Computer Support Forum

Virus preventing me from running any program or running/installing antivirus

Question: Virus preventing me from running any program or running/installing antivirus

Hi,My laptop was suddenly attacked by a virus when Firefox was unable to block a pop-up ad. Something happened and numerous screens began popping up from Avira antivirus and no matter how many times I deleted or quarantined the virus, it kept growing in number. Now, I cannot run any installed programs and cannot install/run any existing antivirus programs in my computer.NEW UPDATED PROBLEMAfter restarting my computer, I am no longer able to access Windows in normal mode. I can only run windows vista in safe mode. I have no network access as the virus is blocking all networks and I cannot access the internet from safe mode. I was unable to start up my Avira antivirus scan but was able to do a scan on all active units and Avira revealed about 8 detections with the Trojan TR/Alureon.BF2 in some location that I can't find: globalroot\systemroot\system32\UACeuivxhxbvr.dllI cannot install any other antivirus programs even though they were renamed. After running Avira, all executable files and shortcuts stop working. If I attempt to run Malwarebytes, the computer restarts. When it starts up in normal mode, all I get is a black screen and the mouse arrow. I cannot run system restore as the virus has deleted all restore points. I also cannot run system recovery mode as the virus has disabled that option. Even though Avira was able to locate the virus, the quarantine/delete/deny access functions have all been disabled.I was able to briefly run malwarebytes which indicated some file here: C:Windows\system32\uacinit.dll and Avira also detected something called APPL/NirCmd.2 Also, prior to all this happening (while I still had internet connection) each time I typed www.yahoo.com, it would be go to page called http://m.www.yahoo.com/ where Yahoo was in purple lettering. However, you could not search anything that contained the words virus, anti virus, or any antiviral software company. My browser is obviously being hijacked by some program even after I deleted all cookies.PLEASE HELP ME!!!!Your assistance and expertise is greatly welcomed and appreciated!!!!Thank you for your time and patience. Best regards.IceBelow is my latest HijackThis LogLogfile of Trend Micro HijackThis v2.0.2Scan saved at 5:14:40 PM, on 8/19/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\IDT\WDM\sttray.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Windows\System32\WLTRAY.EXEC:\Windows\system32\igfxsrvc.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Windows Live\Device Manager\msgrdvmn.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Windows\system32\taskmgr.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Windows Live\Toolbar\wltuser.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\system32\wuauclt.exeC:\Windows\system32\taskeng.exec:\program files\avira\antivir desktop\avgnt.exeC:\Program Files\Internet Explorer\Iexplore.exeC:\Program Files\Internet Explorer\Iexplore.exeC:\Users\Justin Tak-Lee Leung\Desktop\HiJackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R1" target="_blank" class="invilink">http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by DellR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: SHOUTcast Toolbar Search Class - {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dllR3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dllO1 - Hosts: ::1 localhostO2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dllO2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dllO2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dllO2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dllO2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dllO2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dllO2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dllO2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dllO2 - BHO: SHOUTcast Loader - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dllO2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dllO3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dllO3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFree.dllO3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dllO3 - Toolbar: SHOUTcast Radio Toolbar - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Program Files\SHOUTcast Radio Toolbar\shoutcasttb.dllO3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exeO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exeO4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exeO4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exeO4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /sO4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exeO4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startupO4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [isCfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe" -G:{77CCBE0B-A541-49a9-883E-14F8337EC861} -T:Config -REBOOTO4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"O4 - HKLM\..\Run: [WindowsLivePhone] C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe /AutoRunO4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe" /runO4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /minO4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenterO4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exeO4 - HKCU\..\Run: [WindowsLivePhone] "C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe" /AutoRunO4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exeO8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204O8 - Extra context menu item: &SHOUTcast Search - C:\ProgramData\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.htmlO8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.htmlO8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{AD42F68A-576C-4F1E-ACF6-6C88A1D6BE78}: NameServer = 207.69.188.171,207.69.188.172O17 - HKLM\System\CCS\Services\Tcpip\..\{EFFE8639-7D10-40D6-8E15-5666400E8AAF}: NameServer = 207.69.188.187 207.69.188.186O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLLO20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dllO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_1a0d9ac6\aestsrv.exeO23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exeO23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exeO23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exeO23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exeO23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeO23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Intel? Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exeO23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_1a0d9ac6\STacSV.exeO23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exeO23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE--End of file - 13720 bytes

Relevance 100%
Preferred Solution: Virus preventing me from running any program or running/installing antivirus

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: Virus preventing me from running any program or running/installing antivirus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

2 more replies
Relevance 104.55%

Hello all,

In utter frustration and as a last hope i turn to YOU.
as off yesterday i have a virus on pc and laptop, after intalling and running a virus scanner it said it was clear. as off this morning i did get a fake virusscanner warning on my screen and im not able to run anything eccept my internet.

running win xp sp 2
unable to run any program to remove malware or virus, on the pc or online

In frustration I even tried to format and reinstall win, but even that doint work ,just doint run any .exe
hope you can help me

regards

Answer:Virus preventing running any type of program

update

looks like its solved, could you pls have a look at the log file,
ComboFix Beta_09-08-15.07 - RC 08/16/2009 17:21.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3070.2683 [GMT -5:00]
Running from: c:\documents and settings\RC\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\RC\Desktop\CFScript.txt
AV: PC Tools AntiVirus 6.0.0.19 *On-access scanning enabled* (Updated) {832E7172-E406-4bb2-8B19-6D29F2C93A98}

FILE ::
"c:\windows\svchast.exe"
.

((((((((((((((((((((((((( Files Created from 2009-07-16 to 2009-08-16 )))))))))))))))))))))))))))))))
.

2009-08-16 20:34 . 2009-08-16 20:34 -------- d-----w- c:\documents and settings\RC\Application Data\AVG8
2009-08-16 19:47 . 2009-08-16 19:47 -------- d-----w- c:\windows\McAfee.com
2009-08-16 19:09 . 2009-08-16 19:12 -------- d-----w- c:\windows\BDOSCAN8
2009-08-16 18:53 . 2009-08-14 21:21 102664 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-08-16 18:08 . 2009-08-16 18:08 -------- d-----w- c:\program files\Windows Live Safety Center
2009-08-16 18:02 . 2009-08-16 18:02 42 ----a-w- c:\program files\Common Files\WindowsUpdate.zip
2009-08-16 15:21 . 2009-08-16 15:21 36352 ----a-w- c:\windows\system32\csbdll.dll
2009-08-16 15:21 . 2009-08-16 17:59 0 ----a-w- c:\windows\system32\drivers\4ea9d2da.sys
2009-08-16 15:21 . 2009-08-16 21:22 75264 --sh--r- c:\windows\mscth32.exe
2009-08-15 00:56 . 2009-08-15 19:19 -------- d-----w- c:\documents a... Read more

19 more replies
Relevance 91.02%

How do you stop applications from starting when you boot up? I have an application called 'Camera Assstant'. It runs in my tray when I boot up. How do I stop this from happening?
 

Answer:Preventing a program from running on start up

7 more replies
Relevance 88.56%

Hello
My son recently started using his mother's old computer. I have no idea what he has been up to but the anti-virus software was about to expire so I tried a couple of different packages (AVG and McAfee) but the first would not run and the second would not install. I looked at one of the threads on this forum and followed the instructions to run ComboFix. Here is the log file. Could you please let me know if you can see issues and what I can do to fix them

kind regards

Michael

ComboFix 12-01-23.02 - Janet 25/01/2012 1:36.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.61.1033.18.1022.367 [GMT 10:00]
Running from: c:\users\Janet\Desktop\J456.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\PlaySushi\PSTExt.dll
c:\users\Janet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Personal Internet Security 2011.lnk
c:\users\Janet\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.drv
c:\users\Janet\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.sys
c:\users\Janet\AppData\Roaming\Microsoft\Windows\Recent\cb.tmp
c:\users\Janet\AppData\Roaming\Microsoft\Windows\Recent\CLSV.tmp
c:\users\Janet\AppData\Roaming\Microsoft\Windows\Recent\delfile.drv
c:\users\Janet\AppData\Roaming\Microsoft\Windows\Recent\dudl.tmp
c:\users\Janet\AppData\Roaming\Microsoft\Windows\Recent\energy.sys
c:\users\Janet\AppData... Read more

More replies
Relevance 88.15%

help bleepingcomputer... i have been trying to resolve this but cannot understand all the gobblygook im reading on this topic... i cannot open malwarebytes antimalware, AVG anitvirus, unfortunately i have run some tools and may still have the note files... i have tried rkill, kapersky rootkit, malwarebytes rootkit, malwarebytes chamelion. microsoft malicious software detection, im severely frustrated having spent hours. i have looked at the registry since i dont have the group policy editor in windows home premium,, i downloaded the microsoft spreadsheet with default registry settings but cannot find them in the registry ... 

Answer:group policies preventing antivirus programs from running in windows 7 home prem

If your not the administrator, then you need to contact your admin about installing software on the
computer.

3 more replies
Relevance 88.15%

Hello, hope someone can help me please, am struggling a bit with this one as i know something is not quite right but i don't know what it is.

ran a repair (f8) on bootup and got these resuts

prob sig 01 6.1.7600.16385
02 6.1.7600.16385
03 unknown
04 181
05 manual repair
06 1
07 no root cause
os version 6.1.7600.2.0.0.256.1
locale ID 1033

ran a sfc /scannow and got these results (cbs.log attached)

if there is anyone skilled at deciphering these cbs logs i would appreciate some help

cheers
BlindMan

More replies
Relevance 87.33%

turned m computer on this morning and boom massive fake spyware virus claiming im infected, although it is my fault as i clicked run on an unknown thing last night, i just wasnt paying attention. anyway whenever i try run anything but IE it says cannot run blah.exe because it is infected. so i cant run my antivirus spyware s--- to stop italthough after i ran it i did prevent information leaving through its firewall, heres hoping thats still running and its just hidden it. it also removes all icons from system tray, and calls it self system tools. i checked programs but nothing out of ordinary so i think its in win32 somewhere but i dont know where to look. please help.

Answer:virus preventing .exe running

If you can get online, download, install and update MalwareBytes freebie which is good at fixing these. If the exe for the download won't run then change it to bat.Similarly if the actual program won't run then change the program's exe to bat.If you can't get the download get it on another machine and put it on a flash drive.Once the thing has been dealt with, if you still can't run exe files, then chose EXE from here:http://www.winhelponline.com/blog/f...(but run MalwareBytes first)We all live on the same ball.

5 more replies
Relevance 86.92%

Hello, I was hoping someone here could help me.

My anti-virus expired quite a while ago and I stupidly didn't renew it. I have been trying for a while to install anti-virus software but they all crash during installation so I assume I have a virus which is stopping them. I've tried installing Norton, McAffee, Kaspersky and avast!. I've had to uninstall all of them because they all crash.

Most recently, downloading avast! crashed my computer and it wouldn't let me uninstall it (I tried for ages) so I had to do a system restore. I understand that ComboFix could help but obviously didn't want to run it because I wouldn't know what I was doing.

Other than that, my laptop mostly runs fine, although it seems to hate iTunes.

I am using Windows Vista Home Premium (32 bit operating system).

I'd be really grateful if someone could help me out!

Many thanks,

Rhys

Answer:I have a virus preventing me from installing antivirus software

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.====================================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next t... Read more

6 more replies
Relevance 86.1%

I got a virus in my computer that is not allowing me to run certain programs to remove it. I can install malwarebytes and PCtools spyware doctor but when I try to run them after a couple of seconds the programs stop and when I try to run them again it gives me an error indicating that I don't have the permission to run that file. I need help in finding something that will allow me to get rid of this virus.I first noticed it when Internet Explorer would pop open randomly to various websites. I've done scans a few days ago and it removed something but obviously not the issue. Yesterday it shut down my anti-virus all together. Today i went to install a new anti-virus and Malware programs and a quarter way through the scan they shut down suddenly. I tried Microsoft's online scanner and their Malicious Software remover and got the same result. They both shut down. It would not even allow me to create a Highjackthis log. 10 seconds into the scan it too shut down. I have attempted all this is Safe Mode as well to no avail. I am running Windows 7 Ultimate. Thanks in advance for any help. The only thing i can think of at this point it to reformat which obviously i do not want to do. After reading around i see a few people have the same issue. I tried doing this -Welcome to BC We will need internet connection, or the ability to transfer files for this clean...RKill by GrinlerLink #1Link #2Link #3Link #4Before we begin, you should disable your anti-malware softwares you have installed... Read more

Answer:Virus preventing me from running scans.

