nd run. Also, ran Malwarebytes in "Chameleon" and this was first of several times it ran without shutting system down.

Thank you in advance for your help!
 

Answer:Laptop Shuts Down When Running Anti-virus scans and won't complete boot up

You can rerun Hitman and have it fix all it found, but other than that, I am not finding any malware in your logs. I suggest you post in the software forum for further assistance.

Since you are not having any malware problems, it is time to do our final steps:

We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware. You can uninstall RogueKiller and HitManPro.
Go back to step 4 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
Go to add/remove programs and uninstall HijackThis.
Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
related to MGtools and some other items from our cleaning procedures.
After doing the above, you should work thru the below link

How to Protect yourself from malware!

Malware removal from a National Chain = $149
Malware removal from MajorGeeks = $0

 

1 more replies
Relevance 105.78%

I recently started using the various bootable anti-virus/malware scanners, like the Kaspersky's Rescue Disk.

However i am really interested in how do these bootable scans compare to the "normal" Windows run scans.

For example, would a maximum scan from Kaspersky Rescue Disk find as many malware/viruses as a max scan from Kaspersky Total Security?

Assuming both anti-virus/malware scanners are up to date (latest versions and databases), which is expected to reliably find and clean more viruses/malware?

Thank you for helping out
 

Answer:Are bootable anti-virus/malware scans as good as the "normal" ones?

These should be using the same databases and the same engines (especially if the bootable scan does an online update to get the latest), so the results should be similar. A bootable scan should also catch some viruses that may be detectable, but can hook into the system and prevent detection. A runtime scan may catch viruses that can only be detected while running (not sure if those exist).
 

1 more replies
Relevance 103.73%

Hi,Repeated popups and warnings led to a Google search on the Subject above and finding this forum.I initially attempted a "Restore Point" rollback but that would not complete successfully.I then completed the following -- Uninstall "XP Anti-Virus"- Ran SmitfraudFix- Ran SDFix- Ran ComboFix- Installed and Ran HijackThis(Attempted a "Fix Checked" without success of "O2 - BHO: (no name) - {EE5A1465-1E73-4784-8F63-45983FDF0DB8} - C:\WINDOWS\system32\awtuvULB.dll")- Installed and Ran SUPERAntiSpyware(found 0 errors or problems in any category)HijackThis still displays "O2 - BHO: (no name) - {EE5A1465-1E73-4784-8F63-45983FDF0DB8} - C:\WINDOWS\system32\awtuvULB.dll" which concerns me so I am posting so the guru's can check out the logs....As a newby to the forum I appreciate any help/advice :^) Thanks.Deckard's System Scanner v20071014.68Run by administrator on 2008-04-18 16:18:31Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 5 Restore Point(s) --96: 2008-04-18 23:18:37 UTC - RP324 - Deckard's System Scanner Restore Point95: 2008-04-18 22:49:23 UTC - RP323 - Installed SUPERAntiSpyware Free Edition94: 2008-04-18 21:40:02 UTC - RP322 - Restore Operation93: 2008-04-18 21:27:20 UTC - RP321 - Restor... Read more

Answer:Removal Of Xp Anti-virus, Privacy Protector, Error Cleaner And Spyware&malware Protection

Hello there and welcome to Bleeping Computer's security forum.My name is David, I will be helping you with your log today.It is a good idea to print off these instructions. There is a possibility some of the instructions will need to be carried out where internet access is not available. It is important that you complete the instructions in the right order, and that you don't miss out any steps.Please set your system to show all files. Click Start, open My Computer, select the Tools menu and click Folder Options.Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.Uncheck: Hide file extensions for known file typesUncheck the Hide protected operating system files (recommended) option.Click Yes to confirm.Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following if still present:O2 - BHO: (no name) - {EE5A1465-1E73-4784-8F63-45983FDF0DB8} - C:\WINDOWS\system32\awtuvULB.dllO20 - Winlogon Notify: awtuvULB - C:\WINDOWS\SYSTEM32\awtuvULB.dllO21 - SSODL: DriveSys - {7dc6ff88-ddc9-4b18-a143-ef3f8f110be0} - C:\WINDOWS\Resources\DriveSys.dll (file missing)O21 - SSODL: SysBoot - {fd5ffa08-e23f-467f-867a-8a5770344bc3} - C:\WINDOWS\Resources\SysBoot.dll (file missing)Click on Fix Checked when finished and exit HijackThis.Make sure your Internet Explorer is closed when you click Fix Checked!Open hijackthis, click 'conf... Read more

1 more replies
Relevance 102.09%

There is a virus on my computer. A new icon appeared in my taskbar (looks white with a vivid green dot in the middle). It calls itself 'Antivirus software' but its definitely fishy. it tries to run scans of my pc without asking me. when i click on the icon, it opens something called antivirus software, but on the taskbar it's called 'antivirus software demo'. a windows security alert bubble appears every 5 seconds telling me i.e my wuautlc.exe is infected (amongst many others). It wont let me turn on a scan from my antivirus (PandaCloud) or antimalware scan (Malwarebytes). It opens Internet explorer pages every 10minutes (eventhough i always use Firefox). Theres a small window opening on the bottom right of my screen every 5 minutes telling me my pc is infected, and then asks me to purchase this 'Antivirus software'. and Every 10minutes a main window opens in the middle of my screen telling the same.

I tried opening my pc on SafeMode with Networking. I cant use PandaCloud from there. I can use Malwarebytes but on SafeMode my computer turns off by itself after a few minutes.

I hope you know what I am referring to and you will be able to help! Thanks!
 

More replies
Relevance 101.27%

i have been trying to install kaspersky internet security on my computer. i have windows xp. when i try to install it it says i cant proceed with the installation as i have imcompatible software on my computer, which says av8. i uninstalled the avg antivirus software and cant find any more avg files but it still wont let me install the new antivirus still saying i have av8 files still on my computer. i am going out of my head trying to find it. Thanks.
 

Answer:anti virus complete removal

9 more replies
Relevance 101.27%

My Windows 8 computer has been infected with malware/adware. When I browse the internet there are ads displayed by edeals. I've followed many guides to removing it, but none have worked. I've scanned my pc with malwarebytes, adwcleaner, and junkware remover.
Here is the result of the scan with Adwcleaner: 
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Local]
# Operating system : Windows 8.1  (x64)
# Username : Jed - JEDPC
# Running from : C:\Users\Jed\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*origin.com;*ea.com;*akamaihd.net
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:12289
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [2109 bytes] - [24/05/2015 11:15:26]
AdwCleaner[R1].txt - ... Read more

More replies
Relevance 100.86%

Hello. I am working on a friends machine that seems to have a nasty infection. This machine is a dedicated server running Windows Server 2003 Web. Everything I am doing to it is via remote desktop which is making it a little more of a challenge. Web browsing on the server was incredibly slow when he asked me to take a look at it. I figured he was infected with something so I was going to try and install a few things on it and run a few scans, only to find that all of the sites that I found to use are blocked or disable by whatever is infecting the server. Any attempt to access an anti-virus or anti-malware website results in a message stating server cannot be found. Any other website can be accessed though.

There is an FTP server running on this machine, so I do have that availability to FTP to the server to get any file or program to it that I need to. Please just let me know what you need from me and I will get it up here as soon as I can. I am a fairly experienced user and can grasp things pretty easily. Thanks for your time, I greatly appreciate it.


Jamie

Answer:Malware Blocking all Anti-Malware/Anti Virus websites

If it doesn't block you from softpedia or download.com, the get the anti virus software from their sites instead. Hopefully it won't block them. When they are downloaded, rename the file names.

2 more replies
Relevance 100.86%

Are there any free, updated and/or recent Anti-Virus & Anti-Malware combos that could offer better protection than windows defender for windows 10?

Answer:Good Free Windows 10 Anti-Virus & Anti-Malware Combos

If you don't want to pay then I would recommend avast! Free Antivirus or Bitdefender Anti-virus Free Edition if you prefer not to use Windows 8/10 Defender.For more suggestions such as Sophos, Panda,and Avira see Choosing an Anti-Virus Program.Also see Supplementing your Anti-Virus Program with Anti-Malware Tools.

11 more replies
Relevance 100.86%

Yesterday, I had troubles with Windows live messenger where it (still) says:

"Windows Live Communications Platform has encountered a problem and needs to close. We are sorry for the inconvenience. "

although, the problem isnt about MSN. I found out that this problem was caused by having Malware on your computer. Hence, i decided to run a scan using Malwarebytes Anti-Malware (MBAM).

I noticed that my Avast was disabled and if i try enable it, it comes up with a window saying: the operation could not be completed.

My google searches also SOMETIMES get redirected to links that is clearly out of topic.
like if i google search the terms "malware wikipedia" and i click on the wikipedia link but i get redirected to some Myspace/Anz credit card crap.

Then this happened.
MBAM CRASHED after 2 mins of scanning -> tried to re-run MBAM but a window came up saying:
"Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."
I ran several other programs such as:
HJT -> scanned for 2 mins, then crashed (no logs were made)
SUPERAntiSpyware (SAS) -> scanned for 2 mins, then crashed
and same goes for any other programs that searched for any malware.
The only program that worked was TROJANHUNTER and came up with a couple of false positives
I also tried using Avira's Rescue CD (the one where you boot up with it and it does a scan)
A scan using Avira was also successful but failed to... Read more

Answer:Malware/Anti-virus tools wont run due to a rootkit/trojan/malware

i am having the exact same problem!
i have no clue what to do, any help would be amazing!

2 more replies
Relevance 100.45%

I am planning on purchasing one eventually but just in the mean time to keep things safe any recommendations?
 
I've just cleaned up my computer of random "free anti-virus software" that was downloaded over a period of time, and my computer is finally free and I wanna keep it that way! hehe
 
Any help is much appreciated.
 
