Windows Support Forum

Not sure I'm infected with a virus or my hard drive is about to kick the bucket

Q: Not sure I'm infected with a virus or my hard drive is about to kick the bucket

I ve been getting a lot of error messages lately on my desktop Dell XPS running Vista I ve run several anti-virus amp Malware programs but they have come up clean Errors include corrupted files application error and on reboot the file system wasn t working I ran Mini Toolbox and will post the log here Any help hard virus bucket is my to I'm infected about with kick sure or drive Not a the would be greatly appreciated MiniToolBox by Farbar Version - - Ran by John administrator on - - at Microsoft Windows Vista Home Premium Service Pack X Boot Mode Normal Flush DNS Windows IP Configuration Successfully flushed the DNS Resolver Cache IE Proxy Settings Proxy is not enabled No Proxy Server is set quot Reset IE Proxy Settings quot IE Proxy Settings were reset FF Proxy Settings quot Reset FF Proxy Settings quot Firefox Proxy settings were reset Hosts content localhost localhost IP Configuration Broadcom g Network Adapter Wireless Network Connection Connected Intel reg DC- Gigabit Network Connection Local Area Connection Media disconnected ---------------------------------- IPv Configuration ---------------------------------- pushd interface ipv reset set global icmpredirects enabled popd End of IPv configuration Windows IP Configuration Host Name MY-PC Primary Dns Suffix Node Type Hybrid IP Routing Enabled No WINS Proxy Enabled No Wireless LAN adapter Wireless Network Connection Connection-specific DNS Suffix Description Broadcom g Network Adapter Not sure I'm infected with a virus or my hard drive is about to kick the bucket Physical Address - E- C- D- E- B DHCP Enabled Yes Autoconfiguration Enabled Yes Link-local IPv Address fe ee e ef e f Preferred IPv Address Preferred Subnet Mask Lease Obtained Monday June AM Lease Expires Wednesday June PM Default Gateway DHCP Server DHCPv IAID DHCPv Client DUID - - - - E-F -B - - - D- - B- - DNS Servers NetBIOS over Tcpip Enabled Ethernet adapter Local Area Connection Media State Media disconnected Connection-specific DNS Suffix Description Intel reg DC- Gigabit Network Connection Physical Address - D- - B- - DHCP Enabled Yes Autoconfiguration Enabled Yes Tunnel adapter Local Area Connection Connection-specific DNS Suffix Description Teredo Tunneling Pseudo-Interface Physical Address - - - - E- DHCP Enabled No Autoconfiguration Enabled Yes IPv Address e c f fe a Preferred Link-local IPv Address fe c f fe a Preferred Default Gateway DHCPv IAID DHCPv Client DUID - - - - E-F -B - - - D- - B- - NetBIOS over Tcpip Disabled Tunnel adapter Local Area Connection Media State Media disconnected Connection-specific DNS Suffix Description isatap E - - D F- C D- F D Physical Address - - - - - - -E DHCP Enabled No Autoconfiguration Enabled Yes Tunnel adapter Local Area Connection Media State Media disconnected Connection-specific DNS Suffix Description isatap D C -C EE- B - A E- A A DDC Physical Address - - - - - - -E DHCP Enabled No Autoconfiguration Enabled Yes Server vdns srv hcvlny cv net Address DNS request timed out timeout was seconds Name google com Addresses Pinging google com with bytes of data Reply from bytes time ms TTL Reply from bytes time ms TTL Ping statistics for Packets Sent Received Lost loss Approximate round trip times in milli-seconds Minimum ms Maximum ms Average ms Server vdns srv hcvlny cv net Address DNS request timed out timeout was seconds Name yahoo com Addresses Pinging yahoo com with bytes of data Reply from bytes time ms TTL Reply from bytes time ms TTL Ping statistics for Packets Sent Received Lost loss Approximate round trip times in milli-seconds Minimum ms Maximum ms Average ms Server vdns srv hcvlny cv net Address DNS request timed out timeout was seconds Name bleepingcomputer com Address Pinging bleepingcomputer com with bytes of data Request timed out Request timed out Ping statistics for Packets Sent Received Lost loss Pinging with bytes of data Reply from bytes time lt ms TTL Reply from bytes time lt ms TTL Ping statistics for Packets Sent Received Lost loss Approximate round trip times in milli-seconds Minimum ms Maximum ms Average ms Interface List e c d e b Broadcom g Network Adapter d b Intel reg DC- Gigabit Network Connection Software Loopback Interface e Teredo Tunneling Pseudo-Interface e isatap E - - D F- C D- F D e isatap D C -C EE- B - A E- A A DDC IPv Route Table Active Routes Network Destination Netmask Gateway Interface Metric On-link On-link On-link On-link On-link On-link On-link On-link On-link On-link Persistent Routes None IPv Route Table Active Routes If Metric Network Destination Gateway On-link On-link On-link e c f fe a On-link fe On-link fe On-link fe c f fe a On-link fe ee e ef e f On-link ff On-link ff On-link ff On-link Persistent Routes None Winsock entries Catalog C Windows system NLAapi dll Microsoft Corporation Catalog C Windows system napinsp dll Microsoft Corporation Catalog C Windows system pnrpnsp dll Microsoft Corporation Catalog C Windows system pnrpnsp dll Microsoft Corporation Catalog C Windows System mswsock dll Microsoft Corporation Catalog C Windows System winrnr dll Microsoft Corporation Catalog C Program Files Bonjour mdnsNSP dll Apple Inc Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Catalog C Windows system mswsock dll Microsoft Corporation Event log errors Application errors Error PM Source Microsoft-Windows-CAPI User Description x The file or directory is corrupted and unreadable Error PM Source Microsoft-Windows-CAPI User Description x The file or directory is corrupted and unreadable Error PM Source Microsoft-Windows-CAPI User Description x The file or directory is corrupted and unreadable Error PM Source Microsoft-Windows-CAPI User Description x The file or directory is corrupted and unreadable Error PM Source Application Hang User Description The program firefox exe version stopped interacting with Windows and was closed To see if more information about the problem is available check the problem history in the Problem Reports and Solutions control panel Process ID Start Time cd a b Termination Time Error PM Source Application Error User Description Windows cannot access the file C Windows Prefetch AgCx S S- - - - - - - snp db for one of the following reasons there is a problem with the network connection the disk that the file is stored on or the storage drivers installed on this computer or the disk is missing Windows closed the program Host Process for Windows Services because of this error Program Host Process for Windows Services File C Windows Prefetch AgCx S S- - - - - - - snp db The error value is listed in the Additional Data section User Action Open the file again This situation might be a temporary problem that corrects itself when the program runs again If the file still cannot be accessed and - It is on the network your network administrator should verify that there is not a problem with the network and that the server can be contacted - It is on a removable disk for example a floppy disk or CD-ROM verify that the disk is fully inserted into the computer Check and repair the file system by running CHKDSK To run CHKDSK click Start click Run type CMD and then click OK At the command prompt type CHKDSK F and then press ENTER If the problem persists restore the file from a backup copy Determine whether other files on the same disk can be opened If not the disk might be damaged If it is a hard disk contact your administrator or computer hardware vendor for further assistance Additional Data Error value C C Disk type Error PM Source Application Error User Description Faulting application svchost exe SysMain version time stamp x b faulting module ntdll dll version time stamp x ec e d exception code xc fault offset x e process id x c application start time xsvchost exe SysMain Error AM Source Application Error User Description Windows cannot access the file C ProgramData Microsoft Windows Defender Definition Updates BE CA - A- - FBB-BBBA E CE mpengine dll for one of the following reasons there is a problem with the network connection the disk that the file is stored on or the storage drivers installed on this computer or the disk is missing Windows closed the program Host Process for Windows Services because of this error Program Host Process for Windows Services File C ProgramData Microsoft Windows Defender Definition Updates BE CA - A- - FBB-BBBA E CE mpengine dll The error value is listed in the Additional Data section User Action Open the file again This situation might be a temporary problem that corrects itself when the program runs again If the file still cannot be accessed and - It is on the network your network administrator should verify that there is not a problem with the network and that the server can be contacted - It is on a removable disk for example a floppy disk or CD-ROM verify that the disk is fully inserted into the computer Check and repair the file system by running CHKDSK To run CHKDSK click Start click Run type CMD and then click OK At the command prompt type CHKDSK F and then press ENTER If the problem persists restore the file from a backup copy Determine whether other files on the same disk can be opened If not the disk might be damaged If it is a hard disk contact your administrator or computer hardware vendor for further assistance Additional Data Error value C C Disk type Error AM Source Application Error User Description Faulting application svchost exe WinDefend version time stamp x b faulting module mpengine dll version time stamp x fa c e exception code xc fault offset x b e process id x application start time xsvchost exe WinDefend Error AM Source Application Error User Description Windows cannot access the file C ProgramData Microsoft Windows Defender Definition Updates BFB D- E - F - F B- B C F C B mpengine dll for one of the following reasons there is a problem with the network connection the disk that the file is stored on or the storage drivers installed on this computer or the disk is missing Windows closed the program Host Process for Windows Services because of this error Program Host Process for Windows Services File C ProgramData Microsoft Windows Defender Definition Updates BFB D- E - F - F B- B C F C B mpengine dll The error value is listed in the Additional Data section User Action Open the file again This situation might be a temporary problem that corrects itself when the program runs again If the file still cannot be accessed and - It is on the network your network administrator should verify that there is not a problem with the network and that the server can be contacted - It is on a removable disk for example a floppy disk or CD-ROM verify that the disk is fully inserted into the computer Check and repair the file system by running CHKDSK To run CHKDSK click Start click Run type CMD and then click OK At the command prompt type CHKDSK F and then press ENTER If the problem persists restore the file from a backup copy Determine whether other files on the same disk can be opened If not the disk might be damaged If it is a hard disk contact your administrator or computer hardware vendor for further assistance Additional Data Error value C C Disk type System errors Error PM Source Ntfs User Description The file system structure on the disk is corrupt and unusable Please run the chkdsk utility on the volume OS Error PM Source Ntfs User Description The file system structure on the disk is corrupt and unusable Please run the chkdsk utility on the volume OS Error PM Source Ntfs User Description The file system structure on the disk is corrupt and unusable Please run the chkdsk utility on the volume OS Error PM Source Ntfs User Description The file system structure on the disk is corrupt and unusable Please run the chkdsk utility on the volume OS Error PM Source Ntfs User Description The file system structure on the disk is corrupt and unusable Please run the chkdsk utility on the volume OS Error PM Source Ntfs User Description The file system structure on the disk is corrupt and unusable Please run the chkdsk utility on the volume OS Error PM Source Ntfs User Description The file system structure on the disk is corrupt and unusable Please run the chkdsk utility on the volume OS Error PM Source Ntfs User Description The file system structure on the disk is corrupt and unusable Please run the chkdsk utility on the volume OS Error PM Source Ntfs User Description The file system structure on the disk is corrupt and unusable Please run the chkdsk utility on the volume OS Error PM Source Ntfs User Description The file system structure on the disk is corrupt and unusable Please run the chkdsk utility on the volume OS Microsoft Office Sessions Error AM Source Microsoft Office Sessions User Description ID Application Name Microsoft Office Word Application Version Microsoft Office Version This session lasted seconds with seconds of active time This session ended with a crash Error AM Source Microsoft Office Sessions User Description ID Application Name Microsoft Office Outlook Application Version Microsoft Office Version This session lasted seconds with seconds of active time This session ended with a crash Error AM Source Microsoft Office Sessions User Description ID Application Name Microsoft Office Outlook Application Version Microsoft Office Version This session lasted seconds with seconds of active time This session ended with a crash Error PM Source Microsoft Office Sessions User Description ID Application Name Microsoft Office Word Application Version Microsoft Office Version This session lasted seconds with seconds of active time This session ended with a crash Error PM Source Microsoft Office Sessions User Description ID Application Name Microsoft Office Word Application Version Microsoft Office Version This session lasted seconds with seconds of active time This session ended with a crash Installed Programs Update for Microsoft Office KB Acrobat com Version Acrobat com Version Ad-Aware Version Adobe AIR Version Adobe Anchor Service CS Version Adobe Asset Services CS Version Adobe Bridge CS Version Adobe Bridge Start Meeting Version Adobe Camera Raw Version Adobe CMaps Version Adobe Common File Installer Version Adobe Default Language CS Version Adobe Device Central CS Version Adobe ExtendScript Toolkit Version Adobe Flash Player ActiveX Version Adobe Flash Player Plugin Version Adobe Help Viewer CS Version Adobe PDF Library Files Version Adobe Photoshop Version Adobe Photoshop Elements Version Adobe Premiere Elements Version Adobe Premiere Elements Templates Version Adobe Reader Version Adobe Setup Version Adobe Shockwave Player Version Adobe Soundbooth CS Version Adobe Soundbooth CS Codecs Version Adobe Soundbooth CS Scores Version Adobe Type Support Version Adobe Update Manager CS Version Adobe Version Cue CS Client Version Adobe XMP DVA Panels CS Version Adobe XMP Panels CS Version Advanced Audio FX Engine Advanced Video FX Engine AIM AnswerWorks English Runtime Version AOL Mail and AIM Gadget Version AOL Messaging Toolbar AOL Registration AOL Uninstaller Choose which Products to Remove Apple Application Support Version Apple Mobile Device Support Version Apple Software Update Version Audacity BitTorrent Bonjour Version Browser Address Error Redirector Version Coupon Printer for Windows Version Creative Audio Control Panel Version Creative MediaSource Version CueM UWin Version CuteFTP Home Version D DX Version Dell DataSafe Online Version Dell Driver Download Manager Version Dell Getting Started Guide Version Dell Support Center Support Software Version DELL Webcam Center DELL Webcam Manager Download Updater AOL LLC DQ Tycoon Version Dropbox Version EPSON Easy Photo Print Version EPSON NX User s Guide EPSON Scan EPSON Stylus NX Series Printer Uninstall ESET Online Scanner v Firebird Win Version Google Chrome Frame Version Google Desktop Version Google Earth Version Google Gears Version Google Toolbar for Internet Explorer Version Google Toolbar for Internet Explorer Version Google Update Helper Version HijackThis Version iCloud Version Intel reg PRO Network Connections Version Intel reg Viiv Software Version iTunes Version Java Auto Updater Version Java Update Version JavaFX Version Junk Mail filter update Version LAME v for Audacity Live Cam Avatar Creator Version Live Cam Avatar v Version Malwarebytes Anti-Malware version Version McAfee SecurityCenter McAfee Virtual Technician Version Microsoft NET Framework Version Microsoft NET Framework Security Update KB Microsoft NET Framework Security Update KB Microsoft NET Framework Security Update KB Microsoft NET Framework SP Microsoft NET Framework SP Version Microsoft NET Framework Client Profile Version Microsoft Application Error Reporting Version Microsoft Office Service Pack SP Microsoft Office Excel MUI English Version Microsoft Office File Validation Add-In Version Microsoft Office Home and Student Version Microsoft Office Live Add-in Version Microsoft Office OneNote MUI English Version Microsoft Office Outlook Version Microsoft Office Outlook Connector Version Microsoft Office Outlook MUI English Version Microsoft Office PowerPoint MUI English Version Microsoft Office Proof English Version Microsoft Office Proof French Version Microsoft Office Proof Spanish Version Microsoft Office Proofing English Version Microsoft Office Proofing Tools Service Pack SP Microsoft Office Shared MUI English Version Microsoft Office Shared Setup Metadata MUI English Version Microsoft Office Word MUI English Version Microsoft Rise Of Nations Microsoft Save as PDF or XPS Add-in for Microsoft Office programs Version Microsoft Search Enhancement Pack Version Microsoft SQL Server Compact Edition ENU Version Microsoft VC runtime libraries Version Microsoft VC runtime libraries Version Microsoft Visual C ATL Update kb - x Version Microsoft Visual C Redistributable Version Microsoft Visual C x Redistributable - Version MobileMe Control Panel Version Monitor Integrated Webcam Driver Move Networks Media Player for Internet Explorer Mozilla Firefox x en-US Version Mozilla Maintenance Service Version MSI to redistribute MS VS CRT libraries Version MSVCRT Version MSXML SP KB Version MSXML SP KB Version MSXML SP KB Version MSXML SP KB Version MSXML SP Parser and SDK Version MSXML Parser Version Music Photos amp Videos Launcher Version Nike Utility Version NVIDIA Display Control Panel Version NVIDIA Drivers Version OGA Notifier Version OpenAL PeaZip Play MPE Player Version POOL Version POOL Version Version Product Documentation Launcher Version PVSonyDll Version QuickBooks Pro Version Quicken Version QuickTime Version RealNetworks - Microsoft Visual C Runtime Version RealPlayer RealUpgrade Version Roxio Activation Module Version Roxio Creator Audio Version Roxio Creator BDAV Plugin Version Roxio Creator Copy Version Roxio Creator Data Version Roxio Creator Premier Version Roxio Creator Tools Version Roxio EasyArchive Version Roxio Express Labeler Version Roxio MyDVD Premier Version Roxio Update Manager Version SAM Broadcaster remove only Segoe UI Version Sonic CinePlayer Decoder Pack Version Sound Blaster X-Fi Version Spelling Dictionaries Support For Adobe Reader Version Spotify Version Spotify Version g ab d Start and Run a Coffee Bar Version - StationPlaylist Creator v Version Studio -Live Version Studio Version Studio -Win SupportSoft Assisted Service Version Tax Forms Helper Tax Forms Helper Tax Forms Helper TomTom HOME Version TomTom HOME Visual Studio Merge Modules Version TreeSize Free V Version TweetDeck Version Update for Microsoft Office System KB Update for Microsoft NET Framework SP KB Version Update for Microsoft NET Framework Client Profile KB Version Update for Microsoft NET Framework Client Profile KB Version Update for Microsoft NET Framework Client Profile KB Version Update for Microsoft Office Help for Common Features KB Update for Microsoft Office Excel Help KB Update for Microsoft Office OneNote Help KB Update for Microsoft Office Outlook Help KB Update for Microsoft Office Outlook Junk Email Filter KB -Bit Edition Update for Microsoft Office Powerpoint Help KB Update for Microsoft Office Script Editor Help KB Update for Microsoft Office Word Help KB User s Guides Visual C x Runtime - v Version Visual C x Runtime - v Version WD SmartWare Version Windows Live Communications Platform Version Windows Live Essentials Version Windows Live Essentials Version Windows Live Family Safety Version Windows Live ID Sign-in Assistant Version Windows Live Installer Version Windows Live Mail Version Windows Live Messenger Version Windows Live MIME IFilter Version Windows Live Movie Maker Version Windows Live Photo Common Version Windows Live Photo Gallery Version Windows Live PIMT Platform Version Windows Live SOXE Version Windows Live SOXE Definitions Version Windows Live Sync Version Windows Live UX Platform Version Windows Live UX Platform Language Pack Version Windows Live Writer Version Windows Live Writer Resources Version Windows Mobile Device Center Version Windows Mobile Device Center Driver Update Version Wise Disk Cleaner Wise Registry Cleaner Version XPS MiniView Gadget Version Xvid final uninstall Version Memory info Percentage of memory in use Total physical RAM MB Available physical RAM MB Total Pagefile MB Available Pagefile MB Total Virtual MB Available Virtual MB Partitions Drive c OS Fixed Total GB Free GB NTFS Drive d RECOVERY Fixed Total GB Free GB NTFS Drive f RESOURCE CD CDROM Total GB Free GB CDFS Users User accounts for MY-PC Administrator ASPNET Ellen Guest iTunes IUSR NMPR John End of log

Relevancy 100%
Preferred Solution: Not sure I'm infected with a virus or my hard drive is about to kick the bucket

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Not sure I'm infected with a virus or my hard drive is about to kick the bucket

Hello, the ESET online scan was also clean?Please download TDSSKiller.zip and and extract it.Run TDSSKiller.exe. Click on Change Parameters Put a check in the box of Detect TDLFS file system Click Start scan.When it is finished the utility outputs a list of detected objects with description.
The utility automatically selects an action (Cure or Delete) for malicious objects.
The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click ContinueLet reboot if needed and tell me if the tool needed a reboot.Click on Report and post the contents of the text file that will open.

Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.[/lis

Please download aswMBR ( 511KB ) to your desktop.
[list]Double click the aswMBR.exe icon to run itClick the Scan button to start the scanOn completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

http://www.bleepingcomputer.com/forums/t/456011/not-sure-im-infected-with-a-virus-or-my-hard-drive-is-about-to-kick-the-bucket/
Relevancy 64.5%

Hi,I'm new to forum posting, and was recommended bleeping computer by a friend when I requested his help today.I seem to have a virus or some sort of malware that has infected my computer, leaving me unable to access task manager or any program files.(Start > All Programs is completely blank) I've looked on various other forums and have noticed it isn't a rare problem, and most of the posts have been in the March/April 2011 period.So far I've:1) gone into safe mode, accessed avast, removed what I thought was the majority of the virus2) tried numerous system restores, but without success3) looked at forum posts concerning editing the registry. I've had a look and the defaults seem normal.I'd appreciate any help that could get me out of this mess.Thank you.

A:Infected with hard disk drive virus

Hi iliketwiglets,

Try malwarebytes http://www.bleepingcomputer.com/virus-removal/how-to-use-malwarebytes-anti-malware-tutorial Good Luck

http://www.bleepingcomputer.com/forums/t/393999/infected-with-hard-disk-drive-virus/
Relevancy 63.64%

I am infected by a hard drive memory eating virus. I have space on my hard drive C but my computer says that I don't. I created new space by deleting some movies and I had 16 gbs but after an hour it says I have zero bytes. Here is my log from Combofix. How do i get rid of this virus? I can format my computer but I have necessary files that I need at least for a month and I am afraid that I will miss saving one or two and then I will be damned. Can you please help me?

http://www.bleepingcomputer.com/forums/t/625891/i-am-infected-by-a-hard-drive-memory-eating-virus/
Relevancy 63.64%

GMER - http www gmer net Rootkit scan - - Windows Harddisk DR - gt Device Ide IAAStorageDevice- TOSHIBA rev FG Running gmer exe Driver C Users CURTJU AppData Local Temp uwryqpow sys ---- System - GMER ---- SSDT E ED ZwAlertResumeThread SSDT E EDF partly with still damaged. virus?hard this drive am i infected ZwAlertThread SSDT DEB F ZwAllocateVirtualMemory SSDT CDC A ZwAlpcConnectPort SSDT E ZwAssignProcessToJobObject SSDT E D D ZwCreateMutant SSDT A F A ZwCreateSection SSDT E ZwCreateSymbolicLinkObject SSDT E D ZwCreateThread SSDT E ZwCreateThreadEx SSDT E ZwDebugActiveProcess SSDT E DDC ZwDuplicateObject SSDT E B ZwFreeVirtualMemory am i still infected with this virus?hard drive partly damaged. SSDT E D C ZwImpersonateAnonymousToken SSDT E EC ZwImpersonateThread SSDT F D E ZwLoadDriver SSDT E B ZwMapViewOfSection SSDT E D F ZwOpenEvent SSDT E D ZwOpenProcess SSDT E D ZwOpenProcessToken SSDT E D ZwOpenSection SSDT E DE ZwOpenThread SSDT E ZwProtectVirtualMemory SSDT A F A ZwRequestWaitReplyPort SSDT DB ZwResumeThread SSDT A F A B ZwSetContextThread SSDT E B A ZwSetInformationProcess SSDT A F A ZwSetSecurityObject SSDT E ZwSetSystemInformation SSDT E D ZwSuspendProcess SSDT E EED ZwSuspendThread SSDT A F A A ZwSystemDebugControl am i still infected with this virus?hard drive partly damaged. SSDT A F A ZwTerminateProcess SSDT E EF ZwTerminateThread SSDT E B ZwUnmapViewOfSection SSDT DEB ZwWriteVirtualMemory ---- Kernel code sections - GMER ---- text ntkrnlpa exe ZwSaveKeyEx AD A C Byte text ntkrnlpa exe KiDispatchInterrupt A AA F Bytes E F BA F LOOPNZ x MOV EDX x f MOV CR EAX OR AL x MOV CR EAX RET MOV ECX CR text ntkrnlpa exe RtlSidHashLookup AA Bytes ED E F ED E text am i still infected with this virus?hard drive partly damaged. ntkrnlpa exe RtlSidHashLookup C AA C Bytes F B DE text ntkrnlpa exe RtlSidHashLookup AA Bytes A C CD TEST AL xc INT x text ntkrnlpa exe RtlSidHashLookup C AA C Bytes E PUSH EAX PUSH ES JECXZ xffffffffffffff text ntkrnlpa exe RtlSidHashLookup AA Bytes D D E RCL AH x LOOP xffffffffffffff text C Users CURTJU AppData Local Temp mbr sys The system cannot find the file specified ---- User code sections - GMER ---- text C Program Files Safari Safari exe USER dll EndPaint E B Bytes JMP F C Program Files Common Files Apple Apple Application Support WebKit dll WebKit Dynamic Link Library Apple Inc text C Program Files Safari Safari exe USER dll BeginPaint E B Bytes JMP F F C Program Files Common Files Apple Apple Application Support WebKit dll WebKit Dynamic Link Library Apple Inc ---- Registry - GMER ---- Reg HKLM SYSTEM CurrentControlSet services BTHPORT Parameters Keys a b af e Reg HKLM SYSTEM CurrentControlSet services BTHPORT Parameters Keys ceee f cc Reg HKLM SYSTEM CurrentControlSet services BTHPORT Parameters Keys ceee f cc f xA x xB x C Reg HKLM SYSTEM ControlSet services BTHPORT Parameters Keys a b af e not active ControlSet Reg HKLM SYSTEM ControlSet services BTHPORT Parameters Keys ceee f cc not active ControlSet Reg HKLM SYSTEM ControlSet services BTHPORT Parameters Keys ceee f cc f xA x xB x C ---- EOF - GMER ---- DDS Ver - - - NTFSx Internet Explorer BrowserJavaVersion Run by curtjumaine at on - - Microsoft Windows Starter GMT AV Norton Internet Security Disabled Outdated DF - - D- - DC EFD BF AV Avira Desktop Enabled Updated F B DE -C B - C F- EFF- C BD D C C SP Avira Desktop Enabled Updated D AAC -E E- B - F- F C DA SP Windows Defender Enabled Updated D DDC A- F- fae- E -DA C ACF SP Norton Internet Security Disabled Updated D BEB -B A- E - B -B B FW Norton Internet Security Disabled BE D -DB F- - AD - F E C FC Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k RPCSS C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows System DriverStore FileRepository stwrt inf x neutral b cef f d f... Read more

A:am i still infected with this virus?hard drive partly damaged.