If you cannot run MBAM or complete a scan in normal mode, then try performing a Quick Scan in "safe mode". Scanning with Malwarebytes Anti-Malware in safe or normal mode will work but removal functions are not as powerful in safe mode. MBAM is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact, MBAM loses some effectiveness for detection & removal when used in safe mode because the program includes a special driver which does not work in safe mode. Further, scanning in safe mode prevents some types of malware from running so it may be missed during the detection process. Additionally, there are various types of malware infections which target the safeboot keyset so booting into safe mode is not always possible. For optimal removal, normal mode is recommended so it does not limit the abilities of MBAM but sometimes there is no alternative but to do a safe mode scan. If that is the case, after completing a safe mode scan, reboot normally and try rescanning again.

1 more replies
Relevance 86.1%

Hi,
I have some kind of malware on my computer that won't let me run programs until I purchase their antivirus. I do have access to a Windows install disc, the one that came with my computer when I bought it.

Thanks for your help...

Here is the DDS log:


DDS (Ver_10-03-17.01) - NTFSx86
Run by Temp at 9:42:00.89 on Sat 07/31/2010
Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_20
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.2942.1943 [GMT -4:00]

SP: AVG Anti-Spyware *disabled* (Outdated)
.internal_links {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
}
2
SP: Windows Defender *enabled* (Updated)
.internal_links {
font-family: Arial, Helvetica, sans-serif;
font-size: 9px;
}
1

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Wind... Read more

Answer:Virus preventing me from running any programs

Welcome to TSF :)

Please download Malwarebytes' Anti-Malware from Here.



Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.


Extra Note:



If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.



===================================================

Download OTL.exe to your desktop.
Double-Click on OTL to run it.
When the window appears, underneath Output at the top change it to Standard Output.
Under the Standard Registry box change it to All.
Under Custom scan's and fixes section paste in the below in bold


netsvcs
%SYSTEMDRIVE%\*.*
%systemr... Read more

19 more replies
Relevance 86.1%

I have tried several suggestions on this web site to try and remove the virus, including running in safe mode, trying to run Malware Bytes off an external drive, etc., but without any luck. Since I am unable to run any scanners (have tried Norton, McAfee, Malware, MRT, and SuperAntiSpy), I finally ran the Win32KDiag utility, and am posting the log generated. Hope someone can point me in the right direction on how to get rid of this virus.

**************************
Running from: C:\Documents and Settings\Administrator\Desktop\Win32kDiag(2).exe

Log file at : C:\Documents and Settings\Administrator\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Found mount point : C:\WINDOWS\$hf_mig$\KB915865\KB915865

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB953838\KB953838

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\addins\addins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP18C.tmp\ZAP18C.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZA... Read more

Answer:Virus preventing scanners from running

Could someone please reply as to whether these types of request take some time to get a reply to, or did I do something incorrect in the way I posted my computer problem?

Thanks

3 more replies
Relevance 85.28%

I was browsing the net on Saturday & I recieved a scam message informing me that my computer was at risk & that I should download & install their anti Virus software. I didn't download the program but my computer still rebooted itself & the scam product somehow managed to install onto my Computer.

Since that incident I keep getting redirected, so I decided to run an AVG system scan in safemode & it found nine trojans within the system which were;

WIN32/CRYPTOR
TROJAN HORSE GENERIC14.ACPU
WIN32/CRYPTOR
TROJAN HORSE CLICKER.AAWS
TROJAN HORSE CLICKER.AAWS
TROJAN HORSE DOWNLOADER.GENERIC_C.AGL
TROJAN HORSE DOWNLOADER.GENERIC_C.AGS
TROJAN HORSE DOWNLOADER.GENERIC_C.ADR
TROJAN HORSE DOWNLOADER.GENERIC_C.ABK

Since that scan I'm now being prevented from running any form of system scan what so ever. I have downloaded these programs Malwarebytes' Anti-Malware, HijackThis, reglooks, Trojan Remover & OTS all of which have been shut down & i'm receiving this message from all, "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access this item.

Answer:Trojan Virus preventing me from running scan?

Hello and welcome. Some types of malware will disable MBAM (MalwareBytes) and other security tools. If MBAM will not install, try renaming it.Before saving any of your security programs, rename them first. For example, before you save Malwarebytes', rename it to something like MBblah.exe and then click on Save and save it to your desktop. Same thing after you install it. Before running it, rename the main executable file first***Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run..They mat not target this...Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.Please download Dr.Web CureIt and save it to your desktop. DO NOT perform a scan yet.alternate download linkNote: The file will be randomly named (i.e. 5mkuvc4z.exe).Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to ... Read more

7 more replies
Relevance 85.28%

Sometime in the last roughly 2 weeks I got a virus. Since then I purchases Norton 360 and tried to run a full scan without success. I talked with Norton's customer support and they advised that I have a specially malicious virus that is affecting Norton's ability to run properly but they could send me to their tech team and they can remove it for another $99.99. I feel like I paid for a product that promises to remove viruses and it doesn't so why invest more money into their services?

I've noticed that my computer is slowing down a great deal and Vimax male enhancement ads are on every website I go to and pop up while browsing. When I try to use Google, I click on a result and it redirects me to other search engines. I don't have expierence with figuring things like this out and don't know where to start.

I thought a system recovery would help but do not have the discs and cannot create them on the computer. I have Malwarebyte's Anti-Malware installed on my computer but it will not run or start up, could this virus be affecting this program as well?

Has anyone encountered this problem and know how to help?

Answer:Virus preventing Norton 360 from running properly

Hello and welcome to Bleeping Computer.Please subscribe to your topic so that you will be notified as soon as I post a reply, instead of you having to check the topic all of the time. This will allow you to get an email notification when I reply.To subscribe, go to your topic, and at the top right hand corner by your first post, click the Options button and then click Track this topic. The bullet the immediate notification bubble. Then press submit.Please install RootRepealGo HERE, and download RootRepeal.zip to your Desktop. Tutorial with images ,if needed >> [email protected]@KUnzip that to your Desktop and then click RootRepeal.exe to open the scanner. *Open the folder and double-click on RootRepeal.exe to launch it. If using Vista, right-click and Run as Administrator...* Click on the FILES tab, then click the Scan button.* In the Select Drives, dialog Please select drives to scan: select all drives showing, then click OK.* When the scan has completed, a list of files will be generated in the RootRepeal window.* Click on the Save Report button and save it as rootrepeal.txt to your desktop or the same location where you ran the tool from.* Open rootrepeal.txt in Notepad and copy/paste its contents in your next reply.* Exit RootRepeal and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighNote 2: If RootRepeal cannot complet... Read more

7 more replies
Relevance 85.28%

It appears as though a virus is preventing Malwarebytes from running, even in safemode.

I downloaded TDSSKiller.exe and there were 4 medium threats -- which are quarantined.

I also downloaded rKill.exe (see log below).

As a final attempt I downloaded combofix and the report is below, but I still can't run MBAM in safemode. Are there any experts that know how I can remove this virus...? Thanks.

------------------------------------------------------------

23:54:19.0399 5960 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
23:54:19.0664 5960 ============================================================
23:54:19.0664 5960 Current date / time: 2011/12/03 23:54:19.0664
23:54:19.0664 5960 SystemInfo:
23:54:19.0664 5960
23:54:19.0664 5960 OS Version: 6.1.7601 ServicePack: 1.0
23:54:19.0664 5960 Product type: Workstation
23:54:19.0664 5960 ComputerName: ERICANICOLE
23:54:19.0664 5960 UserName: Erica Nicole
23:54:19.0664 5960 Windows directory: C:\Windows
23:54:19.0664 5960 System windows directory: C:\Windows
23:54:19.0664 5960 Running under WOW64
23:54:19.0664 5960 Processor architecture: Intel x64
23:54:19.0664 5960 Number of processors: 8
23:54:19.0664 5960 Page size: 0x1000
23:54:19.0664 5960 Boot type: Normal boot
23:54:19.0664 5960 ============================================================
23:54:20.0959 5960 Initialize success
23:54:28.0415 3216 ============================================================
23:54:28.0415 3216 Scan started
23:54:28.0415... Read more

Answer:Virus is preventing Malwarebytes from running in safemode

I recently recognized that Firefox was hanging -- and the browser would not load a page? So I deleted Firefox and re-installed - the issue persisted.

So, I then attempted to run Malwarebytes -- and it runs for 1-2 seconds and then hangs -- saying "Not Responding."

I then have to restart my computer -- because it hangs my entire computer.

I tried running MBAM in safemode and the same error is occurring. Something is stopping MBAM from scanning and messed up my firefox browser?

Any suggestions? So confused...

3 more replies
Relevance 82.41%

Hi fantastic people!

I'm in a rutt and I need your help. My system is infected with malware because it's doing several things:

1) It started being awfully slow 2 days ago and it freezes on me any time I try to run any browser. And I regularly run super anti Spyware and malware bites so it cleans most things.

2) It paralyzes any anti virus software I try to run a third into its analysis then everything freezes and I have to restart my laptop.

3) I can't open any exe files I download whatsoever. I tried downloading adwcleaner but I couldn't even run the exe files or any other exe files at all.

4) Netflix started crashing on me for no reason and that was my first clue into finding out it's malware.

I already backed up all my files, pics, music, and documents. I am attaching a picture of TSG below because I'm sending this from my phone as I'm having all sorts of issues with my browsers crashing. I'm looking at buying a new laptop because I'm definitely due for an upgrade but I would like this one to run a bit longer if possible because I'm too busy to adjust to a new laptop now. Geek squad want $150 to clean it up. Any other alternatives?! Please help it's desperate!

Thank you so much in advance
 

More replies
Relevance 82.41%

Hi fantastic people!

I'm in a rutt and I need your help. My system is infected with malware because it's doing several things:

1) It started being awfully slow 2 days ago and it freezes on me any time I try to run any browser. And I regularly run super anti Spyware and malware bites so it cleans most things.

2) It paralyzes any anti virus software I try to run a third into its analysis then everything freezes and I have to restart my laptop.

3) I can't open any exe files I download whatsoever. I tried downloading adwcleaner but I couldn't even run the exe files or any other exe files at all.

4) Netflix started crashing on me for no reason and that was my first clue into finding out it's malware.

I already backed up all my files, pics, music, and documents. I am attaching a picture of TSG below because I'm sending this from my phone as I'm having all sorts of issues with my browsers crashing. I'm looking at buying a new laptop because I'm definitely due for an upgrade but I would like this one to run a bit longer if possible because I'm too busy to adjust to a new laptop now. Geek squad want $150 to clean it up. Any other alternatives?! Please help it's desperate!

Thank you so much in advance
 

More replies
Relevance 82.41%

Hi
My netbook had a serious fault last week which involved a new mother board being fitted under warranty. This was done by a reputable pc suplier. I am at the moment running Windows Xp Service pack 3. The computer started playing up bringing up various pop ups saying infiltration alert. It got so bad the computer was unusable. One alert said you computer is infected with "Baker Fox" Virus, "download this program to remove it". I didnt download, i Just rebooted. At this time i noticed i could not access the task manager. I tried to run a scan using my installed AVG virus scanner and it just says this program is infected and windows protection system has closed it down. After searching the internet for details of Baker Fox virus I downloaded via another pc Malwarebytes anti-malware program. I could not run this from the infected PC it just wouldnt run. Unless i rebooted into safe mode, Then it ran and found a few small errors which it fixed. The pop ups have now dissapeared but the internet connection via Internet explorer is very strange. It allows me to browse as normal but it wont let me down load any virus protection software, also my Google tool bar is missing when i try to install the tool bar again, it wont let me. A fried lent me a copy of Dr Web Curit. Which i tried to run, Again the computer didnt allow it to run unless it was booted into safe mode. Then again it found a few low risk problems and removed them. But the problem still remains.
Pl... Read more

Answer:Virus preventing virus programs running

Howdy there LyntonW and welcome to TSF Forums

I'm Steve and I will be helping you throughout this fix.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. It is IMPORTANT that you don't miss a step. Please perform everything in the correct order/sequence.