 
Thank you,
Justin

Answer:Best free anti-virus/anti-malware/protection for Windows XP 32-bit

There is no universal "one size fits all" solution that works for everyone and there is no single best anti-virus. Every vendor's virus lab and program scanning engine is different. Each has has its own strengths and weaknesses and they often use a mix of technologies to detect and remove malware. In many cases choosing an anti-virus is a matter of personal preference and what works best on a particular system. You may need to experiment and find the one most suitable for your needs. Please read:Choosing an Anti-Virus ProgramHere are links to some recent BC discussion topics with opinions from other members:Best anti-virus software for windows 8? 2015Looking for recommended anti-virus softwaresWhat is the best antivirus protection?What's the best premium security suite in the market currently?Recommend a good free antivirus programWhich antivirus and malware programs should I use together?Antivirus Solution?Here are links to polls about this very subject:Poll: Best Antivirus and FirewallPoll: Best Anti-Spyware/Anti-Malware/On-Demand Scanner

19 more replies
Relevance 100.45%

Hi I'm reinstalling my operating system and starting everything over on my laptop, and need some good free sources for Anti-Virus and Anti-Malware and any other programs I should start fresh with to make sure everything stays safe and protected.
Thanks,
Mike

Answer:Windows 7 Home Premium - Need Anti-Virus and Anti-Malware

Microsoft Security Essentials, Avast 8 or Avira
Malwarebytes
Spywareblaster
SuperAntispyware
All Free Versions and most of all -> http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

1 more replies
Relevance 100.45%

Hi, A suspicious SVCHOST.exe just popped into my startup list. I bet it's not the only one causing my sudden computer slowdwon. I attached my HijackThis log and I hope someone gets to help me. Thanks!

Answer:Malware. Unable to Update any Anti Virus/Malware Program

Hello and welcome to TSF.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

1 more replies
Relevance 100.45%

Last week I discovered that my computer had the Windows Pro Defender Malware, so I followed a guide on this website to remove it. Fortunately the process worked, but unfortunately I now have a Google redirect virus that takes me to advertising and other parked sites. I have tried multiple malware and virus removing programs but have not had any luck. Can anyone help?

More replies
Relevance 99.63%

OK, so last week I got a really nasty virus/malware. A program called "defender" got installed onto my computer, ever since my computers hasn't been the same. Whenever I turned the computer on this fake virus scanner called "defender" would come on and not let me do anything on my computer, wouldn't let me open task manager to kill the program. Some how I managed to take it off using msconfig on safe mode. Ever since my registry is all messed up, Windows hasn't been updating, programs won't load sometimes, High cpu usage, and computer won't shut down, random site open up while I'm on the browser. I did virus scan with ESET and Spyboy search and destroy, and my computer seem's clean but I'm still having problems.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:09:11 AM, on 8/29/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17099)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Progra... Read more

Answer:"DEFENDER" Virus, Spyware, Malware Removal! HELP

helpp??!
 

1 more replies
Relevance 99.63%

Hello,
One of the family's machines recently ( few months ago ) was force fed Windows 10 Home.
Typically on our other machines ( Windows 7 and 8 ), I use Avast Free to run in the background and SUPERAntispyware and Malwarebytes I run as standalones. I use a Limited User account for any internet facing activities.
I see Windows 10 comes with Windows Defender.
Is this enough?
What's the general consensus if there is one.
Any suggestions would be appreciated.
Thank you for your time.
 

Answer:New To Windows 10 Anti-Virus/Anti-malware Question

6 more replies
Relevance 98.4%

The first thing that happens when I start up my computer, each and every time, is something called "ViewMgr" tells me that it has encountered a problem and must close. Then it proceeds to tell me that it has filled out a crash report and wants to send it to Microsoft, a la Mozilla Firefox crash reports. I usually ignore this.

Then something called Windows Anti-Virus Pro opens, in pop-up form, which is something that I cannot close. I have researched this on other sites and found out that it is malware/"ransomware" and that it is somewhat similar to the Anti-Virus 360 malware.

At a certain point, SpyBot popped up in a new window and told me about the impending threat of Anti-Virus Pro. I tried using SpyBot (which had previously been incapacitated, along with AVG and Ad-Aware) to delete Anti-Virus, but this was in vain. The SpyBot window would not close, either. I retreived the destination of Anti-Virus Pro from the unclosable SpyBot window (it was in Program Files) and proceeded to try to delete it on my own. It wouldn't let me. I then went into the Anti-Virus folder and deleted all the components I could except for antivirus.exe, which I just changed the extension of. After this I was able to eventually delete it, but when I restarted my computer, it came back.

On another website I was recommended to retrieve the latest program from malwarebytes.org and download it. I did that, but it will not open/run. A window comes up each time I click on it whic... Read more

Answer:"Windows" Anti-Virus Pro and other malware

Rename this file:C:\Program Files\Malwarebytes' Anti-Malware\mbam.exeto this:winlogon.exeThen double-click the renamed file and see if it will run.

9 more replies
Relevance 97.99%

Hi,
 
I am unable to install updates for Windows Defender, Windows itself and various anti-virus and anti-malware tools.
Sometimes the anti-virus and anti-malware tools even refuse to download and/or install at all.
 
When I do succeed in installing them, something is blocking the virus definition updates.
The programs do run, but can never update them after the initial installation. Result: I'm running with massively outdated virus definitions.
 
I'd like to avoid having to wipe the disk and re-install windows from scratch.
 
 
contents of the FRST.txt file:
 
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 27-11-2016
Gestart door Minke (Beheerder) op PC-MINKE (30-11-2016 12:24:58)
Gestart vanaf D:\
Geladen Profielen: Minke (Beschikbare Profielen: Minke)
Platform: Windows 10 Pro Versie 1511 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Edge)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Malwarebyte... Read more

More replies
Relevance 97.99%

Hi,
 
I am unable to install updates for Windows Defender, Windows itself and various anti-virus and anti-malware tools.
Sometimes the anti-virus and anti-malware tools even refuse to download and/or install at all.
 
When I do succeed in installing them, something is blocking the virus definition updates.
The programs do run, but can never update them after the initial installation. Result: I'm running with massively outdated virus definitions.
 
I'd like to avoid having to wipe the disk and re-install windows from scratch.
 
 
contents of the FRST.txt file:
 
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 27-11-2016
Gestart door Minke (Beheerder) op PC-MINKE (30-11-2016 12:24:58)
Gestart vanaf D:\
Geladen Profielen: Minke (Beschikbare Profielen: Minke)
Platform: Windows 10 Pro Versie 1511 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Edge)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Malwarebyte... Read more

More replies
Relevance 97.99%

I was looking through images on Google's Image search and then all of a sudden, when I opened one of the images on my screen, a message poped up on my screen saying I had a virus. Even though the message looked like an anti-virus program, I knew it wasn't mine. I have CA anti-virus.

So I closed all of my Internet Explorers and when they wouldn't close, so I restarted my computer.

Now the Windows Start button (and bar) doesn't appear. I called my husband who had the same problem at work and he said I should post a message here and wait for instructions before doing anything else. He told me to launch programs through Ctrl+Alt+Delete (then File, then New Task) in the meantime. This is OK but I really want my computer (and Internet Explorer) back!

My log files, as per your instructions, DDS log is below (and Attach and GMER are attached)...

Thankyou thankyou thankyou thankyou!

- Jem

PS: I have Windows XP Professional with service pack 3.

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Jemma Jacks at 21:38:54.89 on Thu 10/03/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.2046.1579 [GMT 11:00]
.
AV: CA Anti-Virus *Enabled/Updated* {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}
FW: CA Personal Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchos... Read more

Answer:Help! Unknown Virus/Malware + Windows XP broken

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far. Upon completing the steps below another staff member will review your topic an do their best to resolve your issues. If you have already posted a DDS log, please do so again, as your situation may have changed. Use the 'Add Reply' and add the new log to this thread. Thanks and again sorry for the delay. We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explaination about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that... Read more

14 more replies
Relevance 97.99%

Hey Everyone

I am looking for a little direction. I am helping out a friend who was complaining that when he used IE 7 he had problems going to the sites after doing a search. I.e he would search on google see the hits and when he would click on the links it would take him to another site.

I ran Vundofix with no results. I have since tried SpyBot, Combofix, SuperAntiSpyWare, and Malwarebytes and none of them will run. Spybot and MalwareBytes install but will not come up. Combofix and Super will not even install.

The only things I can run are CCleaner and Windows Live Oncenter which did remove some trojans.

Any ideas on what to do? I have tried it in safe mode and have turned off the firewall just to make sure.

Thanks this has been very frustrating.

P
 

Answer:Can't run any malware/virus scans on PC

Welcome to Major Geeks!

Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.

If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
TDSSserv Non-Plug & Play Driver Disable

If something does not run, write down the info to explain to us later but keep on going.
Do not assume that because one step does not work that they all will not.
READ & RUN ME FIRST. Malware Removal Guide

After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:
If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. ... Read more

1 more replies
Relevance 97.99%

There's something fishy going on with my computer-the "shut down" button is gone from the "Start" menu and the task manager has been disabled.  After doing all the steps listed in the Malware Removal Post by evilfantasy, the task manager is now available, but the "shut down" button is still missing from the "Start" menu.  Attached are the logs from SUPER Antispy, Malwarebytes' Anti-Malware, and HJT.  Thanks for everything, please advise if I need to do anything else!!  [attachment deleted by admin]

Answer:Virus/Malware Scans

You have Viewpoint installed.Viewpoint Media Player/Manager/Toolbar is considered as Foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".More information: ViewMgr.exe - UselessViewpoint To Track Browsing, Serve AdsViewpoint to Plunge Into AdwareIt is suggested to remove the program now.Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present. Viewpoint Viewpoint Manager Viewpoint Media Player Viewpoint Toolbar Viewpoint Experience Technology.----------Before you begin the SDFix instructions you should copy these instructions in a Notepad file and save them to your desktop or print them for easy reference. Much of SDFix will be done in Safe mode and you will be unable to access this web page after booting into Safe mode.Download SDFix by AndyManchesta and save it to your desktop.When using this tool, you must use the Administrator's account or an account with Administrative rightsNow, double-click on the SDFix icon that should now be residing on your      desktop. If a Open File - Security Warning box opens, click      on the Run button.A window will now open showing SDFix being extracted into the C:\SDFix folder.      Once the installation program has finished extracting SDFix, it will open      a Notepad with further instructions.DO NOT use it just yet.Reboot your computer in Safe ... Read more

1 more replies
Relevance 97.58%

Recently I have had some BSOD problems with my computer. After posting to the forums my crash dumps, I was recommended to try uninstalling AVG as it could be the culprit. So far so good and I have not had any blue screens.