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/428711 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system. If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.Thank you for your patience, and again sorry for the delay.*************************************************** We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE We also need a new log from the GMER anti-rootkit Scanner. Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here: How to create a GME... Read more

http://www.bleepingcomputer.com/forums/t/428711/am-i-still-infected-with-this-virushard-drive-partly-damaged/
Relevancy 63.64%

SOS I was wondering if anyone could help me Im a newbie so bear with me My Dell dimesion desk top has caught loads of virus's i managed to install Adaware clean Virus's Hard drive have infected just , install? a i shall my do and Spybot in safemode normal mode but it won't let me open the programmes or if it does it scans so slowy up to hrs to finish says its found and deleted the virus's but when i boot it up their still their and its becoming more and more slow I then tryed to remove the hard drive and Virus's have infected my Hard drive , shall i just do a clean install? connect it via a IDE interface with a usb on the other end to remotly scan it from my laptop but when I went to open up the case Dell have glued the screws so iam unable to remove it I bought the computer a few years ago second hand and it came with no other disks so i cant do a recovery repair with a windows disk My question is sorry to be long winded if i buy a copy of windows xp OEM can i just put it on or would i have to format the drive first which im gussing i should do how do i format the hard drive if i cant remove it if any one can help with some ideas or what software to use in order to do this would be great

A:Virus's have infected my Hard drive , shall i just do a clean install?

I vote YES

http://www.techsupportforum.com/forums/f10/viruss-have-infected-my-hard-drive-shall-i-just-do-a-clean-install-287297.html
Relevancy 63.21%

Help!!! my screen is red with a warning that says spyware detected. it has become my desktop picture. Now when i go to my computer some folders are missing such as my harddrive. What's more i cant install anti spyware programs now, i dont know why. Probably because the application that runs them has dissappeared. Now i when i access folders a popup comes out saying something like virus detected would you like to download anti spyware? if i press ok or no it directs me to a site that has been blocked for my safety by avg which i used to have. The avg seems not to work now. When i try to open it the computer asks me to choose a program to open it with! What do i do?? HELP!!!!!
 

A:Help! Infected with some kind of virus now i cant find my hard drive on my computer!

Please do not create multiple threads for the same problem! Read >>Posting help read first<< if you feel you are not getting help.

Continue here: http://forums.techguy.org/malware-removal-hijackthis-logs/735500-strange-virus-don-t-know.html
 

https://forums.techguy.org/threads/help-infected-with-some-kind-of-virus-now-i-cant-find-my-hard-drive-on-my-computer.735056/
Relevancy 63.21%

Hello I used google to search for this virus virus be SMART infected me now cant and found drive quickly hard and found multiple ways of deleting it All the original posts SMART virus infected me quickly and now hard drive cant be found state the same thing happening to them After the infection started I quickly moved to my SMART virus infected me quickly and now hard drive cant be found browser window and google searched a SMART virus infected me quickly and now hard drive cant be found removal guide and the first page that popped up stated I first needed to re-boot in safe mode with networking Easy enough few second later I was rebooting and got a dreaded blue screen of death before the OS got to boot that quickly restarted my computer again asking me how i would like to boot I started to go through every boot method until it started giving me only options start normally and a system restore one I clicked on the system restore and upon loading the screen freezes I left it there for over hours Even though I am using Windows I have an old Windows XP disc and was willing to temporarily downgrade to fix the problem and erase my entire hard drive I inserted the disc and booted from the CD and upon loading it gave me another blue screen During and in between all my attempts to fix this I have been on google and bleepingcomputer reading endless amounts of cases and not once have I found one where they could not boot up from any mode If needed I can post the blue screen error messages just ask if you want me to The farthest I can boot to is the windows loading screen after that the computer automatically restarts itself Never had any viruses prior on this computer anyways nor any warning signs but I am POORLY protected I can get a CD-RW if its needed I am currently on a year old computer just have to share the monitor I am on a DELL Inspiron and using Windows I already check the connections on the drive and it was okay Okay I will post exactly what this virus did to me I was browsing google images to get a template image to use for a website all the sudden my windows navigation bars changed shape They became much bigger and seconds later I got about error messages saying my computer was infected I started closing these windows and the actual quot VIRUS REMOVAL quot popped up It was titled S M A R T and started scanning my computer I tried closing it and as far as i remember it didnt stop it and I even tried closing out of everything I had opened except my browser My desktop then turned black and everything was removed from my desktop I clicked the start button and everything was removed from there too Thats when I google searched the only thing I remembered vividly quot SMART quot and added virus to it I got multiple pages giving instructions on how to fix it so the first step was to reboot but that ended up in catastrophe What im getting from the other articles on this virus is it hides files but does not delete them from you Now I wish i didn t panic and hit system restore before rebooting can t help to feel like it would of had a completely different outcome I highly appreciate everyones help in advance and not only in this thread but in all the others I have read multiple things in this forum in just the few hours I absorbed a great amount of knowledge about what I am dealing with If im missing something that is needed and is highly important feel free to ask

A:SMART virus infected me quickly and now hard drive cant be found

Important:Do not turn off System restore until we finish our cleaning processBoot into safemode with networkingDownloadTDSSkillerLaunch it.Click on change parameters-Select TDLFS file systemClick on "Scan".Please post the LOG report(log file should be in your C drive) DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results hereDownloadESET online scannerInstall itClick on START,it should download the virus definitionsWhen scan gets completed,click on LIST of found threatsExport the list to desktop,copy the contents of the text file in your replyDownloadUNHIDERun the tool as administrator,it should unhide your files

http://www.bleepingcomputer.com/forums/t/456464/smart-virus-infected-me-quickly-and-now-hard-drive-cant-be-found/
Relevancy 63.21%

i was chatting to a friend on gmail when firefox stopped responding to user input i had not opened any unusual or dodgy websites then my whole laptop froze i had to shut down my computer manually and restart it once i did so and re-opened firefox after a few minutes lots of windows kept on popping up showing some error message about a hard-drive failure some security windows popped up at the same time i think maybe even before the error messages i think i may have clicked don a infected popping up error virus & on keep with messages hard-drive t allow changes to be made button in the security windows once or twice i never clicked infected with a virus & hard-drive error messages keep on popping up on any of the hard-drive failure messages infected with a virus & hard-drive error messages keep on popping up after a while speech bubbles announcing a hard-drive failure started popping up in the taskbar as well most of my icons on the desktop vanished documents and programs seemed to vanish too there were about windows error messages open now and the computer was more or less frozen so i switched it off manually i then unplugged the laptop took out the battery waited for a minute put the battery back in and switched the laptop back on i managed to start up and sign into windows normally but as soon as it started up all error messages the same ones as previously popped up again the only icon left on my desktop was the recycle bin the taskbar looked strange with bigger font than usual most of my programs were gone i managed to run the control panel by pressing the windows icon and r i opened up system restore and i proceeded to restore my system to a former date since then my laptop has been working fine i have backed up all my important files and installed avg but i have noticed that a lot of my document folders such as word documents pictures and music files have suddenly been labeled as hidden DDS Ver - - - NTFSAMD Internet Explorer Run by Anna at on - - Microsoft Windows Ultimate GMT SP Windows Defender Enabled Outdated D DDC A- F- fae- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k RPCSS C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Program Files x Mobile Broadband Connect BecHelperService exe C Windows system svchost exe -k LocalServiceAndNoImpersonation C Windows system sppsvc exe C Windows system svchost exe -k imgsvc C Windows system svchost exe -k bthsvcs C Windows system taskhost exe C Windows system Dwm exe C Windows Explorer EXE C Windows System igfxtray exe C Windows System hkcmd exe C Windows System igfxpers exe C Program Files x uTorrent uTorrent exe C Windows system igfxsrvc exe C Windows System StikyNot exe C Users Anna AppData Roaming Dropbox bin Dropbox exe C Windows system SearchIndexer exe C Program Files x Common Files Adobe ARM AdobeARM exe C Program Files x Common Files Real Update OB realsched exe C Program Files x SecureW sw tray exe C Program Files Windows Media Player wmpnetwk exe C Windows system SearchProtocolHost exe C Windows System svchost exe -k LocalServicePeerNet C Windows System svchost exe -k secsvcs C Windows system wuauclt exe C Windows system svchost exe -k SDRSVC C Program Files x Mozilla Firefox firefox exe C Program Files x Mozilla Firefox plugin-container exe C Windows system wbem wmiprvse exe C Windows system SearchFilterHost exe C Windows SysWOW cmd exe C Windows system conhost exe C Windows SysWOW cscript exe C Windows system wbem wmiprvse exe Pseudo HJT Report uStart Page hxxp www hotmail com mWinlogon Userinit userinit exe BHO Adobe PDF Link Helper df c-e ad- -a -fa c ebdc... Read more

A:infected with a virus & hard-drive error messages keep on popping up

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/428798 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system. If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.Thank you for your patience, and again sorry for the delay.*************************************************** We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE We also need a new log from the GMER anti-rootkit Scanner. Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here: How to create a GME... Read more

http://www.bleepingcomputer.com/forums/t/428798/infected-with-a-virus-hard-drive-error-messages-keep-on-popping-up/
Relevancy 59.34%

I It Week Kick Infected 1 Now, For Cant already scaned my computer ran spybot Windows defender and NAV and removed what I could but I cant kick this last one I believe it has something to do with Infected For 1 Week Now, Cant Kick It autosys exe I'm getting IE popups other infections from it Any help would be greatly appreaciated Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS Infected For 1 Week Now, Cant Kick It system lsass exeC WINDOWS system svchost exeC Program Files Windows Defender MsMpEng exeC WINDOWS System svchost exeC Program Files Common Files Symantec Shared ccSetMgr exeC Program Files Common Infected For 1 Week Now, Cant Kick It Files Symantec Shared ccEvtMgr exeC Program Files Common Files Symantec Shared SNDSrvc exeC Program Files Common Files Symantec Shared SPBBC SPBBCSvc exeC Program Files Common Files Symantec Shared CCPD-LC symlcsvc exeC WINDOWS system spoolsv exeC Program Files Symantec LiveUpdate ALUSchedulerSvc exeC Program Files Diskeeper DkService exeC Program Files Folding Home FAH -Console exeC Program Files Norton AntiVirus navapsvc exeC Program Files Symantec Norton Ghost Agent PQV iSvc exeC Program Files Folding Home FahCore exeC Program Files Norton AntiVirus IWP NPFMntor exeC WINDOWS system tcpsvcs exeC Program Files Alcohol Alcohol StarWind StarWindService exeC WINDOWS system svchost exeC Program Files iPod bin iPodService exeC Program Files Common Files Symantec Shared Security Console NSCSRVCE EXEC WINDOWS System svchost exeC PROGRA COMMON Stardock SDMCP exeC Program Files Stardock Object Desktop WindowBlinds wbload exeC WINDOWS Explorer EXEC Program Files Symantec Norton Ghost Agent GhostTray exeC Program Files Gmail Notifier gnotify exeC WINDOWS system CTHELPER EXEC Program Files Microsoft IntelliType Pro itype exeC Program Files Microsoft IntelliPoint ipoint exeC Program Files iTunes iTunesHelper exeC Program Files Windows Defender MSASCui exeC Program Files Common Files Symantec Shared ccApp exeC Program Files Unlocker UnlockerAssistant exeC Program Files Spybot - Search amp Destroy TeaTimer exeC Program Files Panorama Panorama exeC Program Files SpeedFan speedfan exeC Program Files ATI Technologies ATI ACE CLI EXEC Program Files ATI Technologies ATI ACE cli exeC Program Files Mozilla Firefox firefox exeC HJT HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL about blankR - HKCU Software Microsoft Internet Explorer Main Start Page http securityresponse symantec com avcenter fix homepage R - HKLM Software Microsoft Internet Explorer Main Default Page URL about blankR - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page c secure htmlR - HKCU Software Microsoft Internet Explorer Main Local Page c secure htmlR - HKLM Software Microsoft Internet Explorer Main Local Page about blankO - Toolbar Norton AntiVirus - C E A- F - E-B E- B - C Program Files Norton AntiVirus NavShExt dllO - Toolbar AOL Toolbar - DE C F- - A - B-AA ED D - no file O - HKLM Run Norton Ghost C Program Files Symantec Norton Ghost Agent GhostTray exeO - HKLM Run e - f c- e -a ec-b a b c C Program Files Gmail Notifier gnotify exeO - HKLM Run DiskeeperSystray quot C Program Files Diskeeper DkIcon exe quot O - HKLM Run LogonStudio quot C Program Files Stardock LogonStudio logonstudio exe quot RANDOMO - HKLM Run WINDVDPatch CTHELPER EXEO - HKLM Run itype quot C Program Files Microsoft IntelliType Pro itype exe quot O - HKLM Run IntelliPoint quot C Program Files Microsoft IntelliPoint ipoint exe quot O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run Windows Defender quot C Program Files Windows... Read more

A:Infected For 1 Week Now, Cant Kick It

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.Please download SmitfraudFix (by S!Ri)Extract the content (a folder named SmitfraudFix) to your Desktop.Next, please reboot your computer in Safe Mode by doing the following :Restart your computerAfter hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;Instead of Windows loading as normal, a menu with options should appear;Select the first option, to run Windows in Safe Mode, then press "Enter".Choose your usual account.Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmdSelect option #2 - Clean by typing 2 and press "Enter" to delete infected files.You will be prompted: "Registry cleaning - Do you want to clean the registry?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply along with a new hijack log.The report can also be found at the root of the system drive, usually at C:\rapport.txtWarning: running option #2 on a non infected computer will remove your Desktop background.================Download http://downloads.andymanchesta.com/RemovalTools/SDFix.exe and save it to your Desktop.Double click SDFix.exe and it will extract the files to %systemdrive%(Drive that contains the Windows Directory, typically C:\SDFix)Please then reboot your computer in Safe Mode by doing the following :? Restart your computer? After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;? Instead of Windows loading as normal, the Advanced Options Menu should appear;? Select the first option, to run Windows in Safe Mode, then press Enter.? Choose your usual account.? Open the extracted SDFix folder and double click RunThis.bat to start the script.? Type Y to begin the cleanup process.? It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.? Press any Key and it will restart the PC.? When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.? Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt(Report.txt will also be copied to Clipboard ready for posting back on the forum).? Finally paste the contents of the Report.txt back on the forum with a new HijackThis log

http://www.bleepingcomputer.com/forums/t/78081/infected-for-1-week-now-cant-kick-it/
Relevancy 58.91%

Hello i have been having these problems for quite some time but i just recently found your forum The types of problems im having include Having a pop-up browser as part of my wall paper Computer will run slower at times random pop up messages without an actual browser window such as messages saying to click yes to continue on to party poker wall paper tends to turn all white at times Whenever i run Ad aware and spybot it tells me it cannot remove surf side kick and command services Most of the problems come back when i restart my computer as well I have tried using add remove programs for surf side kick and it does not show up I have also tried running those programs in safe mode Others. Side Surf Infected With And Kick 3 but i still have the same problems I applogize for any inconvinence and any help is appreciated My HJT logfile will be pasted below Thanks Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe Infected With Surf Side Kick 3 And Others. C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe Infected With Surf Side Kick 3 And Others. C WINDOWS system spoolsv exe C WINDOWS system Ati evxx exe C WINDOWS Explorer EXE C Program Files Common Files New Boundary PrismXL PRISMXL SYS C WINDOWS system wuauclt exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Digital Media Reader shwiconem exe C Program Files Common Files Real Update OB realsched exe C Program Files QuickTime qttask exe C WINDOWS jdxcenc EXE C WINDOWS SOUNDMAN EXE C Program Files NVIDIA Corporation NvMixer NVMixerTray exe C Program Files ATI Technologies ATI ACE cli exe C Program Files Winamp winampa exe C WINDOWS win - exe C WINDOWS ms - exe C WINDOWS awtkumvA exe C WINDOWS errorhandler exe C Program Files Armor net Armor net Personal Firewall Armor net exe C WINDOWS jglwgfqA exe C WINDOWS srvdaaryco exe C Program Files Messenger msmsgs exe C Program Files AIM aim exe C Program Files MSN Messenger MsnMsgr Exe C Program Files Common Files curity s chost exe C Program Files BigFix BigFix exe c windows system dwdsregt exe C WINDOWS system WNSXS fast exe C Program Files ATI Technologies ATI ACE cli exe C Program Files ATI Technologies ATI ACE cli exe C HijackThis HijackThis exe R - URLSearchHook no name - EE B -F - BB- FB-A BD B A - C Program Files SurfSideKick SskBho dll F - REG system ini Shell Explorer exe C WINDOWS system uaexd exe F - REG system ini UserInit userinit exe gvkcoau exe O - BHO CFG S - B - E - c b-A -C EC AC DA - no file O - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run SunKistEM C Program Files Digital Media Reader shwiconem exe O - HKLM Run navapp C Program Files NavExcel NavHelper v d navapp exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run exp C WINDOWS system exp O - HKLM Run Sysnet C DOCUME Owner LOCALS Temp sysnet exe O - HKLM Run jdxcenc C WINDOWS jdxcenc EXE O - HKLM Run s h O conacc exe O - HKLM Run yvrbpmj C WINDOWS yvrbpmj EXE O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run NVMixerTray quot C Program Files NVIDIA Corporation NvMixer NVMixerTray exe quot O - HKLM Run ATICCC quot C Program Files ATI Technologies ATI ACE cli exe quot runtime -Delay O - HKLM Run WinampAgent C Program Files Winamp winampa exe O - HKLM Run TheMonitor C WINDOWS CheckS exe O - HKLM Run win - C WINDOWS win - exe O - HKLM Run ms - C WINDOWS ms - exe O - HKLM Run awtkumvA C WINDOWS awtkumv... Read more

A:Infected With Surf Side Kick 3 And Others.

Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. Please read this post completely before begining. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.* * * * * * Download and run - bfu.zip Checkmark the following boxes:Use settings specified in script for the above option Show log after script ends Click the Web button located on the top right corner Copy/Paste this url into the address bar of the Download script window:

http://metallica.geekstogo.com/alcanshorty.bfu

Execute the script by clicking the Execute button. When it finishes running, click the Save button for a copy of the log Post the log created by the script when you have completed the fix* * * * * *Download this file - combofix.zipFrom within it, double click on combo.exe & follow the prompts.When finished, it shall produce a log for you. Post that log in your next replyNote: Do not mouseclick combofix's window whilst it's running. That may cause it to stall* * * * * *ADDITIONAL DOWNLOADS * * * * * * * * * * * * * *Download & install CleanUp.exe (not recommended for WinXP64)Download Dr.Web CureIt & save it on desktop. We shall be using it later'UNPLUG'/DISCONNECT your computer from the Internet when you have finished downloading. It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence. * * * * * * FIXING ENTRIES WITH HIJACKTHIS * * * * * * * * * * Do a HijackThis scan & place a check next to these items and select "Fix checked": O2 - BHO: CFG32S - {7564B020-44E8-4c9b-A887-C6EC41AC67DA} - (no file)O4 - HKLM\..\Run: [navapp] C:\Program Files\NavExcel\NavHelper\v2.0.4d\navapp.exeO4 - HKLM\..\Run: [exp] C:\WINDOWS\system32\expO4 - HKLM\..\Run: [Sysnet] C:\DOCUME~1\Owner\LOCALS~1\Temp\sysnet.exeO4 - HKLM\..\Run: [jdxcenc] C:\WINDOWS\jdxcenc.EXEO4 - HKLM\..\Run: [2s3h38O] conacc.exeO4 - HKLM\..\Run: [yvrbpmj] C:\WINDOWS\yvrbpmj.EXEO4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\CheckS02.exeO4 - HKLM\..\Run: [win32091-86630589] C:\WINDOWS\win32091-86630589.exeO4 - HKLM\..\Run: [ms065891-86630] C:\WINDOWS\ms065891-86630.exeO4 - HKLM\..\Run: [awtkumvA] C:\WINDOWS\awtkumvA.exeO4 - HKLM\..\Run: [errorhandler] C:\WINDOWS\errorhandler.exeO4 - HKLM\..\Run: [w1d7513a.dll] RUNDLL32.EXE w1d7513a.dll,I2 000df09201d7513aO4 - HKLM\..\Run: [Armor2net] C:\Program Files\Armor2net\Armor2net Personal Firewall\Armor2net.exeO4 - HKLM\..\Run: [{D3-38-89-9D-ZN}] c:\windows\system32\dwdsregt.exe GID003O4 - HKLM\..\Run: [jglwgfqA] C:\WINDOWS\jglwgfqA.exeO4 - HKLM\..\Run: [srvdaaryco] C:\WINDOWS\srvdaaryco.exeO4 - HKCU\..\Run: [mcdsmo] C:\WINDOWS\system32\mcdsmo.exeO4 - HKCU\..\Run: [irssyncd] C:\WINDOWS\system32\irssyncd.exeO4 - HKCU\..\Run: [Cpue] "C:\WINDOWS\system32\WNSXS~1\fast.exe" -vt yazrO4 - HKCU\..\Run: [Bxxwmep] C:\Program Files\Common Files\??curity\s?chost.exeO4 - Startup: Z_Start.lnk = C:\WINDOWS\system32\pjdsregm.exe * * * * * * RESTART WINDOWS IN SAFE MODE * * * * * * * * * * 1. Restart your computer2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.3. Instead of Windows loading as normal, a menu should appear4. Select the option to run Windows ... Read more

http://www.bleepingcomputer.com/forums/t/54697/infected-with-surf-side-kick-3-and-others/
Relevancy 57.62%