Vista users please make sure you all run commands with administrator rights (right click icon - run as administrator)

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription

Please note that the forum is very busy and if I don't hear from you within three days from this initial posting then the thread will be closed.

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

* Ensure you install the recovery console when requested

Please include the C:\ComboFix.txt in your next reply for further review.

6 more replies
Relevance 81.18%

I run Norton Anti Virus,Is there any benefit or problem if I also run Microsoft Security Essentials?

Answer:Running more than one antivirus program

Yes you will get problems.It is recommended that you only have 1 anti-virus program

5 more replies
Relevance 79.54%

hello,i was wondering if anyone could help me please?My computer is really messed up! Im having so many problems with it for example:my computer switches off whenever i run an antiv-virus program- the two i have tried are avira anti virus and malwarebytes malware removal. And then it restarts saying a serious error occured!A virus hijacks internet explorer and redirects me to other sites. Also theres like a radio station or something playing in the background but theres no window open for it.Home antivirus 2010 keeps downloading on my computer and i know for sure its a virus.If anyone could help me i would really appreciate it. Thank you

Answer:computer switches off when running antivirus program

Hello I am moving this from XP to the Am I Infected forum...Have you run Avira from Safe mode?Do you have the full message you get at shut down?Also try to run these from safe mode.Next run ATF and SAS:Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".From your regular user account..Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..DO NOT run yet.Open SUPER from icon and install and Update itUnder Scanner Options make sure the following are checked (leave all others unchecked):Close browsers before scanning.Scan for tracking cookies.Terminate memory threats before quarantining.Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.Now reboot into Safe Mode: How to enter safe mode(XP)Using the F8 MethodRestart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox or Opera ... Read more

3 more replies
Relevance 78.72%

Hello, I don't know if I am going to explain this correctly, but I will try my best.

I had my computer hijacked about a month ago by a fake antivirus program that changed my wallpaper and disabled my task manager. It was taken care of, or so I thought.

Recently, another program popped up, this time I actually found the file in my applications folder. I did not download it, and I don't know how it got there. I managed to write down the number that the file carries, 16847034, but after deleting that one, another has spawned in its place. I cannot figure out how they continue to spawn.

I have used Spybot, HijackThis, Malwarebytes, AdAware and CCleaner, all failing to purge my computer of this madness. I have not had any major problems yet, after managing to delete the file, but .dll value additions keep on popping up with Spybot S&D. I also have Sygate, and it's been helping to keep out what appears to be someone trying to hijack my computer and direct it to some billing site.

I also had the IE/Firefox popup problem, where a firefox browser would open with the IE name on it, as well as the fake program showing up on my taskbar and saying that I need protection. Also, whenever I started the computer, the fake anti-virus program would say that there was an infected sms.exe file, I believe. Then it would start to shut down all running .exe files. This happened ONLY when I was connected to the internet. After disconnecting, I was able to run the previously me... Read more

Answer:Fake Antivirus program that kills .exe running programs

16 more replies
Relevance 77.49%

Running Norton Antivirus 2005 pro OR AVG 7.0 pro?

Please post screenshot of your running processes.

The reason I need screenshots of your running Processes is because I suspect Norton AntiVirus 2005 uses less Memory than AVG 7.0 Pro.

If AVG 7.0 Pro uses more memory resources than Norton AntiVirus 2003 then IT IS TOO BAD TO BE TRUE!!!!

Guys I have recorded the followinfg services running when each of the 2 applications are running.

Norton AntiVirus 2003 (Not 2005 with updates).
----Service------------Mem Usage
NAVAPSVC.EXE________960 K
NPROTECT.EXE_______3,828 K
CCAPP.EXE__________9,576 K

AVG 7.0 Pro
----Service--------Mem Usage-----
avgamsvr.exe______13,108 K
avgcc.exe_________11,990 K
avgupsvc.exe______12,292 K
avgemc.exe________3,044 K
I am thinking seriously switching back to Norton.....

Please help guys....This drives me nuts. I read so many good things about AVG and so Bad things about Nortons (as a resouse hug) and this drives me nuts.

Thanks
 

Answer:Running Norton AntiVirus 2005? Screenshots of your running processes needed.

Sorry, I don't use AVG anymore,for the last year I have been using Avast antivirus and couldn't be happier.
 

3 more replies
Relevance 75.44%

how can I get a virus when I'm running Norton antivirus? I thought the antivirus program was supposed to stop the virus from coming into my computer... I just finished removing 20 viruses I update and scan several times a week, and found 20 this morning. Please comment?
 

Answer:Solved: got a virus while running antivirus!

11 more replies
Relevance 75.44%

Hello - I am a first time poster that is looking for some possible help before I unplug this computer and take it to the shop. I have a Dell 2350 (approx 3 yrs old) running Windows XP SP2. For the past couple of weeks, the computer has been running very slow and shuts down during any scans or programs running (ex. Ipod updates, virus scans,spyware scans, etc.), which means I have been unable to try to figure out what the problem is. I have been able to run Hijack this and have posted the results below: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:06:33 PM, on 11/24/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\savedump.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exeC:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\Iomega\S... Read more

Answer:Computer Running Slow - Shuts Down During Scans Or Program Running..please Help!

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.When posting your logs please post them directly into the reply. Do not attach them.Also make sure you have already followed the steps outlined below:Preparation Guide For Use Before Posting A Hijackthis LogThank you for your patience.

1 more replies
Relevance 74.62%

Good day, this is my first post as I am stuck. I apparently have an unknown virus as I have gotten e-mail rejected lately and Google has responded twice that I am sending outbond messages. I have been running AVG Free 2012 and all my microsoft pathes are done aoutomatically. I have tried to download and run AVG Free 2013 and AVG 2013 internet security both extract and stop. I have run Trend micro housecall 7.2 and after a 12 hour scan it deteched a problem and closed. Per the guide in bleeping computrer I am enclosing the DDS & GMER logs in hopes someone can find the problem.

Thank you for your help.

DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Bill Hiller at 20:07:59 on 2012-10-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3062.1386 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\ACT\Act for Windows\Act.Server.Host.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\... Read more

Answer:virus is stopping new antivirus programs from running

Please do the following:Download the appropriate version for your system of the Farbar Recovery Scan Tool and save it to a flash drive. (Choose the correct version depending on which architecture operating system you are using, 32bit (x86) or 64 (x64) bit)Plug the flashdrive into the infected PC.Enter System Recovery Options. To enter System Recovery Options from the Advanced Boot Options:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.Use the arrow keys to select the Repair your computer menu item.Choose your language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account and click Next.To enter System Recovery Options by using Windows installation disc:Insert the installation disc.Restart your computer.If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.Click Repair your computer.Choose your language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account an click Next.On the System Recovery Options menu you will get the following options:Startup RepairSystem RestoreWindows Complete PC RestoreWindows Memory Diagnostic ToolCommand Prompt[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select... Read more

20 more replies
Relevance 74.62%

I'm usually pretty good at bug fixing but this one is a real pain. I think the virus is called max++ or something like that

Cause - tried downloading a movie online, not sure what the site was

Effects -

Spybot has become a read-only file and is impossible to use. When I reinstall under a different name in a different folder it works until it is about to scan then shuts itself off and becomes another read-only file. The hidden .scr file cannot be located.

Clicking on unprotected links will redirect to random advertising websites like mom.com and other useless garbage. I have massive slowdown and the computer crashes all the time.

I tried downloading AVG and it located the viruses and trojans, said they were removed and after I rebooted it was the same problem as before. Except now when I use AVG is freezes up when it's about to scan the infected files. I could really use some help on this one. Can't seem to get anything working.

Here is the gmer.txt

Any help would be appreciated. Thanks in advance.

~Carl

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-10-22 17:47:16
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\CARLGR~1\LOCALS~1\Temp\fwryrpod.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwCreateKey [0xF847E0B0]
SSDT sptd.sys ... Read more

Answer:Virus prevents me from running antivirus software

Hi and welcome to TSF.

My name is Iain and I will be helping you clean your system.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your logs are clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Please do not install or uninstall any programmes, or run any other scanners or software, unless I specifically ask you to do so. Also please copy and paste logs into the thread, rather than add them as attachments.



Combofix
Download ComboFix from one of these locations:

Link 1
Link 2


and rename it to farmer.exe before saving it to your desktop.

Double click on the renamed ComboFix.exe & follow the prompts.
When finished it will produce a log at C:\ComboFix.txt for you
Please include the log in your next reply.

1 more replies
Relevance 74.62%

I am helping a friend with an infected computer. I realized the severity when it won't even allow HJT program to scan. I can't run Malwarebytes, do any online scan (keep getting redirected from sites. I am at a loss as to what tools/steps to use. Even in safemode, nothing will run that could help.
thanks in advance for any help.
 

Answer:virus stopping all antivirus tools from running

I found a few online scans that worked and slowly I was able to get to SuperAntivirus scan which found many problems. After doing that one, I was able to load AVG, Malwarebytes and HJT. So for now, back in business
 

1 more replies
Relevance 74.62%

Hello
I would be very grateful if you could possibly answer my question.

I have a new modern computer AMD 2.0 XP running Windows XP Professional.

If you close a program after running it and it appears to be closed but the task manager shows that it is running, what does this mean?

Does it mean that there is something wrong with the Software of the running program or is it a Windows System Problem?

I wrote a very easy program compiled in VB6 which after running I closed and does not show up in Task Manager. Everything is obviously ok.
However my other much more complicated compiled VB6 program after being run and closed, shows up as running in the Task Manager?

I just want to know what this means please.

Is there something wrong with the program I have made?
When you continue to open and close it, more icons of the running program are seen in Task Manager.
But none on the main normal bottom windows task bar, where the start button is.(Which I presume is correct)
Thanks

Gary.
 

Answer:After Running and closing my VB6 Program. Task Manager say's it is running?

Sounds like you have an active window somewhere although it is hidden. Put debug.print code in all of your form.load/unload events and run it in the debugger. Make sure you having matching unloads for each load.

Also, callbacks (like timers) may be the culprit. What does your application do?
 

1 more replies
Relevance 73.8%

The day before yesterday, I followed the guide on here to get rid of antivirus.net. I think I got rid of it, but my computer is still going EXTREMELY slow, and I have an annoying redirect virus on firefox. This is my only computer, and I depend on it heavily. How can I make sure that the redirect virus, and any other malware is completely gone? Oh, and AVG pops up every once in a while saying it found malware, but it won't let me quarantine it...and Malwarebytes' couldn't delete everything...need help!Sorry, I forgot to put the log on the original postDDS (Ver_10-12-12.02) - NTFSx86 Run by James at 21:42:16.29 on Tue 02/08/2011Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.959.148 [GMT -6:00]AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}============== Running Processes ===============C:\Program Files\AVG\AVG10\avgchsvx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\AVG\AVG10\avgwdsvc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Common File... Read more

Answer:Redirect virus after Antivirus.net, computer still running slow

Hello and welcome to the forums!My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.I would be glad to take a look at your log and help you with solving any malware problems.If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed. If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!These instru... Read more

27 more replies
Relevance 73.39%

Hello, and thank you in advance for taking the time to help me with my computer.
 
I share internet with my neighbor (he's in control of it) who is a computer whiz and he says he thinks my computer is running something that is causing problems.  I would attempt to fix it myself but I don't want to possibly make things worse.
 
I have 3 things in quarantine in my avast virus vault.
 
The only other thing I have noticed is when I open the chrome browser, after about 30 seconds, even if I am reading something scrolled down to the middle of the page, it will refresh (I think?) the page and bring me back to the top of the page.  Pretty irritating.
 