Upon uninstalling AVG I have been using Microsoft Security Essentials. I have also heard really good things about Malwarebytes and have being using that as well just the free version though. My question being, is running MSE and Malwarebytes enough protection or should I be using some other type of protection? Should I upgrade to the pro version of Malwarebytes to get the realtime protection? I have heard mixed things about MSE so thats why I asked.

Answer:Anti Virus/ Anti-Malware for Windows 8.1

I had the same problem myself, everything from blue screens to system freezing and / or taking big performance hits when I used other antivirus products. I have tried most if not all the better known antivirus solutions and every one of them messes with 8.1 in one way or another. The thing is once you uninstall them the system runs fine, kind of makes you wonder if Microsoft has done this on purpose to push their own security software.

From what I understand Windows Defender is not the same as Microsoft Security Essentials, I have been told it is kind of a step up and works better, this remains to be seen as I have had no alerts from it as of yet.
If you can afford it I would go with Malwarebytes Pro, if not for nothing else for the real time protection, I have it and it has saved my butt more than one.

One more thing you want to consider is with all the Cryptographic Ransom viruses in the wild these days is Crypto Prevent, it is supposed to block all those Cryptology ransom viruses, you can get it here : CryptoPrevent | Computer Technician - PC Repair Software |Foolish IT LLC the free version you have to update manually, the paid version will update itself.

You can also try Hitman Pro Alert beta which is basically the same thing as Crypto Prevent, you can get that here: HitmanPro.Alert CryptoGuard - SurfRight . There is no need to run both, one or the other is fine.

7 more replies
Relevance 97.58%

I have Inspiron 14 with windows 10. I have "Malware bytes Antimalware, and had installed Avast anti virus. Avast was interfering with system restore, and its "start" could not be disabled using Task Master. So I had to uninstall it. Which "antivirus" would be best for my system?

Thanks
Preet
 

Answer:Best anti malware & anti virus foe windows 10

windows 10 comes with windows defender, so you could use that
 

2 more replies
Relevance 97.17%

Recently bought a Lenovo Ideapad 100 with Windows 10.

It came with McAfee pre-installed.

Yesterday the unmentionable happened. Miscreants in foreign parts attacked my computer, and then tried to ransom it back.

Right now I am doing a factory reset.

Question is: What is best combination of protections to use on Windows 10 to prevent this from happening again? Ad-Aware, AVG, Avast?

[After I uninstall McAfee, of course.]

I would prefer something that is FREE!

What do you recommend?

Thanks much,

cashcqshel


Specs are:

NEW Lenovo Ideapad 15.6 Intel i3-5020U @ 2.2Ghz 8GB Ram 500GB Windows 10 DVD+-RW 100-15IBD

Features
Intel Core i3-5020U Processor (2.20GHz)
8GB RAM
500GB HD
15.6" LED Backlit Display
Optical Drive (DVD Drive): DVD +/-RW
Built in high definition webcam and microphone
1 USB 3.0 port, 2 USB 2.0 ports and HDMI port
WiFi and Ethernet
Primary Color:Black
Microsoft Windows 10 64-bit Operating System
US retail version and only includes a USA style wall plug

And further detail:
<<< System >>> Manufacturer: LENOVO Product Name: 80QQ SKU: LENOVO_MT_80QQ_BU_idea_FM_Lenovo ideapad 100-15IBD Device Name: LAPTOP-UDR0CSE8 Device ID: cbabd3a0-3bb1-c2fb-e8b6-87124c7c0ed2 Root Device Manufacturer: Lenovo Root Device Model: 80QQ Root Device Category: Computer.AllInOne Internal Storage Capacity: 421.49 GB Internal Storage Free Space: 371.22 GB External Storage Capacity: 0 MB External Storage Free Spa... Read more

Answer:Best FREE anti-virus/malware for Windows 10

Stay with the built-in Windows Defender and add Malwarebytes.

4 more replies
Relevance 97.17%

I hope someone can help me with a problem I'm having with some Malware.

I downloaded AVG Anti-Virus and have been running it on a regularly scheduled basis - once per day - every day at noon. I've been doing this for about six months without any problems.

I did have a problem once before however and I'm having that same problem now.

I was running along this morning and all of a sudden I received some very scary messages from Windows saying that my system had been infected and that some trojan was attempthing to steal my personal info. I'm so sorry that I didn't stop and write down the exact messages. But, I'm certain they came from Windows and not from AVG.

At any rate, I tried to follow along with the instructions to get rid of the malware. But this was extremely complicated and frustrating. I was basically told to just keep pointing and clicking and the malware would be removed if I just followed along. The first thing that happened was that it told me to click on some download that would run an Anti-Virus program. But I couldn't be sure if this was part of the Windows solution or if it was part of the Malware attempting to get me to run some executable that would really cause me a problem.

In any case, I tried to run the downloaded Anit-Virus EXE file. But it wouldn't let me run it first of all saying that it didn't recognize the publisher and then saying it wasn't a valid Win32 App. Well, that really scared me because... Read more

More replies
Relevance 97.17%

Okay, I was on here on the Dec 22 or so, but then this awful bug wouldn't let me on the internet except to porn sites. FUN! I got someone to burn me a malwarebytes and got the computer running but couldn't get to the internet and had already removed AVG to put on Avast. I am on the net again with avast, but I am still running slow and Avast says I have something in my memory that it has not been able to remove. I do not have sound any longer either. I am running Windows XP. I am going to download Hijackthis and post the log. Plesse help, I don't want to have to back it up and restore. Also it will not let me restore to any earlier date.
 

Answer:Windows 2010 Anti Virus malware

12 more replies
Relevance 97.17%

Hello,

It started with search results being redirected, then my Mcafee suite not scanning or being able to update. Any downloaded virus protection, malware blocker, etc WILL NOT RUN. Including HijackThis, Malwarebytes, Superspyblocker, Panda, etc etc.

Then it shut down Internet Explorer, and it prevents me from reloading it (now browsing on Firefox, while it lasts)

Tried Secure2k's boot cd on the mcafee forums - did not help, so came here.

DDS will not run or has been prevented from running.

GMER runs, then crashes, then the blue screen of death, then my computer restarts a few times automatically before its "normal" again.

So I cannot post any logs whatsoever.

Having some real problems here, please help.

Answer:[SOLVED] Unknown malware/rootkit/virus stpping virus protection and redirecting searc

BUMP, please

1 more replies
Relevance 97.17%

I found Windows Police Pro on my wife's laptop. I was able to delete some associated files but dont think I have them all. I have stopped it from popping up and can navigate through the command line in safe mode and the internet if I start a browser through the task manager. I can run spyware doctor and have several times but cannot run malwarebytes, spynomore, or spybot search and destroy. I tried to follow the instructions on this site for what to do before I made this post regarding malware but both dds and root repeal were stopped mid scan before the logs were created. I have seen references to combo fix but also suggestions not to run it unless directed to do so. The desktop will load the background but no icons or start menu. Any advice is appreciated.

Answer:Anti Malware scans shut down - Windows Police Pro

Try this application and then immediately run DDS and Root RepealIf it doesn't work please post back hereRkill.scrhttp://download.bleepingcomputer.com/grinler/rkill.scrWhen you double-click on the Desktop icon, a small DOS window will open and the application will run on it's ownIt should only take a few minutes and it will close by itselfDo not reboot the machine

10 more replies
Relevance 96.76%

For the last week or so, my computer has been opening dozens of Internet Explorer windows, taking me to random advertising sites. This occurs when I am using other programs, or when my computer sits idle. FYI, I never open IE in the first place. I only use fire fox these days.

Less often, my AVG will occasionally alert me that its online shield has blocked some items from getting into my computer. For example, AVG's Online Shield findings reads as follows:

Online Shield findings
Infection;"Object";"Result";"Detection time";"Object Type";"Process"
Exploit Rogue Scanner (type 1349);"xosozyk.co.cc/?id=06abQDc9";"Object was blocked";"10/21/2010, 12:58:23 PM";"file";"C:\WINDOWS\explorer.exe"
Exploit Rogue Scanner (type 1349);"xosozyk.co.cc/?id=06abQDcx";"Object was blocked";"10/21/2010, 12:37:26 PM";"file";"C:\WINDOWS\explorer.exe"

If it helps, my AVG virus vault reads as follows:

"Warning";"Found Tracking cookie.Advertising";"C:\Documents and Settings\TY$\Cookies\ty$@advertising[1].txt";"N/A";"9/23/2010, 10:56:37 AM"
"Infection";"Virus found Exploit";"c:\Documents and Settings\TY$\Local Settings\Temporary Internet Files\Content.IE5\80D74WVJ\index[3].htm&quo... Read more

Answer:Unknown virus or malware, opens dozens of IE windows

Hi,

Your post is a few days old. If you still need help simply reply back.

34 more replies
Relevance 96.76%

...should you always be in safe mode?
...how about an online scan...possible to do so in safe-mode and go online?
thanks...
 

Answer:when doing scans for virus' and spyware, malware, etc..

answered my own question...safe mode + networking = yes.

 

1 more replies
Relevance 96.76%

New to this but anyway, I have successfully removed stuff and junk from the old box but this one has me stumped. I have scanned with Malwarebytes, Spybot, Adware and Avast and nothing is recognizing that I have something going on. Hit a site yesterday that wanted to "scan" my computer. Avast caught it right way but when I hit "Abort Connection" it started to do it's little trick anyway, defeating my Avast and disabling the resident Scanner. Before writing down any info (like a rookie) I panicked and Xed out of Firefox. This morning when I went to take it out of Stand By it was froze. So I reluctantly rebooted and went strait to the Scanners above. All four of them said "No Prob" "0" infected files.

Still can execute in Safe Mode but the system completely freezes up after about 2 min of use in normal mode causing me to reboot. So what the hell do I do now. Hopefully you say, "Back up all your stuff and Buy another computer "

I run my own business and don't have a lot of time to mess with this and if it's going to cost $100+ to send it in, then I may as well just spend the few extra $100 to get a new tower. I know that is a little dramatic but as you can see I'm a little worried.