At first I was infected with a bunch of different viruses adwares malwares and pretty much everything else I was getting tons of pop ups my browser was being hijacked my registry was locked and I couldn't They Removed Be But And With Had Sufer Infected Kick To All Others Look2me, Side Seemed Several open the task manager After running several anti-adware virus programs and hijackthis I was able to fix most of the problems Now all that seems to be Infected With Look2me, Had Sufer Side Kick And Several Others But They All Seemed To Be Removed left is Look me Nothing that I'm doing seems to work I'm still getting popups my comptuer is running slower than it should be and programs randomly crash Any help would be most welcome Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Common Files Symantec Shared ccSetMgr exeC Program Files Common Files Symantec Shared SPBBC SPBBCSvc exeC Program Files Common Files Symantec Shared ccEvtMgr exeC WINDOWS system spoolsv exeC WINDOWS Explorer EXEC Program Files ewido anti-spyware ewido exeC Program Files AIM aim exeC WINDOWS system ctfmon exeC Program Files Symantec AntiVirus DefWatch exeC Program Files ewido anti-spyware guard exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC WINDOWS system devldr exeC Program Files Spyware Doctor sdhelp exeC Program Files Symantec AntiVirus Rtvscan exeC Program Files Internet Explorer iexplore exeC PROGRA MOZILL FIREFOX EXEC Program Files Lavasoft Ad-Aware SE Personal Ad-Aware exeC Documents and Settings Eric Desktop HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http securityresponse symantec com avcenter fix homepage R - HKLM Software Microsoft Internet Explorer Main Start Page http securityresponse symantec com avcenter fix homepage R - Default URLSearchHook is missingF - system ini Shell Explorer exe C WINDOWS SYSTEM winmgd winF - win ini run C WINDOWS SYSTEM mouse configurator winF - REG system ini UserInit userinit exe heenhxp exeO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run zskespk j damjnowrb inkrwksz c windows system zskwrkni brwonjmad j kpse exeO - HKLM Run ewido quot C Program Files ewido anti-spyware ewido exe quot minimizedO - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottimeO - HKLM Run KernelFaultCheck systemroot system dumprep -kO - HKLM RunServices zskespk j damjnowrb inkrwksz c windows system zskwrkni brwonjmad j kpse exeO - HKCU Run zskespk j damjnowrb inkrwksz c windows system zskwrkni brwonjmad j kpse exeO - HKCU Run AIM C Program Files AIM aim exe -cnetwait odlO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run Spyware Doctor quot C Program Files Spyware Doctor swdoctor exe quot QO - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exeO - Extra context menu item amp Google Search - res c program files google GoogleToolbar dll cmsearch htmlO - Extra context menu item Backward Links - res c program files google GoogleToolbar dll cmbacklinks htmlO - Extra context menu item Cached Snapshot of Page - res c program files google GoogleToolbar dll cmcache htmlO - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra context menu item Similar Pages - res c program files google GoogleToolbar dll cmsimilar htmlO - Extra context menu item Translate into English - res c program files google GoogleToolbar dll cmtrans htmlO - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dllO - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dllO - Extra button Spyware Doctor - D D A- - D -A A - ... Read more

A:Infected With Look2me, Had Sufer Side Kick And Several Others But They All Seemed To Be Removed

Hello,Your system is terribly infected. Problem with these infections nowadays is, it causes a lot of damage. Even if we clean the malware off your system, I can't guarantee that your system will be clean afterwards, because these infections/bundles leave a lot of leftovers behind that most scanners won't even recognise and logs won't show.Also, I can't promise you we can repair all the damage it caused... Even after cleaning the malware, you can still get errors afterwards because of the damage. Solving these is not always possible since it will be searching for a needle in a haystack to find the right cause and solution.So, we can try to clean this up and do what we can, but keep in mind that we can't solve ALL problems this malware already caused.Please perform next steps in the right order..Open notepad and copy and paste next present in the quotebox below in it:(don't forget to copy and paste REGEDIT4)REGEDIT4[HKEY_CLASSES_ROOT\regfile\shell\open\command]@="regedit.exe \"%1\""[-HKEY_CLASSES_ROOT\keyfile][HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings]"Timeout"=-[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Scripting Host\Settings]"Timeout"=-Save this as fix.reg Choose to save as *all files and place it on your C:\ Important!!! It should look like this: (In case you are unsure how to create a reg file, take a look here with screenshots.)Then go to start > run and copy and paste next command in the field:C:\fix.reg# Then click OK.# When prompted for confirmation, click Yes.# When prompted for confirmation again, click OK.When done, * Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:R3 - Default URLSearchHook is missingF0 - system.ini: Shell=Explorer.exe C:\WINDOWS\SYSTEM32\winmgd.winF1 - win.ini: run=C:\WINDOWS\SYSTEM32\mouse_configurator.winF2 - REG:system.ini: UserInit=userinit.exe,heenhxp.exeO4 - HKLM\..\Run: [?_zskespk[j_damjnowrb50inkrwksz_] c:\windows\system32\_zskwrkni05brwonjmad_j[kpse.exeO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\RunServices: [?_zskespk[j_damjnowrb50inkrwksz_] c:\windows\system32\_zskwrkni05brwonjmad_j[kpse.exeO4 - HKCU\..\Run: [?_zskespk[j_damjnowrb50inkrwksz_] c:\windows\system32\_zskwrkni05brwonjmad_j[kpse.exeO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cabO20 - AppInit_DLLs: sysiusrc.dll hhsedpvo.dllO20 - Winlogon Notify: scrovfpo - C:\WINDOWS\system32\scrovfpo.dllO20 - Winlogon Notify: Unimodem - C:\WINDOWS\system32\p24u0ch9ef4.dllO21 - SSODL: DCOM Server 2236 - {2C1CD3D7-86AC-4068-93BC-A02304BB2236} - C:\WINDOWS\system32\2236_27.dll (file missing)* Click on Fix Checked when finished and exit HijackThis.Make sure your Internet Explorer is closed when you click Fix Checked!REBOOT!!!After reboot,* Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer Go to Control Panel > Internet Options > General tabClick the "Delete Cookies" buttonNext to it, Click the "Delete Files" buttonWhen prompted, place a check in: "Delete all offline content", click OK* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu on the left side of the Options window.Click the Clear button located to the right of each option (History, Cookies, Cache).Click OK to close the Options window
Alternatively, you can clear all information stored while browsing by clicking Clear All.
A confirmation dialog box will be shown befor... Read more

http://www.bleepingcomputer.com/forums/t/59865/infected-with-look2me-had-sufer-side-kick-and-several-others-but-they-all-seemed-to-be-removed/
Relevancy 57.19%

I have been infected with a number of adware viruses Got so bad I lost Windows access - but a friend helped me get it back Since then Spybot Adaware and Norton antivirus repeatedly tell me I have no infections However when I am online with broadband I consistently get a pop Scan, Surfside Cmd Others! Purity Virtumonde, And Infected Kick With Service, message from quot Messenger Service quot telling me I have a message from usually security to alert inviting me to download a particular utility e g corrupted system registry therefore visit www FixReg com and so forth I have followed the instructions provided on this site As such Spybot Adaware Norton antivirus all clear Avert Stinger also clear However Panda came up with the following I haven't deleted the infected files I think I need advice Incident Status Location Adware Adware MaxFiles Not disinfected C Program Files ipwins ipwins exe Adware Adware PurityScan Not disinfected C WINDOWS System alg dll Adware adware Infected With Virtumonde, Cmd Service, Purity Scan, Surfside Kick And Others! block-checker Not disinfected c windows system ustart exe Spyware spyware surfsidekick Not disinfected C Documents and Settings Infected With Virtumonde, Cmd Service, Purity Scan, Surfside Kick And Others! Brett Morgan Local Settings Temporary Internet Files Ssk log Adware adware gator Not disinfected c windows GatorPatch log Adware adware dollarrevenue Not disinfected c windows keyboard dat Adware adware sidesearch Not disinfected Windows Registry Spyware spyware virtumonde Not disinfected Windows Registry Adware Adware PurityScan Not Infected With Virtumonde, Cmd Service, Purity Scan, Surfside Kick And Others! disinfected C WINDOWS system wuauboot dll Spyware Cookie WinFixer Not disinfected C WINDOWS Temp Cookies brett morgan winfixer txt Spyware Cookie Reliablestats Not disinfected C WINDOWS Temp Cookies brett morgan stats reliablestats txt Spyware Cookie YieldManager Not disinfected C WINDOWS Temp Cookies brett morgan ad yieldmanager txt Spyware Cookie Kmpads Not disinfected C WINDOWS Temp Cookies brett morgan kmpads txt Adware Adware ActiveSearch Not disinfected C WINDOWS zornnn exe toolbar dll Adware Adware ActiveSearch Not disinfected C WINDOWS toolbar exe toolbar dll Bit Defender came up with the following BitDefender Online Scanner Scan report generated at Wed Jul - Scan path A C D E Statistics Time Files Folders Boot Sectors Archives Packed Files Results Identified Viruses Infected Files Suspect Files Warnings Disinfected Deleted Files Engines Info Virus Definitions Engine build AVCORE v build i Apr Scan plugins Archive plugins Unpack plugins E-mail plugins System plugins Scan Settings First Action Prompt Second Action None Heuristics Yes Enable Warnings Yes Scanned Extensions Exclude Extensions Scan Emails Yes Scan Archives Yes Scan Packed Yes Scan Files Yes Scan Boot Yes Scanned File Status C Program Files Common Files svchostsys svchostsys exe config Infected with Trojan Downloader MSIL B C Program Files Common Files svchostsys svchostsys exe config Deleted C Program Files Common Files svchostsys svchostupdate exe config Infected with Trojan Downloader MSIL B C Program Files Common Files svchostsys svchostupdate exe config Deleted C Program Files Norton AntiVirus Quarantine AA zip gt Quarantine- gt A class Infected with Trojan Exploit Java Bytverify C C Program Files Norton AntiVirus Quarantine AA zip gt Quarantine- gt A class Deleted C Program Files Norton AntiVirus Quarantine AA zip gt Quarantine- Updated C Program Files Norton AntiVirus Quarantine AA zip gt Quarantine- gt BlackBox class Infected with Trojan Exploit Java Bytverify B C Program Files Norton AntiVirus Quarantine AA zip gt Quarantine- gt BlackBox class Deleted C Program Files Norton AntiVirus Quarantine AA zip gt Quarantine- Updated C Program Files Norton AntiVirus Quarantine AA zip Update failed C Program Files Norton AntiVirus Quarantine A zip gt Quarantine- gt A class Infected with Trojan Expl... Read more

A:Infected With Virtumonde, Cmd Service, Purity Scan, Surfside Kick And Others!

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. Before we can get started on fixing your problem you must change the location of Hijackthis. It should not run from a temp directory. Download and run the HijackThis autoinstall program Please choose the default location of C:\Program Files as the destination.Run the program only from that location from now on. It is essential that you follow these steps or certain important features of the program will not function correctly.Once you have Hijackthis running from this folder, please reboot and post a new hijackthis log as a reply in this thread.

http://www.bleepingcomputer.com/forums/t/58486/infected-with-virtumonde-cmd-service-purity-scan-surfside-kick-and-others/
Relevancy 55.47%

I had AD commad A and successfully removed it but now I have this I have gone into the registry per trend micro documentation and deleted cmdServices Surf side kick is in C Program Files and i cannot delete it even in safe mode Please assist me Steve L MFIX find log These are the registry keys present Winlogon notify Windows Registry Editor Version HKEY LOCAL MACHINE Software Microsoft Windows NT CurrentVersion Winlogon Notify HKEY LOCAL MACHINE Software Microsoft Windows NT CurrentVersion Winlogon Notify crypt chain quot Asynchronous quot dword quot Impersonate quot dword quot DllName quot hex e c c quot Logoff quot quot ChainWlxLogoffEvent quot HKEY LOCAL MACHINE Software Microsoft Windows NT CurrentVersion Winlogon Notify cryptnet quot Asynchronous quot dword quot Impersonate quot dword quot DllName quot hex e e c c quot Logoff quot quot CryptnetWlxLogoffEvent quot HKEY LOCAL MACHINE Software Microsoft Windows NT CurrentVersion Winlogon Notify cscdll quot DLLName quot quot cscdll dll quot quot Logon quot quot Adw 3 up Surfside (virus pop kick windows) WinlogonLogonEvent quot quot Logoff quot quot WinlogonLogoffEvent quot quot ScreenSaver quot quot WinlogonScreenSaverEvent quot quot Startup quot quot WinlogonStartupEvent quot Adw Surfside kick 3 (virus pop up windows) quot Shutdown quot quot WinlogonShutdownEvent quot quot StartShell quot quot WinlogonStartShellEvent quot quot Impersonate quot dword quot Asynchronous quot dword HKEY LOCAL MACHINE Software Adw Surfside kick 3 (virus pop up windows) Microsoft Windows NT CurrentVersion Winlogon Notify ScCertProp quot DLLName quot quot wlnotify dll quot quot Logon quot quot SCardStartCertProp quot quot Logoff quot quot SCardStopCertProp quot quot Lock quot quot SCardSuspendCertProp quot quot Unlock quot quot SCardResumeCertProp quot quot Enabled quot dword quot Impersonate Adw Surfside kick 3 (virus pop up windows) quot dword quot Asynchronous quot dword HKEY LOCAL MACHINE Software Microsoft Windows NT CurrentVersion Winlogon Notify Schedule quot Asynchronous quot dword quot DllName quot hex c e f e c c quot Impersonate quot dword quot StartShell quot quot SchedStartShell quot quot Logoff quot quot SchedEventLogOff quot HKEY LOCAL MACHINE Software Microsoft Windows NT CurrentVersion Winlogon Notify sclgntfy quot Logoff quot quot WLEventLogoff quot quot Impersonate quot dword quot Asynchronous quot dword quot DllName quot hex c e e c c HKEY LOCAL MACHINE Software Microsoft Windows NT CurrentVersion Winlogon Notify SensLogn quot DLLName quot quot WlNotify dll quot quot Lock quot quot SensLockEvent quot quot Logon quot quot SensLogonEvent quot quot Logoff quot quot SensLogoffEvent quot quot Safe quot dword quot MaxWait quot dword quot StartScreenSaver quot quot SensStartScreenSaverEvent quot quot StopScreenSaver quot quot SensStopScreenSaverEvent quot quot Startup quot quot SensStartupEvent quot quot Shutdown quot quot SensShutdownEvent quot quot StartShell quot quot SensStartShellEvent quot quot PostShell quot quot SensPostShellEvent quot quot Disconnect quot quot SensDisconnectEvent quot quot Reconnect quot quot SensReconnectEvent quot quot Unlock quot quot SensUnlockEvent quot quot Impersonate quot dword quot Asynchronous quot dword HKEY LOCAL MACHINE Software Microsoft Windows NT CurrentVersion Winlogon Notify termsrv quot Asynchronous quot dword quot DllName quot hex c e f e c c quot Impersonate quot dword quot Logoff quot quot TSEventLogoff quot quot Logon quot quot TSEventLogon quot quot PostShell quot quot TSEventPostShell quot quot Shutdown quot quot TSEventShutdown quot quot StartShell quot quot TSEventStartShell quot quot Startup quot quot TSEventStartup quot quot MaxWait quot dword quot Reconnect quot quot TSEventReconnect quot quot Disconnect quot quot TSEventDisconnect quot HKEY LOCAL MACHINE Software Microsoft Windows NT CurrentVersion Winlogon Notify Unimodem quot Asynchronous quot dword quot DllName quot quot C WINDOWS system MPXMLR DLL quot quot Impersonate quot d... Read more

A:Adw Surfside kick 3 (virus pop up windows)

Hi and welcome to TSF

I'm Jet Ian, and I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible. Please be patient with me during this time.

We also recommend that you Subscribe to this thread so that when I or the other experts replied, you will get an email notification. To do this: Click on then and make sure you set it to Instant notification by email.

http://www.techsupportforum.com/forums/f284/adw-surfside-kick-3-virus-pop-up-windows-95029.html
Relevancy 53.75%

A little bit of a long title, but this suddenly popped into my head and I just HAD to get an answer to this just in case. I searched around on Google, but I didn't really know what to type in or what to look for.
 
So, here goes. As the title suggests, I'm curious if a hard drive with an infected Windows on it could infect someone else's PC if it were connected as an external hard drive, with USB, for example. I'd assume that it's possible, but in most cases unlikely if all one would do is look at the drive's contents and possibly format it.
 
Did I just answer my own question? Should you still be careful, or can't it hurt as long as no files are transferred from the infected hard drive?

A:Can infected OS hard drive infect the host if connected as USB drive?

Depends what sort of infection it is.
If the infection on the hardrive (which is being connected in a way an external data storage device generally would be) is not active, and is just within some of the files then others should be safe and infection fre, and for the host machine to be infected a use would need to run one of the infected files on the HDD.
If the infection on the hard-drive has some sort of autorun system which lets it execute automatically as soon as connected to any device then the host will get infected.
It all depends on the type of infection. Best NOT to try anything like this unless you can be utterly sure the infection is of the first type and that it isn't in any of the files you might want to copy from the HDD.
You might consider plugging the HDD into a machine running a linux operating system, then copying off anything you need to (don't copy off exe, scr or dll files, assume them to all be infected), then using that machine to format the hard drive. If copying off any files you will need to scan them heavily, there are tools which can be run on a linux system to check files for infections which might become active if they were opened on a windows system.
Regarding autorun, some types of auto-rnning are still possible aren't they? In general it isn't but at present there do exist viruses which can write themselevs to USB and then infect any machine they are plugged into without the user needing to delibrately open any files on the USB. There have also been some discoveries of problems within the USB type of connection itself which could be used to put viruses into the firmware of a USB, the principles might be different to traditional autorun but the end result is similar.

http://www.bleepingcomputer.com/forums/t/576687/can-infected-os-hard-drive-infect-the-host-if-connected-as-usb-drive/
Relevancy 51.17%

Hi guys First off I m not massively tech minded About a year ago is my hard drive I infected think my dell laptop started playing up it got a bit jumpy and slow sorry not very technical and one big main prob when I tried copying files photos to disk or external device it would I think my hard drive is infected copy one or two files photo then the estimated time would start going up to ridiculous times like days and hours Around the same time I started to notice problems with my iPhone not uncommon I know it was sent off to apple Hq and they said after restoring they could find no problems I think my hard drive is infected but when I got it back reloaded my apps and stuff from my laptop all probes started again I eventually was given a replacement phone and guess what same probes again Two weeks ago I got a new pc it was very good fast full of memory and worked fine Then I transferred all my photos and files over from my laptop by memory stick and the same probes have now started just tried to burn a disc of photos and the estimated time went up to days and hrs I have now put all my old laptop files on my spare drive so to get the off os drive Please help I do run AVG free version and ain t had any virus warnings I don t really wanna have to replace the hard drive on my new pc and even if I did I still have all my old photos and files which I believe are the problem I really can t get rid of the photos as I m a wedding photographers so although I don t need to give these old photos to clients I do still need them for my portfolio and advertising reasons Thanks peeps nbsp

Relevancy 51.17%

If posted incorrectly please move as appropriate I have installed Infected Drive Hard 2nd an old Quantum Fireball GB AT ICT hard drive from a busted old pc into my current Compaq Presario spec at the link Quantum hard drive s seem to have been taken over by Maxtor which was taken over by Seagate and so I can t find any support or documentation for my drive links fr this would be appreciated I have now installed it into my system Infected 2nd Hard Drive as a slave drive however it is quite heavily infected with adware spyware and possibly viruses too Upon booting up numerous problems were flagged by the AVG Free Anti-Virus I have on my main hard drive so I proceeded to use Ad-Aware and AVG scans on the installed hard drive and removed all problems found The PC is not connected to the internet at the moment for fear of further infection I would like to know what would happen if I did connect it to the internet Is it possible for one drive to become infected and then infect the other drive I would also like your advice on how to set up the system My intention is to use the second drive to store media files and documents moveis songs word files etc Do I need to configure it in any special way Should I use additional anti-spyware adware virus software for the second drive Also I need to transfer some old files stored on the infected drive to my main one Is it safe to do so while infected Once done I will also need to format the drive too how should I do this - any special software Thanks in advance

A:Infected 2nd Hard Drive

Looking at this this would mean a challenge ( to the say the very least) to the HiJackThis team. My suggestion would be to take it out of your computer and to put it into a case and connect it via USB or Firewire to your computer.Unfortunally since you allready put it into your computer the chances that your computer is now also infected are very much there.I would say do a scan with AVG Anti Virus/AVG Anti Spyware and SuperantiSpyware as well as Adaware and Spybot (links in my sig) to clear out the largest problems and post the findings hereDownload and scan with SUPERAntiSpyware Free for Home Users * Double-click SUPERAntiSpyware.exe and use the default settings for installation. * An icon will be created on your desktop. Double-click that icon to launch the program. * If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Udates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.) * When done, select "Scan for Harmful Software". * There are three scanning options. Choose "Perform Complete Scan" and click "Next". * When done, a Scan Summary will appear with potentially harmful items that were detected. Click "OK". * Make sure they all have a checkmark next to them and click "Next". * A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu. * Click Preferences and then click the statistics/logs tab. * Click the dated log and press View log. A text file will appear so you can see the results. * Select close to exit the program. * Scan in SAFE MODEAfter that, download DrWeb-CureIt & save it to your desktop. DO NOT perform a scan yet.Reboot your computer in SAFE MODE using the F8 method.Scan with DrWeb-CureIt as follows: * Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear. * Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it. * Once the short scan has finished, Click Options > Change settings * Choose the "Scan tab" and UNcheck "Heuristic analysis" * Back at the main window, click "Select drives" (a red dot will show which drives have been chosen) * Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start. * When done, a message will be displayed at the bottom advising if any viruses were found. * Click "Yes to all" if it asks if you want to cure/move the file. * When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable". (This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured) * Next, in the Dr.Web CureIt menu on top, click file and choose save report list. * Save the DrWeb.csv report to your desktop. * Exit Dr.Web Cureit when done. * Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.Download and install AVG Anti-Spyware v7.5.After download, double click on the file to launch the install process.Choose a language, click "OK" and then click "Next".Read the "License Agreement" and click "I Agree".Accept default installation path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5, click "Next", then click "Install".After setup completes, click "Finish" to start... Read more

http://www.bleepingcomputer.com/forums/t/90608/infected-2nd-hard-drive/
Relevancy 50.74%

Hi everyone Here s my status A week or so ago I started having some issues with my computer Mostly chkdsk would run at every startup find and fix some indexing problems and then finally start up The bad part is that over the last few days Word does not come up nor does drive infected or computer? Hard AOL Chkdsk does not seem to run at startup now but the other isuues remain Hard drive or infected computer? I should also say that this computer is older a Cadillac in its day a Cobalt today which makes me wonder if it is the hard drive Things I have done already run defrag have burned off all my pictures word docs etc I also downloaded something called Seatools for windows and ran it against my c drive A Maxtor T H I did get some failures when it ran but I ve also found posting that the tool is somewhat unreliable So at this point I m stuck is it a virus making everything run slowly and make Word and AOL unusable or is it my hard drive Let me know what I should do next Thanks for your help Coach Bob

A:Hard drive or infected computer?

Hi coach. Well let's run a malware scan.and see what that says. Then we'll move you to a different forum if needed.Please download Malwarebytes Anti-Malware (v1.32) and save it to your desktop.alternate download link 1alternate download link 2If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.

http://www.bleepingcomputer.com/forums/t/196530/hard-drive-or-infected-computer/
Relevancy 50.74%

i am afraid my external hard drive is infected with something. IT was previously used on a computer which frequently had viruses, key loggers, and other malware so much so that I switched to using macs. However I am afraid that the hard drive still might have some nasty bugs on it. I now use a Mac but would like to be able to use the drive with a desktop as well but I am afraid that something might be on it. Is there anyway to check?

A:Is my external hard drive infected with???