Help?!

Answer:possible virus or unwanted running program

Hello bebopbo and welcome -
Either empty or list the items in avast! Vault.
 
Time to "Bite the Bullet" with Chrome browser ........I have noticed is when I open the chrome browser <= Uninstall Google Chrome - Chrome Help This must be your first step.
Now use Internet Explorer -
 
Download Screen317 Security Check and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.Note:: If any security program requests permission to access the Internet, allow it to do so.
 
Next -
Please download MiniToolBox to Desktop to run it.
Checkmark following boxes:
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List Winsock Entries
* List last 10 Event Viewer log
* List Installed Programs
* List Devices (do NOT change any settings here)
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and post the result. (result.txt)
 
Next -
Please download and run RKill by Grinler.
 A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.
At most the tool will run for about 2 minutes.
 
Important: Do not reboot your computer until you complete the next step.
 
* Please download AdwCleaner by Xplode ... Read more

23 more replies
Relevance 72.98%

I installed Vista on my newly built computer, and it's been a month, my hard drive still runs everytime i turn on my computer until i turn it off non stop even thought there is no programming running. Can anybody tell me why it is doing such thing? i am afraid that i might have a broken hard drive. can anybody give me some advise on it? Thank you very much.
 

Answer:Hard drive keeps running even without program running.

7 more replies
Relevance 72.57%

When I start up my computer program usually fail and not respond, which I try get rid of the virus but it would not go away. any help?

Answer:Computer has running program problems and virus

Bump.

3 more replies
Relevance 72.57%

Hi there,

As I was browsing familiar websites on Firefox last night, the program shut down inexplicably. A "program" so-called "Privacy Protection" then popped up and began its "analysis" stating I was infected with numerous trojans and worms. One worm I recollect it informing of was titled "Win 32 Worm Blaster" or something of the sort. I then entered into Safe Mode, booted up Combofix and Malwarebytes by way of a USB dongle. I was unable to install Malwarebytes. The installation process continually ended with a "Access Denied" message. I then moved onto Combofix. I was able to generate a log with Combofix and it is available for posting if needed. I have since come to find, I shouldn't have ran either of these programs myself without professional guidance from the many helpers here at BleepingComputer. However, ever since Combofix ran its course, the so-called "Privacy Protection" program has been nowhere to be found. As well, I am now able to run a gamet of .exe's I wasn't previously enabled to. Cosmetically, it looks as if I'm in the clear. Though, I'd like to have my case examined thoroughly as to guarantee the problem to be gone and my computer clean as a whistle. I originally started a thread in the "Windows 7" forum. I was then instructed to do a run-through corresponding to the Preparation Guide. I have done so.

1. My data (of choice) has been backed up (to a USB dongle) by Co... Read more

Answer:False Anti-Virus Program Running

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/427443 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

43 more replies
Relevance 72.57%

I understand that running two anti-virus software in one pc can cause a lot of trouble.
I currently have zonealarm on my pc and I'm thinking about installing avg as well.
Would it work if,
1. I would only have one real time protection anti-virus protection running at a time. Most of the time I would be using zonealarm real-time protection and turn avg off. I would only turn avg on to install new updates.
Also, if I'm updating avg while having real-time zonealarm (anit-virus and firewall) on, would it cause trouble? (Just for updating avg, I would turn off avg after updating).

2. I would only have one anti-virus scanning my pc. For example, I would only use avg scanning my pc with zonealarm completely turned off.
After avg scanning, I would only use zonealarm to scan my pc with avg completely turned off.

Now, if I follow the prior two conditions, would it still cause trouble on my pc?

Thanks a lot.
 

Answer:Can I have two anti-virus program running under these conditions?

8 more replies
Relevance 72.57%

Hello.

For about two weeks now I have been battling several trojans/worms that have attacked my computer. I have managed to remove the majority but I'm still having one problem; I cannot update, run in real time or reinstall my Symantec Antivirus program. Every time I attempt to reinstall my antivirus program I have a window pop up saying my computer will shut down in 60 seconds; it also says I initiated this shutdown sequence. I usually use to Mozilla Firefox but I did use Internet Explorer about two weeks ago to view some sports videos on Yahoo Sports (the videos could not be opened with Firefox). Ever since I used IE my computer started acting weird; pop up ads all over the place, additional browser windows opening and my task bar disappearing. All those problems have been fixed except the problem of my antivirus.

Thanks ahead of time for your help!

Best,
Erika
 

Answer:Malware Preventing the Reinstallation of Antivirus Program

Attached is my MG log....
 

4 more replies
Relevance 72.57%

hi,

to begin with i have followed the five steps suggested before posting.

The symptoms are:
1) In normal mode when try to run anti-virus software (hijackthis, adaware etc) it immediately closes. I can run in safe-mode only.
2) In normal mode when i visit any antivirus website (this one included) my browser (firefox 1.5) is closed automatically, otherwise i can use it.
3) In safe mode some of the NT windows services will not run (critically the ones required by windows update)

The steps I have taken so far:

1) Ran adaware with vx2 plugin in safe mode and removed adaware. Now performs clean scan.
2) Ran trendmicro homevisit from safemode, it came up clean.
3) Ran hijackthis in safe mode and got the following log:
4) tried to run windows update but as mentioned can't start the required ntservices in safe mode.

Please help!!! As suggested I will await your advice before taking any further steps.

Any help will be greatly appreciated.

Raymondo



################################################
################################################

Logfile of HijackThis v1.99.1
Scan saved at 13:01:38, on 12/09/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\wrappers.... Read more

Answer:Nasty Virus that stops me from running antivirus software (including hijackthis)

Hello raymondo, and welcome to TSF.


I am currently reviewing your log. Please note that this is under the supervision of an expert analyst,
and I will be back with a fix for your problem as soon as possible.

You may wish to Subscribe to this thread (Thread Tools) so that you are notified when you receive a reply.

Please be patient with me during this time.

3 more replies
Relevance 72.16%

Hi all im having problems trying to install sage accounting everyime I try to install it I get the message the SQL server configuration checker cannot be executed due to WMI configuration on the machine error:70347 (0x112cb). Im tearing my hair out i found a batch file on the internet but this didnt work tried using the wmi diagnostic utility but didnt really have a clue what to do I am pretty crap when it comes to the technical side of things and just need some help. any help would be greatly appreciated could I just remove the wmi and replace it or would i need to reinstall windows ?
 

More replies
Relevance 72.16%

I have an interesting problem:

I want to use a trainer for a game I'm playing. It's the only one I've been able to find but my antivirus is saying there's a key logger imbedded in it or some other kind of spyware.

If I run the trainer from a sandbox program, will it prevent the spyware from infecting my system?

Answer:Preventing key logger from running

I'd just not run it at all to be on the safe side. Yes you probably can get away with it using a sandbox program but, why take the risk? I'm sure there are plenty more programs like it that aren't infected.

2 more replies
Relevance 72.16%

Hello all. 
 
First, let me say thank you for what you all do! Second, I'm sorry if the description of the problem is not ideal. I'm helping my mother in-law and I wasn't around when this started. 
 
She texted me saying she got a pop up on her machine saying along these lines "Windows Firewall Infected..BSOD....." I told her I would be home in a bit and would call her. Well she decided she would save me the trouble and call the 1-800 number that the pop up displayed.... Yup....I'm banging my head on the desk. 
 
She said some guy dialed into the PC and started a scan. My father in-law told her that this probably wasn't a good idea and told her she should hang up.
 
By the time I got to the PC there was some remote support session in progress that I killed. Firefox was now the default browser and homepage was Rescue by LogMeIn. 
 
Now AVG won't run so I'm assuming something is preventing it from running. Ran Malwarebit Anti-Malware and it didn't detect any threats? 
 
So I'm following the instructions you provided. Ran the Farbar tool and FRST log in below and the Addition file is attached. 
 
Again, THANK YOU!!!! 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-09-2015
Ran by Rita Bailey (administrator) on RITABAILEY (14-09-2015 21:10:12)
Running from C:\Users\Rita Bailey\Downloads
Loaded Profiles: Rita Bailey (Available Profiles: Rita Bailey)
Platform: Windows 7 Professional Servic... Read more

Answer:Infection Preventing AVG From Running

Looks like the Addition file didn't attach to my original post. Sorry about that. 

16 more replies
Relevance 72.16%

Hello,
Win 7 computer, when I try to run a program getting a constant user account control message wanting to run "lgb.exe" from unknown publisher... when I say 'no', it goes back to win explorer file listing.... searched and could not find the lgb.exe file anywhere... it also pops up by itself... so at the moment I have 8 blinking win 7 shields and cannot run anything. ideas?
Yodel99
 

Answer:LGB.exe preventing prog running, win 7

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Pleases follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide


and attach the requested logs when you finish these instructions.

**** If something does not run, write down the info to explain to us later but keep on going. ****
Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.


After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
Helpful Notes:


If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

Starting your computer in Safe mode

If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
If you cannot seem to login to an infected user account, try using... Read more

24 more replies
Relevance 72.16%

Hi all, each time I run an antivirus program, scan my c: drive for infected files, which I have. However, when I quarantine or delete these supposedly infected files, it disconnects my Lan Connection and I cannot renew my IP address. Anyone have the same problem or know how to fix this issue?

Answer:Running Anti Virus Program Deletes my LAN Connection

What have you done to restore you internet connection? It is possible that a system file has become infected...

2 more replies
Relevance 72.16%

I want to use Windows Defender, it allows me to use it for the virus and spyware definitions part but it says the real time protection is handled by another AV program. I've checked, I have no other anti-virus program installed or running. I've checked running processes and see nothing and have looked at Revo Uninstaller and see no anti-virus program running.

How can I see what my computer thinks its running for real time protection?
 

More replies
Relevance 72.16%

I have deleted (uninstalled) Norton Anti Virus and have activated the Freedom Security Antivirus program with Telus. Had problems activating it. Finally activated it but haven't been able to do an anti-virus scan. It only scans about 2832 files I have 28385. It is getting hung up in Restor/Archive/FS909.CAB or there abouts.

I receive Error CSSCAN32.DLL wich is located in Program Files\CommomFiles\Command Software

My Questions

Should I delete this file? Maybe its a file from Norton that is conflicting with the new anti virus program.
Does it need to be repaired?

I told the Telus Tech support guy that I have had some RUNDLL32 error messages come up on my computer before. He told me that it is a serious problem. Can I some how fix this. I havn't had that error messege for a while.

Please Help I really need to get an Anti-Virus program up and running.
 

Answer:Error CSSCAN32.DLL Please Help I have no Anti-Virus program running!

have you ever used f-prot anti virus because csscan32.dll is part of that program,
 

3 more replies
Relevance 71.75%

You need to run the beta Marlwarebytes mbar.exe root kit file... link listed below.Some of the virus / trojan horse files are cte, netutils2016 c:\windows\system32\tprdpw64.exe, new folder called ntuserlitelist with two unwanted executables datatupexe and svcmx.exe, X38DP934Y.exe, winvmx client and vmxclient.exeThere is only 1 fix to this problem. Everywhere you search online, you will read instructions about booting to safe mode then... or uninstall reinstall...No. Most computer savvy ppl locate the executable files that are not suppose to be in their pc but can't figure out why they can't remove them, why anti-virus software won't delete them or even run and why they their pc is blocked from even downloading any form of anti-virus software.Here is the problem and the fix:Problem is not the executables. Problem is two .zip files in the system32/temp/ folder and if you notice, you are blocked from deleting these files even if you manage somehow to delete the executables.If you still have any anti-virus software on you pc it sometimes catches the executables but because most ppl don't know to make sure their software is set to check archive files and zip files are in that category, the system32/temp/ zip files are still there.So here is lies the problem: everytime you restart your pc, these zips files are going to activate and the problem starts all over again.The fix, to my surprise, after talking to Microsoft, AVG, Macffee, Norton, Avast and other smaller companies actually ... Read more

More replies
Relevance 71.34%

Please help! An unknown infection is preventing programs from running on my PC; ie: Malwarebytes, etc.
Windows 7 64bit OS.
Thanks for any help with this dibilitating problem.
L J Mac

Answer:PC infection preventing programs from running

-- Some types of malware will target Malwarebytes Anti-Malware and other security tools to keep them from running properly. Other types of malware may delete the main mbam.exe executable file during installation or when attempting to perform a scan which results in various errors. If that's the case, please refer to the suggestions provided in For those having trouble running Malwarebytes Anti-Malware for using Rkill or downloading a renamed version of mbam.exe. Do not reboot after running Rkill. Immediately after running this tool, you need to perform your scan with Malwarebytes Anti-Malware.Note: You may have to make repeated attempts to use Rkill several times before it will run as some malware variants try to block it. If you get an alert that Rkill is infected, ignore it. The alert is a fake warning given by the rogue software which attempts to terminate tools that try to remove it. If you see such a warning, leave the warning on the screen and then run Rkill again. By not closing the warning, this sometimes allows you to bypass the malware's attempt to protect itself so that Rkill can perform its routine.