"Give me, give me. I need, I need" Bill Murray, What about Bob

Thanks

Bob

Answer:virus/malware not showing up on scans

It ended up being my registry. I downloaded "Free Windows Registry Repair" and it did the trick. I also went to Window Safety Check and did a scan

1 more replies
Relevance 96.76%

Hello,

Thank you in advance for your help. My name is Chris. I am attempting to fix and clean my friends computer, however it is giving me some problems. The hijack, dds, and attach logs are posted below. This is a 64bit system so I didn't do the other scan. And by the way, If all you want to view is the logs just scroll to the part where you see a row of smiley's and thumbs up. The Hijack log starts immediately after. You may see a log before the row of smileys but thats a malwarebytes log that I posted during the explanation of the steps I have taken so far. The first few paragraph's is me rambling on about what I've done so far, and you probably don't even need to know hence is why you ask people to copy the 3-4 logs in their postings, but it makes me feel better that I explained it lol.

I would consider myself to be above average when it comes to removing viruses, malware, etc..When I first got the laptop in my possession it booted right up and the first error message I got, after windows had already started, was something like this:

error: c:/users/jameson/appdata/local/easybits/hjpasmpe.dll missing entry: register change callback

I'm not sure if this has something to do with the virus or if my friend ran a spyware program that deleted a necessary registry file by accident. I first established a network connection which said I was connected to the Internet but could not access the web with any browser installed on the pc. I checked to s... Read more

Answer:FBI Virus / other malware - ALL SCANS POSTED

51 views but no replys must mean this laptop is all jacked up lol. Here is an update.....

I was finally able to download AVG 2013 Free and installed the complete protection trial for 30 days to make sure it would catch everything possible. I ran the scan overnight and this morning I checked it and saw something I've never seen before. This pc has to be bad off ....

The AVG detected 40 something trogjans and multiple corrupted executable files which it says it fixed. However, it couldn't fix an infected rootkit that reads - Rootkit.TDSS.TDL4 (Master Boot Record) and it couldn't fix multiple anti-rootkits that read - IRP hook, \Driver\iaStor IRP_MJ_CLOSE-> 0xFFFFFA800529274C. The other ones like that all start the same but instead of where it says "CLOSE" in the one above the others say "SET_SECURITY" "SHUTDOWN" "SYSTEM_CONTROL" "WRITE"

I'm assuming this pc is infected with multiple viruses and has been for some time now. The guy who owned this pc lives on campus at a large university and he said many people used his computer for the last few years. I would like to post the log but I don't want to do anything right now with the AVG because I don't want to remove all the TROJANS it found for a good reason. (PLEASE READ THIS PART IF YOU ARE THE VOLUNTEER THAT IS GOING TO HELP ME.)

In the 40 something Trojans AVG found some of them seem like ok files associated with ok programs. One of the fil... Read more

2 more replies
Relevance 96.76%

Hey, I?m really stuck on a problem and I hope someone can help me.

A few days ago, my AVG Free informed me that a virus had been found, so I performed a full system scan. Unfortunately, the scan froze a few minutes after it began, and I had to terminate the program because it wasn?t responding. Then I ran Spybot and AdAware. AdAware ran for about 5 minutes, picking up 2 critical objects, and then also decided to freeze. With Spybot, the scan was ridiculously slow, but was still scanning at least. Then, after 5 hours, it too decided to freeze. I ran these programs again, thinking I could pause or stop the scan after an infection was found and try and remove it there and then, but I couldn?t, because it would just freeze as soon as I hit pause and/or stop. They don?t all freeze at the same point either, in case that matters (though both AVG, McAfee Stinger and McAfee Online froze at "activeskin.ocx").

Then I ran Trend Micro Housecall, Ewido, Panda, and a-squared online scanners. All these programs, after scanning through a few files, would freeze and become unresponsive. No error messages or anything. I downloaded the Ewido Anti-Spyware software, which did the same thing. There was definitely some sort of pattern emerging here.

I thought perhaps there were inconsistencies in my hard drive that were causing problems in the scan, so I ran chkdsk, which told me everything was fine.

Now before some of these programs froze, they picked up a few things. Trend Micro pi... Read more

Answer:Have Virus But All Malware Scans Freeze

Hi,with these problems i think your best bet is to submit a Hjt log to the forum and let one of the experts look over it and working together you can sort this out.If you need a link as to what to do.... click this....Preparation Guide if you scroll down this link it will tell you exactly what to do.Please remember..... once you submit a Hjt log...... please do not alter anything or try to change anything on your computer. (as this could well change your log)Good luck.

1 more replies
Relevance 96.76%

What are the best scans I can preform to make sure my computer is virus/malaware free?Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum.~ Animal

Answer:Best free virus/malware scans?

Just like with anti-virus programs...there is no universal "one size fits all" solution that works for everyone and there is no single best anti-malware solution to supplement your existing security protection. You may need to experiment and find the most suitable combination for your needs.
Please see: Supplementing your Anti-Virus Program with Anti-Malware Tools
 
List of Free Scan & Disinfection Tools which can be used to supplement your anti-virus and anti-spyware or get a second opinion:
Malwarebytes Anti-Malware
SUPERAntiSypware Free
Kaspersky Virus Removal Tool
Sophos Virus Removal Tool
ESET Rogue Applications (ERA) Remover - How do I use the ESET Rogue Application Remover (ERAR)
Panda Cloud Cleaner - How to disinfect computer with Panda Cloud Cleaner
Dr.Web CureIt
Hitman Pro
HitmanPro.Kickstart
SecureAPlus Freemium <- comes with a one-year free user license
MicroWorld eScan AntiVirus Toolkit (MWAV)
Microsoft Safety Scanner
Norman Malware Cleaner
Windows Defender Offline
McAfee Labs Stinger Tool
Trend Micro Fake Antivirus (FakeAV) Removal Tool
Trend Micro System Cleaner
VIPRE Rescue
Note: Many of these tools are stand-alone applications contained within zipped files...meaning they require no installation so after extraction, they can be copied to and run from usb drives.
You can always supplement your anti-virus or get a second opinion by performing an Online Virus Scan. ESET is one of the more effective online scanners.Not so Free malware scanning/removal ... Read more

1 more replies
Relevance 96.76%

Hi there.

Two days ago I was sent a fake youtube link through YIM. I clicked on the link not knowing it was a fake. It started with a letter G before the words youtube on the URL. Once I clicked on it, it took me to a page that appeared to be a youtube page. Once there, it said that I had to update my Adobe in order to see the video. Well, like an idiot I clicked on it and all he-- broke loose. I now don't have access to use any of the following on my computer: Safe Mode, System Restore, Spybot Search and Destroy, AVG, Super Antispyware, or Ccleaner. If I hit F8 after rebooting the computer, it takes me to the black screen where I can choose Safe Mode. Once there, I pick safe mode and it brings me back to the same black screen over and over again. When I try to do system restore, it says it's disabled my group policy. I've searched high and low to try to fix the System Restore problem and it just won't let me. Can someone please help me? I'm going crazy over here. Thanks so much.
 

Answer:Fake youtube link gave me a virus, disabled spyware/malware/anti-virus

You can try doing this:

Here is the link to the MS article How to recover from a corrupt registry.
 

5 more replies
Relevance 96.76%

Hi,

I'm using windows 7 and cannot format right now because I have school. The problem is I cannot access anti-virus websites and I keep getting random popups. I tried cleaning it out with spybot,malwarebytes, Avast anti-virus, and removing stuff in hijack this with no luck it keeps coming back. Any suggestions?

Answer:Malware/Virus issue cannot access Anti-Virus sites and havae random popups

Here is more info: When I goto google and type bleeping computers the links come up. I press the link it redirects me to advertising site. Here is my malwarebytes first log file

Malwarebytes' Anti-Malware 1.38
Database version: 2381
Windows 6.1.7127

7/6/2009 11:45:58 AM
mbam-log-2009-07-06 (11-45-57).txt

Scan type: Full Scan (C:\|)
Objects scanned: 201253
Time elapsed: 25 minute(s), 24 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 18
Registry Data Items Infected: 9
Folders Infected: 2
Files Infected: 316

Memory Processes Infected:
C:\Windows\Fonts\services.exe (Worm.Archive) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{d76ab2a1-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d76ab2a1-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d76ab2a1-00f3-42bd-f434-00bbc39c8953} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\drv (Rootkit.Agent) -> Quarantined and deleted successfully.
HKE... Read more

2 more replies
Relevance 96.76%

Hi there.

Two days ago I was sent a fake youtube link through YIM. I clicked on the link not knowing it was a fake. It started with a letter G before the words youtube on the URL. Once I clicked on it, it took me to a page that appeared to be a youtube page. Once there, it said that I had to update my Adobe in order to see the video. Well, like an idiot I clicked on it and all he-- broke loose. I now don't have access to use any of the following on my computer: Safe Mode, System Restore, Spybot Search and Destroy, AVG, Super Antispyware, or Ccleaner. If I hit F8 after rebooting the computer, it takes me to the black screen where I can choose Safe Mode. Once there, I pick safe mode and it brings me back to the same black screen over and over again. When I try to do system restore, it says it's disabled by group policy. I've searched high and low to try to fix the System Restore problem and it just won't let me. Can someone please help me? I'm going crazy over here. Thanks so much.
 

Answer:Fake youtube link gave me a virus, disabled spyware/malware/anti-virus

Hello again.

I have realized that I have this lingering around somewhere in my computer. $McRebootA5E6DEAA56$

Would anyone be able to tell me how I go about trying to find out in which folder this is at? I found this running when I entered msconfig on the Run field.
 

1 more replies
Relevance 96.76%

I'm new here. I just found this site on Google search because I just got a second virus, or maybe its the old one popping up again, I don't know.

First off, the old one: Basically a couple of months ago I was downloading some free software from a website and I got from what I can decipher the Security Tool virus. I looked online and tried a couple of methods of getting rid of it one being doing some stuff (I don't remember exactly what) and deleting the file and one being downloading a program. I thought that they worked, but there must be remnants because my ISP put a secured sites block on me because weeks later it was sending out bulk email. Anyways, I was just living with that until I was going to take it in somewhere.

Now I don't know how I did it this time, but I keep getting stuff popping up all over the place saying Vista AntiMalware - Unregistered Version and telling me I need to upgrade. Another thing says Keylogger Detected. Another one keeps popping up asking me to buy an unnamed product with a green check mark on the front. It says I have a Spyware infection where all the startup icons appear. It says I have harmful viruses.

It flashes something called Trojanaspx.js.win32.

What's the first step I should take?