Welcome to BC !
 
One pass is all that is needed using Free DBAN to overwrite the drive and eliminate any chance of malware survival.

How to Use DBAN

 
Darik's Boot and Nuke (DBAN) is a self-contained boot disk that securely wipes the hard disks of most computers. DBAN automatically and completely deletes the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction.
DBAN's website is http://www.dban.org/.
How to Use DBAN to Securely Erase a Hard Disk Drive
Turn on computer and boot from the DBAN CD.
The DBAN application opens. DBAN is a simple, text-only application.
You will see a boot: prompt and a menu of options.
Press the Enter key to start DBAN in interactive mode.
DBAN continues to boot. This will take a few moments.
You will see a screen listing Options,  Statistics, and Disks and Partitions.
Leave the defaults for Options.
From the Disks and Partitions list, select the hard drive you want deleted.
Move the cursor up and down using the J and K keys,  and select the drive with the Spacebar.
When the drive you want to erase is selected, press F10 to start the wipe.
The time required to wipe your drive will depend on the size of the drive. DBAN offers an estimate on the Statistics pane.
EDIT: If you prefer, and likely a faster DBAN install, you can create a bootable flash drive.
Install DBAN to a USB Flash Drive using Windows | USB Pen Drive Linux
 
QUOTE: Run DBAN from a Flash Drive: In the following tutorial, we show you how we created a DBAN USB Flash Drive from Windows using our third party Universal USB Installer. Darik's Boot and Nuke (DBAN) is a simple bootable data destruction tool created by Darik Horn. It can be used to securely wipe an entire hard drive or an attached external disk (IDE or SCSI), completely deleting all contents of the disk.  Upon completion, you should be able to run DBAN from your USB device.

http://www.bleepingcomputer.com/forums/t/562243/is-my-external-hard-drive-infected-with/
Relevancy 50.74%

Hi there,
I'm hoping for some guidance. Over the last couple of weeks my laptop has ground to a halt with 100% CPU usage.
I'm using windows Vista with the latest updates.
All seems ok at first, but it gradually slows untill it's unusable.
I've tried running windows defender but it struggles to scan, becoming unresponsive.
The laptop also gets very hot which is why I mentioned a possible hard drive failure in the title.
Thanks for any help you can offer.

A:Infected or Hard drive kaput

Hello ... lets try this first Boot to Safe Mode with Networking...Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:Flush DNSReport IE Proxy SettingsReset IE Proxy SettingsReport FF Proxy SettingsReset FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.Note: When using "Reset FF Proxy Settings" option Firefox should be closed.Download TDSSKiller and save it to your desktop.Extract (unzip) its contents to your desktop.Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.It may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here....ADW CleanerPlease download AdwCleaner by Xplode and save to your Desktop.Double-click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select Run As Administrator.Click on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.After reviewing the log, click on the Clean button.Press OK when asked to close all programs and follow the onscreen prompts.Press OK again to allow AdwCleaner to restart the computer and complete the removal process.After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.Copy and paste the contents of that logfile in your next reply.A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).. Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.....Last run ESET.Hold down Control and click on this link to open ESET OnlineScan in a new window.Click the button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.Double click on the icon on your desktop.Check "YES, I accept the Terms of Use."Click the Start button.Accept any security warnings from your browser.Under scan settings, check "Scan Archives" and "Remove found threats" Click Advanced settings and select the following:Scan potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth technologyESET will then download updates for itself, install itself, and begin s... Read more

http://www.bleepingcomputer.com/forums/t/549669/infected-or-hard-drive-kaput/
Relevancy 50.74%

Hello When i was first infected with the above virus i ran the Rkill which was successful Based on the steps provided i than ran Malware removal program which required update When performing the update it failed so i continued with the existing version and removed what it found Based on the instructions i than restarted the laptop but the with Hard Drive Infected Diagnostic Hard Drive Diagnostic came back Please help me to remove this virus I m attaching the DDS log below DDS Infected with Hard Drive Diagnostic Ver - - - NTFSx Infected with Hard Drive Diagnostic Internet Explorer BrowserJavaVersion Run by Komal Sharma at on - - Running Processes C Program Files Intel Wireless Bin EvtEng exe Infected with Hard Drive Diagnostic C WINDOWS Explorer EXE C Program Files Intel Wireless Bin S EvMon exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Symantec Shared ccProxy exe C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PIFSvc exe C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system spoolsv exe C Program Files Optimum DigiDo AffinegyService exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Java jre bin jqs exe C Program Files Common Files LogiShrd LVMVFM LVPrcSrv exe C Program Files Norton Internet Security Norton AntiVirus navapsvc exe C Program Files Intel Wireless Bin RegSrvc exe C Program Files Common Files Sony Shared WMPlugIn SonicStageMonitoring exe C Program Files Sony VAIO Event Service VESMgr exe C Program Files Common Files Sony Shared VAIO Entertainment Platform VCSW VCSW exe C Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzCdbSvc exe C WINDOWS system SearchIndexer exe C Program Files Yahoo SoftwareUpdate YahooAUService exe C WINDOWS ehome mcrdsvc exe C Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzFw exe C WINDOWS system wscntfy exe C Program Files iTunes iTunesHelper exe C WINDOWS system ctfmon exe C Program Files Messenger msmsgs exe C Documents and Settings All Users Application Data SwPGvtLdJxoV exe C WINDOWS system attrib exe C WINDOWS system attrib exe C Documents and Settings All Users Application Data exe C WINDOWS system SearchProtocolHost exe C Program Files iPod bin iPodService exe C WINDOWS System alg exe C WINDOWS system attrib exe C WINDOWS system attrib exe G Defogger exe C WINDOWS system attrib exe C WINDOWS system attrib exe C WINDOWS system attrib exe C WINDOWS system attrib exe G dds scr C WINDOWS system SearchFilterHost exe C WINDOWS system wbem wmiprvse exe C WINDOWS System svchost exe -k netsvcs C WINDOWS system svchost exe -k NetworkService C WINDOWS system svchost exe -k LocalService C WINDOWS system svchost exe -k LocalService C WINDOWS system svchost exe -k LocalService C WINDOWS system svchost exe -k imgsvc C WINDOWS System svchost exe -k HTTPFilter Pseudo HJT Report uStart Page hxxp www yahoo com uSearch Page hxxp www google com uSearch Bar hxxp www google com ie uDefault Search URL hxxp www google com ie mSearch Bar hxxp us rd yahoo com customize ie defaults sb msgr http www yahoo com ext search search html uInternet Connection Wizard ShellNext hxxp www sony com vaiopeople uInternet Settings ProxyOverride local lt local gt uSearchAssistant hxxp www google com ie uSearchURL Default hxxp www google com search q s uURLSearchHooks AOLTBSearch Class ea - - db- f -d ca fb c d - c program files aol aol toolbar aoltb dll uURLSearchHooks AOLSearchHook Class eb ea-e be- cfd- f f-c a c eafa - c program files aol aol search enhancement AOLSearch dll uURLSearchHooks Yahoo Toolbar ef bd -c fb- d - f- d f - c program files yah... Read more

A:Infected with Hard Drive Diagnostic

Hi, Welcome to Bleeping Computer.My name is Shannon and I will be working with you to remove the malware that is on your machine.I apologize for the delay in replying to your post, but this forum is extremely busy.Please Track this topic - On the top right on this tread, click on the Option button, and, in the drop-down list, click on 'Track this topic'. Under Subscription Information, click on 'Immediate Email Notification' and then click on the Proceed button at the bottom.Do Not make any changes on your own to the infected computer.Now, let's look more thoroughly at the infected computer -If you need to run RKill to get past the XP Diagnostic infection, do so.We need to see some information about what is happening in your machine. Please perform the following scan:We need to create an OTL Report -
Please download OTL from here:Main Mirror (If you are unable to download it, you might need to download it to flash drive using a clean computer and running it from the flash drive.)Save it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Change the "Extra Registry" option to "Use SafeList"Push the button.Two reports will open, copy and paste them into your reply:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedPlease note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERENext, please download Rootkit Unhooker from the following link and save it to your desktop.Link 1 (.exe file)Double-click on RKUnhookerLE.exe to start the program.Click the Report tab, then click Scan.Check Drivers, Stealth, and uncheck the rest.Click OK.Wait until it's finished and then go to File > Save Report.Save the report to your Desktop.Copy and paste the contents of the report into your next reply.-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".Once you have the above logs, click on the Add Reply button below, copy in the contents of the two OTL logs and the RKU log. Also include any comments that you might have concerning the infection(s) and the infected computer.

http://www.bleepingcomputer.com/forums/t/406009/infected-with-hard-drive-diagnostic/
Relevancy 50.74%

Hello everyone I have just got past a SpyCrush virus It was the one where windows explorer restarts itself a bunch of times into an endless loop My external harddrive was not plugged at the time However I created a new account to see if the virus still exists it did not restart But when I plugged my external hard drive into it the same error mesage came up again quot Windows Hard External Infected? Drive Explorer is now finding a solution quot or quot Windows explorer is restarting quot It does this once and only once at the beginning when you plug the external into my laptop I then hooked up my external to a different computer and I used Malware to scan the entire external the result was infected files Would this strategy work Say if I made copies of the stuff on the external and put them on a different computer Then delete everything I have on the external then put back everything I once had on the external and then plug it in Would it work I dont wanna lose anything because incase if the external actually is infected I dont wanna put the same infection back on my laptop So what should I do Is there a different way Thanks And help will be much appreciated

A:External Hard Drive Infected?

Please download Flash_Disinfector.exe by sUBs and save it to your desktop.Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.Wait until it has finished scanning and then exit the program.Reboot your computer when done.Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.

http://www.bleepingcomputer.com/forums/t/243764/external-hard-drive-infected/
Relevancy 50.74%

I have a Dell (Windows Vista Home Premium). My External Hard (F) drive is infected. I cannot pull up any of my files, be it pictures, guitar tablature files, or music. The folders have non english characters for their names. Any help would be greatly appreciated. Also, only my external hard drive is infected, my C drive appears to be fine.

A:External Hard Drive Infected

I'm sorry your post was overlookedIf you still need help, download:Flash_Disinfector.exe by sUBs and save it to your desktop.Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.Wait until it has finished scanning and then exit the program.Reboot your computer when done.Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.----------------------------------- Then download Mbam and run it in the full scan mode. You will be able to choose the drives you wish to scanThe process of cleaning your computer may require you to temporarily disable some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen:Click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note:-- If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. Note 2:-- MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes (like Spybot's Teatimer), they may interfere with the fix or alert you after scanning with MBAM. Please disable such programs until disinfection is complete or permit them to allow the changes. To disable these programs, please view this topic: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs---------------------------Be sure to re-enable your AV and malware scan tools if they were disabled

http://www.bleepingcomputer.com/forums/t/250086/external-hard-drive-infected/
Relevancy 50.74%

I recently installed another 500GB hard drive in one of my dell desktops (i5 580) and have a question regarding viruses. I used to store my system images on an external hard drive however I prefer using an internal hard drive since it seems to create images faster and I also don't have to plug and unplug it.

I keep a number of images on the 2nd internal hard drive, if my computer was to become infected with a virus (main hard drive C:/) would I need to worry about the 2nd hard drive getting infected since it's connected to motherboard?

Sorry if this is a dumb question, just want to make sure that I'm not doing something that I'll regret later!

A:would I need to worry about 2nd hard drive getting infected as well

  
Quote: Originally Posted by BUZ


I recently installed another 500GB hard drive in one of my dell desktops (i5 580) and have a question regarding viruses. I used to store my system images on an external hard drive however I prefer using an internal hard drive since it seems to create images faster and I also don't have to plug and unplug it.

I keep a number of images on the 2nd internal hard drive, if my computer was to become infected with a virus (main hard drive C:/) would I need to worry about the 2nd hard drive getting infected since it's connected to motherboard?

Sorry if this is a dumb question, just want to make sure that I'm not doing something that I'll regret later!



Not a dumb question at all. While malware can infect the MBR (master boot record) and hence infect partitions on the same HD, I am unaware of any that can jump HD's.

the one caveat is if you copy (not image) something containing malware from one to the other it might be able to infect it

http://www.sevenforums.com/system-security/208409-would-i-need-worry-about-2nd-hard-drive-getting-infected-well.html
Relevancy 50.74%

Hi,
 
I have an external hard drive which is very frequently passed around among friends and has become infected. My computer got infected too, but I got it cleaned thanks to help I received on this forum. I have kept my external drive disconnected since I started working on disinfecting my computer. Now that that part is taken care of, I need help to clean the external drive too.
 
What should I do?
 
Regards,
 
Varun

A:External Hard Drive Infected

Hi Varun,
I Will be assisting you but I am currently away from my computer. I will touch base as soon as
I am able.

http://www.bleepingcomputer.com/forums/t/492616/external-hard-drive-infected/
Relevancy 50.74%

Virus changed my files extension A virus got a hold of my hard drive and on the majority of my pictures files and music it changed the extension to exe so they cant be opened when I try to change the file Hard got External infected.. Drive extension back to its original one it tells me that its not possible that there is another file with that name and it doesn t let me overwrite it I have scanned the hard drive with malware-bytes and deleted viruses that it found External Hard Drive got infected.. but i still cant seem to be able to return everything back to normal any help will be appreciated it I was told to run a hijackthis log tool that I wasn t able to find anywhere in the forum I need help from you guys to guide me through the process I need to get this hard drive working I have files in there that need to be worked on Thanks a million again Sergio

A:External Hard Drive got infected..

morning bump..That is an image showing what it does to the music files, same goes for documents and or pictures that mightve been in the way.I cant seem to be able to upload using imageshack, here is a link to the image of what is going onhttp://tinypic.com/view.php?pic=erzqjd&s=6I scanned again the hard drive this morning and there where no viruses.Thanks

http://www.bleepingcomputer.com/forums/t/325086/external-hard-drive-got-infected/
Relevancy 50.74%

Hello everyone The problemI was running an old Acer laptop with Windows XP It crashed and won t start details below I m not particularly worried about the stuff I had on the laptop itself but on an external hard drive that I m afraid is infected with anything that my laptop was and was also somehow connected to the crash in the first place First and foremost I m asking for help to make sure the hard drive is clean DetailsThe other day when I started my computer my default browser Firefox also started with some dating site meet local something org open I figured I was infected but put it off for the day as I was on minute schedule to get some university work done My external hard drive was connected then but I disconnected it later The next day when I started up my laptop again the same thing happened but when I connected my hard drive F-Secure immediately popped up saying it s found something - two things the other in the hard drive and the other one Drive External Hard Infected I m not sure about anymore I told it to do what it does quarantine quot recommended quot but in the middle of the process the laptop crashed When you start up my laptop now it gives this quot Windows crashed want to start in safe mode or normally quot screen with a couple of options Whatever I pick from there hard drive connected or not the next thing is Windows loading screen and then immediately a flash of the Blue Screen of Death and a re-start I don t remember having installed any new software or hardware very recently but I did smartly click on an Infected External Hard Drive unexplained MSN link I probably shouldn t have Current situationI m currently on someone else s Ubuntu and the hard drive is working fine here I found a new read-only folder on it that I d never seen before and deleted it unfortunately I don t remember the folder s name or contents exactly I ve back-upped its most important contents but I still want Infected External Hard Drive to be sure they re clean to bring back on a Windows As for my laptop I haven t done anything on it yet Considering switching to Ubuntu on it while I m sorting this mess anyway Thank you for reading zwiebel

A:Infected External Hard Drive

It's possible to scan additional drives with MBAM and SUPERAntiSpyware so I would get those and scan the external drive. Let us know what they find.

http://www.bleepingcomputer.com/forums/t/272948/infected-external-hard-drive/
Relevancy 50.74%

Hi I have an HP Pavillion a w pc with a hard drive nearly full but very minimal very small personal files Programs are at a bare minimum too I'm suspecting there is a keylogger or some deeply embedded malware or infection on the hard drive Ive updated and ran my Norton ran a spybot search and destroy which did find some things and needed a reboot to remove did that ran a CCleaner that cleaned up a bit freeing up some space I also Hard drive infected almost full probably ran a space sniffer but aren't sure what I'm looking for there I have ran a chkdsk f r and checked the error logs to find no problems I'm currently running a Malwarebytes full scan which so far has found no problems I was going to do a ComboFixer but due to the warnings of not running it withou explicit instruction by a helper decided to post here FYI - I just realized that all my scans Hard drive almost full probably infected have been done in normal mode NOT safe mode - not sure if that matters I tried uploading my file report from SpaceSniffer but it's too big Please help me out Thanks - Karen

A:Hard drive almost full probably infected

UPDATE - when Malwarebytes finished, it had found 48 threats and needed reboot to quarinteen them. Below is the report. It seems that a program one of my kids downloaded is the culprit - SweetIM
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.08.21.07
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Admin :: HASAN [administrator]
8/21/2013 11:16:53 PM
mbam-log-2013-08-21 (23-16-53).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 364934
Time elapsed: 2 hour(s), 18 minute(s), 21 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 48
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079655.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079656.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079657.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079658.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079659.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079660.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079661.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079662.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079663.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079664.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079665.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079666.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079667.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079668.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079669.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079670.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079671.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{8A04BD8A-31E4-43EF-B812-9FD4B2564582}\RP180\A0079672.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
C:\System Volume Infor... Read more

http://www.bleepingcomputer.com/forums/t/505194/hard-drive-almost-full-probably-infected/
Relevancy 50.74%

My hard drive is infected with Conduit. It is so powerful that after I turned a post into a Word document with the top line reading "How to Remove Conduit" (no quotation marks), when I pressed "Save As" the file was saved as "How to Remove". Fortunately it "allowed me" to rename the file "How to Remove Conduit". I've tried three apparently logical removal suggestions that I googled and they have all been thwarted. I have been able to get rid of the Conduit toolbar and Search Engine on my own, but this one is way out of my class!

IT'S OVER FOR ME. The clue to use Adwcleaner, a program whose existence was unknown to me, got the major work done and, with administrator privileges and some thought (not to mention backups), conduit has been expunged from my Registry and my Hard Drives.

A:My hard drive has been infected by Conduit

Conduit toolbar is a adware-malware program that should be easy to remove. I'm sure one of our anti virus experts well post soon on the best program to use. MBAM or SASW should detect it. A google search well give you plenty of info.

http://www.sevenforums.com/system-security/303860-my-hard-drive-has-been-infected-conduit.html
Relevancy 49.88%

Hi everybody

A friend of mine is going away so I lent him my USB hard drive so that he could copy some games and films for the plane journey.

But now I've just plugged it back into my own computer and there's an empty msdownld.tmp folder at the root of the drive. It's hidden, but I've set hidden files/folers to be visible.

The friend in question visits some pretty shady websites, so I'm a bit worried.

I've googled "msdownld.tmp" and it seems to be a IE6 leftover installation folder. But I cannot for the life of me figure out why it's on my hard drive, especially since my friend uses IE8

Aside from the folder (which I've deleted) everything seems normal. I'm using Avast and have real-time scanning enabled - no warnings.

http://www.techsupportforum.com/forums/f217/msdownld-tmp-folder-on-usb-hard-drive-am-i-infected-628965.html
Relevancy 49.88%

I used my external hard drive (Sea gate) on someone's PC and unfortunately dorkbot.lnk infected my external HD. Once I pluged in my own laptop the MSE suggested for clean and remove which I done but when I back to my hard drive all my folders are hidden! I tried folder option/show hidden files but this case is totally different. I need support on below PLEASE:

1. How can I make hidden files on my HD visible and remove dorbot.lnk?

2. Is it possible this virus infected my laptop too? If yes, please support me.

Thanks very much,
Negar (Ms)
 

https://forums.techguy.org/threads/dorkbot-lnk-infected-my-external-hard-drive.1039338/
Relevancy 49.88%

Hello I apologize if this topic has been covered I am infected with a quot Critical hard drive error quot virus hard with Infected "Critical error drive" When my computer loads it brings up a string of or so error windows It also brings up a pop up window which is saying it is scanning my computer and then subsequently finds a myriad of different quot problems quot and asks me to click to activate the full version Networking works however within a couple of minutes of activity a blue screen pops up and I am rebooted I cannot see any of my icons in the start menu and I have tried to do a system restore through the F button and through the desktop without success When Infected with "Critical hard drive" error I try to use F and then Repair my computer it brings me to a login screen where I am forced to log in as quot other user quot When I load with safe mode the error windows do not pop up nor does the fake scan run however all my icons are still missing from my Start Menu and many are missing from the quot My computer quot tab which doesn t exist either accessing indirectly through some start icons that are still there I attempted to run system restore through the windows help and support that pops up in Safe mode but it tells me it is already running I am posting this from my laptop though it appears I can network in Safe Mode without issue Any advice on how to proceed would be greatly appreciated Thank you in advance for your help Chris EDIT System restore has popped up in safe mode I am restoring to an earlier point at this time

A:Infected with "Critical hard drive" error

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

http://www.bleepingcomputer.com/forums/t/420570/infected-with-critical-hard-drive-error/
Relevancy 49.88%

Hi again BC team I am starting a new topic with my second issue as described here a few days ago http www bleepingcomputer com forums ind p entry Issue was successfully resolved by Gringo thank you Issue has not been revisited I focused entirely on following gringo s instructions and cleaning the laptop I will copy the description of issue below and await instructions on how to proceed quot The problem is the external harddrive on which I backed up the system before any disinfecting started I hooked the external harddrive to another PC which has Sophos AV and started a scan on the hard drive only It found trojans and potentilly unwanted software I don t have the exact names I could t save the logs since Sophos crashed However after days the scan had only covered of the drive GB WD MyPassport and the progress was roughly per hours So I stopped the scan and tried to clean what was found but Sophos gave an error and the PC by bugs hard external several drive infected froze I turned it off unplugged the external drive restarted and ran a scan on the PC only everything was fine So the infection is contained only on the external In addition while he scan external hard drive infected by several bugs was running it was showing the names of the files and I noticed that the vast majority of my media files were renamed with exe extensions My guess is that was why Sophos was taking forever to scan The bad news is that except the last infected backup of my laptop I had my entire media library on the external drive and now it is ruined quot Thanksk

A:external hard drive infected by several bugs

Hello kancamagaWelcome to BleepingComputer ========================Are you still in need of assistance?If so please scan your external Hard drive with the following online scanner:Please do a scan with Kaspersky Online ScannerNote: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.Click on the Accept button and install any components it needs.The program will install and then begin downloading the latest definition files.After the files have been downloaded on the left side of the page in the Scan section select Whatever is your external drive letterThis will start the program and scan your system.The scan will take a while, so be patient and let it run.Once the scan is complete, click on View scan reportNow, click on the Save Report as button.Save the file to your desktop.Copy and paste that information in your next post.

http://www.bleepingcomputer.com/forums/t/330922/external-hard-drive-infected-by-several-bugs/
Relevancy 49.88%

Hi all,

I had a Windows 7 installation on my old hard drive which got infected with rootkit.0access. I tried removing it with malwarebytes but it kept coming back. Also originally MB did get rid of a few other infections (successfully it seems). Anyway, I decided to abandon the windows installation and start again on a new solid state drive.

I've had the old HD unplugged since I did the new install. Is it safe to plug it in, boot to my new HD, do a scan, and start picking my files out? Obviously I won't run any programs from it...

Thanks peeps.

A:Old infected hard drive, safe to access?

It'll be safer to put that old hard drive in USB hard drive enclosure.Then..Install Panda USB Vaccine, or BitDefender?s USB Immunizer on your computer to protect it from any infected USB device.Now you'll be safe to plug USB enclosure in and scan the drive with your AV program.

http://www.bleepingcomputer.com/forums/t/465152/old-infected-hard-drive-safe-to-access/
Relevancy 49.88%

Recently my system kept having trouble loading common pages, and then slowed down to a crawl.
 
I installed Iobit ASC Free Version and ran scans, and it definitely improved performance. I also run Norton Internet Security. I used Iobit to update all my drivers. 
 
but after things improved, that's when the hard drive started groaning intermittently. I ran a deep Defrag using Autologics Defrag, and Optimizer. 
 