6 more replies
Relevance 71.34%

I seem to have a particularly pernicious bit of malware that I can't shift.

"Live Security Platinum 3.6.1" is showing in my taskbar, and keeps feeding me fake alerts.

I foolishly googled a "fix", which i suspect is just yet more malware.

I can't follow any of the general fixes because it's blocking almost every .exe from running.

Judging by the lost keystrokes as i type, i suspect there is some kind of keylogging afoot here too.

Help please!

I have older versions of some of the recommended tools installed if that helps - although can't find a way to update or run them... any ideas?

I'm on Windows Vista.
 

Answer:Malware preventing .exe files from running

OK I managed to find a rogue .dll... deleting it let me run .exes again.

I've had a bit of a mixed bag with the recommended utils though.

Hitman blue-screened for me twice in a row, and MBAM crashed during fixes the first time.

I've attached a transcript of what was in the window when MBAM crashed (although some of it's not very helpful because the full filepath wasn't displayed in the window when it became unresponsive) - and a log from when it ran OK the second time.

Any advice?
 

8 more replies
Relevance 71.34%

Like 7 or 8 web pages open, plus winamp, P2P, msn, couple folders, is that too much? It brings my internet speed to a snail
 

Answer:Any way of preventing the comp. to lag when running several aps at same time?

9 more replies
Relevance 71.34%

Attempting to follow the XP cleaning procedure, and none of the tools will run except MGTOOLS, which did run to completion and generated the zipped file.

Symptoms are: both IE and Firefox either redirect or deny finding websites. For example, cannot get to windowsupdate.microsoft.com--instead, browser is redirected to findstuff.com when I attempt to click on Google search result which points to windowsupdate.microsoft.com. Attempting to go directly there results in a 'page not found' error. Same is true for symantec.com or Mcafee,com.

Spybot did install, but when I run it, it loads a 3MB process I can see in task manager, but never opens.

Superantispyware will not install. Even after renaming the executable, it crashes with the "SUPERAntiSpyware Free Edition has encountered a problem and needs to close. We are sorry for the inconvenience" error, which pops up and asks if I want to send the error report to Microsoft.

Combofix opens the "do you want to run" window, but never continues when I tell it to.

Malwarebytes' Anti-Malware -- same thing: when I click to run it, nothing happens.

One detail: Netscape Navigator appears unphased by the malware. So, I do have a working browser for some web access (Microsoft insists on IE, so I cannot use windowsupdates via this browser) on that computer.

I am attaching the mglogs.zip file.

One other note: I am actually conversing from a clean machine. I am running logmein to access t... Read more

Answer:Malware's preventing most tools from running

Let's start with this:

Click Start > Control Panel > System > Hardware > Device Manager > View > Show Hidden Devices.

* Scroll down to ?Non-plug and Play Drivers? and click the plus icon to open those drivers.
* Then search for TDSSserv.sys
* Let me know if you find this or not.
* If you do find it, right click on it, and select Disable. Do not try to uninstall it.
* Also if this is found and you disable it, then reboot and see if you can run the other scans that would not run.

Use add/remove programs to uninstall:
J2SE Runtime Environment 5.0 Update 10"
J2SE Runtime Environment 5.0 Update 11"
J2SE Runtime Environment 5.0 Update 9"
Java 2 Runtime Environment, SE v1.4.1_02"
Java(TM) 6 Update 2"
Java(TM) 6 Update 3"
Java(TM) 6 Update 5"
Java(TM) 6 Update 7"
Java(TM) SE Runtime Environment 6 Update 1
Viewpoint Media Player

Now use windows explorer to find and delete:
C:\Documents and Settings\Julia\Application Data\MJUSBSP
C:\Documents and Settings\Julia\Local Settings\Application Data\tjnet

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file and any other logs you can run ( remember to try the in safe mode).
 

3 more replies
Relevance 71.34%

Hi there. I hope someone will be able to help me.

I have a Gateway GT5654 PC with Vista Home Premium 32-bit.

I was looking for the latest episode of Glee, but when I couldn't find it for download in the usual place, I googled to find a streaming version. (Turns out glee hadn't aired the most recent episode because of baseball, hence why I couldn't find it.)
I found a site that said I could watch glee episode 9, but I had to install a program to watch it - which I knew was a risk, but I stupidly thought I would be able to manage the problem if it was malware - and I took the risk.

Almost immediately while it was installing, AVG alerted me that a trojan had been found. I stopped the installation through task manager.
I looked at the programs installed, but didn't recognize anything new.

I ran ccleaner.
Then I ran AVG. It had a few results along the lines of:

Spyware.Generic.CE
Tojan horse Dropper.Generic.BDQF

\\?\globalroot\Device\_max++>\562e5318x86.dll
C:\ProgramFiles\Java\jreb\bin\jusched.exe (2436)
C:\Programfiles\AcousticsMixcraft4\patch.exe

It said I had to be a power user to remove them - I ok'd this, but then it said it wasn't able to remove them, something along the lines of the file location doesn't exist.

So I started the malware removal process. I ran ccleaner from all accounts, disabled user accounts, made sure hidden files were visable, etc.

I tried to run SUPERAntiSpyware Free Edition. It lo... Read more

Answer:Trojan dropper preventing AV from running

The remaining blacklight logs.
 

13 more replies
Relevance 71.34%

I should be posting this in the VTS&M removal logs forum, but I'm under kind of time crunch. My client cannot wait more than a few days to get their computer back, and I know the VTS&M forum is backed up. So, as a last resort before wiping and reinstalling, I'm looking for some help from you gurus out there.

This PC is running Win XP SP3 fully updated. It is an eMachines W5233. He brought it to me complaining that it was very slow and kept popping up a System Check program that he didn't download. The entire desktop was hidden and nothing could be installed. Below are the steps I've taken yesterday and today in as close to an order as I can put them: (MBAM, SAS, and aswMBR logs can be shown if needed)

1. Booted into safe mode and ended the System Check process in order to remove that program.
2. Had to run Unhide software to get the desktop icons back.
3. MBAM had to be ran in safe mode without updating first and it found nothing.
4. SAS found nothing but tracking cookies.
5. Roguekiller found some stuff and cleaned them. After that, MBAM ran and found some more.
6. Eset online scanner found 14 more items.
7. SAS found 480 items.
8. After looking at some of the items found, I ran Combofix just to see if it would find anything. Combofix starts and after about 5 minutes pops up with "You are infected with Rootkit.Zeroaccess in the TCP/IP stack. This is a particularly difficult infection to remove.....etc." Clicking OK clears that window until... Read more

Answer:Rootkit is preventing scanners from running

Did you try?FIXTDSS

13 more replies
Relevance 70.52%

Hello, I have been trying to unistall AVG all morning but it can't complete as there's a installation running, but to my knowledge there isn't another one running and I can't work out what it is? It's not a problem with AVG as iv'e tried unistalling other programs and they say there's a installation running to. Anyone got any ideas how to stop this mystery installation? Thanks

Answer:Unknown Installation Running, Preventing Installs

Try this.

Right click on the window in the bottom left of your screen; or right-click on the task bar and open Task Manager. Look down the processes tab for AVG. Right-click to "end task. " It will give you a warning. Ignore it and end the task. Now try the uninstall.

If this doesn't work, check out this post here: Windows 10 & Antivirus Software

1 more replies
Relevance 70.52%

Hi
 
I have made the same post in the Am I infected? thread four days ago but haven't received any help..and I urgently need help.
 
Problems began over a week ago when the computer suddenly started running slowly, particularly during start-up and often prevented the use of applications or programs. I ran ScanDisk and Defrag but this only temporarily fixed the problem. Next, I ran Malwarebytes and it found approx 25 issues. It requested that I reboot to fix everything but after rebooting, BSOD appeared and windows wouldn't start up, even when start up repair was attempted. It only boots up  to the starting windows logo before BSOD appears.
 
The computer is running windows 7 64-bit, approx 2 years old and doesn't have a CD/DVD drive. 
 
Please help!
 
 
Thanks
 
 

Answer:BSOD preventing start up after running Malwarebytes

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/505008 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

2 more replies
Relevance 70.52%

Hi
 
Problems began a week ago when the computer suddenly started running slowly, particularly during start-up and often prevented the use of applications or programs. I ran ScanDisk and Defrag but this only temporarily fixed the problem. Next, I ran Malwarebytes and it found approx 25 issues. It requested that I reboot to fix everything but after rebooting, BSOD appeared and windows wouldn't start up, even when start up repair was attempted.
 
The computer is running windows 7 64-bit, approx 2 years old and doesn't have a CD/DVD drive. 
 
Please help! I don't know what to do next..
 
 
Thanks

Answer:BSOD preventing start up after running Malwarebytes

This topic reported and will be respond soon.
 
Thank you.

25 more replies
Relevance 70.52%

Link to original topic:Original postProblem Description: Was trying to access Gmail and getting an error that cookies were not enabled. I tried the suggested fixes but it didn't work. Finally, concluded that a virus might be the issue. I ran malwarebytes (Quick Scan) and it found a trojan which it quaranteened. Since it found something on quick scan, I then decided to run a full scan. Six minutes into that scan, the computer rebooted and since then, I can't run any programs. What happens is that when I double click on a program, the cursor will show busy for 5-10 seconds, but the program won't load. I booted into safe mode and I still could not run any programs (cursor would show busy for a few seconds but nothing would load). I was able to restore the computer to a point about a week ago, but problem continues after restore. I have tried other restore points but none of the other restore will complete successfully. My operating system is Win 7 home premium. Computer is Dell studio XPSWhat I have done so far: As suggested I have reviewed the prep guide. I cannot post the DDS logs because the program won't run. I downloaded DDS tool to a flash drive from a working computer and copied it to the desktop of the infected computer. When I double click on DDS tool, the cursor shows busy for 5-10 seconds, but the program does not run (similar to any other program I try to run). I tried running it in safe mode and it fails in safe mode as well.

Answer:Windows 7 - Infection preventing programs from running

tds1, to Bleeping Computer.My name is Jason and I'll be helping you with your computer problems. You can call me by my screename jntkwx or Jason is fine.Ground Rules:First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance. Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
When you post your reply, do not use the button but use the button instead.
In the upp... Read more

3 more replies
Relevance 70.52%

Well, I have some weird spyware that doesn't do popups but keeps adding ad banners to any web page I go to, and it's preventing me from running any anti spyware programs as well as deckard. As soon as I run dss.exe it errors out a minute in. I tried re-dling as well as restarting, but it still errors. Here's the HJT log, I have the pandascan log too but the other post said not to attach anything unless requested. Any help is appreciated.




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:53:16 PM, on 6/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Microsoft IntelliPoint\point32.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Common Files\AOL\1208840104\ee\AOLSoftware.exe
D:\Program Files\PowerISO\PWRISOVM.EXE
D:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\AOL 9.1\waol.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
D:\WINDOWS... Read more

Answer:Spyware problem, preventing deckard from running + HJT log

Bump.

12 more replies
Relevance 70.52%

Thanks for any support you can offer me. 
 