More replies
Relevance 96.35%

I discovered yesterday afternoon that links on my Google searches were being redirected. I also now have a second tab that opens when I open Firefox that goes to a random spam site. I looked up the problem and it looked like I had the Google Redirect Virus, so I tried to update and run my anti-virus, anti-malware, anti-spyware, etc. programs.

I have Windows Vista on a Lenovo T61.
- Spybot updated and ran, but said that my computer was clean.
- Symantec Endpoint Protection will not allow me to turn on anti-virus / anti-spyware protection. LiveUpdate has never worked on my system, so I've been without Proactive Threat Protection since 2008, but usually the Anti-Virus / Anti-Spyware protection runs. When I try to turn it on (click "fix"), the program goes unresponsive and does nothing.
- I updated AntiMalwarebytes, and now the program will not open. It gives me a message that says, "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."
- Windows Firewall was turned off, and the first three times I tried to turn it back on, the computer gave me the same message: "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." I just accessed it from Control Panel to check again, and it turned back on. I have no idea what is different this time.
- Windows Defender is also out of date, but at this point I'm ner... Read more

Answer:Google Redirect Virus, and all anti-virus / malware /etc. has been disabled

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Please download DummyCreator.zip and unzip it.Run the tool.Copy and paste the following into the edit box:

C:\Windows\1559749327
Press Create button and post the content of the Result.txt.

Important: Restart the computer.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is... Read more

31 more replies
Relevance 96.35%

Hello, and thank you in advance for your help.

I have been through the whole Preparation Guide and have the logs ready to post here.

I have a computer, running windows XP that has a virus or malware that disables or shuts down anti virus software or other programs. I had some trouble getting the GMER scan to complete since it would run for hours then shut down at some point. So after 3 attempts I saved the initial findings that load and have them here to post.

I have no idea what type of virus this is, so I need help determining what to do next.

I have attached the Attach.txt file (from the DDS scan) as well as the ark.txt file from the GMER scan.

Thanks,
DaddyOf3

DDS Log here:
DDS (Ver_10-12-12.02) - NTFSx86
Run by HP_Administrator at 16:09:25.03 on Sun 12/26/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.139 [GMT -8:00]

AV: avast! Antivirus *Enabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\svchasts.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\... Read more

Answer:Virus or Malware that Disables Anti Virus Software and other programs

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for post... Read more

60 more replies
Relevance 96.35%

I have a Windows XP Home laptop and I am unable to access any anti-virus websites for updates. Also tried installing Ad-aware but it failed. Malwarebytes found 2 objects but could not delete them on restart. Here are the results from DDS and the GMER results attached. What are the next steps?

Thanks in advance!


DDS (Ver_09-11-24.02) - NTFSx86
Run by Zeny at 14:35:07.86 on Wed 11/25/2009
Internet Explorer: 6.0.2800.1106
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.447.203 [GMT -8:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\carpserv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\America Online 9.0a\aoltray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AOL Companion\companion.exe
C:\Documents and Setting... Read more

Answer:Virus/Malware preventing access to Anti-Virus Sites

Haven't received any responses yet . . . bumping.

Thank you.

16 more replies
Relevance 95.94%

i have Vista Basic edition
a few weeks ago i opened an email on my laptop that i shouldnt have

i've got a virus or something now that redirects all my google and yahoo searches, it wont let windows defender update, and for a while had my computer completely at its knees by crippling my browser completely, and not allowing the vista systems disk to crash my computer and just start off a'new.

THAT has been resolved, but there are still some problems that are seeping through more and more

i have the free version of avast! i've run hijackthis and advanced systemcare

i've got my browsers up and working again, i havent tried to wipe the computer clean yet cause i really dont want to lose everything i have.

currently, as i've stated search engines redirect all my searches to bullbleep ads and other sites trying to get me to download crap
and windows defender cannot update

it says that it cant check for updates and says error code: code 0x80244019

when i run systemcare and it hits security analyzer it says that there is a problem and gives me "suggestions" but seeing as im not a computer expert i dont know what to do with it

please help i really would like to have my computer running like its healthy self self again
thank you in advance for any help i receive
and if there is anything i wasnt very clear on please let me know, im really bad at explaining things and will try again

Answer:windows defender error code 0x90244019 [computer infected with virus or malware]

Welcome to BCTHAT has been resolved, but there are still some problems that are seeping through more and moreYou are still infectedThe process of cleaning your computer may require you to temporarily disable some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When ... Read more

3 more replies
Relevance 95.53%

Hi, I've been having some problems with my computer ever since I got some alerts from Norton internet security that intrusion attempts had been made.
 
For example when I go to the hotmail log in page in IE8 there is just a blank white screen, and youtube videos just show as a black box. Other web sites have similar problems. My broadband speed has also become very slow, at only 0.19 mbps when it should be at least 2 mbps (although this might not be related, could be a separate fault on the phone line). I have also noticed that software I've installed recently is not listed in the add/remove programs list in the control panel, so I can't uninstall it.
 
I have Norton internet security running with live update, I have Spywareblaster installed, and I have run scans with AdAware, Malwarebytes Anti-Malware, Super Antispyware, Windows Defender, and online virus scanners from Panda, trend micro housecall, ESET, Kaspersky and probably some others I've forgotten now!
 
None of the scans have found anything except some tracking cookies, so what can I do now? Should I do a Hijack this log or some other advanced stuff? Could someone guide me through what to do?
 
The computer is an old desktop with Intel pentium 4 3.06Ghz CPU, 512mb RAM and Windows XP with SP3. 
 
Thanks for your help 

Answer:Think I'm infected, but virus/malware scans not finding anything

Did you tried TDSSKiller?
 
 Running TDSSKiller to obtain log
 
Note: Don't cure or delete a threat, but choose skip for all instead.
Please download TDSSKiller from here and save it to your Desktop
Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

In the Additional options: Check Detect TDLFS file system
Click Start Scan and allow the scan process to run

Choose for all threats to Skip for all of them.
Click Continue
Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)
===================================================

7 more replies
Relevance 95.53%

May be a lost cause fellas... my main symptom is I'm getting Google redirects

DL'd Malwarebytes, wont run even after renaming
AVG wont scan
Mcaffe Stinger wont run
I think I'm hosed here nothing works in safe mode either.


The last time AVG ran succesfuly it found a few things and deleted them.. thats the last issue I had. I'm at work right now if someone can throw out some suggestions I'll try when I get home. Thanks in advance
 

Answer:Google redirects and cannot run virus/malware scans!

Guys, close this thread out.. I ended up having to do a fresh install of Windows as computer stopped booting up

Sorry to bug you looks pretty busy here LOL
 

2 more replies
Relevance 95.53%

I noticed yesterday that my computer was running slow and a huge % of the processor was being used when nothing much was happening. When I tried running my audio program (cubase) the computer really struggled and the sound was breaking up. I closed the program and did a few searches to identify the problem. The first response was to do a virus/malware check, so I did, but my computer just started shutting down about 1/3 of the way through the check. It will start up again OK, but if I try another scan it closes down.
 
Firstly, I restored my system to point around 10 days ago when everything was running OK, but the scan problem still prevailed.
 
I then did a disk cleanup, and deleted temp files, temp internet files, program downloads, and the recycle bin. Problem was still there.
 
I then attempted a disk error check, however the computer shut down half way through this process as well.
 
I am really stuck as to what to try next. I have no idea if this is a hardware or software/virus issue. My computer will start up and run for a while, but then the Processor use gets very high again, and it's impossible to run most programs. It will then automatically power down.
 
Any help or advice would be much appreciated.
 
James
 
I have included some specs below:
 
Intel i3 processor
4GB RAM
1TB HDD C: 320GB with OS E: file storage
Windows 7 Ultimate
Avast Free Home antivirus
 
 

Answer:PC shutting down when running virus or malware scans

I then attempted a disk error check, however the computer shut down half way through this process as well.
Use this method, and if it fails
 Run a Disk Check on your C: drive in Windows Vista or Windws 7:
 •Click the Start ORB and select Computer
•Right-click on C:(or your main HDD letter) and select Properties
•Click on the Tools tab
•Under Error-checking click the Check Now... button and click Continue at the User Account Control prompt
•Mark the 2 boxes next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
•Click on the Start button
•When the message box pops up, click the Schedule disk check button and Restart your computer
•Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so
This will take (on average) 1 to 2 hours, so please let it finish.
Do not force a reboot while the check is running, as this may damage data -
 
Thank You -

18 more replies
Relevance 95.53%

Hey there,

My computer is older than dirt, so I don't expect great performance from it. However, it is running much, much slower than it should. I am also now getting popups that read similar to "System alert! Stop! Windows REQUIRES IMMEDIATE ATTENTION. CRITICAL ERRORS. Go to www.fix64.com" I get these pop ups when I do not have IE open. (No, I am not using Mozilla because my computer doesn't seem to like it.) Because my computer is old and a new on is one the way, I do not intend to put any more money into this one for the high dollar spyware protection that you can buy at the store. I have to make do with the quick fixes that I can. I have run Asquared malware removal, and the most it found was some tracking cookies. AVG anti virus comes up with nothing. I ran a registry cleaner and got rid of some stuff, but none of it looked threatening.
Is it possible that a virus or malware is hiding somewhere that the scans can't see? I am afraid to shop online or do online banking for fear some other eyes are watching.
I am running WinXP on IE6 with a DSL connection.

Here is the log:

Logfile of HijackThis v1.99.1
Scan saved at 11:18:48 PM, on 9/8/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System3... Read more

Answer:Virus/Malware hiding from scans? Log included...HELP

16 more replies
Relevance 95.53%

Recently, my computer ran its automatic scan and froze about 30% through the McAfee scan. I've tried Malwarebytes and others as well, all of which freeze on the same file. It is a long string file in the sandbox folder and is allegedly a windows file (looked up online seems to verify this).

My computer has generally run fine despite the antivirus freeze, but I'm concerned that my computer may be infected. Java has ceased automatic updates and also, the CPU usage has been through the roof. Does anyone have any ideas?

Thanks,
SDRTR

Answer:Virus/Malware Scans freezing on same file

Hello,I will be helping you with your problemsSome points for you to keep in mind while I am helping you to make things go easier and faster for both of us Please do NOT run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability. Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post. Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process. Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send ... Read more

1 more replies
Relevance 95.53%

I can not do the prework because my browsers are incapacitated, so I can't download anything.The PC indicates that my web connection - DSL - is functioning properly. I don't know if it is safe to insert a flashdrive in order to bring the required programs to my pc, and post the results using my relative's pc. Is there a way to prevent malware from infecting the flashdrive?
 