The groaning has subsided for now, but I have a funny feeling something is just hiding and will return...because I am seeing some pop up spam that I suspect may have come in with the Iobit, even though I downloaded from CNET and thought it a safe source.
 
One scan required a reboot and that is usually serious in my experience, and rare for this computer too.
 
Any help greatly appreciated. Just want to trouble shoot this as a preventative before it gets worse...
 
Thanks!
 
wpetti

A:Help! Hard drive gave a groan, I think it's infected

I'm just curious about when you say the hard drive made a groan. Was this actually a mechanical sound you heard from the hard drive inside of the machine? That can be a sign of a bigger issue, more hardware-related.

http://www.bleepingcomputer.com/forums/t/602397/help-hard-drive-gave-a-groan-i-think-its-infected/
Relevancy 49.88%

We had this problem on my wife s computer running Windows XP and tried to remove it ourselves First I did properties of the icon on the desktop labeled quot Hard Drive Diagnostics quot I went to the location shown in the properties and tried to remove the files and got a message couldn t delete so I renamed them with the extension old to no avail We tried to use the Uninstall guide that was posted by Grinier on Dec but after running TDSSKiller IExplore exe and "Hard Infected Drive with Diagnostic" malware then running Malwarebytes Anti-Malware Anti-Malware scanned and returned nothing found We have also tried to revert to last known Windows download as suggested by another PC support person at my wife s work I hope you can help us as nothing seems to help We have users setup on this PC by my wife and the original problem was on the quot Jennifer quot user We used the quot Jennifer quot user and at first Infected with "Hard Drive Diagnostic" malware it showed no sign of the malware but the next day it showed up there as well I am attaching the requested logs If you need anything else just let me know Thanks in advance for your help Ed DDS Ver - - - NTFSx Run by Jennifer at on Tue Infected with "Hard Drive Diagnostic" malware Internet Explorer Microsoft Windows XP Professional GMT - AV McAfee Anti-Virus and Anti-Spyware On-access scanning enabled Updated B EE - - CDE-A A-DD BA FAD FW McAfee Firewall enabled B - C F- -BDA - CA DA E Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C Program Files Intel Wireless Bin EvtEng exe C Program Files Intel Wireless Bin S EvMon exe svchost exe svchost exe C WINDOWS system spoolsv exe svchost exe C Program Files Common Files AOL ACS AOLAcsd exe C Program Files Common Files AOL TopSpeed aoltsmon exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files TOSHIBA ConfigFree CFSvcs exe C WINDOWS system DVDRAMSV exe C WINDOWS eHome ehRecvr Infected with "Hard Drive Diagnostic" malware exe C WINDOWS eHome ehSched exe C Program Files McAfee SiteAdvisor McSACore exe C Program Files Common Files Motive McciCMService exe C Program Files Common Files McAfee McSvcHost McSvHost exe C Program Files TOSHIBA TOSHIBA Controls TFncKy exe C WINDOWS system TDispVol exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS system mfevtps exe C PROGRA McAfee SPAMKI MskAgent exe C WINDOWS ehome ehtray exe C Program Files Toshiba Toshiba Applet thotkey exe C PROGRA McAfee SPAMKI MSKSrvr exe C Program Files Synaptics SynTP Toshiba exe C Program Files Synaptics SynTP SynTPLpr exe C Program Files ltmoh Ltmoh exe C WINDOWS AGRSMMSG exe C Program Files TOSHIBA ConfigFree NDSTray exe C Program Files Toshiba Tvs TvsTray exe C WINDOWS system TPSMain exe C Program Files TOSHIBA TOSHIBA Zooming Utility SmoothView exe C WINDOWS system dla DLACTRLW exe C Program Files Intel Wireless bin ZCfgSvc exe C Program Files Intel Wireless Bin ifrmewrk exe C WINDOWS system igfxtray exe C WINDOWS system TPSBattM exe C WINDOWS system igfxpers exe C Program Files TOSHIBA ConfigFree CFSServ exe C Program Files Common Files Nikon Monitor NkMonitor exe C Program Files ATT-SST McciTrayApp exe C Program Files QuickTime QTTask exe C Program Files iTunes iTunesHelper exe C Program Files McAfee com Agent mcagent exe C WINDOWS system ctfmon exe C Program Files Messenger msmsgs exe C Program Files TOSHIBA TOSCDSPD toscdspd exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C DOCUME JENNIF LOCALS Temp IGwqNKmplw exe C DOCUME JENNIF LOCALS Temp exe C Program Files Intel Wireless Bin RegSrvc exe svchost exe C WINDOWS system svchost exe -k imgsvc c TOSHIBA IVP swupdate swupdtmr exe C Program Files TOSHIBA TOSHIBA Applet TAPPSRV exe C Program Files Common Files McAfee SystemCore mcshield exe C Program Files McAfee Security Scan SSScheduler exe C Program... Read more

A:Infected with "Hard Drive Diagnostic" malware

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OKDeFogger may ask you to reboot the machine, if it does - click OKDo not re-enable these drivers until otherwise instructed.Download DDS:Please download DDS by sUBs from one of the links below and save it to your desktop:
Download DDS and save it to your desktop

Link1
Link2
Link3

Please disable any anti-malware program that will block scripts from running before running DDS.

Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear:
DDS.txt Attach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyScan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?""just click on Cancel, then Accept".information and logs:In your next post I need the following

.logs from DDSlog from RKUnHookerlet me know of any problems you may have hadGringo

http://www.bleepingcomputer.com/forums/t/365458/infected-with-hard-drive-diagnostic-malware/
Relevancy 49.88%

A few months ago i bought a new Seagate Barracuda gb hard drive and installed xp on it I copied over all my old files and it was working great I got a virus and wiped hard infected/possibly drive it refused to start up so I reloaded Windows All my files were still there and it worked great I forgot to restore my internet infected/possibly wiped hard drive security for days because i didn't even realize it had been erased until then I got another virus infected/possibly wiped hard drive so i tried to do the same thing the windows xp cd refused to acknowledge the existence of both the hard drive and the actual cd i was booting from so i hooked up my old hard drive as master and the newer one as a slave and the old hard drive with win also refuses to acknowledge the existence of the newer hard drive even though i've checked twice and its hooked up perfectly can someone help me with this because i'm missing some important files on the newer hard drive and i want to retrieve them

A:infected/possibly wiped hard drive

Hi and Welcome to TSF

It sounds as if you didnt format the drive and only did a repair install which would explain why all your files were still intact.
Are you not using an anti-virus program?

Does the BIOS reconize the drive?

http://www.techsupportforum.com/forums/f10/infected-possibly-wiped-hard-drive-106622.html
Relevancy 49.88%

Posted Today PM A little while back my laptop slowed down I keep getting shockwave crashes and internet games stalling out I mostlu use Firefox for my online gaming partition a your drive. You hard have on infected fake, I notice that when I close down my computer the screen flashes and I can catch glimpses of adds on IE pages closing down Looking in task manager i see multiple IE processes running even if I never opened a browsing window I have ran a couple of scans from Malware Bytes and did not fing You have a fake, infected partition on your hard drive. much besides cookies You have a fake, infected partition on your hard drive. I removed that program I am running AVG Anti Virus business edition and the scans that it makes are only cookies as well Something is going on but I am not sure what or how to get rid of it Please help I started a topic and received help Here it is http www bleepingcomputer com forums t i-am-slowed-down-by-internet-explorer-running-in-background I was told that I had a fake infected partition I was told to download and run the DDS program I did that and ran it three times Each time I received the attach txt file but no dds txt file I have attached the attach txt file

A:You have a fake, infected partition on your hard drive.

I was also asked to post my MBAR logs.  Here they are.
 
Posted Today, 10:12 PM

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
© Malwarebytes Corporation 2011-2012
OS version: 6.1.7600 Windows 7 x64
Account is Administrative
Internet Explorer version: 8.0.7600.16385
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.261000 GHz
Memory total: 3949682688, free: 634417152
Downloaded database version: v2014.07.28.07
Downloaded database version: v2014.07.17.01
=======================================
Initializing...
------------ Kernel report ------------
     07/28/2014 21:24:25
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx64.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system... Read more

http://www.bleepingcomputer.com/forums/t/542588/you-have-a-fake-infected-partition-on-your-hard-drive/
Relevancy 49.88%

Yesterday I very stupidly downloaded this quot ThinkPoint quot program that popped up claiming to be some Microsoft Essentials virus protection thing which looked legit to me so I let it do it s thing Soon enough I realised it was a virus - I couldn t access usb infected Autorun.inf ThinkPoint drive hard - and my desktop or anything so I used the Task Manager to get online and see ThinkPoint and Autorun.inf usb - infected hard drive how I could remove it I followed the steps to delete certain registry ThinkPoint and Autorun.inf usb - infected hard drive files and files within the Application Data on the hard drive I ve no idea if I managed to get rid of it all Then today I inserted my USB and low and behold it had a virus on it I used it a few days ago ThinkPoint and Autorun.inf usb - infected hard drive on another computer which I m guessing that s where it caught it from Some autorun inf - I googled it and some sites said to delete such and such from the usb drive which I did all the while my computer was going psycho Avira kept alerting me literally every ten seconds that there were new viruses - new viruses found - I click remove - another found - remove again - more found and so on I ran a scan but nothing came up I ran a Malware scan again nothing I went into Avira the Events tab which had about errors listed to see where exactly the file path was and a lot of them said system restore so I followed some online steps to turn off system restore deleting the history then back on again There were also some in the Microsoft Antimalware files in the App Data on the c drive in Avira I didn t go through them all so unsure where else Anyway at random intervals my computer fan or something makes a really loud noise like it does when you have too many things going at once and all the resources are being used I m also having trouble visiting a lot of different sites Firefox keeps saying Reported Attack Page - quot This web page at has been reported as an attack page and has been blocked based on your security preferences quot I don t think it s the website because it s doing it to all different once - this site included twitter etc Avira has stopped alerting me of viruses every ten seconds but it still does it maybe once an hour or so Sorry if any of the above is confusing I m running Windows XP sp I tried installing sp the other day but every time I went to the microsoft update site I kept getting the enable user data persistence quot error x A Which no matter what I tried I couldn t get it working so I just did a system restore to undo sp If anyone can help out it would be greatly appreciated Thanks

http://www.bleepingcomputer.com/forums/t/361841/thinkpoint-and-autoruninf-usb-infected-hard-drive/
Relevancy 49.88%

Hi there A little bit of a vague one here New Dell Inspiron Laptop about a year old Friend brings PhotoShop images to work on and short video clips Friend discovers virus spyware - but doesn't know which They reformatted their PC but I don't want to on this bloatware Dell Have run through the forums suggestions of AdAwareSpyBot Search and DestroySUPERAntiSpywareNOD antivirusWindows Update claims all is OK buthttp secunia com software inspector says not all Windows patches were applied Specifically This installation of Microsoft Internet Explorer x is insecure and potentially exposes your system to security threats Your system does not have all security related patches from Microsoft installed Pc Connected Drive Hard This External Infected Was To Please see list below for details about the missing patches Update This Pc Was Connected To Infected External Hard Drive Instructions You do not have the following Microsoft security updates installed KB KB KB KB KB KB KB KB KB Visit Windows Update to install the missing patches Installed on Your System in C Program Files Internet Explorer iexplore exe Despite visiting the update site and using Microsoft's own Spyware - Windows Genuine Advantage WGA nothing has changedFinally resorting to HiJackThisin the hope This Pc Was Connected To Infected External Hard Drive that things might be OK will post log in second message A few other things Firefox went belly up and used Netscape Navigator or Opera instead Sometimes the address bar crops up with ' ' all over the place and it didn't used to I am loathed to restore this Dell as This Pc Was Connected To Infected External Hard Drive I then have to uninstall a hundred pieces of software some of which never truly go Still I hope all is clean and it is just a simple matter for a clean bill of health

A:This Pc Was Connected To Infected External Hard Drive

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 15:09:20, on 27/11/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16544)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeR:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Acronis\Schedule2\schedul2.exeR:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\CTsvcCDA.exeR:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exeR:\Program Files\Eset\nod32krn.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Windows Defender\MSASCui.exeR:\Program Files\BillP Studios\WinPatrol\winpatrol.exeC:\WINDOWS\system32\WLTRAY.exeR:\Program Files\Eset\nod32kui.exeR:\Program Files\Microsoft IntelliPoint\ipoint.exeC:\WINDOWS\stsystra.exeC:\WINDOWS\System32\svchost.exeR:\Program Files\Rainlendar2\Rainlendar2.exeR:\Program Files\LClock\lclock.exeR:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\Digital Line Detect\DLG.exeC:\WINDOWS\system32\ctfmon.exeR:\PROGRAM FILES\UNIBLUE\SPEEDUPMYPC\SPEEDUPMYPC.EXER:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\taskmgr.exeC:\WINDOWS\explorer.exeR:\Program Files\uTorrent\utorrent.exeR:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\WINDOWS\system32\wbem\wmiprvse.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=1061209R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk/hws/sb/dell-usuk/e...html?channel=ukR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk/hws/sb/dell-usuk/e...html?channel=ukR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co.uk/hws/sb/dell-usuk/e...html?channel=ukR1 - HKLM\Software\Microsoft\Inter... Read more

http://www.bleepingcomputer.com/forums/t/118516/this-pc-was-connected-to-infected-external-hard-drive/
Relevancy 49.88%

Hello,
My computer keeps showing a screen that says Hard Drive Diagnostic and makes my background black. It will not let me take it off or shut it down and keeps telling me all these kinds of errors such as "Boot Sector of the hard drive is damaged- Critical error". I have searched for hours and found no info on how to go about removing this. Any info would be greatly appreciated!

http://www.bleepingcomputer.com/forums/t/364965/infected-by-something-called-hard-drive-diagnostic/
Relevancy 49.88%

My friend gave me her PC to reinstall windows on for her because it was infected with a virus that was preventing her PC from booting up, but before I do that she said she wanted me to recover some pictures off of the hard drive, I told her no problem. But I wasn't thinking at the time, is it really as simple as hooking her hard drive up as a secondary to my computer, would that cause my hard drive to become infected? I use AVG as my anti virus program, would this prevent my computer from becoming infected if i just wanted to burn her pictures to a CD from my PC?

Hope my question is clear enough, any tips/advice would be appreciated, and I apologize for my ignorance but I'm not too familiar with computer viruses.
 

Relevancy 49.88%

I was at work yesterday and trying to fix another person s laptop which wouldn t print Needless to say online directions from a site appeared to have infected my Fujitsu Tablet I was using AVG and received a popup re the infection - I ran AVG and found Vundo - and drive hard computer recognize Infected now - won't another virus which I can t remember - AVG and Superantispyware were unable to clear the Infected - now computer won't recognize hard drive problem I was later able to reboot the computer into windows XP but no icons would show on the screen I tried reinstalling Windows XP - the disc would read but I received a Infected - now computer won't recognize hard drive message saying the hard drive was not recognized I spoke with a local IT person who said it looked like the hard drive had failed Could a virus cause hard drive failure Is there anyway to see if the virus is merely blocking something It doesn t make sense that the hard drive would have failed if I can still boot and see my desktop background without icons My warranty of course has expired - so if all else fails I will need to replace the hard drive - but am looking for a solution first

http://www.bleepingcomputer.com/forums/t/306260/infected-now-computer-wont-recognize-hard-drive/
Relevancy 49.45%

My parents had a desktop that was terribly infected and they copied all their important info to an external hardrive without cleaning or should i say before cleaning the computer . They then scrapped the old computer .

Yeah i know , but anyway , how would i go about cleaning the stuff thats on this external hard drive so they can get their important info back clean?

I have a clean computer to plug it into via USB but i'm nervous as hell.

Thank you

A:Need to clean an external hard drive that's badly infected.

If you are certain that your computer is clean, you can plug that external HD on it. But, before you do that , make sure that your AV and anti-malware software are up-to-date. To be sure on doing that, you can run your scan from Safe Mode.

http://www.sevenforums.com/system-security/361144-need-clean-external-hard-drive-thats-badly-infected.html
Relevancy 49.45%

Hi, I am going to clean up my cousin's computer. It is slow as molasses and I am guessing that it is infected bigtime. I wanna plug my external hard drive into the computer so I can backup all the files they want off the computer. I am just wondering if my external hard drive is vulnerable to viruses when I do this? I am going to do a Factory Restore. Also it takes forever and I mean forever to get to things on that computer. Is there a faster way to get files onto my external hard drive before I do a Factory Restore? Also if I do a Factory Restore instead of a reformat will all the viruses be gone?
 

A:Backing up infected computer to external hard drive

JMT74 said:


Hi, I am going to clean up my cousin's computer. It is slow as molasses and I am guessing that it is infected bigtime. I wanna plug my external hard drive into the computer so I can backup all the files they want off the computer. I am just wondering if my external hard drive is vulnerable to viruses when I do this? I am going to do a Factory Restore. Also it takes forever and I mean forever to get to things on that computer. Is there a faster way to get files onto my external hard drive before I do a Factory Restore? Also if I do a Factory Restore instead of a reformat will all the viruses be gone?Click to expand...

Any files you back up to your ext drive that are infected, will still be infected.
Back-ups need to be done first, before you get infected, so you can restore them.

You need to do a destructive recovery, format drive, not just a factory restore.
 

https://forums.techguy.org/threads/backing-up-infected-computer-to-external-hard-drive.793163/
Relevancy 49.45%

Hi, I am going to clean up my cousin's computer. It is slow as molasses and I am guessing that it is infected bigtime. I wanna plug my external hard drive into the computer so I can backup all the files they want off the computer. I am just wondering if my external hard drive is vulnerable to viruses when I do this? I am going to do a Factory Restore. Also it takes forever and I mean forever to get to things on that computer. Is there a faster way to get files onto my external hard drive before I do a Factory Restore? Also if I do a Factory Restore instead of a reformat will all the viruses be gone? Thanks.
 

Relevancy 49.45%

Hi folks I m wondering if anyone can answer this question for me I recently rebuilt my computer ripped out the drive put in a new one partitioned it etc etc As part of the rebuild I bought a new Western Digital External Hard Drive from BestBuy that I m using as a back-up drive where I d copied the contents of my old drive minus software and programs Just my old files The new drive comes loaded with a few programs and folders Acrobat Skype Google toolbars and desktop Picasa I haven t run the install on any of these folders Frankly I Western Drive Ext. New Digital Hard Brand Infected? just want an empty drive so I m tempted to just erase these folders In any case at some point today I copied my old files back to my new hard-drive And then I installed BitDefender on my computer and ran a scan the computer Brand New Western Digital Ext. Hard Drive Infected? is NOT hooked up to Brand New Western Digital Ext. Hard Drive Infected? the internet yet The scan included a scan of my WD External Brand New Western Digital Ext. Hard Drive Infected? And -- surprise surprise -- the scan comes up with warning telling me that one of those prepackaged Google files on that drive is infected The file is GoogleToolbarInstaller pt-BR exe and the trojan it s telling me I m infected with is W MalwareHiderPatched-based Maximus Is it really possible that the new HardDrive is infected I did connect the hard-drive to a second computer in order to re-copy my old files to a THIRD hard-drive and that computer is connected to the internet But BitDefender has told me that that computer is clean Which means the infection either i came prepacked on the new HardDrive or ii came through my second online computer avoided installing itself there migrated directly to my external drive and inserted itself directly onto that drive If the new external is infected have I now infected all of my old files and presumably the fresh computer to which I just copied all of those old files Can I just DELETE the TOOLBAR pt-BR exe file that BitDefender has reported and be free to use the new hard-drive I am like the Typhoid Mary of online viruses I never go online with my work computers I don t download I run security software and only one firewall and yet I seem to get at least one virus year It s ridiculous Can someone give me some direction here Is it possible the BitDefender report was false Can I just erase the file Thanks a million Don

A:Brand New Western Digital Ext. Hard Drive Infected?

I've never purchased a new Hard Drive that was pre-loaded with anything from any supplier.I may be wrong here, but me thinks you've been given a used drive?Send it back to start and get another.Thereafter address your questions again in the "Am I infected" forum.http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

http://www.bleepingcomputer.com/forums/t/126618/brand-new-western-digital-ext-hard-drive-infected/
Relevancy 49.45%

Hi, I am going to clean up my cousin's computer. It is slow as molasses and I am guessing that it is infected bigtime. I wanna plug my external hard drive into the computer so I can backup all the files they want off the computer. I am just wondering if my external hard drive is vulnerable to viruses when I do this? I am going to try to do a Factory Restore. If that doesn't work for some reason I will do a complete reformat. Also it takes forever and I mean forever to get to things on that computer. Is there a faster way to get files onto my external hard drive before I do a Factory Restore? Also if I do a Factory Restore instead of a reformat will all the viruses be gone? Thanks.

http://www.techsupportforum.com/forums/f112/plugging-external-hard-drive-into-an-infected-computer-337824.html
Relevancy 49.45%

Hi,

After replacing my Hard Drive (from 80G 5400 RPM Hitachi to 320G 7200 RPM Seagate).

I am recieving the above message.

I have a T60 Lenovo Laptop with XP-Pro SP3.

Have done the following:
1. Using Hiren's BootCD I have created a Primary partition in the new HD (I FIRST used one of the FDISK options but I recieved some errors after installing new XP and running Partition Magic; THEN, I used the mini/light WIN XP option to run XP from Hiren's CD and then create the Primary partition)

2. Loaded the old WINXP using Ghost Partition Image (Created the Image from the old 80G HD before replacing the HDs).

--- By the way: I searched the BIOS and could not find in any option for "Virus Protection". I searched for that since in several forums they suggested to turn off this option in the BIOS as a potential solution.

Thanks for your help.
 

https://forums.techguy.org/threads/caution-this-hard-disk-may-be-infected-by-a-virus.936382/
Relevancy 49.45%

There seems to be whole lot virus. infected may be a disk hard This by Caution. of things wrong with my computer Here they are First thing is that when Caution. This hard disk may be infected by a virus. I turn on the computer I get the msg quot Caution This hard drive may be infected with with a virus quot I press enter and from a Smart Boot Manager v screen I select to boot from ACT prime under the boot menu After windows XP loads I get the message in a McAfee box that states quot Some components of ActiveShield are either missing or might not have been installed properly quot I just close the message or click OK I have uninstalled and reinstalled McAfee but still receive the message My system is super slow It takes several minutes to open Outlook and webpage loads take a long time too I ran Advanced System Care and it cleaned up alot of registry errors and security issues Next is when I run Malwarebytes software I get the error vbalsgrid ocx error message I had an older version but uninstalled downloaded the latest version installed and tried to run in safe mode as I thought this would help but I got the error I currently have McAfee installed which detects nothing as well as HJT and Adaware McAfee runs by itself in realtime but it may be in conflict with another one of these programs By the way I run Windows XP Professional SP I DO NOT have the XP install CD s Not sure if there s anything I can do short of somehow obtaining new disks and reinstalling Any help is much appreciated lt redacted gt yahoo com

A:Caution. This hard disk may be infected by a virus.