I have attempted to follow the instructions in BleepingComputer to remove the Internet Security preventing me from opening any programs.  The problems still exists.  I ran the TDSSKILLER program and it still persists.  I do have malware installed and the RKill program.  However the Internet Security program keeps popping up indicating the computer is infected and will not allow any programs to operate.
 
 
DOWNLOAD of DDS TXT
 
DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.6001.18702
Run by Troy at 7:04:08 on 2013-06-11
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\MICROS~4\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3196716
uSearch Page = hxxp://www.google.com
uProxyOverride = 127.0.0.1;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: WiseConvert Toolbar: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - c:\program files\wiseconvert\prxtbWis2.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61... Read more

Answer:Internet Security Preventing any Programs from running

Hi there,my name is Marius and I will be assisting you with your Malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.   Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)Run FRST. Don´t change one of the checkboxes and hit Scan. Logfiles are created on your desktop. Poste the FR... Read more

4 more replies
Relevance 70.52%

Hi Everyone,

Would someone please tell me why my computer runs a file check on a drive each time the computer boots? I have 3 physical hard drives, C:, D:, E:, and each time the computer boots it checks the E: drive for errors. I have no scheduled tasks running, so how can I prevent the file check?

Thanks.

Byn
 

Answer:Help preventing XP Pro running file check on boot up.

9 more replies
Relevance 70.52%

It appears that my desktop PC is infected with some malware/virus which is preventing my malware diagnostic/cleaning tools from running. When I try to run MBAM or Spybot, I get the Windows message "Windows cannot access the specified device, path of file. You may not have the appropriate permission to access the item". When I run Avira, it goes all the way through a full system scan, identifies about 13 infections (including ZLOB etc), then just crashes.

I've tried booting in safe mode then running the tools, but I get the same result.

I've also been getting inconsistent boot-up, the occasional blue/black screen and sometimes the PC won't boot at all unless I power off and on again (sometimes twice!!).

I followed the Preparation Guide, downloaded DDS, but when I tried to run it, it just sat there, cursor blinking but no reports, even after 15 minutes. I also downloaded RootRepeal and tried to run it, but it also crashed immediately.

I would greatly appreciate your expert help with this.
Hazmat99

Answer:Infection preventing malware tools from running

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

3 more replies
Relevance 69.7%

I've followed the Prep Guide but have been unable to get DDS to run despite repeated attempts. I've also tried to run Root Repeal several times without success. I then downloaded RSIT. Here's the log file:
"Logfile of random's system information tool 1.06 (written by random/random)
Run by GREG GOODFELLOW at 2010-01-04 15:32:45
Microsoft Windows XP Professional Service Pack 3
System drive C: has 52 GB (34%) free of 153 GB
Total RAM: 1015 MB (28% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\OGADaily.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\... Read more

Answer:Infection Preventing Malware Removal Tools from Running

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner ... Read more

15 more replies
Relevance 69.7%

For some reason, whenever windows 8.1 updates, internet explorer stops working. Every time I try to get on the internet, I just keep getting a message that 'this page cannot be displayed'. Skype still works, so the problem seems to be internet explorer itself.

I have decided to switch to google chrome to fix the problem, but I can't do so without getting on the internet.

I would like to restore the computer to a point in which it worked, and I have one restore point which I'm certain will work, but the problem is, immediately after restoring, windows automatically updates, which kind of undermines the entire purpose of the restore. I have tried changing the update settings so it will restore without updating, but as soon as the system restores, my changes are undone and windows then proceeds with the stupid updates.

I just want to get on the internet somehow to install google chrome! (and no, I can't just copy and paste from the computer I'm currently on because this one has windows 7).

Any ideas?

Thanks,
smile puppy

Answer:Windows Updates Preventing Internet Explorer from Running!

Unplug your router, then do your system restore. You then have as much time as you need to configure Windows Update not to auto check.

2 more replies
Relevance 69.7%

Hello, I am writing for help on solving an issue on my friends computer. He must have downloaded a single bug which hijacked his internet and began downloading multiple viruses/malware. I was able to remove a good number of them with the a squared free scanner, but my problem is that when I read all the suggestion guides and forums people were asking for HJT logs and HJF logs. I have had minor success with this and many 'cleaner' programs listed, because I am pretty sure the bug is preventing these tools from scanning and identifying all the appropriate files. I have downloaded almost every single tool onto the laptop I am typing from, renamed, copied to a flash drive and then copied to the infected system, yet the infection still continues to identify these programs and kill them before I am able to see the GUI load up, or the scan to complete (or even get close, the bugs seem to squash these programs in their tracks as soon as an infected file is identified and attempted to be deep scanned. I am trying normal scans right now as was suggested in the 'read first' post.I have tried deleting the offending reg keys and files with no real success. the programs tell me that the files and keys have been removed yet the infected files are still hiding and are definitely still doing their dirty work.Since I was unable to produce an HJT or HJF log, and your guide said not t until asked for one I am just going to post the names and locations of identified files discovered by a squared.... Read more

Answer:multiple trojan infection preventing log tools from running

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

2 more replies
Relevance 69.7%

Playing game in full screen mode my PC froze. I could not get back to desktop using alt-tab. After 45 minutes of inactivity I powered down PC and restarted. After the user selection menu and entering my password I got a dialog box entitled 'Windows Product Activation' The text inside was 'a problem is preventing windows from accurately checking the license for this computer. error code 0x8007005' Clicking on OK takes me back to the user menu, selecting either user, one password protected and one not gives the same error.No new software or hardware. Genuine Windows XP Home Edition fully up to date. Had PC from new - TINY Pentium4 3GHz.  Everything is on motherboard apart from Video Card which is a NVIDIA GeForce 5200FX which has been fitted and working for 2 years. Problem also occurs if this is removed.Optional Information: Computer OS: Windows XP HomeBrowser: IEMicrosoft Knowledge base does not list this error number.Starting in Safe Mode works sometimes and everything on the drive appears accessible.Starting in Safe Mode with networking requires windows license to be registered and needs to reboot in Normal mode to register.I removed the hard drive and placed in a second pc to retrieve all my documents so I could reload Windows.  Chkdsk showed no fault and no virus was found.I have tried the provided ?Restore? CD but cannot use it as I get an error message about BIOS Lock and to consult the manufacturer (TINY) who unfortunately ceased trading s... Read more

More replies
Relevance 69.29%

Hi, i got virus that is preventing everything. Anti-virus and the internet. i tried some virus removers but none work because the virus says that the programs are infected. i mean Everything. even the space pinball that is under the game section of the windows xp applications. i need help!

Answer:antivirus preventing virus

Here you have to Install any one good anti-virus and, You must run a virus scan in Safe mode, because the virus worm might be running in the background, and you cannot remove it unless the computer is in Safe mode where no applications are running.1.) Restart your computer and start-up happens quickly. When you see the first screen when your computer is rebooting, hit "F8" key. 2.) Select "Safe Mode" from the list of options. This will take you to a desktop that looks very different from your regular desktop. 3.) Run the virus scan. When any virus worms are detected, place them in quarantine or delete them. If you are unsure what to do or what the virus is infecting, always select quarantine.4.) Allow the scan to run through everything, and then return your computer to normal operating mode if the software does not prompt you to do so. Simply restart the computer to return to normal operating mode.5.) Reconnect your computer to the Internet and check with the anti-virus software's publisher to make sure you have the latest updates. If not, download them now6.) After updating the anti-virus software, run it again until your computer comes up clean.7.) After the above steps, download and run good Anti-Malware, adware, trojan remover softwares like Malwarebytes, remove it pro, hitman pro, or trojan remover etc..Performing this will clean your system.Kindly get back us the result to assist you further.Thank you :-)Regards,PCS365_3ISHA KRISHNA KPBangalore.

5 more replies
Relevance 69.29%

Hi,
im running a Win98, and im sure i have a virus or spyware on my computer, because it is running so slow, and when i go on the internet, i can only get on it for a limited amount of time, then i have to restart my computer so that i can get on the internet again, because something is stopping me.
Anyway, i can't find out what it is, i have run norton antivirus and spybot and adaware.
So does anyone have a structure on the Win98 OS (a folder/file structure of what it is like when it has been rebuilt) I don't have the time to rebuild it, so i will have to go through each individual folder, and a structure would really help!
 

Answer:Running Win98, have a virus/spyware or something running

6 more replies
Relevance 68.88%

Hi there, when trying to install an application, I get a pop up saying: 'Error 1500. Another installation is in progress. You must complete that installation before continuing this one.' On a separate occasion, AVG performs an auto update and basically says the same thing: 'Update has detected running installation. Complete that installation before starting update.' Not sure if that is relevant but, I installed Windows 10 several weeks ago and performed a virus check with AVG after the fact, which was successful in finding and securing two trojan horses. I have gone through all tasks and found nothing that is performing any sort of installation that I can see. Any help would be appreciated.

More replies
Relevance 68.47%

I can't download anything at all ! I tried using a antivirus Cd but that's not working either. I also tried going in safe mode but no luck! How can I get rid of this nasty virus?Mod edit ,moved to the Am I Infected forum.~~boopme

Answer:Virus preventing antivirus download!! Help please!

Hello, you have tried safe mode with networking?Try getting these from another machine. Put them on a Flash Drive and run from there.Download FixExec.exe to your desktop.Double click on the downloaded file to run the fix.When the program has finished, it will generate a log on the desktop called FixExec.txt.Post the log in your next reply.NOTE: If for any reason you're not able to execute FixExec.exe rename it to FixExec.com, FixExec.pif or FixExec.scr....Please download Rkill by Grinler and save it to your desktop.Link 1Link 2Double-click on the Rkill desktop icon to run the tool.If using Vista, right-click on it and Run As Administrator.A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.If not, delete the file, then download and use the one provided in Link 2.If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.If the tool does not run from any of the links provided, please let me know.Do not reboot the computer, you will need to run the application again....Malwarebytes Anti-Malware Free and Malwarebytes Chameleon----------Download Malwarebytes Anti-Malware Free and save it to your desktopDouble click the desktop icon, click Run, then OKClick NextSelect I accept the agreement then continue to click Next then finally click InstallUncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish... Read more

7 more replies
Relevance 68.06%

Hi everyone,

I got a virus/malware of some sort the other day after downloading what i thought was a book.. -.-

Basically, this virus/malware (not sure what it is..) prevents some antiviruse programs from running, I had Microsoft Security Essentials at first, but this got disabled and I couldnt use it so i downloaded AVG which installed fine, but wouldn't lauch, Windows Defender was also prevented from functioning.

But Antimalware bytes and Kaspersky seem to work fine and i removed several viruses/malware with them, though the problem still persists and Windows Defender/Microsoft Security Essentials still won't run!

Spybot search and destroy can scan, but when it gives me the option to remove the infections, an error occurs and says i need admin rights to do this (even though i am on an admin account..)

I would try to remove the virus through safe mode, but i cant get onto it! A message pops us saying something about the screen not being compatible or something

I was thinking of using ComboFix since it worked for me last time i had a serious virus, but im not sure i should use it since they say yo only use it with supervision from a PC pro..

Any help would be much appreciated!

Edit: Rkill didnt work, it just said "The system could not find the path specified"

Answer:Virus/Malware preventing my antivirus from working! Help please!