I am using a relative's desktop PC in order to communicate here. I still have windows XP SP3 on my desktop pc and I finally got a virus despite what I thought was safe surfing, using a limited account. I have Avast free but it did not detect anything. My superantispyware is "locked" and my malwarebytes free stops responding.  So I don't know what infection I have. I use Online Armor firewall, but it did not prompt me about any new program. It is set to always notify me, even when running something I have allowed in the past. Whatever it is, also got passed K-9 web protection which filters all of my PC use. I am putting a lot of disjointed information that may be helpful into this post, simply because of my need to go back and forth between two houses in my particular situation. (About a 5 minute walk). I normally would not put all of this into one initial post. I understand that the system works better when one detail at a time is presented upon your request. Please understand that I won't be able to provide bits of information without returning home for each request!
 
My last action befor... Read more

Answer:unknown malware disabled my browsers, locked anti-malware programs

DON'T READ MY POST!
system restore worked!
how do I close this thread as solved??

2 more replies
Relevance 95.53%

Greetings all,
I have in my possession a laptop with Windows Vista Home Premium Service Pack 2 (build 6002)
TOSHIBA Satellite A205 PSAF0U-0CQ009 180 GB Non-Partitioned HDD with 1 GB ram. This laptop belongs to a 21 year old who likes to download on a P2P site with absolutely NO virus protection.
I have so far seemed to have wiped out all virus' and Malware and Spyware as I have ran MULTIPLE scans with each all resulting in zero infections.
Just so you know I used the following programs: Comodo, MalwareBytes, SuperSpyware, and even ran Advanced system care and had it repair all registry errors.
When I first got this thing, it would not even boot into Safe Mode so I am pretty good at this point. The problem I am now having is, when trying to perform Windows Updates, I get a Error Code: 80072EFD which pretty much says that Windows can not search for updates. I do have a good wireless connection to the Internet. (Figured I would mention that because I know that I would ask that question first. :-D )
This is actually my first Vista repair. Have repaired many XP rigs so there maybe something I am doing wrong. So far, everything seems to be working fine except for this. Though I plan on running this thing through the wringer for a couple of more days just to make sure.
One thing to note, just for kicks, I turned off the Firewall and tried again with the same result.
Thanks in advance for any and all help and responses.
 

Answer:Can't get Windows updates after Virus/Malware removal

Just wanted to add another thing that I tried. I went to the command prompt as admin and entered
Code:
netsh winhttp reset proxy
I received the following reply:
Code:
Current winHTTP proxy settings:

Direct access <no proxy server>
Not quite sure if that was the response I was looking for. :-D

OK found another issue, not able to access the internet through IE though I am able to connect via Pale Moon which I installed at the VERY beginning of this issue to download some stuff while I was out of town. (when I got the computer handed to me with a stressed out 21 year old who thinks that ALL of her pictures are gone forever) :-D I already have them on another computer because I pulled the HD and got her pictures while on my Linux rig. :-D
 

6 more replies
Relevance 95.53%

Greetings all!

This computer was infected with several pieces of malware, virii, etc. All of my efforts to clean it were getting me nowhere, so I used 'ComboFix' which did clean a ton of stuff off of the system. However, I am unable to get it to boot into Windows now. It will boot into safe mode with networking support, and indeed that is how i am posting this.

Help!

I have included both the hijack this and combofix logs below.

HIJACK THIS:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:35, on 2008-06-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windows-p... Read more

More replies
Relevance 95.53%

Hi My Windows 7 PC 64bit is infected with Virus / Malware. Whenever I try to use Internet Explorer it guides me to different websites each time. Is there a good Antivirus / Malware which can help clean up the infection. I do not want to reinstall Windows. I will appreciate if you can share some of your experience with me. Thanks!!!EDIT: Moved from Win 7 to Am I Infected forum ~ Hamluis.

Answer:Virus / Malware Removal for infected Windows 7 PC

Please download Malwarebytes Anti-Malware and save it to your desktop.Download Link 1Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.
For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may take some time to comp... Read more

1 more replies
Relevance 95.53%

I worked with chaslang in the Malware removal forum and got that all cleaned up on my parents PC. I am now running into operating system issues that I am pretty sure are remnants of what the virus/malware attacked. Here are the things I am noticing:
- Most Icons and program files will not open with click or double click. To get them to open I have to right click and then select "open"
- Internet Explorer will not fully open. I see it pop up and start to open but it then closes right away.
- I cannot get programs to install like Symantec antivirus. It pops up an error during installation that a folder for a shortcut link does not exist. You can click OK and the install program continues and gets all the way to the very end of the install bar and then it backs out all changes and says the install was interupted unexpectantly.
- Other programs will not install either. For instance, when installing mbam I get an unregistered class error and the installation never really completes. I can get it to run but after you close it out after the scan it no longer exists in the All Programs menu. The entry says it is "Empty". The program actually still is on the PC it just did not create a program entry or a shortcut.
- Windows Update will not run

I think that gives you the idea as to what is happening and why I thought it might be left over from the virus.

Any help you could give would be greatly appreciated! Chaslang was a great help in the Malware for... Read more

Answer:Windows XP SP3 Issues After Virus / Malware Removal

Let's attack the icon problem first.

You might try deleting and re-creating the shortcuts.

If that fails, then:

Doug Knox has a good XP registry fix site, I've used these many times, good stuff. the one you need, I think is:

[FONT=Arial, Arial, Helvetica]ICO File Association Fix (Restore the default association for ico files)[/FONT]

Save the file to your desktop and double click it, say yes when it asks you if you wish to merge this key to your registry. Reboot the computer and try to launch programs from the shortcuts.
 

7 more replies
Relevance 95.53%

Hello,First, thank you for this forum! I'm not a computer wiz, and even reading all of this information is overwhelming. I really appreciate your assistance.I got a virus in my computer a few weeks ago, and after reading some forums, I used several "spyware" programs and then finally found SuperAntiVirus, which seemed to remove the Virus. Within a few hours, I started noticing that my system was running slower, and when I searched for something on Mozilla, clicking on the link would redirect me to a different website thank the site listed, usually a junk/sales site. Below are the logs as (I hope) requested.DDS (Ver_09-12-01.01) - NTFSx86 Run by Toshiba_Admin at 15:43:59.64 on Thu 01/28/2010Internet Explorer: 8.0.6001.18828 BrowserJavaVersion: 1.6.0_13Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.893.218 [GMT -5:00]SP: SpywareBot *disabled* (Updated) {57242BB6-0BF9-49A3-8514-BB4877D90EC5}SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe ... Read more

Answer:Unknown Malware--Windows Defender???

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

4 more replies
Relevance 95.12%

Hello everyone!
(using Windows XP home edition service pack 2, updated it now to service pack 3)

I have a huge problem and I'll explain from the beginning:
My family has a family computer which is connected to the internet and was starting to run slower and slower. Thus I uninstalled F-Secure Antivirus and installed and updated Avira Antivir. I ran a full system check where 88 (!!!!) viruses were detected and removed. 4 unknown programs, named heur/crypted were removed to quarantine, where I left them.

(I know, 88 viruses is horrible, but no one of my family knows anything about computers and as I am not always at home, I only do checks once a month or so...also my siblings are really careless concerning what they open on the web but they DO NOT download by sharing or p2p...).

So, I also downloaded Malwarebytes Antimalware and it also found 41 threats which I ticked to delete.

Then the problems really begun: I restarted the computer and it did a whole system check which lasted for about 2 hours (!!). Afterwards, the start desktop did only load the wallpaper but nothing else. When opening the task manager, I observed that the system was running idle for 99% of the system activity (sorry, I don?t know if this is the correct word).

After some time, it loaded anyway and I got the notice that the firewall was not activated. I tried to activate it via the windows security center, but then it told me that the firewall/internetconnection sharing service was not ac... Read more

Answer:virus or malware removal lead to a disabled xp firewall - is there some virus left??

*bump this thread* please!!!! :'-(

13 more replies
Relevance 94.71%

ANYONE that recognizes these symptons please help me IDENTIFY this infection!
I plugged a friends Seagate Expansion drive (SRD00F1) into my machine's usb port and Windows Vista started to load the drivers and then stopped. I went to My Computer and the machine can't see the drive at all. After this I started to see the following occurring:
1) All the normal column names in Explorer are gone, Author is the only one showing. All of the common ones are unavailable when I try to choose details by right clicking the column header, Filename, Date Created/Created, Size etc...
2) Many windows won't open, specifically Control Panel windows like "Backup and Restore Center" and System.
3) Explorer shows no filenames or folder names.
4) The "Start Search" feature of the Start Bar returns nothing.
5) In My computer the sizes of the drives and free space are in bytes, not KB or MB.
 
It seems like some rootkit, but I can't figure out which one, the external drive that caused the infection hasn't been used in months, so it can't be something brand new.
Any assistance on identifying this infection and removing it would be greatly appreciated.
 
Here is the DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16592
Run by Shake at 17:09:02 on 2015-01-19
Microsoft® Windows Vista™ Ultimate   6.0.6002.2.1252.1.1033.18.6133.3253 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disa... Read more

Answer:Unknown Virus/Malware, Explorer has no details, many windows wont open

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully.First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.    HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs i... Read more

26 more replies
Relevance 94.71%

Ran all suggested scans:
Adaware
Spybot
CCcleaner
WindowsAntiSpyware
Trendonline scan
All in safe mode with system restore disabled and connection unplugged.
Found and fixed many problems and viruses.
Still getting popups!!!!!!!!!
Heres my hijack this log:
Any help appreciated!


Edit by bjgarrick: Unrequested, Inline HJT log removed!

 

Answer:ran all suggested malware, spyware, virus scans - Still getting popups!!

Please download Spy Sweeper
Click the link above to download the program.
Install it. Once the program is installed, it will open.
It will prompt you to update to the latest definitions, click Yes.
Once the definitions are installed, click Options on the left side.
Click the Sweep Options tab.
Under What to Sweep please put a check next to the following:

Sweep Memory
Sweep Registry
Sweep Cookies
Sweep All User Accounts
Enable Direct Disk Sweeping
Sweep Contents of Compressed Files
Sweep for Rootkits
Please UNCHECK Do not Sweep System Restore Folder.