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:? Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.? Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.? Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.? Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.? The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.Ed Bott's Webog: Why I don?t use registry cleanersDo I need a Registry Cleaner?Use of Advanced System Care probably attributed to a majority of your issues per the above.

http://www.bleepingcomputer.com/forums/t/404782/caution-this-hard-disk-may-be-infected-by-a-virus/
Relevancy 49.45%

I have been having problems with my printer deleting without my assist in doind so Odd things show up in odd places occasionally Just some weird stuff going on by to hard a or malware virus Infected possible detect.. I am pretty computer illiterate and need some help My wireless connecting is some how affected as it will show a good signal strength but when entering into the internet or sometimes while I am on the internet my connection is lost It happened times while I was trying to run the RootRepeal program The first is from my bleeping computer scan I ran the Infected by a possible virus or malware hard to detect.. second is from trend microantivirus Thank you so Infected by a possible virus or malware hard to detect.. much for your help DDS Ver - - - NTFSx Run by Owner at on Tue Internet Explorer Microsoft Windows XP Professional GMT - AV Trend Micro Internet Security Pro On-access scanning enabled Updated D BC- CC- - E- E AF FW Trend Micro Personal Firewall enabled E E E- A D- -A F - EC F EB Running Processes C WINDOWS system svchost -k DcomLaunchsvchost exeC WINDOWS System svchost exe -k netsvcsC Program Files Intel Wireless Bin EvtEng exeC Program Files Intel Wireless Bin S EvMon exesvchost exesvchost exeC WINDOWS system spoolsv exesvchost exeC Program Files Canon VDC AuVdc exeC WINDOWS eHome ehRecvr exeC WINDOWS eHome ehSched exeC WINDOWS system svchost exe -k hpdevmgmtC WINDOWS system svchost exe -k HPServiceC WINDOWS Explorer EXEC WINDOWS System svchost exe -k HTTPFilterC Program Files Microsoft SQL Server MSSQL VAIO VEDB Binn sqlservr exeC WINDOWS System svchost exe -k HPZ C Program Files Trend Micro TrendSecure TSCFPlatformCOMSvr exeC WINDOWS System svchost exe -k HPZ C Program Files Intel Wireless Bin RegSrvc exeC Program Files Trend Micro Internet Security SfCtlCom exeC Program Files Common Files Sony Shared WMPlugIn SonicStageMonitoring exesvchost exeC WINDOWS system svchost exe -k imgsvcC Program Files Sony VAIO Event Service VESMgr exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VCSW VCSW exeC Program Files Yahoo SoftwareUpdate YahooAUService exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzCdbSvc exeC Program Files Yahoo Common YMailAdvisor exeC Program Files Sony VAIO Update VAIOUpdt exeC Program Files Trend Micro Internet Security UfSeAgnt exeC Program Files Sony VAIO Power Management SPMgr exeC Program Files QuickTime qttask exeC Program Files iTunes iTunesHelper exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzFw exeC Program Files Sony ISB Utility ISBMgr exeC WINDOWS system igfxpers exeC WINDOWS ehome ehtray exeC Program Files Apoint Apoint exeC Program Files Yahoo Search Protection SearchProtection exeC Program Files HP HP Software Update HPWuSchd exeC WINDOWS system ctfmon exeC Program Files Messenger msmsgs exeC Program Files Windows Media Player WMPNSCFG exeC Program Files Upromise UpromiseTray exeC Program Files Trend Micro TrendSecure RemoteFileLock FLMain exeC PROGRA EMAILI Epaster EMAILI exeC Program Files Trend Micro Internet Security TMAS OE TMAS OEMon exeC Program Files palmOne Hotsync exeC Program Files HP Digital Imaging bin hpqtra exeC Program Files McAfee Security Scan SSScheduler exeC Program Files Apoint Apntex exeC Program Files WinZip WZQKPICK EXEC Program Files Internet Explorer iexplore exeC WINDOWS system dllhost exeC Program Files iPod bin iPodService exeC WINDOWS eHome ehmsas exeC Program Files Internet Explorer iexplore exeC Program Files HP Digital Imaging bin hpqSTE exeC Program Files Trend Micro Internet Security TmPfw exeC Program Files Trend Micro TrendSecure TISProToolbar ProToolbarUpdate exeC Program Files Trend Micro Internet Security TmProxy exeC Program Files Trend Micro BM TMBMSRV exeC Program Files Internet Explorer iexplore exeC Program Files Cobian Backup cbService exeC Program Files Cobian Backup cbInterface exeC Program Files Trend Micro Internet Security UfNavi exeC Documents a... Read more

A:Infected by a possible virus or malware hard to detect..

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. You can find information on A/V control HEREOrange Blossom

http://www.bleepingcomputer.com/forums/t/282622/infected-by-a-possible-virus-or-malware-hard-to-detect/
Relevancy 49.02%

Hello,

I just recently replaced my computer after the theft of my old one. I unfortunately backed up too infrequently, but that being said, there are files (music, documents, email) on my external hard drive that I would like to transfer to my new computer. My problem is that I'm not sure that my hard drive isn't compromised. I seem to recall that when I plugged my hard drive into my previous computer, that that computer spontaneously restarted. Since I now have a "virgin" system I am hesitant to plug my drive into it w/o scanning it thoroughly then reformatting it. Is there a safe way of doing this with my computer or do I need to take the drive somewhere for file extraction and cleaning?

Thank You,

----Richard
 

https://forums.techguy.org/threads/new-computer-possibly-infected-back-up-external-hard-drive.1105447/
Relevancy 49.02%

Hello After a brief exchange with Muppy in another thread on this forum I came to the sad realization that my computer had become infected with a backdoor trojan and the best thing to do under the circumstances was to reformat my hard drive I had a few questions about the reformatting process that Muppy advised me to ask here since the people here are more well-versed in such things I ve never done this before so I want to make absolutely certain that I don t do anything wrong I have a Windows XP system recovery CD that came with my computer whose purpose infected badly Solved: drive hard WinXP a Reformatting according to the text written on it is quot to reinstall the operating system programs and drivers quot Is this disc all that I need in order to reformat my hard drive Also on the subject on backing up my files I have a secondary internal hard drive drive F which I use to store backup copies of my more irreplaceable files If I backed up all the files and folders I wanted to save to Solved: Reformatting a badly infected WinXP hard drive that drive would the reformatting process effect them in any way Also to keep my computer from getting re-infected are there any files that I shouldn t copy to my backup hard drive aside from most of the contents of C Windows Incidentally the way I ve unplugged my computer s modem line so that Solved: Reformatting a badly infected WinXP hard drive it can t get re-infected immediately after the reformatting process is over Any advice would be greatly appreciated Thanks in advance EDIT And I should have mentioned that my computer is a Gateway Pentium running WinXP SP nbsp

Relevancy 49.02%

I have an old external hard drive that has the Boot mebroot Trojan I run Norton which will identify it but cannot remove infected with External Hard Boot.Mebroot Trojan Drive it There are some files on the external that I External Hard Drive infected with Boot.Mebroot Trojan want to save External Hard Drive infected with Boot.Mebroot Trojan but when I try to copy them to a new drive the external freezes up so am hoping that eliminating this threat will allow me to copy my files safely I not planning to use this external after I get the files off of it Thanks DDS Ver - - - NTFS AMD Internet Explorer Run by TallTree at on - - Microsoft Windows GMT - AV Windows Defender Disabled Updated D DDC A- F- fae- E -DA C ACF AV Norton Enabled Updated DF - - D- - DC EFD BF SP Windows Defender Disabled Updated D DDC A- F- fae- E External Hard Drive infected with Boot.Mebroot Trojan -DA C ACF SP Norton Enabled Updated D BEB -B A- E - B -B B FW Norton Enabled BE D -DB F- - AD - F E C FC Running Processes C Windows system svchost exe -k DcomLaunch C Program Files x HP SimplePass TrueSuiteService exe C Windows system svchost exe -k RPCSS C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows system dwm exe C Windows system svchost exe -k netsvcs C Windows system svchost exe -k LocalService C Windows System svchost exe -k LocalSystemNetworkRestricted C Program Files IDT WDM STacSV exe C Windows system Hpservice exe C Windows System WUDFHost exe C Windows system svchost exe -k NetworkService C Windows System spoolsv exe C Windows system svchost exe -k WbioSvcGroup C Windows system svchost exe -k LocalServiceNoNetwork C Program Files x Common Files Adobe ARM armsvc exe C Windows system svchost exe -k apphost C Program Files Bonjour mDNSResponder exe C Program Files Intel WiFi bin EvtEng exe C Program Files x Hewlett-Packard HP Quick Launch HPWMISVC exe C Program Files Intel iCLS Client HeciServer exe C Program Files x Intel Intel reg Management Engine Components DAL jhi service exe C Program Files x Norton Engine ccSvcHst exe C Program Files Common Files Intel WirelessCommon RegSrvc exe C Windows system valWBFPolicyService exe C Program Files x Western Digital WD Drive Manager WDDriveService exe C Program Files x Western Digital WD SmartWare WDRulesEngine exe C Program Files Intel WiFi bin ZeroConfigService exe C Program Files x Western Digital WD SmartWare WDBackupEngine exe C Windows system wbem unsecapp exe C Windows system svchost exe -k LocalServiceAndNoImpersonation C Windows system svchost exe -k NetworkServiceNetworkRestricted C Windows system wbem wmiprvse exe C Windows system taskhostex exe C Program Files x Norton Engine ccSvcHst exe C Program Files Synaptics SynTP SynTPEnh exe C Windows Explorer EXE C Windows system SearchIndexer exe C Windows system wbem unsecapp exe C Program Files x HP SimplePass IEWebSiteLogon exe C PROGRAM FILES SYNAPTICS SYNTP SYNTPHELPER EXE C Windows System hkcmd exe C Windows System igfxpers exe C Program Files IDT WDM sttray exe C Windows System rundll exe C Program Files x Intel Bluetooth devmonsrv exe C Program Files x CyberLink PowerDVD PDVD Serv exe C Program Files x Intel Bluetooth obexsrv exe C Program Files x Hewlett-Packard HP CoolSense CoolSense exe C Program Files x Hewlett-Packard Shared hpqWmiEx exe C Program Files x Hewlett-Packard HP Quick Launch HPMSGSVC exe C Program Files x Western Digital WD Security WDDriveAutoUnlock exe C Program Files x Western Digital WD Quick View WDDMStatus exe C Program Files x CyberLink YouCam YCMMirage exe C Program Files x Hewlett-Packard HP Support Framework hpsa service exe C Program Files x Intel Intel reg Management Engine Components FWService IntelMeFWService exe C Program Files x Intel Intel reg Management Engine Components LMS LMS exe C Program Files x Intel Intel reg Management Engine Components UNS UNS exe C Windows system WLANExt exe C Program Files Internet Explorer iexplore exe C Program Files x Internet Explorer IEXPLORE EXE C Windows S... Read more

A:External Hard Drive infected with Boot.Mebroot Trojan

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
***************************************************
=http://www.bleepstatic.com/images/site/icons/steps/step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/490300 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.
Thank you for your patience, and again sorry for the delay.
***************************************************
We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.comDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

http://www.bleepingcomputer.com/forums/t/490300/external-hard-drive-infected-with-bootmebroot-trojan/
Relevancy 49.02%

HI i got infected with quot vbs quot through someone s usb i ran quot Flash Disinfector quot then installed quot kaspersky quot scaned the whole computer it also deleted vbs trojan However after that when i tried to open my computer by clicking on its icon it did not open i tried to open unable to with hard on & "Flash_Disinfector" "vbs", infected folders open drive used it fron strat up but the result was same all others like my documents etc were all right i open my computer through my documents opened my c drive when i tried to open further any folder present present in the C drive infected with "vbs", used "Flash_Disinfector" & folders on hard drive unable to open it gave me the error that infected with "vbs", used "Flash_Disinfector" & folders on hard drive unable to open is this item quot vbs quot that this shortcut refers to has been changed or moved so this shortcut will no longer work properly Do you want to delete this shortcut Howerever all my folders were not having any shortcut sign amp it was same with all folders present in all my drives but when i wrote the name of the folder in the address bar it opened normaly so now i cannot open my computer through its icon plus all the folders present in my hard drive please help me to sort this thing out

http://www.bleepingcomputer.com/forums/t/302286/infected-with-vbs-used-flash-disinfector-folders-on-hard-drive-unable-to-open/
Relevancy 49.02%

Can a computer have 2 still virus? reinstalled infected Motherboard hard-drives a virus beyond Motherboard virus? 2 hard-drives reinstalled still infected the harddrive After fighting with the virus for a month I did a complete restore I did it correctly It had the same issues as before It had names of all the virus scans I had previously used under programs I then put in the original hard-drive I thought was no good It booted right up with the programs that were on it when lasted used I had not used it since It also showed things from recent scans How can this be I then reinstalled it with my factory disk This virus goes in deep It has altered the entire system I am at a loss How can I wipe it clean to start new On both of the installs I never gained access to the internet but using the search box it showed all sorts of changes and updates for the date Google Chrome which I wasnt using and had completely removed Malwarebytes Unhide Hijack this and many more I didnt run any scans to post yet I am leary of going online with it The virus I have was always connected and blocking me from help sites Mail was blocked and sometimes read before I received it I have two computers down now in little over a month Can it go through the router Do I need to change all my emails now Is the computer now toast I had bought a external harddrive and saved my pictures and medical to it prior to the reinstalls how can I clean it and also a flash drive I am using a different computer to post this Thankyou to whoever changed my password so I could get back on I hope it continues to work This computer is a HP DV with XP home

A:Motherboard virus? 2 hard-drives reinstalled still infected

I cant seem to get online. But the virus was sending tiny bites through 1394? I wanted to ad that I think the whole system has been over-written and even though I did a complete restore it is changing the files to its settings. When I powered it up today there was 633 hits on the search for the date. Many of them in the recycle bin. And the legit ones are empty folders. I went into some and "iis6" file says... Initial thread Locale=409, returned from France fix with locale 409 then many entries for OC_. the NTUSER readme has lots of strange things like "I see you now" and "nerds are cool". There is no string valu's and data value 06290bd0-48aa-11d2-8432-006008c3fbfc. I wish I could upload some of these. Is it safe to transfer via a flash drive from a clean computer? I cant go to safe mode or change any registry entry's. I cant upload drivers, it has it's own and wont boot just keep restarting. I have no icons on desktop and it keeps resetting to 800x600. I cant get my needed driver for the wireless but I am trying. If I get it online I can post some things. It is a EVIL AND WELL EXECUTED VIRUS! It records everything. It owns everything. I am hoping you can ID it by some of it's properties.

http://www.bleepingcomputer.com/forums/t/458525/motherboard-virus-2-hard-drives-reinstalled-still-infected/
Relevancy 48.59%

Hi, my name is perdfa from indonesia.
Recently, my computer just got infected by Tanatos J and Sality, of which I (now) am doing restore to factory settings.
The virus is originated from my infected portable hard drives, and I would like to remove the virus from my hard drives.

I have read the " instructions before posting", I would like to post the logs, however I don't understand how to do DDS and GMER to scan only portable hard drives.

Id like to ask how to it?

so sorry and many thank you's :D

A:Portable External Hard Drive infected by win32/Tanatos J and Sality

Hi. In your case, you are better off formatting the external hard drives also. Our tools and removal techniques are meant for the OS drive.

You can try using Kaspersky's Sality tool, which has a switch to target specific drives, but of course, that would entail making the drive active on some machine, which might infect that machine.
How to disinfect my computer from Virus.Win32.Sality?

http://www.techsupportforum.com/forums/f100/portable-external-hard-drive-infected-by-win32-tanatos-j-and-sality-629381.html
Relevancy 48.59%

I am in the process of posting in the forum called quot Virus Trojan Spyware and Malware Removal Logs quot I am GMER, is leave My should to partition hard drive I infected, external about run I'm that checked? about to run GMER and in the instructions it states the following -------------------------------------------------------------------------------------------------------------------You will now see the main GMER window If it gives you a warning about rootkit activity and asks if you want to run a full scan please click on the NO button We now need to configure GMER to not use some settings Please uncheck the following My external hard drive is infected, I'm about to run GMER, should I leave that partition checked? settings that we do not want in our scan IAT EATDrives Partition other than Systemdrive which is typically C Show All This is important so do not miss it When done the screen should look similar to Figure below Figure Options we want unchecked in GMEROnce your screen look similar to the above click on the Scan button to scan your computer for rootkits This may take a while so please be patient When it has finished you will be back at the main screen as shown in the figure below -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------The main reason I m posting there is because I have infections on my main partition quot C quot and I also have an infection on my recovery partition quot D quot Do I leave the D box checked in this circumstance I would hate to have to run GMER twice it takes about hours for it finish Thank you

http://www.bleepingcomputer.com/forums/t/442085/my-external-hard-drive-is-infected-im-about-to-run-gmer-should-i-leave-that-partition-checked/
Relevancy 48.59%

It s a Windows -bit machine I have tried using this guide http www bleepingcomputer com virus-removal remove-system-fix and a few other "Windows disk hard dected problem" virus with Infected things but in regards to the link referenced I am at a point where I need to run Malwarebytes but I am not able to run it So I m not even able to check Infected with "Windows dected hard disk problem" virus if I can update it or not Below is the DDS report Any help is greatly appreciated DDS Ver - - - NTFSAMD NETWORK Internet Explorer BrowserJavaVersion Run by Fazlic s at on - - Microsoft Windows Home Premium GMT - AV Microsoft Security Essentials Infected with "Windows dected hard disk problem" virus Enabled Updated DAC -C - B -BB - DA SP Microsoft Security Essentials Enabled Updated ABEC DA -E C- F - B -AA E D BDD SP Windows Defender Disabled Updated D DDC A- F- fae- E -DA C ACF Running Processes C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k RPCSS c Program Files Microsoft Security Client Antimalware MsMpEng exe C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows system svchost exe -k LocalServiceNoNetwork C Windows system svchost exe -k NetworkServiceNetworkRestricted C Windows Explorer EXE C Windows system ctfmon exe -netsvcs C Windows system conhost exe C Windows SysWOW cmd exe C Windows system conhost exe C Windows SysWOW cscript exe C Windows system wbem wmiprvse exe Pseudo HJT Report uInternet Settings ProxyServer http uInternet Settings ProxyOverride local mURLSearchHooks H - No File mWinlogon Userinit userinit exe BHO Groove GFS Browser Helper - c - d -b f - bbc d a e - C PROGRA MICROS Office GROOVEEX DLL BHO avast WebRep e e -ad d- bf-ac d-d f d - C Program Files AVAST Software Avast aswWebRepIE dll BHO Windows Live ID Sign-in Helper d - c - abf- ecc- c - C Program Files x Common Files Microsoft Shared Windows Live WindowsLiveLogin dll BHO Office Document Cache Handler b f a - e - -ba - b e ff - C PROGRA MICROS Office URLREDIR DLL BHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - C Program Files x Java jre bin jp ssv dll TB CCC A -B CA- -B A - F DD - No File TB avast WebRep e e -ad d- bf-ac d-d f d - C Program Files AVAST Software Avast aswWebRepIE dll TB FEBEFE - B - - D -FFB D B CA - No File uRun OfficeSyncProcess quot C Program Files x Microsoft Office Office MSOSYNC EXE quot uRun Sidebar C Program Files Windows Sidebar sidebar exe autoRun mRun StartCCC quot c Program Files x ATI Technologies ATI ACE Core-Static CLIStart exe quot MSRun mRun PDF Complete C Program Files x PDF Complete pdfsty exe mRun QuickTime Task quot C Program Files x QuickTime QTTask exe quot -atboottime mRun SunJavaUpdateSched quot C Program Files x Common Files Java Java Update jusched exe quot mRun HP Software Update C Program Files x HP HP Software Update HPWuSchd exe mRun lt NO NAME gt mRun BCSSync quot C Program Files x Microsoft Office Office BCSSync exe quot DelayServices mRun APSDaemon quot C Program Files x Common Files Apple Apple Application Support APSDaemon exe quot mRun iTunesHelper quot C Program Files x iTunes iTunesHelper exe quot mRun Malwarebytes Anti-Malware reboot quot C Program Files x Malwarebytes Anti-Malware mbam exe quot runcleanupscript mRun uGYVondJrVpdI exe C ProgramData uGYVondJrVpdI exe mRun avast quot C Program Files AVAST Software Avast avastUI exe quot nogui mRunOnce AvgUninstallURL cmd exe c start http www avg com ww special-uninstallation-feedback-appf lic NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ wtUVREQ gtNElKTUg quot amp quot inst NzctNzUwNjc MTE LUZMMTArMS GT krMTEtRERUKzIyODE LVRVRyszLUREMTBGKzEtU QxMEZBUFArMS GMTBNMTJBVCszMy GMTBNMTJBKzEtRjEwTTEyQUIrMS VMTArMS GMTBNMTJBVEIrMS TVDEyRk JKzEtRjEwTTEyQVUrMS FVUx... Read more

A:Infected with "Windows dected hard disk problem" virus

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/431646 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system. If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.Thank you for your patience, and again sorry for the delay.*************************************************** We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE We also need a new log from the GMER anti-rootkit Scanner. Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here: How to create a GME... Read more

http://www.bleepingcomputer.com/forums/t/431646/infected-with-windows-dected-hard-disk-problem-virus/
Relevancy 48.16%

Occasionally, when trying to fix a computer, I encounter this term.

Windows error reporting states I don't have to worry about it, but the problem persists.

RF123
 

A:what is a fault bucket?

A fault bucket identification number is a number assigned by the system to identify specific types of errors usually this correlates to problems showing in the Event Viewer.
Also this identifcation number is what is used by Microsoft in order to identify a particular program error when you send an error report.
 

https://forums.techguy.org/threads/what-is-a-fault-bucket.446088/
Relevancy 48.16%

I recently ran a couple firewall tests, shields up and auditmypc etc. They're both coming up with a port that's open. I think they called it Tram. It says this port is commonly used for trojans. But my biggest concern is that it is open and I would like to shut it. I have searched my firewall completely for port control options and cannot find the solution anywhere. It also said that my computer responded to Ping (ICMP Echo) Requests. Buy my firewall says that this is blocked, so I do not know how it is still responding. If anyone has had any similar experiences with these firewall test sites, because I don't know if it is my computer or the sites themselves. Please feel free to envelope me in the answer to my frustration.

http://www.vistax64.com/system-security/205933-hole-my-bucket.html
Relevancy 48.16%

WinXP Home Sp-1

Sometimes, not always, when opening My Computer or Windows Explorer, it crashes. The App error log reports: explorer.exe version 6.0.2800.1221 has errored in faulting module ntdll.dll version 5.1.2600.1106 Fault address 0x00002109. It seems this ntdll.dll is the root.

Another error is logged: Fault bucket 50940626

1. As anyone experienced this?

2. Recently renamed the computer but, the original name still appears in Win Explorer as a folder. Only one user on this machine. Could this be it?

3. Do I ned to change the old name everywhere in the registry?

4. Should I just do an XP repair?
 

A:Fault Bucket

try running
sfc /scannow
don't miss the space after the c
 

https://forums.techguy.org/threads/fault-bucket.155508/
Relevancy 48.16%

Does anyone know what these mean:
0x1a_3452_nt!MiDeleteAddressesInWorkingSet+2fb,type0 (This has occurred on my computer 13 times from January until today 11/3/2012)
PAGE_NOT_ZERO,type 0
ZEROED_STACK, type 0
0x24_Ntfs!NtfsFreeSnapshots ForFeb+c0, type 0

And there are MANY, MANY more. I didn't know about looking at the events to see the errors that I had sent. I just found out about that today. And so, we haven't done it in a while. Do I have a serious problem?
Thank you for any help!

http://www.vistax64.com/general-discussion/298592-fault-bucket.html
Relevancy 48.16%

purchaed new HP lap top and are having problem with error code Bucket ID: 111712637
also in error report is :Service HP CUE DeviceDiscovery Service hung on starting.
Can you help

A:Bucket ID: 111712637

Welcome to TSF

Is this laptop still under warranty?

http://www.techsupportforum.com/forums/f217/bucket-id-111712637-a-295772.html
Relevancy 48.16%

I have had a Bit Torrent client "" Deluge "" crash on me 6 times today. On half of the crashes the Event viewer said it was

Fault Bucket 1205604003

Google doesn't have much to say about Fault Buckets.

Any help here?

Thanks

A:Fault Bucket???