Hello,Please follow the instructions in ==>This Guide<==. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Orange Blossom

2 more replies
Relevance 68.06%

Referred from here: http://www.bleepingcomputer.com/forums/t/539882/virus-preventing-antivirus-download-help-please/ ~ OB
 
In response to:
 
 
Not good.. We need a deeper look at this machine..
Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
 
 
I can't run the tools

Answer:I can't run the tools/Virus preventing antivirus download

DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16545Run by Dree at 10:24:57 on 2014-07-09Microsoft® Windows Vista™ Ultimate   6.0.6002.2.1252.1.1033.18.3325.1872 [GMT -4:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\Ati2evxx.exeC:\Windows\system32\SLsvc.exeC:\Windows\System32\WUDFHost.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\Ati2evxx.exeC:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exeC:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\ATT\8.3.0.34\ma\bin\MAHostService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\ATT\8.3.0.34\ma\bin\node.exeC:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exeC:\Program Files\Dell Printers\Dell 1355 Multifunction Color Printer\Status Monitor\dlp1Adb.exeC:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exeC:\Program Files\iolo\Common\Lib\ioloServiceManager.exeC:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files\Common Files\Motive\pcCMService.exeC:\Program Files\Common Files\Motive\pcServiceHost.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskeng.exeC:\... Read more

more replies
Relevance 67.24%

I am running Windows XP sp3.  I have a virus that is preventing firefox and IE from accessing online virus scan site, such as trans micro and kaspesky.  I found another thread describing similar problems and I followed the steps recommended in it as far as I could.  When the virus first hit my computer, McAfee did recognize the threat and tried to delete it, but for some reason it wasn't able to, it told me to manually remove it from Add/Remove Programs, I tried but I couldn't get to the program, I kept being redirected to a google shearch for Win32.DNSChanger.   After running virus scans with McAfee and AVG, I removed a handful of trojans and spyware, the most significant one being a Win32.DNSChanger.  This made it so that I was able to at least access files on my computer again.  When I tried to download MBAM and SAS, i had trouble trying to get them to install. I now have them installed but I cannot get them to run.  I believe that virus is preventing them from running but I could be wrong.Only other symptoms are that everything seems to be running very slowly, and my system is unstable (random freezes from time to time). Any help would be greatly appreciated! I downloaded and ran RSIT and I will attach the files.  I was unable to run MBAM or SAS so no logs from them are available.Note:  I believe that the virus hit my computer around 3:00pm yesterday (2/14/2009). [attachment deleted by admin]

Answer:Virus preventing access to antivirus sites and programs.

Welcome to CH.The real-time protection of two antivirus programs may conflict with each other and cause the following:1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.2) Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.3) Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.Please uninstall either AVG or McAfee before continuing.----------Click Start > Control Panel > System > Hardware > Device Manager > View > Show Hidden Devices.* Scroll down to Non-plug and Play Drivers and click the plus icon to open those drivers.* Search for any of the following:- Seneka.sys- clbdriver.sys- TDSSserv.sys* Let me know if you find them or not.* If you do find it, right click on it, and select Disable. Do not try to uninstall them.* Now reboot the computer.----------Open HijackThis and select Do a system scan only.Place a check mark next to the following entries: (if there)O2 - BHO: Win32-DNSChanger - {930E7881-D9F3-4293-A24B-23A80C013378} - C:\WINDOWS\system32\fejokt.dll (file missing)O2 - BHO: {0894219f-015e-8d3b-1aa4-d72ce575ec3e} - {e3ce575e-c27d-4aa1-b3d8-e510f9124980} - C:\WINDOWS\system32\ibpwie.dll (file missing)O4 - HKLM\..\Run: [Jgubofa] rundll32.exe \"C:\WINDOWS\Vqanun.dll\",eO4 - HKLM\..\Run: [Ssemonusohoma] rundll32.exe \"C:\WINDOWS\etofisaw.dll\",eO4 - Startup: Power... Read more

9 more replies
Relevance 67.24%

UPDATE: My browser is continually taken to spywareprotectionplus.com, which google tells me is associated with the zlob trojan. Any tips on how to remove this? Thank you for the help.
Hello everyone, and thanks in advance for the assistance.

I was running AVG 9.0 (free version) when I got a warning message that a virus was detected. I think I clicked on a questionable link while searching for forum posts on college admission essays. It seemed AVG had taken care of it, but then I started to hear weird audio files play in the background and my webbrowser kept taking me to a anti-spyware site. I opened AVG again and all the options had been removed, i.e., the program opened but there was no option to run a scan or update. I then ran Adaware which came up clean. I was able to install Panda Cloud antivirus, but it wouldn't function properly.

I've since restarted my computer but now I have found that even though I detect a wireless connection, IE willnot open any pages. I downloaded Avira Antivirus and the latest update on a separate computer (the one I am using now) and saved it to a thumbdrive. I then tried opening the program on the infected computer. I was able to install it, but cannot open it. I see avcenter.exe running in my task manager, but no window comes up.

I also see iexplore.exe in my task manager but I don't have IE open. I also see GrooveMonitor.exe. Are both of these spyware?

Any suggestions on what I should do from here? I've downloaded ... Read more

More replies
Relevance 67.24%

Hello everyone, and thanks in advance for the assistance.

I was running AVG 9.0 (free version) when I got a warning message that a virus was detected. I think I clicked on a questionable link while searching for forum posts on college admission essays. It seemed AVG had taken care of it, but then I started to hear weird audio files play in the background and my webbrowser kept taking me to a anti-spyware site. I opened AVG again and all the options had been removed, i.e., the program opened but there was no option to run a scan or update. I then ran Adaware which came up clean. I was able to install Panda Cloud antivirus, but it wouldn't function properly.

I've since restarted my computer but now I have found that even though I detect a wireless connection, IE willnot open any pages. I downloaded Avira Antivirus and the latest update on a separate computer (the one I am using now) and saved it to a thumbdrive. I then tried opening the program on the infected computer. I was able to install it, but cannot open it. I see avcenter.exe running in my task manager, but no window comes up.

I also see iexplore.exe in my task manager but I don't have IE open. I also see GrooveMonitor.exe. Are both of these spyware?

Any suggestions on what I should do from here? I've downloaded Combofix but am waiting to run it until someone can give me some clear advise.

Thank you.

Answer:Virus preventing antivirus scans and internet connection

Hello I am moving this to Am I infected from Win 2000If you now have 2 AV's running you need to remove one.Now run RKill.... Then MBAM and AvirraPlease download Rkill by Grinler and save it to your desktop.Link 2Link 3Link 4Double-click on the Rkill desktop icon to run the tool.If using Vista, right-click on it and Run As Administrator.A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.If not, delete the file, then download and use the one provided in Link 2.If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.If the tool does not run from any of the links provided, please let me know.You will need to run the application again if rebooting the computer occurs along the way.Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished,... Read more

1 more replies
Relevance 66.83%

Is it okay to run malwarebytes anti malware trial version, real time protection alongside an existing anti virus ?

Would they conflict?
I have MBAM free version but there is an option to use the trial pro version which is real time protection. I am just wondernig if real time protection would oonflict with my microsoft security essentials anti virus ?

thanks

Answer:Will running malwarebytes anti malware trial version ( real time protection ) conflict if running alongside an existing anti virus

They will work good together. What you do not want is more than one anti-virus program running.

3 more replies
Relevance 66.42%

As stated, I need help regarding this.
I've tried to clean remove MBAM and re-install it but to no avail.
When I run the installer, it states, "CreateFile failed; code 80. The file exists".
And when I tried searching it, I can't find the file.
 
I uninstalled my outdated Avast Antivirus and installed the latest one, and the program won't run either.
 
Can anyone kindly assist me with this? ):
 

Answer:Virus/Malware preventing me from starting MBAM and my Antivirus Software.

Hello haekaru -
Are you stable to run in Safe Mode With Networking ? Ask if you need help.How to start Windows in Safe Mode
 
Download Malwarebytes Chameleon technologies get Malwarebytes Anti-Malware installed and running when blocked by malicious programs.
 
Usage -
Download Chameleon from the link to the right.
Unzip the contents to a folder in a convenient location.
Follow the instructions in the included Chameleon CHM Help File
Or if the help file will not open, simply try to run the files by double-clicking on them one by one until one of them remains open, then follow the onscreen instructions.
 
 
Thank You -
Edited to add Safe Mode link -

2 more replies
Relevance 66.01%

I'm wondering if my computer with Windows Vista Home Premium edition OS has a virus! Today I suddenly could not open my Mozilla Firefox to read my email, getting instead the following message: "Windows needs to install driver software for your ethernet controller." I'm a newbie, by the way, so what exactly is an ethernet controller?? I tried unsuccessfully to locate and install the driver software and since I did not have the original CD and all other options failed I can't open my Firefox program to access my email! Something happened since earlier this morning after I did send some email messages. I have never installed drivers before so I would need some help, perhaps from the Windows web site? Could it be a virus? I run AVIRA AntiVir 9 every day so I thought I was protected.  I would greatly appreciate any advice from my fellow Computer Hope colleagues. Thank you.    jandal

Answer:Possible virus preventing email program from starting

http://www.computerhope.com/forum/index.php/topic,46313.0.htmlplease go to above and complete and post the 3 logs here an expert will look at themkeep the malware , sas and ccleaner in your pc and run weekly

1 more replies
Relevance 65.19%

Hello,
I have the following symptoms:
Google update is crashing
Google chrome can no-longer access webpages
Firefox and Internet Explorer will jump to incorrect malicious sites when I click on links given by a google search
Cannot access antivirus sites (like this one) from browser
Anti virus software cannot update
System sometimes freezes during startup when not running in safe mode

I ran the log generators in safe mode and results are below.

GMER would not run.

Any help will be appreciated.



DDS (Version 1.0) - NTFSx86 NETWORK

Run by user2 at 10:59:13.37 on Sat 11/29/2008

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2038.1710 [GMT -8:00]



============== Running Processes ===============



C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\Program Files\Lavasoft\Ad-Aware_2008\aawservice.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Documents and Settings\user2\Desktop\dds.scr



============== Psuedo HJT Report ===============



uStart Page = hxxp://www.google.com/ig/dell?hl=en

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en

mDefault_Page_URL = hxxp://www.dell.com

mDefault_Search_URL = hxxp://www.google.com/ie

mStart Page = hxxp://www.dell.com

uInternet Connection Wizard,ShellNext ... Read more

Answer:Virus redirecting google search links and preventing access to Antivirus sites

Rename Gmer.exe to Omer.exe. Then try running it.

8 more replies
Relevance 63.55%

When I run any DOS game like Allen Border's Cricket, etc. my system's performance degrades drastically when I run the same along with any media player like RealOne or Windows Media Player 9.
What exactly happens is that while I'm playing this DOS Game with its options of Music and Fx turned off for less memory consumption and at the same time I'm listening to any music with the option of Visualisation selected to 'None', again to free up memory, but still my system becomes slow, the music stops in between & resumes playing by itself, the game also becomes slow and then again starts working properly long with the music.

I fail to understand that inspite of having 512 MB DDRSD Ram & 1.9 Ghz processor still then why is the performance so poor even when I've disabled most of the options that consume more memory!

Please help sooooon!!!
 

Answer:Performance drastically degrades on running a DOS program alongwith any other program

6 more replies
Relevance 62.73%

Recently, I've noticed how some games won't run at all. For example, the other day, FS 2004 AcoF started to randomly hang on the startup screen. It would just sit there. I would open up the Task Manager, and the process would still be there, but it wouldnt' be using any CPU time. Even after 2 hours, it wasn't doing anything. I uninstalled it, reinstalled it, and to my horror, it did the same thing.

Then, KOTOR, which I just bought, started doing the same thing.

I decided to install SP2, which was a HORRIBLE idea. I think one of my hard drives did a click of death, where it freezes windows, during the install. My mouse kept moving on screen, but I couldn't /do/ anything. ALT CTRL DEL was useless. So, I reparied my current install of Windows using a CD I had laying around.

After 'fixing' windows, I proceeded to launch NForce 5.1 driver install setup. It unpacked the drivers, created the files, but it never launched any actual setup. The process doesn't even start. It also mysteriously killed a bunch of my other windows Processes. I still don't have chipset drivers.

I'm sorta at the end of my rope here. I've got a new hard drive coming which will replace the 10 gig drive I'm using for windows right now, but until it gets here, I really need chipset drivers, and playing FS and KOTOR would be great. This is so frusterating...