Click Sweep Now on the left side.
Click the Start button.
When it's done scanning, click the Next button.
Make sure everything has a check next to it, then click the Next button.
It will remove all of the items found.
Click Session Log in the upper right corner, copy everything in that window.
Click the Summary tab and click Finish.
Paste the contents of the session log you copied into notepad and save it as spysweeper.txt and attach it to your next post along with a fresh HJT log.

 

11 more replies
Relevance 94.71%

Ok my Windows Server 2008 x64 the browser has been compromised every time i time to search for a page or if i directly type in a URL I get the following attachment named IE1.jpg
I have ran malwarebytes, NOD32 and Windows Defender to no avail. Please help below is also attached the HiJack this log.

Thank you in advance,

Brandon

Answer:Please Help, Browser Hijacked, Cannot pickup by virus malware scans

So I have ran just about every scan i could. I installed Firefox to see if it was just IE based but it is not Firefox is displaying the same thing. I cannot get to any online scanner because it redirects me.Hello brandonb138,We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.Thank you for understanding.Regards,The weatherman (Moderator)

3 more replies
Relevance 94.71%

I obviously have a deep infection. After numerous attempts at scans and fixes by numerous programs, still no luck. I have a thread going in one of the other forums here, and I was advised by one of the techs to move it to this forum for more in depth assistance. To save typing, I will post the link to that thread, so you can see my symptoms and everything that has been tried as well as log files. http://www.bleepingcomputer.com/forums/topic364026.html

I have also attached a copy of the DDS log here in this current post.
 DDS.txt   9.79KB
  0 downloads

I hope I've given you all the info you need to help. If not, I will do my best to get you what you need. Thank you for your help.

**NOTE** while typing this post, using the infected PC, I received the blue screen of death 5 times. Wasnt doing anything but typing this. And then each time I obviously had to reboot, as soon as it got to my desktop, the blue screen shut me down again. Each blue screen mentioned the ldqgakb.sys file. You will see the full technical info in my thread posting. I had to finally boot into safe mode just to be able to type this.

Answer:Malware or virus infection preventing scans or fixes

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resu... Read more

3 more replies
Relevance 94.71%

i recently obtained a virus from idk where so i run avg many times but it cloeses half way through and the same with many other anti virus programs, i feel that its the malware defense virus, i ran a Hijack this log so i was hoping someone will interpurt it for me and tell me what to do...my computer is an HP pavilions desktop a1253w
 

More replies
Relevance 94.71%

I have been having problems with my computer for over a week. Everything works fine for about ten minutes, after that I will be bombarded with multiple google chrome windows opening constantly. When I try to type something in the search bar everything will start to flicker like I am constantly pressing the space bar and enter. This happens with my entire computer, If I click the windows start button random programs will start opening like skype. It renders my computer completely useless and I will be forced to restart, after the computer has restarted everything works fine again for a short period of time.
 
I have ran a multitude of malware scans with such programs as: Microsoft Security Essentials, Malwarebytes, Adware Cleaner, JRT. Everything will always show up clean.
 
I do not know what to do at this point. I NEED HELP!!! 

Answer:Cannot get rid of virus. Malware software scans show up clean.

Hello fadunka, my name is Jo and I will help you with your computer problems.Please follow these guidelines:Logs can take a while to research, so please be patient.Read and follow the instructions in the sequence they are posted.print or copy & save instructions.back up all your private data / important files on another (external) drive before using our tools.Do not install / uninstall any applications, unless otherwise instructed.Use only that tools you have been instructed to use.Copy and Paste the log files inside your post, unless otherwise instructed.Ask for clarification, if you have any questions. Stay with this topic til you get the all clean post.My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.***1. Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.Vista / Windows 7/8 users right-click and select Run As Administrator.A Notepad document should open automatically called checkup.txt; please post the contents of that document.***2. Please download Farbar Recovery Scan Tool and save it to your Desktop.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.Right-click FRST / FSRT64... Read more

2 more replies
Relevance 94.71%

Good morning, I have run multiple virus scans and malware scans both in regular and safe mode and they run clean each time now after they found a couple of trojan viruses two days ago. The issue is that I am noticing a huge amount of web traffic even when I am not running anything on my end. When I run TCPView it shows many "hits" of ip's from Russia and other countries as well. What can I do to delete or change whatever is causing this and is not found by the antivirus/malware programs?Any help would be greatly appreciated!Thanks in advance, TimeBanditgfile of Trend Micro HijackThis v2.0.2Scan saved at 8:31:56 AM, on 8/29/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16827)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Apple\Mobile Device S... Read more

Answer:Hijack this file below: Virus scans and malware find nothing

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.We need to create an OTL ReportPlease download OTL from hereSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the "Run Scan" button.The scan should take just a few minutes.Copy the log that opens up and paste it back here in your next reply.=============The next log will show us any hidden files that are present.Download RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the sc... Read more

3 more replies
Relevance 94.71%

Hi, as the title state, i would like to request help as i feel i might have some kind of malware or virus recently because i noticed 2 changes :
* My PC is of course slower than usual (i didn't install any new programs and i still have sufficient space so those shouldn't be the problem)
* During gaming, my ping has weird spikes and is usually stable at a much higher value than the usual so i tried to check which device might be taking up bandwidth , even after blocking every single MAC address besides this PC i still had those ping spikes so i thought its most likely this PC itself which is running internet consuming programs.
Here are the logs and thanks in advance.
 

Answer:Not Sure If My Computer Has Some Virus Or Malware ( Did Scans And Logs Are Attached )

According to your RKlog, you have a keylogger on your system. Did you put it on?
 

11 more replies
Relevance 94.3%

Hello,
 
I need your help. I'm having the same problem as this one:
http://www.bleepingcomputer.com/forums/t/496263/access-is-denied-and-disabled-windows-defender-microsoft-security-essentials/ 
 
I think I'm having exactly the same problem, but I can open my Windows defender but when I click the Start now button, the program disappears. and I tried it in services, and action center still not working! And I don't know what kind of virus it is. I think it's a virus that won't open it because my Malwarebytes won't open until I renamed it to "anything.exe" (as I've read in other forums). My USB gets infected also so I need to get Defender fixed.
 
Thank you. Looking forward to your reply

Answer:Virus blocking Anti-Virus: Windows Defender

Hi & to Bleeping Computer Forums!My name is Jürgen and I will be assisting you with your Malware related problems. Before we move on, please read the following points carefully: My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.If I don't reply within 24 hours please PM me!Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.Step 1Please run a FRST scan. This will help us diagnose your problem.Please download Farbar Recovery... Read more

41 more replies
Relevance 94.3%

Hi everyone,

I would really like to get some feedback from you. What is your opinion on the guide? What can I do to make it better? I want to make the guide as user friendly as possible. Please give me your feedback, ideas, and suggestions. Thanks.

Guide: http://www.selectrealsecurity.com/malware-removal-guide/
 

Answer:Virus/Malware Removal Guide for Windows [Feedback]

RE: Malware Removal Guide for Windows [Feedback]

personnaly i will remove SAS (it going down) and MSE (not fantastic), and replace them by Comodo Cleaning Essential (designed to be run in very infected environment, the only cons is its huge definition database to download) and Emsisoft Emergency Kit or Norton Power Eraser.

And you didnt mention Malwaretips !!!!! Boooo ^^
 

19 more replies
Relevance 94.3%

I have followed the instructions to remove Malware defender 2009 and done all the rebooting etc. I have dowloaded and installed HijackThis (log below) and also followed the guide and done a DDS log (below) and also attached the "attach.txt" file as directed.DDS (Ver_09-03-16.01) - NTFSx86 Run by Administrator at 10:23:22.82 on 03/05/2009Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.2047.1438 [GMT 1:00]============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchC:\WINDOWS\system32\svchost -k rpcssC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\userinit.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\Explorer.EXEc:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exeC:\Program Files\Spyware Doctor\pctsAuxs.exeC:&... Read more

Answer:Malware defender after running anti-malware

Hello Johncarter28.You will want to print out or copy these instructions to Notepad for Safe Mode/offline reference!These steps are for member Johncarter28 only. If you are a lurker, do NOT try this on your system! If you are not Johncarter28 and have a similar problem, do NOT post here; start your own topicDo not run or start any other programs while these utilities and tools are in use! Do NOT run any other tools on your own or do any fixes other than what is listed here.If you have questions, please ask before you do something on your own.But it is important that you get going on these following steps.=Close any of your open programs while you run these tools.Let's have you start with the following:Set Windows to show all files and all folders. On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed. "CHECK" (turn on) Display the contents of system folders. Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders. Next, un-check Hide extensions for known file types. Next un-check Hide protected operating system files. Take out the trash (temporary files & temporary internet files) Please download ATF Cleaner by Atribune, saving it to your desktop. It is used to cleanout temporary files & temp areas used by internet browsers.Start ATF-Cleaner.exe to run the program. Under Main choose: Select All Click th... Read more

2 more replies
Relevance 93.89%

I am trying to remove all viruses on a family members computer. I have a feeling that the entire SysWOW64 folder is a virus. When I do a Full virus scan with either Malwarebytes or Microsoft Security Essentials, the path shown as the current location being scanned is C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\... and the scan stays in that folder for well over 20 hours.
 
I cannot enter that file location, either manually or forcefully with cmd. I get stuck at the systemprofile layer. I get an error message telling me that I do not have permission to enter that folder. I am on an Admin account.
 
you may refer to this post for possible information about this topic http://www.bleepingcomputer.com/forums/t/516838/virusmalware-scan-stuck-in-temp-internet-folder-for-10-hours/
 
Steps I have already taken
 
Installed and Ran a scan with spyhunter 4, this scan took 40 hours and scanned over 8million files. There was a detection of 900+ threats, but all were either adware or cookies. I took no action against them, as Quietman7 instructed me to uninstall spyhunter due to the program being untrustworthy.
 
I have used Malwarebytes and MSE to run quick and full scans. The quick scans take 3-5 minutes and dont find any viruses. The Full scans do pick up some trojans and they are located within the SysWOW64 folder. I have deleted them.
 
I followed Quietman7's suggestions for disk cleanup. I ... Read more

Answer:SysWOW64 virus / Virus scans take 20+ hours to complete

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/517570 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

66 more replies
Relevance 93.89%

This is my first post ever, so I am new to this. I will make this as plain as I know how.