As I understand it...fault buckets are basically program debug mistakes which cause the system/program to crash.See http://phorums.com.au/archive/index.php/t-210235.htmlWhen it happens on my system, I just assume that the program has damaged files, needs updating, or needs reinstalling. If it's a known program that I can't update and which I know has a history of being troublesome, I just ignore the error...since the resolution would probably involve removing the program.If I had a large number of these, due to the same application...I would remove the program permanently.Louis

http://www.bleepingcomputer.com/forums/t/264547/fault-bucket/
Relevancy 48.16%

Hi A few days ago I ran a scan on Antivir and it turns out I have these viruses tr atraps gen - consrv dll tr agent - c b f- f c f-exp-cve- - a cbfc ef - e I suspect I got them because I had another computer infected and then it got transferred through a hard drive So now I'm dealing with a computer which may or may not be disinfected a likely infected external hard drive and another virus on another computer I'd really appreciate the help in how to get rid of this virus on this computer and also on the external hard drive Thanks DDS Ver - - - NTFS AMD Internet Explorer BrowserJavaVersion Run by Me at on - - Microsoft Windows Home Premium GMT - AV Trend with Hard Drive Atraps.gen2 Transferred agent.1234, Suspect Infected Through and Micro Internet Security Disabled Updated F AC- AA - D- C- E E AV AntiVir Desktop Enabled Updated F C - CE- C F- C- B A B SP Trend Micro Internet Security Disabled Updated D - C Infected with Atraps.gen2 and agent.1234, Suspect Transferred Through Hard Drive A- -BE C-BB CF BF SP Windows Defender Disabled Updated D DDC A- F- fae- E -DA C ACF SP AntiVir Infected with Atraps.gen2 and agent.1234, Suspect Transferred Through Hard Drive Desktop Enabled Updated B E DCD- F - E - D C- CF DCF A Running Processes C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost Infected with Atraps.gen2 and agent.1234, Suspect Transferred Through Hard Drive exe -k RPCSS C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k LocalService C Program Files x Cisco Cisco AnyConnect VPN Client vpnagent exe C Windows system svchost exe -k NetworkService C Program Files x ASUS SmartLogon smartlogon exe C Windows system FBAgent exe C Program Files x ASUS ATK Package ATK Hotkey ASLDRSrv exe C Program Files x ASUS ATK Package ATKGFNEX GFNEXSrv exe C Windows System spoolsv exe C Program Files x Avira AntiVir Desktop sched exe C Windows system taskhost exe C Windows system Dwm exe C Windows Explorer EXE C Program Files x Avira AntiVir Desktop avguard exe C Program Files x Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Windows system taskeng exe C Program Files x ASUS ASUS Live Update ALU exe C Program Files x ASUS SmartLogon sensorsrv exe C Program Files x ASUS Splendid ACMON exe C Program Files P G BatteryLife exe C Program Files x ASUS ASUS CopyProtect aspg exe C Program Files x ASUS ATK Package ATK Hotkey HControl exe C Program Files x Microsoft BingBar BBSvc exe C Program Files Bonjour mDNSResponder exe C Windows System svchost exe -k LocalServiceNoNetwork C Windows system svchost exe -k LocalServiceAndNoImpersonation C Program Files x Intel Intel reg Management Engine Components LMS LMS exe C Windows System svchost exe -k HPZ C Windows System svchost exe -k HPZ C Program Files Trend Micro Internet Security UfSeAgnt exe C Windows system svchost exe -k imgsvc C Windows SysWOW ACEngSvr exe C Program Files Common Files Microsoft Shared Windows Live WLIDSVC EXE C Program Files Elantech ETDCtrl exe C Program Files x ASUS ASUS WebStorage SERVICE AsusWSService exe C Windows System igfxtray exe C Windows System hkcmd exe C Windows System igfxpers exe C Program Files Canon MyPrinter BJMYPRT EXE C Program Files Windows Sidebar sidebar exe C Program Files Common Files Microsoft Shared Windows Live WLIDSvcM exe C Program Files x syncables syncables desktop syncables exe C Program Files x BatteryCare BatteryCare exe C Users Me AppData Roaming Dashlane bin Firefox Extension d - e- a-b e -fb ee b e f components Dashlane exe C Program Files x syncables syncables desktop jre bin javaw exe C Program Files SRS Labs SRS Premium Sound Control Panel SRSPremiumPanel exe C Program Files x Boingo Boingo Wi-Fi Boingo Wi-Fi exe C Program Files x ASUS ATK Package ATKOSD ATKOSD exe C Program Files x ASUS ASUS Data Security Manager ADSMTray exe C Program Files... Read more

A:Infected with Atraps.gen2 and agent.1234, Suspect Transferred Through Hard Drive

Hello seethis and Welcome to The Forums!!Around here they call me Gringo and I'll be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.-Security Check-Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.-AdwCleaner-Please download AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Delete.Confirm each time with Ok.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile with your next answer.You can find the logfile at C:\AdwCleaner[S1].txt as well.--RogueKiller--Download & SAVE to your Desktop RogueKiller or from here Quit all programs that you may have started.Please disconnect any USB or external drives from the computer before you run this scan!For Vista or Windows 7, right-click and select "Run as Administrator to start"For Windows XP, double-click to start.Wait until Prescan has finished ...Then Click on "Scan" buttonWait until the Status box shows "Scan Finished"click on "delete"Wait until the Status box shows "Deleting Finished"Click on "Report" and copy/paste the content of the Notepad into your next reply.The log should be found in RKreport[1].txt on your DesktopExit/Close RogueKiller+Gringo

http://www.bleepingcomputer.com/forums/t/485553/infected-with-atrapsgen2-and-agent1234-suspect-transferred-through-hard-drive/
Relevancy 48.16%

Hi,

Is there a way to boot up from a floppy drive, a bootup disk to erase the Hard Drive?

So I can Clean Install XP.

Thank you.

A:Boot Disc to Command Prompt to Format and Erase Infected Hard Drive

Well...how do you plan to install XP...from recovery disks, from MS XP CD, from recovery partition, etc.? How do you plan to accomplish the install?

Deleting the preexisting partition or formatting same...should be a part of the clean install option provided by most means of installing XP.

Essentially, there's no need to "erase" the hard drive by other means.

Louis

http://www.bleepingcomputer.com/forums/t/269379/boot-disc-to-command-prompt-to-format-and-erase-infected-hard-drive/
Relevancy 47.73%

I believe I have recently been infected with a very hard a to things internet access with find blocking among other Infected hard virus to find virus that is preventing me from accessing several programs as well as the internet I m posting this from a laptop which Infected with a hard to find virus blocking internet access among other things isn t even mine I think there are others here that are going through the same problem I believe Christopher in particular has it I Have Infected with a hard to find virus blocking internet access among other things a Compaq Presario with a Pentium processor and WinXP Home I originally posted this problem in the web amp email board describing how my Infected with a hard to find virus blocking internet access among other things IPadress was locked into meaning there s something going wrong between DCHP and TCP IP and it would not be fixed with the usual solution of entering ipconfig release ipconfig renew in Command Prompt I initially thought that Winsock was corrupt but all my attempts at fixing it -both manually and with WinsockFix- failed In the end it all seemed fixed after using systm restore which nobody here suggested But a day later it came back even worse My connection has been severed again and there are several programs I can t even access Most notably are AVG antivirus and Windows Media Player I can click on them but nothing ever comes up I can t use system restore any longer because that s also inaccessable though in a slightly different way I click on it once and nothing happens I click on it again and a blank window comes up I ve included a HJT log just in case you find anything though I doubt it since other s who describe almost the same problem aren t getting anything from it Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Comodo Firewall cmdagent exe C WINDOWS system LxrJD s exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system svchost exe C WINDOWS Explorer EXE C WINDOWS system wscntfy exe C windows system hpsysdrv exe C WINDOWS system hkcmd exe C WINDOWS AGRSMMSG exe C HP KBD KBD EXE C Program Files Common Files Real Update OB realsched exe C WINDOWS SOUNDMAN EXE C WINDOWS ALCWZRD EXE C WINDOWS ALCMTR EXE C Program Files Microsoft IntelliType Pro type exe C Program Files HP hpcoretech hpcmpmgr exe C WINDOWS system spool drivers w x hpztsb exe C Program Files Hewlett-Packard HP Software Update HPWuSchd exe C Program Files Java jre bin jusched exe C Program Files Common Files InstallShield UpdateService issch exe C Program Files iTunes iTunesHelper exe C Program Files QuickTime qttask exe C Program Files Comodo Firewall CPF exe C WINDOWS system ctfmon exe C Program Files iPod bin iPodService exe C Documents and Settings Compaq Owner Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN US amp c Q amp bd presario amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Default Search URL http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd presario amp pf desktop R - HKCU Software Microsoft Internet Explorer Main Start Page http www dogpile com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TYPE amp tp iehome amp locale EN US amp c Q amp bd presario amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Search Bar http ie redirect hp com svs rdr TYPE amp tp iesearch amp locale EN US amp c Q amp bd presario amp pf desktop R - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Connection Wizard ShellN... Read more

A:Infected with a hard to find virus blocking internet access among other things

Hello? Is anyone looking at this?
 

https://forums.techguy.org/threads/infected-with-a-hard-to-find-virus-blocking-internet-access-among-other-things.574966/
Relevancy 47.73%

I need instructions on how to make a start up disk for Microsoft Security Essentials and also instructions on how to boot that up in my computer to accept it and run the virus protection for Windows XP Pro. I'm unable to get into windows to handle that manually myself. I believe that the hard drive has been infected with a virus that may have overtaken it.

A:virus that has taken over hard drive

You could try this one:http://www.free-av.com/en/products/12/avir...cue_system.html

http://www.bleepingcomputer.com/forums/t/346089/virus-that-has-taken-over-hard-drive/
Relevancy 47.73%

i have just had to replace the hard drive on my daughters computer i started the machine and the bios will not let me start from the disc drive to reload windows it just says enter next to the chenge and wont let me do anything help needed computer to good to trash
 

https://forums.techguy.org/threads/hard-drive-virus-d-up.765550/
Relevancy 47.73%

About days ago I was playing an of it...maybe? Virus, rid S.M.A.R.T. got Had the Hard Drive offline game that I ve had Had the S.M.A.R.T. Hard Drive Virus, got rid of it...maybe? for a while All the sudden it crashes and I get tons of Hard-disc related errors Then a S M A R T window popped up and said I could get rid of them if I payed for a license I knew at that point it was a virus Also all my desktop icons and most of what I had in my start menu was gone First I tried following the removal instructions MBAM wouldn t update access denied but it found the virus Upon rebooting however nothing changed Miraculously I was able to run System Restore which got rid of the infection and restored my start menu amp desktop icons and I deleted the virus files and registry keys to ensure that they wouldn t affect my machine again I had to reinstall MBAM to get it to update I was getting error access to config file denied or something along those lines before reinstallation MBAM found one additional item which I got rid of Then I ran ComboFix which found a few things as well At this point my machine is running well with exceptions ATi Catalyst Control Center CCC crashes when attempting to run it I get quot This program has encountered a problem quot errors regarding CCC upon startup and whenever I try to run CCC myself CCC ran perfectly fine before the S M A R T HD infection which is why I ve refrained from reinstalling it so far I ve tried the quot Repair quot option for CCC to no avail Windows takes slightly longer to boot up than before the infection Therefore I ve come here with the requested log files to see if you guys can help determine whether or not I still have a few things left on my machine and get my machine running again Thank you very much ----DDS TXT--- DDS Ver - - - NTFSx Internet Explorer BrowserJavaVersion Run by vargomp at on - - Microsoft Windows XP Professional GMT - AV Microsoft Forefront Client Security Disabled Updated A D F-E E - F - - EDD FFE AF Running Processes C WINDOWS system Ati evxx exe C WINDOWS system svchost exe -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C WINDOWS system svchost exe -k WudfServiceGroup C WINDOWS system Ati evxx exe svchost exe svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Microsoft IntelliPoint ipoint exe C WINDOWS system rundll exe C WINDOWS system spool drivers w x hpztsb exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Hewlett-Packard HP Quick Launch Buttons QlbCtrl exe C Program Files Analog Devices Core smax pnp exe C Program Files Sony Content Transfer ContentTransferWMDetector exe C Program Files HP HP Software Update HPWuSchd exe C Program Files Pinnacle Shared Files Programs USBTip USBTip exe C Program Files iTunes iTunesHelper exe C Program Files DivX DivX Update DivXUpdate exe svchost exe C Program Files SUPERAntiSpyware SASCORE EXE C Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files Broadcom BACS BPowMon exe C WINDOWS system svchost exe -k bthsvcs C Program Files Java jre bin jqs exe C Program Files Common Files LightScribe LSSrvc exe C Program Files Common Files Microsoft Shared VS DEBUG mdm exe C Program Files Motorola MotoHelper MotoHelperService exe C WINDOWS System svchost exe -k HPZ C WINDOWS System svchost exe -k HPZ C WINDOWS system svchost exe -k imgsvc C Program Files Tablet Wacom Wacom Tablet exe C WINDOWS system CCM CLICOMP RemCtrl Wuser exe C Program Files Motorola MotoHelper MotoHelperAgent exe C Program Files Tablet Wacom Wacom TabletUser exe C WINDOWS system CCM CcmExec exe C Program Files Hewlett-Packard Shared hpqwmiex exe C WINDOWS System svchost exe -k netinfsvc C Program Files Tablet Wacom Wacom Tablet exe C WINDOWS system ctfmon exe C Program Files Mozilla Firefox firefox exe C Program Files iPod bin iPodService exe C P... Read more

A:Had the S.M.A.R.T. Hard Drive Virus, got rid of it...maybe?

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/458714 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system. If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.Thank you for your patience, and again sorry for the delay.*************************************************** We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE We also need a new log from the GMER anti-rootkit Scanner. Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log. Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here: How to create a GMER logAs I am just... Read more

http://www.bleepingcomputer.com/forums/t/458714/had-the-smart-hard-drive-virus-got-rid-of-itmaybe/
Relevancy 47.73%

I recently built a new computer I'm still using the hard drive from my old computer but have reformatted and installed Windows Ultimate -bit The computer has worked fine Or Hard Think Virus Have Bad A I I A Drive for a few months now but just a few days ago I started getting that Aw snap message in Chrome It I Think I Have A Virus Or A Bad Hard Drive happened when I would look at lots of pictures looking for a vehicle online at first but then I Think I Have A Virus Or A Bad Hard Drive Chrome just started crashing randomly and often I tried creating a new profile updated flash and disable Chrome's built in flash deleted the browser and even downloaded and installed it again No dice I finally gave up on Chrome and downloaded Firefox but I'm having the same problems I Think I Have A Virus Or A Bad Hard Drive with it Sometimes I get an error message from the browsers but a few times I've gotten a blue crash screen and my computer restarts This morning I was fed up with it I didn't think it was a virus because the computer was working fine as long as I wasn't using a browser I finally tried a scan with Security Essentials I usually have AVG installed but decided not to go with it this time around this build First off MSE wouldn't let me update the database I thought that was odd but I tried a scan anyway Almost immediately real-time protection was turned off and the scan failed I tried again but this time I got a blue screen I tried to boot the computer up again in safe mode but I couldn't even get back into Windows I tried the repairs including the repairs from the CD but nothing worked so I had to reformat and reload everything I figured it was a virus and reformatting was the last thing I really wanted to do but I had no choice This time I installed AVG and I thought I was done with it I've barely done anything to the fresh install I've only installed Chrome Peazip Silverlight and my Nvidia drivers I haven't even loaded my Asus tools yet but I'm already having the same problem again Only this time I've tested IE too and I'm getting the same problems with it as well I've already gotten a few blue screens today I can't watch Netflix or any flash based video Sometimes If I do get a video to play I can't control things like the volume slider on the video player Similarly at times when I log into my email I can't click to log back out Also I got messages while extracting Peazip AVG and Silverlight maybe Chrome too that the files were corrupt and could not be extracted The second go worked on all of them except Silverlight which took several tries Sorry but I don't remember the exact messages My gut is telling me this is a virus but I would have thought reformatting would get rid of it Am I crazy Is this my hard drive or something Thanks in advance for the help -Chris

A:I Think I Have A Virus Or A Bad Hard Drive

I truly feel it best to repost this in a new topic with a DDS log. We should get a deeper look. Please follow this Preparation Guide and post in a new topic.Let me know if all went well.

http://www.bleepingcomputer.com/forums/t/505394/i-think-i-have-a-virus-or-a-bad-hard-drive/
Relevancy 47.73%

I was working on a computer...the computer would not boot in any mode and in fact restarted on trying any mode...there was enough space on the hard drive to create another installation..so I did that..so after about a week the person says the new installation is not bootable and is in fact doing the same as the old one, i.e. keeps on restarting on any mode...any one have any idea ?? any info is appreciated
 

Relevancy 47.73%

I picked up a virus that keeps changing the site I want. It only does it to MSN and Yahoo. I did a scan with the Spysweeper and syntec with no luck. I had a similar problem a few months back and I obtained info on how to reformat the hardrive which I performed sucessfully. This time however as soon as I start to type in format the computer shuts down. I tried several times and actually got up to 15% before it shut down. Any ideas?

A:hard drive virus

are you formatting in DOS??

http://www.techsupportforum.com/forums/f10/hard-drive-virus-55835.html
Relevancy 47.73%

Hello I ve had this computer since so it s pretty old now It s been running slower than it ever has I did a full system recovery I installed only what I thought was necessary I downloaded Comodo and have had it check for viruses I ran drive hard my Possible on virus the Comodo System-Cleaner to clean up my hard drive I ran a few disk cleanups and defrags and I even bought something online Possible virus on my hard drive called RegClean which the Spybot S amp D forums say is malware which worries me now that I let it clean my registry a few times My other concern is that when I do a clean boot if I try to run something that wants to connect to the internet it can t I don t know what this means but according to various sources online this isn t supposed to happen I went through and checked what every single startup item and service meant so as to decide what was essential and I still couldn t connect to the internet I also haven t gotten Spybot S amp D to do a full scan It gets an error message half way through and my entire computer becomes unresponsive before restarting and telling me that I got a blue screen error I ve already emailed them about this to try to fix it but I can report what the error message says in a later post if anyone wants to know I d have to make it pop up again I m just throwing this out there because I did a HijackThis report a few years back on another and I was told to use S amp D multiple times while I was being helped I also wonder if it s something on my hard drive trying to prevent me from getting rid of it Anyway after all of that my computer is still running extremely slow I ve had moments where I d log on the computer and it would freeze so bad to the point where I had to turn the computer off and back on again I m afraid that RegClean infected my system and I m concerned a virus may be blocking me from getting on the internet if I don t have a certain program running I ve been told that some viruses these days will attach themselves to the recovery drive and still stay on your PC after you perform a full recovery I just wanted to post a HijackThis just in case I have a virus on this computer somewhere If someone could help me with this I d really appreciate it Sean LOGS Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files COMODO COMODO Internet Security cmdagent exe C WINDOWS system svchost exe C WINDOWS system spoolsv exe C Program Files COMODO COMODO System-Cleaner Cleaner Validator exe C Program Files Java jre bin jqs exe C WINDOWS system nvsvc exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C Program Files Common Files Java Java Update jusched exe C WINDOWS system ps exe C WINDOWS system RUNDLL EXE C windows system hpsysdrv exe C Program Files COMODO COMODO Internet Security cfp exe C WINDOWS System svchost exe C WINDOWS system ctfmon exe C Program Files Spybot - Search amp Destroy TeaTimer exe C Documents and Settings Owner Local Settings Application Data Google Chrome Application chrome exe C Documents and Settings Owner Local Settings Application Data Google Chrome Application chrome exe C Documents and Settings Owner Local Settings Application Data Google Chrome Application chrome exe C WINDOWS system msiexec exe C Program Files Trend Micro HiJackThis HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKCU Software Microsoft Internet Explorer Main Search Bar http srch-us hpwis com R - HKCU Software Microsoft Internet Explorer Main Search Page http srch-us hpwis com R - HKCU Software Microsoft Internet Explorer Main Start Page http www bing com R - HKLM Software Microsoft Internet Explorer... Read more

A:Possible virus on my hard drive

I'm having problems trying to submit my GMER report. I've tried cutting it down in to forths, but it's still giving me problems. It says that it's experiencing delay in processing my request, and then it redirects me to a white page and stops. Can I post it as an attachment?
 

https://forums.techguy.org/threads/possible-virus-on-my-hard-drive.987486/
Relevancy 47.73%

About days ago I was playing an offline game that I ve had for a while All the sudden of Hard Had got it...maybe? Drive rid S.M.A.R.T. the Virus, it crashes and I get tons of Hard-disc related errors Had the S.M.A.R.T. Hard Drive Virus, got rid of it...maybe? Then a S M A R T window popped up and said I could get rid of them if I payed for a license I knew at that point it was a virus Also all my desktop Had the S.M.A.R.T. Hard Drive Virus, got rid of it...maybe? icons and most of what I had in my start menu was gone First I tried following the removal instructions MBAM wouldn t update access denied but it found the virus Upon rebooting however nothing changed Miraculously I was able to run System Restore which got rid of the infection and restored my start menu amp desktop icons and I deleted the virus files and registry keys to ensure that they wouldn t affect my machine again I had to reinstall MBAM to get it to update I was getting error access to config file denied or something along those lines before reinstallation MBAM found one additional item which I got rid of Then I ran ComboFix which found a few things as well At this point my machine is running well with exceptions ATi Catalyst Control Center CCC crashes when attempting to run it I get quot This program has encountered a problem quot errors regarding CCC upon startup and whenever I try to run CCC myself CCC ran perfectly fine before the S M A R T HD infection which is why I ve refrained from reinstalling it so far I ve tried the quot Repair quot option for CCC to no avail Windows takes slightly longer to boot up than before the infection Therefore I ve come here with the requested log files to see if you guys can help determine whether or not I still have a few things left on my machine and get my machine running again Thank you very much ----DDS TXT--- DDS Ver - - - NTFSx Internet Explorer BrowserJavaVersion Run by vargomp at on - - Microsoft Windows XP Professional GMT - AV Microsoft Forefront Client Security Disabled Updated A D F-E E - F - - EDD FFE AF Running Processes C WINDOWS system Ati evxx exe C WINDOWS system svchost exe -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C WINDOWS system svchost exe -k WudfServiceGroup C WINDOWS system Ati evxx exe svchost exe svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C Program Files Microsoft IntelliPoint ipoint exe C WINDOWS system rundll exe C WINDOWS system spool drivers w x hpztsb exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Hewlett-Packard HP Quick Launch Buttons QlbCtrl exe C Program Files Analog Devices Core smax pnp exe C Program Files Sony Content Transfer ContentTransferWMDetector exe C Program Files HP HP Software Update HPWuSchd exe C Program Files Pinnacle Shared Files Programs USBTip USBTip exe C Program Files iTunes iTunesHelper exe C Program Files DivX DivX Update DivXUpdate exe svchost exe C Program Files SUPERAntiSpyware SASCORE EXE C Program Files Adobe Photoshop Elements PhotoshopElementsFileAgent exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files Bonjour mDNSResponder exe C Program Files Broadcom BACS BPowMon exe C WINDOWS system svchost exe -k bthsvcs C Program Files Java jre bin jqs exe C Program Files Common Files LightScribe LSSrvc exe C Program Files Common Files Microsoft Shared VS DEBUG mdm exe C Program Files Motorola MotoHelper MotoHelperService exe C WINDOWS System svchost exe -k HPZ C WINDOWS System svchost exe -k HPZ C WINDOWS system svchost exe -k imgsvc C Program Files Tablet Wacom Wacom Tablet exe C WINDOWS system CCM CLICOMP RemCtrl Wuser exe C Program Files Motorola MotoHelper MotoHelperAgent exe C Program Files Tablet Wacom Wacom TabletUser exe C WINDOWS system CCM CcmExec exe C Program Files Hewlett-Packard Shared hpqwmiex exe C WINDOWS System svchost exe -k netinfsvc C Program Files Tablet Wacom Wacom Tablet exe C WINDOWS system ctfmon exe C Program Files Mozilla Fire... Read more

A:Had the S.M.A.R.T. Hard Drive Virus, got rid of it...maybe?