I took a walk through symantec.com looking for virii that could be doing this, but I coudln... Read more

Answer:Problems running programs, installing software, and installing drivers

any entries in the event log?

googtle symantec online scan
and trend micro online scan

test your RAM, review Corruption 101 and double check its not a power issue

if it aint hardware, and you rule out malware
its likely a borked install, repair installs not being all that great when compared to a fresh install

considering you have a new drive coming, Id do a fresh install to it and try to replicate the problem, if so its drivers or hardware
then configure its security, attach to the internet and then attach the old OS\HDD and scan from it, recover data ect.

and a dual boot wont kill you, they are a cheap investment of 5GB,
and you get a security scanning platform, recovery advantages ect
 

2 more replies
Relevance 61.91%

i got netbook 1.6ghz atom processor. just bought a month ago. OS coming without antivirus. try to download from internet but after installation completed, i can't open antivirus program. try with all freeware antivirus. the result is same. plz help me... to buy new one don't have budget right now.

Answer:can't running antivirus

i run win xp pro sp3 32-bit.

2 more replies
Relevance 61.91%

I saw on another site to run 2 antivirus programs , so I am running Avira and Avast , is this ok ? Then on another site it said only run ! so is 2 ok or should I only run 1 and if so , which one , Avira or Avast ?

Answer:Is 2 antivirus running too many ??

No, it is not okay. Pick one (either one) and uninstall the other.

4 more replies
Relevance 61.91%

I keep getting his box reading "Could not initialize AVG Anti-virus kernal interface. Application cannot run."

Should I be worried or is this normal? Is my computer unsafe without an anti-virus running?

I've never liked AVG. Would it mess up my computer if I download another anti-virus program since AVG is screwed up?

Answer:Avg Antivirus Not Running

I have also had problems with AVG antivirus. Installed Avast instead and have nothing but good to say about it. There is also a Tutorial on these forums on how to properly optimise your settings. Here's the link. http://www.bleepingcomputer.com/tutorials/how-to-use-avast-antivirus/

2 more replies
Relevance 61.91%

Hi. I am trying to diagnose a problematic laptop for a friend. I don't know the details of what happened to cause the problems. The main problem I can detect is that the laptop is EXTREMELY slow. It seems like anything I try has a delayed response (even a simple mouse click). I followed the Malware Removal Guide, but was only able to run two of the five suggested tools as follows:

1) SUPERAntiSpyware - I ran this after manually updating the definition files on the version already installed and the scan found nothing.

2) Malwarebytes Anti-Malware - I was not able to update the definition files for the current version installed. After several attempts to uninstall this (via the Control Panel), I was able to do it via CCleaner. However, I was not able to re-install a more recent version due to problems with the Windows Installer service. After uninstalling an outdated version of Java (Update 14) via the Control Panel, I have not been able to install/uninstall any more programs.

2) combofix.exe - not compatible with 64-bit OS

3) RootRepeal - did not run on 64-bit OS

4) MGtools - did run; kept getting errors, but continued to completion

Attached are the SUPERAntiSpyware and MGTools logs:
 

Answer:Possible Malware preventing me from running malware removal tools

I am not seeing any malware in those logs. I do not know why MalwareBytes would not run, are you able to run it in safe mode? How does the PC behave when you use safe mode?

More than likely I think I will be sending you off to the software forum.

We can do this:

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:



O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - (no file)
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsM... Read more

5 more replies
Relevance 61.5%

Yesterday, I can hear program running cause sounds interrupt when I'm online or offline. Checked task manager, startup programs no program is running that isn't suppose to be running.Also, run all virus programs. Don't know whats going on can you help?
 

Answer:program running cant stop or find program

6 more replies
Relevance 61.5%

Hi,New here and in some ways I wish i had found this site earlier.Anyway, my mother-in-law god bless her has a prolem on her laptop. When we boot up a message is displayed 'Application cannot be executed. The file mscorsvw.exe is infected do you want to activate your antivirus software now?. When you say yes to this it opens IE and points to page hXXp://os-guard2010.com/purchase?r=59.6. Another Securtiy Warning box also appears which states Application cannot be executed. The file wltuser.exe is infected. Do you want activate your antivirus programme?I am unable to connect to the Internet as it keeps producing errors as above.Can you please help?Thanks in advance.OzEDit: killed link so noone actually tries to use that site

Answer:Antivirus is prevented from running

Hello,, let's see if we can connect after this.Go to Start ... Run and type in cmdA dos Window will appear.Type in the dos window: netsh winsock resetClick on the enter key.Reboot your system to complete the process. If you cannot use the Internet,you will need access to another computer that has a connection.From there save mbam-setup.exe to a flash,usb,jump drive or CD. Now transfer it to the infected machine, then install and run the program. If you cannot transfer to or install on the infected machine, try running the setup (installation) file directly from the flash drive or CD by double-clicking on mbam-setup.exe so it will install on the hard drive.***Manually Downloading Updates: Manually download them from HERE and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.Next run MBAM (MalwareBytes):NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disabl... Read more

29 more replies
Relevance 61.5%

i installed n av2004 on new pc windows xp it does not run on startup or when i click program do i need to enable it some how.

Answer:norton antivirus not running

I just installed on mine and part of the process is to do a full scof the system to ensure no existing viruese. As long as you let this happen the system should be clean ( some viruses disable your avg ).If it didn't get all the latest upgrades and do a full scan which took 15 mins on my machine.You do this by double clicking on the icon in the sys tray.If that all goes ok then doublr click on the tray icon and enable auto protect. I should run next time you start windows.hope that helpsHXP

1 more replies
Relevance 61.5%

I have AVG free antivirus and also Zone alarm security. Does Zone alarm security include antivirus. If so, does this mean that they might conflict and that I should remove one of them.

Answer:Am I running 2 antivirus programs?

YesFrom click here;jsessionid=GyWXBb7I0nJ0ke4VrzkklHYLqiVB6SFeGxGu1bmrc18LlN1IDHxj!-88141120!-1062696904!7551!7552!NONE?dc=34std&ctry=&lang=en"This comprehensive suite protects you at every level, from the deepest layers of your operating system to the physical world, delivering the most secure protection in the industry. Includes antivirus, anti-spyware, identity theft protection, operating system firewall, network and program firewall, auto-learn, anti-spam, and much more"

6 more replies
Relevance 61.5%

I experience problem updating my computer with norton antivirus updates .When I open as ordinary user,it gives me the error message that there is no enough memory space,but when I run as administrator it updates.What is the cause for this and how do I go about it.
 

Answer:Running antivirus updates

Could you paste in the exact error message you get from Norton please? As this will help find more details on the problem via google
 

3 more replies
Relevance 61.5%

Hope you can help. I ran my antivirus, it founds some items, and when it finished, it said I needed to reboot to finish removing things it found. When I rebooted, there are now things that aren't working. For example, if I go into Control Panel and try to open Add/Remove Programs, I get an error saying that I can't open it. When I open Firefox, Skype, etc. from the desktop, I get the box coming up asking what program I want to use to open the programs. The icons on the bottom right corner are gone. Some things will open, like the Fonts folder in the Control Panel, but I get errors when trying to open Security Center, Windows Firewall, etc.

I did get Firefox to open temporarily by choosing to use Firefox to open Firefox, but Firefox closes after a few seconds of being opened, with an error asking if I want to send the error report to Mozilla. Never seen that error before after using a computer for MANY years.

Anyone have thoughts about what to do? Should I run scans, do a repair on Windows? Any help is appreciated. Thanks!

Answer:Issues after running antivirus

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

1 more replies
Relevance 61.5%

Hi Folks, My Internet provider, Rogers is going to shut me down BECAUSE this mailshell.net item is slowing their computers!! ( I can paste the exact lines of numbers and dots that Rogers sent me)Haven't a clue what they are talking about but on calling them they said it was between me and AVG. AVG since I installed it 4 months ago has really slowed MY computer.Got AVG to run a scan on my computer but haven't heard back for 5 days now.-I found a thread in 2008 but couldn't access info on "post further down".Anyone had similar " mailshell.net " concerns

Answer:mailshell.net - is this due to me running AVG antivirus.

first your isp sucks because software on your end couldnt slow down there endand even if it did they want your money so they dont care about speedi cannot see the connection between AVG and mailshell.net and much less your ispif AVG has any email antispam disable it and hope it will go away

5 more replies
Relevance 61.5%

Hi,i have downloaded & installed AVG FREE--ok so far.I downloaded the AVG 6732 application file to my desktop(6.82mb),then opened this application file to install AVG FREE.
Seems like a dumb question,but is it ok to delete the AVG 6732 APPLICATION FILE after it has been used to install AVG,or must it remain for AVG to function properly?

THANKS MUCH TO ALL RESPONDERS
 

Answer:To Anyone Running Avg Antivirus Free

AbbySue said:



Yes, you can delete the downloaded installer...and remember...no question is a dumb question....this is how we all learn!Click to expand...

I use AVG free too!
As Abbysue said, OK to delete, same is true for most any other program.
Most any program I download, I wil save to CD or my documents, then if I need to reinstall I still got it.
Alot of programs free/etc will be updated (sometimes the old version is more prefferable) or even discontinued, so is nice to have on cd or stored on the PC, for future use.
 

4 more replies
Relevance 61.5%

Hi,does anyone with avg free ever notice that avg does not really check C:\DOCUMENTS AND SETTINGS?
Try this check to see if it checks yours:Open avg,click on "TEST RESULTS",Then click on any TEST RESULTS LISTING,then click on "DETAIL INFO".
On my machine AVG lists several entries under C:\DOCUMENTS AND SETTINGS that avg CANNOT OPEN;NOT CHECKED.

If this is similiar on your machine,is there any reason why it cannot open those files to check for viruses?

I`ve always wondered why avg scans my C and D drives so fast(16 minutes) compared to the 45 minute scans it took when i had mcafee viruscan installed.I got rid of mcaffee a few months ago because it`s a resource hog.
THANKS FOR ANY INFORMATION
 

Answer:To Anyone Running Avg Free Antivirus

I see that as well, but most all are .dat files in the Local and Network Settings subfolders-- it's probably just that they're protected files.
 

4 more replies
Relevance 61.5%

i am unable to run any antivirus/spyware programs, also the computer will not shut down/restart. dds will not run, but hijac this and rootrepel will run. any help would greatly be appreatiated.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:50:29 PM, on 20/09/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Files\Dell\Media Experience\DMXLauncher.exeC:\WINDOWS\stsystra.exeC:\Program Files\McAfee.com\VSO\oasclnt.exeC:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\WINDOWS\System32\DLA\DLACTRLW.EXEC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktop.exeC:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exeC:\Program Files\McAfee.com\VSO\mcvsshld.exeC:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exeC:\Program File... Read more

Answer:no antivirus programs running

hi coldlogic,

Sorry for the delay, no shortage of posters. Your log is several days old, if you still need help simply reply to the post.

1 more replies
Relevance 61.5%

Ok, here's the deal. I've been using computers for years now, and so I am fairly knowledgeable as to what places to avoid, etc. Generally I'm not going to find myself going through 90 ads, filling surveys to earn some imaginery money or gain access to some weird porn site.

I've been using antivirus programs off and on for that time, and I haven't really noticed a difference - for the past year or so, I haven't had any firewall/antivirus program on whatsoever, and I haven't noticed any problems.

Keyword "noticed" - doesn't mean there aren't any problems. So my question is, should I install an antivirus program? Does it really help for an average computer user like me? So far I've found it's more of a hassle than it's worth.

As for what I do in my computer - play games (csgo, lol, minecraft), surf forums, youtube, there's the occasional piratebay, etc.
 

Answer:Do I really need antivirus programs running?

Yes, AV's and Firewalls are a must. You're nuts not to run them, especially on modern machines that have more than enough resources to run said programs without slowing down the computer.

With malware becoming more and more common through everyday websites via malicious ads and other assets, you don't have to be hanging out at shady websites to get infected. You might not 'notice' any strange behavior on your computer, but it doesn't mean that a small lightweight keylogger isn't running in the background sending all your user names, passwords, etc to a server somewhere.

I have a friend that does the same crap (runs his machine without an AV or FW) that swore he didn't need them. One day he decided to try out an AV and found that his machine was riddled with viruses and other malware

To each his own... different strokes for different folks, but I would never put a machine on the internet without proper security in place (except for VM's or livecd's and crap)
 

more replies