My pc obviously took on a virus. All desktop icons disappeared, wallpaper gone, lots of popups, and when you search for something on the net, it sends you to nothing but virus removal pages wanting you to buy it, etc etc etc.

Here's what I have done so far:

I removed the hard drive, took it to another PC, and loaded as a secondary drive. I ran a McAfee virus scan, superantispyware scan, and spybot scan to try to weaken it.

I put the hard drive back in the original PC and now I have icons back, wallpaper, and things run somewhat smooth. However, it will NOT allow me to run my Microsoft essentials virus scan, superantispyware, or even combofix. It starts running, then disappears off the screen like it never existed. Wont even let me update my virus protection. It updates for a long way, then freezes, and have to restart.

I installed Hijackthis and Malwarebytes. They begin to run then they disappear too. Lots of times, but not every time I try to run one of these, I get the blue screen of death. The technical information it gives me on that screen is:
STOP: 0x000000D1 (0xF7AF7000, 0x00000002, 0x00000000, 0xab0dc747)
ldqgakb.sys - address AB0DC747 base at AB0D8000, datestamp 4cf44c8f

I have also typed MSCONFIG in my run command, went to startup, and didnt find anything suspicious. I did disable anything I know I did not need.

Something is running somewhere that... Read more

Answer:Virus blocking me from running any virus or malware removal EXE

Oh, and also, I will say, I did see signs of "antivirus 2010". I removed in in add/remove programs, not knowing that's apparently a virus. I know that its not really removed, so could this be my issue?

26 more replies
Relevance 93.89%

Thanks to this site after reading the Best Practices & FAQ page I now have a better understanding of the different kinds of threats out there. 
 
One question however remains, having activated the Windows defender on my Win10 do I still need an anti-malware or another protection to cover the different kinds of threats?
 
Assume I'm comfortable with the level of protection and risks incurred on having one single anti-virus (eg Microsoft in this case). 

Answer:Do I need Anti-malware with Windows defender on Win10

...having activated the Windows defender on my Win10 do I still need an anti-malware or another protection to cover the different kinds of threats?...Yes.Although Windows 8/10 Defender provides some anti-malware protection...it is weak, meaning it does not provide comprehensive protection and cannot prevent, detect and remove all threats at any given time. This is true for most anti-virus solutions. Anti-virus and anti-malware programs each perform different tasks as it relates to computer security and threat detection. Essentially, they look for and remove different types of malicious threats.In simplistic terms, Anti-virus programs generally scan for infectious malware which includes viruses, worms, Trojans, rootkis and bots.Anti-malware programs generally tend to focus more on adware, spyware, unwanted toolbars, browser hijackers, potentially unwanted programs and potentially unsafe applications. Anti-virus and Anti-malware solutions with anti-exploitation features protect against zero-day malware, drive-by downloads, exploits and Exploit Kits.Therefore, you need both an anti-virus and an anti-malware solution for maximum protection.The Difference Between Antivirus and Anti-MalwareMalware Remover vs. Antivirus Software: What's the Difference?Antivirus and Antispyware Software: What's The Difference?What Is the Difference Between Antivirus & Antispyware?Use Anti-Virus and Anti-Spyware SoftwarePlease read Supplementing your Anti-Virus Program with Anti-Malware Tools for ... Read more

1 more replies
Relevance 93.48%

Hi guys and gals. I'm getting redirected on google and other search engines, to google then (or) to other websites. I tried malwarebytes, superanti-virus, and hijackthis but it will either not run at all, or it will only run for short time then it stops. I renamed those before downloading and it still wont run for long. After it stops and I click the icon it will then get something like "file not found, path way to ..." I even tried it in safe-mode, but it doesn't work.

Not sure if this helps, but rootrepeal ran:

ROOTREPEAL ? AD, 2007-2009
==================================================
Scan Start Time: 2009/08/25 21:14
Program Version: Version 1.3.5.0
Windows Version: Windows XP Media Center Edition SP3
==================================================

Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xF7560000 Size: 57344 File Visible: - Signed: -
Status: -

Name: Aavmker4.SYS
Image Path: C:\WINDOWS\System32\Drivers\Aavmker4.SYS
Address: 0xF7910000 Size: 19072 File Visible: No Signed: -
Status: -

Name: ABP480N5.SYS
Image Path: ABP480N5.SYS
Address: 0xF7808000 Size: 23552 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF7411000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -

Name: ACPIEC.sy... Read more

Answer:Google Redirect - virus scans and malware removals wont run

Try running the RootRepeal Files scan.

7 more replies
Relevance 93.48%

its a bogus virus protection. spybot avast macafee could not get rid of it.can not load killbox.it blocks the page you want from loading.
then a burgandy screen comes up asking for u to run a full scan.
DDS (Ver_09-05-14.01) - NTFSx86
Run by chris at 14:09:51.69 on Sat 06/06/2009
Internet Explorer: 7.0.6001.18000
Microsoft? Windows Vista??? Home Premium 6.0.6001.1.1252.1.1033.18.3069.1963 [GMT -4:00]

SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}

Answer:pav personal anti virus malware/virus

cannot install any programs fo fight this it says im not an administrator.it sells for 59.95 according to their site

2 more replies
Relevance 93.48%

It all started with the explorer.exe not working on start up. So i went to the task manager and ran new process for the explorer.exe once i got it up i tried a virus scan had some trojans i clicked fix problem so i thought it would fix the problem when i restarted the cpu the problem was still the but this time i was not able to acess my anti virus software (Vipre)Also the internet keeps redirecting everything i try to search for

Answer:Virus is disabling anti virus anti malware

tap f8 on boot up and choose safe mode with networking. Then download and run malwarebytes and fix all it finds. Then reboot to normal modeSome HELP in posting on Computing.net plus free progs and instructions 7 Medals

4 more replies
Relevance 93.48%

I'm not quite sure how this works, but if someone could please assist me, here is the info from the FRST.exe scan. Thank you ahead of time!
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-08-2013 01
Ran by SYSTEM on 04-08-2013 11:43:44
Running from F:\
Windows 7 Ultimate (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM\...\Run: [] -  [x]
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [348664 2012-09-07] (Avira Operations GmbH & Co. KG)
 
========================== Services (Whitelisted) =================
 
S2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [86224 2012-09-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110032 2012-09-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-09-07] (Avira Operations GmbH & Co. KG)
S2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1251840 2010-09-17] ()
S2 Tu... Read more

Answer:WIndows 7 start up repair post malware/virus removal

Good evening.
Open Notepad and copy and paste the following text into it and save it alongside FRST on the flashdrive as fixlist.txt:TDL4: custom:26000022 <===== ATTENTION!

Run FRST as previously, but this time click the Fix button just once and wait.
Once complete the results will be written to the textfile Fixlog.txt, saved alongside FRST as before - please let me have the contents of the file in your next reply.
Also, try to boot the PC normally and tell me what happens.
 

2 more replies
Relevance 93.07%

I have a serious computer problem I have read numerous posts to self diagnose and correct the problem. When I think it's good it comes back to haunt me, I am stuck with a computer that constantly freezes, Google redirects me to malicious sites and mostly everytime I try to run the control panel it freezes up on me. I also have this error messege that pops up and says "Generic Host process for Win32 services has encountered a problem and needs to close." Some additional info for that error message:SzAppname: svchost.exeSzAppVersion: 5.1.2600.5512SzModname: ntdll.dllSzModVersion: 5.1.2600.5755I have run Malware bytes numerous times quick scan, full scan it will detect then I will remove and when I restart the computer and run it again it's back on there! I am getting to my witsends over this I don't know what to do and need some help please! here is my HiJackthis log:Logfile of Trend Micro HijackThis v2.0.4Scan saved at 2:52:09 AM, on 11/30/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.17091)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WI... Read more

Answer:Google redirect virus, generic host process win32 error messege, constant virus removal with malware bytes

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the ... Read more

2 more replies
Relevance 93.07%

Yesterday I was surfing deviantart and froze, page shut down then I got this "XP Defender Pro" popping up with trojan warnings everywhere.It totally blocked my IE and anti-virus program (only Avast! at the time). I used an old PC to find info and attempt a clean. So far I have used Malwarebytes (in safe mode only), Super Anti-Spyware & SpyBots S&D. I lost function of all exe files so had to use the exefix_xp to get those working. Everything seemed to be ok, but I am finding sometimes, generally when I very first open IE, I am being re-drected in my browser so its obviously still there somewhere. I had reverted back to the old IE 6 (I know, shoot me) because I cant stand IE 8 and was seeking something else before updating to SP3 which I was always told was crap. TOO slow obviously and I have no idea. P.S Now all the anti-spyware things are all running at once and I dont know which ones to turn off or leave on LOL. EDIT: Ive removed my old HJT log and pasted the newest DDS log & HJT log I've just done now. Still getting occasional browser hijacks, no trojan popups. GMER absolutely will NOT work for me.Please suggest something else if we have to go that way, wasted 8 hours on that thing DDS (Ver_09-12-01.01) - NTFSx86 Run by Kellie at 5:28:24.71 on Thu 18/03/2010Internet Explorer: 6.0.2900.2180Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3583.3082 [GMT 11:00]AV: avast! antivirus 4.8.1351 [VPS 100317-0] *On-access scanning ena... Read more

Answer:XP Defender "Pro" Virus/Malware

[b]Title was: Win32:Alureon-FR / Browser Hijacks / XP Defender, Each day a new one appears ~ OB

Started with XP Defender Pro killing everything. I posted about that but now it is esculating stupidly to new viruses so I am starting over. As before, I cannot run GMER and am writing this around Avast! warnings. Moving to chest does, obviously, nothing. Says its in the system32 drivers atapi. I am still being redirected on most internet sites, but not all. Ive since installed Zone Alarm (free) as well. I dont know whether to update my system now or after this crap is gone so Im waiting for info since I have no idea, and Im unsure if its even safe to use with this new one. I am pasting the latest DDS logs, I dont know what else you need since gmer wont run.
DDS (Ver_09-12-01.01) - NTFSx86
Run by Kellie at 14:25:11.56 on Fri 19/03/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3583.3062 [GMT 11:00]

AV: avast! antivirus 4.8.1351 [VPS 100318-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software�... Read more

16 more replies