Hmmm.... looks like I accidentally made 2 threads instead of one. Mods, could you delete this duplicate thread? Thanks.

http://www.bleepingcomputer.com/forums/t/458715/had-the-smart-hard-drive-virus-got-rid-of-itmaybe/
Relevancy 47.73%

I have a customer who asked if I can remove viruses from their computer They said they have quot drive virus hard on a trojan quot on it Knowing most users consider the entire quot computer quot as the quot hard drive quot I told them to bring quot just the hard drive quot And that s just what they brought no computer just the drive It s a SATA drive and I don t have the SATA to USB adapter I only have an IDE to USB I m kinda weary virus on hard drive about virus on hard drive hooking this drive up to my own machine the only one I have with an available SATA internal port on it If I m not booting off of the virus infected drive what is the possibility if any that I could infect my own machine What steps should I take to remove whatever virus is on the machine I will run AVG scanner as well as spybot adaware on the drive Are there any other good quot freeware quot scanners I know I can t run hijackthis since I m not booting off this drive nbsp

https://forums.techguy.org/threads/virus-on-hard-drive.667520/
Relevancy 47.73%

I have virus in my computer, do I need a new hard drive to get rid of it?
 

Relevancy 47.73%

Hello Yesterday one of the colleagues at work plugged a flash drive to a PC that was infected with virus What the virus did to to usb drive was Put all the files-folders of usb drive with Flash Infected Drive a / USB Virus into an unnamed folder in usb drive itself and embed that with virus so that If the user had to retrieve files in Windows environment then Infected with a Flash / USB Drive Virus the computer gets infected Thanks to smart colleague he did the same in order to reach the files After he understood he was infected he asked for my help Because i was a little experienced in this subject I ran some tools like Hijackthis and noticed the virus was running a com file I have restart the PC in command prompt with safe mode enabled and was succeeded to delete that file So it seems that the pc is not spreading any viruses to other usb drives But the thing is although i remove the line from Registry using hijackthis it keeps being re added and its a sign of somehow some malicious thing is present in pc and i cant find it So I'm here looking for help Infected with a Flash / USB Drive Virus I've read the posting tutorial I won't be able to reply rightaway to any requests from admins moderators so please be patient with me Thanks for your patience I replaced computer name with TTTTTTT in order to keep it conf And here is the dds txt paste and the attachment is ready DDS Ver - - - NTFS AMD Internet Explorer Run by TTTTTTT at on - - Microsoft Windows Professional GMT SP Windows Defender Enabled Outdated D DDC A- F- fae- E -DA C ACF Running Processes C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k RPCSS C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Windows system taskhost exe C Windows system Dwm exe C Windows Explorer EXE C Program Files x Autodesk Content Service Connect Service ContentService exe C Windows system svchost exe -k LocalServiceAndNoImpersonation C Windows system hasplms exe C Program Files Common Files Nitro PDF Professional NitroPDFDriverService x exe C Windows SysWOW NLSSRV EXE C Windows System svchost exe -k secsvcs C Program Files x OpenOffice org program soffice exe C Program Files x OpenOffice org program soffice bin C Program Files x Ask com Updater Updater exe C Program Files x Common Files Java Java Update jusched exe C Windows system SearchIndexer exe C Program Files Windows Media Player wmpnetwk exe C Windows system sppsvc exe C Users TTTTTTT AppData Local Google Chrome Application chrome exe C Users TTTTTTT AppData Local Google Chrome Application chrome exe C Windows system taskeng exe C Users TTTTTTT AppData Local Google Chrome Application chrome exe C Windows system wbem wmiprvse exe C Users TTTTTTT AppData Local Google Chrome Application chrome exe C Users TTTTTTT AppData Local Google Chrome Application chrome exe C Windows system taskhost exe C Program Files x Common Files Java Java Update jucheck exe C Windows system wbem wmiprvse exe C Windows System cscript exe Pseudo HJT Report uStart Page hxxp www google com tr uURLSearchHooks UrlSearchHook Class - E - FD - - F E FC - C Program Files x Ask com GenericAskToolbar dll BHO Java Plug-In SSV Helper BB-D F - C-B EB-D DAF D D - C Program Files x Java jre bin ssv dll BHO Ask Toolbar D C F- A- -A AD- D - C Program Files x Ask com GenericAskToolbar dll BHO Java Plug-In SSV Helper DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll TB Ask Toolbar D C F- A- -A AD- D - C Program Files x Ask com GenericAskToolbar dll mRun ApnUpdater C Program Files x Ask com Updater Updater exe mRun SunJavaUpdateSched C Program Files x Common Files Java Java Update jusched exe mExplorerRun C PROGRA LOCALS Temp msacysuz... Read more

A:Infected with a Flash / USB Drive Virus

Hello and welcome to BleepingComputer! 
 
 
 
I am Elle and I will be helping you out with your problem. Firstly, you should know that we are working with specific tools which are used to identify the possible threats present on your system so I will analyze the results they produce. 
 
 
As a start we need to have some more up-to-date logs than the ones you have already provided. The current state of the files on your system might have changed so we need to get a clear look on that aspect. DO NOT bring any changes to the system except the ones I tell you to as that may produce more damage than helping us. 
 
If you will encounter a delay of over 2 days from me, please don't hesitate and private message me (link in the signature). 
Do not forget to check your topic periodically and subscribe to it so that you can receive notifications regarding my replies.
 
 
 
Please generate other DDS logs (download it from here if you haven't already) and post them in your next reply along with other changes that may have occured since you last posted.
Also download and run GMER from this link:http://www.gmer.net/gmer.zip
 
 
 
Thank you very much for your patience. 
 
 
 
 
Regards,
 
Elle

http://www.bleepingcomputer.com/forums/t/491201/infected-with-a-flash-usb-drive-virus/
Relevancy 47.73%

It appears that I have an internet search redirect virus I caught this nasty thing in August got a new computer and apparently transferred the virus on a USB stick It s the usual whenever I do a Google search it redirects my clicks to a spam website I ve run my virus software Symantec and Malbytes Anti-malware which helped at fit but this thing is still there I m still able to use the cached link to get anywhere but if from Infected redirect - USB with drive? virus I recall I lost this functionality from the virus on my last computer The Symantec virus scan is returning clean Here is the log from DDS please note I ve changed my actual Infected with redirect virus - from USB drive? name to quot user name quot in the file names DDS Ver - - - NTFSx Run by user name at on Fri Internet Explorer Microsoft Windows XP Professional GMT - AV Symantec Endpoint Protection On-access scanning enabled Outdated FB E- B - A- F -E D C FW Symantec Endpoint Protection enabled BE FE -CD B- - A - DB DDB Running Processes C Program Files TrueSuite TrueSuite Service exe C Program Files Fingerprint Sensor atservice exe C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe -k netsvcs C Program Files Intel WiFi bin S EvMon exe C Program Files Symantec Symantec Endpoint Protection Smc exe svchost exe svchost exe C Program Files Common Files Symantec Shared ccSvcHst exe C WINDOWS system spoolsv exe svchost exe C Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Infected with redirect virus - from USB drive? Program Files Bonjour mDNSResponder exe C Program Files TOSHIBA ConfigFree CFSvcs exe C Program Files Intel WiFi bin EvtEng exe C WINDOWS system inetsrv inetinfo exe C Program Files Java jre bin jqs exe C Program Files Intel Intel reg Management Engine Components LMS LMS exe C Program Files Norton PC Checkup Engine SymcPCCULaunchSvc exe C Program Files Norton PC Checkup Engine ccSvcHst exe C Program Files Common Files Intel WirelessCommon RegSrvc exe C Program Files Utimaco SafeGuard Easy SgeClient exe C Program Files Utimaco SafeGuard Easy SgeCtl exe C WINDOWS system svchost exe -k imgsvc C Program Infected with redirect virus - from USB drive? Files Norton PC Checkup Engine ccSvcHst exe C Program Files Symantec Symantec Endpoint Protection Rtvscan exe C WINDOWS system ThpSrv exe C Program Files TOSHIBA TME Tmesrv exe C Program Files TOSHIBA TOSHIBA DVD PLAYER TNaviSrv exe C Program Files TOSHIBA TME TMEEJME EXE C WINDOWS system TODDSrv exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtSrv exe C Program Files Intel Intel reg Management Engine Components UNS UNS exe C Program Files Utimaco SafeGuard Easy WksCfgSrv exe C WINDOWS Explorer EXE C Program Files Symantec Symantec Endpoint Protection SmcGui exe C WINDOWS system igfxtray exe C WINDOWS system igfxpers exe C WINDOWS RTHDCPL EXE C Program Files Synaptics SynTP SynTPEnh exe C Program Files Intel WiFi bin ZCfgSvc exe C Program Files Common Files Intel WirelessCommon iFrmewrk exe C Program Files TOSHIBA TOSHIBA Zooming Utility SmoothView exe C Program Files TOSHIBA TOSHIBA Controls TFncKy exe C Program Files TOSHIBA ConfigFree NDSTray exe C Program Files TOSHIBA TME TMERzCtl EXE C WINDOWS system thpsrv exe C WINDOWS system wbem unsecapp exe C WINDOWS system TFNF exe C WINDOWS system TPSODDCtl exe C Program Files TOSHIBA TOSHIBA Sleep Utility TSleepSrv exe C Program Files Utimaco SafeGuard Easy Ecview exe C WINDOWS system TPSBattM exe C Program Files Utimaco SafeGuard Easy FIPSMon exe C Program Files Common Files Symantec Shared ccApp exe C Program Files TOSHIBA ConfigFree CFSServ exe C Program Files Canon MyPrinter BJMyPrt exe C Program Files Canon Canon IJ Network Scan Utility CNMNSUT exe C Program Files TOSHIBA TouchED TouchED exe C Program Files TOSHIBA Wireless Hotkey TosHKCW exe C Program Files iTunes iTunesHelper exe C Program Files TOSHIBA TOSHIBA Direct Disc Writer ddwmon exe C Program Files TrueSuite TrueSuite ClientAppLog... Read more

A:Infected with redirect virus - from USB drive?

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREWe also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:Why we request you disable CD Emulation when receiving Malware Removal AdviceThen create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:How to create a GMER logElle

http://www.bleepingcomputer.com/forums/t/366148/infected-with-redirect-virus-from-usb-drive/
Relevancy 47.73%

DDS Ver - - - NTFSx Run by yura at Flash some drive from virus Infected by on Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT AV AVG Anti-Virus Free On-access scanning disabled Updated Running Processes C WINDOWS system svchost -k DcomLaunch svchost exe C WINDOWS System svchost exe Infected by some virus from Flash drive -k netsvcs C WINDOWS system svchost exe -k WudfServiceGroup C Program Files Intel Wireless Bin S EvMon exe svchost exe C WINDOWS system spoolsv exe svchost exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Broadcom ASFIPMon AsfIpMon exe C PROGRA AVG AVG avgwdsvc exe C Program Files Bonjour mDNSResponder exe C Program Files Intel Wireless Bin EvtEng exe C Program Files Java jre bin jqs exe C Program Files Google Update GoogleUpdate exe C Program Files Dell QuickSet NICCONFIGSVC exe C Program Files CDBurnerXP NMSAccessU exe C PROGRA AVG AVG avgrsx exe C PROGRA AVG AVG avgnsx exe C WINDOWS system nvsvc exe C WINDOWS system PnkBstrA exe C WINDOWS system PnkBstrB exe C Program Files Intel Wireless Bin RegSrvc exe C Program Files SigmaTel C-Major Audio WDM StacSV exe C WINDOWS system svchost exe -k imgsvc C Program Files Wave Systems Corp Trusted Drive Manager TdmService exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtSrv exe C WINDOWS system dllhost exe C Program Files Intel Wireless Bin WLKeeper exe C PROGRA AVG AVG avgemc exe C Program Files AVG AVG avgcsrvx exe C WINDOWS system dllhost exe C WINDOWS system wscntfy exe C WINDOWS system wbem wmiapsrv exe C Program Files TortoiseSVN bin TSVNCache exe C WINDOWS system rundll exe C WINDOWS stsystra exe C Program Files Apoint Apoint exe C Program Files Intel Wireless bin ZCfgSvc exe C Program Files Intel Wireless Bin ifrmewrk exe C Program Files Wave Systems Corp Services Manager Docmgr bin WavXDocMgr exe C Program Files Apoint ApMsgFwd exe C Program Files Wave Systems Corp SecureUpgrade exe C Program Files Apoint HidFind exe C Program Files Apoint Apntex exe C Program Files BOINC boincmgr exe C Program Files BOINC boinctray exe C PROGRA AVG AVG avgtray exe C WINDOWS system RUNDLL EXE C WINDOWS system KADxMain exe C Program Files Java jre bin jusched exe C WINDOWS system ctfmon exe C Program Files I kfanGUI I kfanGUI exe C Program Files BOINC boinc exe C Program Files Nokia Nokia PC Suite PCSuite exe C Program Files Skype Phone Skype exe C Program Files TrueCrypt TrueCrypt exe C Program Files CounterPath X-Lite x-lite exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtMng exe C Program Files Logitech SetPoint SetPoint exe C Program Files Windows Desktop Search WindowsSearch exe C Program Files DeskPins DeskPins exe C WINDOWS system spool drivers w x CAP LAK EXE C Program Files RescueTime RescueTime exe C WINDOWS SYSTEM SPOOL DRIVERS W X CAP SWK EXE C Program Files Toshiba Bluetooth Toshiba Stack TosA dp exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtHid exe C Program Files Toshiba Bluetooth Toshiba Stack TosBtBty exe C Program Files Common Files Logishrd KHAL KHALMNPR EXE C Program Files Toshiba Bluetooth Toshiba Stack TosBtHsp exe C Program Files Toshiba Bluetooth Toshiba Stack TosAVRC exe C Program Files PC Connectivity Solution ServiceLayer exe C WINDOWS system SearchIndexer exe C Program Files Toshiba Bluetooth Toshiba Stack tosOBEX exe C Program Files PC Connectivity Solution Transports NclUSBSrv exe C Program Files PC Connectivity Solution Transports NclRSSrv exe C Program Files PC Connectivity Solution Transports NclToBTSrv exe C Program Files Toshiba Bluetooth Toshiba Stack tosBtProc exe C Program Files Skype Plugin Manager skypePM exe C WINDOWS explorer exe C WINDOWS system notepad exe C WINDOWS system taskmgr exe C Program Files Mozilla Firefox Beta firefox exe C WINDOWS system NOTEPAD EXE C Program Files Miranda IM miranda exe C Documents and Settings yura Local Settings Application Data Google Google Talk Plugin googletalkplugin exe C Program Fil... Read more

A:Infected by some virus from Flash drive

After I opend one *.txt file from my flash drive, AVG antivirus window poped up and showed me this list of files with various infections:

2009-04-12 20:10 24,888 a------- c:\documents and settings\yura\apow32.exe
2009-04-12 19:57 24,920 a------- c:\documents and settings\yura\vcmc32.exe
2009-04-12 19:56 28,440 a------- c:\documents and settings\yura\msesrv.exe
2009-04-12 19:56 24,910 a------- c:\documents and settings\yura\dnrmgr32.exe
2009-04-12 19:55 26,286 a------- c:\documents and settings\yura\s3mgr.exe
2009-04-12 19:55 32,676 a------- c:\documents and settings\yura\wrm32.exe
2009-04-12 19:55 27,668 a------- c:\documents and settings\yura\svnmgr.exe
2009-04-12 19:55 34,946 a------- c:\documents and settings\yura\wincpr.exe
2009-04-12 19:54 30,990 a------- c:\documents and settings\yura\mscupdate.exe
2009-04-12 19:54 29,416 a------- c:\documents and settings\yura\onbar2.exe
2009-04-12 19:54 25,356 a------- c:\documents and settings\yura\msmp3.exe
2009-04-12 19:54 33,848 a------- c:\documents and settings\yura\faxmgr.exe
2009-04-12 19:54 28,628 a------- c:\documents and settings\yura\opti.exe

(see above in previous log post)

I've also noticed two faxmgr.exe processes running taking up to 50 of my CPU and AVG list of infected files was rising in real time.. then I just killed those processes and then run ComboFix.exe, now I don't see any suspected activity, like those faxmgr.exe processes, but these *.exe files are still there.. so I'm not sure if my PC is completelly clean(

Any help appreciated.

http://www.bleepingcomputer.com/forums/t/218871/infected-by-some-virus-from-flash-drive/
Relevancy 47.3%

Hello,

I have a XP computer with SP2 that is getting a Fault Bucket error 126637809 when Internet Exploder hangs. Does anybody know how to resolve this issue?

-Sue

A:Fault Bucket Error

Run HiJackthis and post your log here.

http://www.techsupportforum.com/forums/f10/fault-bucket-error-372217.html
Relevancy 47.3%

Bucket ID: 111712637 I keep having this error , is there a solution ?? Thanks a lot for your time..
Saludos
PT

A:[SOLVED] Bucket ID: 111712637

Hi -

We're going to need a little bit more information; there should be extra text - we could use a screen grab.


Saluti . . .

.

.

http://www.techsupportforum.com/forums/f217/solved-bucket-id-111712637-a-379524.html
Relevancy 47.3%

AVIRA team accepted the ice bucket challenge from G Data, and they challenged AVG, Kaspersky, and Avast to do the same.....enjoy!!!

 

A:Avira Ice Bucket Challenge

https://www.facebook.com/video.php?v=10152266485235636

Gdata
 

https://malwaretips.com/threads/avira-ice-bucket-challenge.32844/
Relevancy 47.3%

Hello My name is Daniel The PC that I am having problems with is Windows Hard With Virus(es), Missing, Icons Start Disappeared Infected Menu Drives Xp Just recently I have downloaded a number of files online and as a direct result of that I am very sure that I am now infected with dangerous viruses I am completely confused of what to Infected With Virus(es), Start Menu Icons Missing, Hard Drives Disappeared do so please help me I am currently using a different computer to Infected With Virus(es), Start Menu Icons Missing, Hard Drives Disappeared type this entry Here are the specific problems that I have encountered An error message Windows Security Alert constantly appears saying quot Windows has detected an Internet attack attempt Somebody s trying to infect your PC with spyware or harmful viruses Run full system scan now to protect your PC from Internet attacks hijacking attempts and spyware Click here to download spyware remover for total protection quot Then there is the options OK and Cancel Every now and then windows internet explorer opens a window with the URL www safewebnavigate--- com index php sid amp aid amp said amp pn amp pid Another error message Spyware Alert that says quot Security Warning Worm Win NetBooster detected on your machine This virus is distributed via the Internet through e-mail and Active-X objects The Infected With Virus(es), Start Menu Icons Missing, Hard Drives Disappeared worm has its own SMTP engine which means it gathers e-mails from your local computer and re-distributes itself In worst cases this worm can allow attackers to access your computer stealing passwords and personal data This process should be removed from your system Type Virus System Affected Windows NT ME XPVista Security Risk - Recommendations Click Yes to remove it from your PC immediately quot Then there are options Yes and No After getting the virus icons appeared on my desktop Malware Defender Protect Your Privacy and System Error Fixer I have tried to delete this off of my desktop but each time i restart my computer it reappears again So I attempted to delete it using the control panel but as I have said before I cannot find the control panel anywhere and is therefore impossible with my knowledge Using other methods I was able to open My Computer However there were absolute no hard drives listed - no C no D etc At this point I decided to download virus removal programs but then I realized that my internet had stopped working ever since I got the virus I cannot reconnect to the wireless router even this I have checked and assured that it is completely fine I am using this laptop with the internet currently Having no access to internet with that laptop I decided to reformat the computer completely Unfortunately in the middle of the reformatting process specifically the Recovery Console an error appears saying quot Setup did not find any hard disk drives installed in your computer Setup cannot continue quot Seeing as how I have no internet access with the laptop and have no idea of how to find my hard drives and reformat my computer I am completely helpless and in great need of technical assistance PLEASE help me for I need this laptop in use as soon as possible Rather than clean my laptop if it is still possible please give me advice on how I can finish this reformatting process Thank you so very much for your time and trouble

http://www.bleepingcomputer.com/forums/t/172785/infected-with-viruses-start-menu-icons-missing-hard-drives-disappeared/
Relevancy 47.3%

My computer will not load windows. It attempts to open it then after several minutes just restartes and does the same thing. Help!
 

https://forums.techguy.org/threads/virus-hard-drive-crashing.568904/
Relevancy 47.3%

Hi everyone. 
im having a weird virus on two computers.
 
Here are the symptoms, the drive C is filling up in a couple days or hours but the content on the hard drive is is half of that amount. 
 
I tried looking for hidden and system files, tried using folder size maybe ill find the folder thats filling up the hard drive, but no luck!
 
i used malware-bytes, unhijackme, combo fix. etc.  
 
after running combo fix everything looked fine i regained the hard drive space but after a couple days it with 100gb more and filled it backup.
 
any help would greatly be appreciated
 
Shulem M.

A:Virus Filling up Hard drive

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/606432 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.
Thank you for your patience, and again sorry for the delay.
***************************************************
We need to see some information about what is happening in your machine. Please perform the following scan again: Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.FRST Download LinkWhen you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.Double click on the FRST icon and allow it to run. Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button. Notepad will open with the results. Post the new logs as explained in the prep guide. Close the program window, and delete the program from your desktop.As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

http://www.bleepingcomputer.com/forums/t/606432/virus-filling-up-hard-drive/
Relevancy 47.3%

Hello everyone I was directed to this site from a friend who said this is the Drive Hard Failure/virus?? place to fix your computer problems I m not a computer genius but with some simple instructions I can figure things out Here is my issue After starting up my Hard Drive Failure/virus?? PC which is a Dell computer less than a year old running XP A box keeps popping up saying quot Hard Drive Failure quot at the top of the box and within in the box it says quot The system has detected a problem with one or more installed IDE SATA hard disks It is recommended that you restart the system quot No matter how many times I restart the system it still pops up with the same message Another message pops up Hard Drive Failure/virus?? at the bottom of the screen which says quot Critical Error Damaged hard drive clusters detected private data is at risk quot along with another pop up that says quot Critical Error Hard drive critical error Run a system diagnostic utility to check your hard disk drive quot I really could use some help on this issue Thanks

A:Hard Drive Failure/virus??

Hello Viper, I moved this to the Am I Infected forum. Looks like you have one of these fake HDD attacke.Please follow our Removal Guide here Remove HDD Repair (Uninstall Guide) .After reading how the malware is misleading you ...You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Also post the TDSS log.. log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply.How is it now?

http://www.bleepingcomputer.com/forums/t/417746/hard-drive-failurevirus/
Relevancy 47.3%

My computer is giving me the following message when I try to access the folders of my external hard drive:

"windows cannot find HP_owNEr.exe"

I've run AVG and Malaware Bytes programs and neither of them indicates any problems.

Any suggestions from the experts? Thanks.
 

https://forums.techguy.org/threads/virus-help-external-hard-drive.840956/
Relevancy 47.3%

Hello All,
 
My machine windows 7 pro, shows no free space in the hard drive.
 
page and hibfil ard very big
 
 
 
Does anyone have any information on this
 
Thanks
 
Tony

A:All hard drive space taken up by virus

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/514123 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.
Thank you for your patience, and again sorry for the delay.
***************************************************
We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.DDS.com Download LinkDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control can be found HERE.As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

http://www.bleepingcomputer.com/forums/t/514123/all-hard-drive-space-taken-up-by-virus/
Relevancy 47.3%

So I'm using Avast as my primary anti-virus software and my computer has been playing up, when I leave my computer for 10 - 20 minutes it freezes and I have to restart I tried a virus scan and it freezes. I'm hoping it's not a virus but if it and it's removable that would hopefully sort my problems

A:Not sure if virus or Hard Drive problem

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/513230 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.
Thank you for your patience, and again sorry for the delay.
***************************************************
We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.DDS.com Download LinkDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control can be found HERE.As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

http://www.bleepingcomputer.com/forums/t/513230/not-sure-if-virus-or-hard-drive-problem/
Relevancy 47.3%

I have a 120 gig hard drive that has the Vundo virus and other stuff so I am going to re-format it. If I hook it up as a slave to my computer what are the chances the virus will infect it. Are there any safety measures I can take to avoid cross contamination?
 

A:Format Hard Drive w/virus

I have some business info I need to get off of that drive so I am going to post this in the software/hardware forum as well.
 

https://forums.techguy.org/threads/format-hard-drive-w-virus.1061074/